Update locales

Merge pull request #7424 from openfoodfoundation/transifex
Transifex
2026-01-17 19:26:48 +00:00 · 2021-04-16 09:26:45 +10:00 · 2021-04-16 09:20:25 +10:00 · 2021-04-15 10:05:38 -07:00 · 2021-04-15 09:50:02 -07:00 · 2021-04-15 09:49:38 -07:00
414 changed files with 6637 additions and 3589 deletions
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@@ -2,9 +2,9 @@ version: "2"
 plugins:
  rubocop:
    enabled: true
-    channel: "rubocop-0-76"
+    channel: "rubocop-1-12"
    config:
-      file: ".rubocop_styleguide.yml"
+      file: ".rubocop.yml"
  scss-lint:
    enabled: true
    checks:
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -8,6 +8,7 @@ on:
 env:
  DISABLE_KNAPSACK: true
  TIMEZONE: UTC
+  COVERAGE: true

 jobs:
  test-controllers-and-serializers:
@@ -51,6 +52,9 @@ jobs:
      - name: Run controller tests
        run: bundle exec rspec --profile -- spec/controllers spec/serializers

+      - name: Codecov
+        uses: codecov/codecov-action@v1.3.1
+
  test-models:
    runs-on: ubuntu-18.04
    services:
@@ -92,6 +96,9 @@ jobs:
      - name: Run tests
        run: bundle exec rspec --profile -- spec/models

+      - name: Codecov
+        uses: codecov/codecov-action@v1.3.1
+
  test-admin-features-1:
    runs-on: ubuntu-18.04
    services:
@@ -133,6 +140,9 @@ jobs:
      - name: Run admin feature tests
        run: bundle exec rspec --profile -- spec/features/admin/[a-o0-9]*_spec.rb

+      - name: Codecov
+        uses: codecov/codecov-action@v1.3.1
+
  test-admin-features-2:
    runs-on: ubuntu-18.04
    services:
@@ -174,6 +184,9 @@ jobs:
      - name: Run admin feature tests
        run: bundle exec rspec --profile -- spec/features/admin/[p-z]*_spec.rb

+      - name: Codecov
+        uses: codecov/codecov-action@v1.3.1
+
  test-consumer-features:
    runs-on: ubuntu-18.04
    services:
@@ -215,6 +228,9 @@ jobs:
      - name: Run consumer feature tests
        run: bundle exec rspec --profile -- spec/features/consumer

+      - name: Codecov
+        uses: codecov/codecov-action@v1.3.1
+
  test-engines-etc:
    runs-on: ubuntu-18.04
    services:
@@ -256,8 +272,13 @@ jobs:
      - name: Run JS tests
        run: RAILS_ENV=test bundle exec rake karma:run

+      # Migration tests need to be run in a separate task.
+      # See: https://github.com/openfoodfoundation/openfoodnetwork/pull/6924#issuecomment-813056525
+      - name: Run migration tests
+        run: bundle exec rspec --pattern "spec/{migrations}/**/*_spec.rb"
+
      - name: Run all other tests
-        run: bundle exec rake ofn:specs:run:excluding_folders["models,controllers,serializers,features,lib"]
+        run: bundle exec rake ofn:specs:run:excluding_folders["models,controllers,serializers,features,lib,migrations"]

  test-the-rest:
    runs-on: ubuntu-18.04
@@ -299,3 +320,6 @@ jobs:

      - name: Run admin feature folders, engines, lib
        run: bundle exec rspec --profile --pattern "engines/*/spec/{,/*/**}/*_spec.rb,spec/features/admin/*/*_spec.rb,spec/lib/{,/*/**}/*_spec.rb"
+
+      - name: Codecov
+        uses: codecov/codecov-action@v1.3.1
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -10,8 +10,8 @@ inherit_from:
  # The automatically generated todo list to ignore all current violations.
  - .rubocop_todo.yml

-  # Our Open Food Network style guide. It's used by Code Climate. If you want to see all violations,
-  # then use only that configuration (like Code Climate):
+  # Our Open Food Network style guide. If you want to see all violations,
+  # then use only that configuration:
  #
  #     bundle exec rubocop -c .rubocop_styleguide.yml
  #
--- a/.rubocop_manual_todo.yml
+++ b/.rubocop_manual_todo.yml
@@ -849,6 +849,7 @@ Metrics/ModuleLength:
  - app/models/spree/payment/processing.rb
  - engines/order_management/spec/services/order_management/subscriptions/proxy_order_syncer_spec.rb
  - engines/order_management/spec/services/order_management/subscriptions/validator_spec.rb
+  - engines/order_management/spec/services/order_management/subscriptions/summary_spec.rb
  - lib/open_food_network/column_preference_defaults.rb
  - spec/controllers/admin/order_cycles_controller_spec.rb
  - spec/controllers/api/orders_controller_spec.rb
--- a/.rubocop_styleguide.yml
+++ b/.rubocop_styleguide.yml
@@ -1,9 +1,6 @@
 # Our Open Food Network style guide.
 #
-# These are the rules we agreed upon and we work towards. Code Climate uses
-# these rules to rate our code and detect new violations. But when you run
-# rubocop locally, the default configuration file `.rubocop.yml` loads
-# our "todo lists" to ignore all current violations.
+# These are the rules we agreed upon and we work towards.
 AllCops:
  NewCops: disable
  SuggestExtensions: false
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -1012,7 +1012,6 @@ Style/FrozenStringLiteralComment:
    - 'app/helpers/spree/admin/payments_helper.rb'
    - 'app/helpers/spree/admin/taxons_helper.rb'
    - 'app/helpers/spree/admin/zones_helper.rb'
-    - 'app/helpers/spree/api/api_helpers.rb'
    - 'app/helpers/spree/orders_helper.rb'
    - 'app/helpers/spree/reports_helper.rb'
    - 'app/helpers/spree_currency_helper.rb'
@@ -1112,7 +1111,6 @@ Style/FrozenStringLiteralComment:
    - 'app/serializers/api/uncached_enterprise_serializer.rb'
    - 'app/serializers/api/user_serializer.rb'
    - 'app/serializers/api/variant_serializer.rb'
-    - 'app/services/action_callbacks.rb'
    - 'app/services/bulk_invoice_service.rb'
    - 'app/services/cart_service.rb'
    - 'app/services/create_order_cycle.rb'
@@ -1170,7 +1168,7 @@ Style/FrozenStringLiteralComment:
    - 'engines/order_management/app/services/reports/renderers/base.rb'
    - 'engines/order_management/app/services/reports/report_data/base.rb'
    - 'engines/web/app/controllers/web/angular_templates_controller.rb'
-    - 'engines/web/app/controllers/web/api/cookies_consent_controller.rb'
+    - 'engines/web/app/controllers/web/api/v0/cookies_consent_controller.rb'
    - 'engines/web/app/controllers/web/application_controller.rb'
    - 'engines/web/app/helpers/web/cookies_policy_helper.rb'
    - 'engines/web/lib/web/cookies_consent.rb'
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-2.4.4
+2.5.8
--- a/.simplecov
+++ b/.simplecov
@@ -1,8 +1,6 @@
 #!/bin/env ruby

 SimpleCov.start 'rails' do
-  minimum_coverage 54
-
  add_filter '/bin/'
  add_filter '/config/'
  add_filter '/jobs/application_job.rb'
@@ -15,4 +13,8 @@ SimpleCov.start 'rails' do
  add_filter '/script'
  add_filter '/log'
  add_filter '/db'
+  add_filter '/lib/tasks/sample_data/'
 end
+
+require 'codecov'
+SimpleCov.formatter = SimpleCov::Formatter::Codecov
--- a/15
+++ b/15
@@ -1,7 +1,7 @@
 # frozen_string_literal: true

 source 'https://rubygems.org'
-ruby "2.4.4"
+ruby "2.5.8"
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }

 gem 'rails', '~> 5.0.0'
@@ -31,7 +31,7 @@ gem 'web', path: './engines/web'
 gem 'activerecord-postgresql-adapter'
 gem 'pg', '~> 0.21.0'

-gem 'acts_as_list', '0.9.19'
+gem 'acts_as_list', '1.0.3'
 gem 'cancancan', '~> 1.15.0'
 gem 'ffaker'
 gem 'highline', '2.0.3' # Necessary for the install generator
@@ -83,7 +83,7 @@ gem 'roadie-rails', '~> 1.3.0'

 gem 'combine_pdf'
 gem 'wicked_pdf'
-gem 'wkhtmltopdf-binary', '0.12.5' # We need to upgrade our CI before we can bump this :/
+gem 'wkhtmltopdf-binary'

 gem 'immigrant'
 gem 'roo', '~> 2.8.3'
@@ -95,7 +95,7 @@ gem 'test-unit', '~> 3.4'
 gem 'coffee-rails', '~> 4.2.2'
 gem 'compass-rails'

-gem 'mini_racer', '0.3.1'
+gem 'mini_racer', '0.4.0'

 gem 'uglifier', '>= 1.0.3'

@@ -113,6 +113,10 @@ gem 'ofn-qz', github: 'openfoodfoundation/ofn-qz', branch: 'ofn-rails-4'

 gem 'good_migrations'

+gem 'flipper'
+gem 'flipper-active_record'
+gem 'flipper-ui'
+
 group :production, :staging do
  gem 'ddtrace'
  gem 'unicorn-worker-killer'
@@ -125,7 +129,7 @@ group :test, :development do
  gem 'bullet'
  gem 'capybara'
  gem 'database_cleaner', require: false
-  gem "factory_bot_rails", '5.2.0', require: false
+  gem "factory_bot_rails", '6.1.0', require: false
  gem 'fuubar', '~> 2.5.1'
  gem 'json_spec', '~> 1.1.4'
  gem 'knapsack'
@@ -141,6 +145,7 @@ group :test, :development do
 end

 group :test do
+  gem 'codecov', require: false
  gem 'simplecov', require: false
  gem 'test-prof'
  gem 'webmock'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -77,7 +77,7 @@ GEM
    activejob (5.0.7.2)
      activesupport (= 5.0.7.2)
      globalid (>= 0.3.6)
-    activemerchant (1.107.4)
+    activemerchant (1.119.0)
      activesupport (>= 4.2)
      builder (>= 2.1.2, < 4.0.0)
      i18n (>= 0.6.9)
@@ -105,8 +105,8 @@ GEM
      tzinfo (~> 1.1)
    acts-as-taggable-on (7.0.0)
      activerecord (>= 5.0, < 6.2)
-    acts_as_list (0.9.19)
-      activerecord (>= 3.0)
+    acts_as_list (1.0.3)
+      activerecord (>= 4.2)
    addressable (2.7.0)
      public_suffix (>= 2.0.2, < 5.0)
    andand (1.3.3)
@@ -114,7 +114,7 @@ GEM
      railties (>= 4.2, < 7)
      sprockets (>= 3.0, < 5)
      tilt
-    angular_rails_csrf (4.2.0)
+    angular_rails_csrf (4.5.0)
      railties (>= 3, < 7)
    angularjs-file-upload-rails (2.4.1)
    angularjs-rails (1.5.5)
@@ -130,7 +130,7 @@ GEM
      json (~> 1.4)
      nokogiri (~> 1)
    bcrypt (3.1.16)
-    bugsnag (6.19.0)
+    bugsnag (6.20.0)
      concurrent-ruby (~> 1.0)
    builder (3.2.4)
    bullet (6.1.4)
@@ -138,13 +138,13 @@ GEM
      uniform_notifier (~> 1.11)
    byebug (11.1.3)
    cancancan (1.15.0)
-    capybara (3.32.2)
+    capybara (3.35.3)
      addressable
      mini_mime (>= 0.1.3)
      nokogiri (~> 1.8)
      rack (>= 1.6.0)
      rack-test (>= 0.6.3)
-      regexp_parser (~> 1.5)
+      regexp_parser (>= 1.5, < 3.0)
      xpath (~> 3.2)
    childprocess (3.0.0)
    chronic (0.10.2)
@@ -152,6 +152,8 @@ GEM
    climate_control (0.2.0)
    cocaine (0.5.8)
      climate_control (>= 0.0.3, < 1.0)
+    codecov (0.5.1)
+      simplecov (>= 0.15, < 0.22)
    coderay (1.1.3)
    coffee-rails (4.2.2)
      coffee-script (>= 2.2.0)
@@ -187,7 +189,7 @@ GEM
    daemons (1.3.1)
    dalli (2.7.11)
    database_cleaner (1.99.0)
-    ddtrace (0.46.0)
+    ddtrace (0.47.0)
      msgpack
    debugger-linecache (1.2.0)
    delayed_job (4.1.9)
@@ -211,25 +213,35 @@ GEM
    devise-token_authenticatable (1.1.0)
      devise (>= 4.0.0, < 5.0.0)
    diff-lcs (1.4.4)
-    docile (1.3.4)
+    docile (1.3.5)
+    erubi (1.10.0)
    erubis (2.7.0)
    eventmachine (1.2.7)
    excon (0.79.0)
    execjs (2.7.0)
-    factory_bot (5.2.0)
-      activesupport (>= 4.2.0)
-    factory_bot_rails (5.2.0)
-      factory_bot (~> 5.2.0)
-      railties (>= 4.2.0)
+    factory_bot (6.1.0)
+      activesupport (>= 5.0.0)
+    factory_bot_rails (6.1.0)
+      factory_bot (~> 6.1.0)
+      railties (>= 5.0.0)
    faraday (1.3.0)
      faraday-net_http (~> 1.0)
      multipart-post (>= 1.2, < 3)
      ruby2_keywords
    faraday-net_http (1.0.1)
-    ffaker (2.16.0)
+    ffaker (2.18.0)
    ffi (1.15.0)
    figaro (1.2.0)
      thor (>= 0.14.0, < 2)
+    flipper (0.20.4)
+    flipper-active_record (0.20.4)
+      activerecord (>= 5.0, < 7)
+      flipper (~> 0.20.4)
+    flipper-ui (0.20.4)
+      erubi (>= 1.0.0, < 2.0.0)
+      flipper (~> 0.20.4)
+      rack (>= 1.4, < 3)
+      rack-protection (>= 1.5.3, < 2.2.0)
    fog-aws (2.0.1)
      fog-core (~> 1.38)
      fog-json (~> 1.0)
@@ -269,7 +281,7 @@ GEM
      tilt
    hashdiff (1.0.1)
    highline (2.0.3)
-    i18n (1.8.9)
+    i18n (1.8.10)
      concurrent-ruby (~> 1.0)
    i18n-js (3.8.2)
      i18n (>= 0.6.6)
@@ -309,7 +321,7 @@ GEM
      addressable (~> 2.3)
    letter_opener (1.7.0)
      launchy (~> 2.2)
-    libv8 (8.4.255.0)
+    libv8-node (15.14.0.0)
    loofah (2.9.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
@@ -319,10 +331,10 @@ GEM
    mime-types (3.3.1)
      mime-types-data (~> 3.2015)
    mime-types-data (3.2020.1104)
-    mini_mime (1.0.2)
-    mini_portile2 (2.4.0)
-    mini_racer (0.3.1)
-      libv8 (~> 8.4.255)
+    mini_mime (1.0.3)
+    mini_portile2 (2.5.0)
+    mini_racer (0.4.0)
+      libv8-node (~> 15.14.0.0)
    minitest (5.14.4)
    monetize (1.11.0)
      money (~> 6.12)
@@ -335,8 +347,9 @@ GEM
    mustermann (1.1.1)
      ruby2_keywords (~> 0.0.1)
    nio4r (2.5.2)
-    nokogiri (1.10.10)
-      mini_portile2 (~> 2.4.0)
+    nokogiri (1.11.2)
+      mini_portile2 (~> 2.5.0)
+      racc (~> 1.4)
    oauth2 (1.4.7)
      faraday (>= 0.8, < 2.0)
      jwt (>= 1.0, < 3.0)
@@ -374,6 +387,7 @@ GEM
      byebug (~> 11.0)
      pry (~> 0.13.0)
    public_suffix (4.0.6)
+    racc (1.5.2)
    rack (2.2.3)
    rack-mini-profiler (2.3.1)
      rack (>= 1.2.0)
@@ -428,7 +442,7 @@ GEM
    rb-inotify (0.10.1)
      ffi (~> 1.0)
    redcarpet (3.5.1)
-    regexp_parser (1.8.2)
+    regexp_parser (2.1.1)
    request_store (1.5.0)
      rack (>= 1.4)
    responders (3.0.1)
@@ -480,7 +494,7 @@ GEM
    rswag-ui (2.4.0)
      actionpack (>= 3.1, < 7.0)
      railties (>= 3.1, < 7.0)
-    rubocop (1.12.0)
+    rubocop (1.12.1)
      parallel (~> 1.10)
      parser (>= 3.0.0.0)
      rainbow (>= 2.2.2, < 4.0)
@@ -514,10 +528,12 @@ GEM
      rubyzip (>= 1.2.2)
    shoulda-matchers (4.5.1)
      activesupport (>= 4.2.0)
-    simplecov (0.18.5)
+    simplecov (0.21.2)
      docile (~> 1.1)
      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.2)
    sinatra (2.1.0)
      mustermann (~> 1.0)
      rack (~> 2.2)
@@ -543,7 +559,7 @@ GEM
    stringex (2.8.5)
    stripe (5.30.0)
    temple (0.8.2)
-    test-prof (0.11.3)
+    test-prof (1.0.2)
    test-unit (3.4.0)
      power_assert
    thor (0.20.3)
@@ -555,15 +571,15 @@ GEM
    uglifier (4.2.0)
      execjs (>= 0.3.0, < 3)
    unicode-display_width (2.0.0)
-    unicorn (5.8.0)
+    unicorn (6.0.0)
      kgio (~> 2.6)
      raindrops (~> 0.7)
    unicorn-rails (2.2.1)
      rack
      unicorn
-    unicorn-worker-killer (0.4.4)
+    unicorn-worker-killer (0.4.5)
      get_process_mem (~> 0)
-      unicorn (>= 4, < 6)
+      unicorn (>= 4, < 7)
    uniform_notifier (1.14.1)
    warden (1.2.9)
      rack (>= 2.0.9)
@@ -582,7 +598,7 @@ GEM
      chronic (>= 0.6.3)
    wicked_pdf (2.1.0)
      activesupport
-    wkhtmltopdf-binary (0.12.5)
+    wkhtmltopdf-binary (0.12.6.5)
    xml-simple (1.1.8)
    xpath (3.2.0)
      nokogiri (~> 1.8)
@@ -598,7 +614,7 @@ DEPENDENCIES
  activerecord-postgresql-adapter
  activerecord-session_store
  acts-as-taggable-on (~> 7.0)
-  acts_as_list (= 0.9.19)
+  acts_as_list (= 1.0.3)
  andand
  angular-rails-templates (>= 0.3.0)
  angular_rails_csrf
@@ -614,6 +630,7 @@ DEPENDENCIES
  cancancan (~> 1.15.0)
  capybara
  catalog!
+  codecov
  coffee-rails (~> 4.2.2)
  combine_pdf
  compass-rails
@@ -631,9 +648,12 @@ DEPENDENCIES
  devise-token_authenticatable
  dfc_provider!
  eventmachine (>= 1.2.3)
-  factory_bot_rails (= 5.2.0)
+  factory_bot_rails (= 6.1.0)
  ffaker
  figaro
+  flipper
+  flipper-active_record
+  flipper-ui
  fog-aws (>= 0.6.0)
  foundation-icons-sass-rails
  foundation-rails (= 5.5.2.1)
@@ -655,7 +675,7 @@ DEPENDENCIES
  kaminari (~> 1.2.1)
  knapsack
  letter_opener (>= 1.4.1)
-  mini_racer (= 0.3.1)
+  mini_racer (= 0.4.0)
  monetize (~> 1.11)
  oauth2 (~> 1.4.7)
  ofn-qz!
@@ -706,10 +726,10 @@ DEPENDENCIES
  webmock
  whenever
  wicked_pdf
-  wkhtmltopdf-binary (= 0.12.5)
+  wkhtmltopdf-binary

