Update translations

Improve eager-loading on admin products page

.env.development

@@ -5,9 +5,17 @@
 #
 #     cp .env.development .env.local
 
+VERBOSE_QUERY_LOGS=true
+
 SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 
 OFN_REDIS_URL="redis://localhost:6379/1"
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"
 
 SITE_URL="0.0.0.0:3000"
+
+# Deactivate rack-timeout in development.
+# https://github.com/zombocom/rack-timeout#configuring
+RACK_TIMEOUT_SERVICE_TIMEOUT="0"
+RACK_TIMEOUT_WAIT_TIMEOUT="0"
+RACK_TIMEOUT_WAIT_OVERTIME="0"

.github/workflows/brakeman-analysis.yml

@@ -41,6 +41,7 @@ jobs:
     - name: Scan
       continue-on-error: true
       run: |
+        git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
         brakeman -f sarif -o output.sarif.json .
 
     # Upload the SARIF file generated in the previous step

.github/workflows/build.yml

@@ -18,7 +18,7 @@ permissions:
 
 jobs:
   knapsack_rspec_controllers:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10
@@ -68,7 +68,6 @@ jobs:
           bundle exec rake db:schema:load
 
       - name: Run tests
-
         env:
           KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: 864ef557d85ea8e603e086c0387d5154
           KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
@@ -82,12 +81,12 @@ jobs:
           # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
           #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb}" 
-        
         run: |
+          git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
           bundle exec rake knapsack_pro:rspec
 
   knapsack_rspec_models:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10
@@ -156,7 +155,7 @@ jobs:
           bundle exec rake knapsack_pro:rspec
 
   knapsack_rspec_system_admin:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10
@@ -234,7 +233,7 @@ jobs:
           if-no-files-found: ignore
 
   knapsack_rspec_system_consumer:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10
@@ -312,7 +311,7 @@ jobs:
           if-no-files-found: ignore
 
   knapsack_rspec_engines:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10
@@ -390,7 +389,7 @@ jobs:
           if-no-files-found: ignore
 
   knapsack_rspec_test_the_rest:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10
@@ -460,7 +459,7 @@ jobs:
           bundle exec rake knapsack_pro:rspec
 
   non_knapsack_jest_karma:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     services:
       postgres:
         image: postgres:10

.github/workflows/linters.yml

@@ -9,7 +9,11 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v1
+
       - uses: ruby/setup-ruby@v1
+
+      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
+
       - name: rubocop
         uses: reviewdog/action-rubocop@v2
         with:
@@ -32,6 +36,8 @@ jobs:
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
 
+      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
+
       - name: prettier
         uses: EPMatt/reviewdog-action-prettier@v1
         with:

.prettierignore

@@ -1,8 +1,5 @@
 # Basically, ignore everythings expect app/webpacker/controllers/*.js and app/webpacker/packs/*.js
-*.css
-*.scss
-# Except v2
-!/app/webpacker/css/admin/v2/**/*.scss
+
 *.md
 *.yml
 *.yaml
@@ -12,6 +9,10 @@
 babel.config.js
 postcss.config.js
 
+/app/webpacker/css/darkswarm/
+/app/webpacker/css/mail/
+/app/webpacker/css/shared/
+
 /app/assets/
 /config/
 /coverage/

.prettierrc.json

@@ -1 +1,3 @@
-{}
+{
+  "printWidth": 100
+}

.rubocop_styleguide.yml

@@ -2,9 +2,8 @@
 #
 # These are the rules we agreed upon and we work towards.
 AllCops:
-  NewCops: disable
+  NewCops: enable
   SuggestExtensions: false
-  TargetRailsVersion: 5.0
   Exclude:
     - 'bin/**/*'
     - 'db/**/*'
@@ -41,6 +40,7 @@ Metrics/BlockLength:
     "resources",
     "scenario",
     "shared_examples",
+    "shared_examples_for",
     "xdescribe",
   ]
 

.rubocop_todo.yml

@@ -1,19 +1,11 @@
 # This configuration was generated by
-# `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400`
-# on 2023-04-01 00:21:28 UTC using RuboCop version 1.47.0.
+# `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400 --no-auto-gen-timestamp`
+# using RuboCop version 1.50.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 4
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: TreatCommentsAsGroupSeparators, ConsiderPunctuation, Include.
-# Include: **/*.gemfile, **/Gemfile, **/gems.rb
-Bundler/OrderedGems:
-  Exclude:
-    - 'Gemfile'
-
 # Offense count: 4
 # Configuration parameters: Severity, Include.
 # Include: **/*.gemspec
@@ -63,11 +55,10 @@ Layout/BlockAlignment:
   Exclude:
     - 'spec/services/products_renderer_spec.rb'
 
-# Offense count: 5
+# Offense count: 4
 # This cop supports safe autocorrection (--autocorrect).
 Layout/BlockEndNewline:
   Exclude:
-    - 'app/controllers/admin/subscriptions_controller.rb'
     - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
     - 'spec/system/admin/orders_spec.rb'
 
@@ -93,21 +84,13 @@ Layout/EmptyLinesAroundBlockBody:
     - 'spec/requests/checkout/concurrency_spec.rb'
     - 'spec/system/admin/order_cycles/list_spec.rb'
 
-# Offense count: 1
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowForAlignment, AllowBeforeTrailingComments, ForceEqualSignAlignment.
-Layout/ExtraSpacing:
-  Exclude:
-    - 'spec/spec_helper.rb'
-
-# Offense count: 3
+# Offense count: 2
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, IndentationWidth.
 # SupportedStyles: consistent, consistent_relative_to_receiver, special_for_inner_method_call, special_for_inner_method_call_in_parentheses
 Layout/FirstArgumentIndentation:
   Exclude:
     - 'spec/system/admin/orders_spec.rb'
-    - 'spec/system/admin/products_spec.rb'
 
 # Offense count: 2
 # This cop supports safe autocorrection (--autocorrect).
@@ -117,7 +100,7 @@ Layout/FirstHashElementIndentation:
   Exclude:
     - 'spec/services/products_renderer_spec.rb'
 
-# Offense count: 13
+# Offense count: 11
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
 # SupportedHashRocketStyles: key, separator, table
@@ -125,31 +108,25 @@ Layout/FirstHashElementIndentation:
 # SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
 Layout/HashAlignment:
   Exclude:
-    - 'app/controllers/admin/subscriptions_controller.rb'
     - 'app/controllers/spree/users_controller.rb'
     - 'app/models/spree/image.rb'
     - 'spec/migrations/migrate_customer_names_spec.rb'
     - 'spec/models/enterprise_spec.rb'
-    - 'spec/support/request/stripe_stubs.rb'
     - 'spec/system/admin/customers_spec.rb'
     - 'spec/system/admin/order_spec.rb'
     - 'spec/system/admin/orders_spec.rb'
     - 'spec/system/admin/tag_rules_spec.rb'
     - 'spec/system/consumer/shopping/cart_spec.rb'
 
-# Offense count: 18
+# Offense count: 4
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: normal, indented_internal_methods
 Layout/IndentationConsistency:
   Exclude:
-    - 'spec/system/admin/order_cycles/complex_editing_spec.rb'
     - 'spec/system/admin/order_cycles/complex_updating_specific_time_spec.rb'
     - 'spec/system/admin/order_cycles/simple_spec.rb'
-    - 'spec/system/admin/order_spec.rb'
-    - 'spec/system/admin/orders_spec.rb'
     - 'spec/system/admin/product_import_spec.rb'
-    - 'spec/system/consumer/split_checkout_spec.rb'
 
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
@@ -165,7 +142,64 @@ Layout/LeadingCommentSpace:
   Exclude:
     - 'spec/system/admin/enterprises_spec.rb'
 
-# Offense count: 603
+# Offense count: 114
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: space, no_space
+Layout/LineContinuationSpacing:
+  Exclude:
+    - 'app/helpers/checkout_helper.rb'
+    - 'engines/order_management/spec/services/order_management/order/updater_spec.rb'
+    - 'engines/order_management/spec/services/order_management/subscriptions/stripe_payment_setup_spec.rb'
+    - 'engines/web/app/helpers/web/cookies_policy_helper.rb'
+    - 'spec/system/admin/bulk_order_management_spec.rb'
+    - 'spec/system/admin/configuration/content_spec.rb'
+    - 'spec/system/admin/customers_spec.rb'
+    - 'spec/system/admin/enterprise_fees_spec.rb'
+    - 'spec/system/admin/enterprises/index_spec.rb'
+    - 'spec/system/admin/enterprises_spec.rb'
+    - 'spec/system/admin/order_cycles/list_spec.rb'
+    - 'spec/system/admin/order_cycles/simple_spec.rb'
+    - 'spec/system/admin/order_spec.rb'
+    - 'spec/system/admin/orders_spec.rb'
+    - 'spec/system/admin/overview_spec.rb'
+    - 'spec/system/admin/payment_method_spec.rb'
+    - 'spec/system/admin/product_import_spec.rb'
+    - 'spec/system/admin/subscriptions_spec.rb'
+    - 'spec/system/admin/tag_rules_spec.rb'
+    - 'spec/system/admin/users_spec.rb'
+    - 'spec/system/admin/variant_overrides_spec.rb'
+    - 'spec/system/consumer/authentication_spec.rb'
+    - 'spec/system/consumer/caching/shops_caching_spec.rb'
+    - 'spec/system/consumer/cookies_spec.rb'
+    - 'spec/system/consumer/shopping/cart_spec.rb'
+    - 'spec/system/consumer/shopping/checkout_auth_spec.rb'
+    - 'spec/system/consumer/shopping/checkout_spec.rb'
+    - 'spec/system/consumer/shopping/products_spec.rb'
+    - 'spec/system/consumer/shopping/shopping_spec.rb'
+    - 'spec/system/consumer/shopping/unit_price_spec.rb'
+    - 'spec/system/consumer/split_checkout_spec.rb'
+
+# Offense count: 18
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: aligned, indented
+Layout/LineEndStringConcatenationIndentation:
+  Exclude:
+    - 'app/mailers/spree/user_mailer.rb'
+    - 'engines/order_management/app/services/order_management/subscriptions/proxy_order_syncer.rb'
+    - 'engines/order_management/spec/services/order_management/subscriptions/stripe_payment_setup_spec.rb'
+    - 'spec/system/admin/configuration/content_spec.rb'
+    - 'spec/system/admin/customers_spec.rb'
+    - 'spec/system/admin/overview_spec.rb'
+    - 'spec/system/admin/payment_method_spec.rb'
+    - 'spec/system/admin/subscriptions_spec.rb'
+    - 'spec/system/admin/tag_rules_spec.rb'
+    - 'spec/system/consumer/caching/shops_caching_spec.rb'
+    - 'spec/system/consumer/cookies_spec.rb'
+    - 'spec/system/consumer/shopping/cart_spec.rb'
+
+# Offense count: 615
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https
@@ -378,7 +412,7 @@ Layout/TrailingEmptyLines:
   Exclude:
     - 'Rakefile'
 
-# Offense count: 69
+# Offense count: 70
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowInHeredoc.
 Layout/TrailingWhitespace:
@@ -406,6 +440,16 @@ Layout/TrailingWhitespace:
     - 'spec/system/admin/shipping_methods_spec.rb'
     - 'spec/system/consumer/split_checkout_spec.rb'
 
+# Offense count: 7
+# This cop supports safe autocorrection (--autocorrect).
+Lint/AmbiguousOperatorPrecedence:
+  Exclude:
+    - 'app/models/calculator/flexi_rate.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/spree/ability.rb'
+    - 'app/models/spree/line_item.rb'
+    - 'app/models/spree/preferences/store.rb'
+
 # Offense count: 17
 # Configuration parameters: AllowedMethods.
 # AllowedMethods: enums
@@ -424,6 +468,16 @@ Lint/ConstantDefinitionInBlock:
     - 'spec/validators/date_time_string_validator_spec.rb'
     - 'spec/validators/integer_array_validator_spec.rb'
 
+# Offense count: 8
+# Configuration parameters: IgnoreLiteralBranches, IgnoreConstantBranches.
+Lint/DuplicateBranch:
+  Exclude:
+    - 'app/helpers/spree/admin/base_helper.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/spree/calculator.rb'
+    - 'app/models/spree/preference.rb'
+    - 'app/models/spree/preferences/preferable.rb'
+
 # Offense count: 2
 Lint/DuplicateMethods:
   Exclude:
@@ -435,6 +489,30 @@ Lint/DuplicateRequire:
   Exclude:
     - 'spec/lib/open_food_network/scope_variants_to_search_spec.rb'
 
+# Offense count: 20
+# Configuration parameters: AllowComments, AllowEmptyLambdas.
+Lint/EmptyBlock:
+  Exclude:
+    - 'engines/catalog/config/routes.rb'
+    - 'spec/components/distributor_title_component_spec.rb'
+    - 'spec/components/example_component_spec.rb'
+    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
+    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
+    - 'spec/controllers/concerns/extra_fields_spec.rb'
+    - 'spec/factories.rb'
+    - 'spec/factories/enterprise_factory.rb'
+    - 'spec/jobs/order_cycle_opened_job_spec.rb'
+    - 'spec/jobs/subscription_placement_job_spec.rb'
+    - 'spec/models/product_import/entry_validator_spec.rb'
+    - 'spec/requests/checkout/concurrency_spec.rb'
+
+# Offense count: 6
+# Configuration parameters: AllowComments.
+Lint/EmptyClass:
+  Exclude:
+    - 'spec/controllers/spree/admin/base_controller_spec.rb'
+    - 'spec/lib/reports/report_loader_spec.rb'
+
 # Offense count: 1
 # Configuration parameters: AllowComments.
 Lint/EmptyFile:
@@ -452,6 +530,26 @@ Lint/IneffectiveAccessModifier:
   Exclude:
     - 'app/models/spree/user.rb'
 
+# Offense count: 1
+Lint/NoReturnInBeginEndBlocks:
+  Exclude:
+    - 'app/controllers/payment_gateways/stripe_controller.rb'
+
+# Offense count: 2
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Lint/NonAtomicFileOperation:
+  Exclude:
+    - 'app/services/bulk_invoice_service.rb'
+
+# Offense count: 4
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Lint/RedundantDirGlobSort:
+  Exclude:
+    - 'engines/catalog/spec/spec_helper.rb'
+    - 'engines/dfc_provider/spec/spec_helper.rb'
+    - 'spec/base_spec_helper.rb'
+    - 'spec/system_helper.rb'
+
 # Offense count: 1
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: AllowedMethods.
@@ -482,14 +580,12 @@ Lint/UselessMethodDefinition:
   Exclude:
     - 'app/models/spree/gateway.rb'
 
-# Offense count: 13
+# Offense count: 3
 # Configuration parameters: CheckForMethodsWithNoSideEffects.
 Lint/Void:
   Exclude:
-    - 'spec/system/admin/order_cycles/complex_editing_spec.rb'
     - 'spec/system/admin/order_cycles/complex_updating_specific_time_spec.rb'
     - 'spec/system/admin/order_cycles/simple_spec.rb'
-    - 'spec/system/admin/order_spec.rb'
 
 # Offense count: 27
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes, Max.
@@ -560,8 +656,10 @@ Metrics/BlockNesting:
 Metrics/ClassLength:
   Exclude:
     - 'app/components/products_table_component.rb'
+    - 'app/controllers/admin/enterprise_fees_controller.rb'
     - 'app/controllers/admin/enterprises_controller.rb'
     - 'app/controllers/admin/order_cycles_controller.rb'
+    - 'app/controllers/admin/product_import_controller.rb'
     - 'app/controllers/admin/resource_controller.rb'
     - 'app/controllers/admin/schedules_controller.rb'
     - 'app/controllers/admin/subscriptions_controller.rb'
@@ -746,12 +844,6 @@ Naming/AccessorMethodName:
     - 'spec/support/request/shop_workflow.rb'
     - 'spec/support/request/web_helper.rb'
 
