Bump nokogiri to 1.13.2

Backoffice order, using stripe payment: when card requires auth, send authorization email to guest user

.env

@@ -53,8 +53,8 @@ SMTP_PASSWORD="f00d"
 # see="https://developers.google.com/maps/documentation/javascript/get-api-key
 # GOOGLE_MAPS_API_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 
-# Stripe Connect details for instance account
-# Find these under 'API keys' and 'Connect' in your Stripe account dashboard -> Account Settings
+# Stripe details for instance account
+# Find these under 'Developers' -> 'API keys' in your Stripe account dashboard.
 # Under 'Connect', the Redirect URI should be set to https://YOUR_SERVER_URL/stripe/callbacks (e.g. https://openfoodnetwork.org.uk/stripe/callbacks)
 # Under 'Webhooks', you should set up a Connect endpoint pointing to https://YOUR_SERVER_URL/stripe/webhooks e.g. (https://openfoodnetwork.org.uk/stripe/webhooks)
 # STRIPE_INSTANCE_SECRET_KEY="sk_test_xxxxxx" # This can be a test key or a live key

.env.development

@@ -5,3 +5,5 @@ SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 
 OFN_REDIS_URL="redis://localhost:6379/1"
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"
+
+SITE_URL="0.0.0.0:3000"

.env.test

@@ -2,3 +2,5 @@
 # Override locally with `.env.test.local`
 
 SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+
+SITE_URL="test.host"

.foreman

@@ -0,0 +1 @@
+env: ""

.github/ISSUE_TEMPLATE/release.md

@@ -28,7 +28,7 @@ assignees: ''
   <pre>
   git checkout master # same version as the release draft
   git fetch upstream
-  git diff upstream master -- config/locales/en.yml
+  git diff upstream/master -- config/locales/en.yml
   tx pull --force # if no changes or only additions in the locale
   git checkout --detach # if we need to commit new translations
   git commit -a -m "Update translations"
@@ -43,7 +43,6 @@ assignees: ''
   <pre>
   cd ofn-install
   git pull
-  (cd ../ofn-secrets && git pull)
   ansible-playbook --limit all-prod --extra-vars "git_version=vx.y.z" playbooks/deploy.yml
   </pre>
   </details>

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,32 +1,39 @@
 #### What? Why?
 
-Closes #[the issue number this PR is related to]
+Closes # <!-- Insert issue number here. -->
 
 <!-- Explain why this change is needed and the solution you propose.
-Provide context for others to understand it. -->
+     Provide context for others to understand it. -->
 
 
 
 #### What should we test?
-<!-- List which features should be tested and how. -->
-
+<!-- List which features should be tested and how.
+     This can be similar to the Steps to Reproduce in the issue.
+     Also think of other parts of the app which could be affected
+     by your change. -->
 
+- Visit ... page.
+- 
 
 #### Release notes
-<!-- Write a one liner description of the change to be included in the release notes.
-Every PR is worth mentioning, because you did it for a reason. -->
 
 <!-- Please select one for your PR and delete the other. -->
+
 Changelog Category: User facing changes | Technical changes
 
+<!-- Choose a pull request title above which explains your change to a
+     a user of the Open Food Network app. -->
+
+The title of the pull request will be included in the release notes.
 
 
 #### Dependencies
 <!-- Does this PR depend on another one?
-Add the link or remove this section. -->
+     Add the link or remove this section. -->
 
 
 
 #### Documentation updates
 <!-- Are there any wiki pages that need updating after merging this PR?
-List them here or remove this section. -->
+     List them here or remove this section. -->

.github/dependabot.yml

@@ -6,8 +6,10 @@ updates:
     schedule:
       interval: "daily"
     open-pull-requests-limit: 10
+    versioning-strategy: lockfile-only
 
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
       interval: "daily"
+    versioning-strategy: lockfile-only

.github/workflows/build.yml

@@ -34,7 +34,6 @@ jobs:
           - "spec/controllers"
           - "spec/models"
           - "spec/features/admin/[a-o0-9]*_spec.rb"
-          - "spec/features/consumer"
           - "spec/lib"
           - "spec/migrations"
           - "spec/serializers"

.github/workflows/linters.yml

@@ -11,6 +11,8 @@ jobs:
       - name: rubocop
         uses: reviewdog/action-rubocop@v2
         with:
+          rubocop_version: gemfile
+          rubocop_extensions: rubocop-rails:gemfile
           reporter: github-pr-check
           level: error
           fail_on_error: true

.rubocop_styleguide.yml

@@ -19,6 +19,15 @@ AllCops:
 #
 # Cop settings that have been agreed upon by the OFN community
 
+Rails/SkipsModelValidations:
+  AllowedMethods:
+    - "touch"
+    - "touch_all"
+    - "update_all"
+    - "update_attribute"
+    - "update_column"
+    - "update_columns"
+
 Style/Documentation:
   Enabled: false
 
@@ -193,7 +202,8 @@ Metrics/BlockLength:
     "namespace",
     "resource",
     "resources",
-    "scenario"
+    "scenario",
+    "shared_examples",
   ]
 
 Metrics/BlockNesting:

.rubocop_todo.yml

@@ -1,11 +1,19 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400`
-# on 2021-12-09 22:28:37 UTC using RuboCop version 1.22.2.
+# on 2022-02-07 05:53:22 UTC using RuboCop version 1.22.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: TreatCommentsAsGroupSeparators, ConsiderPunctuation, Include.
+# Include: **/*.gemfile, **/Gemfile, **/gems.rb
+Bundler/OrderedGems:
+  Exclude:
+    - 'Gemfile'
+
 # Offense count: 4
 # Configuration parameters: Include.
 # Include: **/*.gemspec
@@ -45,7 +53,7 @@ Layout/LeadingCommentSpace:
   Exclude:
     - 'spec/system/admin/enterprises_spec.rb'
 
-# Offense count: 814
+# Offense count: 815
 # Cop supports --auto-correct.
 # Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
 # URISchemes: http, https
@@ -59,11 +67,13 @@ Layout/LineLength:
     - 'app/controllers/admin/schedules_controller.rb'
     - 'app/controllers/admin/subscriptions_controller.rb'
     - 'app/controllers/api/v0/order_cycles_controller.rb'
-    - 'app/controllers/checkout_controller.rb'
+    - 'app/controllers/payment_gateways/paypal_controller.rb'
     - 'app/controllers/spree/admin/reports_controller.rb'
-    - 'app/controllers/spree/paypal_controller.rb'
+    - 'app/controllers/spree/users_controller.rb'
+    - 'app/controllers/user_confirmations_controller.rb'
     - 'app/helpers/angular_form_builder.rb'
     - 'app/helpers/angular_form_helper.rb'
+    - 'app/helpers/checkout_helper.rb'
     - 'app/helpers/enterprises_helper.rb'
     - 'app/helpers/order_cycles_helper.rb'
     - 'app/helpers/spree/orders_helper.rb'
@@ -101,7 +111,6 @@ Layout/LineLength:
     - 'app/services/variant_units/variant_and_line_item_naming.rb'
     - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
     - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'
-    - 'engines/order_management/spec/services/order_management/order/stripe_sca_payment_authorize_spec.rb'
     - 'engines/order_management/spec/services/order_management/order/updater_spec.rb'
     - 'engines/web/app/helpers/web/cookies_policy_helper.rb'
     - 'engines/web/spec/features/consumer/cookies_spec.rb'
@@ -147,6 +156,7 @@ Layout/LineLength:
     - 'spec/controllers/checkout_controller_spec.rb'
     - 'spec/controllers/enterprises_controller_spec.rb'
     - 'spec/controllers/line_items_controller_spec.rb'
+    - 'spec/controllers/registration_controller_spec.rb'
     - 'spec/controllers/shops_controller_spec.rb'
     - 'spec/controllers/spree/admin/orders/customer_details_controller_spec.rb'
     - 'spec/controllers/spree/admin/orders/invoices_spec.rb'
@@ -159,9 +169,8 @@ Layout/LineLength:
     - 'spec/controllers/stripe/callbacks_controller_spec.rb'
     - 'spec/controllers/stripe/webhooks_controller_spec.rb'
     - 'spec/controllers/user_confirmations_controller_spec.rb'
+    - 'spec/factories/order_factory.rb'
     - 'spec/factories/stock_location_factory.rb'
-    - 'spec/features/consumer/multilingual_spec.rb'
-    - 'spec/features/consumer/shops_spec.rb'
     - 'spec/helpers/enterprises_helper_spec.rb'
     - 'spec/helpers/injection_helper_spec.rb'
     - 'spec/helpers/order_cycles_helper_spec.rb'
@@ -199,7 +208,6 @@ Layout/LineLength:
     - 'spec/models/spree/address_spec.rb'
     - 'spec/models/spree/adjustment_spec.rb'
     - 'spec/models/spree/classification_spec.rb'
-    - 'spec/models/spree/gateway/stripe_connect_spec.rb'
     - 'spec/models/spree/inventory_unit_spec.rb'
     - 'spec/models/spree/line_item_spec.rb'
     - 'spec/models/spree/order/checkout_spec.rb'
@@ -220,7 +228,7 @@ Layout/LineLength:
     - 'spec/models/variant_override_spec.rb'
     - 'spec/requests/api/orders_spec.rb'
     - 'spec/requests/checkout/failed_checkout_spec.rb'
-    - 'spec/requests/embedded_shopfronts_headers_spec.rb'
+    - 'spec/routing/stripe_spec.rb'
     - 'spec/serializers/api/admin/exchange_serializer_spec.rb'
     - 'spec/serializers/api/admin/order_cycle_serializer_spec.rb'
     - 'spec/services/address_geocoder_spec.rb'
@@ -281,7 +289,6 @@ Layout/LineLength:
     - 'spec/system/consumer/shopping/checkout_auth_spec.rb'
     - 'spec/system/consumer/shopping/checkout_spec.rb'
     - 'spec/system/consumer/shopping/checkout_stripe_spec.rb'
-    - 'spec/system/consumer/shopping/embedded_shopfronts_spec.rb'
     - 'spec/system/consumer/shopping/products_spec.rb'
     - 'spec/system/consumer/shopping/shopping_spec.rb'
     - 'spec/system/consumer/shopping/unit_price_spec.rb'
@@ -304,7 +311,7 @@ Layout/MultilineMethodCallBraceLayout:
   Exclude:
     - 'lib/reporting/queries/joins.rb'
 
-# Offense count: 15
+# Offense count: 17
 # Cop supports --auto-correct.
 # Configuration parameters: AllowInHeredoc.
 Layout/TrailingWhitespace:
@@ -339,6 +346,11 @@ Lint/DuplicateMethods:
   Exclude:
     - 'lib/discourse/single_sign_on.rb'
 
+# Offense count: 1
+Lint/DuplicateRequire:
+  Exclude:
+    - 'spec/lib/open_food_network/scope_variants_to_search_spec.rb'
+
 # Offense count: 1
 # Configuration parameters: AllowComments.
 Lint/EmptyFile:
@@ -393,7 +405,7 @@ Lint/UselessMethodDefinition:
     - 'app/controllers/spree/user_registrations_controller.rb'
     - 'app/models/spree/gateway.rb'
 
-# Offense count: 262
+# Offense count: 261
 # Configuration parameters: IgnoredMethods, CountRepeatedAttributes, Max.
 Metrics/AbcSize:
   Exclude:
@@ -415,8 +427,11 @@ Metrics/AbcSize:
     - 'app/controllers/api/v0/taxons_controller.rb'
     - 'app/controllers/api/v0/variants_controller.rb'
     - 'app/controllers/checkout_controller.rb'
+    - 'app/controllers/concerns/order_completion.rb'
     - 'app/controllers/discourse_sso_controller.rb'
     - 'app/controllers/enterprises_controller.rb'
+    - 'app/controllers/payment_gateways/paypal_controller.rb'
+    - 'app/controllers/payment_gateways/stripe_controller.rb'
     - 'app/controllers/split_checkout_controller.rb'
     - 'app/controllers/spree/admin/adjustments_controller.rb'
     - 'app/controllers/spree/admin/general_settings_controller.rb'
@@ -436,8 +451,6 @@ Metrics/AbcSize:
     - 'app/controllers/spree/admin/variants_controller.rb'
     - 'app/controllers/spree/credit_cards_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
-    - 'app/controllers/spree/paypal_controller.rb'
-    - 'app/controllers/spree/user_passwords_controller.rb'
     - 'app/controllers/spree/user_sessions_controller.rb'
     - 'app/controllers/spree/users_controller.rb'
     - 'app/controllers/stripe/callbacks_controller.rb'
@@ -565,7 +578,7 @@ Metrics/AbcSize:
     - 'spec/system/consumer/shopping/shopping_spec.rb'
     - 'spec/system/consumer/shopping/variant_overrides_spec.rb'
 
-# Offense count: 48
+# Offense count: 46
 # Configuration parameters: CountComments, Max, CountAsOne, ExcludedMethods, IgnoredMethods.
 # IgnoredMethods: refine
 Metrics/BlockLength:
@@ -583,7 +596,6 @@ Metrics/BlockLength:
     - 'spec/factories/line_item_factory.rb'
     - 'spec/factories/order_cycle_factory.rb'
     - 'spec/factories/order_factory.rb'
-    - 'spec/factories/payment_method_factory.rb'
     - 'spec/factories/product_factory.rb'
     - 'spec/factories/shipment_factory.rb'
     - 'spec/factories/shipping_method_factory.rb'
@@ -599,7 +611,6 @@ Metrics/BlockLength:
     - 'spec/swagger_helper.rb'
     - 'spec/system/admin/order_cycles/complex_updating_specific_time_spec.rb'
     - 'spec/system/consumer/shopping/checkout_spec.rb'
-    - 'spec/system/consumer/shopping/embedded_shopfronts_spec.rb'
 
 # Offense count: 1
 # Configuration parameters: CountBlocks, Max.
@@ -620,6 +631,7 @@ Metrics/ClassLength:
     - 'app/controllers/api/v0/products_controller.rb'
     - 'app/controllers/application_controller.rb'
     - 'app/controllers/checkout_controller.rb'
+    - 'app/controllers/payment_gateways/paypal_controller.rb'
     - 'app/controllers/spree/admin/orders_controller.rb'
     - 'app/controllers/spree/admin/payment_methods_controller.rb'
     - 'app/controllers/spree/admin/payments_controller.rb'
@@ -627,7 +639,6 @@ Metrics/ClassLength:
     - 'app/controllers/spree/admin/reports_controller.rb'
     - 'app/controllers/spree/admin/users_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
-    - 'app/controllers/spree/paypal_controller.rb'
     - 'app/models/enterprise.rb'
     - 'app/models/order_cycle.rb'
     - 'app/models/product_import/entry_processor.rb'
@@ -661,7 +672,7 @@ Metrics/ClassLength:
     - 'lib/open_food_network/users_and_enterprises_report.rb'
     - 'lib/open_food_network/xero_invoices_report.rb'
 
-# Offense count: 72
+# Offense count: 71
 # Configuration parameters: IgnoredMethods, Max.
 Metrics/CyclomaticComplexity:
   Exclude:
@@ -724,7 +735,7 @@ Metrics/CyclomaticComplexity:
     - 'spec/models/product_importer_spec.rb'
     - 'spec/support/i18n_translations_checker.rb'
 
-# Offense count: 254
+# Offense count: 258
 # Configuration parameters: CountComments, Max, CountAsOne, ExcludedMethods, IgnoredMethods.
 Metrics/MethodLength:
   Exclude:
@@ -744,6 +755,9 @@ Metrics/MethodLength:
     - 'app/controllers/api/v0/shipments_controller.rb'
     - 'app/controllers/api/v0/taxons_controller.rb'
     - 'app/controllers/api/v0/variants_controller.rb'
+    - 'app/controllers/checkout_controller.rb'
+    - 'app/controllers/concerns/order_completion.rb'
+    - 'app/controllers/payment_gateways/paypal_controller.rb'
     - 'app/controllers/shop_controller.rb'
     - 'app/controllers/split_checkout_controller.rb'
     - 'app/controllers/spree/admin/orders/customer_details_controller.rb'
@@ -758,8 +772,8 @@ Metrics/MethodLength:
     - 'app/controllers/spree/admin/variants_controller.rb'
     - 'app/controllers/spree/credit_cards_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
-    - 'app/controllers/spree/paypal_controller.rb'
     - 'app/controllers/spree/user_sessions_controller.rb'
+    - 'app/controllers/spree/users_controller.rb'
     - 'app/controllers/stripe/callbacks_controller.rb'
     - 'app/controllers/user_confirmations_controller.rb'
     - 'app/controllers/user_passwords_controller.rb'
@@ -862,7 +876,7 @@ Metrics/MethodLength:
     - 'spec/system/admin/reports_spec.rb'
     - 'spec/system/consumer/shopping/variant_overrides_spec.rb'
 
-# Offense count: 19
+# Offense count: 20
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ModuleLength:
   Exclude:
@@ -878,6 +892,7 @@ Metrics/ModuleLength:
     - 'engines/order_management/spec/services/order_management/subscriptions/validator_spec.rb'
     - 'lib/open_food_network/column_preference_defaults.rb'
     - 'spec/controllers/admin/order_cycles_controller_spec.rb'
+    - 'spec/controllers/api/v0/orders_controller_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_permissions_spec.rb'
     - 'spec/models/spree/adjustment_spec.rb'
@@ -896,14 +911,13 @@ Metrics/ParameterLists:
     - 'spec/support/controller_requests_helper.rb'
     - 'spec/system/admin/reports_spec.rb'
 
