Update translations

Bump rails from 6.1.6 to 6.1.6.1

.env

@@ -61,10 +61,3 @@ SMTP_PASSWORD="f00d"
 # STRIPE_INSTANCE_PUBLISHABLE_KEY="pk_test_xxxx" # This can be a test key or a live key
 # STRIPE_CLIENT_ID="ca_xxxx" # This can be a development ID or a production ID
 # STRIPE_ENDPOINT_SECRET="whsec_xxxx"
-
-# Feature toggles
-#
-# Adding user emails separated by commas will enable them the use of certain features. See
-# config/initializers/feature_toggles.rb for details.
-#
-# BETA_TESTERS="ofn@example.com,superadmin@example.com"

.github/FUNDING.yml

@@ -0,0 +1,13 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: ofnusa
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.github/ISSUE_TEMPLATE/release.md

@@ -10,7 +10,6 @@ assignees: ''
 ## Preparation on Thursday
 
 - [ ] Merge pull requests in the [Ready To Go] column
-- [ ] Merge [Transifex pull request]
 - [ ] Include translations: `tx pull --force`
 - [ ] [Draft new release]. Look at previous [releases] for inspiration.
 - [ ] Notify [#instance-managers] of user-facing changes.

.github/workflows/brakeman-analysis.yml

@@ -10,8 +10,14 @@ on:
   pull_request:
     branches: [ "master" ]
 
+permissions:
+  contents: read
+
 jobs:
   brakeman-scan:
+    permissions:
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
     name: Brakeman Scan
     runs-on: ubuntu-latest
     steps:

.github/workflows/build.yml

@@ -12,6 +12,9 @@ env:
   RSPEC_RETRY_RETRY_COUNT: 3
   RAILS_ENV: test
 
+permissions:
+  contents: read
+
 jobs:
   rspec:
     runs-on: ubuntu-18.04

.github/workflows/mapi.yml

@@ -0,0 +1,46 @@
+name: 'Mayhem for API'
+on: workflow_dispatch
+jobs:
+  test:
+    if: ${{ github.repository_owner == 'openfoodfoundation' }}
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+    steps:
+    - uses: actions/checkout@v2
+    - run: docker/build
+    - run: docker-compose up --detach
+    - run: until curl -f -s http://localhost:3000; do echo "waiting for api server"; sleep 1; done
+    - run: docker-compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="update spree_users set spree_api_key='testing' where login='ofn@example.com'"
+    # equivalent to Flipper.enable(:api_v1)
+    - run: docker-compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="insert into flipper_features (key, created_at, updated_at) values ('api_v1', localtimestamp, localtimestamp)"
+    - run: docker-compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="insert into flipper_gates (feature_key, key, value, created_at, updated_at) values ('api_v1', 'boolean', 'true', localtimestamp, localtimestamp)"
+
+    # Run Mayhem for API
+    - name: Run Mayhem for API
+      uses: ForAllSecure/mapi-action@v1
+      continue-on-error: true
+      with:
+        mapi-token: ${{ secrets.MAPI_TOKEN }}
+        api-url: http://localhost:3000
+        api-spec: swagger/v1/swagger.yaml
+        target: openfoodfoundation/openfoodnetwork
+        duration: 1min
+        sarif-report: mapi.sarif
+        html-report: mapi.html
+        run-args: |
+          --header-auth
+          X-Api-Token: testing
+
+    # Archive HTML report
+    - name: Archive Mayhem for API report
+      uses: actions/upload-artifact@v2
+      with:
+        name: mapi-report
+        path: mapi.html
+
+    # Upload SARIF file (only available on public repos or github enterprise)
+    - name: Upload SARIF file
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: mapi.sarif

.gitignore

@@ -15,6 +15,7 @@ db/*.csv
 log/*.log
 log/*.log.lck
 log/*.log.*
+/storage
 tmp/
 .idea/*
 \#*

.rubocop_styleguide.yml

@@ -105,6 +105,10 @@ Lint/UselessAssignment:
   Exclude:
   - spec/**/*
 
+Lint/MissingSuper:
+  Exclude:
+    - 'app/components/**/*'
+
 Metrics/AbcSize:
   Max: 30 # default 17
 

.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400`
-# on 2022-02-25 01:04:47 UTC using RuboCop version 1.22.2.
+# on 2022-03-29 16:07:39 UTC using RuboCop version 1.22.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -53,7 +53,7 @@ Layout/LeadingCommentSpace:
   Exclude:
     - 'spec/system/admin/enterprises_spec.rb'
 
-# Offense count: 828
+# Offense count: 856
 # Cop supports --auto-correct.
 # Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
 # URISchemes: http, https
@@ -108,7 +108,6 @@ Layout/LineLength:
     - 'app/services/order_syncer.rb'
     - 'app/services/products_renderer.rb'
     - 'app/services/variant_units/variant_and_line_item_naming.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
     - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'
     - 'engines/order_management/spec/services/order_management/order/updater_spec.rb'
     - 'engines/web/app/helpers/web/cookies_policy_helper.rb'
@@ -117,15 +116,19 @@ Layout/LineLength:
     - 'lib/open_food_network/enterprise_fee_applicator.rb'
     - 'lib/open_food_network/enterprise_fee_calculator.rb'
     - 'lib/open_food_network/enterprise_issue_validator.rb'
-    - 'lib/open_food_network/lettuce_share_report.rb'
     - 'lib/open_food_network/order_cycle_form_applicator.rb'
-    - 'lib/open_food_network/order_cycle_management_report.rb'
-    - 'lib/open_food_network/order_cycle_permissions.rb'
-    - 'lib/open_food_network/payments_report.rb'
-    - 'lib/open_food_network/reports/line_items.rb'
-    - 'lib/open_food_network/sales_tax_report.rb'
     - 'lib/open_food_network/scope_variants_for_search.rb'
-    - 'lib/open_food_network/xero_invoices_report.rb'
+    - 'lib/reporting/line_items.rb'
+    - 'lib/reporting/reports/bulk_coop/bulk_coop_report.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/report_data/enterprise_fee_type_total.rb'
+    - 'lib/reporting/reports/order_cycle_management/order_cycle_management_report.rb'
+    - 'lib/open_food_network/order_cycle_permissions.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/customer_totals_report.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/distributor_totals_by_supplier_report.rb'
+    - 'lib/reporting/reports/payments/payments_report.rb'
+    - 'lib/reporting/reports/products_and_inventory/lettuce_share_report.rb'
+    - 'lib/reporting/reports/sales_tax/sales_tax_report.rb'
+    - 'lib/reporting/reports/xero_invoices/base.rb'
     - 'lib/spree/localized_number.rb'
     - 'lib/tasks/data.rake'
     - 'lib/tasks/enterprises.rake'
@@ -176,19 +179,20 @@ Layout/LineLength:
     - 'spec/helpers/spree/admin/base_helper_spec.rb'
     - 'spec/jobs/subscription_confirm_job_spec.rb'
     - 'spec/jobs/subscription_placement_job_spec.rb'
-    - 'spec/lib/open_food_network/customers_report_spec.rb'
     - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
-    - 'spec/lib/open_food_network/group_buy_report_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
-    - 'spec/lib/open_food_network/order_cycle_management_report_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_permissions_spec.rb'
-    - 'spec/lib/open_food_network/order_grouper_spec.rb'
     - 'spec/lib/open_food_network/permissions_spec.rb'
-    - 'spec/lib/open_food_network/products_and_inventory_report_spec.rb'
     - 'spec/lib/open_food_network/scope_variant_to_hub_spec.rb'
     - 'spec/lib/open_food_network/tag_rule_applicator_spec.rb'
-    - 'spec/lib/open_food_network/users_and_enterprises_report_spec.rb'
+    - 'spec/lib/reports/customers_report_spec.rb'
+    - 'spec/lib/reports/order_cycle_management_report_spec.rb'
+    - 'spec/lib/reports/order_grouper_spec.rb'
+    - 'spec/lib/reports/orders_and_fulfillment/orders_and_fulfillment_report_spec.rb'
     - 'spec/lib/reports/packing/packing_report_spec.rb'
+    - 'spec/lib/reports/products_and_inventory_report_spec.rb'
+    - 'spec/lib/reports/users_and_enterprises_report_spec.rb'
+    - 'spec/lib/reports/xero_invoices_report_spec.rb'
     - 'spec/lib/stripe/authorize_response_patcher_spec.rb'
     - 'spec/mailers/order_mailer_spec.rb'
     - 'spec/mailers/producer_mailer_spec.rb'
@@ -309,7 +313,15 @@ Layout/MultilineMethodCallBraceLayout:
   Exclude:
     - 'lib/reporting/queries/joins.rb'
 
-# Offense count: 17
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: aligned, indented, indented_relative_to_receiver
+Layout/MultilineMethodCallIndentation:
+  Exclude:
+    - 'lib/reporting/reports/customers/customers_report.rb'
+
+# Offense count: 20
 # Cop supports --auto-correct.
 # Configuration parameters: AllowInHeredoc.
 Layout/TrailingWhitespace:
@@ -331,7 +343,7 @@ Lint/ConstantDefinitionInBlock:
     - 'lib/tasks/users.rake'
     - 'spec/controllers/spree/admin/base_controller_spec.rb'
     - 'spec/helpers/serializer_helper_spec.rb'
-    - 'spec/lib/open_food_network/reports/line_items_spec.rb'
+    - 'spec/lib/reports/line_items_spec.rb'
     - 'spec/models/spree/ability_spec.rb'
     - 'spec/models/spree/gateway_spec.rb'
     - 'spec/models/spree/preferences/configuration_spec.rb'
@@ -366,11 +378,6 @@ Lint/IneffectiveAccessModifier:
   Exclude:
     - 'app/models/spree/user.rb'
 
-# Offense count: 2
-Lint/MissingSuper:
-  Exclude:
-    - 'app/components/distributor_title_component.rb'
-    - 'app/components/example_component.rb'
 
 # Offense count: 1
 # Cop supports --auto-correct.
@@ -403,7 +410,7 @@ Lint/UselessMethodDefinition:
     - 'app/controllers/spree/user_registrations_controller.rb'
     - 'app/models/spree/gateway.rb'
 
-# Offense count: 39
+# Offense count: 38
 # Configuration parameters: IgnoredMethods, CountRepeatedAttributes, Max.
 Metrics/AbcSize:
   Exclude:
@@ -424,22 +431,20 @@ Metrics/AbcSize:
     - 'app/models/spree/order/checkout.rb'
     - 'app/models/spree/preferences/preferable_class_methods.rb'
     - 'app/models/spree/return_authorization.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
     - 'lib/discourse/single_sign_on.rb'
-    - 'lib/open_food_network/customers_report.rb'
-    - 'lib/open_food_network/group_buy_report.rb'
-    - 'lib/open_food_network/order_and_distributor_report.rb'
     - 'lib/open_food_network/order_cycle_form_applicator.rb'
+    - 'lib/reporting/reports/bulk_coop/bulk_coop_report.rb'
+    - 'lib/reporting/reports/customers/customers_report.rb'
     - 'lib/open_food_network/order_cycle_permissions.rb'
-    - 'lib/open_food_network/payments_report.rb'
-    - 'lib/open_food_network/sales_tax_report.rb'
+    - 'lib/reporting/reports/orders_and_distributors/orders_and_distributors_report.rb'
     - 'lib/reporting/reports/packing/customer.rb'
+    - 'lib/reporting/reports/payments/payments_report.rb'
+    - 'lib/reporting/reports/sales_tax/sales_tax_report.rb'
     - 'lib/spree/core/controller_helpers/order.rb'
-    - 'lib/spree/core/s3_support.rb'
     - 'lib/tasks/enterprises.rake'
     - 'spec/services/order_checkout_restart_spec.rb'
 
-# Offense count: 45
+# Offense count: 43
 # Configuration parameters: CountComments, Max, CountAsOne, ExcludedMethods, IgnoredMethods.
 # IgnoredMethods: refine
 Metrics/BlockLength:
@@ -463,13 +468,12 @@ Metrics/BlockLength:
     - 'spec/factories/subscription_factory.rb'
     - 'spec/factories/user_factory.rb'
     - 'spec/factories/variant_factory.rb'
-    - 'spec/lib/open_food_network/group_buy_report_spec.rb'
     - 'spec/requests/api/orders_spec.rb'
     - 'spec/spec_helper.rb'
-    - 'spec/swagger_helper.rb'
     - 'spec/support/cancan_helper.rb'
     - 'spec/support/matchers/select2_matchers.rb'
     - 'spec/support/matchers/table_matchers.rb'
+    - 'spec/swagger_helper.rb'
     - 'spec/system/admin/order_cycles/complex_updating_specific_time_spec.rb'
     - 'spec/system/consumer/shopping/checkout_spec.rb'
 
@@ -479,7 +483,7 @@ Metrics/BlockNesting:
   Exclude:
     - 'app/models/spree/payment/processing.rb'
 
-# Offense count: 49
+# Offense count: 50
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ClassLength:
   Exclude:
@@ -523,18 +527,17 @@ Metrics/ClassLength:
     - 'app/services/cart_service.rb'
     - 'app/services/order_syncer.rb'
     - 'engines/order_management/app/services/order_management/order/updater.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
-    - 'engines/order_management/app/services/order_management/reports/enterprise_fee_summary/scope.rb'
     - 'lib/open_food_network/enterprise_fee_calculator.rb'
     - 'lib/open_food_network/order_cycle_form_applicator.rb'
-    - 'lib/open_food_network/order_cycle_management_report.rb'
-    - 'lib/open_food_network/order_cycle_permissions.rb'
-    - 'lib/open_food_network/payments_report.rb'
     - 'lib/open_food_network/permissions.rb'
-    - 'lib/open_food_network/users_and_enterprises_report.rb'
-    - 'lib/open_food_network/xero_invoices_report.rb'
+    - 'lib/reporting/reports/bulk_coop/bulk_coop_report.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
+    - 'lib/reporting/reports/order_cycle_management/order_cycle_management_report.rb'
+    - 'lib/open_food_network/order_cycle_permissions.rb'
+    - 'lib/reporting/reports/payments/payments_report.rb'
+    - 'lib/reporting/reports/xero_invoices/base.rb'
 
-# Offense count: 40
+# Offense count: 39
 # Configuration parameters: IgnoredMethods, Max.
 Metrics/CyclomaticComplexity:
   Exclude:
@@ -560,20 +563,19 @@ Metrics/CyclomaticComplexity:
     - 'app/models/spree/tax_rate.rb'
     - 'app/models/spree/variant.rb'
     - 'app/models/spree/zone.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
     - 'lib/discourse/single_sign_on.rb'
-    - 'lib/open_food_network/customers_report.rb'
     - 'lib/open_food_network/enterprise_issue_validator.rb'
-    - 'lib/open_food_network/group_buy_report.rb'
-    - 'lib/open_food_network/orders_and_fulfillments_report/customer_totals_report.rb'
-    - 'lib/open_food_network/payments_report.rb'
-    - 'lib/open_food_network/xero_invoices_report.rb'
+    - 'lib/reporting/reports/bulk_coop/bulk_coop_report.rb'
+    - 'lib/reporting/reports/customers/customers_report.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/customer_totals_report.rb'
+    - 'lib/reporting/reports/payments/payments_report.rb'
+    - 'lib/reporting/reports/xero_invoices/base.rb'
     - 'lib/spree/core/controller_helpers/order.rb'
     - 'lib/spree/core/controller_helpers/respond_with.rb'
     - 'lib/spree/localized_number.rb'
     - 'spec/models/product_importer_spec.rb'
 
-# Offense count: 31
+# Offense count: 32
 # Configuration parameters: CountComments, Max, CountAsOne, ExcludedMethods, IgnoredMethods.
 Metrics/MethodLength:
   Exclude:
@@ -583,23 +585,23 @@ Metrics/MethodLength:
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/helpers/checkout_helper.rb'
     - 'app/helpers/spree/admin/navigation_helper.rb'
-    - "app/json_schemas/json_api_schema.rb"
+    - 'app/json_schemas/json_api_schema.rb'
     - 'app/models/spree/ability.rb'
     - 'app/models/spree/gateway/pay_pal_express.rb'
     - 'app/models/spree/order/checkout.rb'
     - 'app/models/spree/payment/processing.rb'
     - 'app/models/spree/preferences/preferable_class_methods.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
-    - 'engines/order_management/app/services/order_management/reports/enterprise_fee_summary/scope.rb'
     - 'lib/discourse/single_sign_on.rb'
     - 'lib/open_food_network/order_cycle_form_applicator.rb'
-    - 'lib/open_food_network/order_cycle_management_report.rb'
+    - 'lib/reporting/reports/bulk_coop/bulk_coop_report.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
+    - 'lib/reporting/reports/order_cycle_management/order_cycle_management_report.rb'
     - 'lib/open_food_network/order_cycle_permissions.rb'
-    - 'lib/open_food_network/payments_report.rb'
-    - 'lib/open_food_network/xero_invoices_report.rb'
+    - 'lib/reporting/reports/payments/payments_report.rb'
+    - 'lib/reporting/reports/xero_invoices/base.rb'
     - 'lib/tasks/sample_data/product_factory.rb'
 
-# Offense count: 51
+# Offense count: 54
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ModuleLength:
   Exclude:
@@ -630,17 +632,20 @@ Metrics/ModuleLength:
     - 'spec/controllers/spree/admin/adjustments_controller_spec.rb'
     - 'spec/controllers/spree/admin/payment_methods_controller_spec.rb'
     - 'spec/lib/open_food_network/address_finder_spec.rb'
-    - 'spec/lib/open_food_network/customers_report_spec.rb'
     - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
-    - 'spec/lib/open_food_network/order_cycle_management_report_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_permissions_spec.rb'
-    - 'spec/lib/open_food_network/order_grouper_spec.rb'
     - 'spec/lib/open_food_network/permissions_spec.rb'
-    - 'spec/lib/open_food_network/products_and_inventory_report_spec.rb'
     - 'spec/lib/open_food_network/scope_variant_to_hub_spec.rb'
     - 'spec/lib/open_food_network/tag_rule_applicator_spec.rb'
-    - 'spec/lib/open_food_network/users_and_enterprises_report_spec.rb'
+    - 'spec/lib/reports/customers_report_spec.rb'
+    - 'spec/lib/reports/enterprise_fee_summary/authorizer_spec.rb'
+    - 'spec/lib/reports/order_cycle_management_report_spec.rb'
+    - 'spec/lib/reports/order_grouper_spec.rb'
+    - 'spec/lib/reports/orders_and_fulfillment/customer_totals_report_spec.rb'
+    - 'spec/lib/reports/orders_and_fulfillment/orders_and_fulfillment_report_spec.rb'
+    - 'spec/lib/reports/products_and_inventory_report_spec.rb'
+    - 'spec/lib/reports/users_and_enterprises_report_spec.rb'
     - 'spec/models/spree/adjustment_spec.rb'
     - 'spec/models/spree/credit_card_spec.rb'
     - 'spec/models/spree/line_item_spec.rb'
@@ -661,11 +666,11 @@ Metrics/ParameterLists:
   Exclude:
     - 'app/helpers/angular_form_builder.rb'
     - 'app/models/product_import/entry_processor.rb'
-    - 'lib/open_food_network/xero_invoices_report.rb'
+    - 'lib/reporting/reports/xero_invoices/base.rb'
     - 'spec/support/controller_requests_helper.rb'
     - 'spec/system/admin/reports_spec.rb'
 
-# Offense count: 8
+# Offense count: 7
 # Configuration parameters: IgnoredMethods, Max.
 Metrics/PerceivedComplexity:
   Exclude:
@@ -674,9 +679,8 @@ Metrics/PerceivedComplexity:
     - 'app/models/enterprise_relationship.rb'
     - 'app/models/spree/ability.rb'
     - 'app/models/spree/order/checkout.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
-    - 'lib/open_food_network/group_buy_report.rb'
-    - 'lib/open_food_network/payments_report.rb'
+    - 'lib/reporting/reports/bulk_coop/bulk_coop_report.rb'
+    - 'lib/reporting/reports/payments/payments_report.rb'
 
 # Offense count: 9
 Naming/AccessorMethodName:
@@ -721,7 +725,7 @@ Naming/VariableNumber:
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/models/content_configuration.rb'
     - 'app/models/preference_sections/main_links_section.rb'
-    - 'lib/open_food_network/orders_and_fulfillments_report/customer_totals_report.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/customer_totals_report.rb'
     - 'lib/spree/core/controller_helpers/common.rb'
     - 'spec/controllers/spree/admin/search_controller_spec.rb'
     - 'spec/factories/stock_location_factory.rb'
@@ -900,7 +904,7 @@ Rails/LexicallyScopedActionFilter:
     - 'app/controllers/spree/admin/zones_controller.rb'
     - 'app/controllers/spree/users_controller.rb'
 