 RUBY VERSION
-   ruby 2.4.4p296
+   ruby 2.5.8p224

 BUNDLED WITH
   1.17.3
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-[![Build Status](https://semaphoreci.com/api/v1/openfoodfoundation/openfoodnetwork-2/branches/master/badge.svg)](https://semaphoreci.com/openfoodfoundation/openfoodnetwork-2)
-[![Code Climate](https://codeclimate.com/github/openfoodfoundation/openfoodnetwork.png)](https://codeclimate.com/github/openfoodfoundation/openfoodnetwork)
 [![Build](https://github.com/openfoodfoundation/openfoodnetwork/actions/workflows/build.yml/badge.svg)](https://github.com/openfoodfoundation/openfoodnetwork/actions/workflows/build.yml)
+[![codecov](https://codecov.io/gh/openfoodfoundation/openfoodnetwork/branch/master/graph/badge.svg?token=FBSOod4qiu)](https://codecov.io/gh/openfoodfoundation/openfoodnetwork)
+[![Code Climate](https://codeclimate.com/github/openfoodfoundation/openfoodnetwork.png)](https://codeclimate.com/github/openfoodfoundation/openfoodnetwork)

 # Open Food Network

@@ -34,7 +34,7 @@ We also have a [Super Admin Guide][super-admin-guide] to help with configuration

 ## Testing

-If you'd like to help out with testing, please introduce yourself on the #testing channel on [Slack][slack-invite] and download the [ZenHub browser extension][zenhub] to view the development pipeline.
+If you'd like to help out with testing, please introduce yourself on the #testing channel on [Slack][slack-invite] and download the [ZenHub browser extension][zenhub] to view the development pipeline. Also, do have a look in our [Welcome New QAs board](https://github.com/openfoodfoundation/openfoodnetwork/projects/31) for some good first issues, both on manual and automated testing (RSpec/Capybara).

 We use [BrowserStack](https://www.browserstack.com/) as a manual testing tool. BrowserStack provides open source projects with unlimited and free of charge accounts. A big thanks to them! 

--- a/app/assets/javascripts/admin/bulk_product_update.js.coffee
+++ b/app/assets/javascripts/admin/bulk_product_update.js.coffee
@@ -147,7 +147,7 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
    if confirm("Are you sure?")
      $http(
        method: "DELETE"
-        url: "/api/products/" + product.id
+        url: "/api/v0/products/" + product.id
      ).success (data) ->
        $scope.products.splice $scope.products.indexOf(product), 1
        DirtyProducts.deleteProduct product.id
@@ -162,7 +162,7 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
        if confirm(t("are_you_sure"))
          $http(
            method: "DELETE"
-            url: "/api/products/" + product.permalink_live + "/variants/" + variant.id
+            url: "/api/v0/products/" + product.permalink_live + "/variants/" + variant.id
          ).success (data) ->
            $scope.removeVariant(product, variant)
    else
--- a/app/assets/javascripts/admin/enterprise_fees/directives/delete_resource.js.coffee
+++ b/app/assets/javascripts/admin/enterprise_fees/directives/delete_resource.js.coffee
@@ -1,7 +1,7 @@
 angular.module('admin.enterpriseFees').directive 'spreeDeleteResource', ->
  (scope, element, attrs) ->
    if scope.enterprise_fee.id
-      url = '/api/enterprise_fees/' + scope.enterprise_fee.id
+      url = '/api/v0/enterprise_fees/' + scope.enterprise_fee.id
      html = '<a href="' + url + '" class="delete-resource icon_link icon-trash no-text" data-action="remove" data-confirm="' + t('are_you_sure') + '" url="' + url + '"></a>'
      #var html = '<a href="'+url+'" class="delete-resource" data-confirm="Are you sure?"><img alt="Delete" src="/assets/admin/icons/delete.png" /> Delete</a>';
      element.append html
--- a/app/assets/javascripts/admin/index_utils/services/resources.js.coffee
+++ b/app/assets/javascripts/admin/index_utils/services/resources.js.coffee
@@ -1,5 +1,5 @@
 angular.module("admin.indexUtils").factory "resources", ($resource) ->
-  LineItem = $resource '/api/orders/:order_number/line_items/:line_item_id.json',
+  LineItem = $resource '/api/v0/orders/:order_number/line_items/:line_item_id.json',
    { order_number: '@order_number', line_item_id: '@line_item_id'},
    'update': { method: 'PUT' }
  Customer = $resource '/admin/customers/:customer_id.json',
--- a/app/assets/javascripts/admin/order_cycles/services/exchange_product.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/services/exchange_product.js.coffee
@@ -1,5 +1,5 @@
 angular.module('admin.orderCycles').factory('ExchangeProduct', ($resource) ->
-  ExchangeProductResource = $resource('/api/exchanges/:exchange_id/products.json', {}, {
+  ExchangeProductResource = $resource('/api/v0/exchanges/:exchange_id/products.json', {}, {
    'index': { method: 'GET' }
    'variant_count': { method: 'GET', params: { action_name: "variant_count" }}
  })
--- a/app/assets/javascripts/admin/products/controllers/edit_units_controller.js.coffee
+++ b/app/assets/javascripts/admin/products/controllers/edit_units_controller.js.coffee
@@ -9,7 +9,7 @@ angular.module("admin.products").controller "editUnitsCtrl", ($scope, VariantUni
  if $scope.product.variant_unit == 'items'
    $scope.variant_unit_with_scale = 'items'
  else
-    $scope.variant_unit_with_scale = $scope.product.variant_unit + '_' + $scope.product.variant_unit_scale
+    $scope.variant_unit_with_scale = $scope.product.variant_unit + '_' + $scope.product.variant_unit_scale.replace(/\.0$/, '');

  $scope.setFields = ->
    if $scope.variant_unit_with_scale == 'items'
--- a/app/assets/javascripts/admin/products/services/product_image_service.js.coffee
+++ b/app/assets/javascripts/admin/products/services/product_image_service.js.coffee
@@ -8,7 +8,7 @@ angular.module("ofn.admin").factory "ProductImageService", (FileUploader, SpreeA
      autoUpload: true

    configure: (product) =>
-      @imageUploader.url = "/api/product_images/#{product.id}"
+      @imageUploader.url = "/api/v0/product_images/#{product.id}"
      @imagePreview = product.image_url
      @imageUploader.onSuccessItem = (image, response) =>
        product.thumb_url = response.thumb_url
--- a/app/assets/javascripts/admin/resources/resources/enterprise_resource.js.coffee
+++ b/app/assets/javascripts/admin/resources/resources/enterprise_resource.js.coffee
@@ -9,12 +9,12 @@ angular.module("admin.resources").factory 'EnterpriseResource', ($resource) ->
    'update':
      method: 'PUT'
    'removeLogo':
-      url: '/api/enterprises/:id/logo.json'
+      url: '/api/v0/enterprises/:id/logo.json'
      method: 'DELETE'
    'removePromoImage':
-      url: '/api/enterprises/:id/promo_image.json'
+      url: '/api/v0/enterprises/:id/promo_image.json'
      method: 'DELETE'
    'removeTermsAndConditions':
-      url: '/api/enterprises/:id/terms_and_conditions.json'
+      url: '/api/v0/enterprises/:id/terms_and_conditions.json'
      method: 'DELETE'
  })
--- a/app/assets/javascripts/admin/resources/resources/order_resource.js.coffee
+++ b/app/assets/javascripts/admin/resources/resources/order_resource.js.coffee
@@ -1,17 +1,17 @@
 angular.module("admin.resources").factory 'OrderResource', ($resource) ->
  $resource('/admin/orders/:id/:action.json', {}, {
    'index':
-      url: '/api/orders.json'
+      url: '/api/v0/orders.json'
      method: 'GET'
    'update':
      method: 'PUT'
    'capture':
-      url: '/api/orders/:id/capture.json'
+      url: '/api/v0/orders/:id/capture.json'
      method: 'PUT'
      params:
        id: '@id'
    'ship':
-      url: '/api/orders/:id/ship.json'
+      url: '/api/v0/orders/:id/ship.json'
      method: 'PUT'
      params:
        id: '@id'
--- a/app/assets/javascripts/admin/resources/resources/product_resource.js.coffee
+++ b/app/assets/javascripts/admin/resources/resources/product_resource.js.coffee
@@ -1,6 +1,6 @@
 angular.module("admin.resources").factory 'ProductResource', ($resource) ->
  $resource('/admin/product/:id/:action.json', {}, {
    'index':
-      url: '/api/products/bulk_products.json'
+      url: '/api/v0/products/bulk_products.json'
      method: 'GET'
  })
--- a/app/assets/javascripts/admin/services/bulk_products.js.coffee
+++ b/app/assets/javascripts/admin/services/bulk_products.js.coffee
@@ -10,8 +10,8 @@ angular.module("ofn.admin").factory "BulkProducts", (ProductResource, dataFetche
        angular.extend(@pagination, data.pagination)

    cloneProduct: (product) ->
-      $http.post("/api/products/" + product.id + "/clone").success (data) =>
-        dataFetcher("/api/products/" + data.id + "?template=bulk_show").then (newProduct) =>
+      $http.post("/api/v0/products/" + product.id + "/clone").success (data) =>
+        dataFetcher("/api/v0/products/" + data.id + "?template=bulk_show").then (newProduct) =>
          @unpackProduct newProduct
          @insertProductAfter(product, newProduct)

--- a/app/assets/javascripts/admin/tag_rules/controllers/tag_rules_controller.js.coffee
+++ b/app/assets/javascripts/admin/tag_rules/controllers/tag_rules_controller.js.coffee
@@ -23,8 +23,6 @@ angular.module("admin.tagRules").controller "TagRulesCtrl", ($scope, $http, $fil
        preferred_customer_tags: (tag.text for tag in tagGroup.tags).join(",")
        type: "TagRule::#{ruleType}"
    switch ruleType
-      when "DiscountOrder"
-        newRule.calculator = { preferred_flat_percent: 0 }
      when "FilterShippingMethods"
        newRule.peferred_shipping_method_tags = []
        newRule.preferred_matched_shipping_methods_visibility = "visible"
--- a/app/assets/javascripts/admin/tag_rules/directives/new_rule_dialog.js.coffee
+++ b/app/assets/javascripts/admin/tag_rules/directives/new_rule_dialog.js.coffee
@@ -8,7 +8,6 @@ angular.module("admin.tagRules").directive 'newTagRuleDialog', ($compile, $templ
    template = $compile($templateCache.get('admin/new_tag_rule_dialog.html'))(scope)

    scope.ruleTypes = [
-      # { id: "DiscountOrder", name: 'Apply a discount to orders' }
      { id: "FilterProducts", name: t('js.tag_rules.show_hide_variants') }
      { id: "FilterShippingMethods", name: t('js.tag_rules.show_hide_shipping') }
      { id: "FilterPaymentMethods", name: t('js.tag_rules.show_hide_payment') }
--- a/app/assets/javascripts/admin/utils/services/status_message.js.coffee
+++ b/app/assets/javascripts/admin/utils/services/status_message.js.coffee
@@ -1,11 +1,11 @@
-angular.module("admin.utils").factory "StatusMessage", ($timeout) ->
+angular.module("admin.utils").factory "StatusMessage", ->
  new class StatusMessage
    types:
-      progress: {timeout: false, style: {color: '#ff9906'}}
-      alert:    {timeout: 5000,  style: {color: 'grey'}}
-      notice:   {timeout: false, style: {color: 'grey'}}
-      success:  {timeout: 5000,  style: {color: '#9fc820'}}
-      failure:  {timeout: false, style: {color: '#da5354'}}
+      progress: {style: {color: '#ff9906'}}
+      alert:    {style: {color: 'grey'}}
+      notice:   {style: {color: 'grey'}}
+      success:  {style: {color: '#9fc820'}}
+      failure:  {style: {color: '#da5354'}}

    statusMessage:
      text: ""
@@ -25,13 +25,7 @@ angular.module("admin.utils").factory "StatusMessage", ($timeout) ->
    display: (type, text) ->
      @statusMessage.text = text
      @statusMessage.style = @types[type].style
-      $timeout.cancel @statusMessage.timeout  if @statusMessage.timeout
-      timeout = @types[type].timeout
-      if timeout
-        @statusMessage.timeout = $timeout =>
-          @clear()
-        , timeout, true
-      null # So we don't return weird timeouts
+      null

    clear: ->
      @statusMessage.text = ''
--- a/app/assets/javascripts/admin/variant_overrides/controllers/variant_overrides_controller.js.coffee
+++ b/app/assets/javascripts/admin/variant_overrides/controllers/variant_overrides_controller.js.coffee
@@ -42,7 +42,7 @@ angular.module("admin.variantOverrides").controller "AdminVariantOverridesCtrl",
    $scope.fetchProducts()

  $scope.fetchProducts = ->
-    url = "/api/products/overridable?page=::page::;per_page=100"
+    url = "/api/v0/products/overridable?page=::page::;per_page=100"
    PagedFetcher.fetch url, $scope.addProducts

  $scope.addProducts = (data) ->
--- a/app/assets/javascripts/darkswarm/controllers/hub_node_controller.js.coffee
+++ b/app/assets/javascripts/darkswarm/controllers/hub_node_controller.js.coffee
@@ -24,7 +24,7 @@ Darkswarm.controller "HubNodeCtrl", ($scope, HashNavigation, CurrentHub, $http,
    $scope.shopfront_loading = true
    $scope.toggle_tab(event)