-# Offense count: 46
+# Offense count: 45
 # Configuration parameters: IgnoredMethods, Max.
 Metrics/PerceivedComplexity:
   Exclude:
     - 'app/controllers/admin/enterprises_controller.rb'
     - 'app/controllers/api/v0/variants_controller.rb'
     - 'app/controllers/spree/admin/orders_controller.rb'
-    - 'app/controllers/spree/admin/payment_methods_controller.rb'
     - 'app/controllers/spree/admin/payments_controller.rb'
     - 'app/controllers/spree/admin/taxons_controller.rb'
     - 'app/controllers/spree/admin/users_controller.rb'
@@ -1005,12 +1019,13 @@ Rails/ApplicationController:
   Exclude:
     - 'engines/dfc_provider/app/controllers/dfc_provider/api/base_controller.rb'
 
-# Offense count: 5
+# Offense count: 6
 # Cop supports --auto-correct.
 Rails/ApplicationJob:
   Exclude:
     - 'app/jobs/bulk_invoice_job.rb'
     - 'app/jobs/heartbeat_job.rb'
+    - 'app/jobs/order_cycle_closing_job.rb'
     - 'app/jobs/order_cycle_notification_job.rb'
     - 'app/jobs/subscription_confirm_job.rb'
     - 'app/jobs/subscription_placement_job.rb'
@@ -1044,22 +1059,15 @@ Rails/Date:
   Exclude:
     - 'spec/system/flatpickr_spec.rb'
 
-# Offense count: 15
+# Offense count: 4
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: slashes, arguments
 Rails/FilePath:
   Exclude:
     - 'app/models/product_import/product_importer.rb'
     - 'lib/tasks/karma.rake'
-    - 'spec/controllers/api/v0/logos_controller_spec.rb'
-    - 'spec/controllers/api/v0/product_images_controller_spec.rb'
-    - 'spec/controllers/api/v0/promo_images_controller_spec.rb'
-    - 'spec/controllers/api/v0/terms_and_conditions_controller_spec.rb'
-    - 'spec/factories/product_factory.rb'
     - 'spec/models/content_configuration_spec.rb'
-    - 'spec/serializers/api/admin/enterprise_serializer_spec.rb'
     - 'spec/support/downloads_helper.rb'
-    - 'spec/system/admin/enterprises/images_spec.rb'
 
 # Offense count: 11
 # Configuration parameters: Include.
@@ -1120,7 +1128,7 @@ Rails/HelperInstanceVariable:
     - 'app/helpers/spree/orders_helper.rb'
 
 # Offense count: 36
-# Configuration parameters: Include.
+# Configuration parameters: IgnoreScopes, Include.
 # Include: app/models/**/*.rb
 Rails/InverseOf:
   Exclude:
@@ -1144,7 +1152,7 @@ Rails/InverseOf:
     - 'app/models/spree/variant.rb'
     - 'app/models/subscription_line_item.rb'
 
-# Offense count: 39
+# Offense count: 38
 # Configuration parameters: Include.
 # Include: app/controllers/**/*.rb
 Rails/LexicallyScopedActionFilter:
@@ -1168,7 +1176,6 @@ Rails/LexicallyScopedActionFilter:
     - 'app/controllers/spree/admin/users_controller.rb'
     - 'app/controllers/spree/admin/zones_controller.rb'
     - 'app/controllers/spree/users_controller.rb'
-    - 'app/controllers/user_passwords_controller.rb'
 
 # Offense count: 18
 Rails/OutputSafety:
@@ -1189,125 +1196,17 @@ Rails/OutputSafety:
 
 # Offense count: 1
 # Cop supports --auto-correct.
-# Configuration parameters: AutoCorrect.
 Rails/RelativeDateConstant:
   Exclude:
     - 'lib/tasks/data/remove_transient_data.rb'
 
-# Offense count: 297
+# Offense count: 4
 # Configuration parameters: ForbiddenMethods, AllowedMethods.
 # ForbiddenMethods: decrement!, decrement_counter, increment!, increment_counter, insert, insert!, insert_all, insert_all!, toggle!, touch, touch_all, update_all, update_attribute, update_column, update_columns, update_counters, upsert, upsert_all
 Rails/SkipsModelValidations:
   Exclude:
-    - 'app/controllers/admin/resource_controller.rb'
-    - 'app/controllers/checkout_controller.rb'
-    - 'app/controllers/spree/admin/payment_methods_controller.rb'
-    - 'app/controllers/spree/admin/shipping_methods_controller.rb'
-    - 'app/controllers/spree/admin/taxons_controller.rb'
-    - 'app/controllers/spree/credit_cards_controller.rb'
-    - 'app/jobs/subscription_confirm_job.rb'
-    - 'app/models/concerns/line_item_stock_changes.rb'
-    - 'app/models/enterprise.rb'
-    - 'app/models/enterprise_relationship.rb'
-    - 'app/models/product_import/inventory_reset_strategy.rb'
-    - 'app/models/proxy_order.rb'
-    - 'app/models/spree/address.rb'
-    - 'app/models/spree/adjustment.rb'
-    - 'app/models/spree/credit_card.rb'
-    - 'app/models/spree/gateway/pay_pal_express.rb'
-    - 'app/models/spree/inventory_unit.rb'
-    - 'app/models/spree/item_adjustments.rb'
-    - 'app/models/spree/order.rb'
-    - 'app/models/spree/order/checkout.rb'
-    - 'app/models/spree/payment.rb'
-    - 'app/models/spree/product.rb'
-    - 'app/models/spree/shipment.rb'
-    - 'app/models/spree/shipping_method.rb'
-    - 'app/models/spree/tax_category.rb'
-    - 'app/models/spree/taxonomy.rb'
-    - 'app/models/spree/variant.rb'
-    - 'app/models/spree/zone.rb'
-    - 'app/models/subscription.rb'
     - 'app/models/variant_override.rb'
-    - 'app/services/order_factory.rb'
-    - 'app/services/place_proxy_order.rb'
-    - 'engines/order_management/app/services/order_management/order/updater.rb'
-    - 'engines/order_management/spec/services/order_management/reports/enterprise_fee_summary/report_service_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/stripe_payment_setup_spec.rb'
-    - 'lib/spree/core/controller_helpers/order.rb'
-    - 'lib/tasks/data/anonymize_data.rake'
-    - 'lib/tasks/sample_data/product_factory.rb'
-    - 'lib/tasks/users.rake'
-    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
-    - 'spec/controllers/admin/customers_controller_spec.rb'
-    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
-    - 'spec/controllers/admin/variant_overrides_controller_spec.rb'
-    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
-    - 'spec/controllers/api/v0/orders_controller_spec.rb'
-    - 'spec/controllers/api/v0/products_controller_spec.rb'
-    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
-    - 'spec/controllers/api/v0/variants_controller_spec.rb'
-    - 'spec/controllers/checkout_controller_spec.rb'
-    - 'spec/controllers/enterprises_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders/invoices_spec.rb'
-    - 'spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb'
-    - 'spec/controllers/spree/admin/overview_controller_spec.rb'
-    - 'spec/controllers/spree/admin/payment_methods_controller_spec.rb'
-    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
-    - 'spec/controllers/spree/orders_controller_spec.rb'
-    - 'spec/factories.rb'
-    - 'spec/factories/order_factory.rb'
-    - 'spec/factories/shipment_factory.rb'
-    - 'spec/helpers/enterprises_helper_spec.rb'
-    - 'spec/helpers/order_cycles_helper_spec.rb'
-    - 'spec/lib/open_food_network/address_finder_spec.rb'
-    - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
-    - 'spec/lib/open_food_network/orders_and_fulfillments_report_spec.rb'
-    - 'spec/lib/open_food_network/permissions_spec.rb'
-    - 'spec/lib/open_food_network/products_and_inventory_report_spec.rb'
-    - 'spec/lib/open_food_network/scope_variant_to_hub_spec.rb'
-    - 'spec/lib/reports/packing/packing_report_spec.rb'
-    - 'spec/lib/stripe/credit_card_cloner_spec.rb'
-    - 'spec/lib/tasks/data/remove_transient_data_spec.rb'
-    - 'spec/models/concerns/variant_stock_spec.rb'
-    - 'spec/models/enterprise_relationship_spec.rb'
-    - 'spec/models/exchange_spec.rb'
-    - 'spec/models/spree/adjustment_spec.rb'
-    - 'spec/models/spree/asset_spec.rb'
     - 'spec/models/spree/line_item_spec.rb'
-    - 'spec/models/spree/order/tax_spec.rb'
-    - 'spec/models/spree/order_inventory_spec.rb'
-    - 'spec/models/spree/order_spec.rb'
-    - 'spec/models/spree/tax_category_spec.rb'
-    - 'spec/models/spree/tax_rate_spec.rb'
-    - 'spec/models/spree/variant_spec.rb'
-    - 'spec/queries/customers_with_balance_spec.rb'
-    - 'spec/queries/outstanding_balance_spec.rb'
-    - 'spec/serializers/api/admin/subscription_line_item_serializer_spec.rb'
-    - 'spec/services/cache_service_spec.rb'
-    - 'spec/services/cap_quantity_spec.rb'
-    - 'spec/services/order_cart_reset_spec.rb'
-    - 'spec/services/order_checkout_restart_spec.rb'
-    - 'spec/services/order_cycle_distributed_products_spec.rb'
-    - 'spec/services/order_factory_spec.rb'
-    - 'spec/services/order_syncer_spec.rb'
-    - 'spec/services/process_payment_intent_spec.rb'
-    - 'spec/services/product_tag_rules_filterer_spec.rb'
-    - 'spec/services/products_renderer_spec.rb'
-    - 'spec/support/request/shop_workflow.rb'
-    - 'spec/system/admin/bulk_order_management_spec.rb'
-    - 'spec/system/admin/bulk_product_update_spec.rb'
-    - 'spec/system/admin/configuration/tax_rates_spec.rb'
-    - 'spec/system/admin/order_cycles/complex_editing_spec.rb'
-    - 'spec/system/admin/order_cycles/simple_spec.rb'
-    - 'spec/system/admin/order_spec.rb'
-    - 'spec/system/admin/payments_spec.rb'
-    - 'spec/system/consumer/caching/shops_caching_spec.rb'
-    - 'spec/system/consumer/shopping/checkout_spec.rb'
-    - 'spec/system/consumer/shopping/products_spec.rb'
-    - 'spec/system/consumer/shopping/shopping_spec.rb'
-    - 'spec/system/consumer/shopping/unit_price_spec.rb'
-    - 'spec/views/spree/shared/_order_details.html.haml_spec.rb'
 
 # Offense count: 5
 # Cop supports --auto-correct.
@@ -1332,12 +1231,11 @@ Rails/UniqueValidationWithoutIndex:
     - 'app/models/spree/tax_category.rb'
     - 'app/models/spree/zone.rb'
 
-# Offense count: 2
+# Offense count: 1
 # Configuration parameters: Environments.
 # Environments: development, test, production
 Rails/UnknownEnv:
   Exclude:
-    - 'app/controllers/spree/admin/payment_methods_controller.rb'
     - 'app/models/spree/app_configuration.rb'
 
 # Offense count: 1
@@ -1425,7 +1323,7 @@ Style/GlobalStdStream:
     - 'lib/tasks/subscriptions/debug.rake'
     - 'lib/tasks/subscriptions/test.rake'
 
-# Offense count: 41
+# Offense count: 39
 # Configuration parameters: MinBodyLength.
 Style/GuardClause:
   Exclude:
@@ -1576,6 +1474,7 @@ Style/Send:
     - 'engines/order_management/spec/services/order_management/reports/bulk_coop/bulk_coop_report_spec.rb'
     - 'spec/controllers/admin/subscriptions_controller_spec.rb'
     - 'spec/controllers/checkout_controller_spec.rb'
+    - 'spec/controllers/payment_gateways/paypal_controller_spec.rb'
     - 'spec/controllers/spree/admin/base_controller_spec.rb'
     - 'spec/controllers/spree/orders_controller_spec.rb'
     - 'spec/helpers/order_cycles_helper_spec.rb'
@@ -1595,7 +1494,6 @@ Style/Send:
     - 'spec/models/calculator/weight_spec.rb'
     - 'spec/models/enterprise_spec.rb'
     - 'spec/models/exchange_spec.rb'
-    - 'spec/models/spree/gateway/stripe_connect_spec.rb'
     - 'spec/models/spree/order_inventory_spec.rb'
     - 'spec/models/spree/order_spec.rb'
     - 'spec/models/spree/payment_spec.rb'
@@ -1626,7 +1524,7 @@ Style/SlicingWithRange:
     - 'lib/discourse/single_sign_on.rb'
     - 'spec/lib/open_food_network/order_grouper_spec.rb'
 
-# Offense count: 41
+# Offense count: 31
 # Cop supports --auto-correct.
 # Configuration parameters: Mode.
 Style/StringConcatenation:
@@ -1647,13 +1545,10 @@ Style/StringConcatenation:
     - 'lib/open_food_network/orders_and_fulfillments_report/customer_totals_report.rb'
     - 'lib/spree/api/controller_setup.rb'
     - 'lib/spree/core/environment_extension.rb'
-    - 'spec/controllers/user_confirmations_controller_spec.rb'
-    - 'spec/features/consumer/account_spec.rb'
     - 'spec/lib/open_food_network/order_grouper_spec.rb'
     - 'spec/models/spree/line_item_spec.rb'
     - 'spec/models/spree/product_spec.rb'
     - 'spec/models/spree/variant_spec.rb'
-    - 'spec/requests/embedded_shopfronts_headers_spec.rb'
     - 'spec/services/embedded_page_service_spec.rb'
     - 'spec/support/api_helper.rb'
     - 'spec/support/features/datepicker_helper.rb'

.ruby-version

@@ -1 +1 @@
-2.7.3
+3.0.3

GETTING_STARTED.md

@@ -60,7 +60,7 @@ If the script succeeds you're ready to start developing. If not, take a look at
 
 Now, your dreams of spinning up a development server can be realised:
 
-    bundle exec rails server
+    foreman start
 
 Go to [http://localhost:3000](http://localhost:3000) to play around!
 

Gemfile

@@ -1,19 +1,19 @@
 # frozen_string_literal: true
 
 source 'https://rubygems.org'
-ruby "2.7.3"
+ruby "3.0.3"
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 gem 'dotenv-rails', require: 'dotenv/rails-now' # Load ENV vars before other gems
 
-gem 'rails', '~> 6.1.4'
+gem 'rails', '>= 6.1.4'
 
 gem 'activemerchant', '>= 1.78.0'
+gem 'rexml'
 gem 'angular-rails-templates', '>= 0.3.0'
 gem 'awesome_nested_set'
 gem 'ransack', '2.4.2'
 gem 'responders'
-gem 'sass-rails', '< 5.1.0' # this restriction originates from the compass-rails's version
 gem 'webpacker', '~> 5'
 
 gem 'i18n'
@@ -38,13 +38,14 @@ gem "pg", "~> 1.2.3"
 
 gem 'acts_as_list', '1.0.4'
 gem 'cancancan', '~> 1.15.0'
+gem 'digest'
 gem 'ffaker'
 gem 'highline', '2.0.3' # Necessary for the install generator
 gem 'json'
 gem 'monetize', '~> 1.11'
 gem 'paranoia', '~> 2.4'
 gem 'state_machines-activerecord'
-gem 'stringex', '~> 2.8.5'
+gem 'stringex', '~> 2.8.5', require: false
 
 gem 'paypal-sdk-merchant', '1.117.2'
 gem 'stripe'
@@ -58,6 +59,9 @@ gem 'oauth2', '~> 1.4.7' # Used for Stripe Connect
 
 gem 'pagy', '~> 5.1'
 
+gem 'rswag-api'
+gem 'rswag-ui'
+
 gem 'angularjs-rails', '1.8.0'
 gem 'aws-sdk', '1.67.0'
 gem 'bugsnag'
@@ -73,7 +77,6 @@ gem 'acts-as-taggable-on', '~> 8.1'
 gem 'angularjs-file-upload-rails', '~> 2.4.1'
 gem 'bigdecimal', '3.0.2'
 gem 'bootsnap', require: false
-gem 'custom_error_message', github: 'jeremydurham/custom-err-msg'
 gem 'geocoder'
 gem 'gmaps4rails'
 gem 'mimemagic', '> 0.3.5'
@@ -89,14 +92,14 @@ gem 'redis', '>= 4.0', require: ['redis', 'redis/connection/hiredis']
 gem 'sidekiq'
 gem 'sidekiq-scheduler'
 
-gem "cable_ready", "5.0.0.pre2"
+gem "cable_ready", "5.0.0.pre3"
 
 gem 'combine_pdf'
 gem 'wicked_pdf'
 gem 'wkhtmltopdf-binary'
 
 gem 'immigrant'
-gem 'roo', '~> 2.8.3'
+gem 'roo', github: "roo-rb/roo" # master is currently needed for Ruby 3.x (awaiting new release)
 gem 'spreadsheet_architect'
 
 gem 'whenever', require: false
@@ -104,16 +107,12 @@ gem 'whenever', require: false
 gem 'test-unit', '~> 3.5'
 
 gem 'coffee-rails', '~> 5.0.0'
-gem 'compass-rails'
 
 gem 'mini_racer', '0.4.0'
 
 gem 'uglifier', '>= 1.0.3'
 
 gem 'angular_rails_csrf'
-gem 'foundation-icons-sass-rails'
-
-gem 'foundation-rails', '= 5.5.2.1'
 
 gem 'jquery-rails', '4.4.0'
 gem 'jquery-ui-rails', '~> 4.2'
@@ -149,7 +148,7 @@ group :test, :development do
   gem 'letter_opener', '>= 1.4.1'
   gem 'rspec-rails', ">= 3.5.2"
   gem 'rspec-retry'
-  gem 'rswag'
+  gem 'rswag-specs'
   gem 'selenium-webdriver'
   gem 'shoulda-matchers'
   gem 'timecop'

