Update en.yml

Removing mentions about UFC Que choisir and changing the link

.env.development

@@ -6,9 +6,9 @@
 #     cp .env.development .env.local
 
 # Locale for translation. Using a locale other than `en` tests the
-# successful fallback to `en`. To see up-to-date text used in production,
-# set another locale in a local env file.
-LOCALE="en_TST"
+# successful fallback to `en`. You will also see up-to-date text used
+# in production
+LOCALE="en_AU"
 
 VERBOSE_QUERY_LOGS=true
 
@@ -16,9 +16,8 @@ SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 
 OFN_REDIS_URL="redis://localhost:6379/1"
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"
-OFN_REDIS_CABLE_URL="redis://localhost:6379/0"
 
-SITE_URL="localhost:3000"
+SITE_URL="0.0.0.0:3000"
 
 # Deactivate rack-timeout in development.
 # https://github.com/zombocom/rack-timeout#configuring

.env.test

@@ -1,9 +1,8 @@
 # ENV vars for the test environment
 # Override locally with `.env.test.local`
 
-# Locale for translation. Using a locale other than `en` tests the
-# successful fallback to `en`.
-LOCALE="en_TST"
+# Locale for translation.
+LOCALE="en_TEST"
 
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"
 
@@ -16,10 +15,6 @@ STRIPE_PUBLIC_TEST_API_KEY="bogus_stripe_publishable_key"
 
 SITE_URL="test.host"
 
-# OIDC Settings for DFC authentication
-# Find secrets in BitWarden.
-# To get a refresh token: log into the OIDC provider, connect your OFN user to it at /admin/oidc_settings, then copy the token from the database:
-#  ./bin/rails runner 'puts "OPENID_REFRESH_TOKEN=\"#{OidcAccount.last.refresh_token}\""'
 OPENID_APP_ID="test-provider"
 OPENID_APP_SECRET="dummy-openid-app-secret-token"
 OPENID_REFRESH_TOKEN="dummy-refresh-token"

.github/ISSUE_TEMPLATE/release.md

@@ -13,7 +13,6 @@ assignees: ''
 - [ ] Include translations: `script/release/update_locales`
     - You need the [Transifex Client] installed on your local dev environement to run the script.
 - [ ] Increment version number: `git push upstream HEAD:refs/tags/vX.Y.Z`
-    Check for [minor or major breaking changes]
     - Major: if server changes are required (eg. provision with ofn-install)
     - Minor: larger change that is irreversible (eg. migration deleting data)
     - Patch: all others. Shortcut: `script/release/tag`
@@ -57,4 +56,3 @@ The full process is described at https://github.com/openfoodfoundation/openfoodn
 [Create issue]: https://github.com/openfoodfoundation/openfoodnetwork/issues/new?assignees=&labels=&projects=&template=release.md&title=Release
 [#delivery-circle]: https://openfoodnetwork.slack.com/archives/C01T75H6G0Z
 [Transifex Client]: https://developers.transifex.com/docs/cli
-[minor or major breaking changes]: https://github.com/openfoodfoundation/openfoodnetwork/pulls?q=label%3A%22breaking+change%22%2C%22major+breaking+change%22

.github/release.yml

@@ -14,12 +14,6 @@ changelog:
           - technical changes only
           - user facing changes
 
-    # These will require a minor or major version increment
-    - title: "Significant changes 🚀"
-      labels:
-        - breaking change
-        - major breaking change
-
     # Posted in advance for #instance-managers
     - title: "User-facing changes 👀"
       labels:

.github/workflows/build.yml

@@ -38,10 +38,10 @@ jobs:
         # [n] - where the n is a number of parallel jobs you want to run your tests on.
         # Use a higher number if you have slow tests to split them between more parallel jobs.
         # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [4]
+        ci_node_total: [8]
         # Indexes for parallel jobs (starting from zero).
         # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3]
+        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7]
     steps:
       - uses: actions/checkout@v3
 
@@ -66,7 +66,7 @@ jobs:
 
       - name: Set up database
         run: |
-          bin/rails db:create db:schema:load
+          bin/rake db:create db:schema:load
 