-# Offense count: 1
-# Configuration parameters: AsciiConstants.
-Naming/AsciiIdentifiers:
-  Exclude:
-    - 'spec/system/admin/products_spec.rb'
-
 # Offense count: 1
 # Configuration parameters: ForbiddenDelimiters.
 # ForbiddenDelimiters: (?i-mx:(^|\s)(EO[A-Z]{1}|END)(\s|$))
@@ -791,6 +883,40 @@ Naming/VariableNumber:
     - 'spec/models/spree/tax_rate_spec.rb'
     - 'spec/requests/api/orders_spec.rb'
 
+# Offense count: 9
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: ExpectedOrder, Include.
+# ExpectedOrder: index, show, new, edit, create, update, destroy
+# Include: app/controllers/**/*.rb
+Rails/ActionOrder:
+  Exclude:
+    - 'app/controllers/admin/resource_controller.rb'
+    - 'app/controllers/api/v0/orders_controller.rb'
+    - 'app/controllers/spree/admin/images_controller.rb'
+    - 'app/controllers/spree/admin/invoices_controller.rb'
+    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/controllers/spree/admin/taxons_controller.rb'
+    - 'app/controllers/spree/admin/variants_controller.rb'
+    - 'app/controllers/user_confirmations_controller.rb'
+
+# Offense count: 15
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Include.
+# Include: app/models/**/*.rb
+Rails/ActiveRecordCallbacksOrder:
+  Exclude:
+    - 'app/models/customer.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/enterprise_group.rb'
+    - 'app/models/enterprise_relationship.rb'
+    - 'app/models/spree/line_item.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/payment.rb'
+    - 'app/models/spree/product.rb'
+    - 'app/models/spree/return_authorization.rb'
+    - 'app/models/spree/user.rb'
+    - 'app/models/spree/variant.rb'
+
 # Offense count: 1
 # Configuration parameters: Severity, Include.
 # Include: app/models/**/*.rb
@@ -810,12 +936,6 @@ Rails/ApplicationJob:
   Exclude:
     - 'app/jobs/report_job.rb'
 
-# Offense count: 1
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/ApplicationMailer:
-  Exclude:
-    - 'app/mailers/spree/base_mailer.rb'
-
 # Offense count: 5
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: NilOrEmpty, NotPresent, UnlessPresent.
@@ -826,6 +946,45 @@ Rails/Blank:
     - 'engines/order_management/app/services/order_management/stock/package.rb'
     - 'lib/stripe/authorize_response_patcher.rb'
 
+# Offense count: 17
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/CompactBlank:
+  Exclude:
+    - 'app/controllers/spree/admin/users_controller.rb'
+    - 'app/models/concerns/address_display.rb'
+    - 'app/models/spree/zone.rb'
+    - 'app/services/order_cycle_form.rb'
+    - 'lib/reporting/report_headers_builder.rb'
+    - 'lib/reporting/report_ruler.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/parameters.rb'
+
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+Rails/DotSeparatedKeys:
+  Exclude:
+    - 'app/controllers/api/v1/base_controller.rb'
+
+# Offense count: 27
+# This cop supports safe autocorrection (--autocorrect).
+Rails/DurationArithmetic:
+  Exclude:
+    - 'app/services/create_order_cycle.rb'
+    - 'spec/jobs/order_cycle_closing_job_spec.rb'
+    - 'spec/jobs/order_cycle_opened_job_spec.rb'
+    - 'spec/services/permissions/order_spec.rb'
+    - 'spec/services/terms_of_service_spec.rb'
+    - 'spec/system/admin/bulk_order_management_spec.rb'
+    - 'spec/system/admin/order_cycles/list_spec.rb'
+    - 'spec/system/admin/orders_spec.rb'
+    - 'spec/system/admin/reports/orders_and_fulfillment_spec.rb'
+    - 'spec/system/admin/reports/packing_report_spec.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Rails/ExpandedDateRange:
+  Exclude:
+    - 'app/models/spree/product.rb'
+
 # Offense count: 5
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: slashes, arguments
@@ -894,17 +1053,38 @@ Rails/HelperInstanceVariable:
     - 'app/helpers/spree/admin/orders_helper.rb'
     - 'app/helpers/spree/orders_helper.rb'
 
-# Offense count: 37
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Include.
+# Include: app/controllers/**/*.rb
+Rails/I18nLazyLookup:
+  Exclude:
+    - 'app/controllers/admin/proxy_orders_controller.rb'
+
+# Offense count: 8
+# Configuration parameters: Include.
+# Include: spec/**/*.rb, test/**/*.rb
+Rails/I18nLocaleAssignment:
+  Exclude:
+    - 'spec/controllers/user_registrations_controller_spec.rb'
+    - 'spec/helpers/i18n_helper_spec.rb'
+    - 'spec/models/spree/variant_spec.rb'
+    - 'spec/system/admin/order_cycles/list_spec.rb'
+
+# Offense count: 3
+Rails/I18nLocaleTexts:
+  Exclude:
+    - 'app/controllers/admin/stripe_accounts_controller.rb'
+
+# Offense count: 27
 # Configuration parameters: IgnoreScopes, Include.
 # Include: app/models/**/*.rb
 Rails/InverseOf:
   Exclude:
-    - 'app/models/concerns/calculated_adjustments.rb'
     - 'app/models/enterprise.rb'
     - 'app/models/order_cycle.rb'
     - 'app/models/spree/adjustment.rb'
     - 'app/models/spree/country.rb'
-    - 'app/models/spree/credit_card.rb'
     - 'app/models/spree/inventory_unit.rb'
     - 'app/models/spree/line_item.rb'
     - 'app/models/spree/option_type.rb'
@@ -912,9 +1092,7 @@ Rails/InverseOf:
     - 'app/models/spree/payment.rb'
     - 'app/models/spree/price.rb'
     - 'app/models/spree/product.rb'
-    - 'app/models/spree/shipment.rb'
     - 'app/models/spree/stock_item.rb'
-    - 'app/models/spree/tax_rate.rb'
     - 'app/models/spree/taxonomy.rb'
     - 'app/models/spree/variant.rb'
     - 'app/models/subscription_line_item.rb'
@@ -944,6 +1122,19 @@ Rails/LexicallyScopedActionFilter:
     - 'app/controllers/spree/admin/zones_controller.rb'
     - 'app/controllers/spree/users_controller.rb'
 
+# Offense count: 9
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/NegateInclude:
+  Exclude:
+    - 'app/controllers/admin/resource_controller.rb'
+    - 'app/models/calculator/weight.rb'
+    - 'app/models/product_import/spreadsheet_entry.rb'
+    - 'app/models/spree/order/checkout.rb'
+    - 'app/services/order_cart_reset.rb'
+    - 'engines/order_management/app/services/order_management/stock/estimator.rb'
+    - 'lib/spree/localized_number.rb'
+    - 'spec/support/matchers/table_matchers.rb'
+
 # Offense count: 18
 Rails/OutputSafety:
   Exclude:
@@ -959,12 +1150,112 @@ Rails/OutputSafety:
     - 'lib/reporting/queries/query_interface.rb'
     - 'lib/spree/money.rb'
 
+# Offense count: 29
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/Pluck:
+  Exclude:
+    - 'app/controllers/admin/variant_overrides_controller.rb'
+    - 'app/helpers/shop_helper.rb'
+    - 'app/services/cart_service.rb'
+    - 'app/services/sets/product_set.rb'
+    - 'lib/reporting/report_headers_builder.rb'
+    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
+    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
+    - 'spec/controllers/api/v0/orders_controller_spec.rb'
+    - 'spec/controllers/api/v0/products_controller_spec.rb'
+    - 'spec/controllers/api/v0/shops_controller_spec.rb'
+    - 'spec/controllers/api/v0/states_controller_spec.rb'
+    - 'spec/controllers/api/v0/taxons_controller_spec.rb'
+    - 'spec/helpers/spree/admin/orders_helper_spec.rb'
+    - 'spec/lib/reports/lettuce_share_report_spec.rb'
+    - 'spec/lib/reports/users_and_enterprises_report_spec.rb'
+    - 'spec/serializers/api/admin/for_order_cycle/supplied_product_serializer_spec.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: conservative, aggressive
+Rails/PluckInWhere:
+  Exclude:
+    - 'app/models/spree/variant.rb'
+
+# Offense count: 28
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/RedundantPresenceValidationOnBelongsTo:
+  Exclude:
+    - 'app/models/enterprise.rb'
+    - 'app/models/enterprise_fee.rb'
+    - 'app/models/enterprise_group.rb'
+    - 'app/models/enterprise_relationship.rb'
+    - 'app/models/enterprise_role.rb'
+    - 'app/models/exchange.rb'
+    - 'app/models/inventory_item.rb'
+    - 'app/models/order_cycle.rb'
+    - 'app/models/spree/address.rb'
+    - 'app/models/spree/line_item.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/product.rb'
+    - 'app/models/spree/product_property.rb'
+    - 'app/models/spree/return_authorization.rb'
+    - 'app/models/spree/state.rb'
+    - 'app/models/spree/stock_item.rb'
+    - 'app/models/spree/stock_movement.rb'
+    - 'app/models/spree/tax_rate.rb'
+    - 'app/models/subscription_line_item.rb'
+    - 'app/models/tag_rule.rb'
+    - 'app/models/variant_override.rb'
+
 # Offense count: 1
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Rails/RelativeDateConstant:
   Exclude:
     - 'lib/tasks/data/remove_transient_data.rb'
 
+# Offense count: 58
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: Include.
+# Include: spec/controllers/**/*.rb, spec/requests/**/*.rb, test/controllers/**/*.rb, test/integration/**/*.rb
+Rails/ResponseParsedBody:
+  Exclude:
+    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/customers_controller_spec.rb'
+    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
+    - 'spec/controllers/admin/proxy_orders_controller_spec.rb'
+    - 'spec/controllers/admin/schedules_controller_spec.rb'
+    - 'spec/controllers/admin/stripe_accounts_controller_spec.rb'
+    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
+    - 'spec/controllers/cart_controller_spec.rb'
+    - 'spec/controllers/line_items_controller_spec.rb'
+    - 'spec/controllers/spree/admin/search_controller_spec.rb'
+    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
+    - 'spec/controllers/user_registrations_controller_spec.rb'
+
+# Offense count: 4
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/RootPathnameMethods:
+  Exclude:
+    - 'spec/lib/reports/orders_and_fulfillment/order_cycle_customer_totals_report_spec.rb'
+    - 'spec/models/content_configuration_spec.rb'
+    - 'spec/models/terms_of_service_file_spec.rb'
+    - 'spec/system/admin/configuration/terms_of_service_files_spec.rb'
+
+# Offense count: 13
+# This cop supports safe autocorrection (--autocorrect).
+Rails/RootPublicPath:
+  Exclude:
+    - 'app/controllers/concerns/request_timeouts.rb'
+    - 'lib/spree/core/controller_helpers/common.rb'
+    - 'spec/controllers/api/v0/product_images_controller_spec.rb'
+    - 'spec/controllers/api/v0/terms_and_conditions_controller_spec.rb'
+    - 'spec/models/terms_of_service_file_spec.rb'
+    - 'spec/system/admin/bulk_product_update_spec.rb'
+    - 'spec/system/admin/enterprises/terms_and_conditions_spec.rb'
+    - 'spec/system/consumer/shopping/checkout_spec.rb'
+    - 'spec/system/consumer/shopping/embedded_groups_spec.rb'
+    - 'spec/system/consumer/split_checkout_spec.rb'
+
 # Offense count: 4
 # Configuration parameters: ForbiddenMethods, AllowedMethods.
 # ForbiddenMethods: decrement!, decrement_counter, increment!, increment_counter, insert, insert!, insert_all, insert_all!, toggle!, touch, touch_all, update_all, update_attribute, update_column, update_columns, update_counters, upsert, upsert_all
@@ -973,6 +1264,24 @@ Rails/SkipsModelValidations:
     - 'app/models/variant_override.rb'
     - 'spec/models/spree/line_item_spec.rb'
 
+# Offense count: 3
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/SquishedSQLHeredocs:
+  Exclude:
+    - 'app/queries/customers_with_balance.rb'
+    - 'app/queries/outstanding_balance.rb'
+    - 'spec/queries/outstanding_balance_spec.rb'
+
+# Offense count: 24
+# This cop supports safe autocorrection (--autocorrect).
+Rails/StripHeredoc:
+  Exclude:
+    - 'app/models/content_configuration.rb'
+    - 'app/queries/customers_with_balance.rb'
+    - 'app/queries/outstanding_balance.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
+    - 'lib/tasks/data/truncate_data.rake'
+
 # Offense count: 4
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
@@ -984,6 +1293,11 @@ Rails/TimeZone:
     - 'spec/models/spree/tax_rate_spec.rb'
     - 'spec/services/customer_order_cancellation_spec.rb'
 
+# Offense count: 1
+Rails/TransactionExitStatement:
+  Exclude:
+    - 'app/services/place_proxy_order.rb'
+
 # Offense count: 5
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
@@ -1002,6 +1316,77 @@ Rails/UnknownEnv:
   Exclude:
     - 'app/models/spree/app_configuration.rb'
 
+# Offense count: 55
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/WhereEquals:
+  Exclude:
+    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/mailers/producer_mailer.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/enterprise_fee.rb'
+    - 'app/models/enterprise_group.rb'
+    - 'app/models/enterprise_relationship.rb'
+    - 'app/models/exchange.rb'
+    - 'app/models/order_cycle.rb'
+    - 'app/models/product_import/entry_processor.rb'
+    - 'app/models/proxy_order.rb'
+    - 'app/models/schedule.rb'
+    - 'app/models/spree/line_item.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/payment_method.rb'
+    - 'app/models/spree/product.rb'
+    - 'app/models/spree/shipping_method.rb'
+    - 'app/models/spree/variant.rb'
+    - 'app/models/subscription.rb'
+    - 'app/queries/payments_requiring_action.rb'
+    - 'app/serializers/api/enterprise_shopfront_serializer.rb'
+    - 'app/serializers/api/order_serializer.rb'
+    - 'lib/open_food_network/enterprise_fee_calculator.rb'
+    - 'lib/open_food_network/order_cycle_permissions.rb'
+    - 'lib/reporting/reports/customers/base.rb'
+    - 'lib/reporting/reports/products_and_inventory/base.rb'
+    - 'lib/tasks/data.rake'
+    - 'lib/tasks/data/anonymize_data.rake'
+    - 'lib/tasks/data/remove_transient_data.rb'
+    - 'spec/services/product_tag_rules_filterer_spec.rb'
+
+# Offense count: 8
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: exists, where
+Rails/WhereExists:
+  Exclude:
+    - 'app/controllers/spree/admin/overview_controller.rb'
+    - 'app/controllers/spree/admin/tax_rates_controller.rb'
+    - 'app/controllers/spree/user_sessions_controller.rb'
+    - 'app/models/spree/preferences/store.rb'
+    - 'lib/tasks/sample_data/customer_factory.rb'
+    - 'lib/tasks/sample_data/group_factory.rb'
+    - 'lib/tasks/sample_data/order_cycle_factory.rb'
+    - 'lib/tasks/sample_data/taxon_factory.rb'
+
+# Offense count: 24
+# This cop supports safe autocorrection (--autocorrect).
+Rails/WhereNot:
+  Exclude:
+    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/models/concerns/permalink_generator.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/enterprise_fee.rb'
+    - 'app/models/enterprise_relationship.rb'
+    - 'app/models/product_import/inventory_reset_strategy.rb'
+    - 'app/models/proxy_order.rb'
+    - 'app/models/spree/credit_card.rb'
+    - 'app/models/spree/product.rb'
+    - 'app/models/spree/variant.rb'
+    - 'app/models/spree/zone.rb'
+    - 'app/models/variant_override.rb'
+    - 'app/services/cap_quantity.rb'
+    - 'engines/catalog/app/services/catalog/product_import/products_reset_strategy.rb'
+    - 'engines/order_management/app/services/order_management/subscriptions/proxy_order_syncer.rb'
+    - 'lib/reporting/reports/users_and_enterprises/base.rb'
+    - 'lib/tasks/data/anonymize_data.rake'
+
 # Offense count: 1
 Security/Open:
   Exclude:
@@ -1020,14 +1405,6 @@ Style/CaseEquality:
   Exclude:
     - 'spec/models/spree/payment_spec.rb'
 