-# Offense count: 18
+# Offense count: 19
 Rails/OutputSafety:
   Exclude:
     - 'app/controllers/spree/admin/reports_controller.rb'
@@ -1097,9 +1101,9 @@ Style/MissingRespondToMissing:
 # Offense count: 1
 Style/MixinUsage:
   Exclude:
-    - 'lib/open_food_network/orders_and_fulfillments_report.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/orders_and_fulfillment_report.rb'
 
-# Offense count: 2
+# Offense count: 3
 # Cop supports --auto-correct.
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: literals, strict
@@ -1123,7 +1127,7 @@ Style/NestedModifier:
     - 'spec/system/admin/payments_stripe_spec.rb'
     - 'spec/system/admin/reports_spec.rb'
 
-# Offense count: 25
+# Offense count: 26
 # Configuration parameters: AllowedMethods.
 # AllowedMethods: respond_to_missing?
 Style/OptionalBooleanParameter:
@@ -1137,16 +1141,7 @@ Style/OptionalBooleanParameter:
     - 'app/models/spree/order_contents.rb'
     - 'app/models/spree/preferences/file_configuration.rb'
     - 'app/models/spree/shipment.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
     - 'engines/order_management/app/services/order_management/stock/estimator.rb'
-    - 'lib/open_food_network/customers_report.rb'
-    - 'lib/open_food_network/order_and_distributor_report.rb'
-    - 'lib/open_food_network/order_cycle_management_report.rb'
-    - 'lib/open_food_network/orders_and_fulfillments_report.rb'
-    - 'lib/open_food_network/payments_report.rb'
-    - 'lib/open_food_network/products_and_inventory_report_base.rb'
-    - 'lib/open_food_network/users_and_enterprises_report.rb'
-    - 'lib/open_food_network/xero_invoices_report.rb'
     - 'lib/spree/core/controller_helpers/order.rb'
     - 'lib/spree/core/delegate_belongs_to.rb'
     - 'spec/support/request/web_helper.rb'
@@ -1166,11 +1161,10 @@ Style/RedundantReturn:
   Exclude:
     - 'app/controllers/spree/admin/shipping_methods_controller.rb'
 
-# Offense count: 213
+# Offense count: 205
 Style/Send:
   Exclude:
     - 'app/controllers/split_checkout_controller.rb'
-    - 'engines/order_management/spec/services/order_management/reports/bulk_coop/bulk_coop_report_spec.rb'
     - 'spec/controllers/admin/subscriptions_controller_spec.rb'
     - 'spec/controllers/checkout_controller_spec.rb'
     - 'spec/controllers/payment_gateways/paypal_controller_spec.rb'
@@ -1182,13 +1176,10 @@ Style/Send:
     - 'spec/lib/open_food_network/address_finder_spec.rb'
     - 'spec/lib/open_food_network/enterprise_fee_applicator_spec.rb'
     - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
-    - 'spec/lib/open_food_network/lettuce_share_report_spec.rb'
     - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
     - 'spec/lib/open_food_network/permissions_spec.rb'
-    - 'spec/lib/open_food_network/products_and_inventory_report_spec.rb'
-    - 'spec/lib/open_food_network/sales_tax_report_spec.rb'
     - 'spec/lib/open_food_network/tag_rule_applicator_spec.rb'
-    - 'spec/lib/open_food_network/xero_invoices_report_spec.rb'
+    - 'spec/lib/reports/xero_invoices_report_spec.rb'
     - 'spec/lib/stripe/webhook_handler_spec.rb'
     - 'spec/models/calculator/weight_spec.rb'
     - 'spec/models/enterprise_spec.rb'
@@ -1213,7 +1204,7 @@ Style/SingleArgumentDig:
   Exclude:
     - 'app/services/checkout/form_data_adapter.rb'
 
-# Offense count: 5
+# Offense count: 4
 # Cop supports --auto-correct.
 Style/SlicingWithRange:
   Exclude:
@@ -1221,9 +1212,8 @@ Style/SlicingWithRange:
     - 'app/services/embedded_page_service.rb'
     - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'
     - 'lib/discourse/single_sign_on.rb'
-    - 'spec/lib/open_food_network/order_grouper_spec.rb'
 
-# Offense count: 31
+# Offense count: 28
 # Cop supports --auto-correct.
 # Configuration parameters: Mode.
 Style/StringConcatenation:
@@ -1240,11 +1230,8 @@ Style/StringConcatenation:
     - 'app/serializers/api/enterprise_shopfront_list_serializer.rb'
     - 'app/services/embedded_page_service.rb'
     - 'app/services/products_renderer.rb'
-    - 'engines/order_management/app/services/order_management/reports/bulk_coop/bulk_coop_report.rb'
-    - 'lib/open_food_network/orders_and_fulfillments_report/customer_totals_report.rb'
     - 'lib/spree/api/controller_setup.rb'
     - 'lib/spree/core/environment_extension.rb'
-    - 'spec/lib/open_food_network/order_grouper_spec.rb'
     - 'spec/models/spree/line_item_spec.rb'
     - 'spec/models/spree/product_spec.rb'
     - 'spec/models/spree/variant_spec.rb'

Dockerfile

@@ -23,7 +23,9 @@ RUN apt-get update && apt-get install -y \
   imagemagick \
   unzip \
   libjemalloc-dev \
-  libssl-dev
+  libssl-dev \
+  ca-certificates \
+  gnupg
 
 # Setup ENV variables
 ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:$PATH
@@ -40,14 +42,13 @@ RUN git clone --depth 1 https://github.com/rbenv/rbenv.git ${RBENV_ROOT} && \
     git clone --depth 1 https://github.com/rbenv/ruby-build.git ${RBENV_ROOT}/plugins/ruby-build && \
     echo 'eval "$(rbenv init -)"' >> /etc/profile.d/rbenv.sh && \
     RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install $(cat .ruby-version) && \
-    rbenv global $(cat .ruby-version) && \
-    gem install bundler --version=1.17.3
+    rbenv global $(cat .ruby-version)
 
 # Install Postgres
-RUN sh -c "echo 'deb https://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main' > /etc/apt/sources.list.d/pgdg.list" && \
-    wget --quiet -O - https://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - && \
+RUN sh -c "echo 'deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main' >> /etc/apt/sources.list.d/pgdg.list" && \
+    curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null && \
     apt-get update && \
-    apt-get install -yqq --no-install-recommends postgresql-client-9.5 libpq-dev
+    apt-get install -yqq --no-install-recommends postgresql-client-10 libpq-dev
 
 # Install NodeJs and yarn
 RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \
@@ -68,6 +69,9 @@ RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.z
 # Copy code and install app dependencies
 COPY . /usr/src/app/
 
+# Install Bundler
+RUN ./script/install-bundler
+
 # Install front-end dependencies
 RUN yarn install
 

Gemfile

@@ -8,6 +8,11 @@ gem 'dotenv-rails', require: 'dotenv/rails-now' # Load ENV vars before other gem
 
 gem 'rails', '>= 6.1.4'
 
+# Active Storage
+gem "active_storage_validations"
+gem "aws-sdk-s3", require: false
+gem "image_processing"
+
 gem 'activemerchant', '>= 1.78.0'
 gem 'rexml'
 gem 'angular-rails-templates', '>= 0.3.0'
@@ -24,6 +29,7 @@ gem 'rails_safe_tasks', '~> 1.0'
 gem "activerecord-import"
 gem "db2fog", github: "openfoodfoundation/db2fog", branch: "rails-6"
 gem "fog-aws", "~> 2.0" # db2fog does not support v3
+gem "mime-types" # required by fog
 
 gem "valid_email2"
 
@@ -64,7 +70,6 @@ gem 'rswag-api'
 gem 'rswag-ui'
 
 gem 'angularjs-rails', '1.8.0'
-gem 'aws-sdk', '1.67.0'
 gem 'bugsnag'
 gem 'haml'
 gem 'redcarpet'
@@ -81,7 +86,6 @@ gem 'bootsnap', require: false
 gem 'geocoder'
 gem 'gmaps4rails'
 gem 'mimemagic', '> 0.3.5'
-gem 'paperclip', '~> 3.4.1'
 gem 'paper_trail', '~> 12.1.0'
 gem 'rack-rewrite'
 gem 'rack-ssl', require: 'rack/ssl'
@@ -100,7 +104,7 @@ gem 'wicked_pdf'
 gem 'wkhtmltopdf-binary'
 
 gem 'immigrant'
-gem 'roo', github: "roo-rb/roo" # master is currently needed for Ruby 3.x (awaiting new release)
+gem 'roo'
 gem 'spreadsheet_architect'
 
 gem 'whenever', require: false

Gemfile.lock

@@ -24,14 +24,6 @@ GIT
       sass-rails
       thor (>= 0.14)
 
-GIT
-  remote: https://github.com/roo-rb/roo.git
-  revision: 709464c77623be2bc09b2103405d90ded7604a75
-  specs:
-    roo (2.8.3)
-      nokogiri (~> 1)
-      rubyzip (>= 1.3.0, < 3.0.0)
-
 PATH
   remote: engines/catalog
   specs:
@@ -59,62 +51,67 @@ GEM
   remote: https://rubygems.org/
   specs:
     Ascii85 (1.1.0)
-    actioncable (6.1.4.4)
-      actionpack (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    actioncable (6.1.6.1)
+      actionpack (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.4.4)
-      actionpack (= 6.1.4.4)
-      activejob (= 6.1.4.4)
-      activerecord (= 6.1.4.4)
-      activestorage (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    actionmailbox (6.1.6.1)
+      actionpack (= 6.1.6.1)
+      activejob (= 6.1.6.1)
+      activerecord (= 6.1.6.1)
+      activestorage (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       mail (>= 2.7.1)
-    actionmailer (6.1.4.4)
-      actionpack (= 6.1.4.4)
-      actionview (= 6.1.4.4)
-      activejob (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    actionmailer (6.1.6.1)
+      actionpack (= 6.1.6.1)
+      actionview (= 6.1.6.1)
+      activejob (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.4.4)
-      actionview (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    actionpack (6.1.6.1)
+      actionview (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
     actionpack-action_caching (1.2.2)
       actionpack (>= 4.0.0)
-    actiontext (6.1.4.4)
-      actionpack (= 6.1.4.4)
-      activerecord (= 6.1.4.4)
-      activestorage (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    actiontext (6.1.6.1)
+      actionpack (= 6.1.6.1)
+      activerecord (= 6.1.6.1)
+      activestorage (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       nokogiri (>= 1.8.5)
-    actionview (6.1.4.4)
-      activesupport (= 6.1.4.4)
+    actionview (6.1.6.1)
+      activesupport (= 6.1.6.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    activejob (6.1.4.4)
-      activesupport (= 6.1.4.4)
+    active_storage_validations (0.9.8)
+      activejob (>= 5.2.0)
+      activemodel (>= 5.2.0)
+      activestorage (>= 5.2.0)
+      activesupport (>= 5.2.0)
+    activejob (6.1.6.1)
+      activesupport (= 6.1.6.1)
       globalid (>= 0.3.6)
     activemerchant (1.123.0)
       activesupport (>= 4.2)
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
       nokogiri (~> 1.4)
-    activemodel (6.1.4.4)
-      activesupport (= 6.1.4.4)
-    activerecord (6.1.4.4)
-      activemodel (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
-    activerecord-import (1.3.0)
+    activemodel (6.1.6.1)
+      activesupport (= 6.1.6.1)
+    activerecord (6.1.6.1)
+      activemodel (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
+    activerecord-import (1.4.0)
       activerecord (>= 4.2)
     activerecord-postgresql-adapter (0.0.1)
       pg
@@ -124,14 +121,14 @@ GEM
       multi_json (~> 1.11, >= 1.11.2)
       rack (>= 2.0.8, < 3)
       railties (>= 5.2.4.1)
-    activestorage (6.1.4.4)
-      actionpack (= 6.1.4.4)
-      activejob (= 6.1.4.4)
-      activerecord (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
-      marcel (~> 1.0.0)
+    activestorage (6.1.6.1)
+      actionpack (= 6.1.6.1)
+      activejob (= 6.1.6.1)
+      activerecord (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
+      marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.4.4)
+    activesupport (6.1.6.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -152,29 +149,40 @@ GEM
       railties (>= 3, < 7)
     angularjs-file-upload-rails (2.4.1)
     angularjs-rails (1.8.0)
-    arel-helpers (2.12.1)
-      activerecord (>= 3.1.0, < 7)
+    arel-helpers (2.14.0)
+      activerecord (>= 3.1.0, < 8)
     ast (2.4.2)
-    awesome_nested_set (3.4.0)
-      activerecord (>= 4.0.0, < 7.0)
+    awesome_nested_set (3.5.0)
+      activerecord (>= 4.0.0, < 7.1)
     awesome_print (1.9.2)
-    aws-sdk (1.67.0)
-      aws-sdk-v1 (= 1.67.0)
-    aws-sdk-v1 (1.67.0)
-      json (~> 1.4)
-      nokogiri (~> 1)
+    aws-eventstream (1.2.0)
+    aws-partitions (1.601.0)
+    aws-sdk-core (3.131.2)
+      aws-eventstream (~> 1, >= 1.0.2)
+      aws-partitions (~> 1, >= 1.525.0)
+      aws-sigv4 (~> 1.1)
+      jmespath (~> 1, >= 1.6.1)
+    aws-sdk-kms (1.57.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3 (1.114.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sdk-kms (~> 1)
+      aws-sigv4 (~> 1.4)
+    aws-sigv4 (1.5.0)
+      aws-eventstream (~> 1, >= 1.0.2)
     axlsx_styler (1.1.0)
       activesupport (>= 3.1)
       caxlsx (>= 2.0.2)
-    bcrypt (3.1.16)
+    bcrypt (3.1.18)
     bigdecimal (3.0.2)
     bindex (0.8.1)
-    bootsnap (1.10.1)
+    bootsnap (1.12.0)
       msgpack (~> 1.2)
-    bugsnag (6.24.1)
+    bugsnag (6.24.2)
       concurrent-ruby (~> 1.0)
     builder (3.2.4)
-    bullet (6.1.5)
+    bullet (7.0.2)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     byebug (11.1.3)
@@ -182,7 +190,7 @@ GEM
       rails (>= 5.2)
       thread-local (>= 1.1.0)
     cancancan (1.15.0)
-    capybara (3.36.0)
+    capybara (3.37.1)
       addressable
       matrix
       mini_mime (>= 0.1.3)
@@ -198,10 +206,7 @@ GEM
       rubyzip (>= 1.3.0, < 3)
     childprocess (4.1.0)
     chronic (0.10.2)
-    climate_control (0.2.0)
     cliver (0.3.2)
-    cocaine (0.5.8)
-      climate_control (>= 0.0.3, < 1.0)
     coderay (1.1.3)
     coffee-rails (5.0.0)
       coffee-script (>= 2.2.0)
@@ -210,14 +215,15 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    combine_pdf (1.0.21)
+    combine_pdf (1.0.22)
+      matrix
       ruby-rc4 (>= 0.1.5)
-    concurrent-ruby (1.1.9)
+    concurrent-ruby (1.1.10)
     connection_pool (2.2.5)
     crack (0.4.5)
       rexml
     crass (1.0.6)
-    css_parser (1.9.0)
+    css_parser (1.11.0)
       addressable
     cuprite (0.13)
       capybara (>= 2.1, < 4)
@@ -233,7 +239,7 @@ GEM
       msgpack
     debase-ruby_core_source (0.10.12)
     debugger-linecache (1.2.0)
-    devise (4.8.0)
+    devise (4.8.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -241,7 +247,7 @@ GEM
       warden (~> 1.2.3)
     devise-encryptable (0.2.0)
       devise (>= 2.1.0)
-    devise-i18n (1.10.0)
+    devise-i18n (1.10.2)
       devise (>= 4.8.0)
     devise-token_authenticatable (1.1.0)
       devise (>= 4.0.0, < 5.0.0)
@@ -253,9 +259,8 @@ GEM
       dotenv (= 2.7.6)
       railties (>= 3.2)
     dry-inflector (0.2.1)
-    e2mmap (0.1.0)
     erubi (1.10.0)
-    et-orbi (1.2.4)
+    et-orbi (1.2.7)
       tzinfo
     excon (0.81.0)
     execjs (2.7.0)
@@ -264,21 +269,16 @@ GEM
     factory_bot_rails (6.2.0)
       factory_bot (~> 6.2.0)
       railties (>= 5.0.0)
-    faraday (1.4.1)
-      faraday-excon (~> 1.1)
-      faraday-net_http (~> 1.0)
-      faraday-net_http_persistent (~> 1.1)
-      multipart-post (>= 1.2, < 3)
+    faraday (2.3.0)
+      faraday-net_http (~> 2.0)
       ruby2_keywords (>= 0.0.4)
-    faraday-excon (1.1.0)
-    faraday-net_http (1.0.1)
-    faraday-net_http_persistent (1.1.0)
+    faraday-net_http (2.0.3)
     ferrum (0.11)
       addressable (~> 2.5)
       cliver (~> 0.3)
       concurrent-ruby (~> 1.1)
       websocket-driver (>= 0.6, < 0.8)
-    ffaker (2.20.0)
+    ffaker (2.21.0)
     ffi (1.15.5)
     flipper (0.20.4)
     flipper-active_record (0.20.4)
@@ -306,17 +306,17 @@ GEM
       nokogiri (>= 1.5.11, < 2.0.0)
     foreman (0.87.2)
     formatador (0.2.5)
-    fugit (1.4.5)
-      et-orbi (~> 1.1, >= 1.1.8)
+    fugit (1.5.3)
+      et-orbi (~> 1, >= 1.2.7)
       raabro (~> 1.4)
     fuubar (2.5.1)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
-    geocoder (1.7.0)
+    geocoder (1.8.0)
     globalid (1.0.0)
       activesupport (>= 5.0)
     gmaps4rails (2.1.2)
-    good_migrations (0.1.0)
+    good_migrations (0.2.1)
       activerecord (>= 3.1)
       railties (>= 3.1)
     haml (5.2.2)
@@ -327,20 +327,24 @@ GEM
     highline (2.0.3)
     hiredis (0.6.3)
     htmlentities (4.3.4)
-    i18n (1.8.10)
+    i18n (1.12.0)
       concurrent-ruby (~> 1.0)
-    i18n-js (3.9.0)
+    i18n-js (3.9.2)
       i18n (>= 0.6.6)
+    image_processing (1.12.2)
+      mini_magick (>= 4.9.5, < 5)
+      ruby-vips (>= 2.0.17, < 3)
     immigrant (0.3.6)
       activerecord (>= 3.0)
     ipaddress (0.8.3)
+    jmespath (1.6.1)
     jquery-rails (4.4.0)
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
     jquery-ui-rails (4.2.1)
       railties (>= 3.2.16)
-    json (2.6.1)
+    json (2.6.2)
     json-schema (2.8.1)
       addressable (>= 2.4)
     json_spec (1.1.5)
@@ -348,18 +352,18 @@ GEM
       rspec (>= 2.0, < 4.0)
     jsonapi-serializer (2.2.0)
       activesupport (>= 4.2)
-    jwt (2.3.0)
+    jwt (2.4.1)
     knapsack (4.0.0)
       rake
     launchy (2.5.0)
       addressable (~> 2.7)
-    letter_opener (1.7.0)
-      launchy (~> 2.2)
+    letter_opener (1.8.1)
+      launchy (>= 2.2, < 3)
     libv8-node (15.14.0.1)
     listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.13.0)
+    loofah (2.18.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -367,31 +371,31 @@ GEM
     marcel (1.0.2)
     matrix (0.4.2)
     method_source (1.0.0)
-    mime-types (3.3.1)
+    mime-types (3.4.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2021.0225)
     mimemagic (0.4.3)
       nokogiri (~> 1)
       rake
+    mini_magick (4.11.0)
     mini_mime (1.1.2)
     mini_portile2 (2.8.0)
     mini_racer (0.4.0)
       libv8-node (~> 15.14.0.0)
-    minitest (5.15.0)
+    minitest (5.16.2)
     monetize (1.12.0)
       money (~> 6.12)
     money (6.16.0)
       i18n (>= 0.6.4, <= 2)
-    msgpack (1.4.2)
+    msgpack (1.5.4)
     multi_json (1.15.0)
     multi_xml (0.6.0)
-    multipart-post (2.1.1)
     nio4r (2.5.8)
-    nokogiri (1.13.3)
+    nokogiri (1.13.8)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
-    oauth2 (1.4.7)
-      faraday (>= 0.8, < 2.0)
+    oauth2 (1.4.10)
+      faraday (>= 0.17.3, < 3.0)
       jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
@@ -401,16 +405,10 @@ GEM
     paper_trail (12.1.0)
       activerecord (>= 5.2)
       request_store (~> 1.1)
-    paperclip (3.4.2)
-      activemodel (>= 3.0.0)
-      activerecord (>= 3.0.0)
-      activesupport (>= 3.0.0)
-      cocaine (~> 0.5.0)
-      mime-types
-    parallel (1.21.0)
-    paranoia (2.4.3)
-      activerecord (>= 4.0, < 6.2)
-    parser (3.1.0.0)
+    parallel (1.22.1)
+    paranoia (2.6.0)
+      activerecord (>= 5.1, < 7.1)
+    parser (3.1.2.0)
       ast (~> 2.4.1)
     paypal-sdk-core (0.3.4)
       multi_json (~> 1.0)
@@ -431,13 +429,13 @@ GEM
     pry-byebug (3.9.0)
       byebug (~> 11.0)
       pry (~> 0.13.0)
-    public_suffix (4.0.6)
-    puma (5.6.2)
+    public_suffix (4.0.7)
+    puma (5.6.4)
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.6.0)
-    rack (2.2.3)
-    rack-mini-profiler (2.3.3)
+    rack (2.2.4)
+    rack-mini-profiler (2.3.4)
       rack (>= 1.2.0)
     rack-protection (2.1.0)
       rack
@@ -446,23 +444,23 @@ GEM
     rack-rewrite (1.5.1)
     rack-ssl (1.4.1)
       rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rack-timeout (0.6.0)
-    rails (6.1.4.4)
-      actioncable (= 6.1.4.4)
-      actionmailbox (= 6.1.4.4)
-      actionmailer (= 6.1.4.4)
-      actionpack (= 6.1.4.4)
-      actiontext (= 6.1.4.4)
-      actionview (= 6.1.4.4)
-      activejob (= 6.1.4.4)
-      activemodel (= 6.1.4.4)
-      activerecord (= 6.1.4.4)
-      activestorage (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    rack-test (2.0.2)
+      rack (>= 1.3)
+    rack-timeout (0.6.3)
+    rails (6.1.6.1)
+      actioncable (= 6.1.6.1)
+      actionmailbox (= 6.1.6.1)
+      actionmailer (= 6.1.6.1)
+      actionpack (= 6.1.6.1)
+      actiontext (= 6.1.6.1)
+      actionview (= 6.1.6.1)
+      activejob (= 6.1.6.1)
+      activemodel (= 6.1.6.1)
+      activerecord (= 6.1.6.1)
+      activestorage (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       bundler (>= 1.15.0)
-      railties (= 6.1.4.4)
+      railties (= 6.1.6.1)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
@@ -471,17 +469,17 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.4.2)
+    rails-html-sanitizer (1.4.3)
       loofah (~> 2.3)
-    rails-i18n (7.0.1)
+    rails-i18n (7.0.5)
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 8)
     rails_safe_tasks (1.0.0)
-    railties (6.1.4.4)
-      actionpack (= 6.1.4.4)
-      activesupport (= 6.1.4.4)
+    railties (6.1.6.1)
+      actionpack (= 6.1.6.1)
+      activesupport (= 6.1.6.1)
       method_source
-      rake (>= 0.13)
+      rake (>= 12.2)
       thor (~> 1.0)
     rainbow (3.1.1)
     rake (13.0.6)
@@ -493,24 +491,27 @@ GEM
     rb-inotify (0.10.1)
       ffi (~> 1.0)
     redcarpet (3.5.1)
-    redis (4.5.1)
-    regexp_parser (2.2.0)
+    redis (4.7.1)
+    regexp_parser (2.5.0)
     request_store (1.5.0)
       rack (>= 1.4)
     responders (3.0.1)
       actionpack (>= 5.0)
       railties (>= 5.0)
     rexml (3.2.5)
-    roadie (4.0.0)
+    roadie (5.0.1)
       css_parser (~> 1.4)
       nokogiri (~> 1.8)
-    roadie-rails (2.2.0)
-      railties (>= 5.1, < 6.2)
-      roadie (>= 3.1, < 5.0)
+    roadie-rails (3.0.0)
+      railties (>= 5.1, < 7.1)
+      roadie (~> 5.0)
     rodf (1.1.1)
       builder (>= 3.0)
       dry-inflector (~> 0.1)
       rubyzip (>= 1.0)
+    roo (2.9.0)
+      nokogiri (~> 1)
+      rubyzip (>= 1.3.0, < 3.0.0)
     rspec (3.10.0)
       rspec-core (~> 3.10.0)
       rspec-expectations (~> 3.10.0)
@@ -534,35 +535,38 @@ GEM
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
     rspec-support (3.10.2)
-    rswag-api (2.4.0)
-      railties (>= 3.1, < 7.0)
-    rswag-specs (2.4.0)
-      activesupport (>= 3.1, < 7.0)
+    rswag-api (2.5.1)
+      railties (>= 3.1, < 7.1)
+    rswag-specs (2.5.1)
+      activesupport (>= 3.1, < 7.1)
       json-schema (~> 2.2)
-      railties (>= 3.1, < 7.0)
-    rswag-ui (2.4.0)
-      actionpack (>= 3.1, < 7.0)
-      railties (>= 3.1, < 7.0)
-    rubocop (1.22.2)
+      railties (>= 3.1, < 7.1)
+    rswag-ui (2.5.1)
+      actionpack (>= 3.1, < 7.1)
+      railties (>= 3.1, < 7.1)
+    rubocop (1.32.0)
+      json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.0.0.0)
+      parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.12.0, < 2.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.19.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.1)
-      parser (>= 3.0.1.1)
-    rubocop-rails (2.13.2)
+    rubocop-ast (1.19.1)
+      parser (>= 3.1.1.0)
+    rubocop-rails (2.15.2)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.7.0, < 2.0)
     ruby-progressbar (1.11.0)
     ruby-rc4 (0.1.5)
-    ruby2_keywords (0.0.4)
+    ruby-vips (2.1.4)
+      ffi (~> 1.12)
+    ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
-    rufus-scheduler (3.7.0)
+    rufus-scheduler (3.8.1)
       fugit (~> 1.1, >= 1.1.6)
     sass (3.4.25)
     sass-rails (5.0.8)
@@ -572,23 +576,22 @@ GEM
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
     sd_notify (0.1.1)
-    selenium-webdriver (4.0.3)
+    selenium-webdriver (4.3.0)
       childprocess (>= 0.5, < 5.0)
       rexml (~> 3.2, >= 3.2.5)
-      rubyzip (>= 1.2.2)
+      rubyzip (>= 1.2.2, < 3.0)
+      websocket (~> 1.0)
     semantic_range (3.0.0)
-    shoulda-matchers (5.0.0)
+    shoulda-matchers (5.1.0)
       activesupport (>= 5.2.0)
-    sidekiq (6.3.1)
+    sidekiq (6.5.1)
       connection_pool (>= 2.2.2)
       rack (~> 2.0)
       redis (>= 4.2.0)
-    sidekiq-scheduler (3.1.0)
-      e2mmap
-      redis (>= 3, < 5)
+    sidekiq-scheduler (4.0.2)
+      redis (>= 4.2.0)
       rufus-scheduler (~> 3.2)
-      sidekiq (>= 3)
-      thwait
+      sidekiq (>= 4)
       tilt (>= 1.4.0)
     simplecov (0.21.2)
       docile (~> 1.1)
@@ -600,7 +603,7 @@ GEM
       axlsx_styler (>= 1.0.0, < 2)
       caxlsx (>= 2.0.2, < 4)
       rodf (>= 1.0.0, < 2)
-    spring (3.0.0)
+    spring (4.0.0)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
     sprockets (3.7.2)
@@ -620,33 +623,31 @@ GEM
     stringex (2.8.5)
     stripe (5.42.0)
     temple (0.8.2)
-    test-prof (1.0.7)
-    test-unit (3.5.0)
+    test-prof (1.0.9)
+    test-unit (3.5.3)
       power_assert
     thor (1.2.1)
     thread-local (1.1.0)
-    thwait (0.2.0)
-      e2mmap
     tilt (2.0.10)
-    timecop (0.9.4)
+    timecop (0.9.5)
     ttfunk (1.7.0)
-    tzinfo (2.0.4)
+    tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
     uglifier (4.2.0)
       execjs (>= 0.3.0, < 3)
-    unicode-display_width (2.1.0)
-    uniform_notifier (1.14.2)
-    valid_email2 (4.0.0)
+    unicode-display_width (2.2.0)
+    uniform_notifier (1.16.0)
+    valid_email2 (4.0.3)
       activemodel (>= 3.2)
       mail (~> 2.5)
-    view_component (2.41.0)
+    view_component (2.62.0)
       activesupport (>= 5.0.0, < 8.0)
       method_source (~> 1.0)
-    view_component_storybook (0.10.1)
+    view_component_storybook (0.11.1)
       view_component (>= 2.36)
     warden (1.2.9)
       rack (>= 2.0.9)
-    web-console (4.1.0)
+    web-console (4.2.0)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
       bindex (>= 0.4.0)
@@ -664,18 +665,19 @@ GEM
       rack-proxy (>= 0.6.1)
       railties (>= 5.2)
       semantic_range (>= 2.3.0)
+    websocket (1.2.9)
     websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
     whenever (1.0.0)
       chronic (>= 0.6.3)
-    wicked_pdf (2.1.0)
+    wicked_pdf (2.6.3)
       activesupport
     wkhtmltopdf-binary (0.12.6.5)
     xml-simple (1.1.8)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.5.3)
+    zeitwerk (2.6.0)
 