-    $http.get("/api/shops/" + $scope.hub.id)
+    $http.get("/api/v0/shops/" + $scope.hub.id)
      .success (data) ->
        $scope.shopfront_loading = false
        $scope.hub = data
--- a/app/assets/javascripts/darkswarm/controllers/producer_node_controller.js.coffee
+++ b/app/assets/javascripts/darkswarm/controllers/producer_node_controller.js.coffee
@@ -24,7 +24,7 @@ Darkswarm.controller "ProducerNodeCtrl", ($scope, HashNavigation, $anchorScroll,
    $scope.shopfront_loading = true
    $scope.toggle_tab(event)

-    $http.get("/api/shops/" + $scope.producer.id)
+    $http.get("/api/v0/shops/" + $scope.producer.id)
      .success (data) ->
        $scope.shopfront_loading = false
        $scope.producer = data
--- a/app/assets/javascripts/darkswarm/directives/body_scroll.js.coffee
+++ b/app/assets/javascripts/darkswarm/directives/body_scroll.js.coffee
@@ -3,7 +3,15 @@ Darkswarm.directive "bodyScroll", ($rootScope, BodyScroll) ->
  scope: true
  link: (scope, elem, attrs) ->
    $rootScope.$on "toggleBodyScroll", ->
-      if BodyScroll.disabled
-        elem.addClass "disable-scroll"
+      if BodyScroll.disabled && document.body.scrollHeight > document.body.clientHeight
+        document.body.style.top = "-#{window.scrollY}px"
+        document.body.style.position = 'fixed'
+        document.body.style.overflowY = 'scroll'
+        document.body.style.width = '100%'
      else
-        elem.removeClass "disable-scroll"
+        scrollY = parseInt(document.body.style.top) * -1
+        document.body.style.position = ''
+        document.body.style.top = ''
+        document.body.style.overflowY = ''
+        document.body.style.width = ''
+        window.scrollTo(0, scrollY) if scrollY
--- a/app/assets/javascripts/darkswarm/services/customer.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/customer.js.coffee
@@ -1,5 +1,5 @@
 angular.module("Darkswarm").factory 'Customer', ($resource, $injector, Messages) ->
-  Customer = $resource('/api/customers/:id/:action.json', {}, {
+  Customer = $resource('/api/v0/customers/:id/:action.json', {}, {
    'index':
      method: 'GET'
      isArray: true
--- a/app/assets/javascripts/darkswarm/services/enterprise_image_service.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/enterprise_image_service.js.coffee
@@ -8,5 +8,5 @@ Darkswarm.factory "EnterpriseImageService", (FileUploader, spreeApiKey) ->
      autoUpload: true

    configure: (enterprise) =>
-      @imageUploader.url = "/api/enterprises/#{enterprise.id}/update_image"
+      @imageUploader.url = "/api/v0/enterprises/#{enterprise.id}/update_image"
      @imageUploader.onSuccessItem = (image, response) => @imageSrc = response
--- a/app/assets/javascripts/darkswarm/services/enterprise_modal.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/enterprise_modal.js.coffee
@@ -5,7 +5,7 @@ Darkswarm.factory "EnterpriseModal", ($modal, $rootScope, $http)->
      scope = $rootScope.$new(true) # Spawn an isolate to contain the enterprise
      scope.embedded_layout = window.location.search.indexOf("embedded_shopfront=true") != -1

-      $http.get("/api/shops/" + enterprise.id).success (data) ->
+      $http.get("/api/v0/shops/" + enterprise.id).success (data) ->
        scope.enterprise = data
        $modal.open(templateUrl: "enterprise_modal.html", scope: scope)
      .error (data) ->
--- a/app/assets/javascripts/darkswarm/services/enterprise_registration_service.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/enterprise_registration_service.js.coffee
@@ -18,7 +18,7 @@ Darkswarm.factory "EnterpriseRegistrationService", ($http, RegistrationService,
      Loading.message = t('creating') + " " + @enterprise.name
      $http(
        method: "POST"
-        url: "/api/enterprises"
+        url: "/api/v0/enterprises"
        data:
          enterprise: @prepare()
        params:
@@ -42,7 +42,7 @@ Darkswarm.factory "EnterpriseRegistrationService", ($http, RegistrationService,
      Loading.message = t('updating') + " " + @enterprise.name
      $http(
        method: "PUT"
-        url: "/api/enterprises/#{@enterprise.id}"
+        url: "/api/v0/enterprises/#{@enterprise.id}"
        data:
          enterprise: @prepare()
        params:
--- a/app/assets/javascripts/darkswarm/services/order_cycle_resource.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/order_cycle_resource.js.coffee
@@ -1,21 +1,21 @@
 Darkswarm.factory 'OrderCycleResource', ($resource) ->
-  $resource('/api/order_cycles/:id.json', {}, {
+  $resource('/api/v0/order_cycles/:id.json', {}, {
    'products':
      method: 'GET'
      isArray: true
-      url: '/api/order_cycles/:id/products.json'
+      url: '/api/v0/order_cycles/:id/products.json'
      params:
        id: '@id'
    'taxons':
      method: 'GET'
      isArray: true
-      url: '/api/order_cycles/:id/taxons.json'
+      url: '/api/v0/order_cycles/:id/taxons.json'
      params:
        id: '@id'
    'properties':
      method: 'GET'
      isArray: true
-      url: '/api/order_cycles/:id/properties.json'
+      url: '/api/v0/order_cycles/:id/properties.json'
      params:
        id: '@id'
  })
--- a/app/assets/javascripts/darkswarm/services/shops_resource.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/shops_resource.js.coffee
@@ -1,7 +1,7 @@
 Darkswarm.factory 'ShopsResource', ($resource) ->
-  $resource('/api/shops/:id.json', {}, {
+  $resource('/api/v0/shops/:id.json', {}, {
    'closed_shops':
      method: 'GET'
      isArray: true
-      url: '/api/shops/closed_shops.json'
+      url: '/api/v0/shops/closed_shops.json'
  })
--- a/app/assets/javascripts/shared/directives/question_mark_tooltip.js.coffee
+++ b/app/assets/javascripts/shared/directives/question_mark_tooltip.js.coffee
@@ -4,7 +4,7 @@ OFNShared.directive "questionMarkWithTooltip", ($tooltip)->
  # Subsequently we patch the scope, template and restrictions
  tooltip = $tooltip 'questionMarkWithTooltip', 'questionMarkWithTooltip', 'click'
  tooltip.scope =
-    variant: "="
+    context: "="
    key: "="
  tooltip.templateUrl = "shared/question_mark_with_tooltip_icon.html"
  tooltip.replace = true
--- a/app/assets/javascripts/templates/shop_variant_with_unit_price.html.haml
+++ b/app/assets/javascripts/templates/shop_variant_with_unit_price.html.haml
@@ -14,7 +14,7 @@
      "question-mark-with-tooltip-placement" => "top",
      "question-mark-with-tooltip-animation" => true,
      key: "'js.shopfront.unit_price_tooltip'"}
-      {{ variant.unit_price_price | localizeCurrency }} / {{ variant.unit_price_unit }}
+      {{ variant.unit_price_price | localizeCurrency }}&nbsp;/&nbsp;{{ variant.unit_price_unit }}
        
  .medium-2.large-2.columns.total-price
    %span{"ng-class" => "{filled: variant.line_item.total_price}"}
--- a/app/assets/stylesheets/darkswarm/_shop-inputs.scss
+++ b/app/assets/stylesheets/darkswarm/_shop-inputs.scss
@@ -117,6 +117,13 @@ button.bulk-buy-add.variant-quantity {
  }
 }

+// Hide number arrows on Chrome, Safari, Edge, Opera
+.variant-quantity::-webkit-outer-spin-button,
+.variant-quantity::-webkit-inner-spin-button {
+  -webkit-appearance: none;
+  margin: 0;
+}
+
 .variant-bulk-buy-price-summary {
  color: $disabled-med;
  margin-bottom: 1em;
--- a/app/assets/stylesheets/darkswarm/ui.scss
+++ b/app/assets/stylesheets/darkswarm/ui.scss
@@ -165,7 +165,3 @@ a.button.large {
 .flex {
  display: flex;
 }
-
-.disable-scroll {
-  overflow: hidden;
-}
--- a/app/assets/stylesheets/shared/question-mark-icon.scss
+++ b/app/assets/stylesheets/shared/question-mark-icon.scss
@@ -36,6 +36,9 @@
      @include icon-font;
      content: "";
      color: $white;
+      vertical-align: super;
+      position: relative;
+      top: 2px;
    }
  }
 }
@@ -45,6 +48,7 @@
  width: 15px;
  min-width: 15px;
  height: 15px;
+  margin-left: 2px;
 }

 .joyride-tip-guide.question-mark-tooltip {
--- a/app/controllers/admin/customers_controller.rb
+++ b/app/controllers/admin/customers_controller.rb
@@ -53,15 +53,12 @@ module Admin

    # copy of Admin::ResourceController without flash notice
    def destroy
-      invoke_callbacks(:destroy, :before)
      if @object.destroy
-        invoke_callbacks(:destroy, :after)
        respond_with(@object) do |format|
          format.html { redirect_to location_after_destroy }
          format.js   { render partial: "spree/admin/shared/destroy" }
        end
      else
-        invoke_callbacks(:destroy, :fails)
        respond_with(@object) do |format|
          format.html { redirect_to location_after_destroy }
          format.json { render json: { errors: @object.errors.full_messages }, status: :conflict }
--- a/app/controllers/admin/enterprises_controller.rb
+++ b/app/controllers/admin/enterprises_controller.rb
@@ -43,12 +43,11 @@ module Admin
    end

    def update
-      invoke_callbacks(:update, :before)
      tag_rules_attributes = params[object_name].delete :tag_rules_attributes
      update_tag_rules(tag_rules_attributes) if tag_rules_attributes.present?
      update_enterprise_notifications
+
      if @object.update(enterprise_params)
-        invoke_callbacks(:update, :after)
        flash[:success] = flash_message_for(@object, :successfully_updated)
        respond_with(@object) do |format|
          format.html { redirect_to location_after_save }
@@ -56,7 +55,6 @@ module Admin
          format.json { render_as_json @object, ams_prefix: 'index', spree_current_user: spree_current_user }
        end
      else
-        invoke_callbacks(:update, :fails)
        respond_with(@object) do |format|
          format.json { render json: { errors: @object.errors.messages }, status: :unprocessable_entity }
        end
@@ -214,7 +212,6 @@ module Admin
        tag_rules_attributes.select{ |_i, attrs| attrs[:type].present? }.each do |_i, attrs|
          rule = @object.tag_rules.find_by(id: attrs.delete(:id)) ||
                 attrs[:type].constantize.new(enterprise: @object)
-          create_calculator_for(rule, attrs) if rule.type == "TagRule::DiscountOrder" && rule.calculator.nil?

          rule.update(attrs.permit(PermittedAttributes::TagRules.attributes))
        end
--- a/app/controllers/admin/resource_controller.rb
+++ b/app/controllers/admin/resource_controller.rb
@@ -1,5 +1,3 @@
-require 'action_callbacks'
-
 module Admin
  class ResourceController < Spree::Admin::BaseController
    helper_method :new_object_url, :edit_object_url, :object_url, :collection_url
@@ -11,7 +9,6 @@ module Admin
    respond_to :js, except: [:show, :index]

    def new
-      invoke_callbacks(:new_action, :before)
      respond_with(@object) do |format|
        format.html { render layout: !request.xhr? }
        format.js   { render layout: false }
@@ -26,32 +23,26 @@ module Admin
    end

    def update
-      invoke_callbacks(:update, :before)
      if @object.update(permitted_resource_params)
-        invoke_callbacks(:update, :after)
        flash[:success] = flash_message_for(@object, :successfully_updated)
        respond_with(@object) do |format|
          format.html { redirect_to location_after_save }
          format.js   { render layout: false }
        end
      else
-        invoke_callbacks(:update, :fails)
        respond_with(@object)
      end
    end

    def create
-      invoke_callbacks(:create, :before)
      @object.attributes = permitted_resource_params
      if @object.save
-        invoke_callbacks(:create, :after)
        flash[:success] = flash_message_for(@object, :successfully_created)
        respond_with(@object) do |format|
          format.html { redirect_to location_after_save }
          format.js   { render layout: false }
        end
      else
-        invoke_callbacks(:create, :fails)
        respond_with(@object)
      end
    end
@@ -67,16 +58,13 @@ module Admin
    end

    def destroy
-      invoke_callbacks(:destroy, :before)
      if @object.destroy
-        invoke_callbacks(:destroy, :after)
        flash[:success] = flash_message_for(@object, :successfully_removed)
        respond_with(@object) do |format|
          format.html { redirect_to collection_url }
          format.js   { render partial: "spree/admin/shared/destroy" }
        end
      else
-        invoke_callbacks(:destroy, :fails)
        respond_with(@object) do |format|
          format.html { redirect_to collection_url }
        end
@@ -92,7 +80,6 @@ module Admin

    class << self
      attr_accessor :parent_data
-      attr_accessor :callbacks

      def belongs_to(model_name, options = {})
        @parent_data ||= {}
@@ -100,26 +87,6 @@ module Admin
        @parent_data[:model_class] = model_name.to_s.classify.constantize
        @parent_data[:find_by] = options[:find_by] || :id
      end
-
-      def new_action
-        @callbacks ||= {}
-        @callbacks[:new_action] ||= ActionCallbacks.new
-      end
-
-      def create
-        @callbacks ||= {}
-        @callbacks[:create] ||= ActionCallbacks.new
-      end
-
-      def update
-        @callbacks ||= {}
-        @callbacks[:update] ||= ActionCallbacks.new
-      end
-
-      def destroy
-        @callbacks ||= {}
-        @callbacks[:destroy] ||= ActionCallbacks.new
-      end
    end

    def model_class
@@ -212,17 +179,6 @@ module Admin
      collection_url
    end

-    def invoke_callbacks(action, callback_type)
-      callbacks = self.class.callbacks || {}
-      return if callbacks[action].nil?
-
-      case callback_type.to_sym
-      when :before then callbacks[action].before_methods.each { |method| __send__ method }
-      when :after  then callbacks[action].after_methods.each  { |method| __send__ method }
-      when :fails  then callbacks[action].fails_methods.each  { |method| __send__ method }
-      end
-    end
-
    # URL helpers
    def new_object_url(options = {})
      if parent_data.present?
--- a/app/controllers/admin/schedules_controller.rb
+++ b/app/controllers/admin/schedules_controller.rb
@@ -9,7 +9,8 @@ module Admin
    before_action :editable_order_cycle_ids_for_create, only: [:create]
    before_action :editable_order_cycle_ids_for_update, only: [:update]
    before_action :check_dependent_subscriptions, only: [:destroy]
-    update.after :sync_subscriptions_for_update
+
+    after_action :sync_subscriptions_for_update, only: :update

    respond_to :json

@@ -120,7 +121,7 @@ module Admin
    end

    def sync_subscriptions_for_update
-      return unless params[:schedule][:order_cycle_ids]
+      return unless params[:schedule][:order_cycle_ids] && @object.errors.blank?