       - name: Run tests
         env:
@@ -84,7 +84,7 @@ jobs:
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb}"
         run: |
           git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-          bin/rails assets:precompile knapsack_pro:rspec
+          bin/rake knapsack_pro:rspec
 
       - name: Save SimpleCov file
         uses: actions/upload-artifact@v4
@@ -116,10 +116,10 @@ jobs:
         # [n] - where the n is a number of parallel jobs you want to run your tests on.
         # Use a higher number if you have slow tests to split them between more parallel jobs.
         # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [2]
+        ci_node_total: [4]
         # Indexes for parallel jobs (starting from zero).
         # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1]
+        ci_node_index: [0, 1, 2, 3]
     steps:
       - uses: actions/checkout@v3
 
@@ -135,7 +135,7 @@ jobs:
 
       - name: Set up database
         run: |
-          bin/rails db:create db:schema:load
+          bin/rake db:create db:schema:load
 
       - name: Run tests
         env:
@@ -184,10 +184,10 @@ jobs:
         # [n] - where the n is a number of parallel jobs you want to run your tests on.
         # Use a higher number if you have slow tests to split them between more parallel jobs.
         # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [10]
+        ci_node_total: [14]
         # Indexes for parallel jobs (starting from zero).
         # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]
+        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13]
     steps:
       - uses: actions/checkout@v3
 
@@ -211,7 +211,7 @@ jobs:
 
       - name: Set up database
         run: |
-          bin/rails db:create db:schema:load
+          bin/rake db:create db:schema:load
 
       - name: Run tests
 
@@ -230,7 +230,7 @@ jobs:
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/admin/**/*_spec.rb}"
 
         run: |
-          bin/rails assets:precompile knapsack_pro:queue:rspec
+          bin/rake knapsack_pro:queue:rspec
 
       - name: Save SimpleCov file
         uses: actions/upload-artifact@v4
@@ -271,10 +271,10 @@ jobs:
         # [n] - where the n is a number of parallel jobs you want to run your tests on.
         # Use a higher number if you have slow tests to split them between more parallel jobs.
         # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [6]
+        ci_node_total: [12]
         # Indexes for parallel jobs (starting from zero).
         # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3, 4, 5]
+        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11]
     steps:
       - uses: actions/checkout@v3
 
@@ -298,7 +298,7 @@ jobs:
 
       - name: Set up database
         run: |
-          bin/rails db:create db:schema:load
+          bin/rake db:create db:schema:load
 
       - name: Run tests
 
@@ -317,7 +317,7 @@ jobs:
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/consumer/**/*_spec.rb}"
 
         run: |
-          bin/rails assets:precompile knapsack_pro:queue:rspec
+          bin/rake knapsack_pro:queue:rspec
 
       - name: Save SimpleCov file
         uses: actions/upload-artifact@v4
@@ -386,7 +386,7 @@ jobs:
 
       - name: Set up database
         run: |
-          bin/rails db:create db:schema:load
+          bin/rake db:create db:schema:load
 
       - name: Run tests
 
@@ -405,7 +405,7 @@ jobs:
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/lib/**/*_spec.rb,spec/migrations/**/*_spec.rb,spec/serializers/**/*_spec.rb,engines/**/*_spec.rb}"
 
         run: |
-          bin/rails assets:precompile knapsack_pro:rspec
+          bin/rake knapsack_pro:rspec
 
       - name: Save SimpleCov file
         uses: actions/upload-artifact@v4
@@ -437,10 +437,10 @@ jobs:
         # [n] - where the n is a number of parallel jobs you want to run your tests on.
         # Use a higher number if you have slow tests to split them between more parallel jobs.
         # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [3]
+        ci_node_total: [5]
         # Indexes for parallel jobs (starting from zero).
         # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2]
+        ci_node_index: [0, 1, 2, 3, 4]
     steps:
       - uses: actions/checkout@v3
 
@@ -465,7 +465,7 @@ jobs:
 
       - name: Set up database
         run: |
-          bin/rails db:create db:schema:load
+          bin/rake db:create db:schema:load
 