Gemfile.lock

@@ -1,9 +1,3 @@
-GIT
-  remote: https://github.com/jeremydurham/custom-err-msg.git
-  revision: 3a8ec9dddc7a5b0aab7c69a6060596de300c68f4
-  specs:
-    custom_error_message (1.1.1)
-
 GIT
   remote: https://github.com/openfoodfoundation/db2fog.git
   revision: 5b63343847452f52aa42f7fc169d6ab3af57cda3
@@ -30,6 +24,14 @@ GIT
       sass-rails
       thor (>= 0.14)
 
+GIT
+  remote: https://github.com/roo-rb/roo.git
+  revision: 709464c77623be2bc09b2103405d90ded7604a75
+  specs:
+    roo (2.8.3)
+      nokogiri (~> 1)
+      rubyzip (>= 1.3.0, < 3.0.0)
+
 PATH
   remote: engines/catalog
   specs:
@@ -57,63 +59,63 @@ GEM
   remote: https://rubygems.org/
   specs:
     Ascii85 (1.1.0)
-    actioncable (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actioncable (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      activejob (= 6.1.4.1)
-      activerecord (= 6.1.4.1)
-      activestorage (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionmailbox (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activestorage (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       mail (>= 2.7.1)
-    actionmailer (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      actionview (= 6.1.4.1)
-      activejob (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionmailer (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      actionview (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.4.1)
-      actionview (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionpack (6.1.4.4)
+      actionview (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
     actionpack-action_caching (1.2.2)
       actionpack (>= 4.0.0)
-    actiontext (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      activerecord (= 6.1.4.1)
-      activestorage (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actiontext (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activestorage (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       nokogiri (>= 1.8.5)
-    actionview (6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionview (6.1.4.4)
+      activesupport (= 6.1.4.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    activejob (6.1.4.1)
-      activesupport (= 6.1.4.1)
+    activejob (6.1.4.4)
+      activesupport (= 6.1.4.4)
       globalid (>= 0.3.6)
     activemerchant (1.123.0)
       activesupport (>= 4.2)
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
       nokogiri (~> 1.4)
-    activemodel (6.1.4.1)
-      activesupport (= 6.1.4.1)
-    activerecord (6.1.4.1)
-      activemodel (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
-    activerecord-import (1.2.0)
-      activerecord (>= 3.2)
+    activemodel (6.1.4.4)
+      activesupport (= 6.1.4.4)
+    activerecord (6.1.4.4)
+      activemodel (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
+    activerecord-import (1.3.0)
+      activerecord (>= 4.2)
     activerecord-postgresql-adapter (0.0.1)
       pg
     activerecord-session_store (2.0.0)
@@ -122,14 +124,14 @@ GEM
       multi_json (~> 1.11, >= 1.11.2)
       rack (>= 2.0.8, < 3)
       railties (>= 5.2.4.1)
-    activestorage (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      activejob (= 6.1.4.1)
-      activerecord (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    activestorage (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       marcel (~> 1.0.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.4.1)
+    activesupport (6.1.4.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -167,16 +169,16 @@ GEM
     bcrypt (3.1.16)
     bigdecimal (3.0.2)
     bindex (0.8.1)
-    bootsnap (1.9.1)
-      msgpack (~> 1.0)
-    bugsnag (6.24.0)
+    bootsnap (1.10.1)
+      msgpack (~> 1.2)
+    bugsnag (6.24.1)
       concurrent-ruby (~> 1.0)
     builder (3.2.4)
     bullet (6.1.5)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     byebug (11.1.3)
-    cable_ready (5.0.0.pre2)
+    cable_ready (5.0.0.pre3)
       rails (>= 5.2)
       thread-local (>= 1.1.0)
     cancancan (1.15.0)
@@ -196,7 +198,6 @@ GEM
       rubyzip (>= 1.3.0, < 3)
     childprocess (4.1.0)
     chronic (0.10.2)
-    chunky_png (1.4.0)
     climate_control (0.2.0)
     cliver (0.3.2)
     cocaine (0.5.8)
@@ -211,22 +212,6 @@ GEM
     coffee-script-source (1.12.2)
     combine_pdf (1.0.21)
       ruby-rc4 (>= 0.1.5)
-    compass (1.0.3)
-      chunky_png (~> 1.2)
-      compass-core (~> 1.0.2)
-      compass-import-once (~> 1.0.5)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-      sass (>= 3.3.13, < 3.5)
-    compass-core (1.0.3)
-      multi_json (~> 1.0)
-      sass (>= 3.3.0, < 3.5)
-    compass-import-once (1.0.5)
-      sass (>= 3.2, < 3.5)
-    compass-rails (4.0.0)
-      compass (~> 1.0.0)
-      sass-rails (< 5.1)
-      sprockets (< 4.0)
     concurrent-ruby (1.1.9)
     connection_pool (2.2.5)
     crack (0.4.5)
@@ -243,9 +228,10 @@ GEM
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
-    ddtrace (0.53.0)
-      ffi (~> 1.0)
+    ddtrace (0.54.1)
+      debase-ruby_core_source (= 0.10.12)
       msgpack
+    debase-ruby_core_source (0.10.12)
     debugger-linecache (1.2.0)
     devise (4.8.0)
       bcrypt (~> 3.0)
@@ -260,6 +246,7 @@ GEM
     devise-token_authenticatable (1.1.0)
       devise (>= 4.0.0, < 5.0.0)
     diff-lcs (1.4.4)
+    digest (3.1.0)
     docile (1.4.0)
     dotenv (2.7.6)
     dotenv-rails (2.7.6)
@@ -292,7 +279,7 @@ GEM
       concurrent-ruby (~> 1.1)
       websocket-driver (>= 0.6, < 0.8)
     ffaker (2.20.0)
-    ffi (1.15.4)
+    ffi (1.15.5)
     flipper (0.20.4)
     flipper-active_record (0.20.4)
       activerecord (>= 5.0, < 7)
@@ -319,12 +306,6 @@ GEM
       nokogiri (>= 1.5.11, < 2.0.0)
     foreman (0.87.2)
     formatador (0.2.5)
-    foundation-icons-sass-rails (3.0.0)
-      railties (>= 3.1.1)
-      sass-rails (>= 3.1.1)
-    foundation-rails (5.5.2.1)
-      railties (>= 3.1.0)
-      sass (>= 3.3.0, < 3.5)
     fugit (1.4.5)
       et-orbi (~> 1.1, >= 1.1.8)
       raabro (~> 1.4)
@@ -332,7 +313,7 @@ GEM
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     geocoder (1.7.0)
-    globalid (0.5.2)
+    globalid (1.0.0)
       activesupport (>= 5.0)
     gmaps4rails (2.1.2)
     good_migrations (0.1.0)
@@ -373,15 +354,15 @@ GEM
     letter_opener (1.7.0)
       launchy (~> 2.2)
     libv8-node (15.14.0.1)
-    listen (3.7.0)
+    listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.12.0)
+    loofah (2.13.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
-    marcel (1.0.1)
+    marcel (1.0.2)
     matrix (0.4.2)
     method_source (1.0.0)
     mime-types (3.3.1)
@@ -391,21 +372,21 @@ GEM
       nokogiri (~> 1)
       rake
     mini_mime (1.1.2)
-    mini_portile2 (2.6.1)
+    mini_portile2 (2.8.0)
     mini_racer (0.4.0)
       libv8-node (~> 15.14.0.0)
-    minitest (5.14.4)
-    monetize (1.11.0)
+    minitest (5.15.0)
+    monetize (1.12.0)
       money (~> 6.12)
-    money (6.14.1)
+    money (6.16.0)
       i18n (>= 0.6.4, <= 2)
     msgpack (1.4.2)
     multi_json (1.15.0)
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     nio4r (2.5.8)
-    nokogiri (1.12.5)
-      mini_portile2 (~> 2.6.1)
+    nokogiri (1.13.3)
+      mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     oauth2 (1.4.7)
       faraday (>= 0.8, < 2.0)
@@ -427,7 +408,7 @@ GEM
     parallel (1.21.0)
     paranoia (2.4.3)
       activerecord (>= 4.0, < 6.2)
-    parser (3.0.2.0)
+    parser (3.1.0.0)
       ast (~> 2.4.1)
     paypal-sdk-core (0.3.4)
       multi_json (~> 1.0)
@@ -449,7 +430,7 @@ GEM
       byebug (~> 11.0)
       pry (~> 0.13.0)
     public_suffix (4.0.6)
-    puma (5.5.2)
+    puma (5.6.2)
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.6.0)
@@ -466,20 +447,20 @@ GEM
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rack-timeout (0.6.0)
-    rails (6.1.4.1)
-      actioncable (= 6.1.4.1)
-      actionmailbox (= 6.1.4.1)
-      actionmailer (= 6.1.4.1)
-      actionpack (= 6.1.4.1)
-      actiontext (= 6.1.4.1)
-      actionview (= 6.1.4.1)
-      activejob (= 6.1.4.1)
-      activemodel (= 6.1.4.1)
-      activerecord (= 6.1.4.1)
-      activestorage (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    rails (6.1.4.4)
+      actioncable (= 6.1.4.4)
+      actionmailbox (= 6.1.4.4)
+      actionmailer (= 6.1.4.4)
+      actionpack (= 6.1.4.4)
+      actiontext (= 6.1.4.4)
+      actionview (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activemodel (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activestorage (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       bundler (>= 1.15.0)
-      railties (= 6.1.4.1)
+      railties (= 6.1.4.4)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
@@ -490,17 +471,17 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
-    rails-i18n (6.0.0)
+    rails-i18n (7.0.1)
       i18n (>= 0.7, < 2)
-      railties (>= 6.0.0, < 7)
+      railties (>= 6.0.0, < 8)
     rails_safe_tasks (1.0.0)
-    railties (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    railties (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       method_source
       rake (>= 0.13)
       thor (~> 1.0)
-    rainbow (3.0.0)
+    rainbow (3.1.1)
     rake (13.0.6)
     ransack (2.4.2)
       activerecord (>= 5.2.4)
@@ -511,7 +492,7 @@ GEM
       ffi (~> 1.0)
     redcarpet (3.5.1)
     redis (4.5.1)
-    regexp_parser (2.1.1)
+    regexp_parser (2.2.0)
     request_store (1.5.0)
       rack (>= 1.4)
     responders (3.0.1)
@@ -528,9 +509,6 @@ GEM
       builder (>= 3.0)
       dry-inflector (~> 0.1)
       rubyzip (>= 1.0)
-    roo (2.8.3)
-      nokogiri (~> 1)
-      rubyzip (>= 1.3.0, < 3.0.0)
     rspec (3.10.0)
       rspec-core (~> 3.10.0)
       rspec-expectations (~> 3.10.0)
@@ -554,10 +532,6 @@ GEM
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
     rspec-support (3.10.2)
-    rswag (2.4.0)
-      rswag-api (= 2.4.0)
-      rswag-specs (= 2.4.0)
-      rswag-ui (= 2.4.0)
     rswag-api (2.4.0)
       railties (>= 3.1, < 7.0)
     rswag-specs (2.4.0)
@@ -576,9 +550,9 @@ GEM
       rubocop-ast (>= 1.12.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.12.0)
+    rubocop-ast (1.15.1)
       parser (>= 3.0.1.1)
-    rubocop-rails (2.12.4)
+    rubocop-rails (2.13.2)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.7.0, < 2.0)
@@ -603,7 +577,7 @@ GEM
     semantic_range (3.0.0)
     shoulda-matchers (5.0.0)
       activesupport (>= 5.2.0)
-    sidekiq (6.2.2)
+    sidekiq (6.3.1)
       connection_pool (>= 2.2.2)
       rack (~> 2.0)
       redis (>= 4.2.0)
@@ -630,9 +604,9 @@ GEM
     sprockets (3.7.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.2)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
+    sprockets-rails (3.4.2)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
       sprockets (>= 3.0.0)
     state_machines (0.5.0)
     state_machines-activemodel (0.8.0)
@@ -642,12 +616,12 @@ GEM
       activerecord (>= 5.1)
       state_machines-activemodel (>= 0.8.0)
     stringex (2.8.5)
-    stripe (5.39.0)
+    stripe (5.42.0)
     temple (0.8.2)
     test-prof (1.0.7)
     test-unit (3.5.0)
       power_assert
-    thor (1.1.0)
+    thor (1.2.1)
     thread-local (1.1.0)
     thwait (0.2.0)
       e2mmap
@@ -699,7 +673,7 @@ GEM
     xml-simple (1.1.8)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.5.1)
+    zeitwerk (2.5.3)
 
 PLATFORMS
   ruby
@@ -726,15 +700,13 @@ DEPENDENCIES
   bugsnag
   bullet
   byebug
-  cable_ready (= 5.0.0.pre2)
+  cable_ready (= 5.0.0.pre3)
   cancancan (~> 1.15.0)
   capybara
   catalog!
   coffee-rails (~> 5.0.0)
   combine_pdf
-  compass-rails
   cuprite
-  custom_error_message!
   database_cleaner
   db2fog!
   ddtrace
@@ -744,6 +716,7 @@ DEPENDENCIES
   devise-i18n
   devise-token_authenticatable
   dfc_provider!
+  digest
   dotenv-rails
   factory_bot_rails (= 6.2.0)
   ffaker
@@ -752,8 +725,6 @@ DEPENDENCIES
   flipper-ui
   fog-aws (~> 2.0)
   foreman
-  foundation-icons-sass-rails
-  foundation-rails (= 5.5.2.1)
   fuubar (~> 2.5.1)
   geocoder
   gmaps4rails
@@ -792,7 +763,7 @@ DEPENDENCIES
   rack-rewrite
   rack-ssl
   rack-timeout
-  rails (~> 6.1.4)
+  rails (>= 6.1.4)
   rails-controller-testing
   rails-i18n
   rails_safe_tasks (~> 1.0)
@@ -800,14 +771,16 @@ DEPENDENCIES
   redcarpet
   redis (>= 4.0)
   responders
+  rexml
   roadie-rails
-  roo (~> 2.8.3)
+  roo!
   rspec-rails (>= 3.5.2)
   rspec-retry
-  rswag
+  rswag-api
+  rswag-specs
+  rswag-ui
   rubocop
   rubocop-rails
-  sass-rails (< 5.1.0)
   sd_notify
   select2-rails!
   selenium-webdriver
@@ -838,7 +811,7 @@ DEPENDENCIES
   wkhtmltopdf-binary
 
 RUBY VERSION
-   ruby 2.7.3p183
+   ruby 3.0.3p157
 
 BUNDLED WITH
    2.1.4

app/assets/javascripts/admin/all.js

@@ -47,7 +47,6 @@
 //= require equalize
 //= require css_browser_selector_dev
 //= require responsive-tables
-//= require admin/spree_paypal_express
 //= require admin/spree/handlebar_extensions
 
 // OFN specific

app/assets/javascripts/admin/bulk_product_update.js.coffee

@@ -144,7 +144,7 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
     $scope.variantIdCounter
 
   $scope.deleteProduct = (product) ->
-    if confirm("Are you sure?")
+    if confirm(t('are_you_sure'))
       $http(
         method: "DELETE"
         url: "/api/v0/products/" + product.id

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -128,29 +128,53 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     $scope.selectedUnitsProduct = unitsProduct
     $scope.selectedUnitsVariant = unitsVariant
 
+  $scope.getLineItemScale = (lineItem) ->
+    if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume") 
+      VariantUnitManager.getScale(lineItem.units_variant.unit_value, lineItem.units_product.variant_unit)
+    else
+      1
+
   $scope.sumUnitValues = ->
-    sum = $scope.filteredLineItems?.reduce (sum,lineItem) ->
-      sum + lineItem.final_weight_volume
+    sum = $scope.filteredLineItems?.reduce (sum, lineItem) ->
+      sum + $scope.roundToThreeDecimals(lineItem.final_weight_volume / $scope.getLineItemScale(lineItem))
     , 0
 
   $scope.sumMaxUnitValues = ->
     sum = $scope.filteredLineItems?.reduce (sum,lineItem) ->
-        sum + lineItem.max_quantity * lineItem.units_variant.unit_value
+      sum + lineItem.max_quantity * $scope.roundToThreeDecimals(lineItem.units_variant.unit_value / $scope.getLineItemScale(lineItem))
     , 0
 
+  $scope.roundToThreeDecimals = (value) ->
+    Math.round(value * 1000) / 1000
+
   $scope.allFinalWeightVolumesPresent = ->
     for i,lineItem of $scope.filteredLineItems
       return false if !lineItem.hasOwnProperty('final_weight_volume') || !(lineItem.final_weight_volume > 0)
     true
 