      sync_subscriptions
    end
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -1,103 +0,0 @@
-# Base controller for OFN's API
-require_dependency 'spree/api/controller_setup'
-require "spree/core/controller_helpers/ssl"
-
-module Api
-  class BaseController < ActionController::Metal
-    include RawParams
-    include ActionController::StrongParameters
-    include ActionController::RespondWith
-    include Spree::Api::ControllerSetup
-    include Spree::Core::ControllerHelpers::SSL
-    include ::ActionController::Head
-    include ::ActionController::ConditionalGet
-    include ActionView::Layouts
-
-    layout false
-
-    attr_accessor :current_api_user
-
-    before_action :set_content_type
-    before_action :authenticate_user
-
-    rescue_from Exception, with: :error_during_processing
-    rescue_from CanCan::AccessDenied, with: :unauthorized
-    rescue_from ActiveRecord::RecordNotFound, with: :not_found
-
-    helper Spree::Api::ApiHelpers
-
-    ssl_allowed
-
-    # Include these because we inherit from ActionController::Metal
-    #   rather than ActionController::Base and these are required for AMS
-    include ActionController::Serialization
-    include ActionController::UrlFor
-    include Rails.application.routes.url_helpers
-
-    use_renderers :json
-    check_authorization
-
-    def respond_with_conflict(json_hash)
-      render json: json_hash, status: :conflict
-    end
-
-    private
-
-    # Use logged in user (spree_current_user) for API authentication (current_api_user)
-    def authenticate_user
-      return if @current_api_user = spree_current_user
-
-      if api_key.blank?
-        # An anonymous user
-        @current_api_user = Spree.user_class.new
-        return
-      end
-
-      return if @current_api_user = Spree.user_class.find_by(spree_api_key: api_key.to_s)
-
-      invalid_api_key
-    end
-
-    def set_content_type
-      headers["Content-Type"] = "application/json"
-    end
-
-    def error_during_processing(exception)
-      Bugsnag.notify(exception)
-
-      render(json: { exception: exception.message },
-             status: :unprocessable_entity) && return
-    end
-
-    def current_ability
-      Spree::Ability.new(current_api_user)
-    end
-
-    def api_key
-      request.headers["X-Spree-Token"] || params[:token]
-    end
-    helper_method :api_key
-
-    def invalid_resource!(resource)
-      @resource = resource
-      render(json: { error: I18n.t(:invalid_resource, scope: "spree.api"),
-                     errors: @resource.errors },
-             status: :unprocessable_entity)
-    end
-
-    def invalid_api_key
-      render(json: { error: I18n.t(:invalid_api_key, key: api_key, scope: "spree.api") },
-             status: :unauthorized) && return
-    end
-
-    def unauthorized
-      render(json: { error: I18n.t(:unauthorized, scope: "spree.api") },
-             status: :unauthorized) && return
-    end
-
-    def not_found
-      render(json: { error: I18n.t(:resource_not_found, scope: "spree.api") },
-             status: :not_found) && return
-    end
-  end
-end
--- a/app/controllers/api/customers_controller.rb
+++ b/app/controllers/api/customers_controller.rb
@@ -1,37 +0,0 @@
-module Api
-  class CustomersController < Api::BaseController
-    skip_authorization_check only: :index
-
-    def index
-      @customers = current_api_user.customers
-      render json: @customers, each_serializer: CustomerSerializer
-    end
-
-    def update
-      @customer = Customer.find(params[:id])
-      authorize! :update, @customer
-
-      client_secret = RecurringPayments.setup_for(@customer) if params[:customer][:allow_charges]
-
-      if @customer.update(customer_params)
-        add_recurring_payment_info(client_secret)
-        render json: @customer, serializer: CustomerSerializer, status: :ok
-      else
-        invalid_resource!(@customer)
-      end
-    end
-
-    private
-
-    def add_recurring_payment_info(client_secret)
-      return unless client_secret
-
-      @customer.gateway_recurring_payment_client_secret = client_secret
-      @customer.gateway_shop_id = @customer.enterprise.stripe_account&.stripe_user_id
-    end
-
-    def customer_params
-      params.require(:customer).permit(:code, :email, :enterprise_id, :allow_charges)
-    end
-  end
-end
--- a/app/controllers/api/enterprise_attachment_controller.rb
+++ b/app/controllers/api/enterprise_attachment_controller.rb
@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-require 'api/admin/enterprise_serializer'
-
-module Api
-  class EnterpriseAttachmentController < Api::BaseController
-    class MissingImplementationError < StandardError; end
-    class UnknownEnterpriseAuthorizationActionError < StandardError; end
-
-    before_action :load_enterprise
-
-    respond_to :json
-
-    def destroy
-      return respond_with_conflict(error: destroy_attachment_does_not_exist_error_message) unless @enterprise.public_send("#{attachment_name}?")
-
-      @enterprise.update!(attachment_name => nil)
-      render json: @enterprise, serializer: Admin::EnterpriseSerializer, spree_current_user: spree_current_user
-    end
-
-    protected
-
-    def attachment_name
-      raise MissingImplementationError, "Method attachment_name should be defined"
-    end
-
-    def enterprise_authorize_action
-      raise MissingImplementationError, "Method enterprise_authorize_action should be defined"
-    end
-
-    def load_enterprise
-      @enterprise = Enterprise.find_by(permalink: params[:enterprise_id].to_s)
-      raise UnknownEnterpriseAuthorizationActionError if enterprise_authorize_action.blank?
-
-      authorize!(enterprise_authorize_action, @enterprise)
-    end
-
-    def destroy_attachment_does_not_exist_error_message
-      I18n.t("api.enterprise_#{attachment_name}.destroy_attachment_does_not_exist")
-    end
-  end
-end
--- a/app/controllers/api/enterprise_fees_controller.rb
+++ b/app/controllers/api/enterprise_fees_controller.rb
@@ -1,21 +0,0 @@
-module Api
-  class EnterpriseFeesController < Api::BaseController
-    respond_to :json
-
-    def destroy
-      authorize! :destroy, enterprise_fee
-
-      if enterprise_fee.destroy
-        render plain: I18n.t(:successfully_removed), status: :no_content
-      else
-        render plain: enterprise_fee.errors.full_messages.first, status: :forbidden
-      end
-    end
-
-    private
-
-    def enterprise_fee
-      @enterprise_fee ||= EnterpriseFee.find_by id: params[:id]
-    end
-  end
-end
--- a/app/controllers/api/enterprises_controller.rb
+++ b/app/controllers/api/enterprises_controller.rb
@@ -1,78 +0,0 @@
-module Api
-  class EnterprisesController < Api::BaseController
-    before_action :override_owner, only: [:create, :update]
-    before_action :check_type, only: :update
-    before_action :override_sells, only: [:create, :update]
-    before_action :override_visible, only: [:create, :update]
-    respond_to :json
-
-    def create
-      authorize! :create, Enterprise
-
-      # params[:user_ids] breaks the enterprise creation
-      # We remove them from params and save them after creating the enterprise
-      user_ids = enterprise_params.delete(:user_ids)
-      @enterprise = Enterprise.new(enterprise_params)
-      if @enterprise.save
-        @enterprise.user_ids = user_ids
-        render json: @enterprise.id, status: :created
-      else
-        invalid_resource!(@enterprise)
-      end
-    end
-
-    def update
-      @enterprise = Enterprise.find_by(permalink: params[:id]) || Enterprise.find(params[:id])
-      authorize! :update, @enterprise
-
-      if @enterprise.update(enterprise_params)
-        render json: @enterprise.id, status: :ok
-      else
-        invalid_resource!(@enterprise)
-      end
-    end
-
-    def update_image
-      @enterprise = Enterprise.find_by(permalink: params[:id]) || Enterprise.find(params[:id])
-      authorize! :update, @enterprise
-
-      if params[:logo] && @enterprise.update( logo: params[:logo] )
-        render plain: @enterprise.logo.url(:medium), status: :ok
-      elsif params[:promo] && @enterprise.update( promo_image: params[:promo] )
-        render plain: @enterprise.promo_image.url(:medium), status: :ok
-      else
-        invalid_resource!(@enterprise)
-      end
-    end
-
-    private
-
-    def override_owner
-      enterprise_params[:owner_id] = current_api_user.id
-    end
-
-    def check_type
-      enterprise_params.delete :type unless current_api_user.admin?
-    end
-
-    def override_sells
-      has_hub = current_api_user.owned_enterprises.is_hub.any?
-      new_enterprise_is_producer = !!enterprise_params[:is_primary_producer]
-
-      enterprise_params[:sells] = if has_hub && !new_enterprise_is_producer
-                                    'any'
-                                  else
-                                    'unspecified'
-                                  end
-    end
-
-    def override_visible
-      enterprise_params[:visible] = false
-    end
-
-    def enterprise_params
-      @enterprise_params ||= PermittedAttributes::Enterprise.new(params).call.
-        to_h.with_indifferent_access
-    end
-  end
-end
--- a/app/controllers/api/exchange_products_controller.rb
+++ b/app/controllers/api/exchange_products_controller.rb
@@ -1,100 +0,0 @@
-# frozen_string_literal: true
-
-# This controller lists products that can be added to an exchange
-#
-# Pagination is optional and can be required by using param[:page]
-module Api
-  class ExchangeProductsController < Api::BaseController
-    include PaginationData
-    DEFAULT_PER_PAGE = 100
-
-    skip_authorization_check only: [:index]
-
-    # If exchange_id is present in the URL:
-    #   Lists Products that can be added to that Exchange
-    #
-    # If exchange_id is not present in the URL:
-    #   Lists Products of the Enterprise given that can be added to the given Order Cycle
-    #   In this case parameters are: enterprise_id, order_cycle_id and incoming
-    #     (order_cycle_id is not necessary for incoming exchanges)
-    def index
-      if exchange_params[:exchange_id].present?
-        load_data_from_exchange
-      else
-        load_data_from_other_params
-      end
-
-      render_variant_count && return if params[:action_name] == "variant_count"
-
-      render_paginated_products paginated_products
-    end
-
-    private
-
-    def render_variant_count
-      render plain: {
-        count: variants.count
-      }.to_json
-    end
-
-    def variants
-      renderer.exchange_variants(@incoming, @enterprise)
-    end
-
-    def products
-      renderer.exchange_products(@incoming, @enterprise)
-    end
-
-    def renderer
-      @renderer ||= ExchangeProductsRenderer.
-        new(@order_cycle, spree_current_user)
-    end
-
-    def paginated_products
-      return products unless pagination_required?
-
-      products.
-        page(params[:page]).
-        per(params[:per_page] || DEFAULT_PER_PAGE)
-    end
-
-    def load_data_from_exchange
-      exchange = Exchange.find_by(id: exchange_params[:exchange_id])
-
-      @order_cycle = exchange.order_cycle
-      @incoming = exchange.incoming
-      @enterprise = exchange.sender
-    end
-
-    def load_data_from_other_params
-      @enterprise = Enterprise.find_by(id: exchange_params[:enterprise_id])
-
-      # This will be a string (eg "true") when it arrives via params, but we want a boolean
-      @incoming = ActiveModel::Type::Boolean.new.cast exchange_params[:incoming]
-
-      if exchange_params[:order_cycle_id]
-        @order_cycle = OrderCycle.find_by(id: exchange_params[:order_cycle_id])
-      elsif !@incoming
-        raise "order_cycle_id is required to list products for new outgoing exchange"
-      end
-    end
-
-    def render_paginated_products(paginated_products)
-      serialized_products = ActiveModel::ArraySerializer.new(
-        paginated_products,
-        each_serializer: Api::Admin::ForOrderCycle::SuppliedProductSerializer,
-        order_cycle: @order_cycle
-      )
-
-      render json: {
-        products: serialized_products,
-        pagination: pagination_data(paginated_products)
-      }
-    end
-
-    def exchange_params
-      params.permit(:enterprise_id, :exchange_id, :order_cycle_id, :incoming).
-        to_h.with_indifferent_access
-    end
-  end
-end
--- a/app/controllers/api/logos_controller.rb
+++ b/app/controllers/api/logos_controller.rb
@@ -1,16 +0,0 @@
-module Api
-  class LogosController < Api::EnterpriseAttachmentController
-    private
-
-    def attachment_name
-      :logo
-    end
-
-    def enterprise_authorize_action
-      case action_name.to_sym
-      when :destroy
-        :remove_logo
-      end
-    end
-  end
-end
--- a/app/controllers/api/order_cycles_controller.rb
+++ b/app/controllers/api/order_cycles_controller.rb
@@ -1,101 +0,0 @@
-module Api
-  class OrderCyclesController < Api::BaseController
-    include EnterprisesHelper
-    include ApiActionCaching
-
-    skip_authorization_check
-    skip_before_action :authenticate_user, :ensure_api_key, only: [:taxons, :properties]
-
-    caches_action :taxons, :properties,
-                  expires_in: CacheService::FILTERS_EXPIRY,
-                  cache_path: proc { |controller| controller.request.url }
-
-    def products
-      return render_no_products unless order_cycle.open?
-
-      products = ProductsRenderer.new(
-        distributor,
-        order_cycle,
-        customer,
-        search_params
-      ).products_json
-
-      render plain: products
-    rescue ProductsRenderer::NoProducts
-      render_no_products
-    end
-
-    def taxons
-      taxons = Spree::Taxon.
-        joins(:products).
-        where(spree_products: { id: distributed_products }).
-        select('DISTINCT spree_taxons.*')
-
-      render plain: ActiveModel::ArraySerializer.new(
-        taxons, each_serializer: Api::TaxonSerializer
-      ).to_json
-    end
-
-    def properties
-      render plain: ActiveModel::ArraySerializer.new(
-        product_properties | producer_properties, each_serializer: Api::PropertySerializer
-      ).to_json
-    end
-
-    private
-
-    def render_no_products
-      render status: :not_found, json: {}
-    end
-
-    def product_properties
-      Spree::Property.
-        joins(:products).
-        where(spree_products: { id: distributed_products }).
-        select('DISTINCT spree_properties.*')
-    end
-
-    def producer_properties
-      producers = Enterprise.
-        joins(:supplied_products).
-        where(spree_products: { id: distributed_products })
-
-      Spree::Property.
-        joins(:producer_properties).
-        where(producer_properties: { producer_id: producers }).
-        select('DISTINCT spree_properties.*')
-    end
-
-    def search_params
-      permitted_search_params = params.slice :q, :page, :per_page
-
-      if permitted_search_params.key? :q
-        permitted_search_params[:q].slice!(*permitted_ransack_params)
-      end
-
-      permitted_search_params
-    end
-
-    def permitted_ransack_params
-      [:name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont,
-       :properties_id_or_supplier_properties_id_in_any,
-       :primary_taxon_id_in_any]
-    end
-
-    def distributor
-      @distributor ||= Enterprise.find_by(id: params[:distributor])
-    end
-
-    def order_cycle
-      @order_cycle ||= OrderCycle.find_by(id: params[:id])
-    end
-
-    def customer
-      @current_api_user.andand.customer_of(distributor) || nil
-    end
-
-    def distributed_products
-      OrderCycleDistributedProducts.new(distributor, order_cycle, customer).products_relation
-    end
-  end
-end
--- a/app/controllers/api/orders_controller.rb
+++ b/app/controllers/api/orders_controller.rb
@@ -1,67 +0,0 @@
-module Api
-  class OrdersController < Api::BaseController
-    include PaginationData
-
-    def show
-      authorize! :read, order
-      render json: order, serializer: Api::OrderDetailedSerializer, current_order: order
-    end
-
-    def index
-      authorize! :admin, Spree::Order
-
-      orders = SearchOrders.new(params, current_api_user).orders
-
-      render json: {
-        orders: serialized_orders(orders),
-        pagination: pagination_data(orders)
-      }
-    end
-
-    def ship
-      authorize! :admin, order
-
-      if order.ship
-        render json: order.reload, serializer: Api::Admin::OrderSerializer, status: :ok
-      else
-        render json: { error: I18n.t('api.orders.failed_to_update') }, status: :unprocessable_entity
-      end
-    end
-
-    def capture
-      authorize! :admin, order
-
-      pending_payment = order.pending_payments.first
-
-      return payment_capture_failed unless order.payment_required? && pending_payment
-
-      if pending_payment.capture!
-        render json: order.reload, serializer: Api::Admin::OrderSerializer, status: :ok
-      else
-        payment_capture_failed
-      end
-    rescue Spree::Core::GatewayError => e
-      error_during_processing(e)
-    end
-
-    private
-
-    def payment_capture_failed
-      render json: { error: I18n.t(:payment_processing_failed) }, status: :unprocessable_entity
-    end
-
-    def serialized_orders(orders)
-      ActiveModel::ArraySerializer.new(
-        orders,
-        each_serializer: Api::Admin::OrderSerializer
-      )
-    end
-
-    def order
-      @order ||= Spree::Order.
-        where(number: params[:id]).
-        includes(line_items: { variant: [:product, :stock_items, :default_price] }).
-        first!
-    end
-  end
-end
--- a/app/controllers/api/product_images_controller.rb
+++ b/app/controllers/api/product_images_controller.rb
@@ -1,19 +0,0 @@
-module Api
-  class ProductImagesController < Api::BaseController
-    respond_to :json
-
-    def update_product_image
-      @product = Spree::Product.find(params[:product_id])
-      authorize! :update, @product
-
-      if @product.images.first.nil?
-        @image = Spree::Image.create(attachment: params[:file], viewable_id: @product.master.id, viewable_type: 'Spree::Variant')
-        render json: @image, serializer: ImageSerializer, status: :created
-      else
-        @image = @product.images.first
-        @image.update(attachment: params[:file])
-        render json: @image, serializer: ImageSerializer, status: :ok
-      end
-    end
-  end
-end
--- a/app/controllers/api/products_controller.rb
+++ b/app/controllers/api/products_controller.rb
@@ -1,159 +0,0 @@
-require 'open_food_network/permissions'
-require 'spree/core/product_duplicator'
-
-module Api
-  class ProductsController < Api::BaseController
-    include PaginationData
-    respond_to :json
-    DEFAULT_PER_PAGE = 15
-
-    before_action :set_default_available_on, only: :create
-
-    skip_authorization_check only: [:show, :bulk_products, :overridable]
-
-    def show
-      @product = find_product(params[:id])
-      render json: @product, serializer: Api::Admin::ProductSerializer
-    end
-
-    def create
-      authorize! :create, Spree::Product
-      @product = Spree::Product.new(product_params)
-
-      begin
-        if @product.save
-          render json: @product, serializer: Api::Admin::ProductSerializer, status: :created
-        else
-          invalid_resource!(@product)
-        end
-      rescue ActiveRecord::RecordNotUnique
-        @product.permalink = nil
-        retry
-      end
-    end
-
-    def update
-      authorize! :update, Spree::Product
-      @product = find_product(params[:id])
-      if @product.update(product_params)
-        render json: @product, serializer: Api::Admin::ProductSerializer, status: :ok
-      else
-        invalid_resource!(@product)
-      end
-    end
-
-    def destroy
-      authorize! :delete, Spree::Product
-      @product = find_product(params[:id])
-      authorize! :delete, @product
-      @product.destroy
-      render json: @product, serializer: Api::Admin::ProductSerializer, status: :no_content
-    end
-
-    def bulk_products
-      product_query = OpenFoodNetwork::Permissions.
-        new(current_api_user).
-        editable_products.
-        merge(product_scope)
-
-      if params[:import_date].present?
-        product_query = product_query.
-          imported_on(params[:import_date]).
-          group_by_products_id
-      end
-
-      @products = product_query.
-        ransack(query_params_with_defaults).
-        result.
-        page(params[:page] || 1).
-        per(params[:per_page] || DEFAULT_PER_PAGE)
-
-      render_paged_products @products
-    end
-
-    def overridable
-      producer_ids = OpenFoodNetwork::Permissions.new(current_api_user).
-        variant_override_producers.by_name.select('enterprises.id')
-
-      @products = paged_products_for_producers producer_ids
-
-      render_paged_products @products, ::Api::Admin::ProductSimpleSerializer
-    end
-
-    # POST /api/products/:product_id/clone
-    #
-    def clone
-      authorize! :create, Spree::Product
-      original_product = find_product(params[:product_id])
-      authorize! :update, original_product
-
-      @product = original_product.duplicate
-
-      render json: @product, serializer: Api::Admin::ProductSerializer, status: :created
-    end
-
-    private
-
-    def find_product(id)
-      product_scope.find_by!(permalink: id.to_s)
-    rescue ActiveRecord::RecordNotFound
-      product_scope.find(id)
-    end
-
-    def product_scope
-      if current_api_user.has_spree_role?("admin") || current_api_user.enterprises.present?
-        scope = Spree::Product
-        if params[:show_deleted]
-          scope = scope.with_deleted
-        end
-      else
-        scope = Spree::Product.active
-      end
-
-      scope.includes(product_query_includes)
-    end
-
-    def product_query_includes
-      [
-        master: [:images],
-        variants: [:default_price, :stock_locations, :stock_items, :variant_overrides,
-                   { option_values: :option_type }]
-      ]
-    end
-
-    def paged_products_for_producers(producer_ids)
-      Spree::Product.where(nil).
-        merge(product_scope).
-        includes(variants: [:product, :default_price, :stock_items]).
-        where(supplier_id: producer_ids).
-        by_producer.by_name.
-        ransack(params[:q]).result.
-        page(params[:page]).per(params[:per_page])
-    end
-
-    def render_paged_products(products, product_serializer = ::Api::Admin::ProductSerializer)
-      serialized_products = ActiveModel::ArraySerializer.new(
-        products,
-        each_serializer: product_serializer
-      )
-
-      render json: {
-        products: serialized_products,
-        pagination: pagination_data(products)
-      }
-    end
-
-    def query_params_with_defaults
-      (params[:q] || {}).reverse_merge(s: 'created_at desc')
-    end
-
-    def product_params
-      @product_params ||=
-        params.permit(product: PermittedAttributes::Product.attributes)[:product].to_h
-    end
-
-    def set_default_available_on
-      product_params[:available_on] ||= Time.zone.now
-    end
-  end
-end
--- a/app/controllers/api/promo_images_controller.rb
+++ b/app/controllers/api/promo_images_controller.rb
@@ -1,16 +0,0 @@
-module Api
-  class PromoImagesController < Api::EnterpriseAttachmentController
-    private
-
-    def attachment_name
-      :promo_image
-    end
-
-    def enterprise_authorize_action
-      case action_name.to_sym
-      when :destroy
-        :remove_promo_image
-      end
-    end
-  end
-end
--- a/app/controllers/api/shipments_controller.rb
+++ b/app/controllers/api/shipments_controller.rb
@@ -1,112 +0,0 @@
-require 'open_food_network/scope_variant_to_hub'
-
-module Api
-  class ShipmentsController < Api::BaseController
-    respond_to :json
-
-    before_action :find_order
-    before_action :find_and_update_shipment, only: [:ship, :ready, :add, :remove]
-
-    def create
-      variant = scoped_variant(params[:variant_id])
-      quantity = params[:quantity].to_i
-      @shipment = get_or_create_shipment(params[:stock_location_id])