       - name: Run tests
         env:
@@ -482,7 +482,7 @@ jobs:
           #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
           KNAPSACK_PRO_TEST_FILE_EXCLUDE_PATTERN: "{engines/**/*_spec.rb,spec/models/**/*_spec.rb,spec/controllers/**/*_spec.rb,spec/serializers/**/*_spec.rb,spec/lib/**/*_spec.rb,spec/migrations/**/*_spec.rb,spec/system/**/*_spec.rb}"
         run: |
-          bin/rails assets:precompile knapsack_pro:rspec
+          bin/rake knapsack_pro:rspec
 
       - name: Save SimpleCov file
         uses: actions/upload-artifact@v4
@@ -553,6 +553,7 @@ jobs:
         with:
           pattern: simplecov-chunk-*
           path: tmp/simplecov
+          merge-multiple: true
 
       - name: collate results from each of the workers
         run: bundle exec rake 'simplecov:collate_results[tmp/simplecov]'

.github/workflows/linters.yml

@@ -24,7 +24,7 @@ jobs:
           level: error
           filter_mode: nofilter
           use_bundler: true
-          fail_level: any
+          fail_on_error: true
   prettier:
     name: runner / prettier
     runs-on: ubuntu-latest

.rubocop_styleguide.yml

@@ -3,14 +3,10 @@
 # These are the rules we agreed upon and we work towards.
 AllCops:
   NewCops: enable
-  MigratedSchemaVersion: "20250111000000"
   Exclude:
     - bin/**/*
+    - db/**/*
     - config/**/*
-    - db/bad_migrations/*
-    - db/migrate/201*
-    - db/migrate/202[0-4]*
-    - db/schema.rb
     - script/**/*
     - vendor/**/*
     - node_modules/**/*
@@ -115,10 +111,6 @@ Rails/ApplicationRecord:
 Rails/HasAndBelongsToMany:
   Enabled: false
 
-# Cf. conversation https://github.com/openfoodfoundation/openfoodnetwork/pull/13251
-Rails/LexicallyScopedActionFilter:
-  Enabled: false
-
 Rails/OutputSafety:
   Exclude:
     - spec/**/*

.rubocop_todo.yml

@@ -6,6 +6,85 @@
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Layout/EmptyLines:
+  Exclude:
+    - 'app/services/products_renderer.rb'
+
+# Offense count: 16
+# Configuration parameters: AllowComments, AllowEmptyLambdas.
+Lint/EmptyBlock:
+  Exclude:
+    - 'engines/catalog/config/routes.rb'
+    - 'spec/components/distributor_title_component_spec.rb'
+    - 'spec/components/example_component_spec.rb'
+    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
+    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
+    - 'spec/controllers/concerns/extra_fields_spec.rb'
+    - 'spec/factories.rb'
+    - 'spec/factories/enterprise_factory.rb'
+    - 'spec/jobs/order_cycle_opened_job_spec.rb'
+    - 'spec/jobs/subscription_placement_job_spec.rb'
+    - 'spec/models/product_import/entry_validator_spec.rb'
+
+# Offense count: 4
+# Configuration parameters: AllowComments.
+Lint/EmptyClass:
+  Exclude:
+    - 'spec/lib/reports/report_loader_spec.rb'
+
+# Offense count: 1
+# Configuration parameters: AllowComments.
+Lint/EmptyFile:
+  Exclude:
+    - 'spec/lib/open_food_network/enterprise_injection_data_spec.rb'
+
+# Offense count: 2
+Lint/FloatComparison:
+  Exclude:
+    - 'app/models/product_import/entry_validator.rb'
+    - 'app/models/spree/gateway/pay_pal_express.rb'
+
+# Offense count: 1
+Lint/IneffectiveAccessModifier:
+  Exclude:
+    - 'app/models/spree/user.rb'
+
+# Offense count: 1
+Lint/NoReturnInBeginEndBlocks:
+  Exclude:
+    - 'app/controllers/payment_gateways/stripe_controller.rb'
+
+# Offense count: 4
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Lint/RedundantDirGlobSort:
+  Exclude:
+    - 'engines/catalog/spec/spec_helper.rb'
+    - 'engines/dfc_provider/spec/spec_helper.rb'
+    - 'spec/base_spec_helper.rb'
+    - 'spec/system_helper.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AllowedMethods.
+# AllowedMethods: instance_of?, kind_of?, is_a?, eql?, respond_to?, equal?, presence, present?
+Lint/RedundantSafeNavigation:
+  Exclude:
+    - 'app/models/spree/payment.rb'
+
+# Offense count: 1
+Lint/SelfAssignment:
+  Exclude:
+    - 'app/models/spree/order/checkout.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AutoCorrect.
+Lint/UselessMethodDefinition:
+  Exclude:
+    - 'app/models/spree/gateway.rb'
+
 # Offense count: 24
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes, Max.
 Metrics/AbcSize:
@@ -13,6 +92,7 @@ Metrics/AbcSize:
     - 'app/controllers/admin/enterprises_controller.rb'
     - 'app/controllers/payment_gateways/paypal_controller.rb'
     - 'app/controllers/spree/admin/payments_controller.rb'
+    - 'app/controllers/spree/admin/taxons_controller.rb'
     - 'app/controllers/spree/admin/variants_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/helpers/spree/admin/navigation_helper.rb'
@@ -47,7 +127,7 @@ Metrics/BlockNesting:
   Exclude:
     - 'app/models/spree/payment/processing.rb'
 