-# Offense count: 3
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/CaseLikeIf:
-  Exclude:
-    - 'app/controllers/admin/order_cycles_controller.rb'
-    - 'app/models/calculator/weight.rb'
-    - 'app/models/spree/payment/processing.rb'
-
 # Offense count: 25
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
@@ -1063,6 +1440,27 @@ Style/ClassVars:
   Exclude:
     - 'lib/spree/core/delegate_belongs_to.rb'
 
+# Offense count: 9
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowedVars.
+Style/FetchEnvVar:
+  Exclude:
+    - 'app/helpers/discourse_helper.rb'
+    - 'app/models/spree/preferences/configuration.rb'
+    - 'app/models/spree/preferences/preferable.rb'
+    - 'app/services/default_country.rb'
+    - 'spec/base_spec_helper.rb'
+    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
+    - 'spec/models/order_balance_spec.rb'
+    - 'spec/support/vcr_setup.rb'
+
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+Style/FileRead:
+  Exclude:
+    - 'lib/tasks/karma.rake'
+    - 'spec/services/upload_sanitizer_spec.rb'
+
 # Offense count: 2
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: MaxUnannotatedPlaceholdersAllowed, AllowedMethods, AllowedPatterns.
@@ -1117,27 +1515,36 @@ Style/GuardClause:
     - 'spec/support/request/shop_workflow.rb'
     - 'spec/system/support/precompile_assets.rb'
 
+# Offense count: 12
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowSplatArgument.
+Style/HashConversion:
+  Exclude:
+    - 'app/controllers/admin/column_preferences_controller.rb'
+    - 'app/controllers/admin/variant_overrides_controller.rb'
+    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/models/order_cycle.rb'
+    - 'app/models/product_import/product_importer.rb'
+    - 'app/models/spree/shipping_method.rb'
+    - 'app/serializers/api/admin/exchange_serializer.rb'
+    - 'app/services/variants_stock_levels.rb'
+    - 'spec/controllers/admin/inventory_items_controller_spec.rb'
+    - 'spec/controllers/admin/variant_overrides_controller_spec.rb'
+
 # Offense count: 1
 # Configuration parameters: MinBranchesCount.
 Style/HashLikeCase:
   Exclude:
     - 'app/models/enterprise.rb'
 
-# Offense count: 11
+# Offense count: 4
 # This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: InverseMethods, InverseBlocks.
-Style/InverseMethods:
+Style/MapToHash:
   Exclude:
-    - 'app/controllers/admin/resource_controller.rb'
-    - 'app/models/calculator/weight.rb'
-    - 'app/models/product_import/spreadsheet_entry.rb'
-    - 'app/models/spree/order/checkout.rb'
-    - 'app/models/spree/order_contents.rb'
-    - 'app/models/spree/payment.rb'
-    - 'app/services/order_cart_reset.rb'
-    - 'engines/order_management/app/services/order_management/stock/estimator.rb'
-    - 'lib/spree/localized_number.rb'
-    - 'spec/support/matchers/table_matchers.rb'
+    - 'lib/reporting/report_query_template.rb'
+    - 'lib/reporting/report_row_builder.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/base.rb'
+    - 'lib/tasks/sample_data/user_factory.rb'
 
 # Offense count: 3
 Style/MissingRespondToMissing:
@@ -1152,6 +1559,13 @@ Style/MultilineTernaryOperator:
   Exclude:
     - 'spec/system/admin/subscriptions_spec.rb'
 
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+Style/NegatedIfElseCondition:
+  Exclude:
+    - 'app/mailers/spree/shipment_mailer.rb'
+    - 'spec/support/matchers/table_matchers.rb'
+
 # Offense count: 22
 # This cop supports safe autocorrection (--autocorrect).
 Style/NestedModifier:
@@ -1167,13 +1581,18 @@ Style/NestedModifier:
     - 'spec/system/admin/payments_stripe_spec.rb'
     - 'spec/system/admin/reports_spec.rb'
 
-# Offense count: 1
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowedMethods.
-# AllowedMethods: be, be_a, be_an, be_between, be_falsey, be_kind_of, be_instance_of, be_truthy, be_within, eq, eql, end_with, include, match, raise_error, respond_to, start_with
-Style/NestedParenthesizedCalls:
+# Offense count: 36
+Style/OpenStructUse:
   Exclude:
-    - 'spec/system/admin/products_spec.rb'
+    - 'app/helpers/injection_helper.rb'
+    - 'app/models/spree/shipment.rb'
+    - 'lib/open_food_network/enterprise_fee_calculator.rb'
+    - 'lib/reporting/report_row_builder.rb'
+    - 'lib/reporting/report_rows_builder.rb'
+    - 'spec/lib/reports/report_renderer_spec.rb'
+    - 'spec/lib/reports/report_spec.rb'
+    - 'spec/lib/reports/users_and_enterprises_report_spec.rb'
+    - 'spec/serializers/api/enterprise_serializer_spec.rb'
 
 # Offense count: 16
 # Configuration parameters: AllowedMethods.
@@ -1207,12 +1626,70 @@ Style/PreferredHashMethods:
   Exclude:
     - 'app/controllers/api/v0/shipments_controller.rb'
 
+# Offense count: 16
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: same_as_string_literals, single_quotes, double_quotes
+Style/QuotedSymbols:
+  Exclude:
+    - 'app/services/exchange_products_renderer.rb'
+    - 'lib/stripe/credit_card_cloner.rb'
+    - 'spec/controllers/api/v0/exchange_products_controller_spec.rb'
+    - 'spec/requests/api/orders_spec.rb'
+    - 'spec/requests/api/v1/customers_spec.rb'
+    - 'spec/support/request/stripe_stubs.rb'
+
+# Offense count: 3
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: Methods.
+Style/RedundantArgument:
+  Exclude:
+    - 'engines/dfc_provider/app/services/authorization_control.rb'
+    - 'spec/support/query_counter.rb'
+
+# Offense count: 15
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantConstantBase:
+  Exclude:
+    - 'app/controllers/checkout_controller.rb'
+    - 'app/controllers/split_checkout_controller.rb'
+    - 'app/controllers/webhook_endpoints_controller.rb'
+    - 'config.ru'
+    - 'spec/base_spec_helper.rb'
+    - 'spec/helpers/checkout_helper_spec.rb'
+    - 'spec/models/spree/order_spec.rb'
+    - 'spec/models/spree/payment_method_spec.rb'
+    - 'spec/models/spree/payment_spec.rb'
+    - 'spec/queries/complete_visible_orders_spec.rb'
+    - 'spec/services/paypal_items_builder_spec.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantDoubleSplatHashBraces:
+  Exclude:
+    - 'spec/system/support/cuprite_setup.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AllowComments.
+Style/RedundantInitialize:
+  Exclude:
+    - 'spec/models/spree/gateway_spec.rb'
+
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
 Style/RedundantRegexpEscape:
   Exclude:
     - 'app/models/spree/order.rb'
 
+# Offense count: 4
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantStringEscape:
+  Exclude:
+    - 'app/models/spree/calculator.rb'
+    - 'spec/controllers/spree/admin/shipping_methods_controller_spec.rb'
+    - 'spec/system/admin/enterprise_fees_spec.rb'
+
 # Offense count: 206
 Style/Send:
   Exclude:

CONTRIBUTING.md

@@ -57,6 +57,7 @@ TL;DR:
 * Maintain a clean commit history
 * Use a style consistent with the rest of the codebase
 * Before submitting, [rebase your work][rebase] on the current master branch
+* After submitting, be sure to check the [CI test results](ci). Click on a ❌ result to view the logged results and investigate.
 
 From here, your pull request will progress through the [Review, Test, Merge & Deploy process][process].
 
@@ -70,4 +71,5 @@ From here, your pull request will progress through the [Review, Test, Merge & De
 [slack-dev]: https://openfoodnetwork.slack.com/messages/C2GQ45KNU
 [ofn-transifex]: https://www.transifex.com/open-food-foundation/open-food-network/
 [i18n]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Internationalisation-%28i18n%29
-[welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/2
+[welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/5
+[ci]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Continuous-Integration

Gemfile

@@ -14,11 +14,11 @@ gem "aws-sdk-s3", require: false
 gem "image_processing"
 
 gem 'activemerchant', '>= 1.78.0'
-gem 'rexml'
 gem 'angular-rails-templates', '>= 0.3.0'
 gem 'awesome_nested_set'
 gem 'ransack', '~> 2.6.0'
 gem 'responders'
+gem 'rexml'
 gem 'webpacker', '~> 5'
 
 gem 'i18n'
@@ -63,6 +63,7 @@ gem 'devise-token_authenticatable'
 gem 'jwt', '~> 2.3'
 gem 'oauth2', '~> 1.4.7' # Used for Stripe Connect
 
+gem 'datafoodconsortium-connector'
 gem 'jsonapi-serializer'
 gem 'pagy', '~> 5.1'
 
@@ -70,8 +71,8 @@ gem 'rswag-api'
 gem 'rswag-ui'
 
 gem 'omniauth_openid_connect'
-gem 'openid_connect', '~> 1.3'
 gem 'omniauth-rails_csrf_protection'
+gem 'openid_connect', '~> 1.3'
 
 gem 'angularjs-rails', '1.8.0'
 gem 'bugsnag'
@@ -92,6 +93,7 @@ gem 'gmaps4rails'
 gem 'mimemagic', '> 0.3.5'
 gem 'paper_trail', '~> 12.1'
 gem 'rack-rewrite'
+gem 'rack-timeout'
 gem 'roadie-rails'
 
 gem 'hiredis'
@@ -141,7 +143,6 @@ gem "private_address_check"
 
 group :production, :staging do
   gem 'ddtrace'
-  gem 'rack-timeout'
   gem 'sd_notify' # For better Systemd process management. Used by Puma.
 end
 
@@ -150,6 +151,7 @@ group :test, :development do
   gem 'capybara'
   gem 'cuprite'
   gem 'database_cleaner', require: false
+  gem 'debug', '>= 1.0.0'
   gem "factory_bot_rails", '6.2.0', require: false
   gem 'fuubar', '~> 2.5.1'
   gem 'json_spec', '~> 1.1.4'
@@ -160,7 +162,6 @@ group :test, :development do
   gem 'rswag-specs'
   gem 'shoulda-matchers'
   gem 'timecop'
-  gem 'debug', '>= 1.0.0'
 end
 
 group :test do
@@ -175,10 +176,11 @@ end
 
 group :development do
   gem 'debugger-linecache'
-  gem 'rails-erd'
   gem 'foreman'
   gem 'listen'
   gem 'pry', '~> 0.13.0'
+  gem 'query_count'
+  gem 'rails-erd'
   gem 'rubocop'
   gem 'rubocop-rails'
   gem 'spring'