-
-      @order.contents.add(variant, quantity, nil, @shipment)
-
-      @shipment.refresh_rates
-      @shipment.save!
-
-      render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
-    end
-
-    def update
-      authorize! :read, Spree::Shipment
-      @shipment = @order.shipments.find_by!(number: params[:id])
-      params[:shipment] ||= []
-      unlock = params[:shipment].delete(:unlock)
-
-      if unlock == 'yes'
-        @shipment.fee_adjustment.open
-      end
-
-      @shipment.update(shipment_params[:shipment])
-
-      if unlock == 'yes'
-        @shipment.fee_adjustment.close
-      end
-
-      render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
-    end
-
-    def ready
-      authorize! :read, Spree::Shipment
-      unless @shipment.ready?
-        if @shipment.can_ready?
-          @shipment.ready!
-        else
-          render(json: { error: I18n.t(:cannot_ready, scope: "spree.api.shipment") },
-                 status: :unprocessable_entity) && return
-        end
-      end
-      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
-    end
-
-    def ship
-      authorize! :read, Spree::Shipment
-      unless @shipment.shipped?
-        @shipment.ship!
-      end
-      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
-    end
-
-    def add
-      variant = scoped_variant(params[:variant_id])
-      quantity = params[:quantity].to_i
-
-      @order.contents.add(variant, quantity, nil, @shipment)
-
-      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
-    end
-
-    def remove
-      variant = scoped_variant(params[:variant_id])
-      quantity = params[:quantity].to_i
-
-      @order.contents.remove(variant, quantity, @shipment)
-      @shipment.reload if @shipment.persisted?
-
-      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
-    end
-
-    private
-
-    def find_order
-      @order = Spree::Order.find_by!(number: params[:order_id])
-      authorize! :read, @order
-    end
-
-    def find_and_update_shipment
-      @shipment = @order.shipments.find_by!(number: params[:id])
-      @shipment.update(shipment_params[:shipment]) if shipment_params[:shipment].present?
-      @shipment.reload
-    end
-
-    def scoped_variant(variant_id)
-      variant = Spree::Variant.find(variant_id)
-      OpenFoodNetwork::ScopeVariantToHub.new(@order.distributor).scope(variant)
-      variant
-    end
-
-    def get_or_create_shipment(stock_location_id)
-      @order.shipment || @order.shipments.create(stock_location_id: stock_location_id)
-    end
-
-    def shipment_params
-      params.permit(
-        [:id, :order_id, :variant_id, :quantity,
-         { shipment: [:tracking, :selected_shipping_rate_id] }]
-      )
-    end
-  end
-end
--- a/app/controllers/api/shops_controller.rb
+++ b/app/controllers/api/shops_controller.rb
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module Api
-  class ShopsController < BaseController
-    respond_to :json
-    skip_authorization_check only: [:show, :closed_shops]
-
-    def show
-      enterprise = Enterprise.find_by(id: params[:id])
-
-      render plain: Api::EnterpriseShopfrontSerializer.new(enterprise).to_json, status: :ok
-    end
-
-    def closed_shops
-      @active_distributor_ids = []
-      @earliest_closing_times = []
-
-      serialized_closed_shops = ActiveModel::ArraySerializer.new(
-        ShopsListService.new.closed_shops,
-        each_serializer: Api::EnterpriseSerializer,
-        data: OpenFoodNetwork::EnterpriseInjectionData.new
-      )
-
-      render json: serialized_closed_shops
-    end
-  end
-end
--- a/app/controllers/api/states_controller.rb
+++ b/app/controllers/api/states_controller.rb
@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-module Api
-  class StatesController < Api::BaseController
-    respond_to :json
-
-    skip_authorization_check
-
-    def index
-      render json: states, each_serializer: Api::StateSerializer, status: :ok
-    end
-
-    def show
-      @state = scope.find(params[:id])
-      render json: @state, serializer: Api::StateSerializer, status: :ok
-    end
-
-    private
-
-    def scope
-      if params[:country_id]
-        @country = Spree::Country.find(params[:country_id])
-        @country.states
-      else
-        Spree::State.all
-      end
-    end
-
-    def states
-      states = scope.ransack(params[:q]).result.
-        includes(:country).order('name ASC')
-
-      if pagination?
-        states = states.page(params[:page]).per(params[:per_page])
-      end
-
-      states
-    end
-
-    def pagination?
-      params[:page] || params[:per_page]
-    end
-  end
-end
--- a/app/controllers/api/statuses_controller.rb
+++ b/app/controllers/api/statuses_controller.rb
@@ -1,16 +0,0 @@
-module Api
-  class StatusesController < ::BaseController
-    respond_to :json
-
-    def job_queue
-      render json: { alive: job_queue_alive? }
-    end
-
-    private
-
-    def job_queue_alive?
-      Spree::Config.last_job_queue_heartbeat_at.present? &&
-        Time.parse(Spree::Config.last_job_queue_heartbeat_at).in_time_zone > 6.minutes.ago
-    end
-  end
-end
--- a/app/controllers/api/taxonomies_controller.rb
+++ b/app/controllers/api/taxonomies_controller.rb
@@ -1,12 +0,0 @@
-module Api
-  class TaxonomiesController < Api::BaseController
-    respond_to :json
-
-    skip_authorization_check only: :jstree
-
-    def jstree
-      @taxonomy = Spree::Taxonomy.find(params[:id])
-      render json: @taxonomy.root, serializer: Api::TaxonJstreeSerializer
-    end
-  end
-end
--- a/app/controllers/api/taxons_controller.rb
+++ b/app/controllers/api/taxons_controller.rb
@@ -1,76 +0,0 @@
-module Api
-  class TaxonsController < Api::BaseController
-    respond_to :json
-
-    skip_authorization_check only: [:index, :show, :jstree]
-
-    def index
-      @taxons = if taxonomy
-                  taxonomy.root.children
-                elsif params[:ids]
-                  Spree::Taxon.where(id: raw_params[:ids].split(","))
-                else
-                  Spree::Taxon.ransack(raw_params[:q]).result
-                end
-      render json: @taxons, each_serializer: Api::TaxonSerializer
-    end
-
-    def jstree
-      @taxon = taxon
-      render json: @taxon.children, each_serializer: Api::TaxonJstreeSerializer
-    end
-
-    def create
-      authorize! :create, Spree::Taxon
-      @taxon = Spree::Taxon.new(taxon_params)
-      @taxon.taxonomy_id = params[:taxonomy_id]
-      taxonomy = Spree::Taxonomy.find_by(id: params[:taxonomy_id])
-
-      if taxonomy.nil?
-        @taxon.errors[:taxonomy_id] = I18n.t(:invalid_taxonomy_id, scope: 'spree.api')
-        invalid_resource!(@taxon) && return
-      end
-
-      @taxon.parent_id = taxonomy.root.id unless params.dig(:taxon, :parent_id)
-
-      if @taxon.save
-        render json: @taxon, serializer: Api::TaxonSerializer, status: :created
-      else
-        invalid_resource!(@taxon)
-      end
-    end
-
-    def update
-      authorize! :update, Spree::Taxon
-      if taxon.update(taxon_params)
-        render json: taxon, serializer: Api::TaxonSerializer, status: :ok
-      else
-        invalid_resource!(taxon)
-      end
-    end
-
-    def destroy
-      authorize! :delete, Spree::Taxon
-      taxon.destroy
-      render json: taxon, serializer: Api::TaxonSerializer, status: :no_content
-    end
-
-    private
-
-    def taxonomy
-      return if params[:taxonomy_id].blank?
-
-      @taxonomy ||= Spree::Taxonomy.find(params[:taxonomy_id])
-    end
-
-    def taxon
-      @taxon ||= taxonomy.taxons.find(params[:id])
-    end
-
-    def taxon_params
-      return if params[:taxon].blank?
-
-      params.require(:taxon).permit([:name, :parent_id])
-    end
-  end
-end
--- a/app/controllers/api/terms_and_conditions_controller.rb
+++ b/app/controllers/api/terms_and_conditions_controller.rb
@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-module Api
-  class TermsAndConditionsController < Api::EnterpriseAttachmentController
-    private
-
-    def attachment_name
-      :terms_and_conditions
-    end
-
-    def enterprise_authorize_action
-      case action_name.to_sym
-      when :destroy
-        :remove_terms_and_conditions
-      end
-    end
-  end
-end
--- a/app/controllers/api/v0/base_controller.rb
+++ b/app/controllers/api/v0/base_controller.rb
@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+# Base controller for OFN's API
+require_dependency 'spree/api/controller_setup'
+require "spree/core/controller_helpers/ssl"
+
+module Api
+  module V0
+    class BaseController < ActionController::Metal
+      include RawParams
+      include ActionController::StrongParameters
+      include ActionController::RespondWith
+      include Spree::Api::ControllerSetup
+      include Spree::Core::ControllerHelpers::SSL
+      include ::ActionController::Head
+      include ::ActionController::ConditionalGet
+      include ActionView::Layouts
+
+      layout false
+
+      attr_accessor :current_api_user
+
+      before_action :set_content_type
+      before_action :authenticate_user
+
+      rescue_from Exception, with: :error_during_processing
+      rescue_from CanCan::AccessDenied, with: :unauthorized
+      rescue_from ActiveRecord::RecordNotFound, with: :not_found
+
+      ssl_allowed
+
+      # Include these because we inherit from ActionController::Metal
+      #   rather than ActionController::Base and these are required for AMS
+      include ActionController::Serialization
+      include ActionController::UrlFor
+      include Rails.application.routes.url_helpers
+
+      use_renderers :json
+      check_authorization
+
+      def respond_with_conflict(json_hash)
+        render json: json_hash, status: :conflict
+      end
+
+      private
+
+      # Use logged in user (spree_current_user) for API authentication (current_api_user)
+      def authenticate_user
+        return if @current_api_user = spree_current_user
+
+        if api_key.blank?
+          # An anonymous user
+          @current_api_user = Spree.user_class.new
+          return
+        end
+
+        return if @current_api_user = Spree.user_class.find_by(spree_api_key: api_key.to_s)
+
+        invalid_api_key
+      end
+
+      def set_content_type
+        headers["Content-Type"] = "application/json"
+      end
+
+      def error_during_processing(exception)
+        Bugsnag.notify(exception)
+
+        render(json: { exception: exception.message },
+               status: :unprocessable_entity) && return
+      end
+
+      def current_ability
+        Spree::Ability.new(current_api_user)
+      end
+
+      def api_key
+        request.headers["X-Spree-Token"] || params[:token]
+      end
+      helper_method :api_key
+
+      def invalid_resource!(resource)
+        @resource = resource
+        render(json: { error: I18n.t(:invalid_resource, scope: "spree.api"),
+                       errors: @resource.errors },
+               status: :unprocessable_entity)
+      end
+
+      def invalid_api_key
+        render(json: { error: I18n.t(:invalid_api_key, key: api_key, scope: "spree.api") },
+               status: :unauthorized) && return
+      end
+
+      def unauthorized
+        render(json: { error: I18n.t(:unauthorized, scope: "spree.api") },
+               status: :unauthorized) && return
+      end
+
+      def not_found
+        render(json: { error: I18n.t(:resource_not_found, scope: "spree.api") },
+               status: :not_found) && return
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/customers_controller.rb
+++ b/app/controllers/api/v0/customers_controller.rb
@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class CustomersController < Api::V0::BaseController
+      skip_authorization_check only: :index
+
+      def index
+        @customers = current_api_user.customers
+        render json: @customers, each_serializer: CustomerSerializer
+      end
+
+      def update
+        @customer = Customer.find(params[:id])
+        authorize! :update, @customer
+
+        client_secret = RecurringPayments.setup_for(@customer) if params[:customer][:allow_charges]
+
+        if @customer.update(customer_params)
+          add_recurring_payment_info(client_secret)
+          render json: @customer, serializer: CustomerSerializer, status: :ok
+        else
+          invalid_resource!(@customer)
+        end
+      end
+
+      private
+
+      def add_recurring_payment_info(client_secret)
+        return unless client_secret
+
+        @customer.gateway_recurring_payment_client_secret = client_secret
+        @customer.gateway_shop_id = @customer.enterprise.stripe_account&.stripe_user_id
+      end
+
+      def customer_params
+        params.require(:customer).permit(:code, :email, :enterprise_id, :allow_charges)
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/enterprise_attachment_controller.rb
+++ b/app/controllers/api/v0/enterprise_attachment_controller.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+require 'api/admin/enterprise_serializer'
+
+module Api
+  module V0
+    class EnterpriseAttachmentController < Api::V0::BaseController
+      class MissingImplementationError < StandardError; end
+
+      class UnknownEnterpriseAuthorizationActionError < StandardError; end
+
+      before_action :load_enterprise
+
+      respond_to :json
+
+      def destroy
+        unless @enterprise.public_send("#{attachment_name}?")
+          return respond_with_conflict(error: destroy_attachment_does_not_exist_error_message)
+        end
+
+        @enterprise.update!(attachment_name => nil)
+        render json: @enterprise,
+               serializer: Admin::EnterpriseSerializer,
+               spree_current_user: spree_current_user
+      end
+
+      protected
+
+      def attachment_name
+        raise MissingImplementationError, "Method attachment_name should be defined"
+      end
+
+      def enterprise_authorize_action
+        raise MissingImplementationError, "Method enterprise_authorize_action should be defined"
+      end
+
+      def load_enterprise
+        @enterprise = Enterprise.find_by(permalink: params[:enterprise_id].to_s)
+        raise UnknownEnterpriseAuthorizationActionError if enterprise_authorize_action.blank?
+
+        authorize!(enterprise_authorize_action, @enterprise)
+      end
+
+      def destroy_attachment_does_not_exist_error_message
+        I18n.t("api.enterprise_#{attachment_name}.destroy_attachment_does_not_exist")
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/enterprise_fees_controller.rb
+++ b/app/controllers/api/v0/enterprise_fees_controller.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class EnterpriseFeesController < Api::V0::BaseController
+      respond_to :json
+
+      def destroy
+        authorize! :destroy, enterprise_fee
+
+        if enterprise_fee.destroy
+          render plain: I18n.t(:successfully_removed), status: :no_content
+        else
+          render plain: enterprise_fee.errors.full_messages.first, status: :forbidden
+        end
+      end
+
+      private
+
+      def enterprise_fee
+        @enterprise_fee ||= EnterpriseFee.find_by id: params[:id]
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/enterprises_controller.rb
+++ b/app/controllers/api/v0/enterprises_controller.rb
@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class EnterprisesController < Api::V0::BaseController
+      before_action :override_owner, only: [:create, :update]
+      before_action :check_type, only: :update
+      before_action :override_sells, only: [:create, :update]
+      before_action :override_visible, only: [:create, :update]
+      respond_to :json
+
+      def create
+        authorize! :create, Enterprise
+
+        # params[:user_ids] breaks the enterprise creation
+        # We remove them from params and save them after creating the enterprise
+        user_ids = enterprise_params.delete(:user_ids)
+        @enterprise = Enterprise.new(enterprise_params)
+        if @enterprise.save
+          @enterprise.user_ids = user_ids
+          render json: @enterprise.id, status: :created
+        else
+          invalid_resource!(@enterprise)
+        end
+      end
+
+      def update
+        @enterprise = Enterprise.find_by(permalink: params[:id]) || Enterprise.find(params[:id])
+        authorize! :update, @enterprise
+
+        if @enterprise.update(enterprise_params)
+          render json: @enterprise.id, status: :ok
+        else
+          invalid_resource!(@enterprise)
+        end
+      end
+
+      def update_image
+        @enterprise = Enterprise.find_by(permalink: params[:id]) || Enterprise.find(params[:id])
+        authorize! :update, @enterprise
+
+        if params[:logo] && @enterprise.update( logo: params[:logo] )
+          render plain: @enterprise.logo.url(:medium), status: :ok
+        elsif params[:promo] && @enterprise.update( promo_image: params[:promo] )
+          render plain: @enterprise.promo_image.url(:medium), status: :ok
+        else
+          invalid_resource!(@enterprise)
+        end
+      end
+
+      private
+
+      def override_owner
+        enterprise_params[:owner_id] = current_api_user.id
+      end
+
+      def check_type
+        enterprise_params.delete :type unless current_api_user.admin?
+      end
+
+      def override_sells
+        has_hub = current_api_user.owned_enterprises.is_hub.any?
+        new_enterprise_is_producer = !!enterprise_params[:is_primary_producer]
+
+        enterprise_params[:sells] = if has_hub && !new_enterprise_is_producer
+                                      'any'
+                                    else
+                                      'unspecified'
+                                    end
+      end
+
+      def override_visible
+        enterprise_params[:visible] = false
+      end
+
+      def enterprise_params
+        @enterprise_params ||= PermittedAttributes::Enterprise.new(params).call.
+          to_h.with_indifferent_access
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/exchange_products_controller.rb
+++ b/app/controllers/api/v0/exchange_products_controller.rb
@@ -0,0 +1,102 @@
+# frozen_string_literal: true
+
+# This controller lists products that can be added to an exchange
+#
+# Pagination is optional and can be required by using param[:page]
+module Api
+  module V0
+    class ExchangeProductsController < Api::V0::BaseController
+      include PaginationData
+      DEFAULT_PER_PAGE = 100
+
+      skip_authorization_check only: [:index]
+
+      # If exchange_id is present in the URL:
+      #   Lists Products that can be added to that Exchange
+      #
+      # If exchange_id is not present in the URL:
+      #   Lists Products of the Enterprise given that can be added to the given Order Cycle
+      #   In this case parameters are: enterprise_id, order_cycle_id and incoming
+      #     (order_cycle_id is not necessary for incoming exchanges)
+      def index
+        if exchange_params[:exchange_id].present?
+          load_data_from_exchange
+        else
+          load_data_from_other_params
+        end
+
+        render_variant_count && return if params[:action_name] == "variant_count"
+
+        render_paginated_products paginated_products
+      end
+
+      private
+
+      def render_variant_count
+        render plain: {
+          count: variants.count
+        }.to_json
+      end
+
+      def variants
+        renderer.exchange_variants(@incoming, @enterprise)
+      end
+
+      def products
+        renderer.exchange_products(@incoming, @enterprise)
+      end
+
+      def renderer
+        @renderer ||= ExchangeProductsRenderer.
+          new(@order_cycle, spree_current_user)
+      end
+
+      def paginated_products
+        return products unless pagination_required?
+
+        products.
+          page(params[:page]).
+          per(params[:per_page] || DEFAULT_PER_PAGE)
+      end
+
+      def load_data_from_exchange
+        exchange = Exchange.find_by(id: exchange_params[:exchange_id])
+
+        @order_cycle = exchange.order_cycle
+        @incoming = exchange.incoming
+        @enterprise = exchange.sender
+      end
+
+      def load_data_from_other_params
+        @enterprise = Enterprise.find_by(id: exchange_params[:enterprise_id])
+
+        # This will be a string (eg "true") when it arrives via params, but we want a boolean
+        @incoming = ActiveModel::Type::Boolean.new.cast exchange_params[:incoming]
+
+        if exchange_params[:order_cycle_id]
+          @order_cycle = OrderCycle.find_by(id: exchange_params[:order_cycle_id])
+        elsif !@incoming
+          raise "order_cycle_id is required to list products for new outgoing exchange"
+        end
+      end
+
+      def render_paginated_products(paginated_products)
+        serialized_products = ActiveModel::ArraySerializer.new(
+          paginated_products,
+          each_serializer: Api::Admin::ForOrderCycle::SuppliedProductSerializer,
+          order_cycle: @order_cycle
+        )
+
+        render json: {
+          products: serialized_products,
+          pagination: pagination_data(paginated_products)
+        }
+      end
+
+      def exchange_params
+        params.permit(:enterprise_id, :exchange_id, :order_cycle_id, :incoming).
+          to_h.with_indifferent_access
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/logos_controller.rb
+++ b/app/controllers/api/v0/logos_controller.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class LogosController < Api::V0::EnterpriseAttachmentController
+      private
+
+      def attachment_name
+        :logo
+      end
+
+      def enterprise_authorize_action
+        case action_name.to_sym
+        when :destroy
+          :remove_logo
+        end
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/order_cycles_controller.rb
+++ b/app/controllers/api/v0/order_cycles_controller.rb
@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class OrderCyclesController < Api::V0::BaseController
+      include EnterprisesHelper
+      include ApiActionCaching
+
+      skip_authorization_check
+      skip_before_action :authenticate_user, :ensure_api_key, only: [:taxons, :properties]
+
+      caches_action :taxons, :properties,
+                    expires_in: CacheService::FILTERS_EXPIRY,
+                    cache_path: proc { |controller| controller.request.url }
+
+      def products
+        return render_no_products unless order_cycle.open?
+
+        products = ProductsRenderer.new(
+          distributor,
+          order_cycle,
+          customer,
+          search_params
+        ).products_json
+
+        render plain: products
+      rescue ProductsRenderer::NoProducts
+        render_no_products
+      end
+
+      def taxons
+        taxons = Spree::Taxon.
+          joins(:products).
+          where(spree_products: { id: distributed_products }).
+          select('DISTINCT spree_taxons.*')
+
+        render plain: ActiveModel::ArraySerializer.new(
+          taxons, each_serializer: Api::TaxonSerializer
+        ).to_json
+      end
+
+      def properties
+        render plain: ActiveModel::ArraySerializer.new(
+          product_properties | producer_properties, each_serializer: Api::PropertySerializer
+        ).to_json
+      end
+
+      private
+
+      def render_no_products
+        render status: :not_found, json: {}
+      end
+
+      def product_properties
+        Spree::Property.
+          joins(:products).
+          where(spree_products: { id: distributed_products }).
+          select('DISTINCT spree_properties.*')
+      end
+
+      def producer_properties
+        producers = Enterprise.
+          joins(:supplied_products).
+          where(spree_products: { id: distributed_products })
+
+        Spree::Property.
+          joins(:producer_properties).
+          where(producer_properties: { producer_id: producers }).
+          select('DISTINCT spree_properties.*')
+      end
+
+      def search_params