-  # How is this different to OptionValueNamer#name?
-  # Should it be extracted to that class or VariantUnitManager?
-  $scope.formattedValueWithUnitName = (value, unitsProduct, unitsVariant) ->
-    # A Units Variant is an API object which holds unit properies of a variant
-    if unitsProduct.hasOwnProperty("variant_unit") && (unitsProduct.variant_unit == "weight" || unitsProduct.variant_unit == "volume") && value > 0
-      scale = VariantUnitManager.getScale(value, unitsProduct.variant_unit)
-      Math.round(value/scale * 1000)/1000 + " " + VariantUnitManager.getUnitName(scale, unitsProduct.variant_unit)
+  $scope.getScale = (unitsProduct, unitsVariant) ->
+    if unitsProduct.hasOwnProperty("variant_unit") && (unitsProduct.variant_unit == "weight" || unitsProduct.variant_unit == "volume")
+      VariantUnitManager.getScale(unitsVariant.unit_value, unitsProduct.variant_unit)
     else
+      null
+
+  $scope.getFormattedValueWithUnitName = (value, unitsProduct, unitsVariant, scale) ->
+    unit_name = VariantUnitManager.getUnitName(scale, unitsProduct.variant_unit)
+    $scope.roundToThreeDecimals(value) + " " + unit_name
+
+  $scope.getGroupBySizeFormattedValueWithUnitName = (value, unitsProduct, unitsVariant) ->
+    scale = $scope.getScale(unitsProduct, unitsVariant)
+    if scale
+      value = value / scale if scale != 28.35 && scale != 1 && scale != 453.6 # divide by scale if not smallest unit
+      $scope.getFormattedValueWithUnitName(value, unitsProduct, unitsVariant, scale)
+    else
+      ''
+
+  $scope.formattedValueWithUnitName = (value, unitsProduct, unitsVariant) ->
+    scale = $scope.getScale(unitsProduct, unitsVariant)
+    if scale
+      $scope.getFormattedValueWithUnitName(value, unitsProduct, unitsVariant, scale)
+    else 
       ''
 
   $scope.fulfilled = (sumOfUnitValues) ->
@@ -158,7 +182,9 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     if $scope.selectedUnitsProduct.hasOwnProperty("group_buy_unit_size") && $scope.selectedUnitsProduct.group_buy_unit_size > 0 &&
       $scope.selectedUnitsProduct.hasOwnProperty("variant_unit") &&
       ( $scope.selectedUnitsProduct.variant_unit == "weight" || $scope.selectedUnitsProduct.variant_unit == "volume" )
-        Math.round( sumOfUnitValues / $scope.selectedUnitsProduct.group_buy_unit_size * 1000)/1000
+        scale = $scope.getScale($scope.selectedUnitsProduct, $scope.selectedUnitsVariant)
+        sumOfUnitValues = sumOfUnitValues / scale if scale == 28.35 || scale == 453.6 # divide by scale if smallest unit
+        $scope.roundToThreeDecimals(sumOfUnitValues / $scope.selectedUnitsProduct.group_buy_unit_size * $scope.selectedUnitsVariant.unit_value)
     else
       ''
 

app/assets/javascripts/admin/payments/services/stripe_elements.js.coffee

@@ -17,7 +17,7 @@ angular.module("admin.payments").factory 'AdminStripeElements', ($rootScope, Sta
           console.error(JSON.stringify(response.error))
         else
           secrets.token = response.token.id
-          secrets.cc_type = @mapTokenApiCardBrand(response.token.card.brand)
+          secrets.cc_type = response.token.card.brand
           secrets.card = response.token.card
           submit()
 
@@ -33,28 +33,10 @@ angular.module("admin.payments").factory 'AdminStripeElements', ($rootScope, Sta
           console.error(JSON.stringify(response.error))
         else
           secrets.token = response.paymentMethod.id
-          secrets.cc_type = @mapPaymentMethodsApiCardBrand(response.paymentMethod.card.brand)
+          secrets.cc_type = response.paymentMethod.card.brand
           secrets.card = response.paymentMethod.card
           submit()
 
-    # Maps the brand returned by Stripe's tokenAPI to that required by activemerchant
-    mapTokenApiCardBrand: (cardBrand) ->
-      switch cardBrand
-        when 'MasterCard' then return 'master'
-        when 'Visa' then return 'visa'
-        when 'American Express' then return 'american_express'
-        when 'Discover' then return 'discover'
-        when 'JCB' then return 'jcb'
-        when 'Diners Club' then return 'diners_club'
-
-    # Maps the brand returned by Stripe's paymentMethodsAPI to that required by activemerchant
-    mapPaymentMethodsApiCardBrand: (cardBrand) ->
-      switch cardBrand
-        when 'mastercard' then return 'master'
-        when 'amex' then return 'american_express'
-        when 'diners' then return 'diners_club'
-        else return cardBrand # a few brands are equal, for example, visa
-
     # It doesn't matter if any of these are nil, all are optional.
     makeCardData: (secrets) ->
       {'name': secrets.name,

app/assets/javascripts/admin/spree/progress.coffee

@@ -1,7 +1,11 @@
 $(document).ready ->
+  progressTimer = null
   $(document).ajaxStart ->
-    $("#progress").fadeIn()
+    progressTimer = setTimeout ->
+      $("#progress").fadeIn()
+    , 500
 
   $(document).ajaxStop ->
-    $("#progress").fadeOut()
+    clearTimeout(progressTimer) if progressTimer?
+    $("#progress").stop().hide()
 

app/assets/javascripts/admin/spree/spree.js.coffee

@@ -1,13 +1,10 @@
-#= require jsuri
-
 class window.Spree
   # Helper function to take a URL and add query parameters to it
-  @url: (uri, query) ->
-    if uri.path == undefined
-      uri = new Uri(uri)
-    if query
-      $.each query, (key, value) ->
-        uri.addQueryParam(key, value)
+  @url: (uri) ->
+    if uri.pathname == undefined
+      uri = new URL(uri.toString())
     if Spree.api_key
-      uri.addQueryParam('token', Spree.api_key)
+      params = new URLSearchParams(uri.search)
+      params.append('token', Spree.api_key)
+
     return uri

app/assets/javascripts/admin/spree/taxons/taxon_tree_menu.js.coffee

@@ -2,10 +2,9 @@ root = exports ? this
 
 root.taxon_tree_menu = (obj, context) ->
 
-  base_url = Spree.url(Spree.routes.taxonomy_taxons_path)
-  admin_base_url = Spree.url(Spree.routes.admin_taxonomy_taxons_path)
-  edit_url = admin_base_url.clone()
-  edit_url.setPath(edit_url.path() + '/' + obj.attr("id") + "/edit");
+  base_url = Spree.url(Spree.routes.taxonomy_taxons)
+  admin_base_url = Spree.url(Spree.routes.admin_taxonomy_taxons)
+  edit_url = Spree.url(Spree.routes.admin_taxonomy_taxons + '/' + obj.attr("id") + "/edit");
 
   create:
     label: "<i class='icon-plus'></i> " + Spree.translations.add,

app/assets/javascripts/admin/spree/taxons/taxonomy.js.coffee

@@ -9,7 +9,7 @@ handle_move = (e, data) ->
   new_parent = data.rslt.np
 
   url = Spree.url(base_url).clone()
-  url.setPath url.path() + '/' + node.attr("id")
+  url.pathname = url.pathname + '/' + node.attr("id")
   $.ajax
     type: "POST",
     dataType: "json",
@@ -41,7 +41,7 @@ handle_rename = (e, data) ->
   name = data.rslt.new_name
 
   url = Spree.url(base_url).clone()
-  url.setPath(url.path() + '/' + node.attr("id"))
+  url.pathname = url.pathname + '/' + node.attr("id")
 
   $.ajax
     type: "POST",
@@ -70,10 +70,10 @@ root = exports ? this
 root.setup_taxonomy_tree = (taxonomy_id) ->
   if taxonomy_id != undefined
     # this is defined within admin/taxonomies/edit
-    root.base_url = Spree.url(Spree.routes.taxonomy_taxons_path)
+    root.base_url = Spree.url(Spree.routes.taxonomy_taxons)
 
     $.ajax
-      url: base_url.path().replace("/taxons", "/jstree"),
+      url: base_url.pathname.replace("/taxons", "/jstree"),
       success: (taxonomy) ->
         last_rollback = null
 
@@ -82,7 +82,7 @@ root.setup_taxonomy_tree = (taxonomy_id) ->
             data: taxonomy,
             ajax:
               url: (e) ->
-                base_url.path() + '/' + e.attr('id') + '/jstree'
+                base_url.pathname + '/' + e.attr('id') + '/jstree'
           themes:
             theme: "apple",
             url: "/assets/jquery.jstree/themes/apple/style.css"

app/assets/javascripts/admin/spree_paypal_express.js

@@ -1,17 +0,0 @@
-//= require admin/spree_backend
-
-SpreePaypalExpress = {
-  hideSettings: function(paymentMethod) {
-    if (SpreePaypalExpress.paymentMethodID && paymentMethod.val() == SpreePaypalExpress.paymentMethodID) {
-      $('.payment-method-settings').children().hide();
-      $('#payment_amount').prop('disabled', 'disabled');
-      $('button[type="submit"]').prop('disabled', 'disabled');
-      $('#paypal-warning').show();
-    } else if (SpreePaypalExpress.paymentMethodID) {
-      $('.payment-method-settings').children().show();
-      $('button[type=submit]').prop('disabled', '');
-      $('#payment_amount').prop('disabled', '');
-      $('#paypal-warning').hide();
-    }
-  }
-}

app/assets/javascripts/admin/subscriptions/controllers/details_controller.js.coffee

@@ -16,7 +16,7 @@ angular.module("admin.subscriptions").controller "DetailsController", ($scope, $
     return if !newValue?
     paymentMethod = ($scope.paymentMethods.filter (pm) -> pm.id == newValue)[0]
     return unless paymentMethod?
-    $scope.cardRequired = (paymentMethod.type == "Spree::Gateway::StripeConnect" || paymentMethod.type == "Spree::Gateway::StripeSCA")
+    $scope.cardRequired = paymentMethod.type == "Spree::Gateway::StripeSCA"
     $scope.loadCustomer() if $scope.cardRequired && !$scope.customer
 
   $scope.loadCustomer = ->

app/assets/javascripts/admin/utils/directives/variant_autocomplete.js.coffee

@@ -19,6 +19,7 @@ angular.module("admin.utils").directive "variantAutocomplete", ($timeout) ->
               distributor_id: scope.distributor_id
               order_cycle_id: scope.order_cycle_id
               eligible_for_subscriptions: scope.eligible_for_subscriptions
+              include_out_of_stock: scope.include_out_of_stock
             results: (data, page) ->
               window.variants = data # this is how spree auto complete JS code picks up variants
               results: data
@@ -27,3 +28,5 @@ angular.module("admin.utils").directive "variantAutocomplete", ($timeout) ->
           formatSelection: (variant) ->
             element.parent().children(".options_placeholder").html variant.options_text
             variant.name
+        element.on "select2-opening", ->
+          scope.include_out_of_stock = if $('#include_out_of_stock').is(':checked') then "1" else ""

app/assets/javascripts/darkswarm/all.js.coffee

@@ -1,5 +1,4 @@
 #= require jquery2
-#= require jquery_ujs
 #= require jquery.ui.all
 #
 #= require angular
@@ -50,13 +49,15 @@
 #
 #= require modernizr
 #
+#= require foundation-sites/js/foundation.js
 #= require ./darkswarm
 #= require_tree ./mixins
 #= require_tree ./directives
 #= require_tree .
 
 document.addEventListener "turbo:load", ->
-  window.injector = angular.bootstrap document.body, ["Darkswarm"]
+  try
+    window.injector = angular.bootstrap document.body, ["Darkswarm"]
   true
 
 document.addEventListener "turbo:before-render", ->

app/assets/javascripts/darkswarm/controllers/authentication/forgot_controller.js.coffee

@@ -1,19 +0,0 @@
-angular.module('Darkswarm').controller "ForgotCtrl", ($scope, $http, $location, AuthenticationService) ->
-  $scope.path = "/forgot"
-  $scope.sent = false
-
-  $scope.submit = ->
-    if $scope.spree_user.email != null
-      $http.post("/user/spree_user/password", {spree_user: $scope.spree_user}).then (response)->
-        $scope.sent = true
-      .catch (response) ->
-        $scope.errors = response.data.error
-        $scope.user_unconfirmed = (response.status == 401)
-    else
-      $scope.errors = t 'email_required'
-
-  $scope.resend_confirmation = ->
-    $http.post("/user/spree_user/confirmation", {spree_user: $scope.spree_user, return_url: $location.absUrl()}).then (response)->
-      $scope.messages = t('devise.confirmations.send_instructions')
-    .catch (response) ->
-      $scope.errors = t('devise.confirmations.failed_to_send')

app/assets/javascripts/darkswarm/controllers/authentication/login_controller.js.coffee

@@ -1,36 +0,0 @@
-angular.module('Darkswarm').controller "LoginCtrl", ($scope, $timeout, $location, $http, $window, AuthenticationService, Redirections, Loading) ->
-  $scope.path = "/login"
-
-  $scope.modalMessage = null
-
-  $scope.$watch (->
-    AuthenticationService.modalMessage
-  ), (newValue) ->
-    $scope.errors = newValue
-
-  $scope.submit = ->
-    Loading.message = t 'logging_in'
-    $http.post("/user/spree_user/sign_in", {spree_user: $scope.spree_user}).then (response)->
-      if window._paq
-        window._paq.push(['trackEvent', 'Signin/Signup', 'Login Submit Success', $location.absUrl()]);
-      if Redirections.after_login
-        $window.location.href = $window.location.origin + Redirections.after_login
-      else
-        $window.location.href = $window.location.origin + $window.location.pathname  # Strips out hash fragments
-    .catch (response) ->
-      Loading.clear()
-      $scope.errors = response.data.message || response.data.error
-      $scope.user_unconfirmed = (response.data.error == t('devise.failure.unconfirmed'))
-
-  $scope.resend_confirmation = ->
-    $http.post("/user/spree_user/confirmation", {spree_user: $scope.spree_user, return_url: $location.absUrl()}).then (response)->
-      $scope.messages = t('devise.confirmations.send_instructions')
-    .catch (response) ->
-      $scope.errors = t('devise.confirmations.failed_to_send')
-
-  $timeout ->
-    if angular.isDefined($location.search()['validation'])
-      if $location.search()['validation'] == 'confirmed'
-        $scope.messages = t('devise.confirmations.confirmed')
-      if $location.search()['validation'] == 'not_confirmed'
-        $scope.errors = t('devise.confirmations.not_confirmed')

app/assets/javascripts/darkswarm/controllers/authentication/signup_controller.js.coffee

@@ -1,17 +0,0 @@
-angular.module('Darkswarm').controller "SignupCtrl", ($scope, $http, $window, $location, Redirections, AuthenticationService) ->
-  $scope.path = "/signup"
-
-  $scope.spree_user.password_confirmation = ''
-
-  $scope.errors =
-    email: null
-    password: null
-
-  $scope.submit = ->
-    $http.post("/user/spree_user", {spree_user: $scope.spree_user, return_url: $location.absUrl()}).then (response)->
-      $scope.errors = {email: null, password: null}
-      $scope.messages = t('devise.user_registrations.spree_user.signed_up_but_unconfirmed')
-      if window._paq
-        window._paq.push(['trackEvent', 'Signin/Signup', 'Signup Submit Success', $location.absUrl()]);
-    .catch (response) ->
-      $scope.errors = response.data

app/assets/javascripts/darkswarm/controllers/authentication_controller.js.coffee

@@ -1,12 +0,0 @@
-angular.module('Darkswarm').controller "AuthenticationCtrl", ($scope, AuthenticationService, SpreeUser)->
-  $scope.open = AuthenticationService.open
-  $scope.toggle = AuthenticationService.toggle
-
-  $scope.spree_user = SpreeUser.spree_user
-  $scope.isActive = AuthenticationService.isActive
-  $scope.select = AuthenticationService.select
-
-  $scope.tabs =
-    login: { active: $scope.isActive('/login') }
-    signup: { active: $scope.isActive('/signup') }
-    forgot: { active: $scope.isActive('/forgot') }

app/assets/javascripts/darkswarm/controllers/checkout/checkout_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').controller "CheckoutCtrl", ($scope, localStorageService, Checkout, CurrentUser, CurrentHub, AuthenticationService, SpreeUser, $http) ->
+angular.module('Darkswarm').controller "CheckoutCtrl", ($scope, localStorageService, Checkout, CurrentUser, CurrentHub, $http) ->
   $scope.Checkout = Checkout
   $scope.submitted = false
 
@@ -35,14 +35,9 @@ angular.module('Darkswarm').controller "CheckoutCtrl", ($scope, localStorageServ
       $scope.$broadcast 'purchaseFormInvalid', $scope.formdata
 
   $scope.ensureUserIsGuest = (callback = null) ->
-    $http.post("/user/registered_email", {email: $scope.order.email}).then (response)->
-      if response.data.registered == true
-        $scope.promptLogin()
-      else
+    $http.post("/user/registered_email", {email: $scope.order.email})
+      .then (response)->
+        window.CableReady.perform(response.data)
+      .catch ->
         $scope.validateForm() if $scope.submitted
         callback() if callback
-
-  $scope.promptLogin = ->
-    SpreeUser.spree_user.email = $scope.order.email
-    AuthenticationService.pushMessage t('devise.failure.already_registered')
-    AuthenticationService.open '/login'

app/assets/javascripts/darkswarm/controllers/checkout/details_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').controller "DetailsCtrl", ($scope, $timeout, $http, CurrentUser, AuthenticationService, SpreeUser, $controller) ->
+angular.module('Darkswarm').controller "DetailsCtrl", ($scope, $timeout, $http, CurrentUser, SpreeUser, $controller) ->
   angular.extend this, $controller('FieldsetMixin', {$scope: $scope})
 