 PLATFORMS
   ruby
@@ -683,6 +685,7 @@ PLATFORMS
 DEPENDENCIES
   actionpack-action_caching
   active_model_serializers (= 0.8.4)
+  active_storage_validations
   activemerchant (>= 1.78.0)
   activerecord-import
   activerecord-postgresql-adapter
@@ -696,7 +699,7 @@ DEPENDENCIES
   arel-helpers (~> 2.12)
   awesome_nested_set
   awesome_print
-  aws-sdk (= 1.67.0)
+  aws-sdk-s3
   bigdecimal (= 3.0.2)
   bootsnap
   bugsnag
@@ -736,6 +739,7 @@ DEPENDENCIES
   hiredis
   i18n
   i18n-js (~> 3.9.0)
+  image_processing
   immigrant
   jquery-rails (= 4.4.0)
   jquery-ui-rails (~> 4.2)
@@ -746,6 +750,7 @@ DEPENDENCIES
   knapsack
   letter_opener (>= 1.4.1)
   listen
+  mime-types
   mimemagic (> 0.3.5)
   mini_racer (= 0.4.0)
   monetize (~> 1.11)
@@ -754,7 +759,6 @@ DEPENDENCIES
   order_management!
   pagy (~> 5.1)
   paper_trail (~> 12.1.0)
-  paperclip (~> 3.4.1)
   paranoia (~> 2.4)
   paypal-sdk-merchant (= 1.117.2)
   pdf-reader
@@ -776,7 +780,7 @@ DEPENDENCIES
   responders
   rexml
   roadie-rails
-  roo!
+  roo
   rspec-rails (>= 3.5.2)
   rspec-retry
   rswag-api

app/assets/javascripts/admin/directives/select2_no_search.js.coffee

@@ -1,6 +0,0 @@
-angular.module("ofn.admin").directive "select2NoSearch", ($timeout) ->
-  restrict: 'CA'
-  link: (scope, element, attrs) ->
-    $timeout ->
-      element.select2
-        minimumResultsForSearch: Infinity

app/assets/javascripts/admin/dropdown/directives/dropdown.js.coffee

@@ -10,6 +10,7 @@
           scope.$emit "offClick"
 
     element.click (event) ->
+      return if event.target.closest(".ofn-drop-down").classList.contains "disabled" || event.target.classList.contains "disabled" 
       if !scope.expanded
         event.stopPropagation()
         scope.deregistrationCallback = scope.$on "offClick", ->

app/assets/javascripts/admin/enterprise_fees/directives/ensure_calculator_preferences_match_type.js.coffee

@@ -9,9 +9,9 @@ angular.module("admin.enterpriseFees").directive 'spreeEnsureCalculatorPreferenc
       settings = element.parent().parent().find('div.calculator-settings')
       if value == orig_calculator_type
         settings.show()
-        settings.find('input').prop 'disabled', false
+        settings.find('input, select').prop 'disabled', false
       else
         settings.hide()
-        settings.find('input').prop 'disabled', true
+        settings.find('input, select').prop 'disabled', true
       return
     return

app/assets/javascripts/admin/enterprises/controllers/side_menu_controller.js.coffee

@@ -16,6 +16,7 @@ angular.module("admin.enterprises")
       { name: 'shipping_methods', label: t('shipping_methods'), icon_class: "icon-truck", show: "showShippingMethods()" }
       { name: 'payment_methods', label: t('payment_methods'), icon_class: "icon-money", show: "showPaymentMethods()" }
       { name: 'enterprise_fees', label: t('enterprise_fees'), icon_class: "icon-tasks", show: "showEnterpriseFees()" }
+      { name: 'enterprise_permissions', label: t('enterprise_permissions'), icon_class: "icon-plug" }
       { name: 'inventory_settings', label: t('inventory_settings'), icon_class: "icon-list-ol", show: "enterpriseIsShop()" }
       { name: 'tag_rules', label: t('tag_rules'), icon_class: "icon-random", show: "enterpriseIsShop()" }
       { name: 'shop_preferences', label: t('shop_preferences'), icon_class: "icon-shopping-cart", show: "enterpriseIsShop()" }
@@ -44,3 +45,5 @@ angular.module("admin.enterprises")
 
     $scope.enterpriseIsShop = ->
       $scope.Enterprise.sells != "none"
+
+    $scope.menu.redirect_function('enterprise_permissions', '/admin/enterprise_relationships')

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -104,15 +104,21 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     else
       StatusMessage.display 'failure', t "unsaved_changes_error"
 
-  $scope.cancelOrder = (order) ->
+  $scope.cancelOrder = (order, sendEmailCancellation) ->
     return $http(
       method: 'GET'
-      url: "/admin/orders/#{order.number}/fire?e=cancel")
+      url: "/admin/orders/#{order.number}/fire?e=cancel&send_cancellation_email=#{sendEmailCancellation}")
   
   $scope.deleteLineItem = (lineItem) ->
     if lineItem.order.item_count == 1
-      if confirm(t('js.admin.deleting_item_will_cancel_order'))
-        $scope.cancelOrder(lineItem.order).then(-> $scope.refreshData())
+      ofnCancelOrderAlert((confirm, sendEmailCancellation) ->
+        if confirm
+          $scope.cancelOrder(lineItem.order, sendEmailCancellation).then(->
+            $scope.refreshData()
+          )
+        else
+          $scope.refreshData()
+      , "js.admin.deleting_item_will_cancel_order")
     else if ($scope.confirmDelete && confirm(t "are_you_sure")) || !$scope.confirmDelete
       LineItems.delete(lineItem, () -> $scope.refreshData())
 
@@ -129,13 +135,14 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
       willCancelOrders = true if (order.item_count == itemsPerOrder.get(order).length)
 
     if willCancelOrders
-      return unless confirm(t("js.admin.deleting_item_will_cancel_order"))
-
-    itemsPerOrder.forEach (items, order) =>
-      if order.item_count == items.length
-        $scope.cancelOrder(order).then(-> $scope.refreshData())
-      else
-        Promise.all(LineItems.delete(item) for item in items).then(-> $scope.refreshData())
+      ofnCancelOrderAlert((confirm, sendEmailCancellation) ->
+        if confirm
+          itemsPerOrder.forEach (items, order) =>
+            if order.item_count == items.length
+              $scope.cancelOrder(order, sendEmailCancellation).then(-> $scope.refreshData())
+            else
+              Promise.all(LineItems.delete(item) for item in items).then(-> $scope.refreshData())
+      , "js.admin.deleting_item_will_cancel_order")   
 
   $scope.allBoxesChecked = ->
     checkedCount = $scope.filteredLineItems.reduce (count,lineItem) ->
@@ -159,12 +166,18 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
 
   $scope.sumUnitValues = ->
     sum = $scope.filteredLineItems?.reduce (sum, lineItem) ->
-      sum + $scope.roundToThreeDecimals(lineItem.final_weight_volume / $scope.getLineItemScale(lineItem))
+      if lineItem.units_product.variant_unit == "items"
+        sum + lineItem.quantity
+      else
+        sum + $scope.roundToThreeDecimals(lineItem.final_weight_volume / $scope.getLineItemScale(lineItem))
     , 0
 
   $scope.sumMaxUnitValues = ->
     sum = $scope.filteredLineItems?.reduce (sum,lineItem) ->
-      sum + lineItem.max_quantity * $scope.roundToThreeDecimals(lineItem.units_variant.unit_value / $scope.getLineItemScale(lineItem))
+      if lineItem.units_product.variant_unit == "items"
+        sum + lineItem.max_quantity
+      else
+        sum + lineItem.max_quantity * $scope.roundToThreeDecimals(lineItem.units_variant.unit_value / $scope.getLineItemScale(lineItem))
     , 0
 
   $scope.roundToThreeDecimals = (value) ->
@@ -178,6 +191,8 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   $scope.getScale = (unitsProduct, unitsVariant) ->
     if unitsProduct.hasOwnProperty("variant_unit") && (unitsProduct.variant_unit == "weight" || unitsProduct.variant_unit == "volume")
       unitsProduct.variant_unit_scale
+    else if unitsProduct.hasOwnProperty("variant_unit") && unitsProduct.variant_unit == "items"
+      1
     else
       null
 
@@ -202,11 +217,11 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
 
   $scope.fulfilled = (sumOfUnitValues) ->
     # A Units Variant is an API object which holds unit properies of a variant
-    if $scope.selectedUnitsProduct.hasOwnProperty("group_buy_unit_size") && $scope.selectedUnitsProduct.group_buy_unit_size > 0 &&
-      $scope.selectedUnitsProduct.hasOwnProperty("variant_unit") &&
-      ( $scope.selectedUnitsProduct.variant_unit == "weight" || $scope.selectedUnitsProduct.variant_unit == "volume" )
-        scale = $scope.selectedUnitsProduct.variant_unit_scale
-        sumOfUnitValues = sumOfUnitValues * scale unless scale == 28.35 || scale == 453.6
+    if $scope.selectedUnitsProduct.hasOwnProperty("group_buy_unit_size")&& $scope.selectedUnitsProduct.group_buy_unit_size > 0 &&
+      $scope.selectedUnitsProduct.hasOwnProperty("variant_unit")
+        if $scope.selectedUnitsProduct.variant_unit == "weight" || $scope.selectedUnitsProduct.variant_unit == "volume"
+          scale = $scope.selectedUnitsProduct.variant_unit_scale
+          sumOfUnitValues = sumOfUnitValues * scale unless scale == 28.35 || scale == 453.6
         $scope.roundToThreeDecimals(sumOfUnitValues / $scope.selectedUnitsProduct.group_buy_unit_size)
     else
       ''

app/assets/javascripts/admin/orders/controllers/order_controller.js.coffee

@@ -20,7 +20,7 @@ angular.module("admin.orders").controller "orderCtrl", ($scope, shops, orderCycl
     $scope.distributor_id && $scope.order_cycle_id
 
   for oc in $scope.orderCycles
-    oc.name_and_status = "#{oc.name} (#{oc.status})"
+    oc.name_and_status = "#{oc.name} (#{t("admin.order_cycles.status.#{oc.status}")})"
 
   for shop in $scope.shops
     shop.disabled = !$scope.distributorHasOrderCycles(shop)

app/assets/javascripts/admin/orders/directives/customer_search_override.js.coffee

@@ -1,62 +0,0 @@
-angular.module("admin.orders").directive 'customerSearchOverride', ->
-  restrict: 'C'
-  scope:
-    distributorId: '@'
-  link: (scope, element, attr) ->
-    if $('#customer_autocomplete_template').length > 0
-      customerTemplate = Handlebars.compile($('#customer_autocomplete_template').text())
-
-    formatCustomerResult = (customer) ->
-      customerTemplate
-        customer: customer
-        bill_address: customer.bill_address
-        ship_address: customer.ship_address
-
-    element.select2
-      placeholder: Spree.translations.choose_a_customer
-      minimumInputLength: 3
-      ajax:
-        url: '/admin/search/customers.json'
-        datatype: 'json'
-        data: (term, page) ->
-          {
-            q: term
-            distributor_id: scope.distributorId  # modified
-          }
-        results: (data, page) ->
-          { results: data }
-      dropdownCssClass: 'customer_search'
-      formatResult: formatCustomerResult
-      formatSelection: (customer) ->
-        _.each [
-          'bill_address'
-          'ship_address'
-        ], (address) ->
-          data = customer[address]
-          address_parts = [
-            'firstname'
-            'lastname'
-            'company'
-            'address1'
-            'address2'
-            'city'
-            'zipcode'
-            'phone'
-          ]
-          attribute_wrapper = '#order_' + address + '_attributes_'
-          if data  # modified
-            _.each address_parts, (part) ->
-              $(attribute_wrapper + part).val data[part]
-              return
-            $(attribute_wrapper + 'state_id').select2 'val', data['state_id']
-            $(attribute_wrapper + 'country_id').select2 'val', data['country_id']
-          else
-            _.each address_parts, (part) ->
-              $(attribute_wrapper + part).val ''
-              return
-            $(attribute_wrapper + 'state_id').select2 'val', ''
-            $(attribute_wrapper + 'country_id').select2 'val', ''
-          return
-        $('#order_email').val customer.email
-        $('#user_id').val customer.user_id  # modified
-        customer.email

app/assets/javascripts/admin/products/controllers/units_controller.js.coffee

@@ -8,7 +8,7 @@ angular.module("admin.products")
       $scope.processVariantUnitWithScale()
       $scope.processUnitValueWithDescription()
       $scope.processUnitPrice()
-      $scope.placeholder_text = new OptionValueNamer($scope.product.master).name()
+      $scope.placeholder_text = new OptionValueNamer($scope.product.master).name() if $scope.product.variant_unit_scale
 