+        permitted_search_params = params.slice :q, :page, :per_page
+
+        if permitted_search_params.key? :q
+          permitted_search_params[:q].slice!(*permitted_ransack_params)
+        end
+
+        permitted_search_params
+      end
+
+      def permitted_ransack_params
+        [:name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont,
+         :properties_id_or_supplier_properties_id_in_any,
+         :primary_taxon_id_in_any]
+      end
+
+      def distributor
+        @distributor ||= Enterprise.find_by(id: params[:distributor])
+      end
+
+      def order_cycle
+        @order_cycle ||= OrderCycle.find_by(id: params[:id])
+      end
+
+      def customer
+        @current_api_user.andand.customer_of(distributor) || nil
+      end
+
+      def distributed_products
+        OrderCycleDistributedProducts.new(distributor, order_cycle, customer).products_relation
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/orders_controller.rb
+++ b/app/controllers/api/v0/orders_controller.rb
@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class OrdersController < Api::V0::BaseController
+      include PaginationData
+
+      def show
+        authorize! :read, order
+        render json: order, serializer: Api::OrderDetailedSerializer, current_order: order
+      end
+
+      def index
+        authorize! :admin, Spree::Order
+
+        orders = SearchOrders.new(params, current_api_user).orders
+
+        render json: {
+          orders: serialized_orders(orders),
+          pagination: pagination_data(orders)
+        }
+      end
+
+      def ship
+        authorize! :admin, order
+
+        if order.ship
+          render json: order.reload, serializer: Api::Admin::OrderSerializer, status: :ok
+        else
+          render json: { error: I18n.t('api.orders.failed_to_update') },
+                 status: :unprocessable_entity
+        end
+      end
+
+      def capture
+        authorize! :admin, order
+
+        pending_payment = order.pending_payments.first
+
+        return payment_capture_failed unless order.payment_required? && pending_payment
+
+        if pending_payment.capture!
+          render json: order.reload, serializer: Api::Admin::OrderSerializer, status: :ok
+        else
+          payment_capture_failed
+        end
+      rescue Spree::Core::GatewayError => e
+        error_during_processing(e)
+      end
+
+      private
+
+      def payment_capture_failed
+        render json: { error: I18n.t(:payment_processing_failed) }, status: :unprocessable_entity
+      end
+
+      def serialized_orders(orders)
+        ActiveModel::ArraySerializer.new(
+          orders,
+          each_serializer: Api::Admin::OrderSerializer
+        )
+      end
+
+      def order
+        @order ||= Spree::Order.
+          where(number: params[:id]).
+          includes(line_items: { variant: [:product, :stock_items, :default_price] }).
+          first!
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/product_images_controller.rb
+++ b/app/controllers/api/v0/product_images_controller.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class ProductImagesController < Api::V0::BaseController
+      respond_to :json
+
+      def update_product_image
+        @product = Spree::Product.find(params[:product_id])
+        authorize! :update, @product
+
+        if @product.images.first.nil?
+          @image = Spree::Image.create(
+            attachment: params[:file],
+            viewable_id: @product.master.id,
+            viewable_type: 'Spree::Variant'
+          )
+          render json: @image, serializer: ImageSerializer, status: :created
+        else
+          @image = @product.images.first
+          @image.update(attachment: params[:file])
+          render json: @image, serializer: ImageSerializer, status: :ok
+        end
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/products_controller.rb
+++ b/app/controllers/api/v0/products_controller.rb
@@ -0,0 +1,163 @@
+# frozen_string_literal: true
+
+require 'open_food_network/permissions'
+require 'spree/core/product_duplicator'
+
+module Api
+  module V0
+    class ProductsController < Api::V0::BaseController
+      include PaginationData
+      respond_to :json
+      DEFAULT_PER_PAGE = 15
+
+      before_action :set_default_available_on, only: :create
+
+      skip_authorization_check only: [:show, :bulk_products, :overridable]
+
+      def show
+        @product = find_product(params[:id])
+        render json: @product, serializer: Api::Admin::ProductSerializer
+      end
+
+      def create
+        authorize! :create, Spree::Product
+        @product = Spree::Product.new(product_params)
+
+        begin
+          if @product.save
+            render json: @product, serializer: Api::Admin::ProductSerializer, status: :created
+          else
+            invalid_resource!(@product)
+          end
+        rescue ActiveRecord::RecordNotUnique
+          @product.permalink = nil
+          retry
+        end
+      end
+
+      def update
+        authorize! :update, Spree::Product
+        @product = find_product(params[:id])
+        if @product.update(product_params)
+          render json: @product, serializer: Api::Admin::ProductSerializer, status: :ok
+        else
+          invalid_resource!(@product)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Spree::Product
+        @product = find_product(params[:id])
+        authorize! :delete, @product
+        @product.destroy
+        render json: @product, serializer: Api::Admin::ProductSerializer, status: :no_content
+      end
+
+      def bulk_products
+        product_query = OpenFoodNetwork::Permissions.
+          new(current_api_user).
+          editable_products.
+          merge(product_scope)
+
+        if params[:import_date].present?
+          product_query = product_query.
+            imported_on(params[:import_date]).
+            group_by_products_id
+        end
+
+        @products = product_query.
+          ransack(query_params_with_defaults).
+          result.
+          page(params[:page] || 1).
+          per(params[:per_page] || DEFAULT_PER_PAGE)
+
+        render_paged_products @products
+      end
+
+      def overridable
+        producer_ids = OpenFoodNetwork::Permissions.new(current_api_user).
+          variant_override_producers.by_name.select('enterprises.id')
+
+        @products = paged_products_for_producers producer_ids
+
+        render_paged_products @products, ::Api::Admin::ProductSimpleSerializer
+      end
+
+      # POST /api/products/:product_id/clone
+      #
+      def clone
+        authorize! :create, Spree::Product
+        original_product = find_product(params[:product_id])
+        authorize! :update, original_product
+
+        @product = original_product.duplicate
+
+        render json: @product, serializer: Api::Admin::ProductSerializer, status: :created
+      end
+
+      private
+
+      def find_product(id)
+        product_scope.find_by!(permalink: id.to_s)
+      rescue ActiveRecord::RecordNotFound
+        product_scope.find(id)
+      end
+
+      def product_scope
+        if current_api_user.has_spree_role?("admin") || current_api_user.enterprises.present?
+          scope = Spree::Product
+          if params[:show_deleted]
+            scope = scope.with_deleted
+          end
+        else
+          scope = Spree::Product.active
+        end
+
+        scope.includes(product_query_includes)
+      end
+
+      def product_query_includes
+        [
+          master: [:images],
+          variants: [:default_price, :stock_locations, :stock_items, :variant_overrides,
+                     { option_values: :option_type }]
+        ]
+      end
+
+      def paged_products_for_producers(producer_ids)
+        Spree::Product.where(nil).
+          merge(product_scope).
+          includes(variants: [:product, :default_price, :stock_items]).
+          where(supplier_id: producer_ids).
+          by_producer.by_name.
+          ransack(params[:q]).result.
+          page(params[:page]).per(params[:per_page])
+      end
+
+      def render_paged_products(products, product_serializer = ::Api::Admin::ProductSerializer)
+        serialized_products = ActiveModel::ArraySerializer.new(
+          products,
+          each_serializer: product_serializer
+        )
+
+        render json: {
+          products: serialized_products,
+          pagination: pagination_data(products)
+        }
+      end
+
+      def query_params_with_defaults
+        (params[:q] || {}).reverse_merge(s: 'created_at desc')
+      end
+
+      def product_params
+        @product_params ||=
+          params.permit(product: PermittedAttributes::Product.attributes)[:product].to_h
+      end
+
+      def set_default_available_on
+        product_params[:available_on] ||= Time.zone.now
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/promo_images_controller.rb
+++ b/app/controllers/api/v0/promo_images_controller.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class PromoImagesController < Api::V0::EnterpriseAttachmentController
+      private
+
+      def attachment_name
+        :promo_image
+      end
+
+      def enterprise_authorize_action
+        case action_name.to_sym
+        when :destroy
+          :remove_promo_image
+        end
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/shipments_controller.rb
+++ b/app/controllers/api/v0/shipments_controller.rb
@@ -0,0 +1,123 @@
+# frozen_string_literal: true
+
+require 'open_food_network/scope_variant_to_hub'
+
+module Api
+  module V0
+    class ShipmentsController < Api::V0::BaseController
+      respond_to :json
+
+      before_action :find_order
+      before_action :refuse_changing_cancelled_orders, only: [:add, :remove]
+      before_action :find_and_update_shipment, only: [:ship, :ready, :add, :remove]
+
+      def create
+        variant = scoped_variant(params[:variant_id])
+        quantity = params[:quantity].to_i
+        @shipment = get_or_create_shipment(params[:stock_location_id])
+
+        @order.contents.add(variant, quantity, nil, @shipment)
+
+        @shipment.refresh_rates
+        @shipment.save!
+
+        render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
+      end
+
+      def update
+        authorize! :read, Spree::Shipment
+        @shipment = @order.shipments.find_by!(number: params[:id])
+        params[:shipment] ||= []
+        unlock = params[:shipment].delete(:unlock)
+
+        if unlock == 'yes'
+          @shipment.fee_adjustment.open
+        end
+
+        @shipment.update(shipment_params[:shipment])
+
+        if unlock == 'yes'
+          @shipment.fee_adjustment.close
+        end
+
+        render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
+      end
+
+      def ready
+        authorize! :read, Spree::Shipment
+        unless @shipment.ready?
+          if @shipment.can_ready?
+            @shipment.ready!
+          else
+            render(json: { error: I18n.t(:cannot_ready, scope: "spree.api.shipment") },
+                   status: :unprocessable_entity) && return
+          end
+        end
+        render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+      end
+
+      def ship
+        authorize! :read, Spree::Shipment
+        unless @shipment.shipped?
+          @shipment.ship!
+        end
+        render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+      end
+
+      def add
+        variant = scoped_variant(params[:variant_id])
+        quantity = params[:quantity].to_i
+
+        @order.contents.add(variant, quantity, nil, @shipment)
+        @order.recreate_all_fees!
+
+        render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+      end
+
+      def remove
+        variant = scoped_variant(params[:variant_id])
+        quantity = params[:quantity].to_i
+
+        @order.contents.remove(variant, quantity, @shipment)
+        @order.recreate_all_fees!
+        @shipment.reload if @shipment.persisted?
+
+        render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+      end
+
+      private
+
+      def find_order
+        @order = Spree::Order.find_by!(number: params[:order_id])
+        authorize! :read, @order
+      end
+
+      def find_and_update_shipment
+        @shipment = @order.shipments.find_by!(number: params[:id])
+        @shipment.update(shipment_params[:shipment]) if shipment_params[:shipment].present?
+        @shipment.reload
+      end
+
+      def refuse_changing_cancelled_orders
+        render status: :unprocessable_entity if @order.canceled?
+      end
+
+      def scoped_variant(variant_id)
+        variant = Spree::Variant.find(variant_id)
+        OpenFoodNetwork::ScopeVariantToHub.new(@order.distributor).scope(variant)
+        variant
+      end
+
+      def get_or_create_shipment(stock_location_id)
+        @order.shipment || @order.shipments.create(stock_location_id: stock_location_id)
+      end
+
+      def shipment_params
+        params.permit(
+          [:id, :order_id, :variant_id, :quantity,
+           { shipment: [:tracking, :selected_shipping_rate_id] }]
+        )
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/shops_controller.rb
+++ b/app/controllers/api/v0/shops_controller.rb
@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class ShopsController < BaseController
+      respond_to :json
+      skip_authorization_check only: [:show, :closed_shops]
+
+      def show
+        enterprise = Enterprise.find_by(id: params[:id])
+
+        render plain: Api::EnterpriseShopfrontSerializer.new(enterprise).to_json, status: :ok
+      end
+
+      def closed_shops
+        @active_distributor_ids = []
+        @earliest_closing_times = []
+
+        serialized_closed_shops = ActiveModel::ArraySerializer.new(
+          ShopsListService.new.closed_shops,
+          each_serializer: Api::EnterpriseSerializer,
+          data: OpenFoodNetwork::EnterpriseInjectionData.new
+        )
+
+        render json: serialized_closed_shops
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/states_controller.rb
+++ b/app/controllers/api/v0/states_controller.rb
@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class StatesController < Api::V0::BaseController
+      respond_to :json
+
+      skip_authorization_check
+
+      def index
+        render json: states, each_serializer: Api::StateSerializer, status: :ok
+      end
+
+      def show
+        @state = scope.find(params[:id])
+        render json: @state, serializer: Api::StateSerializer, status: :ok
+      end
+
+      private
+
+      def scope
+        if params[:country_id]
+          @country = Spree::Country.find(params[:country_id])
+          @country.states
+        else
+          Spree::State.all
+        end
+      end
+
+      def states
+        states = scope.ransack(params[:q]).result.
+          includes(:country).order('name ASC')
+
+        if pagination?
+          states = states.page(params[:page]).per(params[:per_page])
+        end
+
+        states
+      end
+
+      def pagination?
+        params[:page] || params[:per_page]
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/statuses_controller.rb
+++ b/app/controllers/api/v0/statuses_controller.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class StatusesController < ::BaseController
+      respond_to :json
+
+      def job_queue
+        render json: { alive: job_queue_alive? }
+      end
+
+      private
+
+      def job_queue_alive?
+        Spree::Config.last_job_queue_heartbeat_at.present? &&
+          Time.parse(Spree::Config.last_job_queue_heartbeat_at).in_time_zone > 6.minutes.ago
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/taxonomies_controller.rb
+++ b/app/controllers/api/v0/taxonomies_controller.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class TaxonomiesController < Api::V0::BaseController
+      respond_to :json
+
+      skip_authorization_check only: :jstree
+
+      def jstree
+        @taxonomy = Spree::Taxonomy.find(params[:id])
+        render json: @taxonomy.root, serializer: Api::TaxonJstreeSerializer
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/taxons_controller.rb
+++ b/app/controllers/api/v0/taxons_controller.rb
@@ -0,0 +1,78 @@
+module Api
+  module V0
+    class TaxonsController < Api::V0::BaseController
+      respond_to :json
+
+      skip_authorization_check only: [:index, :show, :jstree]
+
+      def index
+        @taxons = if taxonomy
+                    taxonomy.root.children
+                  elsif params[:ids]
+                    Spree::Taxon.where(id: raw_params[:ids].split(","))
+                  else
+                    Spree::Taxon.ransack(raw_params[:q]).result
+                  end
+        render json: @taxons, each_serializer: Api::TaxonSerializer
+      end
+
+      def jstree
+        @taxon = taxon
+        render json: @taxon.children, each_serializer: Api::TaxonJstreeSerializer
+      end
+
+      def create
+        authorize! :create, Spree::Taxon
+        @taxon = Spree::Taxon.new(taxon_params)
+        @taxon.taxonomy_id = params[:taxonomy_id]
+        taxonomy = Spree::Taxonomy.find_by(id: params[:taxonomy_id])
+
+        if taxonomy.nil?
+          @taxon.errors.add(:taxonomy_id, I18n.t(:invalid_taxonomy_id, scope: 'spree.api'))
+          invalid_resource!(@taxon) && return
+        end
+
+        @taxon.parent_id = taxonomy.root.id unless params.dig(:taxon, :parent_id)
+
+        if @taxon.save
+          render json: @taxon, serializer: Api::TaxonSerializer, status: :created
+        else
+          invalid_resource!(@taxon)
+        end
+      end
+
+      def update
+        authorize! :update, Spree::Taxon
+        if taxon.update(taxon_params)
+          render json: taxon, serializer: Api::TaxonSerializer, status: :ok
+        else
+          invalid_resource!(taxon)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Spree::Taxon
+        taxon.destroy
+        render json: taxon, serializer: Api::TaxonSerializer, status: :no_content
+      end
+
+      private
+
+      def taxonomy
+        return if params[:taxonomy_id].blank?
+
+        @taxonomy ||= Spree::Taxonomy.find(params[:taxonomy_id])
+      end
+
+      def taxon
+        @taxon ||= taxonomy.taxons.find(params[:id])
+      end
+
+      def taxon_params
+        return if params[:taxon].blank?
+
+        params.require(:taxon).permit([:name, :parent_id])
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/terms_and_conditions_controller.rb
+++ b/app/controllers/api/v0/terms_and_conditions_controller.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class TermsAndConditionsController < Api::V0::EnterpriseAttachmentController
+      private
+
+      def attachment_name
+        :terms_and_conditions
+      end
+
+      def enterprise_authorize_action
+        case action_name.to_sym
+        when :destroy
+          :remove_terms_and_conditions
+        end
+      end
+    end
+  end
+end
--- a/app/controllers/api/v0/variants_controller.rb
+++ b/app/controllers/api/v0/variants_controller.rb
@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+module Api
+  module V0
+    class VariantsController < Api::V0::BaseController
+      respond_to :json
+
+      skip_authorization_check only: [:index, :show]
+      before_action :product
+
+      def index
+        @variants = scope.includes(option_values: :option_type).ransack(params[:q]).result
+        render json: @variants, each_serializer: Api::VariantSerializer
+      end
+
+      def show
+        @variant = scope.includes(option_values: :option_type).find(params[:id])
+        render json: @variant, serializer: Api::VariantSerializer
+      end
+
+      def create
+        authorize! :create, Spree::Variant
+        @variant = scope.new(variant_params)
+        if @variant.save
+          render json: @variant, serializer: Api::VariantSerializer, status: :created
+        else
+          invalid_resource!(@variant)
+        end
+      end
+
+      def update
+        authorize! :update, Spree::Variant
+        @variant = scope.find(params[:id])
+        if @variant.update(variant_params)
+          render json: @variant, serializer: Api::VariantSerializer, status: :ok
+        else
+          invalid_resource!(@product)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Spree::Variant
+        @variant = scope.find(params[:id])
+        authorize! :delete, @variant
+
+        VariantDeleter.new.delete(@variant)
+        render json: @variant, serializer: Api::VariantSerializer, status: :no_content
+      end
+
+      private
+
+      def product
+        @product ||= Spree::Product.find_by(permalink: params[:product_id]) if params[:product_id]
+      end
+
+      def scope
+        if @product
+          variants = if current_api_user.has_spree_role?("admin") || params[:show_deleted]
+                       @product.variants_including_master.with_deleted
+                     else
+                       @product.variants_including_master
+                     end
+        else
+          variants = Spree::Variant.where(nil)
+          if current_api_user.has_spree_role?("admin")
+            unless params[:show_deleted]
+              variants = Spree::Variant.active
+            end
+          else
+            variants = variants.active
+          end
+        end
+        variants
+      end
+
+      def variant_params
+        params.require(:variant).permit(PermittedAttributes::Variant.attributes)
+      end
+    end
+  end
+end
--- a/app/controllers/api/variants_controller.rb
+++ b/app/controllers/api/variants_controller.rb
@@ -1,77 +0,0 @@
-module Api
-  class VariantsController < Api::BaseController
-    respond_to :json
-
-    skip_authorization_check only: [:index, :show]
-    before_action :product
-
-    def index
-      @variants = scope.includes(option_values: :option_type).ransack(params[:q]).result
-      render json: @variants, each_serializer: Api::VariantSerializer
-    end
-
-    def show
-      @variant = scope.includes(option_values: :option_type).find(params[:id])
-      render json: @variant, serializer: Api::VariantSerializer
-    end
-
-    def create
-      authorize! :create, Spree::Variant
-      @variant = scope.new(variant_params)
-      if @variant.save
-        render json: @variant, serializer: Api::VariantSerializer, status: :created
-      else
-        invalid_resource!(@variant)
-      end
-    end
-
-    def update
-      authorize! :update, Spree::Variant
-      @variant = scope.find(params[:id])
-      if @variant.update(variant_params)
-        render json: @variant, serializer: Api::VariantSerializer, status: :ok
-      else
-        invalid_resource!(@product)
-      end
-    end
-
-    def destroy
-      authorize! :delete, Spree::Variant
-      @variant = scope.find(params[:id])
-      authorize! :delete, @variant
-
-      VariantDeleter.new.delete(@variant)
-      render json: @variant, serializer: Api::VariantSerializer, status: :no_content
-    end
-
-    private
-
-    def product
-      @product ||= Spree::Product.find_by(permalink: params[:product_id]) if params[:product_id]
-    end
-
-    def scope
-      if @product
-        variants = if current_api_user.has_spree_role?("admin") || params[:show_deleted]
-                     @product.variants_including_master.with_deleted
-                   else
-                     @product.variants_including_master
-                   end
-      else
-        variants = Spree::Variant.where(nil)
-        if current_api_user.has_spree_role?("admin")
-          unless params[:show_deleted]
-            variants = Spree::Variant.active
-          end
-        else
-          variants = variants.active
-        end
-      end
-      variants
-    end
-
-    def variant_params
-      params.require(:variant).permit(PermittedAttributes::Variant.attributes)
-    end
-  end
-end
--- a/app/controllers/spree/admin/adjustments_controller.rb
+++ b/app/controllers/spree/admin/adjustments_controller.rb
@@ -5,6 +5,7 @@ module Spree