   $scope.name = "details"

app/assets/javascripts/darkswarm/controllers/credit_cards_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').controller "CreditCardsCtrl", ($scope, CreditCard, CreditCards, $controller) ->
+angular.module('Darkswarm').controller "CreditCardsCtrl", ($scope, $http, CreditCard, CreditCards, $controller) ->
   angular.extend this, $controller('FieldsetMixin', {$scope: $scope})
 
   $scope.savedCreditCards = CreditCards.saved
@@ -12,3 +12,11 @@ angular.module('Darkswarm').controller "CreditCardsCtrl", ($scope, CreditCard, C
 
   $scope.allow_name_change = true
   $scope.disable_fields = false
+
+  $scope.deleteCard = (id) ->
+    $http(
+      method: "DELETE"
+      url: "/credit_cards/#{id}"
+    ).finally ->
+      window.location.reload()
+

app/assets/javascripts/darkswarm/controllers/enterprises_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').controller "EnterprisesCtrl", ($scope, $rootScope, $timeout, $location, Enterprises, Search, $document, HashNavigation, FilterSelectorsService, EnterpriseModal, enterpriseMatchesNameQueryFilter, distanceWithinKmFilter) ->
+angular.module('Darkswarm').controller "EnterprisesCtrl", ($scope, $rootScope, $timeout, $location, Enterprises, Search, $document, HashNavigation, FilterSelectorsService, EnterpriseModal, enterpriseMatchesQueryFilter, distanceWithinKmFilter) ->
   $scope.Enterprises = Enterprises
   $scope.producers_to_filter = Enterprises.producers
   $scope.filterSelectors = FilterSelectorsService.createSelectors()
@@ -55,8 +55,8 @@ angular.module('Darkswarm').controller "EnterprisesCtrl", ($scope, $rootScope, $
 
   $scope.filterEnterprises = ->
     es = Enterprises.hubs
-    $scope.nameMatches = enterpriseMatchesNameQueryFilter(es, true)
-    noNameMatches = enterpriseMatchesNameQueryFilter(es, false)
+    $scope.nameMatches = enterpriseMatchesQueryFilter(es, true)
+    noNameMatches = enterpriseMatchesQueryFilter(es, false)
     $scope.distanceMatches = distanceWithinKmFilter(noNameMatches, 50)
 
 

app/assets/javascripts/darkswarm/controllers/products_controller.js.coffee

@@ -67,7 +67,7 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
       page: page || $scope.page,
       per_page: $scope.per_page,
       'q[name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont]': $scope.query,
-      'q[properties_id_or_supplier_properties_id_in_any][]': $scope.activeProperties,
+      'q[with_properties][]': $scope.activeProperties,
       'q[primary_taxon_id_in_any][]': $scope.activeTaxons
     }
 

app/assets/javascripts/darkswarm/directives/auth.js.coffee

@@ -1,5 +0,0 @@
-angular.module('Darkswarm').directive 'auth', (AuthenticationService) ->
-  restrict: 'A'
-  link: (scope, elem, attrs) ->
-    elem.bind "click", ->
-      AuthenticationService.open '/' + attrs.auth

app/assets/javascripts/darkswarm/directives/shipping_type_selector.js.coffee

@@ -1,8 +1,6 @@
 angular.module('Darkswarm').directive "shippingTypeSelector", ->
   # Builds selector for shipping types
-  restrict: 'E'
-  replace: true
-  templateUrl: 'shipping_type_selector.html'
+  restrict: 'C'
   link: (scope, elem, attr)->
     scope.shippingTypes =
       pickup: false

app/assets/javascripts/darkswarm/directives/shop_variant.js.coffee

@@ -1,7 +0,0 @@
-angular.module('Darkswarm').directive "shopVariant", ->
-  restrict: 'E'
-  replace: true
-  templateUrl: 'shop_variant.html'
-  scope:
-    variant: '='
-  controller: 'ShopVariantCtrl'

app/assets/javascripts/darkswarm/directives/stripe_elements.js.coffee

@@ -9,7 +9,7 @@ angular.module('Darkswarm').directive "stripeElements", ($injector, StripeElemen
     if $injector.has('stripeObject')
       stripe = $injector.get('stripeObject')
 
-      card = stripe.elements().create 'card',
+      card = stripe.elements({ locale: I18n.base_locale }).create 'card',
         hidePostalCode: true
         style:
           base:

app/assets/javascripts/darkswarm/filters/enterpriseMatchesNameQuery.js.coffee

@@ -1,4 +0,0 @@
-angular.module('Darkswarm').filter 'enterpriseMatchesNameQuery', ->
-  (enterprises, matches_name_query) ->
-    enterprises.filter (enterprise) ->
-      enterprise.matches_name_query == matches_name_query

app/assets/javascripts/darkswarm/filters/enterpriseMatchesQuery.js.coffee

@@ -0,0 +1,4 @@
+angular.module('Darkswarm').filter 'enterpriseMatchesQuery', ->
+  (enterprises, matches_query) ->
+    enterprises.filter (enterprise) ->
+      enterprise.matches_query == matches_query

app/assets/javascripts/darkswarm/services/authentication_service.js.coffee

@@ -1,54 +0,0 @@
-# This class deals with displaying things in the login modal. It chooses
-# the modal tab templates and deals with switching tabs and passing data
-# between the tabs. It has direct access to the instance of the login modal,
-# and provides that access to other controllers as a service.
-
-angular.module('Darkswarm').factory "AuthenticationService", (Navigation, $modal, $location, Redirections, Loading)->
-
-  new class AuthenticationService
-    selectedPath: "/login"
-    modalMessage: null
-
-    constructor: ->
-      if $location.path() in ["/login", "/signup", "/forgot"] || location.pathname is '/register/auth'
-        @open @initialTab(), @initialTemplate()
-
-    open: (path = false, template = 'authentication.html') =>
-      @modalInstance = $modal.open
-        templateUrl: template
-        windowClass: "login-modal medium"
-      @modalInstance.result.then @close, @close
-      @selectedPath = path || @selectedPath
-      Navigation.navigate @selectedPath
-
-    # Opens the /login tab if returning from email confirmation,
-    # the /signup tab if opened from the enterprise registration page,
-    # otherwise opens whichever tab is selected in the URL params ('/login', '/signup', or '/forgot')
-    initialTab: ->
-      if angular.isDefined($location.search()['validation'])
-        '/login'
-      else if location.pathname is '/register/auth'
-        '/signup'
-      else
-        $location.path()
-
-    # Loads the registration page modal when needed, otherwise the default modal
-    initialTemplate: ->
-      if location.pathname is '/register/auth'
-        'registration_authentication.html'
-      else
-        'authentication.html'
-    pushMessage: (message) ->
-      @modalMessage = String(message)
-
-    select: (path)=>
-      @selectedPath = path
-      Navigation.navigate @selectedPath
-
-    isActive: Navigation.isActive
-
-    close: ->
-      if location.pathname in ["/register", "/register/auth"]
-        Loading.message = t 'going_back_to_home_page'
-        location.hash = ""
-        location.pathname = "/"

app/assets/javascripts/darkswarm/services/enterprises.js.coffee

@@ -53,8 +53,8 @@ angular.module('Darkswarm').factory 'Enterprises', (enterprises, ShopsResource,
 
     flagMatching: (query) ->
       for enterprise in @enterprises
-        enterprise.matches_name_query = if query? && query.length > 0
-          Matcher.match([enterprise.name], query)
+        enterprise.matches_query = if query? && query.length > 0
+          Matcher.match([enterprise.name, enterprise.address?.state_name, enterprise.address?.city], query)
         else
           false
 

app/assets/javascripts/darkswarm/services/redirections.js.coffee

@@ -1,3 +0,0 @@
-angular.module('Darkswarm').factory "Redirections", ($location)->
-  new class Redirections
-    after_login: $location.search().after_login

app/assets/javascripts/darkswarm/services/stripe_elements.js.coffee

@@ -16,7 +16,7 @@ angular.module('Darkswarm').factory 'StripeElements', ($rootScope, Messages) ->
           @reportError(response.error, t("error") + ": #{response.error.message}")
         else
           secrets.token = response.token.id
-          secrets.cc_type = @mapTokenApiCardBrand(response.token.card.brand)
+          secrets.cc_type = response.token.card.brand
           secrets.card = response.token.card
           submit()
       .catch (response) =>
@@ -37,7 +37,7 @@ angular.module('Darkswarm').factory 'StripeElements', ($rootScope, Messages) ->
           @reportError(response.error, t("error") + ": #{response.error.message}")
         else
           secrets.token = response.paymentMethod.id
-          secrets.cc_type = @mapPaymentMethodsApiCardBrand(response.paymentMethod.card.brand)
+          secrets.cc_type = response.paymentMethod.card.brand
           secrets.card = response.paymentMethod.card
           submit()
       .catch (response) =>
@@ -56,24 +56,6 @@ angular.module('Darkswarm').factory 'StripeElements', ($rootScope, Messages) ->
       # $evalAsync is improved way of triggering a digest without calling $apply
       $rootScope.$evalAsync()
 
-    # Maps the brand returned by Stripe's tokenAPI to that required by activemerchant
-    mapTokenApiCardBrand: (cardBrand) ->
-      switch cardBrand
-        when 'MasterCard' then return 'master'
-        when 'Visa' then return 'visa'
-        when 'American Express' then return 'american_express'
-        when 'Discover' then return 'discover'
-        when 'JCB' then return 'jcb'
-        when 'Diners Club' then return 'diners_club'
-
-    # Maps the brand returned by Stripe's paymentMethodsAPI to that required by activemerchant
-    mapPaymentMethodsApiCardBrand: (cardBrand) ->
-      switch cardBrand
-        when 'mastercard' then return 'master'
-        when 'amex' then return 'american_express'
-        when 'diners' then return 'diners_club'
-        else return cardBrand # a few brands are equal, for example, visa
-
     # It doesn't matter if any of these are nil, all are optional.
     makeCardData: (secrets) ->
       {'name': secrets.name,

app/assets/javascripts/templates/admin/modals/bulk_invoice.html.haml

@@ -6,7 +6,7 @@
 %p.error{ ng: { show: 'error' } }
   {{error}}
 
-%img.spinner{ src: image_path("spinning-circles.svg"), ng: { show: "loading" } }
+%img.spinner{ src: image_path("/spinning-circles.svg"), ng: { show: "loading" } }
 %p{ ng: { show: "loading" } }
   = t('js.admin.orders.index.please_wait')
 

app/assets/javascripts/templates/admin/modals/image_upload.html.haml

@@ -3,7 +3,7 @@
 
 %form#image_upload{ name: 'form', novalidate: true, enctype: 'multipart/form-data', multipart: true, ng: { controller: "ProductImageCtrl" } }
   %div.image-preview
-    %img.spinner{ src: image_path("spinning-circles.svg"), ng: { hide: "!imageUploader.isUploading" }}
+    %img.spinner{ src: image_path("/spinning-circles.svg"), ng: { hide: "!imageUploader.isUploading" }}
     %img.preview{ng: {src: "{{imagePreview}}", class: "{'faded': imageUploader.isUploading}"}}
 
   %label{for: 'image-upload', class: 'button'} {{ 'admin.products.index.upload_an_image' | t }}

app/assets/javascripts/templates/admin/panels/exchange_products_panel_footer.html.haml

@@ -6,6 +6,6 @@
 
 .sixteen.columns.alpha#loading{ 'ng-show' => 'productsLoading()' }
   %br
-  %img.spinner{ src: image_path("spinning-circles.svg")}
+  %i.spinner.fa.fa-spin.fa-circle-o-notch
   %h1
     {{ 'js.admin.panels.exchange_products.loading_variants' | t }}

app/assets/javascripts/templates/admin/schedule_dialog.html.haml

@@ -21,5 +21,4 @@
       %input.button{ type: 'submit', value: "{{ 'js.admin.order_cycles.schedules.update_schedule' | t }}", ng: { show: 'schedule.id' } }
       %span{ ng: { show: 'schedule.id' } } or
       %input.button.red{ type: 'button', value: "{{ 'js.admin.order_cycles.schedules.delete_schedule' | t }}", ng: { show: 'schedule.id', click: 'delete()'} }
-      or
       %input.button{ type: 'button', value: "{{ 'actions.cancel' | t }}", ng: { click: 'close()' } }

app/assets/javascripts/templates/admin/show_more.html.haml

@@ -1,4 +1,3 @@
 %div{ ng: { show: "data.length > limit" } }
   %input{ type: 'button', value: t(:show_more), ng: { click: 'limit = limit + increment' } }
-  or
   %input{ type: 'button', value: t(:show_all_with_more, num: '{{ data.length - limit }}'), ng: { click: 'limit = data.length' } }

app/assets/javascripts/templates/authentication.html.haml

@@ -1,7 +0,0 @@
-%div{"ng-controller" => "AuthenticationCtrl"}
-  %tabset
-    %ng-include{src: "'login.html'"}
-    %ng-include{src: "'signup.html'"}
-    %ng-include{src: "'forgot.html'"}
-%a.close-reveal-modal{"ng-click" => "$close()"}  
-  %i.ofn-i_009-close

app/assets/javascripts/templates/forgot.html.haml

@@ -1,31 +0,0 @@
-%tab#forgot{ heading: "{{'forgot_password' | t}}", active: "tabs.forgot.active", select: "select(path)"}
-  %form{ ng: { controller: "ForgotCtrl", submit: "submit()" } }
-    .row
-      .large-12.columns
-        .alert-box.success{"ng-show" => "sent"}
-          {{ 'password_reset_sent' | t }}
-
-        .alert-box.success{"ng-show" => "messages != null"}
-          {{ messages }}
-
-        .alert-box.alert{"ng-show" => "errors != null"}
-          {{ errors }}
-          %a{ng: {show: 'user_unconfirmed', click: 'resend_confirmation()'}}
-            = t('devise.confirmations.resend_confirmation_email')
-
-    .row
-      .large-12.columns
-        %label{for: "email"} {{'signup_email' | t}}
-        %input.title.input-text{name: "email",
-          type: "email",
-          id: "email",
-          tabindex: 1,
-          inputmode: "email",
-          "ng-model" => "spree_user.email"}
-    .row
-      .large-12.columns
-        %input.button.primary{name: "commit",
-          tabindex: "3",
-          type: "submit",
-          value: "{{'reset_password' | t}}"}
-

app/assets/javascripts/templates/login.html.haml

@@ -1,48 +0,0 @@
-%tab#login-content{ heading: "{{'label_login' | t}}", active: "tabs.login.active", select: "select(path)"}
-  %form{ ng: { controller: "LoginCtrl", submit: "submit()" } }
-    .row
-      .large-12.columns
-        .alert-box.alert{"ng-show" => "errors != null"}
-          {{ errors }}
-          %a{ng: {show: 'user_unconfirmed', click: 'resend_confirmation()'}}
-            = t('devise.confirmations.resend_confirmation_email')
-        .alert-box.success{ng: {show: 'messages != null'}}
-          {{ messages }}
-    .row
-      .large-12.columns
-        %label{for: "email"} {{'email' | t}}
-        %input.title.input-text{name: "email",
-          type: "email",
-          id: "email",
-          tabindex: "1",
-          inputmode: "email",
-          "ng-model" => "spree_user.email"}
-    .row
-      .large-12.columns
-        %label{for: "password"} {{'password' | t}}
-        %input.title.input-text{name: "password",
-          type: "password",
-          id: "password",
-          autocomplete: "off",
-          tabindex: "2",
-          inputmode: "password",
-          "ng-model" => "spree_user.password"}
-    .row
-      .large-12.columns
-        %input{name: "remember_me",
-        type: "checkbox",
-        id: "remember_me",
-        value: "1",
-        tabindex: "3",
-        "ng-model" => "spree_user.remember_me"}
-        %label{for: "remember_me"} {{'remember_me' | t}}
-    .row
-      .large-12.columns
-        %input.button.primary{name: "commit",
-          tabindex: "4",
-          type: "submit",
-          value: "{{'label_login' | t}}"}
-:javascript
-  if (window._paq) {
-    window._paq.push(['trackEvent', 'Signin/Signup', 'Login Modal View', window.location.href]);
-  }

app/assets/javascripts/templates/partials/follow.html.haml

@@ -2,7 +2,7 @@
   %p.modal-header {{'follow' | t}}
   .follow-icons
     %span{"ng-if" => "::enterprise.twitter"}
-      %a{"ng-href" => "http://twitter.com/{{::enterprise.twitter}}", target: "_blank"}
+      %a{"ng-href" => "http://www.twitter.com/{{::enterprise.twitter}}", target: "_blank"}
         %i.ofn-i_041-twitter
 
     %span{"ng-if" => "::enterprise.facebook"}
@@ -14,5 +14,5 @@
         %i.ofn-i_042-linkedin
 
