Add LoginModal as controller + connect action to open login modal

(cherry picked from commit 92cd918e5a)

.env

@@ -61,3 +61,10 @@ SMTP_PASSWORD="f00d"
 # STRIPE_INSTANCE_PUBLISHABLE_KEY="pk_test_xxxx" # This can be a test key or a live key
 # STRIPE_CLIENT_ID="ca_xxxx" # This can be a development ID or a production ID
 # STRIPE_ENDPOINT_SECRET="whsec_xxxx"
+
+# Feature toggles
+#
+# Adding user emails separated by commas will enable them the use of certain features. See
+# config/initializers/feature_toggles.rb for details.
+#
+# BETA_TESTERS="ofn@example.com,superadmin@example.com"

.github/workflows/linters.yml

@@ -11,8 +11,6 @@ jobs:
       - name: rubocop
         uses: reviewdog/action-rubocop@v2
         with:
-          rubocop_version: gemfile
-          rubocop_extensions: rubocop-rails:gemfile
           reporter: github-pr-check
           level: error
           fail_on_error: true

.github/workflows/mapi.yml

@@ -1,46 +0,0 @@
-name: 'Mayhem for API'
-on: [push]
-jobs:
-  test:
-    if: ${{ github.repository_owner == 'openfoodfoundation' }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: true
-    steps:
-    - uses: actions/checkout@v2
-    - run: docker/build
-    - run: docker-compose up --detach
-    - run: until curl -f -s http://localhost:3000; do echo "waiting for api server"; sleep 1; done
-    - run: docker-compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="update spree_users set spree_api_key='testing' where login='ofn@example.com'"
-    # equivalent to Flipper.enable(:api_v1)
-    - run: docker-compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="insert into flipper_features (key, created_at, updated_at) values ('api_v1', localtimestamp, localtimestamp)"
-    - run: docker-compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="insert into flipper_gates (feature_key, key, value, created_at, updated_at) values ('api_v1', 'boolean', 'true', localtimestamp, localtimestamp)"
-
-    # Run Mayhem for API
-    - name: Run Mayhem for API
-      uses: ForAllSecure/mapi-action@v1
-      continue-on-error: true
-      with:
-        mapi-token: ${{ secrets.MAPI_TOKEN }}
-        api-url: http://localhost:3000
-        api-spec: swagger/v1/swagger.yaml
-        target: openfoodfoundation/openfoodnetwork
-        duration: 1min
-        sarif-report: mapi.sarif
-        html-report: mapi.html
-        run-args: |
-          --header-auth
-          X-Api-Token: testing
-
-    # Archive HTML report
-    - name: Archive Mayhem for API report
-      uses: actions/upload-artifact@v2
-      with:
-        name: mapi-report
-        path: mapi.html
-
-    # Upload SARIF file (only available on public repos or github enterprise)
-    - name: Upload SARIF file
-      uses: github/codeql-action/upload-sarif@v1
-      with:
-        sarif_file: mapi.sarif

.gitignore

@@ -15,7 +15,6 @@ db/*.csv
 log/*.log
 log/*.log.lck
 log/*.log.*
-/storage
 tmp/
 .idea/*
 \#*

.rubocop.yml

@@ -10,9 +10,6 @@ inherit_from:
   # The automatically generated todo list to ignore all current violations.
   - .rubocop_todo.yml
 
-  # The relaxed style rules as a common starting point which we can refine.
-  - .rubocop_relaxed_styleguide.yml
-
   # Our Open Food Network style guide. If you want to see all violations,
   # then use only that configuration:
   #

.rubocop_relaxed_styleguide.yml

@@ -1,153 +0,0 @@
-# Relaxed.Ruby.Style
-## Version 2.5
-
-Style/Alias:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylealias
-
-Style/AsciiComments:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleasciicomments
-
-Style/BeginBlock:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylebeginblock
-
-Style/BlockDelimiters:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleblockdelimiters
-
-Style/CommentAnnotation:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylecommentannotation
-
-Style/Documentation:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styledocumentation
-
-Layout/DotPosition:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#layoutdotposition
-
-Style/DoubleNegation:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styledoublenegation
-
-Style/EndBlock:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleendblock
-
-Style/FormatString:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleformatstring
-
-Style/IfUnlessModifier:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleifunlessmodifier
-
-Style/Lambda:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylelambda
-
-Style/ModuleFunction:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylemodulefunction
-
-Style/MultilineBlockChain:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylemultilineblockchain
-
-Style/NegatedIf:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylenegatedif
-
-Style/NegatedWhile:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylenegatedwhile
-
-Style/NumericPredicate:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylenumericpredicate
-
-Style/ParallelAssignment:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleparallelassignment
-
-Style/PercentLiteralDelimiters:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylepercentliteraldelimiters
-
-Style/PerlBackrefs:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styleperlbackrefs
-
-Style/Semicolon:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylesemicolon
-
-Style/SignalException:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylesignalexception
-
-Style/SingleLineBlockParams:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylesinglelineblockparams
-
-Style/SingleLineMethods:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylesinglelinemethods
-
-Layout/SpaceBeforeBlockBraces:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#layoutspacebeforeblockbraces
-
-Layout/SpaceInsideParens:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#layoutspaceinsideparens
-
-Style/SpecialGlobalVars:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylespecialglobalvars
-
-Style/StringLiterals:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylestringliterals
-
-Style/TrailingCommaInArguments:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styletrailingcommainarguments
-
-Style/TrailingCommaInArrayLiteral:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styletrailingcommainarrayliteral
-
-Style/TrailingCommaInHashLiteral:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#styletrailingcommainhashliteral
-
-Style/SymbolArray:
-  Enabled: false
-  StyleGuide: http://relaxed.ruby.style/#stylesymbolarray
-
-Style/WhileUntilModifier:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylewhileuntilmodifier
-
-Style/WordArray:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#stylewordarray
-
-Lint/AmbiguousRegexpLiteral:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#lintambiguousregexpliteral
-
-Lint/AssignmentInCondition:
-  Enabled: false
-  StyleGuide: https://relaxed.ruby.style/#lintassignmentincondition
-
-Layout/LineLength:
-  Enabled: false
-
-Metrics:
-  Enabled: false
-

.rubocop_specs.yml

@@ -0,0 +1,7 @@
+inherit_from:
+  - .rubocop.yml
+
+# This rubocop config file is only used for specs
+# Here we allow specs to be 300 lines long
+Metrics/ModuleLength:
+  Max: 300

.rubocop_styleguide.yml

@@ -19,30 +19,6 @@ AllCops:
 #
 # Cop settings that have been agreed upon by the OFN community
 
-Metrics:
-  Enabled: true
-
-Metrics/BlockLength:
-  IgnoredMethods: [
-    "class_eval",
-    "collection",
-    "context",
-    "delete",
-    "describe",
-    "feature",
-    "get",
-    "it",
-    "member",
-    "namespace",
-    "path",
-    "post",
-    "put",
-    "resource",
-    "resources",
-    "scenario",
-    "shared_examples",
-  ]
-
 Rails/SkipsModelValidations:
   AllowedMethods:
     - "touch"
@@ -70,7 +46,6 @@ Layout/MultilineMethodCallIndentation:
   EnforcedStyle: indented
 
 Layout/LineLength:
-  Enabled: true
   Max: 100
 
 Lint/RaiseException:
@@ -79,11 +54,6 @@ Lint/RaiseException:
 Lint/StructNewOverride:
   Enabled: true
 
-Naming/VariableNumber:
-  AllowedIdentifiers:
-    - street_address_1
-    - street_address_2
-
 Bundler/DuplicatedGem:
   Enabled: false
 
@@ -105,20 +75,156 @@ Lint/UselessAssignment:
   Exclude:
   - spec/**/*
 
-Lint/MissingSuper:
-  Exclude:
-    - 'app/components/**/*'
+## Relaxed.Ruby.Style SETTINGS
+#
+# These styles are a starting point for the conversation around conventions
+# They should be removed or tweaked and moved above as decisions are made
+# NOTE: Cops which did not fail at the time of writing were removed
+
+Layout/DotPosition:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styledotposition
+
+Layout/SpaceBeforeBlockBraces:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylespacebeforeblockbraces
+
+Layout/SpaceInsideParens:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylespaceinsideparens
+
+Style/Alias:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylealias
+
+Style/BlockDelimiters:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styleblockdelimiters
+
+Style/CommentAnnotation:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylecommentannotation
+
+Style/DoubleNegation:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styledoublenegation
+
+Style/FormatString:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styleformatstring
+
+Style/HashEachMethods:
+  Enabled: false
+
+Style/HashTransformKeys:
+  Enabled: false
+
+Style/HashTransformValues:
+  Enabled: false
+
+Style/IfUnlessModifier:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styleifunlessmodifier
+
+Style/Lambda:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylelambda
+
+Style/MultilineBlockChain:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylemultilineblockchain
+
+Style/NegatedIf:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylenegatedif
+
+Style/NegatedWhile:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylenegatedwhile
+
+Style/ParallelAssignment:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styleparallelassignment
+
+Style/PercentLiteralDelimiters:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylepercentliteraldelimiters
+
+Style/Semicolon:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylesemicolon
+
+Style/SingleLineMethods:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylesinglelinemethods
+
+Style/TrailingCommaInArguments:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styletrailingcommainarguments
+
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styletrailingcommainliteral
+
+Style/TrailingCommaInHashLiteral:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#styletrailingcommainliteral
+
+Style/WordArray:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#stylewordarray
+
+Style/SymbolArray:
+  Enabled: false
+  StyleGuide: https://rubocop.readthedocs.io/en/latest/cops_style/#stylesymbolarray
+
+Lint/AmbiguousRegexpLiteral:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#lintambiguousregexpliteral
+
+Lint/AssignmentInCondition:
+  Enabled: false
+  StyleGuide: http://relaxed.ruby.style/#lintassignmentincondition
 
 Metrics/AbcSize:
-  Max: 30 # default 17
+  Max: 15
+
+Metrics/BlockLength:
+  Max: 25
+  IgnoredMethods: [
+    "class_eval",
+    "collection",
+    "context",
+    "describe",
+    "feature",
+    "it",
+    "member",
+    "namespace",
+    "resource",
+    "resources",
+    "scenario"
+  ]
+
+Metrics/BlockNesting:
+  Max: 3
+
+Metrics/ClassLength:
+  Max: 100
+
+Metrics/ModuleLength:
+  Max: 100
+
+Metrics/CyclomaticComplexity:
+  Max: 6
 
 Metrics/MethodLength:
-  Enabled: true
-  Max: 25 # default 10
+  Max: 10
+
+Metrics/ParameterLists:
+  Max: 5
 
 Metrics/PerceivedComplexity:
-  Enabled: true
-  Max: 14 # default 8
+  Max: 7
 
 Naming/PredicateName:
   Enabled: false

Dockerfile

@@ -23,9 +23,7 @@ RUN apt-get update && apt-get install -y \
   imagemagick \
   unzip \
   libjemalloc-dev \
-  libssl-dev \
-  ca-certificates \
-  gnupg
+  libssl-dev
 
 # Setup ENV variables
 ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:$PATH
@@ -42,18 +40,20 @@ RUN git clone --depth 1 https://github.com/rbenv/rbenv.git ${RBENV_ROOT} && \
     git clone --depth 1 https://github.com/rbenv/ruby-build.git ${RBENV_ROOT}/plugins/ruby-build && \
     echo 'eval "$(rbenv init -)"' >> /etc/profile.d/rbenv.sh && \
     RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install $(cat .ruby-version) && \
-    rbenv global $(cat .ruby-version)
+    rbenv global $(cat .ruby-version) && \
+    gem install bundler --version=1.17.3
 
 # Install Postgres
-RUN sh -c "echo 'deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main' >> /etc/apt/sources.list.d/pgdg.list" && \
-    curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null && \
+RUN sh -c "echo 'deb https://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main' > /etc/apt/sources.list.d/pgdg.list" && \
+    wget --quiet -O - https://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - && \
     apt-get update && \
-    apt-get install -yqq --no-install-recommends postgresql-client-10 libpq-dev
+    apt-get install -yqq --no-install-recommends postgresql-client-9.5 libpq-dev
 
-# Install NodeJs and yarn
-RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \
-    && apt-get install --no-install-recommends -y nodejs \
-    && npm install -g yarn
+# Install node & yarn
+RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
+    echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
+    apt-get update && \
+    apt-get install -y nodejs yarn
 
 # Install Chrome
 RUN wget --quiet -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
@@ -69,9 +69,6 @@ RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.z
 # Copy code and install app dependencies
 COPY . /usr/src/app/
 
-# Install Bundler
-RUN ./script/install-bundler
-
 # Install front-end dependencies
 RUN yarn install
 

GETTING_STARTED.md

@@ -60,7 +60,7 @@ If the script succeeds you're ready to start developing. If not, take a look at
 
 Now, your dreams of spinning up a development server can be realised:
 
-    foreman start
+    bundle exec rails server
 
 Go to [http://localhost:3000](http://localhost:3000) to play around!
 

Gemfile

@@ -8,11 +8,6 @@ gem 'dotenv-rails', require: 'dotenv/rails-now' # Load ENV vars before other gem
 
 gem 'rails', '>= 6.1.4'
 
-# Active Storage
-gem "active_storage_validations"
-gem "aws-sdk-s3", require: false
-gem "image_processing"
-
 gem 'activemerchant', '>= 1.78.0'
 gem 'rexml'
 gem 'angular-rails-templates', '>= 0.3.0'
@@ -62,12 +57,8 @@ gem 'devise-token_authenticatable'
 gem 'jwt', '~> 2.3'
 gem 'oauth2', '~> 1.4.7' # Used for Stripe Connect
 
-gem 'jsonapi-serializer'
 gem 'pagy', '~> 5.1'
 
-gem 'rswag-api'
-gem 'rswag-ui'
-
 gem 'angularjs-rails', '1.8.0'
 gem 'aws-sdk', '1.67.0'
 gem 'bugsnag'
@@ -154,7 +145,7 @@ group :test, :development do
   gem 'letter_opener', '>= 1.4.1'
   gem 'rspec-rails', ">= 3.5.2"
   gem 'rspec-retry'
-  gem 'rswag-specs'
+  gem 'rswag'
   gem 'selenium-webdriver'
   gem 'shoulda-matchers'
   gem 'timecop'