Gemfile.lock

@@ -137,7 +137,7 @@ GEM
       activerecord (>= 6.0, < 7.1)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
-    addressable (2.8.2)
+    addressable (2.8.4)
       public_suffix (>= 2.0.2, < 6.0)
     aes_key_wrap (1.1.0)
     afm (0.2.2)
@@ -157,16 +157,16 @@ GEM
     awesome_nested_set (3.5.0)
       activerecord (>= 4.0.0, < 7.1)
     aws-eventstream (1.2.0)
-    aws-partitions (1.739.0)
-    aws-sdk-core (3.171.0)
+    aws-partitions (1.760.0)
+    aws-sdk-core (3.171.1)
       aws-eventstream (~> 1, >= 1.0.2)
       aws-partitions (~> 1, >= 1.651.0)
       aws-sigv4 (~> 1.5)
       jmespath (~> 1, >= 1.6.1)
-    aws-sdk-kms (1.63.0)
+    aws-sdk-kms (1.64.0)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.120.0)
+    aws-sdk-s3 (1.122.0)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.4)
@@ -191,7 +191,7 @@ GEM
       railties (>= 5.2)
       thread-local (>= 1.1.0)
     cancancan (1.15.0)
-    capybara (3.39.0)
+    capybara (3.39.1)
       addressable
       matrix
       mini_mime (>= 0.1.3)
@@ -219,7 +219,7 @@ GEM
       matrix
       ruby-rc4 (>= 0.1.5)
     concurrent-ruby (1.2.2)
-    connection_pool (2.3.0)
+    connection_pool (2.4.0)
     crack (0.4.5)
       rexml
     crass (1.0.6)
@@ -234,14 +234,16 @@ GEM
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
+    datafoodconsortium-connector (1.0.0.pre.alpha.6)
+      virtual_assembly-semantizer (~> 1.0, >= 1.0.4)
     date (3.3.3)
-    ddtrace (1.10.1)
+    ddtrace (1.11.1)
       debase-ruby_core_source (>= 0.10.16, <= 3.2.0)
       libdatadog (~> 2.0.0.1.0)
-      libddwaf (~> 1.6.2.0.0)
+      libddwaf (~> 1.8.2.0.0)
       msgpack
     debase-ruby_core_source (3.2.0)
-    debug (1.7.2)
+    debug (1.8.0)
       irb (>= 1.5.0)
       reline (>= 0.3.1)
     debugger-linecache (1.2.0)
@@ -338,7 +340,7 @@ GEM
     hiredis (0.6.3)
     htmlentities (4.3.4)
     httpclient (2.8.3)
-    i18n (1.12.0)
+    i18n (1.13.0)
       concurrent-ruby (~> 1.0)
     i18n-js (3.9.2)
       i18n (>= 0.6.6)
@@ -349,7 +351,7 @@ GEM
       activerecord (>= 3.0)
     io-console (0.6.0)
     ipaddress (0.8.3)
-    irb (1.6.3)
+    irb (1.6.4)
       reline (>= 0.3.0)
     jmespath (1.6.2)
     jquery-rails (4.4.0)
@@ -359,12 +361,20 @@ GEM
     jquery-ui-rails (4.2.1)
       railties (>= 3.2.16)
     json (2.6.3)
+    json-canonicalization (0.3.1)
     json-jwt (1.16.3)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
       faraday (~> 2.0)
       faraday-follow_redirects
+    json-ld (3.2.3)
+      htmlentities (~> 4.3)
+      json-canonicalization (~> 0.3)
+      link_header (~> 0.0, >= 0.0.8)
+      multi_json (~> 1.15)
+      rack (~> 2.2)
+      rdf (~> 3.2, >= 3.2.9)
     json-schema (3.0.0)
       addressable (>= 2.8)
     json_spec (1.1.5)
@@ -373,22 +383,23 @@ GEM
     jsonapi-serializer (2.2.0)
       activesupport (>= 4.2)
     jwt (2.7.0)
-    knapsack_pro (3.9.0)
+    knapsack_pro (3.11.0)
       rake
     launchy (2.5.0)
       addressable (~> 2.7)
     letter_opener (1.8.1)
       launchy (>= 2.2, < 3)
     libdatadog (2.0.0.1.0)
-    libddwaf (1.6.2.0.0)
+    libddwaf (1.8.2.0.0)
       ffi (~> 1.0)
     libv8-node (16.10.0.0)
+    link_header (0.0.8)
     listen (3.8.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.20.0)
+    loofah (2.21.2)
       crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
+      nokogiri (>= 1.12.0)
     mail (2.8.1)
       mini_mime (>= 0.1.1)
       net-imap
@@ -405,7 +416,7 @@ GEM
       rake
     mini_magick (4.11.0)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.1)
+    mini_portile2 (2.8.2)
     mini_racer (0.6.3)
       libv8-node (~> 16.10.0.0)
     minitest (5.18.0)
@@ -413,7 +424,7 @@ GEM
       money (~> 6.12)
     money (6.16.0)
       i18n (>= 0.6.4, <= 2)
-    msgpack (1.6.1)
+    msgpack (1.7.0)
     multi_json (1.15.0)
     multi_xml (0.6.0)
     net-imap (0.3.4)
@@ -425,8 +436,8 @@ GEM
       timeout
     net-smtp (0.3.3)
       net-protocol
-    nio4r (2.5.8)
-    nokogiri (1.14.2)
+    nio4r (2.5.9)
+    nokogiri (1.14.4)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     oauth2 (1.4.11)
@@ -462,10 +473,10 @@ GEM
     paper_trail (12.3.0)
       activerecord (>= 5.2)
       request_store (~> 1.1)
-    parallel (1.22.1)
+    parallel (1.23.0)
     paranoia (2.6.1)
       activerecord (>= 5.1, < 7.1)
-    parser (3.2.2.0)
+    parser (3.2.2.1)
       ast (~> 2.4.1)
     paypal-sdk-core (0.3.4)
       multi_json (~> 1.0)
@@ -479,17 +490,20 @@ GEM
       ruby-rc4
       ttfunk
     pg (1.2.3)
-    power_assert (2.0.2)
+    power_assert (2.0.3)
     private_address_check (0.5.0)
     pry (0.13.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
     public_suffix (5.0.1)
-    puma (6.2.1)
+    puma (6.2.2)
       nio4r (~> 2.0)
+    query_count (1.1.1)
+      activerecord (>= 4.2)
+      railties (>= 4.2)
     raabro (1.4.0)
     racc (1.6.2)
-    rack (2.2.6.4)
+    rack (2.2.7)
     rack-mini-profiler (2.3.4)
       rack (>= 1.2.0)
     rack-oauth2 (1.21.3)
@@ -534,7 +548,7 @@ GEM
       ruby-graphviz (~> 1.2)
     rails-html-sanitizer (1.5.0)
       loofah (~> 2.19, >= 2.19.1)
-    rails-i18n (7.0.6)
+    rails-i18n (7.0.7)
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 8)
     rails_safe_tasks (1.0.0)
@@ -554,11 +568,13 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
+    rdf (3.2.9)
+      link_header (~> 0.0, >= 0.0.8)
     redcarpet (3.6.0)
     redis (4.8.1)
-    redis-client (0.14.0)
+    redis-client (0.14.1)
       connection_pool
-    regexp_parser (2.7.0)
+    regexp_parser (2.8.0)
     reline (0.3.3)
       io-console (~> 0.5)
     request_store (1.5.1)
@@ -583,36 +599,36 @@ GEM
       rspec-core (~> 3.12.0)
       rspec-expectations (~> 3.12.0)
       rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.1)
+    rspec-core (3.12.2)
       rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.2)
+    rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.3)
+    rspec-mocks (3.12.5)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-rails (6.0.1)
+    rspec-rails (6.0.2)
       actionpack (>= 6.1)
       activesupport (>= 6.1)
       railties (>= 6.1)
-      rspec-core (~> 3.11)
-      rspec-expectations (~> 3.11)
-      rspec-mocks (~> 3.11)
-      rspec-support (~> 3.11)
+      rspec-core (~> 3.12)
+      rspec-expectations (~> 3.12)
+      rspec-mocks (~> 3.12)
+      rspec-support (~> 3.12)
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
     rspec-support (3.12.0)
-    rswag-api (2.8.0)
+    rswag-api (2.9.0)
       railties (>= 3.1, < 7.1)
-    rswag-specs (2.8.0)
+    rswag-specs (2.9.0)
       activesupport (>= 3.1, < 7.1)
       json-schema (>= 2.2, < 4.0)
       railties (>= 3.1, < 7.1)
       rspec-core (>= 2.14)
-    rswag-ui (2.8.0)
+    rswag-ui (2.9.0)
       actionpack (>= 3.1, < 7.1)
       railties (>= 3.1, < 7.1)
-    rubocop (1.49.0)
+    rubocop (1.51.0)
       json (~> 2.3)
       parallel (~> 1.10)
       parser (>= 3.2.0.0)
@@ -622,9 +638,9 @@ GEM
       rubocop-ast (>= 1.28.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.0)
+    rubocop-ast (1.28.1)
       parser (>= 3.2.1.0)
-    rubocop-rails (2.18.0)
+    rubocop-rails (2.19.1)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.33.0, < 2.0)
@@ -652,11 +668,11 @@ GEM
     semantic_range (3.0.0)
     shoulda-matchers (5.3.0)
       activesupport (>= 5.2.0)
-    sidekiq (7.0.7)
+    sidekiq (7.1.0)
       concurrent-ruby (< 2)
       connection_pool (>= 2.3.0)
       rack (>= 2.2.4)
-      redis-client (>= 0.11.0)
+      redis-client (>= 0.14.0)
     sidekiq-scheduler (5.0.2)
       rufus-scheduler (~> 3.2)
       sidekiq (>= 6, < 8)
@@ -697,16 +713,16 @@ GEM
       rack (>= 2, < 4)
       railties (>= 5.2, < 8)
       redis (>= 4.0, < 6.0)
-    stringex (2.8.5)
-    stripe (8.3.0)
+    stringex (2.8.6)
+    stripe (8.5.0)
     swd (1.3.0)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.4)
     temple (0.8.2)
-    test-unit (3.5.7)
+    test-unit (3.5.8)
       power_assert
-    thor (1.2.1)
+    thor (1.2.2)
     thread-local (1.1.0)
     tilt (2.1.0)
     timecop (0.9.6)
@@ -726,7 +742,7 @@ GEM
       activemodel (>= 3.0.0)
       public_suffix
     vcr (6.1.0)
-    view_component (2.82.0)
+    view_component (3.0.0)
       activesupport (>= 5.2.0, < 8.0)
       concurrent-ruby (~> 1.0)
       method_source (~> 1.0)
@@ -734,6 +750,8 @@ GEM
       rails (>= 5.2, < 8.0)
       stimulus_reflex (>= 3.5.0.pre2)
       view_component (>= 2.28.0)
+    virtual_assembly-semantizer (1.0.4)
+      json-ld (~> 3.2, >= 3.2.3)
     warden (1.2.9)
       rack (>= 2.0.9)
     web-console (4.2.0)
@@ -765,7 +783,7 @@ GEM
     xml-simple (1.1.8)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.6.7)
+    zeitwerk (2.6.8)
 
 PLATFORMS
   ruby
@@ -799,6 +817,7 @@ DEPENDENCIES
   combine_pdf
   cuprite
   database_cleaner
+  datafoodconsortium-connector
   db2fog!
   ddtrace
   debug (>= 1.0.0)
@@ -857,6 +876,7 @@ DEPENDENCIES
   private_address_check
   pry (~> 0.13.0)
   puma
+  query_count
   rack-mini-profiler (< 3.0.0)
   rack-rewrite
   rack-timeout

Procfile

@@ -1,5 +1,5 @@
 # Foreman Procfile. Start all dev server processes with: `foreman start`
 
-rails:      bundle exec rails s -p 3000
+rails:      DEV_CACHING=true bundle exec rails s -p 3000
 webpack:    ./bin/webpack-dev-server
-sidekiq:    bundle exec sidekiq -q mailers -q default
+sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default

app/assets/javascripts/admin/admin_ofn.js.coffee

@@ -12,5 +12,6 @@ angular.module("ofn.admin", [
   "admin.orders"
 ]).config ($httpProvider, $locationProvider, $qProvider) ->
   $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"
+  # for the next line, you should also probably check file: app/assets/javascripts/admin/utils/utils.js.coffee
   $locationProvider.hashPrefix('')
   $qProvider.errorOnUnhandledRejections(false)

app/assets/javascripts/admin/index_utils/services/sort_options.js.coffee

@@ -11,5 +11,6 @@ angular.module("admin.indexUtils").factory 'SortOptions', ->
       sortingExpr
 
     toggle: (predicate) ->
-      @reverse = (@predicate == predicate) && !@reverse
+      # predicate is a string or an array of strings
+      @reverse = (JSON.stringify(@predicate) == JSON.stringify(predicate)) && !@reverse
       @predicate = predicate

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -17,10 +17,12 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   ]
   $scope.page = 1
   $scope.per_page = $scope.per_page_options[0].id
+  $scope.filterByVariantId = null
   searchThrough = ["order_distributor_name",
     "order_bill_address_phone",
     "order_bill_address_firstname",
     "order_bill_address_lastname",
+    "order_bill_address_full_name",
     "variant_product_supplier_name",
     "order_email",
     "order_number",
@@ -68,6 +70,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
 
     RequestMonitor.load LineItems.index(
       "q[#{searchThrough}]": $scope.query,
+      "q[variant_id_eq]": $scope.filterByVariantId if $scope.filterByVariantId,
       "q[order_state_not_eq]": "canceled",
       "q[order_shipment_state_not_eq]": "shipped",
       "q[order_completed_at_not_null]": "true",
@@ -119,16 +122,16 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     else
       StatusMessage.display 'failure', t "unsaved_changes_error"
 
-  $scope.cancelOrder = (order, sendEmailCancellation) ->
+  $scope.cancelOrder = (order, sendEmailCancellation, restock_items) ->
     return $http(
       method: 'GET'
-      url: "/admin/orders/#{order.number}/fire?e=cancel&send_cancellation_email=#{sendEmailCancellation}")
+      url: "/admin/orders/#{order.number}/fire?e=cancel&send_cancellation_email=#{sendEmailCancellation}&restock_items=#{restock_items}")
   
   $scope.deleteLineItem = (lineItem) ->
     if lineItem.order.item_count == 1
-      ofnCancelOrderAlert((confirm, sendEmailCancellation) ->
+      ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) ->
         if confirm
-          $scope.cancelOrder(lineItem.order, sendEmailCancellation).then(->
+          $scope.cancelOrder(lineItem.order, sendEmailCancellation, restock_items).then(->
             $scope.refreshData()
           )
         else
@@ -150,11 +153,11 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
       willCancelOrders = true if (order.item_count == itemsPerOrder.get(order).length)
 
     if willCancelOrders
-      ofnCancelOrderAlert((confirm, sendEmailCancellation) ->
+      ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) ->
         if confirm
           itemsPerOrder.forEach (items, order) =>
             if order.item_count == items.length
-              $scope.cancelOrder(order, sendEmailCancellation).then(-> $scope.refreshData())
+              $scope.cancelOrder(order, sendEmailCancellation, restock_items).then(-> $scope.refreshData())
             else
               Promise.all(LineItems.delete(item) for item in items).then(-> $scope.refreshData())
       , "js.admin.deleting_item_will_cancel_order")   
@@ -176,6 +179,17 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   $scope.setSelectedUnitsVariant = (unitsProduct,unitsVariant) ->
     $scope.selectedUnitsProduct = unitsProduct
     $scope.selectedUnitsVariant = unitsVariant
+    $scope.filterByVariantId = unitsVariant.id
+    $scope.page = 1
+    $scope.refreshData()
+
+  $scope.resetSelectedUnitsVariant = ->
+    $scope.selectedUnitsProduct = { }
+    $scope.selectedUnitsVariant = { }
+    $scope.filterByVariantId = null
+    $scope.sharedResource = false
+    $scope.page = 1
+    $scope.refreshData()
 
   $scope.getLineItemScale = (lineItem) ->
     if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume") 

app/assets/javascripts/admin/line_items/filters/variant_filter.js.coffee

@@ -1,6 +0,0 @@
-angular.module("admin.lineItems").filter "variantFilter", ->
-    return (lineItems,selectedUnitsProduct,selectedUnitsVariant,sharedResource) ->
-      filtered = []
-      filtered.push lineItem for lineItem in lineItems when (angular.equals(selectedUnitsProduct,{}) ||
-        (lineItem.units_product.id == selectedUnitsProduct.id && (sharedResource || lineItem.units_variant.id == selectedUnitsVariant.id ) ) )
-      filtered

app/assets/javascripts/admin/spree/orders/shipments.js.erb

@@ -15,7 +15,7 @@ $(document).ready(function() {
       console.log(msg);
     });
   }
-  $('[data-hook=admin_order_edit_form] a.ship').click(handle_ship_click);
+  $('.admin-order-edit-form a.ship').click(handle_ship_click);
 
   //handle shipping method edit click
   $('a.edit-method').click(toggleMethodEdit);
@@ -37,7 +37,7 @@ $(document).ready(function() {
       console.log(msg);
     });
   }
-  $('[data-hook=admin_order_edit_form] a.save-method').click(handle_shipping_method_save);
+  $('.admin-order-edit-form a.save-method').click(handle_shipping_method_save);
 
   //handle tracking info edit/delete
 
@@ -64,8 +64,8 @@ $(document).ready(function() {
     return Spree.url( Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipmentNumber + ".json");
   }
 
-  $('[data-hook=admin_order_edit_form] a.save-tracking').click(saveTrackingInfo);
-  $('[data-hook=admin_order_edit_form] a.delete-tracking').click(deleteTrackingInfo);
+  $('.admin-order-edit-form a.save-tracking').click(saveTrackingInfo);
+  $('.admin-order-edit-form a.delete-tracking').click(deleteTrackingInfo);
 
   // handle note edit/delete
 
@@ -96,8 +96,8 @@ $(document).ready(function() {
     }); 
   }
 
-  $('[data-hook=admin_order_edit_form] a.save-note').click(saveNote);
-  $('[data-hook=admin_order_edit_form] a.delete-note').click(deleteNote);
+  $('.admin-order-edit-form a.save-note').click(saveNote);
+  $('.admin-order-edit-form a.delete-note').click(deleteNote);
 
   // Makes API call for notes/tracking info
   makeApiCall = function(url, params) {

app/assets/javascripts/admin/spree/orders/variant_autocomplete.js.erb

@@ -4,7 +4,8 @@ $(document).ready(function() {
 
   initAlert()
   initConfirm()
-  initCancelOrder()
+  initButtonCancel()
+  initLinkCancel()
 
   if ($('#variant_autocomplete_template').length > 0) {
     window.variantTemplate = Handlebars.compile($('#variant_autocomplete_template').text());
@@ -99,6 +100,7 @@ adjustItems = function(shipment_number, variant_id, quantity, restock_item){
         doAdjustItems(shipment_number, variant_id, quantity, inventory_units, restock_item, () => {
           var redirectTo = new URL(Spree.routes.cancel_order.toString());
           redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
+          redirectTo.searchParams.append("restock_item", restock_item);
           window.location.href = redirectTo.toString();
         });
       }
@@ -276,17 +278,23 @@ ofnConfirm = function(callback) {
   $('#custom-confirm').show();
 }
 
-initCancelOrder = function() {
-    $('#cancel_order_form').submit(function(e){
-        ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) => {
-            if (confirm) {
-                var redirectTo = new URL(Spree.routes.cancel_order.toString());
-                redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
-                redirectTo.searchParams.append("restock_items", restock_items);
-                window.location.href = redirectTo.toString();
-            }
-        });
-        e.preventDefault();
-        return false;
+initCancelAction = function(e){
+  ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) => {
+      if (confirm) {
+          var redirectTo = new URL(Spree.routes.cancel_order.toString());
+          redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
+          redirectTo.searchParams.append("restock_items", restock_items);
+          window.location.href = redirectTo.toString();
+      }
     });
+  e.preventDefault();
+  return false;
+};
+
+initButtonCancel = function() {
+  $('#cancel_order_form').submit(initCancelAction)
+}
+
+initLinkCancel = function() {
+  $('#links-dropdown a[href$="cancel"]').click(initCancelAction);
 }

app/assets/javascripts/admin/utils/utils.js.coffee

@@ -1,3 +1,4 @@
 angular.module("admin.utils", ["templates", "ngSanitize"]).config ($httpProvider, $locationProvider) ->
+ # for the next line, you should also probably check file: app/assets/javascripts/admin/admin_ofn.js.coffee
  $locationProvider.hashPrefix('')
  $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"

app/assets/javascripts/darkswarm/services/enterprise_modal.js.coffee

@@ -2,6 +2,7 @@ angular.module('Darkswarm').factory "EnterpriseModal", ($modal, $rootScope, $htt
   # Build a modal popup for an enterprise.
   new class EnterpriseModal
     open: (enterprise)->
+      return if enterprise.visible == 'hidden'
       scope = $rootScope.$new(true) # Spawn an isolate to contain the enterprise
       scope.embedded_layout = window.location.search.indexOf("embedded_shopfront=true") != -1
 

app/components/confirm_modal_component.rb

@@ -1,9 +1,10 @@
 # frozen_string_literal: true
 
 class ConfirmModalComponent < ModalComponent
-  def initialize(id:, confirm_actions: nil, controllers: nil, message: nil)
+  def initialize(id:, confirm_actions: nil, controllers: nil, message: nil, confirm_reflexes: nil)
     super(id: id, close_button: true)
     @confirm_actions = confirm_actions
+    @confirm_reflexes = confirm_reflexes
     @controllers = controllers
     @message = message
   end

app/components/confirm_modal_component/confirm_modal_component.html.haml

@@ -7,4 +7,4 @@
 
     .modal-actions
       %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.cancel'), "data-action": "click->modal#close" }
-      %input{ class: "button icon-plus primary", type: 'button', value: t('js.admin.modals.confirm'), "data-action": @confirm_actions }
+      %input{ class: "button icon-plus primary", type: 'button', value: t('js.admin.modals.confirm'), "data-action": @confirm_actions, "data-reflex": @confirm_reflexes }

app/controllers/admin/contents_controller.rb

@@ -18,6 +18,8 @@ module Admin
         end
       end
 
+      ContentConfig.updated_at = Time.zone.now
+
       flash[:success] =
         t(:successfully_updated, resource: I18n.t('admin.contents.edit.your_content'))
 

app/controllers/admin/customers_controller.rb

@@ -2,6 +2,7 @@
 
 require 'open_food_network/address_finder'
 