     %span{"ng-if" => "::enterprise.instagram"}
-      %a{"ng-href" => "http://instagram.com/{{::enterprise.instagram}}", target: "_blank"}
+      %a{"ng-href" => "http://www.instagram.com/{{::enterprise.instagram}}", target: "_blank"}
         %i.ofn-i_043-instagram

app/assets/javascripts/templates/partials/producer_details.html.haml

@@ -14,7 +14,8 @@
         %a.cta-hub{"ng-repeat" => "hub in enterprise.hubs | filter:{id: '!'+enterprise.id} | orderBy:'-active'",
         "ng-href" => "{{::hub.path}}#/shop", "ofn-empties-cart" => "hub",
         "ng-class" => "::{primary: hub.active, secondary: !hub.active}",
-        "ng-click" => "$close()"}
+        "ng-click" => "$close()",
+        "ofn-change-hub" => "hub"}
           .hub-name{"ng-bind" => "::hub.name"}
           %span{"ng-if" => "::hub.active"} ({{'maps_open' | t}})
           %span{"ng-if" => "::!hub.active"} ({{'maps_closed' | t}})

app/assets/javascripts/templates/registration_authentication.html.haml

@@ -1,17 +0,0 @@
-.container
-  .row.modal-centered
-    %h2 {{'js.registration.welcome_to_ofn' | t}}
-    %h5 {{'js.registration.signup_or_login' | t}}:
-  %div{"ng-controller" => "AuthenticationCtrl"}
-    %tabset
-      %ng-include{src: "'signup.html'"}
-      %ng-include{src: "'login.html'"}
-      %ng-include{src: "'forgot.html'"}
-    %div{ ng: { show: "active('/signup')"} }
-      %hr
-      {{'js.registration.have_an_account' | t}}
-      %a{ href: "", ng: { click: "select('/login')"}}
-        {{'js.registration.action_login' | t}}
-
-%a.close-reveal-modal{"ng-click" => "$close()"}
-  %i.ofn-i_009-close

app/assets/javascripts/templates/shipping_type_selector.html.haml

@@ -1,4 +0,0 @@
-%ul.small-block-grid-2.medium-block-grid-4.large-block-grid-2
-  %active-selector{"ng-repeat" => "(name, selector) in selectors"}
-    %i{"ng-class" => "selector.icon"}
-    {{ selector.translation_key | t | capitalize }}

app/assets/javascripts/templates/shop_variant.html.haml

@@ -1,23 +0,0 @@
-.variants.row
-  .small-4.medium-4.large-5.columns.variant-name
-    .inline{"ng-if" => "::variant.display_name"} {{ ::variant.display_name }}
-    .variant-unit {{ ::variant.unit_to_display }}
-  .small-3.medium-3.large-2.columns.variant-price
-    %price-breakdown{"price-breakdown" => "_", variant: "variant",
-      "price-breakdown-append-to-body" => "true",
-      "price-breakdown-placement" => "bottom",
-      "price-breakdown-animation" => true}
-    {{ variant.price_with_fees | localizeCurrency }}
-    .unit-price.variant-unit-price
-      %question-mark-with-tooltip{"question-mark-with-tooltip" => "_",
-      "question-mark-with-tooltip-append-to-body" => "true",
-      "question-mark-with-tooltip-placement" => "top",
-      "question-mark-with-tooltip-animation" => true,
-      key: "'js.shopfront.unit_price_tooltip'"}
-      {{ variant.unit_price_price | localizeCurrency }} / {{ variant.unit_price_unit }}
-        
-  .medium-2.large-2.columns.total-price
-    %span{"ng-class" => "{filled: variant.line_item.total_price}"}
-      {{ variant.line_item.total_price | localizeCurrency }}
-  %ng-include{src: "'partials/shop_variant_no_group_buy.html'"}
-  %ng-include{src: "'partials/shop_variant_with_group_buy.html'"}

app/assets/javascripts/templates/signup.html.haml

@@ -1,51 +0,0 @@
-%tab#sign-up-content{ heading: "{{'label_signup' | t}}", active: 'tabs.signup.active', select: "select(path)"}
-  %form{ ng: { controller: "SignupCtrl", submit: "submit()" } }
-    .row
-      .large-12.columns
-        .alert-box.success{ng: {show: 'messages != null'}}
-          {{ messages }}
-      .large-12.columns
-        .alert-box.alert{ng: {show: 'errors.message != null'}}
-          {{ errors.message }}
-    .row
-      .large-12.columns
-        %label{for: "email"} {{'signup_email' | t}}
-        %input.title.input-text{name: "email",
-          type: "email",
-          id: "email",
-          tabindex: 1,
-          inputmode: "email",
-          "ng-model" => "spree_user.email"}
-        %span.error{"ng-show" => "errors.email != null"}
-          {{ errors.email.join(' ') }}
-    .row
-      .large-12.columns
-        %label{for: "password"} {{'choose_password' | t}}
-        %input.title.input-text{name: "password",
-          type: "password",
-          id: "password",
-          autocomplete: "off",
-          tabindex: 2,
-          inputmode: "password",
-          "ng-model" => "spree_user.password"}
-        %span.error{"ng-show" => "errors.password != null"}
-          {{ errors.password.join(' ') }}
-    .row
-      .large-12.columns
-        %label{for: "password_confirmation"} {{'confirm_password' | t}}
-        %input.title.input-text{name: "password_confirmation",
-          type: "password",
-          id: "password_confirmation",
-          autocomplete: "off",
-          tabindex: 2,
-          inputmode: "password",
-          "ng-model" => "spree_user.password_confirmation"}
-        %span.error{"ng-show" => "errors.password_confirmation != null"}
-          {{ errors.password_confirmation.join(' ') }}
-    .row
-      .large-12.columns
-        %input.button.primary{name: "commit",
-          tabindex: "3",
-          type: "submit",
-          value: "{{'action_signup' | t}}"}
-

app/assets/stylesheets/admin/advanced_settings.scss

@@ -1,21 +0,0 @@
-@import "variables";
-
-#advanced_settings {
-  background-color: $spree-light-blue;
-  border: 1px solid $pale-blue;
-  margin-bottom: 20px;
-
-  .row{
-    margin: 0px -4px;
-
-    padding: 20px 0px;
-
-    .column.alpha, .columns.alpha {
-      padding-left: 20px;
-    }
-
-    .column.omega, .columns.omega {
-      padding-right: 20px;
-    }
-  }
-}

app/assets/stylesheets/admin/all.scss

@@ -1,53 +0,0 @@
-/*
- * This is a manifest file that'll automatically include all the stylesheets available in this directory
- * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
- * the top of the compiled file, but it's generally better to create a new file per style scope.
- *
-
- *= require normalize
- *= require responsive-tables
- *= require jquery.powertip
- *= require jquery.ui.dialog
- *= require shared/textAngular
- *= require shared/ng-tags-input.min
- *= require select2
- *= require flatpickr/dist/flatpickr
- *= require flatpickr/dist/themes/material_blue
- *= require shortcut-buttons-flatpickr/dist/themes/light
-
- *= require_self
-*/
-
-//************************************************************************//
-//************************************************************************//
-@import 'globals/functions';
-@import 'globals/variables';
-@import 'variables';
-@import 'globals/mixins';
-
-@import 'shared/typography';
-@import 'shared/tables';
-@import 'shared/icons';
-@import 'shared/forms';
-@import 'shared/layout';
-
-@import 'plugins/flatpickr-customization';
-
-@import 'plugins/powertip';
-@import 'plugins/jstree';
-@import 'plugins/font-awesome';
-@import 'plugins/select2';
-
-@import 'sections/orders';
-@import 'sections/products';
-
-@import 'hacks/mozilla';
-@import 'hacks/opera';
-@import 'hacks/ie';
-
-@import 'components/*';
-@import 'pages/*';
-@import '*';
-
-@import "../shared/question-mark-icon";
-@import "question-mark-tooltip";

app/assets/stylesheets/admin/components/progress.scss

@@ -1,31 +0,0 @@
-@import 'admin/globals/variables';
-@import 'admin/globals/mixins';
-
-#progress {
-  @include border-radius(10px);
-  position: fixed;
-  top: -10px;
-  left: 50%;
-  z-index: 1000;
-  opacity: 0.8;
-  width: 200px;
-  background-color: $spree-blue;
-  color: $color-1;
-  display: none;
-  font-size: 120%;
-  font-weight: bold;
-  line-height: 40px;
-  margin-left: -100px;
-  padding-top: 15px;
-  text-align: center;
-  text-transform: uppercase;
-
-  .spinner {
-    position: absolute;
-    left: 50%;
-    width: 30px;
-    height: 30px;
-    top: -5px;
-    margin-left: -15px;
-  }
-}

app/assets/stylesheets/admin/shared/icons.scss

@@ -1,26 +0,0 @@
-@import 'admin/plugins/font-awesome';
-
-// Some fixes for fontwesome stylesheets
-[class^="icon-"], [class*=" icon-"] {
-  &:before {
-    padding-right: 5px;
-  }
-
-  &.button, &.icon_link {
-    width: auto;
-
-    &:before {
-      padding-top: 3px;
-    }
-  }
-}
-
-.icon-email:before    { @extend .icon-envelope:before }
-.icon-resend_authorization_email:before    { @extend .icon-envelope:before }
-.icon-resume:before   { @extend .icon-refresh:before  }
-
-.icon-cancel:before,
-.icon-void:before     { @extend .icon-remove:before   }
-
-.icon-capture:before  { @extend .icon-ok:before       }
-.icon-credit:before   { @extend .icon-ok:before       }

app/assets/stylesheets/darkswarm/all.scss

@@ -1,25 +0,0 @@
-/*
-   * This is a manifest file that'll automatically include all the stylesheets available in this directory
-   * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
-   * the top of the compiled file, but it's generally better to create a new file per style scope.
-
-   *= require autocomplete
-   *= require leaflet
-
-   *= require_self
-*/
-@import 'variables';
-@import 'foundation';
-@import 'foundation-icons';
-
-@import 'base/*';
-@import 'layout/*';
-@import '*';
-@import 'pages/*';
-@import 'web/all';
-
-ofn-modal {
-  display: block;
-}
-
-@import "../shared/question-mark-icon";

app/assets/stylesheets/darkswarm/base/colors.scss

@@ -1,13 +0,0 @@
-@import 'darkswarm/branding';
-
-$modal-background-color: #efefef;
-$modal-content-background-color: #fff;
-$modal-alert-link-color: #fff;
-$modal-alert-link-hover-color: rgba(255, 255, 255, .7);
-
-$cookies-banner-background-color: $dark-grey;
-$cookies-banner-button-background-color: $clr-turquoise;
-$cookies-banner-text-color: $white;
-$cookies-policy-modal-background-color: $disabled-light;
-$cookies-policy-modal-border-bottom-color: $disabled-light;
-$cookies-policy-modal-table-tr-even-background-color: $disabled-very-light;

app/assets/stylesheets/mail/all.css

@@ -1,11 +0,0 @@
-/* This file MUST be plain css, as roadie does not seem to be able to handle other file types */
-
-/*
- * This is a manifest file that'll automatically include all the stylesheets available in this directory
- * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
- * the top of the compiled file, but it's generally better to create a new file per style scope.
- *
-
- *= require_self
- *= require_tree .
-*/

app/constraints/split_checkout_constraint.rb

@@ -2,10 +2,10 @@
 
 class SplitCheckoutConstraint
   def matches?(request)
-    Flipper.enabled? :split_checkout, current_user(request)
+    OpenFoodNetwork::FeatureToggle.enabled? :split_checkout, current_user(request)
   end
 
   def current_user(request)
-    @spree_current_user ||= request.env['warden'].user
+    request.env['warden'].user
   end
 end

app/controllers/admin/customers_controller.rb

@@ -99,7 +99,7 @@ module Admin
 
     def customer_params
       params.require(:customer).permit(
-        :enterprise_id, :name, :email, :code, :tag_list,
+        :enterprise_id, :first_name, :last_name, :email, :code, :tag_list,
         ship_address_attributes: PermittedAttributes::Address.attributes,
         bill_address_attributes: PermittedAttributes::Address.attributes,
       )

app/controllers/admin/subscriptions_controller.rb

@@ -16,15 +16,16 @@ module Admin
       respond_to do |format|
         format.html do
           if view_context.subscriptions_setup_complete?(@shops)
-            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user)
-            @payment_methods = Spree::PaymentMethod.managed_by(spree_current_user)
+            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user).includes([:distributors, :cached_incoming_exchanges])
+            @payment_methods = Spree::PaymentMethod.managed_by(spree_current_user).includes(:taggings)
+            @payment_method_tags = payment_method_tags_by_id
             @shipping_methods = Spree::ShippingMethod.managed_by(spree_current_user)
           else
             @shop = @shops.first
             render :setup_explanation
           end
         end
-        format.json { render_as_json @collection, ams_prefix: params[:ams_prefix] }
+        format.json { render_as_json @collection, ams_prefix: params[:ams_prefix], payment_method_tags: payment_method_tags_by_id }
       end
     end
 
@@ -165,5 +166,21 @@ module Admin
       @subscription_params ||= PermittedAttributes::Subscription.new(params).call.
         to_h.with_indifferent_access
     end
+
+    def payment_method_tags_by_id
+      payment_method_tags = ::ActsAsTaggableOn::Tag.
+        joins(:taggings).
+        includes(:taggings).
+        where(taggings: { taggable_type: "Spree::PaymentMethod",
+                          taggable_id: Spree::PaymentMethod.from(Enterprise.managed_by(spree_current_user).
+                          select('enterprises.id').find_by(id: params[:enterprise_id])),
+                          context: 'tags' })
+
+      payment_method_tags.each_with_object({}) do |tag, hash|
+        payment_method_id = tag.taggings.first.taggable_id
+        hash[payment_method_id] ||= []
+        hash[payment_method_id] << tag.name
+      end
+    end
   end
 end

app/controllers/api/v0/base_controller.rb

@@ -52,11 +52,11 @@ module Api
 
         if api_key.blank?
           # An anonymous user
-          @current_api_user = Spree.user_class.new
+          @current_api_user = Spree::User.new
           return
         end
 
-        return if @current_api_user = Spree.user_class.find_by(spree_api_key: api_key.to_s)
+        return if @current_api_user = Spree::User.find_by(spree_api_key: api_key.to_s)
 
         invalid_api_key
       end

app/controllers/api/v0/order_cycles_controller.rb

@@ -81,8 +81,7 @@ module Api
 
       def permitted_ransack_params
         [:name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont,
-         :properties_id_or_supplier_properties_id_in_any,
-         :primary_taxon_id_in_any]
+         :with_properties, :primary_taxon_id_in_any]
       end
 
       def distributor

app/controllers/application_controller.rb

@@ -37,8 +37,8 @@ class ApplicationController < ActionController::Base
   include Spree::Core::ControllerHelpers::RespondWith
   include Spree::Core::ControllerHelpers::Common
 
-  prepend_before_action :restrict_iframes
   before_action :set_cache_headers # prevent cart emptying via cache when using back button #1213
+  before_action :set_after_login_url
 
   include RawParams
   include EnterprisesHelper
@@ -62,15 +62,9 @@ class ApplicationController < ActionController::Base
   end
 
   def set_checkout_redirect
-    referer_path = OpenFoodNetwork::RefererParser.path(request.referer)
-    if referer_path
-      is_checkout_path_the_referer = [main_app.checkout_path].include?(referer_path)
-      session["spree_user_return_to"] = if is_checkout_path_the_referer
-                                          referer_path
-                                        else
-                                          main_app.root_path
-                                        end
-    end
+    return unless URI(request.referer.to_s).path == main_app.checkout_path
+
+    session["spree_user_return_to"] = main_app.checkout_path
   end
 
   def shopfront_session
@@ -103,27 +97,20 @@ class ApplicationController < ActionController::Base
 
   private
 
+  def set_after_login_url
+    store_location_for(:spree_user, params[:after_login]) if params[:after_login]
+  end
+
   def shopfront_redirect
     session[:shopfront_redirect]
   end
 
-  def restrict_iframes
-    response.headers['X-Frame-Options'] = 'DENY'
-    response.headers['Content-Security-Policy'] = "frame-ancestors 'none'"
-  end
-
-  def enable_embedded_shopfront
-    embed_service = EmbeddedPageService.new(params, session, request, response)
-    embed_service.embed!
-    @shopfront_layout = 'embedded' if embed_service.use_embedded_layout?
-  end
-
   def action
     params[:action].to_sym
   end
 
   def require_distributor_chosen
-    unless @distributor = current_distributor
+    unless (@distributor = current_distributor)
       redirect_to main_app.root_path
       false
     end
@@ -151,17 +138,6 @@ class ApplicationController < ActionController::Base
       !current_distributor.ready_for_checkout?
   end
 
-  def check_order_cycle_expiry
-    if current_order_cycle&.closed?
-      Bugsnag.notify("Notice: order cycle closed during checkout completion", order: current_order)
-      current_order.empty!
-      current_order.set_order_cycle! nil
-      flash[:info] = I18n.t('order_cycle_closed')
-
-      redirect_to main_app.shop_path
-    end
-  end
-
   # All render calls within the block will be performed with the specified format
   # Useful for rendering html within a JSON response, particularly if the specified
   # template or partial then goes on to render further partials without specifying

app/controllers/base_controller.rb

@@ -12,7 +12,6 @@ class BaseController < ApplicationController
   include OrderCyclesHelper
 
   before_action :set_locale
-  before_action :check_order_cycle_expiry
 
   private
 

app/controllers/cart_controller.rb

@@ -28,7 +28,7 @@ class CartController < BaseController
   end
 
   def check_authorization
-    session[:access_token] ||= params[:token]
+    session[:access_token] ||= params[:order_token]
     order = Spree::Order.find_by(number: params[:id]) || current_order
 
     if order

app/controllers/checkout_controller.rb

@@ -3,9 +3,10 @@
 require 'open_food_network/address_finder'
 
 class CheckoutController < ::BaseController
-  layout 'darkswarm'
-
   include OrderStockCheck
+  include OrderCompletion
+
+  layout 'darkswarm'
 
   helper 'terms_and_conditions'
   helper 'checkout'
@@ -21,26 +22,14 @@ class CheckoutController < ::BaseController
 
   before_action :load_order
 
-  before_action :ensure_order_not_completed
-  before_action :ensure_checkout_allowed
   before_action :handle_insufficient_stock
 
   before_action :associate_user
   before_action :check_authorization
-  before_action :enable_embedded_shopfront
 
   helper 'spree/orders'
 