Gemfile.lock

@@ -101,11 +101,6 @@ GEM
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    active_storage_validations (0.9.7)
-      activejob (>= 5.2.0)
-      activemodel (>= 5.2.0)
-      activestorage (>= 5.2.0)
-      activesupport (>= 5.2.0)
     activejob (6.1.4.4)
       activesupport (= 6.1.4.4)
       globalid (>= 0.3.6)
@@ -163,27 +158,11 @@ GEM
     awesome_nested_set (3.4.0)
       activerecord (>= 4.0.0, < 7.0)
     awesome_print (1.9.2)
-    aws-eventstream (1.2.0)
-    aws-partitions (1.570.0)
     aws-sdk (1.67.0)
       aws-sdk-v1 (= 1.67.0)
-    aws-sdk-core (3.130.0)
-      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.525.0)
-      aws-sigv4 (~> 1.1)
-      jmespath (~> 1.0)
-    aws-sdk-kms (1.55.0)
-      aws-sdk-core (~> 3, >= 3.127.0)
-      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.113.0)
-      aws-sdk-core (~> 3, >= 3.127.0)
-      aws-sdk-kms (~> 1)
-      aws-sigv4 (~> 1.4)
     aws-sdk-v1 (1.67.0)
       json (~> 1.4)
       nokogiri (~> 1)
-    aws-sigv4 (1.4.0)
-      aws-eventstream (~> 1, >= 1.0.2)
     axlsx_styler (1.1.0)
       activesupport (>= 3.1)
       caxlsx (>= 2.0.2)
@@ -352,13 +331,9 @@ GEM
       concurrent-ruby (~> 1.0)
     i18n-js (3.9.0)
       i18n (>= 0.6.6)
-    image_processing (1.12.2)
-      mini_magick (>= 4.9.5, < 5)
-      ruby-vips (>= 2.0.17, < 3)
     immigrant (0.3.6)
       activerecord (>= 3.0)
     ipaddress (0.8.3)
-    jmespath (1.6.1)
     jquery-rails (4.4.0)
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
@@ -371,8 +346,6 @@ GEM
     json_spec (1.1.5)
       multi_json (~> 1.0)
       rspec (>= 2.0, < 4.0)
-    jsonapi-serializer (2.2.0)
-      activesupport (>= 4.2)
     jwt (2.3.0)
     knapsack (4.0.0)
       rake
@@ -398,9 +371,8 @@ GEM
     mimemagic (0.4.3)
       nokogiri (~> 1)
       rake
-    mini_magick (4.11.0)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.0)
+    mini_portile2 (2.7.1)
     mini_racer (0.4.0)
       libv8-node (~> 15.14.0.0)
     minitest (5.15.0)
@@ -413,8 +385,8 @@ GEM
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     nio4r (2.5.8)
-    nokogiri (1.13.3)
-      mini_portile2 (~> 2.8.0)
+    nokogiri (1.13.1)
+      mini_portile2 (~> 2.7.0)
       racc (~> 1.4)
     oauth2 (1.4.7)
       faraday (>= 0.8, < 2.0)
@@ -458,7 +430,7 @@ GEM
       byebug (~> 11.0)
       pry (~> 0.13.0)
     public_suffix (4.0.6)
-    puma (5.6.2)
+    puma (5.5.2)
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.6.0)
@@ -560,6 +532,10 @@ GEM
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
     rspec-support (3.10.2)
+    rswag (2.4.0)
+      rswag-api (= 2.4.0)
+      rswag-specs (= 2.4.0)
+      rswag-ui (= 2.4.0)
     rswag-api (2.4.0)
       railties (>= 3.1, < 7.0)
     rswag-specs (2.4.0)
@@ -586,8 +562,6 @@ GEM
       rubocop (>= 1.7.0, < 2.0)
     ruby-progressbar (1.11.0)
     ruby-rc4 (0.1.5)
-    ruby-vips (2.1.4)
-      ffi (~> 1.12)
     ruby2_keywords (0.0.4)
     rubyzip (2.3.2)
     rufus-scheduler (3.7.0)
@@ -711,7 +685,6 @@ PLATFORMS
 DEPENDENCIES
   actionpack-action_caching
   active_model_serializers (= 0.8.4)
-  active_storage_validations
   activemerchant (>= 1.78.0)
   activerecord-import
   activerecord-postgresql-adapter
@@ -726,7 +699,6 @@ DEPENDENCIES
   awesome_nested_set
   awesome_print
   aws-sdk (= 1.67.0)
-  aws-sdk-s3
   bigdecimal (= 3.0.2)
   bootsnap
   bugsnag
@@ -766,13 +738,11 @@ DEPENDENCIES
   hiredis
   i18n
   i18n-js (~> 3.9.0)
-  image_processing
   immigrant
   jquery-rails (= 4.4.0)
   jquery-ui-rails (~> 4.2)
   json
   json_spec (~> 1.1.4)
-  jsonapi-serializer
   jwt (~> 2.3)
   knapsack
   letter_opener (>= 1.4.1)
@@ -810,9 +780,7 @@ DEPENDENCIES
   roo!
   rspec-rails (>= 3.5.2)
   rspec-retry
-  rswag-api
-  rswag-specs
-  rswag-ui
+  rswag
   rubocop
   rubocop-rails
   sd_notify

app/assets/javascripts/admin/directives/select2_no_search.js.coffee

@@ -0,0 +1,6 @@
+angular.module("ofn.admin").directive "select2NoSearch", ($timeout) ->
+  restrict: 'CA'
+  link: (scope, element, attrs) ->
+    $timeout ->
+      element.select2
+        minimumResultsForSearch: Infinity

app/assets/javascripts/admin/enterprise_fees/directives/ensure_calculator_preferences_match_type.js.coffee

@@ -9,9 +9,9 @@ angular.module("admin.enterpriseFees").directive 'spreeEnsureCalculatorPreferenc
       settings = element.parent().parent().find('div.calculator-settings')
       if value == orig_calculator_type
         settings.show()
-        settings.find('input, select').prop 'disabled', false
+        settings.find('input').prop 'disabled', false
       else
         settings.hide()
-        settings.find('input, select').prop 'disabled', true
+        settings.find('input').prop 'disabled', true
       return
     return

app/assets/javascripts/admin/enterprises/controllers/side_menu_controller.js.coffee

@@ -16,7 +16,6 @@ angular.module("admin.enterprises")
       { name: 'shipping_methods', label: t('shipping_methods'), icon_class: "icon-truck", show: "showShippingMethods()" }
       { name: 'payment_methods', label: t('payment_methods'), icon_class: "icon-money", show: "showPaymentMethods()" }
       { name: 'enterprise_fees', label: t('enterprise_fees'), icon_class: "icon-tasks", show: "showEnterpriseFees()" }
-      { name: 'enterprise_permissions', label: t('enterprise_permissions'), icon_class: "icon-plug" }
       { name: 'inventory_settings', label: t('inventory_settings'), icon_class: "icon-list-ol", show: "enterpriseIsShop()" }
       { name: 'tag_rules', label: t('tag_rules'), icon_class: "icon-random", show: "enterpriseIsShop()" }
       { name: 'shop_preferences', label: t('shop_preferences'), icon_class: "icon-shopping-cart", show: "enterpriseIsShop()" }
@@ -45,5 +44,3 @@ angular.module("admin.enterprises")
 
     $scope.enterpriseIsShop = ->
       $scope.Enterprise.sells != "none"
-
-    $scope.menu.redirect_function('enterprise_permissions', '/admin/enterprise_relationships')

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -104,45 +104,15 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     else
       StatusMessage.display 'failure', t "unsaved_changes_error"
 
-  $scope.cancelOrder = (order, sendEmailCancellation) ->
-    return $http(
-      method: 'GET'
-      url: "/admin/orders/#{order.number}/fire?e=cancel&send_cancellation_email=#{sendEmailCancellation}")
-  
   $scope.deleteLineItem = (lineItem) ->
-    if lineItem.order.item_count == 1
-      ofnCancelOrderAlert((confirm, sendEmailCancellation) ->
-        if confirm
-          $scope.cancelOrder(lineItem.order, sendEmailCancellation).then(->
-            $scope.refreshData()
-          )
-        else
-          $scope.refreshData()
-      , "js.admin.deleting_item_will_cancel_order")
-    else if ($scope.confirmDelete && confirm(t "are_you_sure")) || !$scope.confirmDelete
-      LineItems.delete(lineItem, () -> $scope.refreshData())
+    if ($scope.confirmDelete && confirm(t "are_you_sure")) || !$scope.confirmDelete
+      LineItems.delete lineItem
 
-  $scope.deleteLineItems = (lineItems) ->
-    lineItemsToDelete = lineItems.filter (item) -> item.checked
-    willCancelOrders = false
-    itemsPerOrder = new Map()
-    for item in lineItemsToDelete
-      { order } = item
-      if itemsPerOrder.has(order)
-        itemsPerOrder.get(order).push(item)
-      else
-        itemsPerOrder.set(order, [item])
-      willCancelOrders = true if (order.item_count == itemsPerOrder.get(order).length)
-
-    if willCancelOrders
-      ofnCancelOrderAlert((confirm, sendEmailCancellation) ->
-        if confirm
-          itemsPerOrder.forEach (items, order) =>
-            if order.item_count == items.length
-              $scope.cancelOrder(order, sendEmailCancellation).then(-> $scope.refreshData())
-            else
-              Promise.all(LineItems.delete(item) for item in items).then(-> $scope.refreshData())
-      , "js.admin.deleting_item_will_cancel_order")   
+  $scope.deleteLineItems = (lineItemsToDelete) ->
+    existingState = $scope.confirmDelete
+    $scope.confirmDelete = false
+    $scope.deleteLineItem lineItem for lineItem in lineItemsToDelete when lineItem.checked
+    $scope.confirmDelete = existingState
 
   $scope.allBoxesChecked = ->
     checkedCount = $scope.filteredLineItems.reduce (count,lineItem) ->
@@ -158,53 +128,29 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     $scope.selectedUnitsProduct = unitsProduct
     $scope.selectedUnitsVariant = unitsVariant
 
-  $scope.getLineItemScale = (lineItem) ->
-    if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume") 
-      lineItem.units_product.variant_unit_scale
-    else
-      1
-
   $scope.sumUnitValues = ->
-    sum = $scope.filteredLineItems?.reduce (sum, lineItem) ->
-      sum + $scope.roundToThreeDecimals(lineItem.final_weight_volume / $scope.getLineItemScale(lineItem))
+    sum = $scope.filteredLineItems?.reduce (sum,lineItem) ->
+      sum + lineItem.final_weight_volume
     , 0
 
   $scope.sumMaxUnitValues = ->
     sum = $scope.filteredLineItems?.reduce (sum,lineItem) ->
-      sum + lineItem.max_quantity * $scope.roundToThreeDecimals(lineItem.units_variant.unit_value / $scope.getLineItemScale(lineItem))
+        sum + lineItem.max_quantity * lineItem.units_variant.unit_value
     , 0
 
-  $scope.roundToThreeDecimals = (value) ->
-    Math.round(value * 1000) / 1000
-
   $scope.allFinalWeightVolumesPresent = ->
     for i,lineItem of $scope.filteredLineItems
       return false if !lineItem.hasOwnProperty('final_weight_volume') || !(lineItem.final_weight_volume > 0)
     true
 
-  $scope.getScale = (unitsProduct, unitsVariant) ->
-    if unitsProduct.hasOwnProperty("variant_unit") && (unitsProduct.variant_unit == "weight" || unitsProduct.variant_unit == "volume")
-      unitsProduct.variant_unit_scale
-    else
-      null
-
-  $scope.getFormattedValueWithUnitName = (value, unitsProduct, unitsVariant, scale) ->
-    unit_name = VariantUnitManager.getUnitName(scale, unitsProduct.variant_unit)
-    $scope.roundToThreeDecimals(value) + " " + unit_name
-
-  $scope.getGroupBySizeFormattedValueWithUnitName = (value, unitsProduct, unitsVariant) ->
-    scale = $scope.getScale(unitsProduct, unitsVariant)
-    if scale
-      value = value / scale if scale != 28.35 && scale != 1 && scale != 453.6 # divide by scale if not smallest unit
-      $scope.getFormattedValueWithUnitName(value, unitsProduct, unitsVariant, scale)
-    else
-      ''
-
+  # How is this different to OptionValueNamer#name?
+  # Should it be extracted to that class or VariantUnitManager?
   $scope.formattedValueWithUnitName = (value, unitsProduct, unitsVariant) ->
-    scale = $scope.getScale(unitsProduct, unitsVariant)
-    if scale
-      $scope.getFormattedValueWithUnitName(value, unitsProduct, unitsVariant, scale)
-    else 
+    # A Units Variant is an API object which holds unit properies of a variant
+    if unitsProduct.hasOwnProperty("variant_unit") && (unitsProduct.variant_unit == "weight" || unitsProduct.variant_unit == "volume") && value > 0
+      scale = VariantUnitManager.getScale(value, unitsProduct.variant_unit)
+      Math.round(value/scale * 1000)/1000 + " " + VariantUnitManager.getUnitName(scale, unitsProduct.variant_unit)
+    else
       ''
 
   $scope.fulfilled = (sumOfUnitValues) ->
@@ -212,9 +158,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     if $scope.selectedUnitsProduct.hasOwnProperty("group_buy_unit_size") && $scope.selectedUnitsProduct.group_buy_unit_size > 0 &&
       $scope.selectedUnitsProduct.hasOwnProperty("variant_unit") &&
       ( $scope.selectedUnitsProduct.variant_unit == "weight" || $scope.selectedUnitsProduct.variant_unit == "volume" )
-        scale = $scope.selectedUnitsProduct.variant_unit_scale
-        sumOfUnitValues = sumOfUnitValues * scale unless scale == 28.35 || scale == 453.6
-        $scope.roundToThreeDecimals(sumOfUnitValues / $scope.selectedUnitsProduct.group_buy_unit_size)
+        Math.round( sumOfUnitValues / $scope.selectedUnitsProduct.group_buy_unit_size * 1000)/1000
     else
       ''
 

app/assets/javascripts/admin/order_cycles/services/order_cycle.js.coffee

@@ -1,4 +1,4 @@
-angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, $timeout, StatusMessage, Panels, Enterprise) ->
+angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, $timeout, StatusMessage, Panels) ->
   OrderCycleResource = $resource '/admin/order_cycles/:action_name/:order_cycle_id.json', {}, {
     'index':  { method: 'GET', isArray: true}
     'new'   : { method: 'GET', params: { action_name: "new" } }
@@ -50,14 +50,7 @@ angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, $
         (callback || angular.noop)()
 
     addDistributor: (new_distributor_id, callback) ->
-      exchange = { enterprise_id: new_distributor_id, incoming: false, active: true, variants: {}, enterprise_fees: [] }
-      if (Enterprise.hub_enterprises.length == 1)
-        editable = this.order_cycle["editable_variants_for_outgoing_exchanges"][new_distributor_id] || []
-        variants = this.incomingExchangesVariants()
-        for variant in variants when variant in editable
-          exchange.variants[variant] = true
-
-      this.order_cycle.outgoing_exchanges.push(exchange)
+      this.order_cycle.outgoing_exchanges.push({ enterprise_id: new_distributor_id, incoming: false, active: true, variants: {}, enterprise_fees: [] })
       $timeout ->
         (callback || angular.noop)()
 

app/assets/javascripts/admin/products/services/variant_unit_manager.js.coffee

@@ -37,6 +37,17 @@ angular.module("admin.products").factory "VariantUnitManager", (availableUnits)
       options.push [[I18n.t('items'), 'items']]
       options = [].concat options...
 