     $scope.variant_unit_options = VariantUnitManager.variantUnitOptions()
 
@@ -21,6 +21,8 @@ angular.module("admin.products")
         else
           $scope.product.variant_unit = $scope.product.variant_unit_with_scale
           $scope.product.variant_unit_scale = null
+      else if $scope.product.variant_unit && $scope.product.variant_unit_scale
+        $scope.product.variant_unit_with_scale = VariantUnitManager.getUnitWithScale($scope.product.variant_unit, parseFloat($scope.product.variant_unit_scale))
       else
         $scope.product.variant_unit = $scope.product.variant_unit_scale = null
 
@@ -32,6 +34,10 @@ angular.module("admin.products")
           $scope.product.master.unit_value  = null if isNaN($scope.product.master.unit_value)
           $scope.product.master.unit_value *= $scope.product.variant_unit_scale if $scope.product.master.unit_value && $scope.product.variant_unit_scale
           $scope.product.master.unit_description = match[3]
+      else
+        value = $scope.product.master.unit_value
+        value /= $scope.product.variant_unit_scale if $scope.product.master.unit_value && $scope.product.variant_unit_scale
+        $scope.product.master.unit_value_with_description = value + " " + $scope.product.master.unit_description
 
     $scope.processUnitPrice = ->
       price = $scope.product.price

app/assets/javascripts/admin/products/services/product_image_service.js.coffee

@@ -13,3 +13,9 @@ angular.module("ofn.admin").factory "ProductImageService", (FileUploader, SpreeA
       @imageUploader.onSuccessItem = (image, response) =>
         product.thumb_url = response.thumb_url
         product.image_url = response.image_url
+      @imageUploader.onErrorItem = (image, response) =>
+        if Array.isArray(response.errors)
+          message = response.errors.join("\n")
+        else
+          message = response.error.toString()
+        alert(message)

app/assets/javascripts/admin/products/services/variant_unit_manager.js.coffee

@@ -27,16 +27,22 @@ angular.module("admin.products").factory "VariantUnitManager", (availableUnits)
         1000.0:
           name: 'kL'
           system: 'metric'
+      'items':
+        1:
+          name: 'items'
 
     @variantUnitOptions: ->
       available = availableUnits.split(",")
       options = for unit_type, _ of @units
         for scale in @unitScales(unit_type, available)
           name = @getUnitName(scale, unit_type)
-          ["#{I18n.t(unit_type)} (#{name})", "#{unit_type}_#{scale}"]
+          ["#{I18n.t(unit_type)} (#{name})", @getUnitWithScale(unit_type, scale)]
       options.push [[I18n.t('items'), 'items']]
       options = [].concat options...
 
+    @getUnitWithScale: (unit_type, scale) ->
+      "#{unit_type}_#{scale}"
+
     @getUnitName: (scale, unitType) ->
       if @units[unitType][scale]
         @units[unitType][scale]['name']

app/assets/javascripts/admin/side_menu/services/side_menu.js.coffee

@@ -30,3 +30,14 @@ angular.module("admin.side_menu")
         for item in @items when item.name is name
           return item
         null
+
+      redirect_function: (elementID , href) =>
+        window.addEventListener 'load', ->
+          element = document.getElementById(elementID)
+          if !element
+            return
+          element.addEventListener 'click', ->
+            window.location.replace(href)
+            return
+          return
+

app/assets/javascripts/admin/spree/calculator.js

@@ -7,11 +7,11 @@ $(function() {
     if (calculator_select.val() === original_calc_type) {
       $('div.calculator-settings').show();
       $('.calculator-settings-warning').hide();
-      $('.calculator-settings').find('input,textarea').prop("disabled", false);
+      $('.calculator-settings').find('input,textarea,select').prop("disabled", false);
     } else {
       $('div.calculator-settings').hide();
       $('.calculator-settings-warning').show();
-      $('.calculator-settings').find('input,textarea').prop("disabled", true);
+      $('.calculator-settings').find('input,textarea,select').prop("disabled", true);
     }
   });
 })

app/assets/javascripts/admin/spree/orders/address_states.js

@@ -1,17 +0,0 @@
-var update_state = function(region) {
-  var country        = $('span#' + region + 'country .select2').select2('val');
-  var state_select   = $('span#' + region + 'state select.select2');
-
-  $.get(Spree.routes.states_search + "?country_id=" + country, function(states) {
-    state_select.html('');
-    var states_with_blank = [{name: '', id: ''}].concat(states);
-    $.each(states_with_blank, function(pos,state) {
-      var opt = $(document.createElement('option'))
-                .attr('value', state.id)
-                .html(state.name);
-      state_select.append(opt);
-    });
-    state_select.prop("disabled", false).show();
-    state_select.select2();
-  })
-};

app/assets/javascripts/admin/spree/orders/shipments.js.erb

@@ -25,13 +25,12 @@ $(document).ready(function() {
     var link = $(this);
     var shipment_number = link.data('shipment-number');
     var selected_shipping_rate_id = link.parents('tbody').find("select#selected_shipping_rate_id[data-shipment-number='" + shipment_number + "']").val();
-    var unlock = link.parents('tbody').find("input[name='open_adjustment'][data-shipment-number='" + shipment_number + "']:checked").val();
     var url = Spree.url( Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipment_number + ".json");
 
     $.ajax({
       type: "PUT",
       url: url,
-      data: { shipment: { selected_shipping_rate_id: selected_shipping_rate_id, unlock: unlock  } }
+      data: { shipment: { selected_shipping_rate_id: selected_shipping_rate_id  } }
     }).done(function( msg ) {
       window.location.reload();
     }).error(function( msg ) {
@@ -40,25 +39,94 @@ $(document).ready(function() {
   }
   $('[data-hook=admin_order_edit_form] a.save-method').click(handle_shipping_method_save);
 
-  //handle tracking edit click
+  //handle tracking info edit/delete
+
+  // Show the input field to edit the tracking info
+  // And hide the input field when cancel is clicked
   $('a.edit-tracking').click(toggleTrackingEdit);
   $('a.cancel-tracking').click(toggleTrackingEdit);
 
-  handle_tracking_save = function(){
-    var link = $(this);
-    var shipment_number = link.data('shipment-number');
-    var tracking = link.parents('tbody').find('input#tracking').val();
-    var url = Spree.url( Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipment_number + ".json");
+  saveTrackingInfo = function(){
+    let shipmentNumber = $(this).data('shipment-number');
+    let tracking = document.getElementById('tracking').value
 
+    makeApiCall(trackingUrl(shipmentNumber), { shipment: { tracking: tracking } } )
+  }
+
+  deleteTrackingInfo = function(){
+    let shipmentNumber = $(this).data('shipment-number');
+    let tracking = ''
+
+    confirmDelete(trackingUrl(shipmentNumber), { shipment: { tracking: tracking } })
+  }
+
+  trackingUrl = function(shipmentNumber){
+    return Spree.url( Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipmentNumber + ".json");
+  }
+
+  $('[data-hook=admin_order_edit_form] a.save-tracking').click(saveTrackingInfo);
+  $('[data-hook=admin_order_edit_form] a.delete-tracking').click(deleteTrackingInfo);
+
+  // handle note edit/delete
+
+  // Show the input field to edit the note
+  // And hide the input field when cancel is clicked
+  $('a.edit-note.icon-edit').click(toggleNoteEdit);
+  $('a.cancel-note').click(toggleNoteEdit);
+
+  saveNote = function(){
+    let note = document.getElementById('note').value
+    makeApiCall(getNoteUrl(), { note: note })
+  }
+
+  deleteNote = function(){
+    let note = ''
+    confirmDelete(getNoteUrl(), { note: note })
+  }
+
+  getNoteUrl = function(){
+    return Spree.url( Spree.routes.orders_api + "/" + order_number);
+  }
+
+  confirmDelete = function(url, params){
+    displayDeleteAlert(function(confirmation) {
+      if (confirmation) {
+        makeApiCall(url, params)
+      }
+    }); 
+  }
+
+  $('[data-hook=admin_order_edit_form] a.save-note').click(saveNote);
+  $('[data-hook=admin_order_edit_form] a.delete-note').click(deleteNote);
+
+  // Makes API call for notes/tracking info
+  makeApiCall = function(url, params) {
     $.ajax({
       type: "PUT",
       url: url,
-      data: { shipment: { tracking: tracking } }
+      data: params
     }).done(function( msg ) {
       window.location.reload();
     }).error(function( msg ) {
       console.log(msg);
     });
   }
-  $('[data-hook=admin_order_edit_form] a.save-tracking').click(handle_tracking_save);
+
+  displayDeleteAlert = function(callback) {
+    i18nKey = "are_you_sure";
+    $('#custom-confirm .message').html(
+      ` ${t(i18nKey)}
+              <div class="form">
+              </div>`);
+    $('#custom-confirm button.confirm').unbind( "click" ).click(() => {
+      $('#custom-confirm').hide();
+      callback(true);
+    });
+    $('#custom-confirm button.cancel').click(() => {
+      $('#custom-confirm').hide();
+      callback(false)
+    });
+    $('#custom-confirm').show();
+  }
+
 });

app/assets/javascripts/admin/spree/orders/variant_autocomplete.js.erb

@@ -4,6 +4,7 @@ $(document).ready(function() {
 
   initAlert()
   initConfirm()
+  initCancelOrder()
 
   if ($('#variant_autocomplete_template').length > 0) {
     window.variantTemplate = Handlebars.compile($('#variant_autocomplete_template').text());
@@ -52,12 +53,12 @@ $(document).ready(function() {
       }
       toggleItemEdit();
 
-      adjustItems(shipment_number, variant_id, quantity);
+      adjustItems(shipment_number, variant_id, quantity, true);
       return false;
     }
     $('a.save-item').click(handle_save_click);
 
-    handle_delete_click = function(elementSelector){
+    handle_delete_click = function(elementSelector, restock_item){
       var del = $(elementSelector);
       del.hide()
       var shipment_number = del.data('shipment-number');
@@ -65,26 +66,37 @@ $(document).ready(function() {
 
       toggleItemEdit();
 
-      adjustItems(shipment_number, variant_id, 0);
+      adjustItems(shipment_number, variant_id, 0, restock_item);
     }
 
     $('a.delete-item').click((event) => {
-      ofnConfirm(() => {
-        handle_delete_click('#custom-confirm');
-      });
+     try {
+         var del = $('a.delete-item');
+         var shipment_number = del.data('shipment-number');
+         var variant_id = del.data('variant-id');
+         var shipment = _.findWhere(shipments, {number: shipment_number + ''});
+         var inventory_units = _.where(shipment.inventory_units, {variant_id: variant_id});
+         if (inventory_units.length !== shipment.inventory_units.length) {
+             ofnConfirm((reStockItem) => {
+                 handle_delete_click('#custom-confirm', reStockItem);
+             });
+         } else {
+             adjustItems(shipment_number, variant_id, 0);
+         }
+     } catch (e) {
+     }
     });
-
   }
 });
 
-adjustItems = function(shipment_number, variant_id, quantity){
+adjustItems = function(shipment_number, variant_id, quantity, restock_item){
   var shipment = _.findWhere(shipments, {number: shipment_number + ''});
   var inventory_units = _.where(shipment.inventory_units, {variant_id: variant_id});
 
-  if (quantity == 0 && inventory_units.length == shipment.inventory_units.length) {
-    ofnCancelOrderAlert((confirm, sendEmailCancellation) => {
+  if (quantity === 0 && inventory_units.length === shipment.inventory_units.length) {
+    ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_item) => {
       if (confirm) {
-        doAdjustItems(shipment_number, variant_id, quantity, inventory_units, () => {
+        doAdjustItems(shipment_number, variant_id, quantity, inventory_units, restock_item, () => {
           var redirectTo = new URL(Spree.routes.cancel_order.toString());
           redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
           window.location.href = redirectTo.toString();
@@ -93,23 +105,26 @@ adjustItems = function(shipment_number, variant_id, quantity){
     });
     return;
   }
-  doAdjustItems(shipment_number, variant_id, quantity, inventory_units, () => {
+  doAdjustItems(shipment_number, variant_id, quantity, inventory_units, restock_item, () => {
     window.location.reload();
   });
 }
 
-doAdjustItems = function(shipment_number, variant_id, quantity, inventory_units, callback) {
+doAdjustItems = function(shipment_number, variant_id, quantity, inventory_units, restock_item, callback) {
   var url = Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipment_number;
 
   var new_quantity = 0;
+  var data = { variant_id: variant_id };
   if (inventory_units.length < quantity) {
     url += "/add";
     new_quantity = (quantity - inventory_units.length);
   } else if (inventory_units.length > quantity) {
     url += "/remove"
     new_quantity = (inventory_units.length - quantity);
+    data.restock_item = restock_item;
   }
   url += '.json';
+  data.quantity = new_quantity;
 
   if (new_quantity == 0) {
     ofnAlert(t("js.admin.orders.quantity_unchanged"));
@@ -117,7 +132,7 @@ doAdjustItems = function(shipment_number, variant_id, quantity, inventory_units,
     $.ajax({
       type: "PUT",
       url: Spree.url(url),
-      data: { variant_id: variant_id, quantity: new_quantity }
+      data: data
     }).done(function( msg ) {
       callback();
     });
@@ -126,8 +141,26 @@ doAdjustItems = function(shipment_number, variant_id, quantity, inventory_units,
 
 toggleTrackingEdit = function(){
   var link = $(this);
-  link.parents('tbody').find('tr.edit-tracking').toggle();
-  link.parents('tbody').find('tr.show-tracking').toggle();
+  var parent_node = link.parents('tbody')
+  let input = parent_node.find('#tracking')[0]
+  parent_node.find('tr.edit-tracking').toggle();
+  // Set focus on input and
+  // put cursor at it's end
+  input.focus()
+  input.setSelectionRange(-1, -1)
+  parent_node.find('tr.show-tracking').toggle();
+}
+
+toggleNoteEdit = function(){
+  var link = $(this);
+  var parent_node = link.parents('tbody')
+  let input = parent_node.find('#note')[0]
+  parent_node.find('tr.edit-note').toggle();
+  // Set focus on input and
+  // put cursor at it's end
+  input.focus()
+  input.setSelectionRange(-1, -1)
+  parent_node.find('tr.show-note').toggle();
 }
 
 toggleMethodEdit = function(){
@@ -171,7 +204,7 @@ addVariantFromStockLocation = function() {
     });
   }else{
     //add to existing shipment
-    adjustItems(shipment.number, variant_id, quantity);
+    adjustItems(shipment.number, variant_id, quantity, true);
   }
   return 1
 }
@@ -194,16 +227,21 @@ ofnAlert = function(message) {
   $('#custom-alert').show();
 }
 
-ofnCancelOrderAlert = function(callback) {
+ofnCancelOrderAlert = function(callback, i18nKey) {
+  if (i18nKey == undefined) {
+    i18nKey = "js.admin.orders.cancel_the_order_html";
+  }
   $('#custom-confirm .message').html(
-    ` ${t("js.admin.orders.cancel_the_order_html")}
+    ` ${t(i18nKey)}
       <div class="form">
-        <input type="checkbox" name="send_cancellation_email" value="1" id="send_cancellation_email" />
-        <label for="send_cancellation_email">${t("js.admin.orders.cancel_the_order_send_cancelation_email")}</label>
+        <input type="checkbox" name="send_cancellation_email" value="1" id="send_cancellation_email" checked="true" />
+        <label for="send_cancellation_email">${t("js.admin.orders.cancel_the_order_send_cancelation_email")}</label><br />
+        <input type="checkbox" name="restock_items"  id="restock_items" checked="checked"/>
+        <label for="restock_items">${t("js.admin.orders.restock_items")}</label>
       </div>`);
   $('#custom-confirm button.confirm').unbind( "click" ).click(() => {
     $('#custom-confirm').hide();
-    callback(true, $('#send_cancellation_email').is(':checked'));
+    callback(true, $('#send_cancellation_email').is(':checked'), $('#restock_items').is(':checked'));
   });
   $('#custom-confirm button.cancel').click(() => {
     $('#custom-confirm').hide();
@@ -213,7 +251,30 @@ ofnCancelOrderAlert = function(callback) {
 }
 
 ofnConfirm = function(callback) {
+  $('#custom-confirm .message').html(
+      ` ${t("are_you_sure")}
+    <div class="form">
+      <input type="checkbox" name="restock_items"  id="restock_items" checked="checked"/>
+      <label for="restock_items">${t("js.admin.orders.restock_item")}</label>
+    </div>`);
   $('#custom-confirm').data($(event.target).data());
-  $('#custom-confirm button.confirm').click(callback);
+  $('#custom-confirm button.confirm').click(() => {
+      callback($('#restock_items').is(':checked'));
+  });
   $('#custom-confirm').show();
 }
+
+initCancelOrder = function() {
+    $('#cancel_order_form').submit(function(e){
+        ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) => {
+            if (confirm) {
+                var redirectTo = new URL(Spree.routes.cancel_order.toString());
+                redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
+                redirectTo.searchParams.append("restock_items", restock_items);
+                window.location.href = redirectTo.toString();
+            }
+        });
+        e.preventDefault();
+        return false;
+    });
+}

app/assets/javascripts/admin/spree/taxons/taxonomy.js.coffee

@@ -8,13 +8,18 @@ handle_move = (e, data) ->
   node = data.rslt.o
   new_parent = data.rslt.np
 
-  url = Spree.url(base_url).clone()
-  url.pathname = url.pathname + '/' + node.attr("id")
+  url = new URL(base_url)
+  url.pathname = url.pathname + '/' + node.attr("id") 
+  data = {
+    _method: "put",
+    "taxon[position]": position,
+    "taxon[parent_id]": if !isNaN(new_parent.attr("id")) then new_parent.attr("id") else undefined
+  }
   $.ajax
     type: "POST",
     dataType: "json",
     url: url.toString(),
-    data: ({_method: "put", "taxon[parent_id]": new_parent.attr("id"), "taxon[position]": position }),
+    data: data,
     error: handle_ajax_error
 
   true
@@ -26,11 +31,16 @@ handle_create = (e, data) ->
   position = data.rslt.position
   new_parent = data.rslt.parent
 
+  data = {
+    "taxon[name]": name,
+    "taxon[position]": position
+    "taxon[parent_id]": if !isNaN(new_parent.attr("id")) then new_parent.attr("id") else undefined
+  }
   $.ajax
     type: "POST",
     dataType: "json",
     url: base_url.toString(),
-    data: ({"taxon[name]": name, "taxon[parent_id]": new_parent.attr("id"), "taxon[position]": position }),
+    data: data,
     error: handle_ajax_error,
     success: (data,result) ->
       node.attr('id', data.id)
@@ -39,8 +49,10 @@ handle_rename = (e, data) ->
   last_rollback = data.rlbk
   node = data.rslt.obj
   name = data.rslt.new_name
+  # change the name inside the main input field as well if taxon is the root one
+  document.getElementById("taxonomy_name").value = name if node.parents("[id]").attr("id") == "taxonomy_tree"
 
-  url = Spree.url(base_url).clone()
+  url = new URL(base_url)
   url.pathname = url.pathname + '/' + node.attr("id")
 