      prepend_before_action :set_included_tax, only: [:create, :update]
      before_action :set_order_id, only: [:create, :update]
+      before_action :skip_changing_canceled_orders, only: [:create, :update]
      after_action :update_order, only: [:create, :update, :destroy]
      before_action :set_default_tax_rate, only: :edit
      before_action :enable_updates, only: :update
@@ -28,6 +29,13 @@ module Spree
        @adjustment.order_id = parent.id
      end

+      def skip_changing_canceled_orders
+        return unless @order.canceled?
+
+        flash[:error] = t("admin.adjustments.skipped_changing_canceled_order")
+        redirect_to admin_order_adjustments_path(@order) if @order.canceled?
+      end
+
      # Choose a default tax rate to show on the edit form. The adjustment stores its included
      # tax in dollars, but doesn't store the source of the tax (ie. TaxRate that generated it).
      # We guess which tax rate here, choosing:
--- a/app/controllers/spree/admin/general_settings_controller.rb
+++ b/app/controllers/spree/admin/general_settings_controller.rb
@@ -3,7 +3,7 @@ module Spree
    class GeneralSettingsController < Spree::Admin::BaseController
      def edit
        @preferences_general = [:site_name, :default_seo_title, :default_meta_keywords,
-                                :default_meta_description, :site_url, :bugherd_api_key]
+                                :default_meta_description, :site_url]
        @preferences_security = [:allow_ssl_in_production,
                                 :allow_ssl_in_staging, :allow_ssl_in_development_and_test]
        @preferences_currency = [:display_currency, :hide_cents]
--- a/app/controllers/spree/admin/payment_methods_controller.rb
+++ b/app/controllers/spree/admin/payment_methods_controller.rb
@@ -5,7 +5,6 @@ module Spree
      before_action :load_data
      before_action :validate_payment_method_provider, only: [:create]
      before_action :load_hubs, only: [:new, :edit, :update]
-      create.before :load_hubs