+    @getScale: (value, unitType) ->
+      scaledValue = null
+      validScales = []
+      unitScales = VariantUnitManager.unitScales(unitType)
+
+      validScales.unshift scale for scale in unitScales when value/scale >= 1
+      if validScales.length > 0
+        validScales[0]
+      else
+        unitScales[0]
+
     @getUnitName: (scale, unitType) ->
       if @units[unitType][scale]
         @units[unitType][scale]['name']

app/assets/javascripts/admin/resources/services/order_cycles.js.coffee

@@ -43,7 +43,7 @@ angular.module("admin.resources").factory 'OrderCycles', ($q, $injector, OrderCy
             angular.extend(@byID[orderCycle.id], orderCycle)
             angular.extend(@pristineByID[orderCycle.id], orderCycle)
           form.$setPristine() if form?
-          StatusMessage.display('success', t('order_cycles_bulk_update_notice'))
+          StatusMessage.display('success', "Order cycles have been updated.")
         , (response) =>
           if response.data.errors?
             StatusMessage.display('failure', response.data.errors[0])

app/assets/javascripts/admin/side_menu/services/side_menu.js.coffee

@@ -30,14 +30,3 @@ angular.module("admin.side_menu")
         for item in @items when item.name is name
           return item
         null
-
-      redirect_function: (elementID , href) =>
-        window.addEventListener 'load', ->
-          element = document.getElementById(elementID)
-          if !element
-            return
-          element.addEventListener 'click', ->
-            window.location.replace(href)
-            return
-          return
-

app/assets/javascripts/admin/spree/calculator.js

@@ -7,11 +7,11 @@ $(function() {
     if (calculator_select.val() === original_calc_type) {
       $('div.calculator-settings').show();
       $('.calculator-settings-warning').hide();
-      $('.calculator-settings').find('input,textarea,select').prop("disabled", false);
+      $('.calculator-settings').find('input,textarea').prop("disabled", false);
     } else {
       $('div.calculator-settings').hide();
       $('.calculator-settings-warning').show();
-      $('.calculator-settings').find('input,textarea,select').prop("disabled", true);
+      $('.calculator-settings').find('input,textarea').prop("disabled", true);
     }
   });
 })

app/assets/javascripts/admin/spree/orders/address_states.js

@@ -0,0 +1,17 @@
+var update_state = function(region) {
+  var country        = $('span#' + region + 'country .select2').select2('val');
+  var state_select   = $('span#' + region + 'state select.select2');
+
+  $.get(Spree.routes.states_search + "?country_id=" + country, function(states) {
+    state_select.html('');
+    var states_with_blank = [{name: '', id: ''}].concat(states);
+    $.each(states_with_blank, function(pos,state) {
+      var opt = $(document.createElement('option'))
+                .attr('value', state.id)
+                .html(state.name);
+      state_select.append(opt);
+    });
+    state_select.prop("disabled", false).show();
+    state_select.select2();
+  })
+};

app/assets/javascripts/admin/spree/orders/variant_autocomplete.js.erb

@@ -4,7 +4,6 @@ $(document).ready(function() {
 
   initAlert()
   initConfirm()
-  initCancelOrder()
 
   if ($('#variant_autocomplete_template').length > 0) {
     window.variantTemplate = Handlebars.compile($('#variant_autocomplete_template').text());
@@ -53,12 +52,12 @@ $(document).ready(function() {
       }
       toggleItemEdit();
 
-      adjustItems(shipment_number, variant_id, quantity, true);
+      adjustItems(shipment_number, variant_id, quantity);
       return false;
     }
     $('a.save-item').click(handle_save_click);
 
-    handle_delete_click = function(elementSelector, restock_item){
+    handle_delete_click = function(elementSelector){
       var del = $(elementSelector);
       del.hide()
       var shipment_number = del.data('shipment-number');
@@ -66,65 +65,38 @@ $(document).ready(function() {
 
       toggleItemEdit();
 
-      adjustItems(shipment_number, variant_id, 0, restock_item);
+      adjustItems(shipment_number, variant_id, 0);
     }
 
     $('a.delete-item').click((event) => {
-     try {
-         var del = $('a.delete-item');
-         var shipment_number = del.data('shipment-number');
-         var variant_id = del.data('variant-id');
-         var shipment = _.findWhere(shipments, {number: shipment_number + ''});
-         var inventory_units = _.where(shipment.inventory_units, {variant_id: variant_id});
-         if (inventory_units.length !== shipment.inventory_units.length) {
-             ofnConfirm((reStockItem) => {
-                 handle_delete_click('#custom-confirm', reStockItem);
-             });
-         } else {
-             adjustItems(shipment_number, variant_id, 0);
-         }
-     } catch (e) {
-     }
+      ofnConfirm(() => {
+        handle_delete_click('#custom-confirm');
+      });
     });
+
   }
 });
 
-adjustItems = function(shipment_number, variant_id, quantity, restock_item){
+adjustItems = function(shipment_number, variant_id, quantity){
   var shipment = _.findWhere(shipments, {number: shipment_number + ''});
   var inventory_units = _.where(shipment.inventory_units, {variant_id: variant_id});
 
-  if (quantity === 0 && inventory_units.length === shipment.inventory_units.length) {
-    ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_item) => {
-      if (confirm) {
-        doAdjustItems(shipment_number, variant_id, quantity, inventory_units, restock_item, () => {
-          var redirectTo = new URL(Spree.routes.cancel_order.toString());
-          redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
-          window.location.href = redirectTo.toString();
-        });
-      }
-    });
+  if (quantity == 0 && inventory_units.length == shipment.inventory_units.length) {
+    ofnAlert(t("js.admin.orders.cannot_remove_last_item"));
     return;
   }
-  doAdjustItems(shipment_number, variant_id, quantity, inventory_units, restock_item, () => {
-    window.location.reload();
-  });
-}
 
-doAdjustItems = function(shipment_number, variant_id, quantity, inventory_units, restock_item, callback) {
   var url = Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipment_number;
 
   var new_quantity = 0;
-  var data = { variant_id: variant_id };
   if (inventory_units.length < quantity) {
     url += "/add";
     new_quantity = (quantity - inventory_units.length);
   } else if (inventory_units.length > quantity) {
     url += "/remove"
     new_quantity = (inventory_units.length - quantity);
-    data.restock_item = restock_item;
   }
   url += '.json';
-  data.quantity = new_quantity;
 
   if (new_quantity == 0) {
     ofnAlert(t("js.admin.orders.quantity_unchanged"));
@@ -132,9 +104,9 @@ doAdjustItems = function(shipment_number, variant_id, quantity, inventory_units,
     $.ajax({
       type: "PUT",
       url: Spree.url(url),
-      data: data
+      data: { variant_id: variant_id, quantity: new_quantity }
     }).done(function( msg ) {
-      callback();
+      window.location.reload();
     });
   }
 }
@@ -186,7 +158,7 @@ addVariantFromStockLocation = function() {
     });
   }else{
     //add to existing shipment
-    adjustItems(shipment.number, variant_id, quantity, true);
+    adjustItems(shipment.number, variant_id, quantity);
   }
   return 1
 }
@@ -209,54 +181,8 @@ ofnAlert = function(message) {
   $('#custom-alert').show();
 }
 
-ofnCancelOrderAlert = function(callback, i18nKey) {
-  if (i18nKey == undefined) {
-    i18nKey = "js.admin.orders.cancel_the_order_html";
-  }
-  $('#custom-confirm .message').html(
-    ` ${t(i18nKey)}
-      <div class="form">
-        <input type="checkbox" name="send_cancellation_email" value="1" id="send_cancellation_email" checked="true" />
-        <label for="send_cancellation_email">${t("js.admin.orders.cancel_the_order_send_cancelation_email")}</label><br />
-        <input type="checkbox" name="restock_items"  id="restock_items" checked="checked"/>
-        <label for="restock_items">${t("js.admin.orders.restock_items")}</label>
-      </div>`);
-  $('#custom-confirm button.confirm').unbind( "click" ).click(() => {
-    $('#custom-confirm').hide();
-    callback(true, $('#send_cancellation_email').is(':checked'), $('#restock_items').is(':checked'));
-  });
-  $('#custom-confirm button.cancel').click(() => {
-    $('#custom-confirm').hide();
-    callback(false)
-  });
-  $('#custom-confirm').show();
-}
-
 ofnConfirm = function(callback) {
-  $('#custom-confirm .message').html(
-      ` ${t("are_you_sure")}
-    <div class="form">
-      <input type="checkbox" name="restock_items"  id="restock_items" checked="checked"/>
-      <label for="restock_items">${t("js.admin.orders.restock_item")}</label>
-    </div>`);
   $('#custom-confirm').data($(event.target).data());
-  $('#custom-confirm button.confirm').click(() => {
-      callback($('#restock_items').is(':checked'));
-  });
+  $('#custom-confirm button.confirm').click(callback);
   $('#custom-confirm').show();
 }
-
-initCancelOrder = function() {
-    $('#cancel_order_form').submit(function(e){
-        ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) => {
-            if (confirm) {
-                var redirectTo = new URL(Spree.routes.cancel_order.toString());
-                redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
-                redirectTo.searchParams.append("restock_items", restock_items);
-                window.location.href = redirectTo.toString();
-            }
-        });
-        e.preventDefault();
-        return false;
-    });
-}

app/assets/javascripts/admin/utils/directives/help-modal.js.coffee

@@ -0,0 +1,20 @@
+angular.module("admin.utils").directive 'helpModal', ($rootScope, $compile, $templateCache, $window, DialogDefaults) ->
+  restrict: 'C'
+  scope:
+    template: '@'
+  link: (scope, element, attr) ->
+    # Compile modal template
+    template = $compile($templateCache.get(scope.template))(scope)
+
+    # Load Dialog Options
+    template.dialog(DialogDefaults)
+
+    # Link opening of dialog to click event on element
+    element.bind 'click', (e) ->
+      template.dialog('open')
+      $rootScope.$evalAsync()
+
+    scope.close = ->
+      template.dialog('close')
+      $rootScope.$evalAsync()
+      return

app/assets/javascripts/darkswarm/controllers/products_controller.js.coffee

@@ -67,7 +67,7 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
       page: page || $scope.page,
       per_page: $scope.per_page,
       'q[name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont]': $scope.query,
-      'q[with_properties][]': $scope.activeProperties,
+      'q[properties_id_or_supplier_properties_id_in_any][]': $scope.activeProperties,
       'q[primary_taxon_id_in_any][]': $scope.activeTaxons
     }
 

app/assets/javascripts/darkswarm/controllers/shop_variant_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').controller "ShopVariantCtrl", ($scope, $modal, Cart, Shopfront) ->
+angular.module('Darkswarm').controller "ShopVariantCtrl", ($scope, $modal, Cart) ->
   $scope.updateCart = (line_item) ->
     Cart.adjust($scope.variant.line_item)
 
@@ -69,6 +69,3 @@ angular.module('Darkswarm').controller "ShopVariantCtrl", ($scope, $modal, Cart,
   $scope.addBulk = (quantity) ->
     $scope.add(quantity)
     $modal.open(templateUrl: "bulk_buy_modal.html", scope: $scope, windowClass: "product-bulk-modal")
-
-  $scope.displayRemainingInStock = ->
-    Shopfront.shopfront.preferred_product_low_stock_display && $scope.available() <= 3 && !$scope.variant.line_item.quantity

app/assets/javascripts/darkswarm/directives/help_modal.js.coffee

@@ -0,0 +1,13 @@
+angular.module('Darkswarm').directive "helpModal", ($modal, $compile, $templateCache)->
+  restrict: 'A'
+  scope:
+    helpText: "@helpModal"
+
+  link: (scope, elem, attrs, ctrl)->
+    compiled = $compile($templateCache.get('help-modal.html'))(scope)
+
+    elem.on "click", =>
+      $modal.open(controller: ctrl, template: compiled, scope: scope, windowClass: 'help-modal small')
+
+    scope.$on "$destroy", ->
+      elem.off("click")

app/assets/javascripts/templates/admin/modals/business_address_info.html.haml

@@ -0,0 +1,7 @@
+%div
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.business_address_info.message' | t }}
+
+  .text-center
+    %input.button.red.icon-plus{ type: 'button', value: '{{ "js.admin.modals.got_it" | t }}', ng: { click: 'close()' } }

app/assets/javascripts/templates/admin/modals/invite_manager.html.haml

@@ -0,0 +1,19 @@
+#invite-manager-modal{ng: {app: 'admin.enterprises', controller: 'enterpriseCtrl'}}
+
+  .margin-bottom-30.text-center
+    .text-big
+      = t('js.admin.modals.invite_title')
+
+  %p.alert-box.ok{ng: {show: 'invite_success'}}
+    {{invite_success}}
+
+  %p.alert-box.error{ng: {show: 'invite_errors'}}
+    {{invite_errors}}
+
+  %input#invite_email.fullwidth.margin-bottom-20{ng: {model: 'newUser'}}
+
+  .margin-bottom-20.text-center
+    %button.text-center.margin-top-10{ng: {show: '!invite_success', click: 'inviteManager()'}}
+      = t('js.admin.modals.invite')
+    %button.text-center.margin-top-10{ng: {show: 'invite_success', click: 'resetModal(); close()'}}
+      = t('js.admin.modals.close')

app/assets/javascripts/templates/admin/modals/tag_rule_help.html.haml

@@ -0,0 +1,25 @@
+#tag-rule-help
+  .margin-bottom-30.text-center
+    .text-big
+      {{ 'js.admin.modals.tag_rule_help.title' | t }}
+
+  .margin-bottom-30
+    .text-normal
+      {{ 'js.admin.modals.tag_rule_help.overview' | t }}
+    %p
+      {{ 'js.admin.modals.tag_rule_help.overview_text' | t }}
+
+  .margin-bottom-30
+    .text-normal
+      {{ 'js.admin.modals.tag_rule_help.by_default_rules' | t }}
+    %p
+      {{ 'js.admin.modals.tag_rule_help.by_default_rules_text' | t }}
+
+  .margin-bottom-30
+    .text-normal
+      {{ 'js.admin.modals.tag_rule_help.customer_tagged_rules' | t }}
+    %p
+      {{ 'js.admin.modals.tag_rule_help.customer_tagged_rules_text' | t }}
+
+  .text-center
+    %input.button.red.icon-plus{ type: 'button', value: t('js.admin.modals.got_it'), ng: { click: 'close()' } }

app/assets/javascripts/templates/admin/modals/terms_and_conditions_info.html.haml

@@ -0,0 +1,13 @@
+%div
+  .margin-bottom-30.text-center
+    .text-big
+      {{ 'js.admin.modals.terms_and_conditions_info.title' | t }}
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.terms_and_conditions_info.message_1' | t }}
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.terms_and_conditions_info.message_2' | t }}
+
+  .text-center
+    %input.button.red.icon-plus{ type: 'button', value: t('js.admin.modals.got_it'), ng: { click: 'close()' } }

app/components/help_modal_component.rb

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-class HelpModalComponent < ViewComponent::Base
-  def initialize(id:, close_button: true)
-    @id = id
-    @close_button = close_button
-  end
-
-  private
-
-  def close_button_class
-    if namespace == "admin"
-      "red"
-    else
-      "primary"
-    end
-  end
-
-  def close_button?
-    !!@close_button
-  end
-
-  def namespace
-    helpers.controller_path.split("/").first
-  end
-end

app/components/help_modal_component/help_modal_component.html.haml

@@ -1,8 +0,0 @@
-%div{ id: @id, "data-controller": "help-modal", "data-action": "keyup@document->help-modal#closeIfEscapeKey" }
-  .reveal-modal-bg.fade{ "data-help-modal-target": "background", "data-action": "click->help-modal#close" }
-  .reveal-modal.fade.small.help-modal{ "data-help-modal-target": "modal" }
-    = content
-
-    - if close_button?
-      .text-center
-        %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.got_it'), "data-action": "click->help-modal#close" }

app/components/help_modal_component/help_modal_component.scss

@@ -1,10 +0,0 @@
-.help-modal {
-  visibility: visible;
-  position: fixed;
-  top: 3em;
-}
-
-/* prevent arrow on selected admin menu item appearing above modal */
-body.modal-open #admin-menu li.selected a::after {
-  z-index: 0;
-}

app/constraints/split_checkout_constraint.rb

@@ -2,10 +2,10 @@
 
 class SplitCheckoutConstraint
   def matches?(request)
-    OpenFoodNetwork::FeatureToggle.enabled? :split_checkout, current_user(request)
+    Flipper.enabled? :split_checkout, current_user(request)
   end
 
   def current_user(request)
-    request.env['warden'].user
+    @spree_current_user ||= request.env['warden'].user
   end
 end

app/controllers/admin/customers_controller.rb

@@ -99,7 +99,7 @@ module Admin
 
     def customer_params
       params.require(:customer).permit(
-        :enterprise_id, :first_name, :last_name, :email, :code, :tag_list,
+        :enterprise_id, :name, :email, :code, :tag_list,
         ship_address_attributes: PermittedAttributes::Address.attributes,
         bill_address_attributes: PermittedAttributes::Address.attributes,
       )

app/controllers/admin/enterprises_controller.rb

@@ -234,10 +234,8 @@ module Admin
     end
 
     def update_enterprise_notifications
-      user_id = params[:receives_notifications].to_i
-
-      if user_id.positive? && @enterprise.user_ids.include?(user_id)
-        @enterprise.update_contact(user_id)
+      if params.key? :receives_notifications
+        @enterprise.update_contact params[:receives_notifications]
       end
     end
 

app/controllers/admin/reports_controller.rb

@@ -5,23 +5,14 @@ module Admin
     include ReportsActions
     helper ReportsHelper
 
-    before_action :authorize_report, only: [:show]
-
-    # Define model class for Can? permissions
-    def model_class
-      Admin::ReportsController
-    end
-
-    def index
-      @reports = reports.select do |report_type, _description|
-        can? report_type, :report
-      end
-    end
+    before_action :authorize_report
 
     def show
-      @report = report_class.new(spree_current_user, params, request)
+      render_report && return if ransack_params.blank?
 