+# rubocop:disable Metrics/ClassLength
 module Admin
   class CustomersController < Admin::ResourceController
     before_action :load_managed_shops, only: :index, if: :html_request?
@@ -67,7 +68,7 @@ module Admin
 
     def collection
       if json_request? && params[:enterprise_id].present?
-        CustomersWithBalance.new(Customer.of(managed_enterprise_id)).query.
+        CustomersWithBalance.new(customers).query.
           includes(
             :enterprise,
             { bill_address: [:state, :country] },
@@ -79,6 +80,15 @@ module Admin
       end
     end
 
+    def customers
+      return @customers if @customers.present?
+
+      @customers = Customer.managed_by(spree_current_user)
+      return @customers if params[:enterprise_id].blank?
+
+      @customers = @customers.where(enterprise_id: params[:enterprise_id])
+    end
+
     def managed_enterprise_id
       @managed_enterprise_id ||= Enterprise.managed_by(spree_current_user).
         select('enterprises.id').find_by(id: params[:enterprise_id])
@@ -120,3 +130,4 @@ module Admin
     end
   end
 end
+# rubocop:enable Metrics/ClassLength

app/controllers/admin/enterprise_fees_controller.rb

@@ -7,6 +7,7 @@ module Admin
     before_action :load_enterprise_fee_set, only: :index
     before_action :load_data
     before_action :check_enterprise_fee_input, only: [:bulk_update]
+    before_action :check_calculators_compatibility_with_taxes, only: [:bulk_update]
 
     def index
       @include_calculators = params[:include_calculators].present?
@@ -119,5 +120,17 @@ module Admin
         end
       end
     end
+
+    def check_calculators_compatibility_with_taxes
+      enterprise_fee_bulk_params['collection_attributes'].each do |_, enterprise_fee|
+        next unless enterprise_fee['inherits_tax_category'] == "true"
+        next unless EnterpriseFee::PER_ORDER_CALCULATORS.include?(enterprise_fee['calculator_type'])
+
+        flash[:error] = I18n.t(
+          'activerecord.errors.models.enterprise_fee.inherit_tax_requires_per_item_calculator'
+        )
+        return redirect_to redirect_path
+      end
+    end
   end
 end

app/controllers/admin/product_import_controller.rb

@@ -37,7 +37,7 @@ module Admin
     end
 
     def reset_absent_products
-      @importer = ProductImport::ProductImporter.new(File.new(params[:filepath]),
+      @importer = ProductImport::ProductImporter.new(File.new(file_path),
                                                      spree_current_user, import_into: params[:import_into], enterprises_to_reset: params[:enterprises_to_reset], updated_ids: params[:updated_ids], settings: params[:settings])
 
       if params.key?(:enterprises_to_reset) && params.key?(:updated_ids)
@@ -56,7 +56,7 @@ module Admin
     end
 
     def process_data(method)
-      @importer = ProductImport::ProductImporter.new(File.new(params[:filepath]),
+      @importer = ProductImport::ProductImporter.new(File.new(file_path),
                                                      spree_current_user, start: params[:start], end: params[:end], settings: params[:settings])
 
       begin
@@ -112,5 +112,25 @@ module Admin
     def model_class
       ProductImport::ProductImporter
     end
+
+    def file_path
+      @file_path ||= validate_file_path(sanitize_file_path(params[:filepath]))
+    end
+
+    def sanitize_file_path(file_path)
+      FilePathSanitizer.new.sanitize(file_path, on_error: method(:raise_invalid_file_path))
+    end
+
+    def validate_file_path(file_path)
+      return file_path if file_path.to_s.match?(TEMP_FILE_PATH_REGEX)
+
+      raise_invalid_file_path
+    end
+
+    def raise_invalid_file_path
+      redirect_to '/admin/product_import', notice: I18n.t(:product_import_no_data_in_spreadsheet_notice)
+      raise 'Invalid File Path'
+    end
+    TEMP_FILE_PATH_REGEX = %r{^/tmp/product_import[A-Za-z0-9-]*/import\.csv$}
   end
 end

app/controllers/admin/reports_controller.rb

@@ -2,6 +2,7 @@
 
 module Admin
   class ReportsController < Spree::Admin::BaseController
+    include ActiveStorage::SetCurrent
     include ReportsActions
     helper ReportsHelper
 
@@ -21,11 +22,13 @@ module Admin
     def show
       @report = report_class.new(spree_current_user, params, render: render_data?)
 
-      if report_format.present?
+      if params[:report_format].present?
         export_report
       else
         show_report
       end
+    rescue Timeout::Error
+      render_timeout_error
     end
 
     private
@@ -36,6 +39,7 @@ module Admin
 
     def show_report
       assign_view_data
+      @table = render_report_as(:html) if render_data?
       render "show"
     end
 
@@ -45,7 +49,6 @@ module Admin
       @report_subtype = report_subtype
       @report_title = report_title
       @rendering_options = rendering_options
-      @table = render_report_as(:html) if render_data?
       @data = Reporting::FrontendData.new(spree_current_user)
     end
 
@@ -55,16 +58,43 @@ module Admin
 
     def render_report_as(format)
       if OpenFoodNetwork::FeatureToggle.enabled?(:background_reports, spree_current_user)
-        job = ReportJob.perform_later(
-          report_class, spree_current_user, params, format
+        @blob = ReportBlob.create_for_upload_later!(report_filename)
+        ReportJob.perform_later(
+          report_class, spree_current_user, params, format, @blob
         )
-        sleep 1 until job.done?
+        Timeout.timeout(max_wait_time) do
+          sleep 1 until @blob.content_stored?
+        end
 
         # This result has been rendered by Rails in safe mode already.
-        job.result.html_safe # rubocop:disable Rails/OutputSafety
+        @blob.result.html_safe # rubocop:disable Rails/OutputSafety
       else
         @report.render_as(format)
       end
     end
+
+    def render_timeout_error
+      assign_view_data
+      if @blob
+        @error = ".report_taking_longer_html"
+        @error_url = @blob.expiring_service_url
+      else
+        @error = ".report_taking_longer"
+        @error_url = ""
+      end
+      render "show"
+    end
+
+    def max_wait_time
+      # This value is used by rack-timeout and nginx, usually 30 seconds in
+      # staging and production:
+      server_timeout = ENV.fetch("RACK_TIMEOUT_SERVICE_TIMEOUT", "15").to_f
+
+      # Zero disables the timeout:
+      return 0 if server_timeout.zero?
+
+      # We want to time out earlier than nginx:
+      server_timeout - 2.seconds
+    end
   end
 end

app/controllers/admin/variant_overrides_controller.rb

@@ -63,7 +63,7 @@ module Admin
 
       options = [{ id: '0', name: 'All' }]
       import_dates.collect(&:import_date).map { |i|
-        options.push(id: i.to_date, name: i.to_date.to_formatted_s(:long))
+        options.push(id: i.to_date, name: i.to_date.to_fs(:long))
       }
 
       options

app/controllers/api/v0/products_controller.rb

@@ -116,7 +116,7 @@ module Api
 
       def product_query_includes
         [
-          master: [:images],
+          master: { images: { attachment_attachment: :blob } },
           variants: [:default_price, :stock_locations, :stock_items, :variant_overrides,
                      { option_values: :option_type }]
         ]

app/controllers/api/v1/customers_controller.rb

@@ -80,9 +80,7 @@ module Api
       end
 
       def visible_customers
-        current_api_user.customers.or(
-          Customer.where(enterprise_id: editable_enterprises)
-        )
+        Customer.managed_by(current_api_user)
       end
 
       def customer_params
@@ -106,10 +104,6 @@ module Api
         attributes
       end
 
-      def editable_enterprises
-        OpenFoodNetwork::Permissions.new(current_api_user).editable_enterprises.select(:id)
-      end
-
       def include_options
         fields = [params.fetch(:include, [])].flatten
 

app/controllers/concerns/checkout_callbacks.rb

@@ -30,6 +30,8 @@ module CheckoutCallbacks
     @order.manual_shipping_selection = true
     @order.checkout_processing = true
 
+    @voucher_adjustment = @order.voucher_adjustments.first
+
     redirect_to(main_app.shop_path) && return if redirect_to_shop?
     redirect_to_cart_path && return unless valid_order_line_items?
   end

app/controllers/concerns/reports_actions.rb

@@ -56,7 +56,7 @@ module ReportsActions
   end
 
   def report_format
-    params[:report_format]
+    params[:report_format].presence || "html"
   end
 
   def report_filename

app/controllers/concerns/white_label.rb

@@ -5,10 +5,15 @@ module WhiteLabel
   include EnterprisesHelper
 
   def hide_ofn_navigation(distributor = current_distributor)
-    return false unless OpenFoodNetwork::FeatureToggle.enabled?(:white_label)
-
     # if the distributor has the hide_ofn_navigation preference set to true
     # then we should hide the OFN navigation
     @hide_ofn_navigation = distributor.hide_ofn_navigation
+
+    # if the distributor has the hide_ofn_navigation preference
+    # set to false, there is no need to check the white_label_logo preference
+    return unless @hide_ofn_navigation
+
+    @white_label_logo = distributor.white_label_logo
+    @white_label_distributor = distributor
   end
 end

app/controllers/split_checkout_controller.rb

@@ -30,6 +30,8 @@ class SplitCheckoutController < ::BaseController
   end
 
   def update
+    return process_voucher if params[:apply_voucher].present?
+
     if confirm_order || update_order
       return if performed?
 
@@ -59,6 +61,27 @@ class SplitCheckoutController < ::BaseController
       replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
   end
 
+  def render_voucher_section_or_redirect
+    respond_to do |format|
+      format.cable_ready { render_voucher_section }
+      format.html { redirect_to checkout_step_path(:payment) }
+    end
+  end
+
+  # Using the power of cable_car we replace only the #voucher_section instead of reloading the page
+  def render_voucher_section
+    render(
+      status: :ok,
+      cable_ready: cable_car.replace(
+        "#voucher-section",
+        partial(
+          "split_checkout/voucher_section",
+          locals: { order: @order, voucher_adjustment: @order.voucher_adjustments.first }
+        )
+      )
+    )
+  end
+
   def order_error_messages
     # Remove ship_address.* errors if no shipping method is not selected
     remove_ship_address_errors if no_ship_address_needed?
@@ -179,10 +202,47 @@ class SplitCheckoutController < ::BaseController
     selected_shipping_method.first.require_ship_address == false
   end
 
+  def process_voucher
+    if add_voucher
+      render_voucher_section_or_redirect
+    elsif @order.errors.present?
+      render_error
+    end
+  end
+
+  def add_voucher
+    if params.dig(:order, :voucher_code).blank?
+      @order.errors.add(:voucher, I18n.t('split_checkout.errors.voucher_not_found'))
+      return false
+    end
+
+    # Fetch Voucher
+    voucher = Voucher.find_by(code: params[:order][:voucher_code], enterprise: @order.distributor)
+
+    if voucher.nil?
+      @order.errors.add(:voucher, I18n.t('split_checkout.errors.voucher_not_found'))
+      return false
+    end
+
+    adjustment = voucher.create_adjustment(voucher.code, @order)
+
+    if !adjustment.valid?
+      @order.errors.add(:voucher, I18n.t('split_checkout.errors.add_voucher_error'))
+      adjustment.errors.each { |error| @order.errors.import(error) }
+      return false
+    end
+
+    true
+  end
+
   def summary_step?
     params[:step] == "summary"
   end
 
+  def payment_step?
+    params[:step] == "payment"
+  end
+
   def advance_order_state
     return if @order.complete?
 
@@ -252,5 +312,14 @@ class SplitCheckoutController < ::BaseController
   def recalculate_tax
     @order.create_tax_charge!
     @order.update_order!
+
+    apply_voucher if @order.voucher_adjustments.present?
+  end
+
+  def apply_voucher
+    VoucherAdjustmentsService.calculate(@order)
+
+    # update order to take into account the voucher we applied
+    @order.update_order!
   end
 end

app/controllers/spree/admin/orders/customer_details_controller.rb

@@ -65,6 +65,7 @@ module Spree
           params.require(:order).permit(
             :email,
             :use_billing,
+            :customer_id,
             bill_address_attributes: ::PermittedAttributes::Address.attributes,
             ship_address_attributes: ::PermittedAttributes::Address.attributes
           )

app/controllers/spree/admin/orders_controller.rb

@@ -9,11 +9,9 @@ module Spree
       helper CheckoutHelper
 
       before_action :load_order, only: [:edit, :update, :fire, :resend,
-                                        :invoice, :print]
-      before_action :load_distribution_choices, only: [:new, :edit, :update]
+                                        :invoice, :print, :distribution]
+      before_action :load_distribution_choices, only: [:new, :edit, :update, :distribution]
 
-      # Ensure that the distributor is set for an order when
-      before_action :ensure_distribution, only: :new
       before_action :require_distributor_abn, only: :invoice
 
       respond_to :html, :json
@@ -21,8 +19,20 @@ module Spree
       def new
         @order = Order.create
         @order.created_by = spree_current_user
+        @order.generate_order_number
         @order.save
-        redirect_to spree.edit_admin_order_url(@order)
+        redirect_to spree.distribution_admin_order_path(@order)
+      end
+
+      def distribution
+        return if order_params.blank?
+
+        on_update
+
+        @order.assign_attributes(order_params)
+        return unless @order.save(context: :set_distribution_step)
+
+        redirect_to spree.admin_order_customer_path(@order)
       end
 
       def edit
@@ -33,12 +43,7 @@ module Spree
       end
 
       def update
-        @order.recreate_all_fees!
-
-        unless @order.cart?
-          @order.create_tax_charge!
-          @order.update_order!
-        end
+        on_update
 
         if params[:set_distribution_step] && @order.update(order_params)
           return redirect_to spree.admin_order_customer_path(@order)
@@ -105,6 +110,15 @@ module Spree
 
       private
 
+      def on_update
+        @order.recreate_all_fees!
+
+        return if @order.cart?
+
+        @order.create_tax_charge!
+        @order.update_order!
+      end
+
       def order_params
         return params[:order] if params[:order].blank?
 