      respond_to :html

@@ -15,14 +14,12 @@ module Spree
        @payment_method = payment_method_class.constantize.new(base_params)
        @object = @payment_method

-        invoke_callbacks(:create, :before)
+        load_hubs

        if @payment_method.save
-          invoke_callbacks(:create, :after)
          flash[:success] = Spree.t(:successfully_created, resource: Spree.t(:payment_method))
          redirect_to spree.edit_admin_payment_method_path(@payment_method)
        else
-          invoke_callbacks(:create, :fails)
          respond_with(@payment_method)
        end
      end
@@ -31,8 +28,6 @@ module Spree
        restrict_stripe_account_change
        force_environment

-        invoke_callbacks(:update, :before)
-
        if @payment_method.type.to_s != payment_method_class
          @payment_method.update_columns(
            type: payment_method_class,
@@ -42,11 +37,9 @@ module Spree
        end

        if @payment_method.update(update_params)
-          invoke_callbacks(:update, :after)
          flash[:success] = Spree.t(:successfully_updated, resource: Spree.t(:payment_method))
          redirect_to spree.edit_admin_payment_method_path(@payment_method)
        else
-          invoke_callbacks(:update, :fails)
          respond_with(@payment_method)
        end
      end
--- a/app/controllers/spree/admin/products_controller.rb
+++ b/app/controllers/spree/admin/products_controller.rb
@@ -38,7 +38,6 @@ module Spree
          end
        end
      rescue Paperclip::Errors::NotIdentifiedByImageMagickError
-        invoke_callbacks(:create, :fails)
        @object.errors.add(:base, t('spree.admin.products.image_upload_error'))
        respond_with(@object)
      end
@@ -80,7 +79,7 @@ module Spree
        product_set.collection.each { |p| authorize! :update, p }

        if product_set.save
-          redirect_to main_app.bulk_products_api_products_path(bulk_index_query)
+          redirect_to main_app.bulk_products_api_v0_products_path(bulk_index_query)
        elsif product_set.errors.present?
          render json: { errors: product_set.errors }, status: :bad_request
        else
--- a/app/controllers/spree/admin/return_authorizations_controller.rb
+++ b/app/controllers/spree/admin/return_authorizations_controller.rb
@@ -3,8 +3,7 @@ module Spree
    class ReturnAuthorizationsController < ::Admin::ResourceController
      belongs_to 'spree/order', find_by: :number

-      update.after :associate_inventory_units
-      create.after :associate_inventory_units
+      after_action :associate_inventory_units, only: [:create, :update]

      def fire
        @return_authorization.public_send("#{params[:e]}!")
--- a/app/controllers/spree/admin/shipping_methods_controller.rb
+++ b/app/controllers/spree/admin/shipping_methods_controller.rb
@@ -79,13 +79,14 @@ module Spree

      def load_data
        @available_zones = Zone.order(:name)
+        @tax_categories = Spree::TaxCategory.order(:name)
        @calculators = ShippingMethod.calculators.sort_by(&:name)
      end

      def permitted_resource_params
        params.require(:shipping_method).permit(
          :name, :description, :display_on, :require_ship_address, :tag_list, :calculator_type,
-          distributor_ids: [],
+          :tax_category_id, distributor_ids: [],
          calculator_attributes: PermittedAttributes::Calculator.attributes
        )
      end
--- a/app/controllers/spree/admin/tax_settings_controller.rb
+++ b/app/controllers/spree/admin/tax_settings_controller.rb
@@ -14,11 +14,7 @@ module Spree
      private

      def preferences_params
-        params.require(:preferences).permit(
-          :products_require_tax_category,
-          :shipment_inc_vat,
-          :shipping_tax_rate,
-        )
+        params.require(:preferences).permit(:products_require_tax_category)
      end
    end
  end
--- a/app/controllers/spree/admin/users_controller.rb
+++ b/app/controllers/spree/admin/users_controller.rb
@@ -102,7 +102,6 @@ module Spree

      # handling raise from Admin::ResourceController#destroy
      def user_destroy_with_orders_error
-        invoke_callbacks(:destroy, :fails)
        render status: :forbidden, text: Spree.t(:error_user_destroy_with_orders)
      end

--- a/app/controllers/spree/admin/variants_controller.rb
+++ b/app/controllers/spree/admin/variants_controller.rb
@@ -4,9 +4,9 @@ module Spree
  module Admin
    class VariantsController < ::Admin::ResourceController
      helper 'spree/products'
-
      belongs_to 'spree/product', find_by: :permalink
-      new_action.before :new_before
+
+      before_action :assign_default_attributes, only: :new

      def index
        @url_filters = ::ProductFilters.new.extract(request.query_parameters)
@@ -84,7 +84,7 @@ module Spree
        @object.save
      end

-      def new_before
+      def assign_default_attributes
        @object.attributes = @object.product.master.
          attributes.except('id', 'created_at', 'deleted_at', 'sku', 'is_master')
        # Shallow Clone of the default price to populate the price field.
--- a/app/controllers/spree/orders_controller.rb
+++ b/app/controllers/spree/orders_controller.rb
@@ -86,6 +86,7 @@ module Spree
        if @order.complete?
          @order.update_shipping_fees!
          @order.update_payment_fees!
+          @order.create_tax_charge!
        end

        respond_with(@order) do |format|
@@ -103,7 +104,7 @@ module Spree
      else
        # Show order with original values, not newly entered ones
        @insufficient_stock_lines = @order.insufficient_stock_lines
-        @order.line_items(true)
+        @order.line_items.reload
        respond_with(@order)
      end
    end
--- a/app/helpers/admin/orders_helper.rb
+++ b/app/helpers/admin/orders_helper.rb
@@ -5,9 +5,7 @@ module Admin
    # We exclude shipping method adjustments because they are displayed in a
    # separate table together with the order line items.
    def order_adjustments_for_display(order)
-      order.all_adjustments.enterprise_fee +
-        order.all_adjustments.payment_fee.eligible +
-        order.adjustments.admin
+      order.adjustments + order.all_adjustments.payment_fee.eligible
    end
  end
 end
--- a/app/helpers/checkout_helper.rb
+++ b/app/helpers/checkout_helper.rb
@@ -12,10 +12,10 @@ module CheckoutHelper
    adjustments.reject! { |a| a.originator_type == 'Spree::TaxRate' && a.amount == 0 }
    adjustments.reject! { |a| a.originator_type == 'Spree::ShippingMethod' } if exclude.include? :shipping
    adjustments.reject! { |a| a.originator_type == 'Spree::PaymentMethod' } if exclude.include? :payment
-    adjustments.reject! { |a| a.source_type == 'Spree::LineItem' } if exclude.include? :line_item
+    adjustments.reject! { |a| a.adjustable_type == 'Spree::LineItem' } if exclude.include? :line_item

-    enterprise_fee_adjustments = adjustments.select { |a| a.originator_type == 'EnterpriseFee' && a.source_type != 'Spree::LineItem' }
-    adjustments.reject! { |a| a.originator_type == 'EnterpriseFee' && a.source_type != 'Spree::LineItem' }
+    enterprise_fee_adjustments = adjustments.select { |a| a.originator_type == 'EnterpriseFee' && a.adjustable_type != 'Spree::LineItem' }
+    adjustments.reject! { |a| a.originator_type == 'EnterpriseFee' && a.adjustable_type != 'Spree::LineItem' }
    unless exclude.include? :admin_and_handling
      adjustments << Spree::Adjustment.new(
        label: I18n.t(:orders_form_admin), amount: enterprise_fee_adjustments.sum(&:amount)
--- a/app/helpers/order_helper.rb
+++ b/app/helpers/order_helper.rb
@@ -6,6 +6,6 @@ module OrderHelper
  end

  def outstanding_balance_label(order)
-    order.outstanding_balance.negative? ? t(:credit_owed) : t(:balance_due)
+    order.outstanding_balance.label
  end
 end
--- a/app/helpers/shop_helper.rb
+++ b/app/helpers/shop_helper.rb
@@ -1,13 +1,4 @@
 module ShopHelper
-  def order_cycles_name_and_pickup_times(order_cycles)
-    order_cycles.map do |oc|
-      [
-        pickup_time(oc),
-        oc.id
-      ]
-    end
-  end
-
  def oc_select_options
    @order_cycles.map { |oc| { time: pickup_time(oc), id: oc.id } }
  end
@@ -29,9 +20,9 @@ module ShopHelper
      { name: 'home', title: t(:shopping_tabs_home), show: show_home_tab? },
      { name: 'shop', title: t(:shopping_tabs_shop), show: !require_customer? },
      { name: 'about', title: t(:shopping_tabs_about), show: true },
-      { name: 'producers', title: t(:label_producers), show: true },
+      { name: 'producers', title: t(:shopping_tabs_producers), show: true },
      { name: 'contact', title: t(:shopping_tabs_contact), show: true },
-      { name: 'groups', title: t(:label_groups), show: current_distributor.groups.any? },
+      { name: 'groups', title: t(:shopping_tabs_groups), show: current_distributor.groups.any? },
    ].select{ |tab| tab[:show] }
  end

--- a/app/helpers/spree/admin/orders_helper.rb
+++ b/app/helpers/spree/admin/orders_helper.rb
@@ -50,13 +50,13 @@ module Spree

      def edit_order_link
        { name: t(:edit_order),
-          url: edit_admin_order_path(@order),
+          url: spree.edit_admin_order_path(@order),
          icon: 'icon-edit' }
      end

      def resend_confirmation_link
        { name: t(:resend_confirmation),
-          url: resend_admin_order_path(@order),
+          url: spree.resend_admin_order_path(@order),
          icon: 'icon-email',
          method: 'post',
          confirm: t(:confirm_resend_order_confirmation) }
@@ -78,7 +78,7 @@ module Spree

      def print_invoice_link
        { name: t(:print_invoice),
-          url: print_admin_order_path(@order),
+          url: spree.print_admin_order_path(@order),
          icon: 'icon-print',
          target: "_blank" }
      end
@@ -99,7 +99,7 @@ module Spree

      def ship_order_link
        { name: t(:ship_order),
-          url: fire_admin_order_path(@order, e: 'ship'),
+          url: spree.fire_admin_order_path(@order, e: 'ship'),
          method: 'put',
          icon: 'icon-truck',
          confirm: t(:are_you_sure) }
@@ -107,7 +107,7 @@ module Spree

      def cancel_order_link
        { name: t(:cancel_order),
-          url: fire_admin_order_path(@order.number, e: 'cancel'),
+          url: spree.fire_admin_order_path(@order.number, e: 'cancel'),
          icon: 'icon-trash',
          confirm: t(:are_you_sure) }
      end
@@ -120,6 +120,14 @@ module Spree
                       method: :put, icon: "icon-#{event}",
                       data: { confirm: confirm_message })
      end
+
+      def quantity_field_tag(manifest_item)
+        html_options = { min: 0, class: "line_item_quantity", size: 5 }
+        unless manifest_item.variant.on_demand
+          html_options.merge!(max: manifest_item.variant.on_hand + manifest_item.quantity)
+        end
+        number_field_tag :quantity, manifest_item.quantity, html_options
+      end
    end
  end
 end
--- a/app/helpers/spree/api/api_helpers.rb
+++ b/app/helpers/spree/api/api_helpers.rb
@@ -1,120 +0,0 @@
-module Spree
-  module Api
-    module ApiHelpers
-      def required_fields_for(model)
-        required_fields = model._validators.select do |_field, validations|
-          validations.any? { |v| v.is_a?(ActiveModel::Validations::PresenceValidator) }
-        end.map(&:first) # get fields that are invalid
-        # Permalinks presence is validated, but are really automatically generated
-        # Therefore we shouldn't tell API clients that they MUST send one through
-        required_fields.map!(&:to_s).delete("permalink")
-        required_fields
-      end
-
-      def product_attributes
-        [:id, :name, :description, :price, :available_on, :permalink, :meta_description,
-         :meta_keywords, :shipping_category_id, :taxon_ids]
-      end
-
-      def product_property_attributes
-        [:id, :product_id, :property_id, :value, :property_name]
-      end
-
-      def variant_attributes
-        [:id, :name, :sku, :price, :weight, :height, :width, :depth,
-         :is_master, :permalink]
-      end
-
-      def image_attributes
-        [:id, :position, :attachment_content_type, :attachment_file_name,
-         :type, :attachment_updated_at, :attachment_width, :attachment_height, :alt]
-      end
-
-      def option_value_attributes
-        [:id, :name, :presentation, :option_type_name, :option_type_id]
-      end
-
-      def order_attributes
-        [:id, :number, :item_total, :total, :state, :adjustment_total, :user_id,
-         :created_at, :updated_at, :completed_at, :payment_total,
-         :shipment_state, :payment_state, :email, :special_instructions, :token]
-      end
-
-      def line_item_attributes
-        [:id, :quantity, :price, :variant_id]
-      end
-
-      def option_type_attributes
-        [:id, :name, :presentation, :position]
-      end
-
-      def payment_attributes
-        [:id, :source_type, :source_id, :amount, :payment_method_id,
-         :response_code, :state, :avs_response, :created_at, :updated_at]
-      end
-
-      def payment_method_attributes
-        [:id, :name, :description]
-      end
-
-      def shipment_attributes
-        [:id, :tracking, :number, :cost, :shipped_at, :state]
-      end
-
-      def taxonomy_attributes
-        [:id, :name]
-      end
-
-      def taxon_attributes
-        [:id, :name, :pretty_name, :permalink, :position, :parent_id, :taxonomy_id]
-      end
-
-      def inventory_unit_attributes
-        [:id, :lock_version, :state, :variant_id, :shipment_id, :return_authorization_id]
-      end
-
-      def return_authorization_attributes
-        [:id, :number, :state, :amount, :order_id, :reason, :created_at, :updated_at]
-      end
-
-      def country_attributes
-        [:id, :iso_name, :iso, :iso3, :name, :numcode]
-      end
-
-      def state_attributes
-        [:id, :name, :abbr, :country_id]
-      end
-
-      def adjustment_attributes
-        [:id, :source_type, :source_id, :adjustable_type, :adjustable_id, :originator_type,
-         :originator_id, :amount, :label, :mandatory, :locked, :eligible, :created_at, :updated_at]
-      end
-
-      def creditcard_attributes
-        [:id, :month, :year, :cc_type, :last_digits, :first_name, :last_name,
-         :gateway_customer_profile_id, :gateway_payment_profile_id]
-      end
-
-      def user_attributes
-        [:id, :email, :created_at, :updated_at]
-      end
-
-      def property_attributes
-        [:id, :name, :presentation]
-      end
-
-      def stock_location_attributes
-        [:id, :name, :address1, :address2, :city,
-         :state_id, :state_name, :country_id, :zipcode, :phone, :active]
-      end
-
-      def stock_movement_attributes
-        [:id, :quantity, :stock_item_id]
-      end
-
-      def stock_item_attributes
-        [:id, :count_on_hand, :backorderable, :lock_version, :stock_location_id, :variant_id]
-      end
-    end
-  end
-end
--- a/app/jobs/subscription_placement_job.rb
+++ b/app/jobs/subscription_placement_job.rb
@@ -3,7 +3,6 @@ require 'order_management/subscriptions/summarizer'
 class SubscriptionPlacementJob < ActiveJob::Base
  def perform
    ids = proxy_orders.pluck(:id)
-    proxy_orders.update_all(placed_at: Time.zone.now)
    ProxyOrder.where(id: ids).each do |proxy_order|
      place_order_for(proxy_order)
    end
@@ -13,8 +12,8 @@ class SubscriptionPlacementJob < ActiveJob::Base

  private

-  delegate :record_order, :record_success, :record_issue, to: :summarizer
-  delegate :record_and_log_error, :send_placement_summary_emails, to: :summarizer
+  delegate :record_success, :record_issue, :record_subscription_issue, to: :summarizer
+  delegate :record_order, :record_and_log_error, :send_placement_summary_emails, to: :summarizer

  def summarizer
    @summarizer ||= OrderManagement::Subscriptions::Summarizer.new
@@ -30,11 +29,15 @@ class SubscriptionPlacementJob < ActiveJob::Base
  def place_order_for(proxy_order)
    JobLogger.logger.info("Placing Order for Proxy Order #{proxy_order.id}")
    initialise_order(proxy_order)
+    return unless proxy_order.order.present?
+
+    proxy_order.update_column(:placed_at, Time.zone.now)
    place_order(proxy_order.order)
  end

  def initialise_order(proxy_order)
    proxy_order.initialise_order!
+    record_subscription_issue(proxy_order.subscription) if proxy_order.order.nil?
  rescue StandardError => e
    Bugsnag.notify(e, subscription: proxy_order.subscription, proxy_order: proxy_order)
  end
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .4.4
 .5.8