-      if report_format.present?
+      @report = report_class.new(spree_current_user, ransack_params, report_options)
+
+      if export_spreadsheet?
         export_report
       else
         render_report
@@ -31,23 +22,33 @@ module Admin
     private
 
     def export_report
-      send_data @report.render_as(report_format, controller: self), filename: report_filename
+      render report_format.to_sym => @report.public_send("to_#{report_format}"),
+             :filename => report_filename
     end
 
     def render_report
       assign_view_data
-      render "show"
+      load_form_options
+
+      render report_type
     end
 
     def assign_view_data
       @report_type = report_type
-      @report_subtypes = report_subtypes
-      @report_subtype = report_subtype
+      @report_subtype = report_subtype || report_loader.default_report_subtype
+      @report_subtypes = report_class.report_subtypes.map do |subtype|
+        [t("packing.#{subtype}_report", scope: i18n_scope), subtype]
+      end
+    end
 
-      # Initialize data
-      params[:display_summary_row] = true if request.get?
+    def load_form_options
+      return unless form_options_required?
 
-      @data = Reporting::FrontendData.new(spree_current_user)
+      form_options = Reporting::FrontendData.new(spree_current_user)
+
+      @distributors = form_options.distributors.to_a
+      @suppliers = form_options.suppliers.to_a
+      @order_cycles = form_options.order_cycles.to_a
     end
   end
 end

app/controllers/admin/subscriptions_controller.rb

@@ -16,16 +16,15 @@ module Admin
       respond_to do |format|
         format.html do
           if view_context.subscriptions_setup_complete?(@shops)
-            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user).includes([:distributors, :cached_incoming_exchanges])
-            @payment_methods = Spree::PaymentMethod.managed_by(spree_current_user).includes(:taggings)
-            @payment_method_tags = payment_method_tags_by_id
+            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user)
+            @payment_methods = Spree::PaymentMethod.managed_by(spree_current_user)
             @shipping_methods = Spree::ShippingMethod.managed_by(spree_current_user)
           else
             @shop = @shops.first
             render :setup_explanation
           end
         end
-        format.json { render_as_json @collection, ams_prefix: params[:ams_prefix], payment_method_tags: payment_method_tags_by_id }
+        format.json { render_as_json @collection, ams_prefix: params[:ams_prefix] }
       end
     end
 
@@ -166,21 +165,5 @@ module Admin
       @subscription_params ||= PermittedAttributes::Subscription.new(params).call.
         to_h.with_indifferent_access
     end
-
-    def payment_method_tags_by_id
-      payment_method_tags = ::ActsAsTaggableOn::Tag.
-        joins(:taggings).
-        includes(:taggings).
-        where(taggings: { taggable_type: "Spree::PaymentMethod",
-                          taggable_id: Spree::PaymentMethod.from(Enterprise.managed_by(spree_current_user).
-                          select('enterprises.id').find_by(id: params[:enterprise_id])),
-                          context: 'tags' })
-
-      payment_method_tags.each_with_object({}) do |tag, hash|
-        payment_method_id = tag.taggings.first.taggable_id
-        hash[payment_method_id] ||= []
-        hash[payment_method_id] << tag.name
-      end
-    end
   end
 end

app/controllers/api/v0/order_cycles_controller.rb

@@ -81,7 +81,8 @@ module Api
 
       def permitted_ransack_params
         [:name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont,
-         :with_properties, :primary_taxon_id_in_any]
+         :properties_id_or_supplier_properties_id_in_any,
+         :primary_taxon_id_in_any]
       end
 
       def distributor

app/controllers/api/v0/reports_controller.rb

@@ -10,8 +10,7 @@ module Api
       before_action :validate_report, :authorize_report, :validate_query
 
       def show
-        params[:report_format] = 'json'
-        @report = report_class.new(current_api_user, params)
+        @report = report_class.new(current_api_user, ransack_params, report_options)
 
         render_report
       end

app/controllers/api/v0/shipments_controller.rb

@@ -79,9 +79,8 @@ module Api
       def remove
         variant = scoped_variant(params[:variant_id])
         quantity = params[:quantity].to_i
-        restock_item = params.fetch(:restock_item, "true") == "true"
 
-        @order.contents.remove(variant, quantity, @shipment, restock_item)
+        @order.contents.remove(variant, quantity, @shipment)
         @shipment.reload if @shipment.persisted?
 
         render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok

app/controllers/api/v1/base_controller.rb

@@ -1,119 +0,0 @@
-# frozen_string_literal: true
-
-module Api
-  module V1
-    class BaseController < ActionController::API
-      include CanCan::ControllerAdditions
-      include RequestTimeouts
-      include Pagy::Backend
-      include JsonApiPagination
-      include RaisingParameters
-
-      check_authorization
-
-      attr_accessor :current_api_user
-
-      before_action :authenticate_user
-      before_action :restrict_feature
-
-      rescue_from StandardError, with: :error_during_processing
-      rescue_from CanCan::AccessDenied, with: :unauthorized
-      rescue_from ActiveRecord::RecordNotFound, with: :not_found
-      rescue_from Pagy::VariableError, with: :invalid_pagination
-      rescue_from ActionController::ParameterMissing, with: :missing_parameter
-      rescue_from ActionController::UnpermittedParameters, with: :unpermitted_parameters
-
-      private
-
-      def authenticate_user
-        return if (@current_api_user = request.env['warden'].user)
-
-        if api_key.blank?
-          # An anonymous user
-          @current_api_user = Spree::User.new
-          return
-        end
-
-        return if (@current_api_user = Spree::User.find_by(spree_api_key: api_key.to_s))
-
-        invalid_api_key
-      end
-
-      def restrict_feature
-        not_found unless Flipper.enabled?(:api_v1, @current_api_user)
-      end
-
-      def current_ability
-        Spree::Ability.new(current_api_user)
-      end
-
-      def api_key
-        request.headers["X-Api-Token"] || params[:token]
-      end
-
-      def error_during_processing(exception)
-        Bugsnag.notify(exception)
-
-        if Rails.env.development? || Rails.env.test?
-          render status: :unprocessable_entity,
-                 json: json_api_error(exception.message, meta: exception.backtrace)
-        else
-          render status: :unprocessable_entity,
-                 json: json_api_error(I18n.t(:unknown_error, scope: "api"))
-        end
-      end
-
-      def invalid_pagination(exception)
-        render status: :unprocessable_entity,
-               json: json_api_error(exception.message)
-      end
-
-      def missing_parameter(error)
-        message = I18n.t(:missing_parameter, param: error.param, scope: :api)
-
-        render status: :unprocessable_entity,
-               json: json_api_error(message)
-      end
-
-      def unpermitted_parameters(error)
-        message = I18n.t(:unpermitted_parameters, params: error.params.join(", "), scope: :api)
-
-        render status: :unprocessable_entity,
-               json: json_api_error(message)
-      end
-
-      def invalid_resource!(resource = nil)
-        render status: :unprocessable_entity,
-               json: json_api_invalid(
-                 I18n.t(:invalid_resource, scope: "api"),
-                 resource&.errors
-               )
-      end
-
-      def invalid_api_key
-        render status: :unauthorized,
-               json: json_api_error(I18n.t(:invalid_api_key, key: api_key, scope: "api"))
-      end
-
-      def unauthorized
-        render status: :unauthorized,
-               json: json_api_error(I18n.t(:unauthorized, scope: "api"))
-      end
-
-      def not_found
-        render status: :not_found,
-               json: json_api_error(I18n.t(:resource_not_found, scope: "api"))
-      end
-
-      def json_api_error(message, **options)
-        { errors: [{ detail: message }] }.merge(options)
-      end
-
-      def json_api_invalid(message, errors)
-        error_response = { errors: [{ detail: message }] }
-        error_response.merge!(meta: { validation_errors: errors.to_a }) if errors.any?
-        error_response
-      end
-    end
-  end
-end

app/controllers/api/v1/customers_controller.rb

@@ -1,136 +0,0 @@
-# frozen_string_literal: true
-
-require 'open_food_network/permissions'
-
-module Api
-  module V1
-    class CustomersController < Api::V1::BaseController
-      skip_authorization_check only: :index
-
-      before_action :set_customer, only: [:show, :update, :destroy]
-      before_action :authorize_action, only: [:show, :update, :destroy]
-
-      def index
-        @pagy, customers = pagy(search_customers, pagy_options)
-
-        render json: Api::V1::CustomerSerializer.new(customers, pagination_options)
-      end
-
-      def show
-        render json: Api::V1::CustomerSerializer.new(@customer, include_options)
-      end
-
-      def create
-        authorize! :update, Enterprise.find(customer_params[:enterprise_id])
-        @customer = Customer.new(customer_params)
-
-        if @customer.save
-          render json: Api::V1::CustomerSerializer.new(@customer), status: :created
-        else
-          invalid_resource! @customer
-        end
-      end
-
-      def update
-        if @customer.update(customer_params)
-          render json: Api::V1::CustomerSerializer.new(@customer)
-        else
-          invalid_resource! @customer
-        end
-      end
-
-      def destroy
-        if @customer.destroy
-          render json: Api::V1::CustomerSerializer.new(@customer)
-        else
-          invalid_resource! @customer
-        end
-      end
-
-      private
-
-      def set_customer
-        @customer = Customer.find(params[:id])
-      end
-
-      def authorize_action
-        authorize! action_name.to_sym, @customer
-      end
-
-      def search_customers
-        customers = visible_customers.includes(:bill_address, :ship_address)
-        customers = customers.where(enterprise_id: params[:enterprise_id]) if params[:enterprise_id]
-        customers.ransack(params[:q]).result
-      end
-
-      def visible_customers
-        current_api_user.customers.or(
-          Customer.where(enterprise_id: editable_enterprises)
-        )
-      end
-
-      def customer_params
-        attributes = params.require(:customer).permit(
-          :email, :enterprise_id,
-          :code, :first_name, :last_name,
-          :billing_address, shipping_address: [
-            :phone, :latitude, :longitude,
-            :first_name, :last_name,
-            :street_address_1, :street_address_2,
-            :postal_code, :locality, :region, :country,
-          ]
-        ).to_h
-
-        attributes.merge!(tag_list: params[:tags]) if params.key?(:tags)
-
-        transform_address!(attributes, :billing_address, :bill_address)
-        transform_address!(attributes, :shipping_address, :ship_address)
-
-        attributes
-      end
-
-      def transform_address!(attributes, from, to)
-        return unless attributes.key?(from)
-
-        address = attributes.delete(from)
-
-        if address.nil?
-          attributes[to] = nil
-          return
-        end
-
-        address.transform_keys! do |key|
-          {
-            phone: :phone, latitude: :latitude, longitude: :longitude,
-            first_name: :firstname, last_name: :lastname,
-            street_address_1: :address1, street_address_2: :address2,
-            postal_code: :zipcode,
-            locality: :city,
-            region: :state_name,
-            country: :country,
-          }.with_indifferent_access[key]
-        end
-
-        if address[:state_name].present?
-          address[:state] = Spree::State.find_by(name: address[:state_name])
-        end
-
-        if address[:country].present?
-          address[:country] = Spree::Country.find_by(name: address[:country])
-        end
-
-        attributes["#{to}_attributes"] = address
-      end
-
-      def editable_enterprises
-        OpenFoodNetwork::Permissions.new(current_api_user).editable_enterprises.select(:id)
-      end
-
-      def include_options
-        fields = [params.fetch(:include, [])].flatten
-
-        { include: fields.map(&:to_s) }
-      end
-    end
-  end
-end

app/controllers/application_controller.rb

@@ -62,9 +62,7 @@ class ApplicationController < ActionController::Base
   end
 
   def set_checkout_redirect
-    referer_path = URI(request.referer.to_s).path
-    return unless referer_path == main_app.checkout_path ||
-                  referer_path == main_app.checkout_step_path(:details)
+    return unless URI(request.referer.to_s).path == main_app.checkout_path
 
     session["spree_user_return_to"] = main_app.checkout_path
   end

app/controllers/checkout_controller.rb

@@ -96,7 +96,6 @@ class CheckoutController < ::BaseController
   def checkout_workflow(shipping_method_id)
     while @order.state != "complete"
       if @order.state == "payment"
-        update_payment_total
         return if redirect_to_payment_gateway
 
         return action_failed if @order.errors.any?
@@ -111,11 +110,6 @@ class CheckoutController < ::BaseController
     update_response
   end
 
-  def update_payment_total
-    @order.updater.update_totals
-    @order.updater.update_pending_payment
-  end
-
   def redirect_to_payment_gateway
     return unless selected_payment_method.external_gateway?
     return unless (redirect_url = selected_payment_method.external_payment_url(order: @order))

app/controllers/concerns/checkout_callbacks.rb

@@ -2,7 +2,6 @@
 
 module CheckoutCallbacks
   extend ActiveSupport::Concern
-  include EnterprisesHelper
 
   included do
     # We need pessimistic locking to avoid race conditions.
@@ -47,7 +46,7 @@ module CheckoutCallbacks
   end
 
   def load_shipping_methods
-    @shipping_methods = available_shipping_methods.sort_by(&:name)
+    @shipping_methods = Spree::ShippingMethod.for_distributor(@order.distributor).order(:name)
   end
 
   def redirect_to_shop?