   $.ajax
@@ -53,8 +65,8 @@ handle_rename = (e, data) ->
 handle_delete = (e, data) ->
   last_rollback = data.rlbk
   node = data.rslt.obj
-  delete_url = base_url.clone()
-  delete_url.setPath delete_url.path() + '/' + node.attr("id")
+  delete_url = new URL(base_url)
+  delete_url.pathname = delete_url.pathname + '/' + node.attr("id")
   if confirm(Spree.translations.are_you_sure_delete)
     $.ajax
       type: "POST",

app/assets/javascripts/admin/utils/directives/help-modal.js.coffee

@@ -1,20 +0,0 @@
-angular.module("admin.utils").directive 'helpModal', ($rootScope, $compile, $templateCache, $window, DialogDefaults) ->
-  restrict: 'C'
-  scope:
-    template: '@'
-  link: (scope, element, attr) ->
-    # Compile modal template
-    template = $compile($templateCache.get(scope.template))(scope)
-
-    # Load Dialog Options
-    template.dialog(DialogDefaults)
-
-    # Link opening of dialog to click event on element
-    element.bind 'click', (e) ->
-      template.dialog('open')
-      $rootScope.$evalAsync()
-
-    scope.close = ->
-      template.dialog('close')
-      $rootScope.$evalAsync()
-      return

app/assets/javascripts/admin/utils/directives/tags_with_translation.js.coffee

@@ -3,6 +3,7 @@ angular.module("admin.utils").directive "tagsWithTranslation", ($timeout) ->
   templateUrl: "admin/tags_input.html"
   scope:
     object: "="
+    form: "="
     tagsAttr: "@?"
     tagListAttr: "@?"
     findTags: "&"
@@ -18,7 +19,15 @@ angular.module("admin.utils").directive "tagsWithTranslation", ($timeout) ->
       scope.limitReached = scope.object[scope.tagsAttr].length >= scope.max if scope.max != undefined
       scope.object[scope.tagListAttr] = (tag.text for tag in scope.object[scope.tagsAttr]).join(",")
 
+    scope.$watch "object", (newObject) -> 
+      scope.object = newObject
+      init()
+
     $timeout ->
+      init()
+    
+    init = ->
+      return unless scope.object
       # Initialize properties if necessary
       scope.tagsAttr ||= "tags"
       scope.tagListAttr ||= "tag_list"

app/assets/javascripts/admin/utils/services/errors_parser.js.coffee

@@ -5,15 +5,16 @@ angular.module("admin.utils").factory "ErrorsParser", ->
       return defaultContent unless errors?
 
       errorsString = ""
-      if errors.length > 0
+      if Array.isArray(errors)
         # it is an array of errors
         errorsString = errors.join("\n") + "\n"
-      else
+      else if typeof errors == "object"
         # it is a hash of errors
         keys = Object.keys(errors)
         for key in keys
           errorsString += errors[key].join("\n") + "\n"
-
+      else # string
+        errorsString = errors
       this.defaultIfEmpty(errorsString, defaultContent)
 
     defaultIfEmpty: (content, defaultContent) =>

app/assets/javascripts/darkswarm/controllers/shop_variant_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').controller "ShopVariantCtrl", ($scope, $modal, Cart) ->
+angular.module('Darkswarm').controller "ShopVariantCtrl", ($scope, $modal, Cart, Shopfront) ->
   $scope.updateCart = (line_item) ->
     Cart.adjust($scope.variant.line_item)
 
@@ -69,3 +69,6 @@ angular.module('Darkswarm').controller "ShopVariantCtrl", ($scope, $modal, Cart)
   $scope.addBulk = (quantity) ->
     $scope.add(quantity)
     $modal.open(templateUrl: "bulk_buy_modal.html", scope: $scope, windowClass: "product-bulk-modal")
+
+  $scope.displayRemainingInStock = ->
+    Shopfront.shopfront.preferred_product_low_stock_display && $scope.available() <= 3 && !$scope.variant.line_item.quantity

app/assets/javascripts/darkswarm/directives/help_modal.js.coffee

@@ -1,13 +0,0 @@
-angular.module('Darkswarm').directive "helpModal", ($modal, $compile, $templateCache)->
-  restrict: 'A'
-  scope:
-    helpText: "@helpModal"
-
-  link: (scope, elem, attrs, ctrl)->
-    compiled = $compile($templateCache.get('help-modal.html'))(scope)
-
-    elem.on "click", =>
-      $modal.open(controller: ctrl, template: compiled, scope: scope, windowClass: 'help-modal small')
-
-    scope.$on "$destroy", ->
-      elem.off("click")

app/assets/javascripts/darkswarm/directives/map_search.js.coffee

@@ -3,7 +3,7 @@ angular.module('Darkswarm').directive 'mapSearch', ($timeout, Search) ->
   restrict: 'E'
   require: ['^uiGmapGoogleMap', 'ngModel']
   replace: true
-  template: '<input id="pac-input" ng-model="query" placeholder="' + t('location_placeholder') + '"></input>'
+  template: '<input id="pac-input" ng-model="query" placeholder="' + t('location_placeholder') + '" onfocus="this.select()"></input>'
   scope: {}
 
   controller: ($scope) ->

app/assets/javascripts/darkswarm/directives/off_canvas_wrap.js.coffee

@@ -26,4 +26,8 @@ angular.module('mm.foundation.offcanvas').directive 'offCanvasWrap', ($window) -
       # Bind hiding of the off-canvas that only happens when screen width is over 1024px.
       win.bind 'resize.body', ->
         isolatedScope.hide() if $(window).width() > 1024
+
+      win.bind 'click.body', (e) ->
+        if e.target.closest(".left-off-canvas-menu") == null && e.target.closest(".left-off-canvas-toggle") == null
+          isolatedScope.hide()
   }

app/assets/javascripts/templates/admin/modals/business_address_info.html.haml

@@ -1,7 +0,0 @@
-%div
-  .margin-bottom-30
-    %p
-      {{ 'js.admin.modals.business_address_info.message' | t }}
-
-  .text-center
-    %input.button.red.icon-plus{ type: 'button', value: '{{ "js.admin.modals.got_it" | t }}', ng: { click: 'close()' } }

app/assets/javascripts/templates/admin/modals/invite_manager.html.haml

@@ -1,19 +0,0 @@
-#invite-manager-modal{ng: {app: 'admin.enterprises', controller: 'enterpriseCtrl'}}
-
-  .margin-bottom-30.text-center
-    .text-big
-      = t('js.admin.modals.invite_title')
-
-  %p.alert-box.ok{ng: {show: 'invite_success'}}
-    {{invite_success}}
-
-  %p.alert-box.error{ng: {show: 'invite_errors'}}
-    {{invite_errors}}
-
-  %input#invite_email.fullwidth.margin-bottom-20{ng: {model: 'newUser'}}
-
-  .margin-bottom-20.text-center
-    %button.text-center.margin-top-10{ng: {show: '!invite_success', click: 'inviteManager()'}}
-      = t('js.admin.modals.invite')
-    %button.text-center.margin-top-10{ng: {show: 'invite_success', click: 'resetModal(); close()'}}
-      = t('js.admin.modals.close')

app/assets/javascripts/templates/admin/modals/tag_rule_help.html.haml

@@ -1,25 +0,0 @@
-#tag-rule-help
-  .margin-bottom-30.text-center
-    .text-big
-      {{ 'js.admin.modals.tag_rule_help.title' | t }}
-
-  .margin-bottom-30
-    .text-normal
-      {{ 'js.admin.modals.tag_rule_help.overview' | t }}
-    %p
-      {{ 'js.admin.modals.tag_rule_help.overview_text' | t }}
-
-  .margin-bottom-30
-    .text-normal
-      {{ 'js.admin.modals.tag_rule_help.by_default_rules' | t }}
-    %p
-      {{ 'js.admin.modals.tag_rule_help.by_default_rules_text' | t }}
-
-  .margin-bottom-30
-    .text-normal
-      {{ 'js.admin.modals.tag_rule_help.customer_tagged_rules' | t }}
-    %p
-      {{ 'js.admin.modals.tag_rule_help.customer_tagged_rules_text' | t }}
-
-  .text-center
-    %input.button.red.icon-plus{ type: 'button', value: t('js.admin.modals.got_it'), ng: { click: 'close()' } }

app/assets/javascripts/templates/admin/modals/terms_and_conditions_info.html.haml

@@ -1,13 +0,0 @@
-%div
-  .margin-bottom-30.text-center
-    .text-big
-      {{ 'js.admin.modals.terms_and_conditions_info.title' | t }}
-  .margin-bottom-30
-    %p
-      {{ 'js.admin.modals.terms_and_conditions_info.message_1' | t }}
-  .margin-bottom-30
-    %p
-      {{ 'js.admin.modals.terms_and_conditions_info.message_2' | t }}
-
-  .text-center
-    %input.button.red.icon-plus{ type: 'button', value: t('js.admin.modals.got_it'), ng: { click: 'close()' } }

app/assets/javascripts/templates/partials/contact.html.haml

@@ -1,8 +1,12 @@
 %div.contact-container
-  %div.modal-centered{"ng-if" => "::enterprise.email_address || enterprise.website || enterprise.phone"}
+  %div.modal-centered{"ng-if" => "::enterprise.email_address || enterprise.website || enterprise.phone || enterprise.whatsapp_phone"}
     %p.modal-header {{'contact' | t}}
     %p{"ng-if" => "::enterprise.phone", "ng-bind" => "::enterprise.phone"}
 
+    %p{"ng-if" => "::enterprise.whatsapp_phone"}
+      %img{ src: image_path("/map_icons/social-logos/whatsapp.svg") }
+      %a{"ng-href" => "{{::enterprise.whatsapp_url}}", target: "_blank", "ng-bind" => "::enterprise.whatsapp_phone"}
+
     %p{"ng-if" => "::enterprise.email_address"}
       %a{"ng-href" => "{{::enterprise.email_address | stripUrl}}", target: "_blank", mailto: true}
         %span.obfuscatedEmail.email{"ng-bind" => "::enterprise.email_address | stripUrl"}

app/assets/javascripts/templates/price_breakdown.html.haml

@@ -9,19 +9,19 @@
         %span{"ng-bind" => "::'item_cost' | t"}
       %li{"ng-if" => "::variant.fees.admin"}
         .right {{ ::variant.fees.admin | localizeCurrency }}
-        %span{"ng-bind" => "::'admin_fee' | t"}
+        %span{"ng-bind" => "::variant.fees_name.admin"}
       %li{"ng-if" => "::variant.fees.sales"}
         .right {{ ::variant.fees.sales | localizeCurrency }}
-        %span{"ng-bind" => "::'sales_fee' | t"}
+        %span{"ng-bind" => "::variant.fees_name.sales"}
       %li{"ng-if" => "::variant.fees.packing"}
         .right {{ ::variant.fees.packing | localizeCurrency }}
-        %span{"ng-bind" => "::'packing_fee' | t"}
+        %span{"ng-bind" => "::variant.fees_name.packing"}
       %li{"ng-if" => "::variant.fees.transport"}
         .right {{ ::variant.fees.transport | localizeCurrency }}
-        %span{"ng-bind" => "::'transport_fee' | t"}
+        %span{"ng-bind" => "::variant.fees_name.transport"}
       %li{"ng-if" => "::variant.fees.fundraising"}
         .right {{ ::variant.fees.fundraising | localizeCurrency }}
-        %span{"ng-bind" => "::'fundraising_fee' | t"}
+        %span{"ng-bind" => "::variant.fees_name.fundraising"}
       %li
         %strong
           .right = {{ ::variant.price_with_fees | localizeCurrency }}

app/components/help_modal_component.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+class HelpModalComponent < ViewComponent::Base
+  def initialize(id:, close_button: true)
+    @id = id
+    @close_button = close_button
+  end
+
+  private
+
+  def close_button_class
+    if namespace == "admin"
+      "red"
+    else
+      "primary"
+    end
+  end
+
+  def close_button?
+    !!@close_button
+  end
+
+  def namespace
+    helpers.controller_path.split("/").first
+  end
+end

app/components/help_modal_component/help_modal_component.html.haml

@@ -0,0 +1,8 @@
+%div{ id: @id, "data-controller": "help-modal", "data-action": "keyup@document->help-modal#closeIfEscapeKey" }
+  .reveal-modal-bg.fade{ "data-help-modal-target": "background", "data-action": "click->help-modal#close" }
+  .reveal-modal.fade.small.help-modal{ "data-help-modal-target": "modal" }
+    = content
+
+    - if close_button?
+      .text-center
+        %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.got_it'), "data-action": "click->help-modal#close" }

app/components/help_modal_component/help_modal_component.scss

@@ -0,0 +1,10 @@
+.help-modal {
+  visibility: visible;
+  position: fixed;
+  top: 3em;
+}
+
+/* prevent arrow on selected admin menu item appearing above modal */
+body.modal-open #admin-menu li.selected a::after {
+  z-index: 0;
+}

app/controllers/admin/contents_controller.rb

@@ -10,14 +10,14 @@ module Admin
 
     def update
       params.each do |name, value|
-        if ContentConfig.has_preference?(name) || ContentConfig.has_attachment?(name)
-          ContentConfig.public_send("#{name}=", value)
+        if value.is_a?(ActionDispatch::Http::UploadedFile)
+          blob = store_file(value)
+          update_preference("#{name}_blob_id", blob.id)
+        else
+          update_preference(name, value)
         end
       end
 
-      # Save any uploaded images
-      ContentConfig.save
-
       flash[:success] =
         t(:successfully_updated, resource: I18n.t('admin.contents.edit.your_content'))
 
@@ -26,6 +26,22 @@ module Admin
 
     private
 
+    def store_file(attachable)
+      ActiveStorage::Blob.create_and_upload!(
+        io: attachable.open,
+        filename: attachable.original_filename,
+        content_type: attachable.content_type,
+        service_name: :local,
+        identify: false,
+      )
+    end
+
+    def update_preference(name, value)
+      return unless ContentConfig.has_preference?(name)
+
+      ContentConfig.public_send("#{name}=", value)
+    end
+
     def preference_sections
       [
         PreferenceSections::HeaderSection.new,

app/controllers/admin/invoice_settings_controller.rb

@@ -19,6 +19,7 @@ module Admin
         :enable_invoices?,
         :invoice_style2?,
         :enable_receipt_printing?,
+        :enterprise_number_required_on_invoices?,
       )
     end
   end

app/controllers/admin/order_cycles_controller.rb

@@ -64,6 +64,7 @@ module Admin
       @order_cycle_form = OrderCycleForm.new(@order_cycle, order_cycle_params, spree_current_user)
 
       if @order_cycle_form.save
+        update_nil_subscription_line_items_price_estimate(@order_cycle)
         respond_to do |format|
           flash[:notice] = I18n.t(:order_cycles_update_notice) if params[:reloading] == '1'
           format.html { redirect_back(fallback_location: root_path) }
@@ -76,6 +77,7 @@ module Admin
 
     def bulk_update
       if order_cycle_set&.save
+        bulk_update_nil_subscription_line_items_price_estimate
         render_as_json @order_cycles,
                        ams_prefix: 'index',
                        current_user: spree_current_user,
@@ -86,6 +88,27 @@ module Admin
       end
     end
 
+    def bulk_update_nil_subscription_line_items_price_estimate
+      @collection.upcoming.each do |order_cycle|
+        update_nil_subscription_line_items_price_estimate(order_cycle)
+      end
+    end
+
+    def update_nil_subscription_line_items_price_estimate(order_cycle)
+      order_cycle.schedules.each do |schedule|
+        Subscription.where(schedule_id: schedule.id).each do |subscription|
+          shop = Enterprise.managed_by(spree_current_user).find_by(id: subscription.shop_id)
+          subscription.subscription_line_items.nil_price_estimate.each do |line_item|
+            variant = OrderManagement::Subscriptions::
+                VariantsList.eligible_variants(shop).find_by(id: line_item.variant_id)
+            fee_calculator = OpenFoodNetwork::EnterpriseFeeCalculator.new(shop, order_cycle)
+            price = variant.price + fee_calculator.indexed_fees_for(variant)
+            line_item.update_column(:price_estimate, price)
+          end
+        end
+      end
+    end
+
     def clone
       @order_cycle = OrderCycle.find params[:id]
       @order_cycle.clone!

app/controllers/admin/reports_controller.rb

@@ -5,14 +5,23 @@ module Admin
     include ReportsActions
     helper ReportsHelper
 
-    before_action :authorize_report
+    before_action :authorize_report, only: [:show]
+
+    # Define model class for Can? permissions
+    def model_class
+      Admin::ReportsController
+    end
+
+    def index
+      @reports = reports.select do |report_type, _description|
+        can? report_type, :report
+      end
+    end
 
     def show
-      render_report && return if ransack_params.blank?
+      @report = report_class.new(spree_current_user, params, request)
 
-      @report = report_class.new(spree_current_user, ransack_params, report_options)
-
-      if export_spreadsheet?
+      if report_format.present?
         export_report
       else
         render_report
@@ -22,33 +31,31 @@ module Admin
     private
 
     def export_report
-      render report_format.to_sym => @report.public_send("to_#{report_format}"),
-             :filename => report_filename
+      send_data @report.render_as(report_format, controller: self), filename: report_filename
     end
 
     def render_report
       assign_view_data
-      load_form_options
-
-      render report_type
+      render "show"
     end
 
     def assign_view_data
       @report_type = report_type
-      @report_subtype = report_subtype || report_loader.default_report_subtype
-      @report_subtypes = report_class.report_subtypes.map do |subtype|
-        [t("packing.#{subtype}_report", scope: i18n_scope), subtype]
+      @report_subtypes = report_subtypes
+      @report_subtype = report_subtype
+
+      # Initialize data
+      params[:display_summary_row] = true if request.get?
+      if OpenFoodNetwork::FeatureToggle.enabled?(:report_inverse_columns_logic,
+                                                 spree_current_user)
+        @params_fields_to_show = if request.get?
+                                   @report.columns.keys
+                                 else
+                                   params[:fields_to_show]
+                                 end
       end
-    end
 
-    def load_form_options
-      return unless form_options_required?
-
-      form_options = Reporting::FrontendData.new(spree_current_user)
-
-      @distributors = form_options.distributors.to_a
-      @suppliers = form_options.suppliers.to_a
-      @order_cycles = form_options.order_cycles.to_a
+      @data = Reporting::FrontendData.new(spree_current_user)
     end
   end
 end

app/controllers/api/v0/enterprise_attachment_controller.rb

@@ -14,7 +14,7 @@ module Api
       respond_to :json
 
       def destroy
-        unless @enterprise.public_send("#{attachment_name}?")
+        unless @enterprise.public_send(attachment_name).attached?
           return respond_with_conflict(error: destroy_attachment_does_not_exist_error_message)
         end
 

app/controllers/api/v0/enterprises_controller.rb

@@ -44,9 +44,9 @@ module Api
         authorize! :update, @enterprise
 
         if params[:logo] && @enterprise.update( logo: params[:logo] )
-          render html: @enterprise.logo.url(:medium), status: :ok
-        elsif params[:promo] && @enterprise.update( promo_image: params[:promo] )
-          render html: @enterprise.promo_image.url(:medium), status: :ok
+          render(html: @enterprise.logo_url(:medium), status: :ok)
+        elsif params[:promo] && @enterprise.update!( promo_image: params[:promo] )
+          render(html: @enterprise.promo_image_url(:medium), status: :ok)
         else
           invalid_resource!(@enterprise)
         end

app/controllers/api/v0/orders_controller.rb

@@ -26,6 +26,13 @@ module Api
         }
       end
 
+      def update
+        authorize! :admin, order
+
+        order.update!(order_params)
+        render json: order, serializer: Api::OrderDetailedSerializer, current_order: order
+      end
+
       def ship
         authorize! :admin, order
 
@@ -72,6 +79,10 @@ module Api
           includes(line_items: { variant: [:product, :stock_items, :default_price] }).
           first!
       end
+
+      def order_params
+        params.permit(:note)
+      end
     end
   end
 end

app/controllers/api/v0/product_images_controller.rb

@@ -6,20 +6,21 @@ module Api
       respond_to :json
 
       def update_product_image
-        @product = Spree::Product.find(params[:product_id])
-        authorize! :update, @product
+        product = Spree::Product.find(params[:product_id])
+        authorize! :update, product
 
-        if @product.images.first.nil?
-          @image = Spree::Image.create(
-            attachment: params[:file],
-            viewable_id: @product.master.id,
-            viewable_type: 'Spree::Variant'
-          )
-          render json: @image, serializer: ImageSerializer, status: :created
+        image = product.images.first || Spree::Image.new(
+          viewable_id: product.master.id,
+          viewable_type: 'Spree::Variant'
+        )
+
+        success_status = image.persisted? ? :ok : :created
+
+        if image.update(attachment: params[:file])
+          render json: image, serializer: ImageSerializer, status: success_status
         else
-          @image = @product.images.first
-          @image.update(attachment: params[:file])
-          render json: @image, serializer: ImageSerializer, status: :ok
+          error_json = { errors: image.errors.full_messages }
+          render json: error_json, status: :unprocessable_entity
         end
       end
     end

app/controllers/api/v0/reports_controller.rb

@@ -10,7 +10,8 @@ module Api
       before_action :validate_report, :authorize_report, :validate_query
 
       def show
-        @report = report_class.new(current_api_user, ransack_params, report_options)
+        params[:report_format] = 'json'
+        @report = report_class.new(current_api_user, params)
 
         render_report
       end

app/controllers/api/v0/shipments_controller.rb

@@ -28,19 +28,14 @@ module Api
         authorize! :read, Spree::Shipment
         @shipment = @order.shipments.find_by!(number: params[:id])
         params[:shipment] ||= []
-        unlock = params[:shipment].delete(:unlock)
 
-        if unlock == 'yes'
-          @shipment.fee_adjustment.fire_events(:open)
-        end
+        @shipment.fee_adjustment.fire_events(:open)
 
         if @shipment.update(shipment_params)
           @order.updater.update_totals_and_states
         end
 
-        if unlock == 'yes'
-          @shipment.fee_adjustment.close
-        end
+        @shipment.fee_adjustment.close
 
         render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
       end
@@ -79,8 +74,9 @@ module Api
       def remove
         variant = scoped_variant(params[:variant_id])
         quantity = params[:quantity].to_i
+        restock_item = params.fetch(:restock_item, "true") == "true"
 
-        @order.contents.remove(variant, quantity, @shipment)
+        @order.contents.remove(variant, quantity, @shipment, restock_item)
         @shipment.reload if @shipment.persisted?
 
         render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok

app/controllers/api/v0/taxons_controller.rb

@@ -73,7 +73,7 @@ module Api
       def taxon_params
         return if params[:taxon].blank?
 