-# Offense count: 47
+# Offense count: 46
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ClassLength:
   Exclude:
@@ -57,7 +137,6 @@ Metrics/ClassLength:
     - 'app/controllers/admin/resource_controller.rb'
     - 'app/controllers/admin/subscriptions_controller.rb'
     - 'app/controllers/application_controller.rb'
-    - 'app/controllers/checkout_controller.rb'
     - 'app/controllers/payment_gateways/paypal_controller.rb'
     - 'app/controllers/spree/admin/orders_controller.rb'
     - 'app/controllers/spree/admin/payment_methods_controller.rb'
@@ -89,7 +168,6 @@ Metrics/ClassLength:
     - 'app/services/cart_service.rb'
     - 'app/services/order_cycles/form_service.rb'
     - 'app/services/orders/sync_service.rb'
-    - 'app/services/sets/product_set.rb'
     - 'engines/order_management/app/services/order_management/order/updater.rb'
     - 'lib/open_food_network/enterprise_fee_calculator.rb'
     - 'lib/open_food_network/order_cycle_form_applicator.rb'
@@ -100,12 +178,12 @@ Metrics/ClassLength:
     - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
     - 'lib/reporting/reports/xero_invoices/base.rb'
 
-# Offense count: 30
+# Offense count: 32
 # Configuration parameters: AllowedMethods, AllowedPatterns, Max.
 Metrics/CyclomaticComplexity:
   Exclude:
     - 'app/controllers/admin/enterprises_controller.rb'
-    - 'app/controllers/spree/admin/payments_controller.rb'
+    - 'app/controllers/spree/admin/taxons_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/helpers/checkout_helper.rb'
     - 'app/helpers/order_cycles_helper.rb'
@@ -121,6 +199,7 @@ Metrics/CyclomaticComplexity:
     - 'app/models/spree/preferences/preferable_class_methods.rb'
     - 'app/models/spree/return_authorization.rb'
     - 'app/models/spree/tax_rate.rb'
+    - 'app/models/spree/variant.rb'
     - 'app/models/spree/zone.rb'
     - 'lib/open_food_network/enterprise_issue_validator.rb'
     - 'lib/reporting/reports/xero_invoices/base.rb'
@@ -129,12 +208,13 @@ Metrics/CyclomaticComplexity:
     - 'lib/spree/localized_number.rb'
     - 'spec/models/product_importer_spec.rb'
 