@@ -142,17 +156,6 @@ module Spree
                         ocs.closed +
                         ocs.undated
       end
-
-      def ensure_distribution
-        unless @order
-          @order = Spree::Order.new
-          @order.generate_order_number
-          @order.save!
-        end
-        return if @order.distribution_set?
-
-        render 'set_distribution', locals: { order: @order }
-      end
     end
   end
 end

app/controllers/spree/admin/payment_methods_controller.rb

@@ -7,7 +7,6 @@ module Spree
       before_action :load_data
       before_action :validate_payment_method_provider, only: [:create]
       before_action :load_hubs, only: [:new, :edit, :update]
-      before_action :validate_calculator_preferred_value, only: [:update]
 
       respond_to :html
 
@@ -17,6 +16,10 @@ module Spree
         @payment_method = payment_method_class.constantize.new(base_params)
         @object = @payment_method
 
+        if !base_params["calculator_type"] && gateway_params["calculator_type"]
+          @payment_method.calculator_type = gateway_params["calculator_type"]
+        end
+
         load_hubs
 
         if @payment_method.save
@@ -44,6 +47,7 @@ module Spree
           redirect_to spree.edit_admin_payment_method_path(@payment_method)
         else
           respond_with(@payment_method)
+          clear_preference_cache
         end
       end
 
@@ -182,33 +186,23 @@ module Spree
             end
           end
 
+          # Ensure the calculator to be updated is the correct type
+          if params_for_update["calculator_type"] && params_for_update["calculator_attributes"]
+            add_type_to_calculator_attributes(params_for_update)
+          end
+
           params_for_update
         end
       end
 
-      def validate_calculator_preferred_value
-        return if calculator_preferred_values.all? do |value|
-          preferred_value_from_params = gateway_params.dig(:calculator_attributes, value)
-          preferred_value_from_params.nil? || Float(preferred_value_from_params,
-                                                    exception: false)
+      def clear_preference_cache
+        @payment_method.calculator.preferences.each_key do |key|
+          Rails.cache.delete(@payment_method.calculator.preference_cache_key(key))
         end
-
-        flash[:error] = I18n.t(:calculator_preferred_value_error)
-        redirect_to spree.edit_admin_payment_method_path(@payment_method)
       end
 
-      def calculator_preferred_values
-        [
-          :preferred_amount,
-          :preferred_flat_percent,
-          :preferred_flat_percent,
-          :preferred_first_item,
-          :preferred_additional_item,
-          :preferred_max_items,
-          :preferred_normal_amount,
-          :preferred_discount_amount,
-          :preferred_minimal_amount
-        ]
+      def add_type_to_calculator_attributes(hash)
+        hash["calculator_attributes"]["type"] = hash["calculator_type"]
       end
     end
   end

app/controllers/spree/admin/products_controller.rb

@@ -177,7 +177,7 @@ module Spree
       def product_import_dates
         options = [{ id: '0', name: '' }]
         product_import_dates_query.collect(&:import_date).
-          map { |i| options.push(id: i.to_date, name: i.to_date.to_formatted_s(:long)) }
+          map { |i| options.push(id: i.to_date, name: i.to_date.to_fs(:long)) }
 
         options
       end

app/controllers/voucher_adjustments_controller.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class VoucherAdjustmentsController < BaseController
+  include CablecarResponses
+
+  def destroy
+    @order = current_order
+
+    @order.voucher_adjustments.find_by(id: params[:id])&.destroy
+
+    respond_to do |format|
+      format.cable_ready { render_voucher_section }
+      format.html { redirect_to checkout_step_path(:payment) }
+    end
+  end
+
+  private
+
+  # Using the power of cable_car we replace only the #voucher_section instead of reloading the page
+  def render_voucher_section
+    render(
+      status: :ok,
+      cable_ready: cable_car.replace(
+        "#voucher-section",
+        partial(
+          "split_checkout/voucher_section",
+          locals: { order: @order, voucher_adjustment: @order.voucher_adjustments.first }
+        )
+      )
+    )
+  end
+end

app/helpers/admin/enterprises_helper.rb

@@ -14,7 +14,6 @@ module Admin
       producers.size == 1 ? producers.first.id : nil
     end
 
-    # rubocop:disable Metrics/MethodLength
     def enterprise_side_menu_items(enterprise)
       is_shop = enterprise.sells != "none"
       show_properties = !!enterprise.is_primary_producer
@@ -50,14 +49,8 @@ module Admin
         { name: 'tag_rules', icon_class: "icon-random", show: is_shop },
         { name: 'shop_preferences', icon_class: "icon-shopping-cart", show: is_shop },
         { name: 'users', icon_class: "icon-user", show: true },
-      ] + [add_white_label_if_feature_activated].compact
+        { name: 'white_label', icon_class: "icon-leaf", show: true },
+      ]
     end
-
-    def add_white_label_if_feature_activated
-      return nil unless OpenFoodNetwork::FeatureToggle.enabled?(:white_label)
-
-      { name: 'white_label', icon_class: "icon-leaf", show: true }
-    end
-    # rubocop:enable Metrics/MethodLength
   end
 end

app/helpers/application_helper.rb

@@ -68,4 +68,14 @@ module ApplicationHelper
       wicked_pdf_stylesheet_pack_tag(source)
     end
   end
+
+  def cache_with_locale(key = nil, options = {}, &block)
+    cache(cache_key_with_locale(key, I18n.locale), options) do
+      yield(block)
+    end
+  end
+
+  def cache_key_with_locale(key, locale)
+    Array.wrap(key) + [locale.to_s, I18nDigests.for_locale(locale)]
+  end
 end

app/helpers/enterprises_helper.rb

@@ -87,4 +87,10 @@ module EnterprisesHelper
       main_app.producers_url
     end
   end
+
+  def main_logo_link(enterprise)
+    return enterprise.white_label_logo_link if enterprise&.white_label_logo_link.present?
+
+    main_app.root_path
+  end
 end

app/helpers/reports_helper.rb

@@ -3,8 +3,8 @@
 module ReportsHelper
   def report_order_cycle_options(order_cycles)
     order_cycles.map do |oc|
-      orders_open_at = oc.orders_open_at&.to_s(:short) || 'NA'
-      orders_close_at = oc.orders_close_at&.to_s(:short) || 'NA'
+      orders_open_at = oc.orders_open_at&.to_fs(:short) || 'NA'
+      orders_close_at = oc.orders_close_at&.to_fs(:short) || 'NA'
       ["#{oc.name}   (#{orders_open_at} - #{orders_close_at})".html_safe, oc.id]
     end
   end

app/helpers/spree/admin/base_helper.rb

@@ -29,8 +29,8 @@ module Spree
 
       def preference_field_tag(name, value, options)
         case options[:type]
-        when :integer
-          text_field_tag(name, value, preference_field_options(options))
+        when :integer, :decimal
+          number_field_tag(name, value, preference_field_options(options))
         when :boolean
           hidden_field_tag(name, 0) +
             check_box_tag(name, 1, value, preference_field_options(options))
@@ -49,8 +49,8 @@ module Spree
 
       def preference_field_for(form, field, options, object)
         case options[:type]
-        when :integer
-          form.text_field(field, preference_field_options(options))
+        when :integer, :decimal
+          form.number_field(field, preference_field_options(options))
         when :boolean
           form.check_box(field, preference_field_options(options))
         when :string
@@ -80,26 +80,24 @@ module Spree
       end
 
       def preference_field_options(options)
-        field_options = case options[:type]
-                        when :integer
-                          { size: 10,
-                            class: 'input_integer' }
-                        when :boolean
-                          {}
-                        when :string
-                          { size: 10,
-                            class: 'input_string fullwidth' }
-                        when :password
-                          { size: 10,
-                            class: 'password_string fullwidth' }
-                        when :text
-                          { rows: 15,
-                            cols: 85,
-                            class: 'fullwidth' }
-                        else
-                          { size: 10,
-                            class: 'input_string fullwidth' }
-                        end
+        field_options =
+          case options[:type]
+          when :integer
+            { size: 10, class: 'input_integer', step: 1 }
+          when :decimal
+            # Allow any number of decimal places
+            { size: 10, class: 'input_integer', step: :any }
+          when :boolean
+            {}
+          when :string
+            { size: 10, class: 'input_string fullwidth' }
+          when :password
+            { size: 10, class: 'password_string fullwidth' }
+          when :text
+            { rows: 15, cols: 85, class: 'fullwidth' }
+          else
+            { size: 10, class: 'input_string fullwidth' }
+          end
 
         field_options.merge!(
           readonly: options[:readonly],

app/helpers/spree/admin/navigation_helper.rb

@@ -34,7 +34,6 @@ module Spree
           link = link_to_with_icon(options[:icon], titleized_label, destination_url)
           css_classes << 'tab-with-icon'
         else
-          titleized_label = raw("<span class='text'>#{titleized_label}</span>")
           link = link_to(titleized_label, destination_url)
         end
 

app/helpers/spree/admin/orders_helper.rb

@@ -105,15 +105,14 @@ module Spree
       def cancel_order_link
         { name: t(:cancel_order),
           url: spree.fire_admin_order_path(@order.number, e: 'cancel'),
-          icon: 'icon-trash',
-          confirm: t(:are_you_sure) }
+          icon: 'icon-trash' }
       end
 
       def cancel_event_link
         event_label = I18n.t("cancel", scope: "actions")
         button_link_to(event_label,
                        fire_admin_order_url(@order, e: "cancel"),
-                       method: :put, icon: "icon-remove", form_id: "cancel_order_form")
+                       method: :put, icon: "icon-cancel", form_id: "cancel_order_form")
       end
 
       def resume_event_link

app/jobs/report_job.rb

@@ -1,34 +1,25 @@
 # frozen_string_literal: true
 
-# Renders a report and saves it to a temporary file.
-class ReportJob < ActiveJob::Base
-  def perform(report_class, user, params, format)
+# Renders a report and stores it in a given blob.
+class ReportJob < ApplicationJob
+  NOTIFICATION_TIME = 5.seconds
+
+  def perform(report_class, user, params, format, blob)
+    start_time = Time.zone.now
+
     report = report_class.new(user, params, render: true)
     result = report.render_as(format)
-    write(result)
+    blob.store(result)
+
+    execution_time = Time.zone.now - start_time
+
+    email_result(user, blob) if execution_time > NOTIFICATION_TIME
   end
 
-  def done?
-    @done ||= File.file?(filename)
-  end
-
-  def result
-    @result ||= read_result
-  end
-
-  private
-
-  def write(result)
-    File.write(filename, result, mode: "wb")
-  end
-
-  def read_result
-    File.read(filename)
-  ensure
-    File.unlink(filename)
-  end
-
-  def filename
-    Rails.root.join("tmp/report-#{job_id}")
+  def email_result(user, blob)
+    ReportMailer.with(
+      to: user.email,
+      blob: blob,
+    ).report_ready.deliver_later
   end
 end

app/json_schemas/json_api_schema.rb

@@ -37,7 +37,7 @@ class JsonApiSchema
     end
 
     def relationship_properties
-      relationships.to_h { |name| [name, relationship_schema(name)] }
+      relationships.index_with { |name| relationship_schema(name) }
     end
 
     # Example

app/mailers/application_mailer.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class ApplicationMailer < ActionMailer::Base
+  # Inline stylesheets
+  include Roadie::Rails::Automatic
+
+  helper TermsAndConditionsHelper
+
+  default from: -> { Spree::Config[:mails_from] }
+  layout 'mailer'
+
+  def money(amount)
+    Spree::Money.new(amount).to_s
+  end
+  helper_method :money
+
+  protected
+
+  def roadie_options
+    # This lets us specify assets using relative paths in email templates
+    super.merge(url_options: { host: URI(main_app.root_url).host })
+  end
+end

app/mailers/enterprise_mailer.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require 'devise/mailers/helpers'
-class EnterpriseMailer < Spree::BaseMailer
+class EnterpriseMailer < ApplicationMailer
   include Devise::Mailers::Helpers
   include I18nHelper
 
@@ -12,7 +12,6 @@ class EnterpriseMailer < Spree::BaseMailer
                   enterprise: @enterprise.name,
                   sitename: Spree::Config[:site_name])
       mail(to: enterprise.contact.email,
-           from: from_address,
            subject: subject)
     end
   end
@@ -20,12 +19,10 @@ class EnterpriseMailer < Spree::BaseMailer
   def manager_invitation(enterprise, user)
     @enterprise = enterprise
     @instance = Spree::Config[:site_name]
-    @instance_email = from_address
 
     I18n.with_locale valid_locale(@enterprise.owner) do
       subject = t('enterprise_mailer.invite_manager.subject', enterprise: @enterprise.name)
       mail(to: user.email,
-           from: from_address,
            subject: subject)
     end
   end

app/mailers/payment_mailer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class PaymentMailer < Spree::BaseMailer
+class PaymentMailer < ApplicationMailer
   include I18nHelper
 
   def authorize_payment(payment)
@@ -8,7 +8,7 @@ class PaymentMailer < Spree::BaseMailer
     subject = I18n.t('spree.payment_mailer.authorize_payment.subject',
                      distributor: @payment.order.distributor.name)
     I18n.with_locale valid_locale(@payment.order.user) do
-      mail(to: payment.order.email, from: from_address, subject: subject)
+      mail(to: payment.order.email, subject: subject)
     end
   end
 
@@ -19,7 +19,6 @@ class PaymentMailer < Spree::BaseMailer
                      order: @payment.order)
     I18n.with_locale valid_locale(shop_owner) do
       mail(to: shop_owner.email,
-           from: from_address,
            subject: subject)
     end
   end

app/mailers/producer_mailer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class ProducerMailer < Spree::BaseMailer
+class ProducerMailer < ApplicationMailer
   include I18nHelper
 
   def order_cycle_report(producer, order_cycle)
@@ -14,7 +14,6 @@ class ProducerMailer < Spree::BaseMailer
 
       mail(
         to: @producer.contact.email,
-        from: from_address,
         subject: subject,
         reply_to: @coordinator.contact.email,
         cc: @coordinator.contact.email

app/mailers/report_mailer.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class ReportMailer < ApplicationMailer
+  def report_ready
+    # When we are in a background job then we don't have an HTTP request object
+    # and we need to tell ActiveStorage the hostname to generate URLs.
+    ActiveStorage::Current.url_options ||= url_options
+
+    @blob = params[:blob]
+    mail(params)
+  end
+end

app/mailers/spree/base_mailer.rb

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-module Spree
-  class BaseMailer < ActionMailer::Base
-    # Inline stylesheets
-    include Roadie::Rails::Automatic
-
-    helper TermsAndConditionsHelper
-
-    layout 'mailer'
-
-    def from_address
-      Spree::Config[:mails_from]
-    end
-
-    def money(amount)
-      Spree::Money.new(amount).to_s
-    end
-    helper_method :money
-
-    protected
-
-    def roadie_options
-      # This lets us specify assets using relative paths in email templates
-      super.merge(url_options: { host: URI(main_app.root_url).host })
-    end
-  end
-end

app/mailers/spree/order_mailer.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Spree
-  class OrderMailer < BaseMailer
+  class OrderMailer < ApplicationMailer
     helper 'checkout'
     helper SpreeCurrencyHelper
     helper Spree::PaymentMethodsHelper
@@ -13,7 +13,6 @@ module Spree
       @order = find_order(order_or_order_id)
       I18n.with_locale valid_locale(@order.user) do
         mail(to: @order.email,
-             from: from_address,
              subject: mail_subject(t('spree.order_mailer.cancel_email.subject'), resend))
       end
     end
@@ -23,7 +22,6 @@ module Spree
       I18n.with_locale valid_locale(@order.distributor.owner) do
         subject = I18n.t('spree.order_mailer.cancel_email_for_shop.subject')
         mail(to: @order.distributor.contact.email,
-             from: from_address,
              subject: subject)
       end
     end
@@ -33,7 +31,6 @@ module Spree
       I18n.with_locale valid_locale(@order.user) do
         subject = mail_subject(t('spree.order_mailer.confirm_email.subject'), resend)
         mail(to: @order.email,
-             from: from_address,
              subject: subject,
              reply_to: @order.distributor.contact.email)
       end
@@ -44,7 +41,6 @@ module Spree
       I18n.with_locale valid_locale(@order.user) do
         subject = mail_subject(t('spree.order_mailer.confirm_email.subject'), resend)
         mail(to: @order.distributor.contact.email,
-             from: from_address,
              subject: subject)
       end
     end
@@ -56,7 +52,6 @@ module Spree
       attach_file("invoice-#{@order.number}.pdf", pdf)
       I18n.with_locale valid_locale(@order.user) do
         mail(to: @order.email,
-             from: from_address,
              subject: mail_subject(t(:invoice), false),
              reply_to: @order.distributor.contact.email)
       end

app/mailers/spree/shipment_mailer.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 module Spree
-  class ShipmentMailer < BaseMailer
+  class ShipmentMailer < ApplicationMailer
     def shipped_email(shipment, delivery:)
       @shipment = shipment.respond_to?(:id) ? shipment : Spree::Shipment.find(shipment)
       @delivery = delivery
       subject = base_subject
-      mail(to: @shipment.order.email, from: from_address, subject: subject)
+      mail(to: @shipment.order.email, subject: subject)
     end
 
     private

app/mailers/spree/test_mailer.rb

@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
 module Spree
-  class TestMailer < BaseMailer
+  class TestMailer < ApplicationMailer
     def test_email(user)
       recipient = user.respond_to?(:id) ? user : Spree::User.find(user)
       subject = "#{Spree::Config[:site_name]} #{t('spree.test_mailer.test_email.subject')}"
-      mail(to: recipient.email, from: from_address, subject: subject)
+      mail(to: recipient.email, subject: subject)
     end
   end
 end

app/mailers/spree/user_mailer.rb

@@ -3,7 +3,7 @@
 # This mailer is configured to be the Devise mailer
 # Some methods here override Devise::Mailer methods
 module Spree
-  class UserMailer < BaseMailer
+  class UserMailer < ApplicationMailer
     include I18nHelper
 
     helper MailerHelper
@@ -16,7 +16,7 @@ module Spree
         "#{I18n.t('spree.user_mailer.reset_password_instructions.subject')}"
 