-        params.require(:taxon).permit([:name, :parent_id])
+        params.require(:taxon).permit([:name, :parent_id, :position])
       end
     end
   end

app/controllers/api/v1/base_controller.rb

@@ -14,6 +14,7 @@ module Api
       attr_accessor :current_api_user
 
       before_action :authenticate_user
+      before_action :restrict_feature
 
       rescue_from StandardError, with: :error_during_processing
       rescue_from CanCan::AccessDenied, with: :unauthorized
@@ -38,6 +39,10 @@ module Api
         invalid_api_key
       end
 
+      def restrict_feature
+        not_found unless Flipper.enabled?(:api_v1, @current_api_user)
+      end
+
       def current_ability
         Spree::Ability.new(current_api_user)
       end

app/controllers/api/v1/customers_controller.rb

@@ -5,9 +5,10 @@ require 'open_food_network/permissions'
 module Api
   module V1
     class CustomersController < Api::V1::BaseController
+      include AddressTransformation
+
       skip_authorization_check only: :index
 
-      before_action :set_customer, only: [:show, :update, :destroy]
       before_action :authorize_action, only: [:show, :update, :destroy]
 
       def index
@@ -17,44 +18,44 @@ module Api
       end
 
       def show
-        render json: Api::V1::CustomerSerializer.new(@customer, include_options)
+        render json: Api::V1::CustomerSerializer.new(customer, include_options)
       end
 
       def create
         authorize! :update, Enterprise.find(customer_params[:enterprise_id])
-        @customer = Customer.new(customer_params)
+        customer = Customer.new(customer_params)
 
-        if @customer.save
-          render json: Api::V1::CustomerSerializer.new(@customer), status: :created
+        if customer.save
+          render json: Api::V1::CustomerSerializer.new(customer), status: :created
         else
-          invalid_resource! @customer
+          invalid_resource! customer
         end
       end
 
       def update
-        if @customer.update(customer_params)
-          render json: Api::V1::CustomerSerializer.new(@customer)
+        if customer.update(customer_params)
+          render json: Api::V1::CustomerSerializer.new(customer)
         else
-          invalid_resource! @customer
+          invalid_resource! customer
         end
       end
 
       def destroy
-        if @customer.destroy
-          render json: Api::V1::CustomerSerializer.new(@customer)
+        if customer.destroy
+          render json: Api::V1::CustomerSerializer.new(customer)
         else
-          invalid_resource! @customer
+          invalid_resource! customer
         end
       end
 
       private
 
-      def set_customer
-        @customer = Customer.find(params[:id])
+      def customer
+        @customer ||= Customer.find(params[:id])
       end
 
       def authorize_action
-        authorize! action_name.to_sym, @customer
+        authorize! action_name.to_sym, customer
       end
 
       def search_customers
@@ -77,7 +78,8 @@ module Api
             :phone, :latitude, :longitude,
             :first_name, :last_name,
             :street_address_1, :street_address_2,
-            :postal_code, :locality, :region, :country,
+            :postal_code, :locality,
+            { region: [:name, :code], country: [:name, :code] },
           ]
         ).to_h
 
@@ -89,39 +91,6 @@ module Api
         attributes
       end
 
-      def transform_address!(attributes, from, to)
-        return unless attributes.key?(from)
-
-        address = attributes.delete(from)
-
-        if address.nil?
-          attributes[to] = nil
-          return
-        end
-
-        address.transform_keys! do |key|
-          {
-            phone: :phone, latitude: :latitude, longitude: :longitude,
-            first_name: :firstname, last_name: :lastname,
-            street_address_1: :address1, street_address_2: :address2,
-            postal_code: :zipcode,
-            locality: :city,
-            region: :state_name,
-            country: :country,
-          }.with_indifferent_access[key]
-        end
-
-        if address[:state_name].present?
-          address[:state] = Spree::State.find_by(name: address[:state_name])
-        end
-
-        if address[:country].present?
-          address[:country] = Spree::Country.find_by(name: address[:country])
-        end
-
-        attributes["#{to}_attributes"] = address
-      end
-
       def editable_enterprises
         OpenFoodNetwork::Permissions.new(current_api_user).editable_enterprises.select(:id)
       end

app/controllers/application_controller.rb

@@ -29,6 +29,7 @@ class ApplicationController < ActionController::Base
   helper 'footer_links'
   helper 'discourse'
   helper 'checkout'
+  helper 'link'
   helper 'terms_and_conditions'
 
   protect_from_forgery
@@ -38,6 +39,7 @@ class ApplicationController < ActionController::Base
   include Spree::Core::ControllerHelpers::Common
 
   before_action :set_cache_headers # prevent cart emptying via cache when using back button #1213
+  before_action :check_disabled_user, if: :spree_user_signed_in?
   before_action :set_after_login_url
 
   include RawParams
@@ -158,6 +160,14 @@ class ApplicationController < ActionController::Base
     response.headers["Pragma"] = "no-cache"
     response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
   end
+
+  def check_disabled_user
+    return unless current_spree_user.disabled
+
+    flash[:success] = nil
+    flash.now[:error] = I18n.t("devise.failure.disabled")
+    sign_out current_spree_user
+  end
 end
 
 require 'spree/i18n/initializer'

app/controllers/concerns/address_transformation.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+# Our internal data structures are different to the API data strurctures.
+module AddressTransformation
+  extend ActiveSupport::Concern
+
+  def transform_address!(attributes, from, to)
+    return unless attributes.key?(from)
+
+    address = attributes.delete(from)
+
+    if address.nil?
+      attributes[to] = nil
+      return
+    end
+
+    address.transform_keys! do |key|
+      {
+        phone: :phone, latitude: :latitude, longitude: :longitude,
+        first_name: :firstname, last_name: :lastname,
+        street_address_1: :address1, street_address_2: :address2,
+        postal_code: :zipcode,
+        locality: :city,
+        region: :state,
+        country: :country,
+      }.with_indifferent_access[key]
+    end
+
+    address[:state] = find_state(address) if address[:state].present?
+    address[:country] = find_country(address) if address[:country].present?
+
+    attributes["#{to}_attributes"] = address
+  end
+
+  private
+
+  def find_state(address)
+    Spree::State.find_by("LOWER(abbr) = ? OR LOWER(name) = ?",
+                         address.dig(:state, :code)&.downcase,
+                         address.dig(:state, :name)&.downcase)
+  end
+
+  def find_country(address)
+    Spree::Country.find_by("LOWER(iso) = ? OR LOWER(name) = ?",
+                           address.dig(:country, :code)&.downcase,
+                           address.dig(:country, :name)&.downcase)
+  end
+end

app/controllers/concerns/checkout_callbacks.rb

@@ -47,7 +47,7 @@ module CheckoutCallbacks
   end
 
   def load_shipping_methods
-    @shipping_methods = available_shipping_methods
+    @shipping_methods = available_shipping_methods.sort { |a, b| a.name.casecmp(b.name) }
   end
 
   def redirect_to_shop?

app/controllers/concerns/reports_actions.rb

@@ -3,10 +3,14 @@
 module ReportsActions
   extend ActiveSupport::Concern
 
+  def reports
+    Reporting::Reports::List.all
+  end
+
   private
 
   def authorize_report
-    authorize! report_type&.to_sym, :report
+    authorize! report_type.to_sym, :report
   end
 
   def report_class
@@ -23,31 +27,26 @@ module ReportsActions
     params[:report_type]
   end
 
+  def report_subtypes
+    reports[report_type.to_sym] || []
+  end
+
+  def report_subtypes_codes
+    report_subtypes.map(&:second).map(&:to_s)
+  end
+
   def report_subtype
-    params[:report_subtype]
+    params[:report_subtype] || report_subtypes_codes.first
   end
 
   def ransack_params
     raw_params[:q]
   end
 
-  def report_options
-    raw_params[:options]
-  end
-
   def report_format
     params[:report_format]
   end
 
-  def export_spreadsheet?
-    ['xlsx', 'ods', 'csv'].include?(report_format)
-  end
-
-  def form_options_required?
-    [:packing, :customers, :products_and_inventory, :order_cycle_management].
-      include? report_type.to_sym
-  end
-
   def report_filename
     "#{report_type || action_name}_#{file_timestamp}.#{report_format}"
   end

app/controllers/split_checkout_controller.rb

@@ -31,12 +31,16 @@ class SplitCheckoutController < ::BaseController
       advance_order_state
       redirect_to_step
     else
-      flash.now[:error] = I18n.t('split_checkout.errors.global')
+      flash.now[:error] ||= I18n.t('split_checkout.errors.global')
 
       render status: :unprocessable_entity, operations: cable_car.
         replace("#checkout", partial("split_checkout/checkout")).
         replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
     end
+  rescue Spree::Core::GatewayError => e
+    flash[:error] = I18n.t(:spree_gateway_error_flash_for_checkout, error: e.message)
+    @order.update_column(:state, "payment")
+    render operations: cable_car.redirect_to(url: checkout_step_path(:payment))
   end
 
   private
@@ -128,7 +132,7 @@ class SplitCheckoutController < ::BaseController
     when "confirmation"
       redirect_to checkout_step_path(:summary)
     else
-      redirect_to order_path(@order)
+      redirect_to order_path(@order, order_token: @order.token)
     end
   end
 

app/controllers/spree/admin/orders_controller.rb

@@ -66,6 +66,8 @@ module Spree
       def fire
         event = params[:e]
         @order.send_cancellation_email = params[:send_cancellation_email] != "false"
+        @order.restock_items = params.fetch(:restock_items, "true") == "true"
+
         if @order.public_send(event.to_s)
           flash[:success] = Spree.t(:order_updated)
         else
@@ -124,7 +126,7 @@ module Spree
       end
 
       def require_distributor_abn
-        return if @order.distributor.abn.present?
+        return if @order.distributor.can_invoice?
 
         flash[:error] = t(:must_have_valid_business_number,
                           enterprise_name: @order.distributor.name)

app/controllers/spree/admin/products_controller.rb

@@ -30,18 +30,14 @@ module Spree
           @object.attributes = permitted_resource_params
           if @object.save
             flash[:success] = flash_message_for(@object, :successfully_created)
-            if params[:button] == "add_another"
-              redirect_to spree.new_admin_product_path
-            else
-              redirect_to spree.admin_products_path
-            end
+            redirect_after_save
           else
+            # Re-fill the form with deleted params on product
+            @on_hand = request.params[:product][:on_hand]
+            @on_demand = request.params[:product][:on_demand]
             render :new
           end
         end
-      rescue Paperclip::Errors::NotIdentifiedByImageMagickError
-        @object.errors.add(:base, t('spree.admin.products.image_upload_error'))
-        respond_with(@object)
       end
 
       def show
@@ -141,6 +137,14 @@ module Spree
 
       private
 
+      def redirect_after_save
+        if params[:button] == "add_another"
+          redirect_to spree.new_admin_product_path
+        else
+          redirect_to spree.admin_products_path
+        end
+      end
+
       def product_set_from_params
         collection_hash = Hash[products_bulk_params[:products].each_with_index.map { |p, i|
                                  [i, p]

app/controllers/spree/admin/reports_controller.rb

@@ -1,310 +0,0 @@
-# frozen_string_literal: true
-
-require 'csv'
-
-require 'open_food_network/reports/list'
-require 'open_food_network/order_and_distributor_report'
-require 'open_food_network/products_and_inventory_report'
-require 'open_food_network/lettuce_share_report'
-require 'open_food_network/group_buy_report'
-require 'open_food_network/order_grouper'
-require 'open_food_network/customers_report'
-require 'open_food_network/users_and_enterprises_report'
-require 'open_food_network/order_cycle_management_report'
-require 'open_food_network/sales_tax_report'
-require 'open_food_network/xero_invoices_report'
-require 'open_food_network/payments_report'
-require 'open_food_network/orders_and_fulfillments_report'
-
-module Spree
-  module Admin
-    class ReportsController < Spree::Admin::BaseController
-      include Spree::ReportsHelper
-      helper ::ReportsHelper
-
-      ORDER_MANAGEMENT_ENGINE_REPORTS = [
-        :bulk_coop,
-        :enterprise_fee_summary
-      ].freeze
-
-      helper_method :render_content?
-
-      before_action :cache_search_state
-      # Fetches user's distributors, suppliers and order_cycles
-      before_action :load_basic_data, only: [:customers, :products_and_inventory, :order_cycle_management]
-      before_action :load_associated_data, only: [:orders_and_fulfillment]
-
-      respond_to :html
-
-      def report_types
-        OpenFoodNetwork::Reports::List.all
-      end
-
-      def index
-        @reports = authorized_reports
-        respond_with(@reports)
-      end
-
-      def customers
-        @report_types = report_types[:customers]
-        @report_type = params[:report_type]
-        @report = OpenFoodNetwork::CustomersReport.new spree_current_user, raw_params,
-                                                       render_content?
-        render_report(@report.header, @report.table, params[:csv], "customers_#{timestamp}.csv")
-      end
-
-      def order_cycle_management
-        raw_params[:q] ||= {}
-
-        @report_types = report_types[:order_cycle_management]
-        @report_type = params[:report_type]
-
-        # -- Build Report with Order Grouper
-        @report = OpenFoodNetwork::OrderCycleManagementReport.new spree_current_user,
-                                                                  raw_params,
-                                                                  render_content?
-        @table = @report.table_items
-
-        render_report(@report.header, @table, params[:csv],
-                      "order_cycle_management_#{timestamp}.csv")
-      end
-
-      def orders_and_distributors
-        @report = OpenFoodNetwork::OrderAndDistributorReport.new spree_current_user,
-                                                                 raw_params,
-                                                                 render_content?
-        @search = @report.search
-        csv_file_name = "orders_and_distributors_#{timestamp}.csv"
-        render_report(@report.header, @report.table, params[:csv], csv_file_name)
-      end
-
-      def sales_tax
-        @distributors = my_distributors
-        @report_type = params[:report_type]
-        @report = OpenFoodNetwork::SalesTaxReport.new spree_current_user, raw_params,
-                                                      render_content?
-        render_report(@report.header, @report.table, params[:csv], "sales_tax.csv")
-      end
-
-      def payments
-        # -- Prepare Form Options
-        @distributors = my_distributors
-        @report_type = params[:report_type]
-
-        # -- Build Report with Order Grouper
-        @report = OpenFoodNetwork::PaymentsReport.new spree_current_user, raw_params,
-                                                      render_content?
-        @table = order_grouper_table
-        csv_file_name = "payments_#{timestamp}.csv"
-
-        render_report(@report.header, @table, params[:csv], csv_file_name)
-      end
-
-      def orders_and_fulfillment
-        raw_params[:q] ||= orders_and_fulfillment_default_filters
-
-        @report_types = report_types[:orders_and_fulfillment]
-        @report_type = params[:report_type]
-
-        @include_blank = I18n.t(:all)
-
-        # -- Build Report with Order Grouper
-        @report = OpenFoodNetwork::OrdersAndFulfillmentsReport.new spree_current_user,
-                                                                   raw_params,
-                                                                   render_content?
-        @table = order_grouper_table
-        csv_file_name = "#{params[:report_type]}_#{timestamp}.csv"
-
-        render_report(@report.header, @table, params[:csv], csv_file_name)
-      end
-
-      def products_and_inventory
-        @report_types = report_types[:products_and_inventory]
-        @report = if params[:report_type] != 'lettuce_share'
-                    OpenFoodNetwork::ProductsAndInventoryReport.new spree_current_user,
-                                                                    raw_params,
-                                                                    render_content?
-                  else
-                    OpenFoodNetwork::LettuceShareReport.new spree_current_user,
-                                                            raw_params,
-                                                            render_content?
-                  end
-
-        render_report @report.header,
-                      @report.table,
-                      params[:csv],
-                      "products_and_inventory_#{timestamp}.csv"
-      end
-
-      def users_and_enterprises
-        @report = OpenFoodNetwork::UsersAndEnterprisesReport.new raw_params, render_content?
-        render_report(@report.header, @report.table, params[:csv],
-                      "users_and_enterprises_#{timestamp}.csv")
-      end
-
-      def xero_invoices
-        raw_params[:q] ||= {}
-
-        @distributors = my_distributors
-        @order_cycles = my_order_cycles
-
-        @report = OpenFoodNetwork::XeroInvoicesReport.new(spree_current_user,
-                                                          raw_params,
-                                                          render_content?)
-        render_report(@report.header, @report.table, params[:csv], "xero_invoices_#{timestamp}.csv")
-      end
-
-      private
-
-      def model_class
-        Spree::Admin::ReportsController
-      end
-
-      # Some actions are changing the `params` object. That is unfortunate Spree
-      # behavior and we are building on it. So we have to look at `params` early
-      # to check if we are searching or just displaying a report search form.
-      def cache_search_state
-        search_keys = [
-          # search parameter for ransack
-          :q,
-          # common in all reports, only set for CSV rendering
-          :csv,
-          # `button` is included in all forms. It's not important for searching,
-          # but the Users & Enterprises report doesn't have any other parameter
-          # for an empty search. So we use this one to display data.
-          :button,
-          # Some reports use filtering by enterprise or order cycle
-          :distributor_id,
-          :supplier_id,
-          :order_cycle_id,
-          # Xero Invoices can be filtered by date
-          :invoice_date,
-          :due_date
-        ]
-        @searching = search_keys.any? { |key| raw_params.key? key }
-      end
-
-      # We don't want to render data unless search params are supplied.
-      # Compiling data can take a long time.
-      def render_content?
-        @searching
-      end
-
-      def render_report(header, table, create_csv, csv_file_name)
-        send_data csv_report(header, table), filename: csv_file_name if create_csv
-        @header = header
-        @table = table
-        # Rendering HTML is the default.
-      end
-
-      def load_associated_data
-        form_options = Reporting::FrontendData.new(spree_current_user)
-
-        @distributors = form_options.distributors
-        @suppliers = form_options.suppliers
-        @order_cycles = form_options.order_cycles
-      end
-
-      def csv_report(header, table)
-        CSV.generate do |csv|
-          csv << header
-          table.each { |row| csv << row }
-        end
-      end
-
-      def load_basic_data
-        @distributors = my_distributors
-        @suppliers = my_suppliers | suppliers_of_products_distributed_by(@distributors)
-        @order_cycles = my_order_cycles
-      end
-
-      # Load managed distributor enterprises of current user
-      def my_distributors
-        Enterprise.is_distributor.managed_by(spree_current_user)
-      end
-
-      # Load managed producer enterprises of current user
-      def my_suppliers
-        Enterprise.is_primary_producer.managed_by(spree_current_user)
-      end
-
-      def suppliers_of_products_distributed_by(distributors)
-        supplier_ids = Spree::Product.in_distributors(distributors.select('enterprises.id')).
-          select('spree_products.supplier_id')
-
-        Enterprise.where(id: supplier_ids)
-      end
-
-      # Load order cycles the current user has access to
-      def my_order_cycles
-        OrderCycle.
-          active_or_complete.
-          visible_by(spree_current_user).
-          order('orders_close_at DESC')
-      end
-
-      def order_grouper_table
-        order_grouper = OpenFoodNetwork::OrderGrouper.new @report.rules, @report.columns, @report
-        order_grouper.table(@report.table_items)
-      end
-
-      def authorized_reports
-        all_reports = [
-          :orders_and_distributors,
-          :bulk_coop,
-          :payments,
-          :orders_and_fulfillment,
-          :customers,
-          :products_and_inventory,
-          :users_and_enterprises,
-          :enterprise_fee_summary,
-          :order_cycle_management,
-          :sales_tax,
-          :xero_invoices,
-          :packing
-        ]
-        reports = all_reports.select { |action| can? action, Spree::Admin::ReportsController }
-        reports.map { |report| [report, describe_report(report)] }.to_h
-      end
-
-      def describe_report(report)
-        name = I18n.t(:name, scope: [:admin, :reports, report])
-        description = begin
-          I18n.t!(:description, scope: [:admin, :reports, report])
-        rescue I18n::MissingTranslationData
-          render_to_string(
-            partial: "#{report}_description",
-            layout: false,
-            locals: { report_types: report_types[report] }
-          ).html_safe
-        end
-        { name: name, url: url_for_report(report), description: description }
-      end
-
-      def url_for_report(report)
-        if report_in_order_management_engine?(report)
-          main_app.public_send("new_order_management_reports_#{report}_url".to_sym)
-        else
-          spree.public_send("#{report}_admin_reports_url".to_sym)
-        end
-      rescue NoMethodError
-        main_app.admin_reports_url(report_type: report)
-      end
-
-      # List of reports that have been moved to the Order Management engine
-      def report_in_order_management_engine?(report)
-        ORDER_MANAGEMENT_ENGINE_REPORTS.include?(report)
-      end
-
-      def timestamp
-        Time.zone.now.strftime("%Y%m%d")
-      end
-
-      def orders_and_fulfillment_default_filters
-        now = Time.zone.now
-        { completed_at_gt: (now - 1.month).beginning_of_day,
-          completed_at_lt: (now + 1.day).beginning_of_day }
-      end
-    end
-  end
-end

app/helpers/link_helper.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-module GroupsHelper
+module LinkHelper
   def link_to_service(baseurl, name, html_options = {}, &block)
     return if name.blank?
 