-  def edit
-    return handle_redirect_from_stripe if valid_payment_intent_provided?
-
-    # This is only required because of spree_paypal_express. If we implement
-    # a version of paypal that uses this controller, and more specifically
-    # the #action_failed method, then we can remove this call
-    reset_order_to_cart
-  rescue Spree::Core::GatewayError => e
-    rescue_from_spree_gateway_error(e)
-  end
+  def edit; end
 
   def update
     params_adapter = Checkout::FormDataAdapter.new(permitted_params, @order, spree_current_user)
@@ -48,7 +37,8 @@ class CheckoutController < ::BaseController
 
     checkout_workflow(params_adapter.shipping_method_id)
   rescue Spree::Core::GatewayError => e
-    rescue_from_spree_gateway_error(e)
+    gateway_error(e)
+    action_failed(e)
   rescue StandardError => e
     flash[:error] = I18n.t("checkout.failed")
     action_failed(e)
@@ -56,56 +46,22 @@ class CheckoutController < ::BaseController
     @order.update_order!
   end
 
-  # Clears the cached order. Required for #current_order to return a new order
-  # to serve as cart. See https://github.com/spree/spree/blob/1-3-stable/core/lib/spree/core/controller_helpers/order.rb#L14
-  # for details.
-  def expire_current_order
-    session[:order_id] = nil
-    @current_order = nil
-  end
-
   private
 
   def check_authorization
     authorize!(:edit, current_order, session[:access_token])
   end
 
-  def ensure_checkout_allowed
-    redirect_to main_app.cart_path unless @order.checkout_allowed?
-  end
-
-  def ensure_order_not_completed
-    redirect_to main_app.cart_path if @order.completed?
-  end
-
   def load_order
-    @order = current_order
+    load_checkout_order
 
-    if order_invalid_for_checkout?
-      Bugsnag.notify("Notice: invalid order loaded during Stripe processing", order: @order) if valid_payment_intent_provided?
-      redirect_to(main_app.shop_path) && return
-    end
-
-    handle_invalid_stock && return unless valid_order_line_items?
-
-    return if valid_payment_intent_provided?
+    return handle_invalid_stock unless valid_order_line_items?
 
     before_address
     setup_for_current_state
   end
 
-  def order_invalid_for_checkout?
-    !@order || @order.completed? || !@order.checkout_allowed?
-  end
-
-  def valid_order_line_items?
-    @order.insufficient_stock_lines.empty? &&
-      OrderCycleDistributedVariants.new(@order.order_cycle, @order.distributor).
-        distributes_order_variants?(@order)
-  end
-
   def handle_invalid_stock
-    cancel_incomplete_payments if valid_payment_intent_provided?
     reset_order_to_cart
 
     respond_to do |format|
@@ -119,20 +75,6 @@ class CheckoutController < ::BaseController
     end
   end
 
-  def cancel_incomplete_payments
-    # The checkout could not complete due to stock running out. We void any pending (incomplete)
-    # Stripe payments here as the order will need to be changed and resubmitted (or abandoned).
-    @order.payments.incomplete.each do |payment|
-      payment.void_transaction!
-      payment.adjustment&.update_columns(eligible: false, state: "finalized")
-    end
-    flash[:notice] = I18n.t("checkout.payment_cancelled_due_to_stock")
-  end
-
-  def reset_order_to_cart
-    OrderCheckoutRestart.new(@order).call
-  end
-
   def setup_for_current_state
     method_name = :"before_#{@order.state}"
     __send__(method_name) if respond_to?(method_name, true)
@@ -151,33 +93,13 @@ class CheckoutController < ::BaseController
     current_order.payments.destroy_all if request.put?
   end
 
-  def valid_payment_intent_provided?
-    @valid_payment_intent_provided ||= begin
-      return false unless params["payment_intent"]&.starts_with?("pi_")
-
-      last_payment = OrderPaymentFinder.new(@order).last_payment
-      @order.state == "payment" &&
-        last_payment&.state == "requires_authorization" &&
-        last_payment&.response_code == params["payment_intent"]
-    end
-  end
-
-  def handle_redirect_from_stripe
-    return checkout_failed unless @order.process_payments!
-
-    if OrderWorkflow.new(@order).next && order_complete?
-      checkout_succeeded
-      redirect_to(order_path(@order)) && return
-    else
-      checkout_failed
-    end
-  end
-
   def checkout_workflow(shipping_method_id)
     while @order.state != "complete"
       if @order.state == "payment"
+        update_payment_total
         return if redirect_to_payment_gateway
 
+        return action_failed if @order.errors.any?
         return action_failed unless @order.process_payments!
       end
 
@@ -189,26 +111,28 @@ class CheckoutController < ::BaseController
     update_response
   end
 
-  def redirect_to_payment_gateway
-    redirect_path = Checkout::PaypalRedirect.new(params).path
-    redirect_path = Checkout::StripeRedirect.new(params, @order).path if redirect_path.blank?
-    return if redirect_path.blank?
+  def update_payment_total
+    @order.updater.update_totals
+    @order.updater.update_pending_payment
+  end
 
-    render json: { path: redirect_path }, status: :ok
+  def redirect_to_payment_gateway
+    return unless selected_payment_method.external_gateway?
+    return unless (redirect_url = selected_payment_method.external_payment_url(order: @order))
+
+    render json: { path: redirect_url }, status: :ok
     true
   end
 
-  def order_error
-    if @order.errors.present?
-      @order.errors.full_messages.to_sentence
-    else
-      t(:payment_processing_failed)
-    end
+  def selected_payment_method
+    @selected_payment_method ||= Spree::PaymentMethod.find(
+      params.dig(:order, :payments_attributes, 0, :payment_method_id)
+    )
   end
 
   def update_response
     if order_complete?
-      checkout_succeeded
+      processing_succeeded
       update_succeeded_response
     else
       action_failed(RuntimeError.new("Order not complete after the checkout workflow"))
@@ -219,35 +143,22 @@ class CheckoutController < ::BaseController
     @order.state == "complete" || @order.completed?
   end
 
-  def checkout_succeeded
-    Checkout::PostCheckoutActions.new(@order).success(self, params, spree_current_user)
-
-    session[:access_token] = current_order.token
-    flash[:notice] = t(:order_processed_successfully)
-  end
-
   def update_succeeded_response
     respond_to do |format|
       format.html do
-        respond_with(@order, location: order_path(@order))
+        respond_with(@order, location: order_completion_route)
       end
       format.json do
-        render json: { path: order_path(@order) }, status: :ok
+        render json: { path: order_completion_route }, status: :ok
       end
     end
   end
 
-  def action_failed(error = RuntimeError.new(order_error))
-    checkout_failed(error)
+  def action_failed(error = RuntimeError.new(order_processing_error))
+    processing_failed(error)
     action_failed_response
   end
 
-  def checkout_failed(error = RuntimeError.new(order_error))
-    Bugsnag.notify(error, order: @order)
-    flash[:error] = order_error if flash.blank?
-    Checkout::PostCheckoutActions.new(@order).failure
-  end
-
   def action_failed_response
     respond_to do |format|
       format.html do
@@ -260,11 +171,6 @@ class CheckoutController < ::BaseController
     end
   end
 
-  def rescue_from_spree_gateway_error(error)
-    flash[:error] = t(:spree_gateway_error_flash_for_checkout, error: error.message)
-    action_failed(error)
-  end
-
   def permitted_params
     PermittedAttributes::Checkout.new(params).call
   end

app/controllers/concerns/checkout_callbacks.rb

@@ -13,14 +13,13 @@ module CheckoutCallbacks
     prepend_before_action :require_order_cycle
     prepend_before_action :require_distributor_chosen
 
-    before_action :load_order, :associate_user, :load_saved_addresses
-    before_action :load_shipping_methods, :load_countries, if: -> { params[:step] == "details" }
+    before_action :load_order, :associate_user, :load_saved_addresses, :load_saved_credit_cards
+    before_action :load_shipping_methods, if: -> { params[:step] == "details" }
 
     before_action :ensure_order_not_completed
     before_action :ensure_checkout_allowed
     before_action :handle_insufficient_stock
     before_action :check_authorization
-    before_action :enable_embedded_shopfront
   end
 
   private
@@ -41,17 +40,13 @@ module CheckoutCallbacks
     @order.ship_address ||= finder.ship_address
   end
 
-  def load_shipping_methods
-    @shipping_methods = Spree::ShippingMethod.for_distributor(@order.distributor).order(:name)
+  def load_saved_credit_cards
+    @saved_credit_cards = spree_current_user&.credit_cards&.with_payment_profile.to_a
+    @selected_card = nil
   end
 
-  def load_countries
-    @countries = available_countries.map { |c| [c.name, c.id] }
-    @countries_with_states = available_countries.map { |c|
-      [c.id, c.states.map { |s|
-               [s.name, s.id]
-             }]
-    }
+  def load_shipping_methods
+    @shipping_methods = Spree::ShippingMethod.for_distributor(@order.distributor).order(:name)
   end
 
   def redirect_to_shop?

app/controllers/concerns/embedded_pages.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module EmbeddedPages
+  extend ActiveSupport::Concern
+
+  included do
+    content_security_policy do |policy|
+      policy.frame_ancestors :self, -> { embed_service.embedding_domain }
+    end
+
+    before_action :enable_embedded_pages
+  end
+
+  private
+
+  def enable_embedded_pages
+    return unless embed_service.use_embedded_layout
+
+    @shopfront_layout = 'embedded'
+  end
+
+  def embed_service
+    @embed_service ||= EmbeddedPageService.
+      new(params, session, request, response).
+      tap(&:embed!)
+  end
+end

app/controllers/concerns/order_completion.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+
+module OrderCompletion
+  extend ActiveSupport::Concern
+
+  def order_completion_reset(order)
+    distributor = order.distributor
+    token = order.token
+
+    expire_current_order
+    build_new_order(distributor, token)
+
+    session[:access_token] = current_order.token
+    flash[:notice] = t(:order_processed_successfully)
+  end
+
+  private
+
+  # Clears the cached order. Required for #current_order to return a new order to serve as cart.
+  # See https://github.com/spree/spree/blob/1-3-stable/core/lib/spree/core/controller_helpers/order.rb#L14
+  def expire_current_order
+    session[:order_id] = nil
+    @current_order = nil
+  end
+
+  # Builds an order setting the token and distributor of the one specified
+  def build_new_order(distributor, token)
+    new_order = current_order(true)
+    new_order.set_distributor!(distributor)
+    new_order.tokenized_permission.token = token
+    new_order.tokenized_permission.save!
+  end
+
+  def load_checkout_order
+    @order = current_order
+
+    order_invalid! if order_invalid_for_checkout?
+  end
+
+  def order_completion_route
+    main_app.order_path(@order, order_token: @order.token)
+  end
+
+  def order_failed_route
+    main_app.checkout_path
+  end
+
+  def order_invalid_for_checkout?
+    !@order || @order.completed? || !@order.checkout_allowed?
+  end
+
+  def order_invalid!
+    Bugsnag.notify("Notice: invalid order loaded during checkout", order: @order)
+
+    flash[:error] = t('checkout.order_not_loaded')
+    redirect_to main_app.shop_path
+  end
+
+  def process_payment_completion!
+    unless @order.process_payments!
+      processing_failed
+      return redirect_to order_failed_route
+    end
+
+    if OrderWorkflow.new(@order).next && @order.complete?
+      processing_succeeded
+      redirect_to order_completion_route
+    else
+      processing_failed
+      redirect_to order_failed_route
+    end
+  rescue Spree::Core::GatewayError => e
+    gateway_error(e)
+    processing_failed
+    redirect_to order_failed_route
+  end
+
+  def processing_succeeded
+    Checkout::PostCheckoutActions.new(@order).success(params, spree_current_user)
+    order_completion_reset(@order)
+  end
+
+  def processing_failed(error = RuntimeError.new(order_processing_error))
+    Bugsnag.notify(error, order: @order)
+    flash[:error] = order_processing_error if flash.blank?
+    Checkout::PostCheckoutActions.new(@order).failure
+  end
+
+  def order_processing_error
+    return t(:payment_processing_failed) if @order.errors.blank?
+
+    @order.errors.full_messages.to_sentence
+  end
+
+  def gateway_error(error)
+    flash[:error] = t(:spree_gateway_error_flash_for_checkout, error: error.message)
+  end
+end

app/controllers/concerns/order_stock_check.rb

@@ -3,16 +3,41 @@
 module OrderStockCheck
   extend ActiveSupport::Concern
 
+  def valid_order_line_items?
+    @order.insufficient_stock_lines.empty? &&
+      OrderCycleDistributedVariants.new(@order.order_cycle, @order.distributor).
+        distributes_order_variants?(@order)
+  end
+
   def handle_insufficient_stock
     return if sufficient_stock?
 
+    reset_order_to_cart
+
     flash[:error] = Spree.t(:inventory_error_flash_for_insufficient_quantity)
     redirect_to main_app.cart_path
   end
 
+  def check_order_cycle_expiry
+    return unless current_order_cycle&.closed?
+
+    Bugsnag.notify("Notice: order cycle closed during checkout completion", order: current_order)
+    current_order.empty!
+    current_order.set_order_cycle! nil
+
+    flash[:info] = I18n.t('order_cycle_closed')
+    redirect_to main_app.shop_path
+  end
+
   private
 
   def sufficient_stock?
     @sufficient_stock ||= @order.insufficient_stock_lines.blank?
   end
+
+  def reset_order_to_cart
+    return if Flipper.enabled? :split_checkout, spree_current_user
+
+    OrderCheckoutRestart.new(@order).call
+  end
 end

app/controllers/enterprises_controller.rb

@@ -14,7 +14,6 @@ class EnterprisesController < BaseController
   prepend_before_action :set_order_cycles, :require_distributor_chosen, :reset_order, only: :shop
 
   before_action :clean_permalink, only: :check_permalink
-  before_action :enable_embedded_shopfront
 
   respond_to :js, only: :permalink_checker
 

app/controllers/groups_controller.rb

@@ -1,10 +1,11 @@
 # frozen_string_literal: true
 
 class GroupsController < BaseController
+  include EmbeddedPages
+
   layout 'darkswarm'
 
   def show
-    enable_embedded_shopfront
     @hide_menu = true if @shopfront_layout == 'embedded'
     @group = EnterpriseGroup.find_by(permalink: params[:id]) || EnterpriseGroup.find(params[:id])
   end

app/controllers/home_controller.rb

@@ -3,8 +3,6 @@
 class HomeController < BaseController
   layout 'darkswarm'
 
-  before_action :enable_embedded_shopfront
-
   def index
     if ContentConfig.home_show_stats
       @num_distributors = cached_count('distributors', Enterprise.is_distributor.activated.visible)

app/controllers/payment_gateways/paypal_controller.rb

@@ -1,19 +1,21 @@
 # frozen_string_literal: true
 
-module Spree
+module PaymentGateways
   class PaypalController < ::BaseController
     include OrderStockCheck
+    include OrderCompletion
 
-    before_action :enable_embedded_shopfront
     before_action :destroy_orphaned_paypal_payments, only: :confirm
-    after_action :reset_order_when_complete, only: :confirm
+    before_action :load_checkout_order, only: [:express, :confirm]
+    before_action :handle_insufficient_stock, only: [:express, :confirm]
+    before_action :check_order_cycle_expiry, only: [:express, :confirm]
     before_action :permit_parameters!
 
-    def express
-      order = current_order || raise(ActiveRecord::RecordNotFound)
+    after_action :reset_order_when_complete, only: :confirm
 
+    def express
       pp_request = provider.build_set_express_checkout(
-        express_checkout_request_details(order)
+        express_checkout_request_details(@order)
       )
 
       begin
@@ -36,11 +38,8 @@ module Spree
     end
 
     def confirm
-      @order = current_order || raise(ActiveRecord::RecordNotFound)
-
       # At this point the user has come back from the Paypal form, and we get one
       # last chance to interact with the payment process before the money moves...
-      return reset_to_cart unless sufficient_stock?
 
       @order.payments.create!(
         source: Spree::PaypalExpressCheckout.create(
@@ -50,16 +49,8 @@ module Spree
         amount: @order.total,
         payment_method: payment_method
       )
-      @order.process_payments!
-      @order.next
-      if @order.complete?
-        flash.notice = Spree.t(:order_processed_successfully)
-        flash[:commerce_tracking] = "nothing special"
-        session[:order_id] = nil
-        redirect_to completion_route(@order)
-      else
-        redirect_to main_app.checkout_state_path(@order.state)
-      end
+
+      process_payment_completion!
     end
 
     def cancel
@@ -67,12 +58,6 @@ module Spree
       redirect_to main_app.checkout_path
     end
 
-    # Clears the cached order. Required for #current_order to return a new order to serve as cart.
-    def expire_current_order
-      session[:order_id] = nil
-      @current_order = nil
-    end
-
     private
 
     def express_checkout_request_details(order)
@@ -80,10 +65,10 @@ module Spree
         SetExpressCheckoutRequestDetails: {
           InvoiceID: order.number,
           BuyerEmail: order.email,
-          ReturnURL: spree.confirm_paypal_url(
+          ReturnURL: payment_gateways_confirm_paypal_url(
             payment_method_id: params[:payment_method_id], utm_nooverride: 1
           ),
-          CancelURL: spree.cancel_paypal_url,
+          CancelURL: payment_gateways_cancel_paypal_url,
           SolutionType: payment_method.preferred_solution.presence || "Mark",
           LandingPage: payment_method.preferred_landing_page.presence || "Billing",
           cppheaderimage: payment_method.preferred_logourl.presence || "",
@@ -104,14 +89,7 @@ module Spree
     def reset_order_when_complete
       return unless current_order.complete?
 