       I18n.with_locale valid_locale(user) do
-        mail(to: user.email, from: from_address, subject: subject)
+        mail(to: user.email, subject: subject)
       end
     end
 
@@ -24,7 +24,7 @@ module Spree
     def signup_confirmation(user)
       @user = user
       I18n.with_locale valid_locale(@user) do
-        mail(to: user.email, from: from_address,
+        mail(to: user.email,
              subject: t(:welcome_to) + ' ' + Spree::Config[:site_name])
       end
     end
@@ -39,7 +39,6 @@ module Spree
       I18n.with_locale valid_locale(@user) do
         subject = t('spree.user_mailer.confirmation_instructions.subject')
         mail(to: confirmation_email_address,
-             from: from_address,
              subject: subject)
       end
     end

app/mailers/subscription_mailer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class SubscriptionMailer < Spree::BaseMailer
+class SubscriptionMailer < ApplicationMailer
   helper 'checkout'
   helper MailerHelper
   helper ShopMailHelper
@@ -37,7 +37,6 @@ class SubscriptionMailer < Spree::BaseMailer
     @shop = Enterprise.find(summary.shop_id)
     @summary = summary
     mail(to: @shop.contact.email,
-         from: from_address,
          subject: "#{Spree::Config[:site_name]} #{t('subscription_mailer.placement_summary_email.subject')}")
   end
 
@@ -45,7 +44,6 @@ class SubscriptionMailer < Spree::BaseMailer
     @shop = Enterprise.find(summary.shop_id)
     @summary = summary
     mail(to: @shop.contact.email,
-         from: from_address,
          subject: "#{Spree::Config[:site_name]} #{t('subscription_mailer.confirmation_summary_email.subject')}")
   end
 
@@ -56,7 +54,6 @@ class SubscriptionMailer < Spree::BaseMailer
       confirm_email_subject = t('spree.order_mailer.confirm_email.subject')
       subject = "#{Spree::Config[:site_name]} #{confirm_email_subject} ##{order.number}"
       mail(to: order.email,
-           from: from_address,
            subject: subject,
            reply_to: order.distributor.contact.email)
     end

app/models/calculator/flat_percent_item_total.rb

@@ -1,14 +1,11 @@
 # frozen_string_literal: false
 
-require 'spree/localized_number'
-
 module Calculator
   class FlatPercentItemTotal < Spree::Calculator
-    extend Spree::LocalizedNumber
-
     preference :flat_percent, :decimal, default: 0
 
-    localize_number :preferred_flat_percent
+    validates :preferred_flat_percent,
+              numericality: true
 
     def self.description
       Spree.t(:flat_percent)

app/models/calculator/flat_percent_per_item.rb

@@ -1,18 +1,15 @@
 # frozen_string_literal: true
 
-require 'spree/localized_number'
-
 class Calculator::FlatPercentPerItem < Spree::Calculator
   # Spree's FlatPercentItemTotal calculator sums all amounts, and then calculates a percentage
   # on them.
   # In the cart, we display line item individual amounts rounded, so to have consistent
   # calculations we do the same internally. Here, we round adjustments at the individual
   # item level first, then multiply by the item quantity.
-  extend Spree::LocalizedNumber
-
   preference :flat_percent, :decimal, default: 0
 
-  localize_number :preferred_flat_percent
+  validates :preferred_flat_percent,
+            numericality: true
 
   def self.description
     I18n.t(:flat_percent_per_item)

app/models/calculator/flat_rate.rb

@@ -1,14 +1,11 @@
 # frozen_string_literal: false
 
-require 'spree/localized_number'
-
 module Calculator
   class FlatRate < Spree::Calculator
-    extend Spree::LocalizedNumber
-
     preference :amount, :decimal, default: 0
 
-    localize_number :preferred_amount
+    validates :preferred_amount,
+              numericality: true
 
     def self.description
       I18n.t(:flat_rate_per_order)

app/models/calculator/flexi_rate.rb

@@ -1,17 +1,14 @@
 # frozen_string_literal: false
 
-require 'spree/localized_number'
-
 module Calculator
   class FlexiRate < Spree::Calculator
-    extend Spree::LocalizedNumber
-
     preference :first_item,      :decimal, default: 0.0
     preference :additional_item, :decimal, default: 0.0
     preference :max_items,       :integer, default: 0
 
-    localize_number :preferred_first_item,
-                    :preferred_additional_item
+    validates :preferred_first_item,
+              :preferred_additional_item,
+              numericality: true
 
     def self.description
       I18n.t(:flexible_rate)

app/models/calculator/per_item.rb

@@ -1,14 +1,11 @@
 # frozen_string_literal: false
 
-require 'spree/localized_number'
-
 module Calculator
   class PerItem < Spree::Calculator
-    extend Spree::LocalizedNumber
-
     preference :amount, :decimal, default: 0
 
-    localize_number :preferred_amount
+    validates :preferred_amount,
+              numericality: true
 
     def self.description
       I18n.t(:flat_rate_per_item)

app/models/calculator/price_sack.rb

@@ -1,18 +1,15 @@
 # frozen_string_literal: false
 
-require 'spree/localized_number'
-
 module Calculator
   class PriceSack < Spree::Calculator
-    extend Spree::LocalizedNumber
-
     preference :minimal_amount, :decimal, default: 0
     preference :normal_amount, :decimal, default: 0
     preference :discount_amount, :decimal, default: 0
 
-    localize_number :preferred_minimal_amount,
-                    :preferred_normal_amount,
-                    :preferred_discount_amount
+    validates :preferred_minimal_amount,
+              :preferred_normal_amount,
+              :preferred_discount_amount,
+              numericality: true
 
     def self.description
       I18n.t(:price_sack)

app/models/calculator/weight.rb

@@ -1,15 +1,10 @@
 # frozen_string_literal: true
 
-require 'spree/localized_number'
-
 module Calculator
   class Weight < Spree::Calculator
-    extend Spree::LocalizedNumber
     preference :unit_from_list, :string, default: "kg"
     preference :per_unit, :decimal, default: 0.0
 
-    localize_number :preferred_per_unit
-
     def self.description
       I18n.t('spree.weight')
     end

app/models/concerns/address_display.rb

@@ -4,4 +4,8 @@ module AddressDisplay
   def full_name_reverse
     [lastname, firstname].reject(&:blank?).join(" ")
   end
+
+  def full_name_for_sorting
+    [last_name, first_name].reject(&:blank?).join(", ")
+  end
 end

app/models/content_configuration.rb

@@ -83,4 +83,19 @@ class ContentConfiguration < Spree::Preferences::Configuration
 
   # User Guide
   preference :user_guide_link, :string, default: 'https://guide.openfoodnetwork.org/'
+
+  # ContentConfig Caching
+  preference :updated_at_timestamp, :integer, default: Time.zone.today.to_time.to_i
+
+  def updated_at
+    Time.zone.at updated_at_timestamp
+  end
+
+  def updated_at=(time)
+    self.updated_at_timestamp = time.to_i
+  end
+
+  def cache_key
+    "ContentConfig:#{updated_at_timestamp}"
+  end
 end

app/models/customer.rb

@@ -35,6 +35,7 @@ class Customer < ApplicationRecord
                     uniqueness: { scope: :enterprise_id, message: I18n.t('validation_msg_is_associated_with_an_exising_customer') }
 
   scope :of, ->(enterprise) { where(enterprise_id: enterprise) }
+  scope :managed_by, ->(user) { user&.persisted? ? where(user: user).or(of(Enterprise.managed_by(user))) : none }
 
   before_create :associate_user
 

app/models/enterprise.rb

@@ -15,6 +15,10 @@ class Enterprise < ApplicationRecord
     medium: { resize_to_fill: [720, 156] },
     large: { resize_to_fill: [1200, 260] },
   }.freeze
+  WHITE_LABEL_LOGO_SIZES = {
+    default: { gravity: "Center", resize_to_fill: [217, 44] },
+    mobile: { gravity: "Center", resize_to_fill: [75, 26] },
+  }.freeze
   VALID_INSTAGRAM_REGEX = %r{\A[a-zA-Z0-9._]{1,30}([^/-]*)\z}
 
   searchable_attributes :sells, :is_primary_producer, :name
@@ -84,9 +88,14 @@ class Enterprise < ApplicationRecord
   has_one_attached :logo
   has_one_attached :promo_image
   has_one_attached :terms_and_conditions
+  has_one_attached :white_label_logo
 
-  validates :logo, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
-  validates :promo_image, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :logo,
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :promo_image,
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
   validates :terms_and_conditions, content_type: {
     in: "application/pdf",
     message: I18n.t(:enterprise_terms_and_conditions_type_error),
@@ -267,8 +276,7 @@ class Enterprise < ApplicationRecord
 
   def plus_parents_and_order_cycle_producers(order_cycles)
     oc_producer_ids = Exchange.in_order_cycle(order_cycles).incoming.pluck :sender_id
-    Enterprise.not_hidden.is_primary_producer
-      .parents_of_one_union_others(id, oc_producer_ids | [id])
+    Enterprise.is_primary_producer.parents_of_one_union_others(id, oc_producer_ids | [id])
   end
 
   def relatives_including_self
@@ -299,6 +307,14 @@ class Enterprise < ApplicationRecord
     )
   end
 
+  def white_label_logo_url(name = :default)
+    return unless white_label_logo.variable?
+
+    Rails.application.routes.url_helpers.url_for(
+      white_label_logo.variant(WHITE_LABEL_LOGO_SIZES[name])
+    )
+  end
+
   def website
     strip_url self[:website]
   end

app/models/enterprise_fee.rb

@@ -58,6 +58,12 @@ class EnterpriseFee < ApplicationRecord
     elsif inherits_tax_category_changed?
       self.tax_category_id = nil if inherits_tax_category?
     end
+
+    if inherits_tax_category? && PER_ORDER_CALCULATORS.include?(calculator_type)
+      errors.add(:base, :inherit_tax_requires_per_item_calculator)
+      throw :abort
+    end
+
     true
   end
 end

app/models/enterprise_group.rb

@@ -28,8 +28,12 @@ class EnterpriseGroup < ApplicationRecord
   has_one_attached :logo
   has_one_attached :promo_image
 
-  validates :logo, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
-  validates :promo_image, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :logo,
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :promo_image,
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
 
   scope :by_position, -> { order('position ASC') }
   scope :on_front_page, -> { where(on_front_page: true) }

app/models/enterprise_relationship.rb

@@ -13,6 +13,7 @@ class EnterpriseRelationship < ApplicationRecord
 
   after_save :update_permissions_of_child_variant_overrides
   before_destroy :revoke_all_child_variant_overrides
+  before_destroy :destroy_related_exchanges
 
   scope :with_enterprises, -> {
     joins("
@@ -102,6 +103,10 @@ class EnterpriseRelationship < ApplicationRecord
     child_variant_overrides.update_all(permission_revoked_at: Time.zone.now)
   end
 
+  def destroy_related_exchanges
+    Exchange.where(sender: parent, receiver: child, incoming: true).destroy_all
+  end
+
   def child_variant_overrides
     VariantOverride.unscoped.for_hubs(child)
       .joins(variant: :product).where("spree_products.supplier_id IN (?)", parent)

app/models/enterprise_relationship_permission.rb

@@ -1,5 +1,15 @@
 # frozen_string_literal: true
 
 class EnterpriseRelationshipPermission < ApplicationRecord
+  belongs_to :enterprise_relationship
   default_scope { order('name') }
+  before_destroy :destroy_related_exchanges
+
+  def destroy_related_exchanges
+    return if name != "add_to_order_cycle"
+
+    Exchange
+      .where(sender: enterprise_relationship.parent,
+             receiver: enterprise_relationship.child, incoming: true).destroy_all
+  end
 end

app/models/exchange.rb

@@ -86,9 +86,9 @@ class Exchange < ApplicationRecord
     exchange = dup
     exchange.order_cycle = new_order_cycle
     exchange.enterprise_fee_ids = enterprise_fee_ids
-    exchange.variant_ids = variant_ids
     exchange.tag_ids = tag_ids
     exchange.save!
+    clone_all_exchange_variants(exchange.id)
     exchange
   end
 
@@ -105,4 +105,17 @@ class Exchange < ApplicationRecord
 
     receiver.touch_later
   end
+
+  private
+
+  # An Order Cycle can have thousands of ExchangeVariants.
+  # It's a simple association without any callbacks on creation. So we can
+  # insert in bulk and improve the performance tenfold for large order cycles.
+  def clone_all_exchange_variants(exchange_id)
+    return unless variant_ids.any?
+
+    ExchangeVariant.insert_all( # rubocop:disable Rails/SkipsModelValidations
+      variant_ids.map{ |variant_id| { variant_id: variant_id, exchange_id: exchange_id } }
+    )
+  end
 end

app/models/exchange_variant.rb

@@ -3,4 +3,9 @@
 class ExchangeVariant < ApplicationRecord
   belongs_to :exchange
   belongs_to :variant, class_name: 'Spree::Variant'
+  after_destroy :destroy_related_outgoing_variants
+
+  def destroy_related_outgoing_variants
+    VariantDeleter.new.destroy_related_outgoing_variants(variant_id, exchange.order_cycle)
+  end
 end

app/models/product_import/entry_validator.rb

@@ -39,6 +39,8 @@ module ProductImport
         enterprise_validation(entry)
         unit_fields_validation(entry)
         variant_of_product_validation(entry)
+        price_validation(entry)
+        on_hand_on_demand_validation(entry)
 
         next if entry.enterprise_id.blank?
 
@@ -170,6 +172,11 @@ module ProductImport
                                error: I18n.t('admin.product_import.model.blank'))
       end
 
+      unless is_numeric(entry.units) && entry.units.to_f > 0
+        mark_as_invalid(entry, attribute: 'units',
+                               error: I18n.t('admin.product_import.model.incorrect_value'))
+      end
+
       return if import_into_inventory?
 
       # unit_type must be valid type
@@ -189,6 +196,42 @@ module ProductImport
                              error: I18n.t('admin.product_import.model.conditional_blank'))
     end
 
+    def is_numeric(value)
+      return true unless Float(value, exception: false).nil?
+    end
+
+    def price_validation(entry)
+      return if is_numeric(entry.price)
+
+      error_string = if empty_or_placeholder_value(entry.price)
+                       'admin.product_import.model.blank'
+                     else
+                       'admin.product_import.model.incorrect_value'
+                     end
+      mark_as_invalid(entry, attribute: 'price', error: I18n.t(error_string))
+    end
+
+    def on_hand_on_demand_validation(entry)
+      on_hand_present_numeric = !empty_or_placeholder_value(entry.on_hand) &&
+                                is_numeric(entry.on_hand)
+      on_hand_value = entry.on_hand&.to_i
+      on_demand_present_numeric = !empty_or_placeholder_value(entry.on_demand) &&
+                                  is_numeric(entry.on_demand)
+      on_demand_value = entry.on_demand&.to_i
+
+      return if (on_hand_present_numeric && on_hand_value >= 0) ||
+                (on_demand_present_numeric && on_demand_value == 1)
+
+      mark_as_invalid(entry, attribute: 'on_hand',
+                             error: I18n.t('admin.product_import.model.incorrect_value'))
+      mark_as_invalid(entry, attribute: 'on_demand',
+                             error: I18n.t('admin.product_import.model.incorrect_value'))
+    end
+
+    def empty_or_placeholder_value(value)
+      value.blank? || value.to_s.strip == "-"
+    end
+
     def variant_of_product_validation(entry)
       return if entry.producer.blank? || entry.name.blank?
 