@@ -15,8 +15,4 @@ module GroupsHelper
       prefix + url
     end
   end
-
-  def strip_url(url)
-    url&.sub(%r{^https?://}i, '')
-  end
 end

app/helpers/reports_helper.rb

@@ -9,7 +9,24 @@ module ReportsHelper
     end
   end
 
-  def report_subtypes(report)
-    Reporting::ReportLoader.new(report).report_subtypes
+  def report_payment_method_options(orders)
+    orders.map do |order|
+      payment_method = order.payments.last&.payment_method
+
+      next unless payment_method
+
+      [payment_method.name, payment_method.id]
+    end.compact.uniq
+  end
+
+  def report_shipping_method_options(orders)
+    orders.map do |o|
+      sm = o.shipping_method
+      [sm&.name, sm&.id]
+    end.uniq
+  end
+
+  def currency_symbol
+    Spree::Money.currency_symbol
   end
 end

app/helpers/spree/admin/navigation_helper.rb

@@ -77,7 +77,7 @@ module Spree
         klass = EnterpriseGroup if klass == :group
         klass = VariantOverride if klass == :Inventory
         klass = ProductImport::ProductImporter if klass == :import
-        klass = Spree::Admin::ReportsController if klass == :report
+        klass = ::Admin::ReportsController if klass == :report
         klass
       end
 
@@ -115,7 +115,7 @@ module Spree
         if html_options[:method] &&
            html_options[:method].to_s.downcase != 'get' &&
            !html_options[:remote]
-          form_tag(url, method: html_options.delete(:method)) do
+          form_tag(url, method: html_options.delete(:method), id: html_options.delete(:form_id)) do
             button(text, html_options.delete(:icon), nil, html_options)
           end
         else

app/helpers/spree/admin/orders_helper.rb

@@ -5,8 +5,8 @@ module Spree
     module OrdersHelper
       def event_links
         links = []
-        links << event_link("cancel") if @order.can_cancel?
-        links << event_link("resume") if @order.can_resume?
+        links << cancel_event_link if @order.can_cancel?
+        links << resume_event_link if @order.can_resume?
         links.join('&nbsp;').html_safe
       end
 
@@ -44,6 +44,14 @@ module Spree
         end
       end
 
+      def print_invoice_link
+        if @order.distributor.can_invoice?
+          print_invoice_link_with_url
+        else
+          notify_about_required_enterprise_number
+        end
+      end
+
       def ticket_links
         return [] unless Spree::Config[:enable_receipt_printing?]
 
@@ -78,13 +86,20 @@ module Spree
           confirm: t(:must_have_valid_business_number, enterprise_name: @order.distributor.name) }
       end
 
-      def print_invoice_link
+      def print_invoice_link_with_url
         { name: t(:print_invoice),
           url: spree.print_admin_order_path(@order),
           icon: 'icon-print',
           target: "_blank" }
       end
 
+      def notify_about_required_enterprise_number
+        { name: t(:print_invoice),
+          url: "#",
+          icon: 'icon-print',
+          confirm: t(:must_have_valid_business_number, enterprise_name: @order.distributor.name) }
+      end
+
       def print_ticket_link
         { name: t(:print_ticket),
           url: print_ticket_admin_order_path(@order),
@@ -114,12 +129,19 @@ module Spree
           confirm: t(:are_you_sure) }
       end
 
-      def event_link(event)
-        event_label = I18n.t(event, scope: "actions")
+      def cancel_event_link
+        event_label = I18n.t("cancel", scope: "actions")
+        button_link_to(event_label,
+                       fire_admin_order_url(@order, e: "cancel"),
+                       method: :put, icon: "icon-cancel", form_id: "cancel_order_form")
+      end
+
+      def resume_event_link
+        event_label = I18n.t("resume", scope: "actions")
         confirm_message = I18n.t("admin.orders.edit.order_sure_want_to", event: event_label)
         button_link_to(event_label,
-                       fire_admin_order_url(@order, e: event),
-                       method: :put, icon: "icon-#{event}",
+                       fire_admin_order_url(@order, e: "resume"),
+                       method: :put, icon: "icon-resume",
                        data: { confirm: confirm_message })
       end
 

app/helpers/spree/reports_helper.rb

@@ -1,33 +0,0 @@
-# frozen_string_literal: true
-
-require 'spree/money'
-
-module Spree
-  module ReportsHelper
-    def report_payment_method_options(orders)
-      orders.map do |order|
-        payment_method = order.payments.last&.payment_method
-
-        next unless payment_method
-
-        [payment_method.name, payment_method.id]
-      end.compact.uniq
-    end
-
-    def report_shipping_method_options(orders)
-      orders.map do |o|
-        sm = o.shipping_method
-        [sm&.name, sm&.id]
-      end.uniq
-    end
-
-    def xero_report_types
-      [[I18n.t(:summary), 'summary'],
-       [I18n.t(:detailed), 'detailed']]
-    end
-
-    def currency_symbol
-      Spree::Money.currency_symbol
-    end
-  end
-end

app/json_schemas/customer_schema.rb

@@ -14,7 +14,7 @@ class CustomerSchema < JsonApiSchema
       code: { type: :string, nullable: true, example: "BUYER1" },
       email: { type: :string, example: "alice@example.com" },
       allow_charges: { type: :boolean, example: false },
-      tags: { type: :array, example: ["staff", "discount"] },
+      tags: { type: :array, items: { type: :string }, example: ["staff", "discount"] },
       terms_and_conditions_accepted_at: {
         type: :string, format: "date-time", nullable: true,
         example: "2022-03-12T15:55:00.000+11:00",
@@ -41,8 +41,8 @@ class CustomerSchema < JsonApiSchema
       street_address_2: "",
       postal_code: "1234",
       locality: "Melbourne",
-      region: "Victoria",
-      country: "Australia",
+      region: { code: "Vic", name: "Victoria" },
+      country: { code: "AU", name: "Australia" },
     }
   end
 

app/models/concerns/file_preferences.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module FilePreferences
+  extend ActiveSupport::Concern
+
+  included do
+    @default_urls = {}
+  end
+
+  class_methods do
+    def file_preference(name, default_url: nil)
+      preference "#{name}_blob_id", :integer
+      @default_urls[name] = default_url if default_url
+    end
+
+    def default_url(name)
+      @default_urls[name]
+    end
+  end
+
+  def preference_type(key)
+    if has_preference?("#{key}_blob_id")
+      :file
+    else
+      super(key)
+    end
+  end
+
+  def url_for(name)
+    blob = blob_for(name)
+
+    if blob
+      Rails.application.routes.url_helpers.url_for(blob)
+    else
+      self.class.default_url(name)
+    end
+  end
+
+  def blob_for(name)
+    blob_id = get_preference("#{name}_blob_id")
+    ActiveStorage::Blob.find_by(id: blob_id) if blob_id
+  end
+end

app/models/content_configuration.rb

@@ -1,23 +1,17 @@
 # frozen_string_literal: true
 
-require 'open_food_network/paperclippable'
-
-class ContentConfiguration < Spree::Preferences::FileConfiguration
-  include OpenFoodNetwork::Paperclippable
+class ContentConfiguration < Spree::Preferences::Configuration
+  include FilePreferences
 
   # Header
-  preference :logo, :file
-  preference :logo_mobile, :file
-  preference :logo_mobile_svg, :file
-  has_attached_file :logo, default_url: "/default_images/ofn-logo.png"
-  has_attached_file :logo_mobile
-  has_attached_file :logo_mobile_svg, default_url: "/default_images/ofn-logo-mobile.svg"
+  file_preference :logo, default_url: "/default_images/ofn-logo.png"
+  file_preference :logo_mobile
+  file_preference :logo_mobile_svg, default_url: "/default_images/ofn-logo-mobile.svg"
 
   # Home page
   preference :home_page_alert_html, :text
-  preference :home_hero, :file
+  file_preference :home_hero, default_url: "/default_images/home.jpg"
   preference :home_show_stats, :boolean, default: true
-  has_attached_file :home_hero, default_url: "/default_images/home.jpg"
 
   # Map
   preference :open_street_map_enabled, :boolean, default: false
@@ -66,8 +60,7 @@ class ContentConfiguration < Spree::Preferences::FileConfiguration
   preference :menu_7_icon_name, :string, default: "ofn-i_013-help"
 
   # Footer
-  preference :footer_logo, :file
-  has_attached_file :footer_logo, default_url: "/default_images/ofn-logo-footer.png"
+  file_preference :footer_logo, default_url: "/default_images/ofn-logo-footer.png"
 
   # Other
   preference :footer_facebook_url, :string, default: "https://www.facebook.com/OpenFoodNet"

app/models/enterprise.rb

@@ -1,12 +1,20 @@
 # frozen_string_literal: false
 
-require 'spree/core/s3_support'
-
 class Enterprise < ApplicationRecord
-  include Spree::Core::S3Support
-
   SELLS = %w(unspecified none own any).freeze
   ENTERPRISE_SEARCH_RADIUS = 100
+  # The next Rails version will have named variants but we need to store them
+  # ourselves for now.
+  LOGO_SIZES = {
+    thumb: { resize_to_limit: [100, 100] },
+    small: { resize_to_limit: [180, 180] },
+    medium: { resize_to_limit: [300, 300] },
+  }.freeze
+  PROMO_IMAGE_SIZES = {
+    thumb: { resize_to_limit: [100, 100] },
+    medium: { resize_to_fill: [720, 156] },
+    large: { resize_to_fill: [1200, 260] },
+  }.freeze
 
   searchable_attributes :sells, :is_primary_producer
   searchable_associations :properties
@@ -20,6 +28,7 @@ class Enterprise < ApplicationRecord
   preference :shopfront_order_cycle_order, :string, default: "orders_close_at"
   preference :shopfront_product_sorting_method, :string, default: "by_category"
   preference :invoice_order_by_supplier, :boolean, default: false
+  preference :product_low_stock_display, :boolean, default: false
 
   # Allow hubs to restrict visible variants to only those in their inventory
   preference :product_selection_from_inventory_only, :boolean, default: false
@@ -71,31 +80,16 @@ class Enterprise < ApplicationRecord
                                               tag_rule[:preferred_customer_tags].blank?
                                             }
 
-  has_attached_file :logo,
-                    styles: { medium: "300x300>", small: "180x180>", thumb: "100x100>" },
-                    url: '/images/enterprises/logos/:id/:style/:basename.:extension',
-                    path: 'public/images/enterprises/logos/:id/:style/:basename.:extension'
+  has_one_attached :logo
+  has_one_attached :promo_image
+  has_one_attached :terms_and_conditions
 
-  has_attached_file :promo_image,
-                    styles: {
-                      large: ["1200x260#", :jpg],
-                      medium: ["720x156#", :jpg],
-                      thumb: ["100x100>", :jpg]
-                    },
-                    url: '/images/enterprises/promo_images/:id/:style/:basename.:extension',
-                    path: 'public/images/enterprises/promo_images/:id/:style/:basename.:extension'
-  validates_attachment_content_type :logo, content_type: %r{\Aimage/.*\Z}
-  validates_attachment_content_type :promo_image, content_type: %r{\Aimage/.*\Z}
-
-  has_attached_file :terms_and_conditions,
-                    url: '/files/enterprises/terms_and_conditions/:id/:basename.:extension',
-                    path: 'public/files/enterprises/terms_and_conditions/:id/:basename.:extension'
-  validates_attachment_content_type :terms_and_conditions,
-                                    content_type: "application/pdf",
-                                    message: I18n.t(:enterprise_terms_and_conditions_type_error)
-
-  supports_s3 :logo
-  supports_s3 :promo_image
+  validates :logo, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml)\Z}
+  validates :promo_image, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml)\Z}
+  validates :terms_and_conditions, content_type: {
+    in: "application/pdf",
+    message: I18n.t(:enterprise_terms_and_conditions_type_error),
+  }
 
   validates :name, presence: true
   validate :name_is_unique
@@ -119,7 +113,8 @@ class Enterprise < ApplicationRecord
   after_rollback :restore_permalink
 
   scope :by_name, -> { order('name') }
-  scope :visible, -> { where(visible: true) }
+  scope :visible, -> { where(visible: "public") }
+  scope :not_hidden, -> { where.not(visible: "hidden") }
   scope :activated, -> { where("sells != 'unspecified'") }
   scope :ready_for_checkout, lambda {
     joins(:shipping_methods).
@@ -266,7 +261,7 @@ class Enterprise < ApplicationRecord
 
   def plus_relatives_and_oc_producers(order_cycles)
     oc_producer_ids = Exchange.in_order_cycle(order_cycles).incoming.pluck :sender_id
-    Enterprise.is_primary_producer.relatives_of_one_union_others(id, oc_producer_ids | [id])
+    Enterprise.not_hidden.is_primary_producer.relatives_of_one_union_others(id, oc_producer_ids | [id])
   end
 
   def relatives_including_self
@@ -281,6 +276,22 @@ class Enterprise < ApplicationRecord
     relatives_including_self.is_primary_producer
   end
 
+  def logo_url(name)
+    return unless logo.variable?
+
+    Rails.application.routes.url_helpers.url_for(
+      logo.variant(LOGO_SIZES[name])
+    )
+  end
+
+  def promo_image_url(name)
+    return unless promo_image.variable?
+
+    Rails.application.routes.url_helpers.url_for(
+      promo_image.variant(PROMO_IMAGE_SIZES[name])
+    )
+  end
+
   def website
     strip_url self[:website]
   end
@@ -301,6 +312,10 @@ class Enterprise < ApplicationRecord
     correct_instagram_url self[:instagram]
   end
 
+  def whatsapp_url
+    correct_whatsapp_url self[:whatsapp_phone]
+  end
+
   def inventory_variants
     if prefers_product_selection_from_inventory_only?
       Spree::Variant.visible_for(self)
@@ -397,9 +412,15 @@ class Enterprise < ApplicationRecord
   end
 
   def can_invoice?
+    return true unless Spree::Config.enterprise_number_required_on_invoices?
+
     abn.present?
   end
 
+  def public?
+    visible == "public"
+  end
+
   protected
 
   def devise_mailer
@@ -431,6 +452,10 @@ class Enterprise < ApplicationRecord
     url&.sub(%r{(https?://)?}, '')
   end
 
+  def correct_whatsapp_url(phone_number)
+    phone_number && "https://wa.me/" + phone_number.tr('+ ', '')
+  end
+
   def correct_instagram_url(url)
     url && strip_url(url).sub(%r{www.instagram.com/}, '').delete("@")
   end

app/models/enterprise_group.rb

@@ -1,11 +1,9 @@
 # frozen_string_literal: true
 
 require 'open_food_network/locking'
-require 'spree/core/s3_support'
 
 class EnterpriseGroup < ApplicationRecord
   include PermalinkGenerator
-  include Spree::Core::S3Support
 
   acts_as_list
 
@@ -27,21 +25,11 @@ class EnterpriseGroup < ApplicationRecord
 
   delegate :phone, :address1, :address2, :city, :zipcode, :state, :country, to: :address
 
-  has_attached_file :logo,
-                    styles: { medium: "100x100" },
-                    url: '/images/enterprise_groups/logos/:id/:style/:basename.:extension',
-                    path: 'public/images/enterprise_groups/logos/:id/:style/:basename.:extension'
+  has_one_attached :logo
+  has_one_attached :promo_image
 
-  has_attached_file :promo_image,
-                    styles: { large: ["1200x260#", :jpg] },
-                    url: '/images/enterprise_groups/promo_images/:id/:style/:basename.:extension',
-                    path: 'public/images/enterprise_groups/promo_images/:id/:style/:basename.:extension'
-
-  validates_attachment_content_type :logo, content_type: %r{\Aimage/.*\Z}
-  validates_attachment_content_type :promo_image, content_type: %r{\Aimage/.*\Z}
-
-  supports_s3 :logo
-  supports_s3 :promo_image
+  validates :logo, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml)\Z}
+  validates :promo_image, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml)\Z}
 
   scope :by_position, -> { order('position ASC') }
   scope :on_front_page, -> { where(on_front_page: true) }

app/models/order_cycle.rb

@@ -10,7 +10,8 @@ class OrderCycle < ApplicationRecord
   belongs_to :coordinator, class_name: 'Enterprise'
 
   has_many :coordinator_fee_refs, class_name: 'CoordinatorFee'
-  has_many :coordinator_fees, through: :coordinator_fee_refs, source: :enterprise_fee
+  has_many :coordinator_fees, through: :coordinator_fee_refs, source: :enterprise_fee,
+                              dependent: :destroy
 
   has_many :exchanges, dependent: :destroy
 

app/models/spree/ability.rb

@@ -236,12 +236,10 @@ module Spree
            :validate_data, :reset_absent_products], ProductImport::ProductImporter
 
       # Reports page
-      can [:admin, :index, :customers, :orders_and_distributors, :group_buys, :payments,
-           :orders_and_fulfillment, :products_and_inventory, :order_cycle_management, :packing],
-          Spree::Admin::ReportsController
-      can [:admin, :show, :packing], :report
-      add_bulk_coop_abilities
-      add_enterprise_fee_summary_abilities
+      can [:admin, :index, :show], ::Admin::ReportsController
+      can [:admin, :show, :customers, :orders_and_distributors, :group_buys, :payments,
+           :orders_and_fulfillment, :products_and_inventory, :order_cycle_management,
+           :packing, :enterprise_fee_summary, :bulk_coop], :report
     end
 
     def add_order_cycle_management_abilities(user)
@@ -317,11 +315,10 @@ module Spree
       end
 
       # Reports page
-      can [:admin, :index, :customers, :group_buys, :sales_tax, :payments,
+      can [:admin, :index, :show], ::Admin::ReportsController
+      can [:admin, :customers, :group_buys, :sales_tax, :payments,
            :orders_and_distributors, :orders_and_fulfillment, :products_and_inventory,
-           :order_cycle_management, :xero_invoices], Spree::Admin::ReportsController
-      add_bulk_coop_abilities
-      add_enterprise_fee_summary_abilities
+           :order_cycle_management, :xero_invoices, :enterprise_fee_summary, :bulk_coop], :report
 
       can [:create], Customer
       can [:admin, :index, :update,
@@ -346,19 +343,5 @@ module Spree
           user.enterprises.include?(enterprise_relationship.child)
       end
     end
-
-    def add_bulk_coop_abilities
-      # Reveal the report link in spree/admin/reports#index
-      can [:bulk_coop], Spree::Admin::ReportsController
-      # Allow direct access to the report resource
-      can [:admin, :new, :create], :bulk_coop
-    end
-
-    def add_enterprise_fee_summary_abilities
-      # Reveal the report link in spree/admin/reports#index
-      can [:enterprise_fee_summary], Spree::Admin::ReportsController
-      # Allow direct access to the report resource
-      can [:admin, :new, :create], :enterprise_fee_summary
-    end
   end
 end

app/models/spree/address.rb

@@ -105,6 +105,10 @@ module Spree
       render_address([city, zipcode, state&.name])
     end
 
+    def address_and_city
+      [address1, address2, city].select(&:present?).join(' ')
+    end
+
     private
 
     def require_zipcode?

app/models/spree/app_configuration.rb

@@ -129,6 +129,7 @@ module Spree
     preference :enable_invoices?, :boolean, default: true
     preference :invoice_style2?, :boolean, default: false
     preference :enable_receipt_printing?, :boolean, default: false
+    preference :enterprise_number_required_on_invoices?, :boolean, default: true
 
     # Stripe payments
     preference :stripe_connect_enabled, :boolean, default: false

app/models/spree/image.rb

@@ -1,101 +1,43 @@
 # frozen_string_literal: true
 
-require 'spree/core/s3_support'
-
 module Spree
   class Image < Asset
-    validates_attachment_presence :attachment
+    SIZES = {
+      mini: { resize_to_fill: [48, 48] },
+      small: { resize_to_fill: [227, 227] },
+      product: { resize_to_limit: [240, 240] },
+      large: { resize_to_limit: [600, 600] },
+    }.freeze
+
+    has_one_attached :attachment
+
+    validates :attachment, attached: true, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml)\Z}
     validate :no_attachment_errors
 
-    # This is where the styles are used in the app:
-    # - mini: used in the BackOffice: Bulk Product Edit page and Order Cycle edit page
-    # - small: used in the FrontOffice: Product List page
-    # - product: used in the BackOffice: Product Image upload modal in the Bulk Product Edit page
-    #                                      and Product image edit page
-    # - large: used in the FrontOffice: product modal
-    has_attached_file :attachment,
-                      styles: { mini: "48x48#", small: "227x227#",
-                                product: "240x240>", large: "600x600>" },
-                      default_style: :product,
-                      url: '/spree/products/:id/:style/:basename.:extension',
-                      path: ':rails_root/public/spree/products/:id/:style/:basename.:extension',
-                      convert_options: { all: '-strip -auto-orient -colorspace sRGB' }
-
-    # save the w,h of the original image (from which others can be calculated)
-    # we need to look at the write-queue for images which have not been saved yet
-    after_post_process :find_dimensions
-
-    include Spree::Core::S3Support
-    supports_s3 :attachment
-
-    # used by admin products autocomplete
-    def mini_url
-      attachment.url(:mini, false)
-    end
-
-    def find_dimensions
-      return if attachment.errors.present?
-
-      geometry = Paperclip::Geometry.from_file(local_filename_of_original)
-
-      self.attachment_width  = geometry.width
-      self.attachment_height = geometry.height
-    end
-
-    def local_filename_of_original
-      temporary = attachment.queued_for_write[:original]
-
-      if temporary&.path.present?
-        temporary.path
+    def variant(name)
+      if attachment.variable?
+        attachment.variant(SIZES[name])
       else
-        attachment.path
+        attachment
       end
     end
 
+    def url(size)
+      return unless attachment.attached?
+
+      Rails.application.routes.url_helpers.url_for(variant(size))
+    end
+
     # if there are errors from the plugin, then add a more meaningful message
     def no_attachment_errors
-      return if attachment.errors.empty?
+      return if errors[:attachment].empty?
 