app/controllers/concerns/json_api_pagination.rb

@@ -1,74 +0,0 @@
-# frozen_string_literal: true
-
-module JsonApiPagination
-  extend ActiveSupport::Concern
-
-  DEFAULT_PER_PAGE = 50
-  MAX_PER_PAGE = 200
-
-  def pagination_options
-    {
-      is_collection: true,
-      meta: meta_options,
-      links: links_options,
-    }
-  end
-
-  def pagy_options
-    { items: final_per_page_value }
-  end
-
-  private
-
-  def meta_options
-    {
-      pagination: {
-        results: @pagy.count,
-        pages: total_pages,
-        page: current_page,
-        per_page: final_per_page_value
-      }
-    }
-  end
-
-  def links_options
-    {
-      self: pagination_url(current_page),
-      first: pagination_url(1),
-      prev: pagination_url(previous_page),
-      next: pagination_url(next_page),
-      last: pagination_url(total_pages)
-    }
-  end
-
-  def pagination_url(page_number)
-    return if page_number.nil?
-
-    url_for(only_path: false, params: request.query_parameters.merge(page: page_number))
-  end
-
-  # User-specified value, or DEFAULT_PER_PAGE, capped at MAX_PER_PAGE
-  def final_per_page_value
-    (params[:per_page] || DEFAULT_PER_PAGE).to_i.clamp(1, MAX_PER_PAGE)
-  end
-
-  def current_page
-    (params[:page] || 1).to_i
-  end
-
-  def total_pages
-    @pagy.pages
-  end
-
-  def previous_page
-    return nil if current_page < 2
-
-    current_page - 1
-  end
-
-  def next_page
-    return nil if current_page >= total_pages
-
-    current_page + 1
-  end
-end

app/controllers/concerns/raising_parameters.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-# The API uses strict parameter checking.
-#
-# We want to raise errors when unused or unpermitted parameters are given
-# to the API. You then know straight away when a parameter isn't used.
-module RaisingParameters
-  extend ActiveSupport::Concern
-
-  # ActionController manages this config on a per-class basis. The subclass
-  # enables us to raise errors only here and not in the rest of the app.
-  class Parameters < ActionController::Parameters
-    def self.action_on_unpermitted_parameters
-      :raise
-    end
-  end
-
-  # We override the params method so that we always use the strict parameters.
-  # We could rename this method if we need access to the orginal as well.
-  def params
-    Parameters.new(super.to_unsafe_hash)
-  end
-end

app/controllers/concerns/reports_actions.rb

@@ -3,14 +3,10 @@
 module ReportsActions
   extend ActiveSupport::Concern
 
-  def reports
-    Reporting::Reports::List.all
-  end
-
   private
 
   def authorize_report
-    authorize! report_type.to_sym, :report
+    authorize! report_type&.to_sym, :report
   end
 
   def report_class
@@ -27,26 +23,31 @@ module ReportsActions
     params[:report_type]
   end
 
-  def report_subtypes
-    reports[report_type.to_sym] || []
-  end
-
-  def report_subtypes_codes
-    report_subtypes.map(&:second).map(&:to_s)
-  end
-
   def report_subtype
-    params[:report_subtype] || report_subtypes_codes.first
+    params[:report_subtype]
   end
 
   def ransack_params
     raw_params[:q]
   end
 
+  def report_options
+    raw_params[:options]
+  end
+
   def report_format
     params[:report_format]
   end
 
+  def export_spreadsheet?
+    ['xlsx', 'ods', 'csv'].include?(report_format)
+  end
+
+  def form_options_required?
+    [:packing, :customers, :products_and_inventory, :order_cycle_management].
+      include? report_type.to_sym
+  end
+
   def report_filename
     "#{report_type || action_name}_#{file_timestamp}.#{report_format}"
   end

app/controllers/split_checkout_controller.rb

@@ -14,13 +14,10 @@ class SplitCheckoutController < ::BaseController
   helper 'terms_and_conditions'
   helper 'checkout'
   helper 'spree/orders'
-  helper EnterprisesHelper
   helper OrderHelper
 
-  before_action :set_checkout_redirect
-
   def edit
-    redirect_to_step_based_on_order unless params[:step]
+    redirect_to_step unless params[:step]
   end
 
   def update
@@ -31,16 +28,12 @@ class SplitCheckoutController < ::BaseController
       advance_order_state
       redirect_to_step
     else
-      flash.now[:error] ||= I18n.t('split_checkout.errors.global')
+      flash.now[:error] = I18n.t('split_checkout.errors.global')
 
       render status: :unprocessable_entity, operations: cable_car.
         replace("#checkout", partial("split_checkout/checkout")).
         replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
     end
-  rescue Spree::Core::GatewayError => e
-    flash[:error] = I18n.t(:spree_gateway_error_flash_for_checkout, error: e.message)
-    @order.update_column(:state, "payment")
-    render operations: cable_car.redirect_to(url: checkout_step_path(:payment))
   end
 
   private
@@ -123,7 +116,7 @@ class SplitCheckoutController < ::BaseController
     @order_params ||= Checkout::Params.new(@order, params, spree_current_user).call
   end
 
-  def redirect_to_step_based_on_order
+  def redirect_to_step
     case @order.state
     when "cart", "address", "delivery"
       redirect_to checkout_step_path(:details)
@@ -132,17 +125,7 @@ class SplitCheckoutController < ::BaseController
     when "confirmation"
       redirect_to checkout_step_path(:summary)
     else
-      redirect_to order_path(@order, order_token: @order.token)
+      redirect_to order_path(@order)
     end
   end
-
-  def redirect_to_step
-    case params[:step]
-    when "details"
-      return redirect_to checkout_step_path(:payment)
-    when "payment"
-      return redirect_to checkout_step_path(:summary)
-    end
-    redirect_to_step_based_on_order
-  end
 end

app/controllers/spree/admin/orders_controller.rb

@@ -65,9 +65,6 @@ module Spree
 
       def fire
         event = params[:e]
-        @order.send_cancellation_email = params[:send_cancellation_email] != "false"
-        @order.restock_items = params.fetch(:restock_items, "true") == "true"
-
         if @order.public_send(event.to_s)
           flash[:success] = Spree.t(:order_updated)
         else

app/controllers/spree/admin/reports_controller.rb

@@ -0,0 +1,310 @@
+# frozen_string_literal: true
+
+require 'csv'
+
+require 'open_food_network/reports/list'
+require 'open_food_network/order_and_distributor_report'
+require 'open_food_network/products_and_inventory_report'
+require 'open_food_network/lettuce_share_report'
+require 'open_food_network/group_buy_report'
+require 'open_food_network/order_grouper'
+require 'open_food_network/customers_report'
+require 'open_food_network/users_and_enterprises_report'
+require 'open_food_network/order_cycle_management_report'
+require 'open_food_network/sales_tax_report'
+require 'open_food_network/xero_invoices_report'
+require 'open_food_network/payments_report'
+require 'open_food_network/orders_and_fulfillments_report'
+
+module Spree
+  module Admin
+    class ReportsController < Spree::Admin::BaseController
+      include Spree::ReportsHelper
+      helper ::ReportsHelper
+
+      ORDER_MANAGEMENT_ENGINE_REPORTS = [
+        :bulk_coop,
+        :enterprise_fee_summary
+      ].freeze
+
+      helper_method :render_content?
+
+      before_action :cache_search_state
+      # Fetches user's distributors, suppliers and order_cycles
+      before_action :load_basic_data, only: [:customers, :products_and_inventory, :order_cycle_management]
+      before_action :load_associated_data, only: [:orders_and_fulfillment]
+
+      respond_to :html
+
+      def report_types
+        OpenFoodNetwork::Reports::List.all
+      end
+
+      def index
+        @reports = authorized_reports
+        respond_with(@reports)
+      end
+
+      def customers
+        @report_types = report_types[:customers]
+        @report_type = params[:report_type]
+        @report = OpenFoodNetwork::CustomersReport.new spree_current_user, raw_params,
+                                                       render_content?
+        render_report(@report.header, @report.table, params[:csv], "customers_#{timestamp}.csv")
+      end
+
+      def order_cycle_management
+        raw_params[:q] ||= {}
+
+        @report_types = report_types[:order_cycle_management]
+        @report_type = params[:report_type]
+
+        # -- Build Report with Order Grouper
+        @report = OpenFoodNetwork::OrderCycleManagementReport.new spree_current_user,
+                                                                  raw_params,
+                                                                  render_content?
+        @table = @report.table_items
+
+        render_report(@report.header, @table, params[:csv],
+                      "order_cycle_management_#{timestamp}.csv")
+      end
+
+      def orders_and_distributors
+        @report = OpenFoodNetwork::OrderAndDistributorReport.new spree_current_user,
+                                                                 raw_params,
+                                                                 render_content?
+        @search = @report.search
+        csv_file_name = "orders_and_distributors_#{timestamp}.csv"
+        render_report(@report.header, @report.table, params[:csv], csv_file_name)
+      end
+
+      def sales_tax
+        @distributors = my_distributors
+        @report_type = params[:report_type]
+        @report = OpenFoodNetwork::SalesTaxReport.new spree_current_user, raw_params,
+                                                      render_content?
+        render_report(@report.header, @report.table, params[:csv], "sales_tax.csv")
+      end
+
+      def payments
+        # -- Prepare Form Options
+        @distributors = my_distributors
+        @report_type = params[:report_type]
+
+        # -- Build Report with Order Grouper
+        @report = OpenFoodNetwork::PaymentsReport.new spree_current_user, raw_params,
+                                                      render_content?
+        @table = order_grouper_table
+        csv_file_name = "payments_#{timestamp}.csv"
+
+        render_report(@report.header, @table, params[:csv], csv_file_name)
+      end
+
+      def orders_and_fulfillment
+        raw_params[:q] ||= orders_and_fulfillment_default_filters
+
+        @report_types = report_types[:orders_and_fulfillment]
+        @report_type = params[:report_type]
+
+        @include_blank = I18n.t(:all)
+
+        # -- Build Report with Order Grouper
+        @report = OpenFoodNetwork::OrdersAndFulfillmentsReport.new spree_current_user,
+                                                                   raw_params,
+                                                                   render_content?
+        @table = order_grouper_table
+        csv_file_name = "#{params[:report_type]}_#{timestamp}.csv"
+
+        render_report(@report.header, @table, params[:csv], csv_file_name)
+      end
+
+      def products_and_inventory
+        @report_types = report_types[:products_and_inventory]
+        @report = if params[:report_type] != 'lettuce_share'
+                    OpenFoodNetwork::ProductsAndInventoryReport.new spree_current_user,
+                                                                    raw_params,
+                                                                    render_content?
+                  else
+                    OpenFoodNetwork::LettuceShareReport.new spree_current_user,
+                                                            raw_params,
+                                                            render_content?
+                  end
+
+        render_report @report.header,
+                      @report.table,
+                      params[:csv],
+                      "products_and_inventory_#{timestamp}.csv"
+      end
+
+      def users_and_enterprises
+        @report = OpenFoodNetwork::UsersAndEnterprisesReport.new raw_params, render_content?
+        render_report(@report.header, @report.table, params[:csv],
+                      "users_and_enterprises_#{timestamp}.csv")
+      end
+
+      def xero_invoices
+        raw_params[:q] ||= {}
+
+        @distributors = my_distributors
+        @order_cycles = my_order_cycles
+
+        @report = OpenFoodNetwork::XeroInvoicesReport.new(spree_current_user,
+                                                          raw_params,
+                                                          render_content?)
+        render_report(@report.header, @report.table, params[:csv], "xero_invoices_#{timestamp}.csv")
+      end
+
+      private
+
+      def model_class
+        Spree::Admin::ReportsController
+      end
+
+      # Some actions are changing the `params` object. That is unfortunate Spree
+      # behavior and we are building on it. So we have to look at `params` early
+      # to check if we are searching or just displaying a report search form.
+      def cache_search_state
+        search_keys = [
+          # search parameter for ransack
+          :q,
+          # common in all reports, only set for CSV rendering
+          :csv,
+          # `button` is included in all forms. It's not important for searching,
+          # but the Users & Enterprises report doesn't have any other parameter
+          # for an empty search. So we use this one to display data.
+          :button,
+          # Some reports use filtering by enterprise or order cycle
+          :distributor_id,
+          :supplier_id,
+          :order_cycle_id,
+          # Xero Invoices can be filtered by date
+          :invoice_date,
+          :due_date
+        ]
+        @searching = search_keys.any? { |key| raw_params.key? key }
+      end
+
+      # We don't want to render data unless search params are supplied.
+      # Compiling data can take a long time.
+      def render_content?
+        @searching
+      end
+
+      def render_report(header, table, create_csv, csv_file_name)
+        send_data csv_report(header, table), filename: csv_file_name if create_csv
+        @header = header
+        @table = table
+        # Rendering HTML is the default.
+      end
+
+      def load_associated_data
+        form_options = Reporting::FrontendData.new(spree_current_user)
+
+        @distributors = form_options.distributors
+        @suppliers = form_options.suppliers
+        @order_cycles = form_options.order_cycles
+      end
+
+      def csv_report(header, table)
+        CSV.generate do |csv|
+          csv << header
+          table.each { |row| csv << row }
+        end
+      end
+
+      def load_basic_data
+        @distributors = my_distributors
+        @suppliers = my_suppliers | suppliers_of_products_distributed_by(@distributors)
+        @order_cycles = my_order_cycles
+      end
+
+      # Load managed distributor enterprises of current user
+      def my_distributors
+        Enterprise.is_distributor.managed_by(spree_current_user)
+      end
+
+      # Load managed producer enterprises of current user
+      def my_suppliers
+        Enterprise.is_primary_producer.managed_by(spree_current_user)
+      end
+
+      def suppliers_of_products_distributed_by(distributors)
+        supplier_ids = Spree::Product.in_distributors(distributors.select('enterprises.id')).
+          select('spree_products.supplier_id')
+
+        Enterprise.where(id: supplier_ids)
+      end
+
+      # Load order cycles the current user has access to
+      def my_order_cycles
+        OrderCycle.
+          active_or_complete.
+          visible_by(spree_current_user).
+          order('orders_close_at DESC')
+      end
+
+      def order_grouper_table
+        order_grouper = OpenFoodNetwork::OrderGrouper.new @report.rules, @report.columns, @report
+        order_grouper.table(@report.table_items)
+      end
+
+      def authorized_reports
+        all_reports = [
+          :orders_and_distributors,
+          :bulk_coop,
+          :payments,
+          :orders_and_fulfillment,
+          :customers,
+          :products_and_inventory,
+          :users_and_enterprises,
+          :enterprise_fee_summary,
+          :order_cycle_management,
+          :sales_tax,
+          :xero_invoices,
+          :packing
+        ]
+        reports = all_reports.select { |action| can? action, Spree::Admin::ReportsController }
+        reports.map { |report| [report, describe_report(report)] }.to_h
+      end
+
+      def describe_report(report)
+        name = I18n.t(:name, scope: [:admin, :reports, report])
+        description = begin
+          I18n.t!(:description, scope: [:admin, :reports, report])
+        rescue I18n::MissingTranslationData
+          render_to_string(
+            partial: "#{report}_description",
+            layout: false,
+            locals: { report_types: report_types[report] }
+          ).html_safe
+        end
+        { name: name, url: url_for_report(report), description: description }
+      end
+
+      def url_for_report(report)
+        if report_in_order_management_engine?(report)
+          main_app.public_send("new_order_management_reports_#{report}_url".to_sym)
+        else
+          spree.public_send("#{report}_admin_reports_url".to_sym)
+        end
+      rescue NoMethodError
+        main_app.admin_reports_url(report_type: report)
+      end
+
+      # List of reports that have been moved to the Order Management engine
+      def report_in_order_management_engine?(report)
+        ORDER_MANAGEMENT_ENGINE_REPORTS.include?(report)
+      end
+
+      def timestamp
+        Time.zone.now.strftime("%Y%m%d")
+      end
+
+      def orders_and_fulfillment_default_filters
+        now = Time.zone.now
+        { completed_at_gt: (now - 1.month).beginning_of_day,
+          completed_at_lt: (now + 1.day).beginning_of_day }
+      end
+    end
+  end
+end

app/controllers/spree/admin/search_controller.rb

@@ -21,8 +21,7 @@ module Spree
         @customers = []
         if spree_current_user.enterprises.pluck(:id).include? search_params[:distributor_id].to_i
           @customers = Customer.
-            ransack(m: 'or', email_start: search_params[:q], first_name_start: search_params[:q],
-                    last_name_start: search_params[:q]).
+            ransack(m: 'or', email_start: search_params[:q], name_start: search_params[:q]).
             result.
             where(enterprise_id: search_params[:distributor_id].to_i)
         end

app/controllers/spree/user_sessions_controller.rb

@@ -13,7 +13,6 @@ module Spree
 
     helper 'spree/base'
 