@@ -293,8 +336,7 @@ module ProductImport
         entry.primary_taxon_id = @spreadsheet_data.categories_index[category_name]
       else
         mark_as_invalid(entry, attribute: "category",
-                               error: I18n.t(:error_not_found_in_database,
-                                             name: category_name))
+                               error: I18n.t('admin.product_import.model.category_not_found'))
       end
     end
 

app/models/report_blob.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+# Stores a generated report.
+class ReportBlob < ActiveStorage::Blob
+  # AWS S3 limits URL expiry to one week.
+  LIFETIME = 1.week
+
+  def self.create_for_upload_later!(filename)
+    # ActiveStorage discourages modifying a blob later but we need a blob
+    # before we know anything about the report file. It enables us to use the
+    # same blob in the controller to read the result.
+    create_before_direct_upload!(
+      filename: filename,
+      byte_size: 0,
+      checksum: "0",
+      content_type: content_type(filename),
+    ).tap do |blob|
+      ActiveStorage::PurgeJob.set(wait: LIFETIME).perform_later(blob)
+    end
+  end
+
+  def self.content_type(filename)
+    MIME::Types.of(filename).first&.to_s || "application/octet-stream"
+  end
+
+  def store(content)
+    io = StringIO.new(content)
+    upload(io, identify: false)
+    save!
+  end
+
+  def content_stored?
+    @content_stored ||= reload.checksum != "0"
+  end
+
+  def result
+    @result ||= download.force_encoding(Encoding::UTF_8)
+  end
+
+  def expiring_service_url
+    url(expires_in: LIFETIME)
+  end
+end

app/models/spree/ability.rb

@@ -274,7 +274,7 @@ module Spree
           # Enterprise User can access orders that are placed inside a OC they coordinate
           order.order_cycle&.coordinated_by?(user)
       end
-      can [:admin, :bulk_management, :managed], Spree::Order do
+      can [:admin, :bulk_management, :managed, :distribution], Spree::Order do
         user.admin? || user.enterprises.any?(&:is_distributor)
       end
       can [:admin, :create, :show, :poll], :invoice

app/models/spree/address.rb

@@ -4,7 +4,7 @@ module Spree
   class Address < ApplicationRecord
     include AddressDisplay
 
-    searchable_attributes :firstname, :lastname, :phone
+    searchable_attributes :firstname, :lastname, :phone, :full_name
     searchable_associations :country, :state
 
     belongs_to :country, class_name: "Spree::Country"
@@ -28,6 +28,12 @@ module Spree
     alias_attribute :last_name, :lastname
     delegate :name, to: :state, prefix: true, allow_nil: true
 
+    ransacker :full_name, formatter: proc { |value| value.to_s } do |parent|
+      Arel::Nodes::SqlLiteral.new(
+        "CONCAT(#{parent.table_name}.firstname, ' ', #{parent.table_name}.lastname)"
+      )
+    end
+
     def self.default
       new(country: DefaultCountry.country)
     end

app/models/spree/adjustment.rb

@@ -42,9 +42,6 @@ module Spree
     belongs_to :order, class_name: "Spree::Order"
     belongs_to :tax_category, class_name: 'Spree::TaxCategory'
 
-    belongs_to :tax_rate, -> { where spree_adjustments: { originator_type: 'Spree::TaxRate' } },
-               foreign_key: 'originator_id'
-
     validates :label, presence: true
     validates :amount, numericality: true
 

app/models/spree/app_configuration.rb

@@ -88,7 +88,6 @@ module Spree
     # Default mail headers settings
     preference :mails_from, :string, default: 'ofn@example.com'
     preference :mail_bcc, :string, default: 'ofn@example.com'
-    preference :intercept_email, :string, default: nil
 
     # Default smtp settings
     preference :mail_host, :string, default: 'localhost'

app/models/spree/image.rb

@@ -11,8 +11,10 @@ module Spree
 
     has_one_attached :attachment
 
-    validates :attachment, attached: true, 
-      content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+    validates :attachment,
+              attached: true,
+              processable_image: true,
+              content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
     validate :no_attachment_errors
 
     def variant(name)

app/models/spree/order.rb

@@ -62,6 +62,13 @@ module Spree
     has_many :line_item_adjustments, through: :line_items, source: :adjustments
     has_many :shipment_adjustments, through: :shipments, source: :adjustments
     has_many :all_adjustments, class_name: 'Spree::Adjustment', dependent: :destroy
+    has_many :voucher_adjustments,
+             -> {
+               where(originator_type: 'Voucher')
+                 .order("#{Spree::Adjustment.table_name}.created_at ASC")
+             },
+             class_name: 'Spree::Adjustment',
+             dependent: :destroy
 
     belongs_to :order_cycle
     belongs_to :distributor, class_name: 'Enterprise'
@@ -97,6 +104,8 @@ module Spree
     validates :email, presence: true,
                       format: /\A([\w.%+\-']+)@([\w\-]+\.)+(\w{2,})\z/i,
                       if: :require_email
+    validates :order_cycle, presence: true, on: :set_distribution_step
+    validates :distributor, presence: true, on: :set_distribution_step
 
     make_permalink field: :number
 

app/models/spree/order_inventory.rb

@@ -63,7 +63,7 @@ module Spree
     # first unshipped that's leaving from a stock_location that stocks this variant
     def determine_target_shipment(variant)
       target_shipment = order.shipments.detect do |shipment|
-        (shipment.ready? || shipment.pending?) && shipment.include?(variant)
+        (shipment.ready? || shipment.pending?) && shipment.contains?(variant)
       end
 
       target_shipment || order.shipments.detect do |shipment|

app/models/spree/payment_method.rb

@@ -17,6 +17,7 @@ module Spree
 
     validates :name, presence: true
     validate :distributor_validation
+    validates_associated :calculator
 
     after_initialize :init
 
@@ -40,9 +41,8 @@ module Spree
       where(id: non_unique_matches.map(&:id))
     }
 
-    scope :for_distributor, lambda { |distributor|
-      joins(:distributors).
-        where('enterprises.id = ?', distributor)
+    scope :for_distributor, ->(distributor) {
+      joins(:distributors).where('enterprises.id = ?', distributor)
     }
 
     scope :for_subscriptions, -> { where(type: Subscription::ALLOWED_PAYMENT_METHOD_TYPES) }

app/models/spree/preference.rb

@@ -22,7 +22,8 @@ module Spree
         when :password
           self[:value].to_s
         when :decimal
-          BigDecimal(self[:value].to_s).round(2, BigDecimal::ROUND_HALF_UP)
+          BigDecimal(self[:value].to_s, exception: false)&.round(2, BigDecimal::ROUND_HALF_UP) ||
+            self[:value]
         when :integer
           self[:value].to_i
         when :boolean

app/models/spree/preferences/preferable.rb

@@ -117,7 +117,7 @@ module Spree
           value.to_s
         when :decimal
           value = 0 if value.blank?
-          BigDecimal(value.to_s).round(2, BigDecimal::ROUND_HALF_UP)
+          BigDecimal(value.to_s, exception: false)&.round(2, BigDecimal::ROUND_HALF_UP) || value
         when :integer
           value.to_i
         when :boolean

app/models/spree/product.rb

@@ -114,6 +114,7 @@ module Spree
               presence: { if: ->(p) { %w(weight volume).include? p.variant_unit } }
     validates :variant_unit_name,
               presence: { if: ->(p) { p.variant_unit == 'items' } }
+    validate :validate_image_for_master
 
     attr_accessor :option_values_hash
 
@@ -474,5 +475,11 @@ module Spree
       requested = permalink.presence || permalink_was.presence || name.presence || 'product'
       self.permalink = create_unique_permalink(requested.parameterize)
     end
+
+    def validate_image_for_master
+      return if master.images.all?(&:valid?)
+
+      errors.add(:base, I18n.t('spree.admin.products.image_not_processable'))
+    end
   end
 end

app/models/spree/shipment.rb

@@ -246,7 +246,7 @@ module Spree
       @tracking_url ||= shipping_method.build_tracking_url(tracking)
     end
 
-    def include?(variant)
+    def contains?(variant)
       inventory_units_for(variant).present?
     end
 

app/models/spree/shipping_method.rb

@@ -61,7 +61,7 @@ module Spree
     # Here we allow checkout with shipping methods without zones (see issue #3928 for details)
     #   and also checkout with addresses outside of the zones of the selected shipping method
     # This method could be used, like in Spree, to validate shipping method zones on checkout.
-    def include?(address)
+    def delivers_to?(address)
       address.present?
     end
 

app/models/spree/tax_rate.rb

@@ -69,7 +69,8 @@ module Spree
       return 0 unless category
 
       address ||= Address.new(country_id: DefaultCountry.id)
-      rate = category.tax_rates.detect { |tax_rate| tax_rate.zone.include? address }.try(:amount)
+      rate = category.tax_rates
+        .detect { |tax_rate| tax_rate.zone.contains_address? address }.try(:amount)
 
       rate || 0
     end

app/models/spree/zone.rb

@@ -24,7 +24,7 @@ module Spree
       # do nothing - just here to satisfy the form
     end
 
-    def include?(address)
+    def contains_address?(address)
       return false unless address
 
       members.any? do |zone_member|
@@ -44,7 +44,7 @@ module Spree
     def self.match(address)
       return unless matches = includes(:zone_members).
         order('zone_members_count', 'created_at').
-        select { |zone| zone.include? address }
+        select { |zone| zone.contains_address? address }
 
       ['state', 'country'].each do |zone_kind|
         if match = matches.detect { |zone| zone_kind == zone.kind }

app/models/voucher.rb

@@ -1,8 +1,15 @@
 # frozen_string_literal: false
 
 class Voucher < ApplicationRecord
+  acts_as_paranoid
+
   belongs_to :enterprise
 
+  has_many :adjustments,
+           as: :originator,
+           class_name: 'Spree::Adjustment',
+           dependent: :nullify
+
   validates :code, presence: true, uniqueness: { scope: :enterprise_id }
 
   def value
@@ -12,4 +19,31 @@ class Voucher < ApplicationRecord
   def display_value
     Spree::Money.new(value)
   end
+
+  # Ideally we would use `include CalculatedAdjustments` to be consistent with other adjustments,
+  # but vouchers have complicated calculation so we can't easily use Spree::Calculator. We keep
+  # the same method to stay as consistent as possible.
+  #
+  # Creates a new voucher adjustment for the given order
+  def create_adjustment(label, order)
+    amount = compute_amount(order)
+
+    adjustment_attributes = {
+      amount: amount,
+      originator: self,
+      order: order,
+      label: label,
+      mandatory: false,
+      state: "open",
+      tax_category: nil
+    }
+
+    order.adjustments.create(adjustment_attributes)
+  end
+
+  # We limit adjustment to the maximum amount needed to cover the order, ie if the voucher
+  # covers more than the order.total we only need to create an adjustment covering the order.total
+  def compute_amount(order)
+    -value.clamp(0, order.total)
+  end
 end

app/reflexes/bulk_actions_in_orders_list_reflex.rb

@@ -2,7 +2,7 @@
 
 class BulkActionsInOrdersListReflex < ApplicationReflex
   def resend_confirmation_email(order_ids)
-    orders(order_ids).find_each do |o|
+    editable_orders.where(id: order_ids).find_each do |o|
       Spree::OrderMailer.confirm_email_for_customer(o.id, true).deliver_later if can? :resend, o
     end
 
@@ -11,7 +11,7 @@ class BulkActionsInOrdersListReflex < ApplicationReflex
 
   def send_invoice(order_ids)
     count = 0
-    orders(order_ids).find_each do |o|
+    editable_orders.where(id: order_ids).find_each do |o|
       next unless o.distributor.can_invoice? && (o.resumed? || o.complete?)
 
       Spree::OrderMailer.invoice_email(o.id).deliver_later
@@ -29,7 +29,7 @@ class BulkActionsInOrdersListReflex < ApplicationReflex
     morph "#flashes", render(partial: "shared/flashes", locals: { flashes: flash })
   end
 
-  def orders(order_ids)
-    Spree::Order.where(id: order_ids)
+  def editable_orders
+    Permissions::Order.new(current_user).editable_orders
   end
 end

app/reflexes/cancel_orders_reflex.rb

@@ -2,7 +2,7 @@
 
 class CancelOrdersReflex < ApplicationReflex
   def confirm(params)
-    OrdersBulkCancelService.new(params).call
+    OrdersBulkCancelService.new(params, current_user).call
     cable_ready.dispatch_event(name: "modal:close")
     # flash[:success] = Spree.t(:order_updated)
   end

app/reflexes/concerns/enterprise_concern.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module EnterpriseConcern
+  extend ActiveSupport::Concern
+
+  included do
+    before_reflex do
+      @enterprise = Enterprise.find_by(permalink: params[:id])
+      authorize! :update, @enterprise
+    end
+  end
+end

app/reflexes/white_label_reflex.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+class WhiteLabelReflex < ApplicationReflex
+  include EnterpriseConcern
+  delegate :view_context, to: :controller
+
+  def remove_logo
+    @enterprise.update!(white_label_logo: nil)
+    # delete the white_label_logo_link attribute as well since it has no meaning without the logo
+    @enterprise.update!(white_label_logo_link: "")
+
+    f = ActionView::Helpers::FormBuilder.new(:enterprise, @enterprise, view_context, {})
+
+    html = with_locale {
+      render(partial: "admin/enterprises/form/white_label",
+             locals: { f: f, enterprise: @enterprise })
+    }
+    morph "#white_label_panel", html
+
+    flash[:success] = with_locale {
+      I18n.t("admin.enterprises.form.white_label.remove_logo_success")
+    }
+    cable_ready.dispatch_event(name: "modal:close")
+    morph "#flashes", render(partial: "shared/flashes", locals: { flashes: flash })
+  end
+end

app/serializers/api/admin/enterprise_serializer.rb

@@ -14,7 +14,8 @@ module Api
                  :logo, :promo_image, :terms_and_conditions,
                  :terms_and_conditions_file_name, :terms_and_conditions_updated_at,
                  :preferred_invoice_order_by_supplier, :preferred_product_low_stock_display,
-                 :visible, :hide_ofn_navigation
+                 :visible, :hide_ofn_navigation, :white_label_logo,
+                 :white_label_logo_link
 
       has_one :owner, serializer: Api::Admin::UserSerializer
       has_many :users, serializer: Api::Admin::UserSerializer
@@ -29,6 +30,10 @@ module Api
         attachment_urls(object.promo_image, Enterprise::PROMO_IMAGE_SIZES)
       end
 
+      def white_label_logo
+        attachment_urls(object.white_label_logo, Enterprise::WHITE_LABEL_LOGO_SIZES)
+      end
+
       def terms_and_conditions
         return unless object.terms_and_conditions.attached?
 

app/serializers/api/admin/order_serializer.rb

@@ -3,8 +3,10 @@
 module Api
   module Admin
     class OrderSerializer < ActiveModel::Serializer
-      attributes :id, :number, :user_id, :full_name, :email, :phone, :completed_at,
-                 :completed_at_utc_iso8601, :display_total,
+      include AddressDisplay
+
+      attributes :id, :number, :user_id, :full_name, :full_name_for_sorting, :email, :phone,
+                 :completed_at, :completed_at_utc_iso8601, :display_total,
                  :edit_path, :state, :payment_state, :shipment_state,
                  :payments_path, :ready_to_ship, :ready_to_capture, :created_at,
                  :distributor_name, :special_instructions, :display_outstanding_balance,
@@ -17,6 +19,14 @@ module Api
         object.billing_address.nil? ? "" : ( object.billing_address.full_name || "" )
       end
 
+      def first_name
+        object.billing_address&.first_name || ""
+      end
+
+      def last_name
+        object.billing_address&.last_name || ""
+      end
+
       def distributor_name
         object.distributor&.name
       end