-      if errors.all? { |e| e.type == "Paperclip::Errors::NotIdentifiedByImageMagickError" }
+      if errors.all? { |e| e.type == :content_type_invalid }
         attachment.errors.clear
         errors.add :base, I18n.t('spree.admin.products.image_upload_error')
-      else
-        errors.add :attachment,
-                   I18n.t('spree.admin.products.paperclip_image_error', attachment_file_name: attachment_file_name)
       end
+
       false
     end
-
-    def self.set_attachment_attribute(attribute_name, attribute_value)
-      attachment_definitions[:attachment][attribute_name] = attribute_value
-    end
-
-    def self.set_storage_attachment_attributes
-      if Spree::Config[:use_s3]
-        set_s3_attachment_attributes
-      else
-        attachment_definitions[:attachment].delete(:storage)
-      end
-    end
-
-    def self.set_s3_attachment_attributes
-      set_attachment_attribute(:storage, :s3)
-      set_attachment_attribute(:s3_credentials, s3_credentials)
-      set_attachment_attribute(:s3_headers,
-                               ActiveSupport::JSON.decode(Spree::Config[:s3_headers]))
-      set_attachment_attribute(:bucket, Spree::Config[:s3_bucket])
-
-      # We use :s3_alias_url (virtual host url style) and set the URL on property s3_host_alias
-      set_attachment_attribute(:s3_host_alias, attachment_definitions[:attachment][:url])
-      set_attachment_attribute(:url, ":s3_alias_url")
-    end
-    private_class_method :set_s3_attachment_attributes
-
-    def self.s3_credentials
-      { access_key_id: Spree::Config[:s3_access_key],
-        secret_access_key: Spree::Config[:s3_secret],
-        bucket: Spree::Config[:s3_bucket] }
-    end
-    private_class_method :s3_credentials
   end
 end

app/models/spree/line_item.rb

@@ -50,6 +50,8 @@ module Spree
 
     attr_accessor :skip_stock_check, :target_shipment # Allows manual skipping of Stock::AvailabilityValidator
 
+    attribute :restock_item, type: :boolean, default: true
+
     # -- Scopes
     scope :managed_by, lambda { |user|
       if user.has_spree_role?('admin')

app/models/spree/order.rb

@@ -106,6 +106,7 @@ module Spree
     after_save_commit DefaultAddressUpdater
 
     attribute :send_cancellation_email, type: :boolean, default: true
+    attribute :restock_items, type: :boolean, default: true
     # -- Scopes
     scope :not_empty, -> {
       left_outer_joins(:line_items).where.not(spree_line_items: { id: nil })
@@ -429,9 +430,10 @@ module Spree
 
     def empty!
       line_items.destroy_all
-      adjustments.destroy_all
+      all_adjustments.destroy_all
       payments.clear
       shipments.destroy_all
+      restart_checkout_flow if state.in?(["payment", "confirmation"])
     end
 
     def state_changed(name)
@@ -669,11 +671,12 @@ module Spree
       shipments.each(&:cancel!)
 
       OrderMailer.cancel_email(id).deliver_later if send_cancellation_email
-      self.payment_state = 'credit_owed' unless shipped?
+      update(payment_state: updater.update_payment_state)
     end
 
     def after_resume
       shipments.each(&:resume!)
+      update(payment_state: updater.update_payment_state)
     end
 
     def use_billing?

app/models/spree/order_contents.rb

@@ -19,8 +19,8 @@ module Spree
 
     # Get current line item for variant
     # Remove variant qty from line_item
-    def remove(variant, quantity = nil, shipment = nil)
-      line_item = remove_from_line_item(variant, quantity, shipment)
+    def remove(variant, quantity = nil, shipment = nil, restock_item = true)
+      line_item = remove_from_line_item(variant, quantity, shipment, restock_item)
       update_shipment(shipment)
       order.update_order_fees! if order.completed?
       update_order
@@ -97,9 +97,9 @@ module Spree
       line_item
     end
 
-    def remove_from_line_item(variant, quantity, shipment = nil)
+    def remove_from_line_item(variant, quantity, shipment = nil, restock_item = true)
       line_item = find_line_item_by_variant(variant, true)
-
+      line_item.restock_item = restock_item
       quantity.present? ? line_item.quantity += -quantity : line_item.quantity = 0
       line_item.target_shipment = shipment
 

app/models/spree/order_inventory.rb

@@ -44,12 +44,15 @@ module Spree
       quantity = variant_units.size - line_item.quantity
 
       if shipment.present?
-        remove_from_shipment(shipment, line_item.variant, quantity)
+        remove_from_shipment(shipment, line_item.variant, quantity, line_item.restock_item)
       else
         order.shipments.each do |each_shipment|
           break if quantity == 0
 
-          quantity -= remove_from_shipment(each_shipment, line_item.variant, quantity)
+          quantity -= remove_from_shipment(each_shipment,
+                                           line_item.variant,
+                                           quantity,
+                                           line_item.restock_item)
         end
       end
     end
@@ -83,7 +86,7 @@ module Spree
       quantity
     end
 
-    def remove_from_shipment(shipment, variant, quantity)
+    def remove_from_shipment(shipment, variant, quantity, restock_item)
       return 0 if quantity == 0 || shipment.shipped?
 
       shipment_units = shipment.inventory_units_for(variant).reject do |variant_unit|
@@ -101,7 +104,7 @@ module Spree
       shipment.destroy if shipment.inventory_units.reload.count == 0
 
       # removing this from shipment, and adding to stock_location
-      if order.completed?
+      if order.completed? && restock_item
         shipment.stock_location.restock variant, removed_quantity, shipment
       end
 

app/models/spree/preferences/file_configuration.rb

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-module Spree
-  module Preferences
-    class FileConfiguration < Configuration
-      def self.preference(name, type, *args)
-        if type == :file
-          super "#{name}_file_name",    :string,  *args
-          super "#{name}_content_type", :string,  *args
-          super "#{name}_file_size",    :integer, *args
-          super "#{name}_updated_at",   :string,  *args
-
-        else
-          super name, type, *args
-        end
-      end
-
-      def get_preference(key)
-        if !has_preference?(key) && has_attachment?(key)
-          public_send key
-        else
-          super key
-        end
-      end
-      alias :[] :get_preference
-
-      def preference_type(name)
-        if has_attachment? name
-          :file
-        else
-          super name
-        end
-      end
-
-      # Spree's Configuration responds to preference methods via method_missing, but doesn't
-      # override respond_to?, which consequently reports those methods as unavailable. Paperclip
-      # errors if respond_to? isn't correct, so we override it here.
-      def respond_to?(method, include_all = false)
-        name = method.to_s.delete('=')
-        super(self.class.preference_getter_method(name), include_all) || super(method, include_all)
-      end
-
-      def has_attachment?(name)
-        self.class.respond_to?(:attachment_definitions) &&
-          self.class.attachment_definitions.key?(name.to_sym)
-      end
-    end
-  end
-end

app/models/spree/product.rb

@@ -78,8 +78,7 @@ module Spree
         where(producer_properties: { property_id: property_ids }).
         or(
           where(spree_product_properties: { property_id: property_ids })
-        ).
-        distinct
+        )
     }
 
     delegate_belongs_to :master, :sku, :price, :currency, :display_amount, :display_price, :weight,

app/models/spree/shipment.rb

@@ -192,7 +192,7 @@ module Spree
     end
 
     def after_cancel
-      manifest.each { |item| manifest_restock(item) }
+      manifest.each { |item| manifest_restock(item) } if order.restock_items
     end
 
     def after_resume

app/models/spree/taxon.rb

@@ -2,8 +2,6 @@
 
 module Spree
   class Taxon < ApplicationRecord
-    include Spree::Core::S3Support
-
     acts_as_nested_set dependent: :destroy
 
     belongs_to :taxonomy, class_name: 'Spree::Taxonomy', touch: true
@@ -14,15 +12,6 @@ module Spree
 
     validates :name, presence: true
 
-    has_attached_file :icon,
-                      styles: { mini: '32x32>', normal: '128x128>' },
-                      default_style: :mini,
-                      url: '/spree/taxons/:id/:style/:basename.:extension',
-                      path: ':rails_root/public/spree/taxons/:id/:style/:basename.:extension',
-                      default_url: '/assets/default_taxon.png'
-
-    supports_s3 :icon
-
     # Indicate which filters should be used for this taxon
     def applicable_filters
       []

app/models/spree/user.rb

@@ -41,7 +41,7 @@ module Spree
     accepts_nested_attributes_for :bill_address
     accepts_nested_attributes_for :ship_address
 
-    after_create :associate_customers
+    after_create :associate_customers, :associate_orders
 
     validate :limit_owned_enterprises
 
@@ -113,6 +113,12 @@ module Spree
       self.customers = Customer.where(email: email)
     end
 
+    def associate_orders
+      Spree::Order.where(customer: customers).find_each do |order|
+        order.associate_user!(self)
+      end
+    end
+
     def can_own_more_enterprises?
       owned_enterprises.reload.size < enterprise_limit
     end
@@ -144,6 +150,14 @@ module Spree
       "#{self.class.name};#{id}"
     end
 
+    def disabled
+      disabled_at.present?
+    end
+
+    def disabled=(value)
+      self.disabled_at = value == '1' ? Time.zone.now : nil
+    end
+
     protected
 
     def password_required?

app/models/spree/variant.rb

@@ -172,6 +172,11 @@ module Spree
       OpenFoodNetwork::EnterpriseFeeCalculator.new(distributor, order_cycle).fees_by_type_for self
     end
 
+    def fees_name_by_type_for(distributor, order_cycle)
+      OpenFoodNetwork::EnterpriseFeeCalculator.new(distributor,
+                                                   order_cycle).fees_name_by_type_for self
+    end
+
     def option_value(opt_name)
       option_values.detect { |o| o.option_type.name == opt_name }.try(:presentation)
     end

app/models/subscription_line_item.rb

@@ -9,6 +9,7 @@ class SubscriptionLineItem < ApplicationRecord
   validates :quantity, presence: true, numericality: { only_integer: true }
 
   default_scope { order('id ASC') }
+  scope :nil_price_estimate, -> { where(price_estimate: nil) }
 
   def total_estimate
     (price_estimate || 0) * (quantity || 0)

app/models/terms_of_service_file.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
 class TermsOfServiceFile < ApplicationRecord
-  has_attached_file :attachment
+  has_one_attached :attachment
 
-  validates :attachment, presence: true
+  validates :attachment, attached: true
 
   # The most recently uploaded file is the current one.
   def self.current
@@ -11,7 +11,11 @@ class TermsOfServiceFile < ApplicationRecord
   end
 
   def self.current_url
-    current&.attachment&.url || Spree::Config.footer_tos_url
+    if current
+      Rails.application.routes.url_helpers.url_for(current.attachment)
+    else
+      Spree::Config.footer_tos_url
+    end
   end
 
   # If no file has been uploaded, we don't know when the old terms have

app/serializers/api/admin/enterprise_serializer.rb

@@ -13,7 +13,8 @@ module Api
                  :default_tag_group, :require_login, :allow_guest_orders, :allow_order_changes,
                  :logo, :promo_image, :terms_and_conditions,
                  :terms_and_conditions_file_name, :terms_and_conditions_updated_at,
-                 :preferred_invoice_order_by_supplier
+                 :preferred_invoice_order_by_supplier, :preferred_product_low_stock_display,
+                 :visible
 
       has_one :owner, serializer: Api::Admin::UserSerializer
       has_many :users, serializer: Api::Admin::UserSerializer
@@ -21,21 +22,26 @@ module Api
       has_one :business_address, serializer: Api::AddressSerializer
 
       def logo
-        attachment_urls(object.logo, [:thumb, :small, :medium])
+        attachment_urls(object.logo, Enterprise::LOGO_SIZES)
       end
 
       def promo_image
-        attachment_urls(object.promo_image, [:thumb, :medium, :large])
+        attachment_urls(object.promo_image, Enterprise::PROMO_IMAGE_SIZES)
       end
 
       def terms_and_conditions
-        return unless object.terms_and_conditions.file?
+        return unless object.terms_and_conditions.attached?
 
-        object.terms_and_conditions.url
+        Rails.application.routes.url_helpers.
+          url_for(object.terms_and_conditions)
+      end
+
+      def terms_and_conditions_file_name
+        object.terms_and_conditions_blob&.filename
       end
 
       def terms_and_conditions_updated_at
-        object.terms_and_conditions_updated_at&.to_s
+        object.terms_and_conditions_blob&.created_at&.to_s
       end
 
       def tag_groups
@@ -75,19 +81,19 @@ module Api
 
       # Returns a hash of URLs for specified versions of an attachment.
       #
-      # Example:
+      # Example result:
       #
-      #   attachment_urls(object.logo, [:thumb, :small, :medium])
-      #   # {
-      #   #   thumb: LOGO_THUMB_URL,
-      #   #   small: LOGO_SMALL_URL,
-      #   #   medium: LOGO_MEDIUM_URL
-      #   # }
-      def attachment_urls(attachment, versions)
-        return unless attachment.file?
+      #   {
+      #     thumb: LOGO_THUMB_URL,
+      #     small: LOGO_SMALL_URL,
+      #     medium: LOGO_MEDIUM_URL
+      #   }
+      def attachment_urls(attachment, styles)
+        return unless attachment.variable?
 
-        versions.each_with_object({}) do |version, urls|
-          urls[version] = attachment.url(version)
+        styles.transform_values do |transformation|
+          Rails.application.routes.url_helpers.
+            url_for(attachment.variant(transformation))
         end
       end
     end

app/serializers/api/admin/for_order_cycle/supplied_product_serializer.rb

@@ -11,7 +11,7 @@ module Api
         end
 
         def image_url
-          object.images.present? ? object.images.first.attachment.url(:mini) : nil
+          object.images.first&.url(:mini)
         end
 
         def master_id

app/serializers/api/admin/product_serializer.rb

@@ -13,19 +13,11 @@ module Api
       has_one :master, serializer: Api::Admin::VariantSerializer
 
       def image_url
-        if object.images.present?
-          object.images.first.attachment.url(:product)
-        else
-          "/noimage/product.png"
-        end
+        object.images.first&.url(:product) || "/noimage/product.png"
       end
 
       def thumb_url
-        if object.images.present?
-          object.images.first.attachment.url(:mini)
-        else
-          "/noimage/mini.png"
-        end
+        object.images.first&.url(:mini) || "/noimage/mini.png"
       end
 
       def on_hand

app/serializers/api/admin/variant_serializer.rb

@@ -33,9 +33,7 @@ module Api
       end
 
       def image
-        return if object.product.images.empty?
-
-        object.product.images.first.mini_url
+        object.product.images.first&.url(:mini)
       end
 
       def in_stock

app/serializers/api/cached_enterprise_serializer.rb

@@ -14,9 +14,9 @@ module Api
 
     attributes :name, :id, :description, :latitude, :longitude,
                :long_description, :website, :instagram, :linkedin, :twitter,
-               :facebook, :is_primary_producer, :is_distributor, :phone, :visible,
-               :email_address, :hash, :logo, :promo_image, :path, :pickup, :delivery,
-               :icon, :icon_font, :producer_icon_font, :category
+               :facebook, :is_primary_producer, :is_distributor, :phone, :whatsapp_phone,
+               :whatsapp_url, :visible, :email_address, :hash, :logo, :promo_image, :path, :pickup,
+               :delivery, :icon, :icon_font, :producer_icon_font, :category
 
     attributes :taxons, :supplied_taxons
 
@@ -44,11 +44,11 @@ module Api
     end
 
     def logo
-      enterprise.logo(:medium) if enterprise.logo?
+      enterprise.logo_url(:medium)
     end
 
     def promo_image
-      enterprise.promo_image(:large) if enterprise.promo_image?
+      enterprise.promo_image_url(:large)
     end
 
     def path

app/serializers/api/enterprise_shopfront_serializer.rb

@@ -7,9 +7,9 @@ module Api
 
     attributes :name, :id, :description, :latitude, :longitude, :long_description, :website,
                :instagram, :linkedin, :twitter, :facebook, :is_primary_producer, :is_distributor,
-               :phone, :visible, :email_address, :hash, :logo, :promo_image, :path, :category,
-               :active, :producers, :orders_close_at, :hubs, :taxons, :supplied_taxons, :pickup,
-               :delivery
+               :phone, :whatsapp_phone, :whatsapp_url, :visible, :email_address, :hash, :logo,
+               :promo_image, :path, :category, :active, :producers, :orders_close_at, :hubs,
+               :taxons, :supplied_taxons, :pickup, :delivery, :preferred_product_low_stock_display
 
     has_one :address, serializer: Api::AddressSerializer
     has_many :supplied_properties, serializer: Api::PropertySerializer
@@ -41,11 +41,11 @@ module Api
     end
 
     def logo
-      enterprise.logo(:medium) if enterprise.logo?
+      enterprise.logo_url(:medium)
     end
 
     def promo_image
-      enterprise.promo_image(:large) if enterprise.promo_image?
+      enterprise.promo_image_url(:large)
     end
 
     def path

app/serializers/api/image_serializer.rb

@@ -4,18 +4,18 @@ class Api::ImageSerializer < ActiveModel::Serializer
   attributes :id, :alt, :thumb_url, :small_url, :image_url, :large_url
 
   def thumb_url
-    object.attachment.url(:mini, false)
+    object.url(:mini)
   end
 
   def small_url
-    object.attachment.url(:small, false)
+    object.url(:small)
   end
 
   def image_url
-    object.attachment.url(:product, false)
+    object.url(:product)
   end
 
   def large_url
-    object.attachment.url(:large, false)
+    object.url(:large)
   end
 end

app/serializers/api/order_detailed_serializer.rb

@@ -10,7 +10,7 @@ module Api
 
     has_many :payments, serializer: Api::PaymentSerializer
 
-    attributes :adjustments
+    attributes :adjustments, :customer_id
 
     def adjustments
       adjustments = object.all_adjustments.where(