-    prepend_before_action :handle_unconfirmed_email
     before_action :set_checkout_redirect, only: :create
     after_action :ensure_valid_locale_persisted, only: :create
 
@@ -50,22 +49,6 @@ module Spree
       Spree.t(:login)
     end
 
-    def handle_unconfirmed_email
-      render_unconfirmed_response if email_unconfirmed?
-    end
-
-    def email_unconfirmed?
-      Spree::User.where(email: params.dig(:spree_user, :email), confirmed_at: nil).exists?
-    end
-
-    def render_unconfirmed_response
-      render status: :unprocessable_entity, operations: cable_car.inner_html(
-        "#login-feedback",
-        partial("layouts/alert", locals: { type: "alert", message: t(:email_unconfirmed),
-                                           unconfirmed: true, tab: "login" })
-      )
-    end
-
     def ensure_valid_locale_persisted
       # When creating a new user session we have to wait until after a successful
       # login to be able to persist a selected locale on the current user

app/controllers/spree/users_controller.rb

@@ -62,7 +62,8 @@ module Spree
         if params[:user][:password].present?
           # this logic needed b/c devise wants to log us out after password changes
           Spree::User.reset_password_by_token(params[:user])
-          bypass_sign_in(@user)
+          sign_in(@user, event: :authentication,
+                         bypass: true)
         end
         redirect_to spree.account_url, notice: Spree.t(:account_updated)
       else

app/controllers/user_confirmations_controller.rb

@@ -23,7 +23,7 @@ class UserConfirmationsController < DeviseController
       end
     else
       render operations: cable_car.inner_html(
-        "##{params[:tab] || 'forgot'}-feedback",
+        "#forgot-feedback",
         partial("layouts/alert", locals: { type: "success", message: t("devise.confirmations.send_instructions") })
       )
       return

app/controllers/user_passwords_controller.rb

@@ -29,8 +29,7 @@ class UserPasswordsController < Spree::UserPasswordsController
     render status: :unprocessable_entity, operations: cable_car.inner_html(
       "#forgot-feedback",
       partial("layouts/alert",
-              locals: { type: "alert", message: t(:email_unconfirmed),
-                        unconfirmed: true, tab: "forgot" })
+              locals: { type: "alert", message: t(:email_unconfirmed), unconfirmed: true })
     )
   end
 

app/helpers/application_helper.rb

@@ -27,17 +27,6 @@ module ApplicationHelper
     OpenFoodNetwork::FeatureToggle.enabled?(feature, user)
   end
 
-  def language_meta_tags
-    return if I18n.available_locales.one?
-
-    I18n.available_locales.map do |locale|
-      tag.link(
-        hreflang: locale.to_s.gsub("_", "-").downcase,
-        href: "#{request.protocol}#{request.host_with_port}/locales/#{locale}"
-      )
-    end.join("\n").html_safe
-  end
-
   def ng_form_for(name, *args, &block)
     options = args.extract_options!
 
@@ -59,13 +48,4 @@ module ApplicationHelper
     classes << "off-canvas" unless @hide_menu
     classes << @shopfront_layout
   end
-
-  def pdf_stylesheet_pack_tag(source)
-    if running_in_development?
-      options = { media: "all", host: "#{Webpacker.dev_server.host}:#{Webpacker.dev_server.port}" }
-      stylesheet_pack_tag(source, **options)
-    else
-      wicked_pdf_stylesheet_pack_tag(source)
-    end
-  end
 end

app/helpers/enterprises_helper.rb

@@ -28,7 +28,7 @@ module EnterprisesHelper
   def available_payment_methods
     return [] if current_distributor.blank?
 
-    payment_methods = current_distributor.payment_methods.available(:both).to_a
+    payment_methods = current_distributor.payment_methods.available(:front_end).to_a
 
     filter = OpenFoodNetwork::AvailablePaymentMethodFilter.new
     filter.filter!(payment_methods)

app/helpers/reports_helper.rb

@@ -9,24 +9,7 @@ module ReportsHelper
     end
   end
 
-  def report_payment_method_options(orders)
-    orders.map do |order|
-      payment_method = order.payments.last&.payment_method
-
-      next unless payment_method
-
-      [payment_method.name, payment_method.id]
-    end.compact.uniq
-  end
-
-  def report_shipping_method_options(orders)
-    orders.map do |o|
-      sm = o.shipping_method
-      [sm&.name, sm&.id]
-    end.uniq
-  end
-
-  def currency_symbol
-    Spree::Money.currency_symbol
+  def report_subtypes(report)
+    Reporting::ReportLoader.new(report).report_subtypes
   end
 end

app/helpers/spree/admin/navigation_helper.rb

@@ -77,7 +77,7 @@ module Spree
         klass = EnterpriseGroup if klass == :group
         klass = VariantOverride if klass == :Inventory
         klass = ProductImport::ProductImporter if klass == :import
-        klass = ::Admin::ReportsController if klass == :report
+        klass = Spree::Admin::ReportsController if klass == :report
         klass
       end
 
@@ -115,7 +115,7 @@ module Spree
         if html_options[:method] &&
            html_options[:method].to_s.downcase != 'get' &&
            !html_options[:remote]
-          form_tag(url, method: html_options.delete(:method), id: html_options.delete(:form_id)) do
+          form_tag(url, method: html_options.delete(:method)) do
             button(text, html_options.delete(:icon), nil, html_options)
           end
         else

app/helpers/spree/admin/orders_helper.rb

@@ -5,8 +5,8 @@ module Spree
     module OrdersHelper
       def event_links
         links = []
-        links << cancel_event_link if @order.can_cancel?
-        links << resume_event_link if @order.can_resume?
+        links << event_link("cancel") if @order.can_cancel?
+        links << event_link("resume") if @order.can_resume?
         links.join('&nbsp;').html_safe
       end
 
@@ -114,19 +114,12 @@ module Spree
           confirm: t(:are_you_sure) }
       end
 
-      def cancel_event_link
-        event_label = I18n.t("cancel", scope: "actions")
-        button_link_to(event_label,
-                       fire_admin_order_url(@order, e: "cancel"),
-                       method: :put, icon: "icon-cancel", form_id: "cancel_order_form")
-      end
-
-      def resume_event_link
-        event_label = I18n.t("resume", scope: "actions")
+      def event_link(event)
+        event_label = I18n.t(event, scope: "actions")
         confirm_message = I18n.t("admin.orders.edit.order_sure_want_to", event: event_label)
         button_link_to(event_label,
-                       fire_admin_order_url(@order, e: "resume"),
-                       method: :put, icon: "icon-resume",
+                       fire_admin_order_url(@order, e: event),
+                       method: :put, icon: "icon-#{event}",
                        data: { confirm: confirm_message })
       end
 

app/helpers/spree/reports_helper.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'spree/money'
+
+module Spree
+  module ReportsHelper
+    def report_payment_method_options(orders)
+      orders.map do |order|
+        payment_method = order.payments.last&.payment_method
+
+        next unless payment_method
+
+        [payment_method.name, payment_method.id]
+      end.compact.uniq
+    end
+
+    def report_shipping_method_options(orders)
+      orders.map do |o|
+        sm = o.shipping_method
+        [sm&.name, sm&.id]
+      end.uniq
+    end
+
+    def xero_report_types
+      [[I18n.t(:summary), 'summary'],
+       [I18n.t(:detailed), 'detailed']]
+    end
+
+    def currency_symbol
+      Spree::Money.currency_symbol
+    end
+  end
+end

app/json_schemas/customer_schema.rb

@@ -1,64 +0,0 @@
-# frozen_string_literal: true
-
-class CustomerSchema < JsonApiSchema
-  def self.object_name
-    "customer"
-  end
-
-  def self.attributes
-    {
-      id: { type: :integer, example: 1 },
-      enterprise_id: { type: :integer, example: 2 },
-      first_name: { type: :string, nullable: true, example: "Alice" },
-      last_name: { type: :string, nullable: true, example: "Springs" },
-      code: { type: :string, nullable: true, example: "BUYER1" },
-      email: { type: :string, example: "alice@example.com" },
-      allow_charges: { type: :boolean, example: false },
-      tags: { type: :array, items: { type: :string }, example: ["staff", "discount"] },
-      terms_and_conditions_accepted_at: {
-        type: :string, format: "date-time", nullable: true,
-        example: "2022-03-12T15:55:00.000+11:00",
-      },
-      billing_address: {
-        type: :object, nullable: true,
-        example: nil,
-      },
-      shipping_address: {
-        type: :object, nullable: true,
-        example: address_example,
-      },
-    }
-  end
-
-  def self.address_example
-    {
-      phone: "0404 333 222 111",
-      latitude: -37.817375100000,
-      longitude: 144.964803195704,
-      first_name: "Alice",
-      last_name: "Springs",
-      street_address_1: "1 Flinders Street",
-      street_address_2: "",
-      postal_code: "1234",
-      locality: "Melbourne",
-      region: "Victoria",
-      country: "Australia",
-    }
-  end
-
-  def self.required_attributes
-    [:enterprise_id, :email]
-  end
-
-  def self.writable_attributes
-    attributes.except(
-      :id,
-      :allow_charges,
-      :terms_and_conditions_accepted_at,
-    )
-  end
-
-  def self.relationships
-    [:enterprise]
-  end
-end

app/json_schemas/errors_schema.rb

@@ -1,24 +0,0 @@
-# frozen_string_literal: true
-
-class ErrorsSchema
-  def self.schema
-    {
-      type: :object,
-      properties: {
-        errors: {
-          type: :array,
-          items: {
-            type: :object,
-            properties: {
-              title: { type: :string },
-              detail: { type: :string },
-              source: { type: :object }
-            },
-            required: [:detail]
-          }
-        }
-      },
-      required: [:errors]
-    }
-  end
-end

app/json_schemas/json_api_schema.rb

@@ -1,114 +0,0 @@
-# frozen_string_literal: true
-
-class JsonApiSchema
-  class << self
-    def attributes
-      {}
-    end
-
-    def required_attributes
-      []
-    end
-
-    def relationships
-      []
-    end
-
-    def all_attributes
-      attributes.keys
-    end
-
-    def schema(options = {})
-      {
-        type: :object,
-        properties: {
-          data: {
-            type: :object,
-            properties: data_properties(**options)
-          },
-          meta: { type: :object },
-          links: { type: :object }
-        },
-        required: [:data]
-      }
-    end
-
-    def collection(options)
-      {
-        type: :object,
-        properties: {
-          data: {
-            type: :array,
-            items: {
-              type: :object,
-              properties: data_properties(**options)
-            }
-          },
-          meta: {
-            type: :object,
-            properties: {
-              pagination: {
-                type: :object,
-                properties: {
-                  results: { type: :integer, example: 250 },
-                  pages: { type: :integer, example: 5 },
-                  page: { type: :integer, example: 2 },
-                  per_page: { type: :integer, example: 50 },
-                }
-              }
-            },
-            required: [:pagination]
-          },
-          links: {
-            type: :object,
-            properties: {
-              self: { type: :string },
-              first: { type: :string },
-              prev: { type: :string, nullable: true },
-              next: { type: :string, nullable: true },
-              last: { type: :string }
-            }
-          }
-        },
-        required: [:data, :meta, :links]
-      }
-    end
-
-    private
-
-    def data_properties(require_all: false)
-      required = require_all ? all_attributes : required_attributes
-
-      {
-        id: { type: :string, example: "1" },
-        type: { type: :string, example: object_name },
-        attributes: {
-          type: :object,
-          properties: attributes,
-          required: required
-        },
-        relationships: {
-          type: :object,
-          properties: relationships.to_h do |name|
-            [
-              name,
-              relationship_schema(name)
-            ]
-          end
-        }
-      }
-    end
-
-    def relationship_schema(name)
-      if is_singular?(name)
-        RelationshipSchema.schema(name)
-      else
-        RelationshipSchema.collection(name)
-      end
-    end
-
-    def is_singular?(name)
-      name.to_s.singularize == name.to_s
-    end
-  end
-end

app/json_schemas/relationship_schema.rb

@@ -1,48 +0,0 @@
-# frozen_string_literal: true
-
-class RelationshipSchema
-  def self.schema(resource_name = nil)
-    {
-      type: :object,
-      properties: {
-        data: {
-          type: :object,
-          properties: {
-            id: { type: :string },
-            type: { type: :string, example: resource_name }
-          }
-        },
-        links: {
-          type: :object,
-          properties: {
-            related: { type: :string }
-          }
-        }
-      }
-    }
-  end
-
-  def self.collection(resource_name = nil)
-    {
-      type: :object,
-      properties: {
-        data: {
-          type: :array,
-          items: {
-            type: :object,
-            properties: {
-              id: { type: :string },
-              type: { type: :string, example: resource_name }
-            }
-          }
-        },
-        links: {
-          type: :object,
-          properties: {
-            related: { type: :string }
-          }
-        }
-      }
-    }
-  end
-end

app/mailers/payment_mailer.rb

@@ -8,7 +8,9 @@ class PaymentMailer < Spree::BaseMailer
     subject = I18n.t('spree.payment_mailer.authorize_payment.subject',
                      distributor: @payment.order.distributor.name)
     I18n.with_locale valid_locale(@payment.order.user) do
-      mail(to: payment.order.email, from: from_address, subject: subject)
+      mail(to: payment.order.user.email,
+           from: from_address,
+           subject: subject)
     end
   end
 

app/models/concerns/has_migrating_file.rb

@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-module HasMigratingFile
-  extend ActiveSupport::Concern
-
-  @migrating_models = []
-
-  def self.migrating_models
-    @migrating_models
-  end
-
-  included do
-    HasMigratingFile.migrating_models.push(name)
-  end
-
-  class_methods do
-    def has_one_migrating(name, paperclip_options = {})
-      # Active Storage declaration
-      has_one_attached name
-
-      # Backup Active Storage methods before they get overridden by Paperclip.
-      alias_method "active_storage_#{name}", name
-      alias_method "active_storage_#{name}=", "#{name}="
-
-      # Paperclip declaration
-      #
-      # This will define the `name` and `name=` methods as well.
-      has_attached_file name, paperclip_options
-
-      # Paperclip callback to duplicate file with Active Storage
-      #
-      # We store files with Paperclip *and* Active Storage while we migrate
-      # old Paperclip files to Active Storage. This enables availability
-      # during the migration.
-      public_send("after_#{name}_post_process") do
-        path = processed_local_file_path(name)
-        if public_send(name).errors.blank? && path.present?
-          attach_file(name, File.open(path))
-        end
-      end
-    end
-  end
-
-  def attach_file(name, io)
-    attachable = {
-      io: io,
-      filename: public_send("#{name}_file_name"),
-      content_type: public_send("#{name}_content_type"),
-      identify: false,
-    }
-    public_send("active_storage_#{name}=", attachable)
-  end
-
-  private
-
-  def processed_local_file_path(name)
-    attachment = public_send(name)
-
-    temporary = attachment.queued_for_write[:original]
-
-    if temporary&.path.present?
-      temporary.path
-    else
-      attachment.path
-    end
-  end
-end

app/models/customer.rb

@@ -5,7 +5,7 @@ class Customer < ApplicationRecord
 
   acts_as_taggable
 
-  searchable_attributes :first_name, :last_name, :email, :code
+  searchable_attributes :name, :email, :code
 
   belongs_to :enterprise
   belongs_to :user, class_name: "Spree::User"
@@ -34,10 +34,6 @@ class Customer < ApplicationRecord
 
   attr_accessor :gateway_recurring_payment_client_secret, :gateway_shop_id
 
-  def full_name
-    "#{first_name} #{last_name}".strip
-  end
-
   private
 
   def downcase_email

app/models/enterprise.rb

@@ -3,7 +3,6 @@
 require 'spree/core/s3_support'
 
 class Enterprise < ApplicationRecord
-  include HasMigratingFile
   include Spree::Core::S3Support
 