-      flash[:notice] = t(:order_processed_successfully)
-      OrderCompletionReset.new(self, current_order).call
-      session[:access_token] = current_order.token
-    end
-
-    def reset_to_cart
-      OrderCheckoutRestart.new(@order).call
-      handle_insufficient_stock
+      order_completion_reset(current_order)
     end
 
     # See #1074 and #1837 for more detail on why we need this
@@ -191,10 +169,6 @@ module Spree
       }
     end
 
-    def completion_route(order)
-      main_app.order_path(order, token: order.token)
-    end
-
     def address_required?
       payment_method.preferred_solution.eql?('Sole')
     end

app/controllers/payment_gateways/stripe_controller.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+module PaymentGateways
+  class StripeController < BaseController
+    include OrderStockCheck
+    include OrderCompletion
+
+    before_action :load_checkout_order, only: :confirm
+    before_action :validate_payment_intent, only: :confirm
+    before_action :check_order_cycle_expiry, only: :confirm
+    before_action :validate_stock, only: :confirm
+
+    def confirm
+      process_payment_completion!
+    end
+
+    def authorize
+      load_order_for_authorization
+
+      return unless params.key?("payment_intent")
+
+      result = ProcessPaymentIntent.new(params["payment_intent"], @order).call!
+
+      unless result.ok?
+        flash.now[:error] = "#{I18n.t('payment_could_not_process')}. #{result.error}"
+      end
+
+      redirect_to order_path(@order)
+    end
+
+    private
+
+    def load_order_for_authorization
+      require_order_authentication!
+
+      session[:access_token] ||= params[:order_token]
+      @order = Spree::Order.find_by(number: params[:order_number]) || current_order
+
+      if @order
+        authorize! :edit, @order, session[:access_token]
+      else
+        authorize! :create, Spree::Order
+      end
+    end
+
+    def require_order_authentication!
+      return if session[:access_token] || params[:order_token] || spree_current_user
+
+      flash[:error] = I18n.t("spree.orders.edit.login_to_view_order")
+      redirect_to root_path(anchor: "login", after_login: request.original_fullpath)
+    end
+
+    def validate_stock
+      return if sufficient_stock?
+
+      cancel_incomplete_payments
+      handle_insufficient_stock
+    end
+
+    def validate_payment_intent
+      return if valid_payment_intent?
+
+      processing_failed
+      redirect_to order_failed_route
+    end
+
+    def valid_payment_intent?
+      @valid_payment_intent ||= begin
+        return false unless params["payment_intent"]&.starts_with?("pi_")
+
+        order_and_payment_valid?
+      end
+    end
+
+    def order_and_payment_valid?
+      @order.state.in?(["payment", "confirmation"]) &&
+        last_payment&.state == "requires_authorization" &&
+        last_payment&.response_code == params["payment_intent"]
+    end
+
+    def last_payment
+      @last_payment ||= OrderPaymentFinder.new(@order).last_payment
+    end
+
+    def cancel_incomplete_payments
+      # The checkout could not complete due to stock running out. We void any pending (incomplete)
+      # Stripe payments here as the order will need to be changed and resubmitted (or abandoned).
+      @order.payments.incomplete.each do |payment|
+        payment.void_transaction!
+        payment.adjustment&.update_columns(eligible: false, state: "finalized")
+      end
+      flash[:notice] = I18n.t("checkout.payment_cancelled_due_to_stock")
+    end
+  end
+end

app/controllers/payments_controller.rb

@@ -9,7 +9,7 @@ class PaymentsController < BaseController
     @payment = Spree::Payment.find(params[:id])
     authorize! :show, @payment.order
 
-    if url = @payment.cvv_response_message
+    if (url = @payment.cvv_response_message)
       redirect_to url
     else
       redirect_to order_url(@payment.order)
@@ -19,9 +19,11 @@ class PaymentsController < BaseController
   private
 
   def require_logged_in
-    return if session[:access_token] || params[:token] || spree_current_user
+    return if session[:access_token] || spree_current_user
+
+    store_location_for :spree_user, request.original_fullpath
 
     flash[:error] = I18n.t("spree.orders.edit.login_to_view_order")
-    redirect_to main_app.root_path(anchor: "login?after_login=#{request.env['PATH_INFO']}")
+    redirect_to main_app.root_path(anchor: "/login", after_login: request.original_fullpath)
   end
 end

app/controllers/producers_controller.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
 class ProducersController < BaseController
-  layout 'darkswarm'
+  include EmbeddedPages
 
-  before_action :enable_embedded_shopfront
+  layout 'darkswarm'
 
   def index
     @enterprises = Enterprise

app/controllers/registration_controller.rb

@@ -19,7 +19,7 @@ class RegistrationController < BaseController
 
   def check_user
     if spree_current_user.nil?
-      redirect_to registration_auth_path(anchor: "signup?after_login=#{request.env['PATH_INFO']}")
+      redirect_to registration_auth_path(anchor: "/signup", after_login: request.original_fullpath)
     elsif !spree_current_user.can_own_more_enterprises?
       render :limit_reached
     end

app/controllers/shop_controller.rb

@@ -3,7 +3,6 @@
 class ShopController < BaseController
   layout "darkswarm"
   before_action :require_distributor_chosen, :set_order_cycles, except: :changeable_orders_alert
-  before_action :enable_embedded_shopfront
 
   def show
     redirect_to main_app.enterprise_shop_path(current_distributor)

app/controllers/shops_controller.rb

@@ -3,8 +3,6 @@
 class ShopsController < BaseController
   layout 'darkswarm'
 
-  before_action :enable_embedded_shopfront
-
   def index
     @enterprises = ShopsListService.new.open_shops
   end

app/controllers/split_checkout_controller.rb

@@ -8,6 +8,7 @@ class SplitCheckoutController < ::BaseController
   include OrderStockCheck
   include Spree::BaseHelper
   include CheckoutCallbacks
+  include OrderCompletion
   include CablecarResponses
 
   helper 'terms_and_conditions'
@@ -21,16 +22,17 @@ class SplitCheckoutController < ::BaseController
 
   def update
     if confirm_order || update_order
+      return if performed?
+
       clear_invalid_payments
       advance_order_state
       redirect_to_step
     else
       flash.now[:error] = I18n.t('split_checkout.errors.global')
 
-      render operations: cable_car.
+      render status: :unprocessable_entity, operations: cable_car.
         replace("#checkout", partial("split_checkout/checkout")).
-        replace("#flashes", partial("shared/flashes", locals: { flashes: flash })),
-             status: :unprocessable_entity
+        replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
     end
   end
 
@@ -41,28 +43,56 @@ class SplitCheckoutController < ::BaseController
   end
 
   def confirm_order
-    return unless @order.confirmation? && params[:confirm_order]
+    return unless summary_step? && @order.confirmation?
     return unless validate_summary! && @order.errors.empty?
 
+    @order.customer.touch :terms_and_conditions_accepted_at
+
+    return true if redirect_to_payment_gateway
+
     @order.confirm!
+    order_completion_reset @order
+  end
+
+  def redirect_to_payment_gateway
+    return unless selected_payment_method&.external_gateway?
+    return unless (redirect_url = selected_payment_method.external_payment_url(order: @order))
+
+    render operations: cable_car.redirect_to(url: redirect_url)
+    true
+  end
+
+  def selected_payment_method
+    @selected_payment_method ||= Checkout::PaymentMethodFetcher.new(@order).call
   end
 
   def update_order
-    return if @order.errors.any?
+    return if params[:confirm_order] || @order.errors.any?
 
     @order.select_shipping_method(params[:shipping_method_id])
     @order.update(order_params)
-    send("validate_#{params[:step]}!")
+    @order.updater.update_totals_and_states
+
+    validate_current_step!
 
     @order.errors.empty?
   end
 
+  def summary_step?
+    params[:step] == "summary"
+  end
+
   def advance_order_state
     return if @order.complete?
 
     OrderWorkflow.new(@order).advance_checkout(raw_params.slice(:shipping_method_id))
   end
 
+  def validate_current_step!
+    step = ([params[:step]] & ["details", "payment", "summary"]).first
+    send("validate_#{step}!")
+  end
+
   def validate_details!
     return true if params[:shipping_method_id].present?
 
@@ -70,19 +100,20 @@ class SplitCheckoutController < ::BaseController
   end
 
   def validate_payment!
-    return true if params.dig(:order, :payments_attributes).present?
+    return true if params.dig(:order, :payments_attributes, 0, :payment_method_id).present?
 
     @order.errors.add :payment_method, I18n.t('split_checkout.errors.select_a_payment_method')
   end
 
   def validate_summary!
     return true if params[:accept_terms]
+    return true unless TermsOfService.required?(@order.distributor)
 
     @order.errors.add(:terms_and_conditions, t("split_checkout.errors.terms_not_accepted"))
   end
 
   def order_params
-    @order_params ||= Checkout::Params.new(@order, params).call
+    @order_params ||= Checkout::Params.new(@order, params, spree_current_user).call
   end
 
   def redirect_to_step

app/controllers/spree/admin/orders/customer_details_controller.rb

@@ -20,7 +20,7 @@ module Spree
         def update
           if @order.update(order_params)
             if params[:guest_checkout] == "false"
-              @order.associate_user!(Spree.user_class.find_by(email: @order.email))
+              @order.associate_user!(Spree::User.find_by(email: @order.email))
             end
 
             refresh_shipment_rates
@@ -75,14 +75,10 @@ module Spree
         end
 
         def check_authorization
-          load_order
-          session[:access_token] ||= params[:token]
-
-          resource = @order
           action = params[:action].to_sym
           action = :edit if action == :show # show route renders :edit for this controller
 
-          authorize! action, resource, session[:access_token]
+          authorize! action, @order
         end
 
         def set_guest_checkout_status

app/controllers/spree/admin/orders_controller.rb

@@ -16,6 +16,8 @@ module Spree
       before_action :ensure_distribution, only: :new
       before_action :require_distributor_abn, only: :invoice
 
+      content_security_policy false, only: :print_ticket
+
       respond_to :html, :json
 
       def new

app/controllers/spree/admin/payment_methods_controller.rb

@@ -101,12 +101,7 @@ module Spree
       end
 
       def load_data
-        @providers = if Rails.env.dev? || Rails.env.test?
-                       Gateway.providers.sort_by(&:name)
-                     else
-                       Gateway.providers.reject{ |p| p.name.include? "Bogus" }.sort_by(&:name)
-                     end
-        @providers.reject!{ |provider| stripe_provider?(provider) } unless show_stripe?
+        @providers = load_providers
         @calculators = PaymentMethod.calculators.sort_by(&:name)
       end
 
@@ -126,6 +121,20 @@ module Spree
         # rubocop:enable Style/TernaryParentheses
       end
 
+      def load_providers
+        providers = Gateway.providers.sort_by(&:name)
+
+        unless Rails.env.development? || Rails.env.test?
+          providers.reject! { |provider| provider.name.include? "Bogus" }
+        end
+
+        unless show_stripe?
+          providers.reject! { |provider| stripe_provider?(provider) }
+        end
+
+        providers
+      end
+
       # Show Stripe as an option if enabled, or if the
       # current payment_method is already a Stripe method
       def show_stripe?
@@ -145,12 +154,11 @@ module Spree
       end
 
       def stripe_payment_method?
-        ["Spree::Gateway::StripeConnect",
-         "Spree::Gateway::StripeSCA"].include? @payment_method.try(:type)
+        @payment_method.try(:type) == "Spree::Gateway::StripeSCA"
       end
 
       def stripe_provider?(provider)
-        provider.name.ends_with?("StripeConnect", "StripeSCA")
+        provider.name.ends_with?("StripeSCA")
       end
 
       def base_params
@@ -162,7 +170,7 @@ module Spree
         raw_params[ActiveModel::Naming.param_key(@payment_method)] || {}
       end
 
-      # Merge payment method params with gateway params like :gateway_stripe_connect
+      # Merge payment method params with gateway params like :gateway_stripe_sca
       # Also, remove password if present and blank
       def update_params
         @update_params ||= begin

app/controllers/spree/admin/payments_controller.rb

@@ -3,8 +3,6 @@
 module Spree
   module Admin
     class PaymentsController < Spree::Admin::BaseController
-      include FullUrlHelper
-
       before_action :load_order, except: [:show]
       before_action :load_payment, only: [:fire, :show]
       before_action :load_data
@@ -174,15 +172,13 @@ module Spree
       def authorize_stripe_sca_payment
         return unless @payment.payment_method.instance_of?(Spree::Gateway::StripeSCA)
 
-        @payment.authorize!(full_order_path(@payment.order))
+        OrderManagement::Order::StripeScaPaymentAuthorize.
+          new(@order, payment: @payment, off_session: true).call!
 
-        unless @payment.pending? || @payment.requires_authorization?
-          raise Spree::Core::GatewayError, I18n.t('authorization_failure')
-        end
+        raise Spree::Core::GatewayError, I18n.t('authorization_failure') if @order.errors.any?
 
         return unless @payment.requires_authorization?
 
-        PaymentMailer.authorize_payment(@payment).deliver_later
         raise Spree::Core::GatewayError, I18n.t('action_required')
       end
 

app/controllers/spree/admin/search_controller.rb

@@ -8,7 +8,7 @@ module Spree
       respond_to :json
 
       def known_users
-        @users = if exact_match = Spree.user_class.find_by(email: search_params[:q])
+        @users = if exact_match = Spree::User.find_by(email: search_params[:q])
                    [exact_match]
                  else
                    spree_current_user.known_users.ransack(ransack_hash).result.limit(10)
@@ -21,7 +21,8 @@ module Spree
         @customers = []
         if spree_current_user.enterprises.pluck(:id).include? search_params[:distributor_id].to_i
           @customers = Customer.
-            ransack(m: 'or', email_start: search_params[:q], name_start: search_params[:q]).
+            ransack(m: 'or', email_start: search_params[:q], first_name_start: search_params[:q],
+                    last_name_start: search_params[:q]).
             result.
             where(enterprise_id: search_params[:distributor_id].to_i)
         end

app/controllers/spree/admin/variants_controller.rb

@@ -114,7 +114,8 @@ module Spree
 
       def variant_search_params
         params.permit(
-          :q, :distributor_id, :order_cycle_id, :schedule_id, :eligible_for_subscriptions
+          :q, :distributor_id, :order_cycle_id, :schedule_id, :eligible_for_subscriptions,
+          :include_out_of_stock
         ).to_h.with_indifferent_access
       end
     end

app/controllers/spree/credit_cards_controller.rb

@@ -54,10 +54,11 @@ module Spree
       else
         flash[:error] = I18n.t(:card_could_not_be_removed)
       end
-      redirect_to spree.account_path(anchor: 'cards')
+
+      head :ok
     rescue Stripe::CardError
       flash[:error] = I18n.t(:card_could_not_be_removed)
-      redirect_to spree.account_path(anchor: 'cards')
+      head :unprocessable_entity
     end
 
     private

app/controllers/spree/orders_controller.rb

@@ -7,16 +7,14 @@ module Spree
 
     layout 'darkswarm'
 
-    before_action :check_authorization
     rescue_from ActiveRecord::RecordNotFound, with: :render_404
     helper 'spree/products', 'spree/orders'
 
-    respond_to :html
-    respond_to :json
+    respond_to :html, :json
 
+    before_action :check_authorization
     before_action :set_current_order, only: :update
     before_action :filter_order_params, only: :update
-    before_action :enable_embedded_shopfront
 
     prepend_before_action :require_order_authentication, only: :show
     prepend_before_action :require_order_cycle, only: :edit
@@ -26,8 +24,6 @@ module Spree
 
     def show
       @order = Spree::Order.find_by!(number: params[:id])
-
-      handle_stripe_response
     end
 
     def empty
@@ -113,7 +109,7 @@ module Spree
     end
 
     def check_authorization
-      session[:access_token] ||= params[:token]
+      session[:access_token] ||= params[:order_token]
       order = Spree::Order.find_by(number: params[:id]) || current_order
 
       if order
@@ -123,19 +119,6 @@ module Spree
       end
     end
 
-    # Stripe can redirect here after a payment is processed in the backoffice.
-    # We verify if it was successful here and persist the changes.
-    def handle_stripe_response
-      return unless params.key?("payment_intent")
-
-      result = ProcessPaymentIntent.new(params["payment_intent"], @order).call!
-
-      unless result.ok?
-        flash.now[:error] = "#{I18n.t('payment_could_not_process')}. #{result.error}"
-      end
-      @order.reload
-    end
-
     def filter_order_params
       if params[:order] && params[:order][:line_items_attributes]
         params[:order][:line_items_attributes] =
@@ -154,10 +137,12 @@ module Spree
     end
 
     def require_order_authentication
-      return if session[:access_token] || params[:token] || spree_current_user
+      return if session[:access_token] || params[:order_token] || spree_current_user
+
+      store_location_for :spree_user, request.original_fullpath
 
       flash[:error] = I18n.t("spree.orders.edit.login_to_view_order")
-      redirect_to main_app.root_path(anchor: "login?after_login=#{request.env['PATH_INFO']}")
+      redirect_to main_app.root_path(anchor: "/login", after_login: request.original_fullpath)
     end
 
     def order_to_update