   SELLS = %w(unspecified none own any).freeze
@@ -20,8 +19,6 @@ class Enterprise < ApplicationRecord
   preference :shopfront_producer_order, :string, default: ""
   preference :shopfront_order_cycle_order, :string, default: "orders_close_at"
   preference :shopfront_product_sorting_method, :string, default: "by_category"
-  preference :invoice_order_by_supplier, :boolean, default: false
-  preference :product_low_stock_display, :boolean, default: false
 
   # Allow hubs to restrict visible variants to only those in their inventory
   preference :product_selection_from_inventory_only, :boolean, default: false
@@ -73,12 +70,12 @@ class Enterprise < ApplicationRecord
                                               tag_rule[:preferred_customer_tags].blank?
                                             }
 
-  has_one_migrating :logo,
+  has_attached_file :logo,
                     styles: { medium: "300x300>", small: "180x180>", thumb: "100x100>" },
                     url: '/images/enterprises/logos/:id/:style/:basename.:extension',
                     path: 'public/images/enterprises/logos/:id/:style/:basename.:extension'
 
-  has_one_migrating :promo_image,
+  has_attached_file :promo_image,
                     styles: {
                       large: ["1200x260#", :jpg],
                       medium: ["720x156#", :jpg],
@@ -89,7 +86,7 @@ class Enterprise < ApplicationRecord
   validates_attachment_content_type :logo, content_type: %r{\Aimage/.*\Z}
   validates_attachment_content_type :promo_image, content_type: %r{\Aimage/.*\Z}
 
-  has_one_migrating :terms_and_conditions,
+  has_attached_file :terms_and_conditions,
                     url: '/files/enterprises/terms_and_conditions/:id/:basename.:extension',
                     path: 'public/files/enterprises/terms_and_conditions/:id/:basename.:extension'
   validates_attachment_content_type :terms_and_conditions,
@@ -121,8 +118,7 @@ class Enterprise < ApplicationRecord
   after_rollback :restore_permalink
 
   scope :by_name, -> { order('name') }
-  scope :visible, -> { where(visible: "public") }
-  scope :not_hidden, -> { where.not(visible: "hidden") }
+  scope :visible, -> { where(visible: true) }
   scope :activated, -> { where("sells != 'unspecified'") }
   scope :ready_for_checkout, lambda {
     joins(:shipping_methods).
@@ -269,7 +265,7 @@ class Enterprise < ApplicationRecord
 
   def plus_relatives_and_oc_producers(order_cycles)
     oc_producer_ids = Exchange.in_order_cycle(order_cycles).incoming.pluck :sender_id
-    Enterprise.not_hidden.is_primary_producer.relatives_of_one_union_others(id, oc_producer_ids | [id])
+    Enterprise.is_primary_producer.relatives_of_one_union_others(id, oc_producer_ids | [id])
   end
 
   def relatives_including_self
@@ -403,10 +399,6 @@ class Enterprise < ApplicationRecord
     abn.present?
   end
 
-  def public?
-    visible == "public"
-  end
-
   protected
 
   def devise_mailer

app/models/enterprise_group.rb

@@ -4,7 +4,6 @@ require 'open_food_network/locking'
 require 'spree/core/s3_support'
 
 class EnterpriseGroup < ApplicationRecord
-  include HasMigratingFile
   include PermalinkGenerator
   include Spree::Core::S3Support
 
@@ -28,12 +27,12 @@ class EnterpriseGroup < ApplicationRecord
 
   delegate :phone, :address1, :address2, :city, :zipcode, :state, :country, to: :address
 
-  has_one_migrating :logo,
+  has_attached_file :logo,
                     styles: { medium: "100x100" },
                     url: '/images/enterprise_groups/logos/:id/:style/:basename.:extension',
                     path: 'public/images/enterprise_groups/logos/:id/:style/:basename.:extension'
 
-  has_one_migrating :promo_image,
+  has_attached_file :promo_image,
                     styles: { large: ["1200x260#", :jpg] },
                     url: '/images/enterprise_groups/promo_images/:id/:style/:basename.:extension',
                     path: 'public/images/enterprise_groups/promo_images/:id/:style/:basename.:extension'

app/models/order_cycle.rb

@@ -10,8 +10,7 @@ class OrderCycle < ApplicationRecord
   belongs_to :coordinator, class_name: 'Enterprise'
 
   has_many :coordinator_fee_refs, class_name: 'CoordinatorFee'
-  has_many :coordinator_fees, through: :coordinator_fee_refs, source: :enterprise_fee,
-                              dependent: :destroy
+  has_many :coordinator_fees, through: :coordinator_fee_refs, source: :enterprise_fee
 
   has_many :exchanges, dependent: :destroy
 
@@ -30,7 +29,6 @@ class OrderCycle < ApplicationRecord
   attr_accessor :incoming_exchanges, :outgoing_exchanges
 
   before_update :reset_processed_at, if: :will_save_change_to_orders_close_at?
-  after_save :sync_subscriptions, if: :opening?
 
   validates :name, :coordinator_id, presence: true
   validate :orders_close_at_after_orders_open_at?
@@ -158,10 +156,8 @@ class OrderCycle < ApplicationRecord
     # rubocop:disable Layout/LineLength
     oc.preferred_product_selection_from_coordinator_inventory_only = preferred_product_selection_from_coordinator_inventory_only
     # rubocop:enable Layout/LineLength
-    oc.schedule_ids = schedule_ids
     oc.save!
     exchanges.each { |e| e.clone!(oc) }
-    sync_subscriptions
     oc.reload
   end
 
@@ -276,22 +272,6 @@ class OrderCycle < ApplicationRecord
 
   private
 
-  def opening?
-    (open? || upcoming?) && saved_change_to_orders_close_at? && was_closed?
-  end
-
-  def was_closed?
-    orders_close_at_previously_was.blank? || Time.zone.now > orders_close_at_previously_was
-  end
-
-  def sync_subscriptions
-    return unless schedule_ids.any?
-
-    OrderManagement::Subscriptions::ProxyOrderSyncer.new(
-      Subscription.where(schedule_id: schedule_ids)
-    ).sync!
-  end
-
   def orders_close_at_after_orders_open_at?
     return if orders_open_at.blank? || orders_close_at.blank?
     return if orders_close_at > orders_open_at

app/models/product_import/entry_validator.rb

@@ -73,13 +73,11 @@ module ProductImport
                                            'variant_unit_scale', 'primary_taxon_id')
       )
       new_variant.save
-      if new_variant.persisted?
-        if entry.attributes['on_demand'].present?
-          new_variant.on_demand = entry.attributes['on_demand']
-        end
-        if entry.attributes['on_hand'].present?
-          new_variant.on_hand = entry.attributes['on_hand']
-        end
+      if entry.attributes['on_demand'].present?
+        new_variant.on_demand = entry.attributes['on_demand']
+      end
+      if entry.attributes['on_hand'].present?
+        new_variant.on_hand = entry.attributes['on_hand']
       end
 
       new_variant.product_id = product_id

app/models/spree/ability.rb

@@ -236,10 +236,12 @@ module Spree
            :validate_data, :reset_absent_products], ProductImport::ProductImporter
 
       # Reports page
-      can [:admin, :index, :show], ::Admin::ReportsController
-      can [:admin, :show, :customers, :orders_and_distributors, :group_buys, :payments,
-           :orders_and_fulfillment, :products_and_inventory, :order_cycle_management,
-           :packing, :enterprise_fee_summary, :bulk_coop], :report
+      can [:admin, :index, :customers, :orders_and_distributors, :group_buys, :payments,
+           :orders_and_fulfillment, :products_and_inventory, :order_cycle_management, :packing],
+          Spree::Admin::ReportsController
+      can [:admin, :show, :packing], :report
+      add_bulk_coop_abilities
+      add_enterprise_fee_summary_abilities
     end
 
     def add_order_cycle_management_abilities(user)
@@ -315,10 +317,11 @@ module Spree
       end
 
       # Reports page
-      can [:admin, :index, :show], ::Admin::ReportsController
-      can [:admin, :customers, :group_buys, :sales_tax, :payments,
+      can [:admin, :index, :customers, :group_buys, :sales_tax, :payments,
            :orders_and_distributors, :orders_and_fulfillment, :products_and_inventory,
-           :order_cycle_management, :xero_invoices, :enterprise_fee_summary, :bulk_coop], :report
+           :order_cycle_management, :xero_invoices], Spree::Admin::ReportsController
+      add_bulk_coop_abilities
+      add_enterprise_fee_summary_abilities
 
       can [:create], Customer
       can [:admin, :index, :update,
@@ -343,5 +346,19 @@ module Spree
           user.enterprises.include?(enterprise_relationship.child)
       end
     end
+
+    def add_bulk_coop_abilities
+      # Reveal the report link in spree/admin/reports#index
+      can [:bulk_coop], Spree::Admin::ReportsController
+      # Allow direct access to the report resource
+      can [:admin, :new, :create], :bulk_coop
+    end
+
+    def add_enterprise_fee_summary_abilities
+      # Reveal the report link in spree/admin/reports#index
+      can [:enterprise_fee_summary], Spree::Admin::ReportsController
+      # Allow direct access to the report resource
+      can [:admin, :new, :create], :enterprise_fee_summary
+    end
   end
 end

app/models/spree/address.rb

@@ -105,10 +105,6 @@ module Spree
       render_address([city, zipcode, state&.name])
     end
 
-    def address_and_city
-      [address1, address2, city].select(&:present?).join(' ')
-    end
-
     private
 
     def require_zipcode?

app/models/spree/gateway.rb

@@ -35,7 +35,7 @@ module Spree
     end
 
     def options
-      preferences.transform_keys(&:to_sym)
+      preferences.each_with_object({}){ |(key, value), memo| memo[key.to_sym] = value; }
     end
 
     def method_missing(method, *args)

app/models/spree/image.rb

@@ -4,8 +4,6 @@ require 'spree/core/s3_support'
 
 module Spree
   class Image < Asset
-    include HasMigratingFile
-
     validates_attachment_presence :attachment
     validate :no_attachment_errors
 
@@ -15,7 +13,7 @@ module Spree
     # - product: used in the BackOffice: Product Image upload modal in the Bulk Product Edit page
     #                                      and Product image edit page
     # - large: used in the FrontOffice: product modal
-    has_one_migrating :attachment,
+    has_attached_file :attachment,
                       styles: { mini: "48x48#", small: "227x227#",
                                 product: "240x240>", large: "600x600>" },
                       default_style: :product,

app/models/spree/line_item.rb

@@ -50,8 +50,6 @@ module Spree
 
     attr_accessor :skip_stock_check, :target_shipment # Allows manual skipping of Stock::AvailabilityValidator
 
-    attribute :restock_item, type: :boolean, default: true
-
     # -- Scopes
     scope :managed_by, lambda { |user|
       if user.has_spree_role?('admin')

app/models/spree/order.rb

@@ -84,7 +84,8 @@ module Spree
     before_validation :set_currency
     before_validation :generate_order_number, on: :create
     before_validation :clone_billing_address, if: :use_billing?
-    before_validation :ensure_customer
+    before_validation :associate_customer, unless: :customer_id?
+    before_validation :ensure_customer, unless: :customer_is_valid?
 
     before_create :link_by_email
     after_create :create_tax_charge!
@@ -105,8 +106,6 @@ module Spree
 
     after_save_commit DefaultAddressUpdater
 
-    attribute :send_cancellation_email, type: :boolean, default: true
-    attribute :restock_items, type: :boolean, default: true
     # -- Scopes
     scope :not_empty, -> {
       left_outer_joins(:line_items).where.not(spree_line_items: { id: nil })
@@ -311,8 +310,6 @@ module Spree
     # Creates new tax charges if there are any applicable rates. If prices already
     # include taxes then price adjustments are created instead.
     def create_tax_charge!
-      return if state.in?(["cart", "address", "delivery"]) && Flipper.enabled?(:split_checkout)
-
       clear_legacy_taxes!
 
       Spree::TaxRate.adjust(self, line_items)
@@ -377,7 +374,7 @@ module Spree
     end
 
     def available_payment_methods
-      @available_payment_methods ||= PaymentMethod.available(:both)
+      @available_payment_methods ||= PaymentMethod.available(:front_end)
     end
 
     # "Checkout" is the initial state and, for card payments, "pending" is the state after auth
@@ -610,14 +607,6 @@ module Spree
       address
     end
 
-    def sorted_line_items
-      if distributor.preferred_invoice_order_by_supplier
-        line_items.sort_by { |li| [li.supplier.name, li.product.name] }
-      else
-        line_items.sort_by { |li| [li.product.name] }
-      end
-    end
-
     private
 
     def fee_handler
@@ -669,13 +658,12 @@ module Spree
     def after_cancel
       shipments.each(&:cancel!)
 
-      OrderMailer.cancel_email(id).deliver_later if send_cancellation_email
-      update(payment_state: updater.update_payment_state)
+      OrderMailer.cancel_email(id).deliver_later
+      self.payment_state = 'credit_owed' unless shipped?
     end
 
     def after_resume
       shipments.each(&:resume!)
-      update(payment_state: updater.update_payment_state)
     end
 
     def use_billing?
@@ -721,25 +709,23 @@ module Spree
     def associate_customer
       return customer if customer.present?
 
-      Customer.of(distributor).find_by(email: email_for_customer)
-    end
-
-    def create_customer
-      return if customer_is_valid?
-
-      Customer.create(
-        enterprise: distributor,
-        email: email_for_customer,
-        user: user,
-        first_name: bill_address&.first_name.to_s,
-        last_name: bill_address&.last_name.to_s,
-        bill_address: bill_address&.clone,
-        ship_address: ship_address&.clone
-      )
+      self.customer = Customer.of(distributor).find_by(email: email_for_customer)
     end
 
     def ensure_customer
-      self.customer = associate_customer || create_customer
+      return if associate_customer
+
+      self.customer = Customer.new(
+        enterprise: distributor,
+        email: email_for_customer,
+        user: user,
+        name: bill_address&.full_name,
+        bill_address: bill_address&.clone,
+        ship_address: ship_address&.clone
+      )
+      customer.save
+
+      Bugsnag.notify(customer.errors.full_messages.join(", ")) unless customer.persisted?
     end
 
     def update_adjustment!(adjustment)
@@ -748,5 +734,16 @@ module Spree
       adjustment.update_adjustment!(force: true)
       updater.update_totals_and_states
     end
+
+    # object_params sets the payment amount to the order total, but it does this
+    # before the shipping method is set. This results in the customer not being
+    # charged for their order's shipping. To fix this, we refresh the payment
+    # amount here.
+    def set_payment_amount!
+      update_totals
+      return unless pending_payments.any?
+
+      pending_payments.first.update_attribute :amount, total
+    end
   end
 end

app/models/spree/order/checkout.rb

@@ -81,6 +81,7 @@ module Spree
               after_transition to: :complete, do: :finalize!
               after_transition to: :resumed,  do: :after_resume
               after_transition to: :canceled, do: :after_cancel
+              after_transition to: :payment, do: :set_payment_amount!
             end
           end
 

app/models/spree/order_contents.rb

@@ -19,8 +19,8 @@ module Spree
 
     # Get current line item for variant
     # Remove variant qty from line_item
-    def remove(variant, quantity = nil, shipment = nil, restock_item = true)
-      line_item = remove_from_line_item(variant, quantity, shipment, restock_item)
+    def remove(variant, quantity = nil, shipment = nil)
+      line_item = remove_from_line_item(variant, quantity, shipment)
       update_shipment(shipment)
       order.update_order_fees! if order.completed?
       update_order
@@ -97,9 +97,9 @@ module Spree
       line_item
     end
 
-    def remove_from_line_item(variant, quantity, shipment = nil, restock_item = true)
+    def remove_from_line_item(variant, quantity, shipment = nil)
       line_item = find_line_item_by_variant(variant, true)
-      line_item.restock_item = restock_item
+
       quantity.present? ? line_item.quantity += -quantity : line_item.quantity = 0
       line_item.target_shipment = shipment
 

app/models/spree/order_inventory.rb

@@ -44,15 +44,12 @@ module Spree
       quantity = variant_units.size - line_item.quantity
 
       if shipment.present?
-        remove_from_shipment(shipment, line_item.variant, quantity, line_item.restock_item)
+        remove_from_shipment(shipment, line_item.variant, quantity)
       else
         order.shipments.each do |each_shipment|
           break if quantity == 0
 
-          quantity -= remove_from_shipment(each_shipment,
-                                           line_item.variant,
-                                           quantity,
-                                           line_item.restock_item)
+          quantity -= remove_from_shipment(each_shipment, line_item.variant, quantity)
         end
       end
     end
@@ -86,7 +83,7 @@ module Spree
       quantity
     end
 
-    def remove_from_shipment(shipment, variant, quantity, restock_item)
+    def remove_from_shipment(shipment, variant, quantity)
       return 0 if quantity == 0 || shipment.shipped?
 
       shipment_units = shipment.inventory_units_for(variant).reject do |variant_unit|
@@ -104,7 +101,7 @@ module Spree
       shipment.destroy if shipment.inventory_units.reload.count == 0
 
       # removing this from shipment, and adding to stock_location
-      if order.completed? && restock_item
+      if order.completed?
         shipment.stock_location.restock variant, removed_quantity, shipment
       end
 

app/models/spree/payment.rb

@@ -147,7 +147,7 @@ module Spree
         adjustment.originator = payment_method
         adjustment.label = adjustment_label
         adjustment.save
-      elsif !processing_refund? && payment_method.present?
+      elsif payment_method.present?
         payment_method.create_adjustment(adjustment_label, self, true)
         adjustment.reload
       end
@@ -163,10 +163,6 @@ module Spree
 
     private
 
-    def processing_refund?
-      amount.negative?
-    end
-
     # Don't charge fees for invalid or failed payments.
     # This is called twice for failed payments, because the persistence of the 'failed'
     # state is acheived through some trickery using an after_rollback callback on the
@@ -183,11 +179,9 @@ module Spree
 
     def validate_source
       if source && !skip_source_validation && !source.valid?
-        source.errors.each do |error|
-          field_name =
-            I18n.t("activerecord.attributes.#{source.class.to_s.underscore}.#{error.attribute}")
-          errors.add(Spree.t(source.class.to_s.demodulize.underscore),
-                     "#{field_name} #{error.message}")
+        source.errors.each do |field, error|
+          field_name = I18n.t("activerecord.attributes.#{source.class.to_s.underscore}.#{field}")
+          errors.add(Spree.t(source.class.to_s.demodulize.underscore), "#{field_name} #{error}")
         end
       end
       errors.blank?
@@ -212,7 +206,7 @@ module Spree
     # Makes newly entered payments invalidate previously entered payments so the most recent payment
     # is used by the gateway.
     def invalidate_old_payments
-      order.payments.incomplete.where.not(id: id).each do |payment|
+      order.payments.with_state('checkout').where.not(id: id).each do |payment|
         # Using update_column skips validations and so it skips validate_source. As we are just
         # invalidating past payments here, we don't want to validate all of them at this stage.
         payment.update_columns(

app/models/spree/payment_method.rb

@@ -10,7 +10,7 @@ module Spree
     acts_as_taggable
     acts_as_paranoid
 
-    DISPLAY = [:both, :back_end].freeze
+    DISPLAY = [:both, :front_end, :back_end].freeze
     default_scope -> { where(deleted_at: nil) }
 
     has_many :credit_cards, class_name: "Spree::CreditCard"

app/models/spree/preferences/file_configuration.rb

@@ -5,10 +5,6 @@ module Spree
     class FileConfiguration < Configuration
       def self.preference(name, type, *args)
         if type == :file
-          # Active Storage blob id:
-          super "#{name}_blob_id", :integer, *args
-
-          # Paperclip attachment attributes:
           super "#{name}_file_name",    :string,  *args
           super "#{name}_content_type", :string,  *args
           super "#{name}_file_size",    :integer, *args
@@ -21,12 +17,7 @@ module Spree
 
       def get_preference(key)
         if !has_preference?(key) && has_attachment?(key)
-          # Call Paperclip's attachment method:
           public_send key
-        elsif key.ends_with?("_blob")
-          # Find referenced Active Storage blob:
-          blob_id = super("#{key}_id")
-          ActiveStorage::Blob.find_by(id: blob_id)
         else
           super key
         end
@@ -46,11 +37,7 @@ module Spree
       # errors if respond_to? isn't correct, so we override it here.
       def respond_to?(method, include_all = false)
         name = method.to_s.delete('=')
-        reference_name = "#{name}_id"
-
-        super(self.class.preference_getter_method(name), include_all) ||
-          super(reference_name, include_all) ||
-          super(method, include_all)
+        super(self.class.preference_getter_method(name), include_all) || super(method, include_all)
       end
 
       def has_attachment?(name)

app/models/spree/preferences/preferable.rb

@@ -93,7 +93,7 @@ module Spree
       end
 
       def clear_preferences
-        preferences.each_key { |pref| preference_store.delete preference_cache_key(pref) }
+        preferences.keys.each { |pref| preference_store.delete preference_cache_key(pref) }
       end
 
       private
@@ -121,6 +121,7 @@ module Spree
         when :integer
           value.to_i
         when :boolean
+          # rubocop:disable Style/NumericPredicate
           if value.is_a?(FalseClass) ||
              value.nil? ||
              value == 0 ||
@@ -130,6 +131,7 @@ module Spree
           else
             true
           end
+          # rubocop:enable Style/NumericPredicate
         else
           value
         end

app/models/spree/product.rb

@@ -31,7 +31,7 @@ module Spree
 
     searchable_attributes :supplier_id, :primary_taxon_id, :meta_keywords
     searchable_associations :supplier, :properties, :primary_taxon, :variants, :master
-    searchable_scopes :active, :with_properties
+    searchable_scopes :active
 
     has_many :product_option_types, dependent: :destroy
     # We have an after_destroy callback on Spree::ProductOptionType. However, if we
@@ -69,18 +69,6 @@ module Spree
 
     has_many :stock_items, through: :variants
 
-    has_many :supplier_properties, through: :supplier, source: :properties
-
-    scope :with_properties, ->(*property_ids) {
-      left_outer_joins(:product_properties).
-        left_outer_joins(:supplier_properties).
-        where(inherits_properties: true).
-        where(producer_properties: { property_id: property_ids }).
-        or(
-          where(spree_product_properties: { property_id: property_ids })
-        )
-    }
-
     delegate_belongs_to :master, :sku, :price, :currency, :display_amount, :display_price, :weight,
                         :height, :width, :depth, :is_master, :cost_currency,
                         :price_in, :amount_in, :unit_value, :unit_description

app/models/spree/shipment.rb

@@ -192,7 +192,7 @@ module Spree
     end
 
     def after_cancel
-      manifest.each { |item| manifest_restock(item) } if order.restock_items
+      manifest.each { |item| manifest_restock(item) }
     end
 
     def after_resume

app/models/spree/taxon.rb

@@ -2,6 +2,8 @@
 
 module Spree
   class Taxon < ApplicationRecord
+    include Spree::Core::S3Support
+
     acts_as_nested_set dependent: :destroy
 
     belongs_to :taxonomy, class_name: 'Spree::Taxonomy', touch: true
@@ -12,6 +14,15 @@ module Spree
 
     validates :name, presence: true
 
+    has_attached_file :icon,
+                      styles: { mini: '32x32>', normal: '128x128>' },
+                      default_style: :mini,
+                      url: '/spree/taxons/:id/:style/:basename.:extension',
+                      path: ':rails_root/public/spree/taxons/:id/:style/:basename.:extension',
+                      default_url: '/assets/default_taxon.png'
+
+    supports_s3 :icon
+
     # Indicate which filters should be used for this taxon
     def applicable_filters
       []

app/models/terms_of_service_file.rb

@@ -1,9 +1,7 @@
 # frozen_string_literal: true
 
 class TermsOfServiceFile < ApplicationRecord
-  include HasMigratingFile
-
-  has_one_migrating :attachment
+  has_attached_file :attachment
 
   validates :attachment, presence: true
 
@@ -21,9 +19,4 @@ class TermsOfServiceFile < ApplicationRecord
   def self.updated_at
     current&.updated_at || Time.zone.now
   end
-
-  def touch(_)
-    # Ignore Active Storage changing the timestamp during migrations.
-    # This can be removed once we got rid of Paperclip.
-  end
 end

app/serializers/api/admin/customer_serializer.rb

@@ -3,14 +3,14 @@
 module Api
   module Admin
     class CustomerSerializer < ActiveModel::Serializer
-      attributes :id, :email, :enterprise_id, :user_id, :code, :tags, :tag_list, :first_name,
-                 :last_name, :allow_charges, :default_card_present?
+      attributes :id, :email, :enterprise_id, :user_id, :code, :tags, :tag_list, :name,
+                 :allow_charges, :default_card_present?
 
       has_one :ship_address, serializer: Api::AddressSerializer
       has_one :bill_address, serializer: Api::AddressSerializer
 
-      def full_name
-        object.full_name.presence || object.bill_address&.full_name
+      def name
+        object.name.presence || object.bill_address&.full_name
       end
 
       def tag_list

app/serializers/api/admin/enterprise_serializer.rb

@@ -12,9 +12,7 @@ module Api
                  :preferred_shopfront_product_sorting_method, :owner, :contact, :users, :tag_groups,
                  :default_tag_group, :require_login, :allow_guest_orders, :allow_order_changes,
                  :logo, :promo_image, :terms_and_conditions,
-                 :terms_and_conditions_file_name, :terms_and_conditions_updated_at,
-                 :preferred_invoice_order_by_supplier, :preferred_product_low_stock_display,
-                 :visible
+                 :terms_and_conditions_file_name, :terms_and_conditions_updated_at
 
       has_one :owner, serializer: Api::Admin::UserSerializer
       has_many :users, serializer: Api::Admin::UserSerializer

app/serializers/api/admin/order_serializer.rb

@@ -7,7 +7,7 @@ module Api
                  :edit_path, :state, :payment_state, :shipment_state,
                  :payments_path, :ready_to_ship, :ready_to_capture, :created_at,
                  :distributor_name, :special_instructions, :display_outstanding_balance,
-                 :item_total, :adjustment_total, :payment_total, :total, :item_count
+                 :item_total, :adjustment_total, :payment_total, :total
 
       has_one :distributor, serializer: Api::Admin::IdSerializer
       has_one :order_cycle, serializer: Api::Admin::IdSerializer
@@ -69,10 +69,6 @@ module Api
         object.completed_at.blank? ? "" : I18n.l(object.completed_at, format: '%B %d, %Y')
       end
 
-      def item_count
-        object.line_items.count
-      end
-
       private
 
       def spree_routes_helper

app/serializers/api/admin/payment_method/base_serializer.rb

@@ -7,19 +7,11 @@ module Api
         attributes :id, :name, :type, :tag_list, :tags
 
         def tag_list
-          payment_method_tag_list.join(",")
+          object.tag_list.join(",")
         end
 
         def tags
-          payment_method_tag_list.map{ |t| { text: t } }
-        end
-
-        private
-
-        def payment_method_tag_list
-          return object.tag_list unless options[:payment_method_tags]
-
-          options.dig(:payment_method_tags, object.id) || []
+          object.tag_list.map{ |t| { text: t } }
         end
       end
     end

app/serializers/api/admin/payment_method_serializer.rb

@@ -7,9 +7,9 @@ module Api
 
       def method_serializer
         if object.type == 'Spree::Gateway::StripeSCA'
-          Api::Admin::PaymentMethod::StripeSerializer.new(object, options)
+          Api::Admin::PaymentMethod::StripeSerializer.new(object)
         else
-          Api::Admin::PaymentMethod::BaseSerializer.new(object, options)
+          Api::Admin::PaymentMethod::BaseSerializer.new(object)
         end
       end
     end

app/serializers/api/admin/subscription_serializer.rb

@@ -4,8 +4,8 @@ module Api
   module Admin
     class SubscriptionSerializer < ActiveModel::Serializer
       attributes :id, :shop_id, :customer_id, :schedule_id, :payment_method_id, :shipping_method_id,
-                 :begins_at, :ends_at, :customer_email, :customer_first_name, :customer_last_name,
-                 :customer_full_name, :schedule_name, :edit_path, :canceled_at, :paused_at, :state,
+                 :begins_at, :ends_at,
+                 :customer_email, :customer_name, :schedule_name, :edit_path, :canceled_at, :paused_at, :state,
                  :shipping_fee_estimate, :payment_fee_estimate
 
       has_many :subscription_line_items, serializer: Api::Admin::SubscriptionLineItemSerializer
@@ -34,16 +34,8 @@ module Api
         object.customer&.email
       end
 
-      def customer_first_name
-        object.customer&.first_name
-      end
-
-      def customer_last_name
-        object.customer&.last_name
-      end
-
-      def customer_full_name
-        object.customer&.full_name
+      def customer_name
+        object.customer&.name
       end
 
       def schedule_name

app/serializers/api/admin/units_product_serializer.rb

@@ -3,7 +3,7 @@
 module Api
   module Admin
     class UnitsProductSerializer < ActiveModel::Serializer
-      attributes :id, :name, :group_buy_unit_size, :variant_unit, :variant_unit_scale
+      attributes :id, :name, :group_buy_unit_size, :variant_unit
     end
   end
 end