-# Offense count: 23
+# Offense count: 24
 # Configuration parameters: CountComments, Max, CountAsOne, AllowedMethods, AllowedPatterns.
 Metrics/MethodLength:
   Exclude:
     - 'app/controllers/admin/enterprises_controller.rb'
     - 'app/controllers/payment_gateways/paypal_controller.rb'
+    - 'app/controllers/spree/admin/taxons_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/helpers/spree/admin/navigation_helper.rb'
     - 'app/models/spree/ability.rb'
@@ -213,17 +293,19 @@ Metrics/ParameterLists:
     - 'spec/support/controller_requests_helper.rb'
     - 'spec/system/admin/reports_spec.rb'
 
-# Offense count: 3
+# Offense count: 4
 # Configuration parameters: AllowedMethods, AllowedPatterns, Max.
 Metrics/PerceivedComplexity:
   Exclude:
+    - 'app/controllers/spree/admin/taxons_controller.rb'
     - 'app/models/enterprise_relationship.rb'
     - 'app/models/spree/ability.rb'
     - 'app/models/spree/order/checkout.rb'
 
-# Offense count: 7
+# Offense count: 8
 Naming/AccessorMethodName:
   Exclude:
+    - 'app/controllers/spree/admin/taxonomies_controller.rb'
     - 'app/mailers/producer_mailer.rb'
     - 'app/models/spree/order.rb'
     - 'app/services/checkout/post_checkout_actions.rb'
@@ -255,7 +337,7 @@ Naming/MethodParameterName:
   Exclude:
     - 'app/services/process_payment_intent.rb'
 
-# Offense count: 26
+# Offense count: 28
 # Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
 # SupportedStyles: snake_case, normalcase, non_integer
 # AllowedIdentifiers: capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
@@ -266,11 +348,12 @@ Naming/VariableNumber:
     - 'app/models/preference_sections/main_links_section.rb'
     - 'lib/spree/core/controller_helpers/common.rb'
     - 'spec/controllers/spree/admin/search_controller_spec.rb'
+    - 'spec/factories/stock_location_factory.rb'
     - 'spec/models/spree/stock_item_spec.rb'
     - 'spec/models/spree/tax_rate_spec.rb'
     - 'spec/requests/api/orders_spec.rb'
 
-# Offense count: 144
+# Offense count: 142
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: ResponseMethods.
 # ResponseMethods: response, last_response
@@ -474,6 +557,81 @@ RSpecRails/InferredSpecType:
     - 'spec/requests/voucher_adjustments_spec.rb'
     - 'spec/routing/stripe_spec.rb'
 
+# Offense count: 22
+# Configuration parameters: IgnoreScopes, Include.
+# Include: app/models/**/*.rb
+Rails/InverseOf:
+  Exclude:
+    - 'app/models/enterprise.rb'
+    - 'app/models/order_cycle.rb'
+    - 'app/models/spree/country.rb'
+    - 'app/models/spree/inventory_unit.rb'
+    - 'app/models/spree/line_item.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/payment.rb'
+    - 'app/models/spree/price.rb'
+    - 'app/models/spree/product.rb'
+    - 'app/models/spree/stock_item.rb'
+    - 'app/models/spree/taxonomy.rb'
+    - 'app/models/spree/variant.rb'
+    - 'app/models/subscription_line_item.rb'
+
+# Offense count: 35
+# Configuration parameters: Include.
+# Include: app/controllers/**/*.rb, app/mailers/**/*.rb
+Rails/LexicallyScopedActionFilter:
+  Exclude:
+    - 'app/controllers/admin/enterprise_groups_controller.rb'
+    - 'app/controllers/admin/enterprises_controller.rb'
+    - 'app/controllers/admin/order_cycles_controller.rb'
+    - 'app/controllers/admin/producer_properties_controller.rb'
+    - 'app/controllers/admin/product_import_controller.rb'
+    - 'app/controllers/admin/schedules_controller.rb'
+    - 'app/controllers/admin/subscriptions_controller.rb'
+    - 'app/controllers/concerns/checkout_callbacks.rb'
+    - 'app/controllers/registration_controller.rb'
+    - 'app/controllers/spree/admin/adjustments_controller.rb'
+    - 'app/controllers/spree/admin/payment_methods_controller.rb'
+    - 'app/controllers/spree/admin/payments_controller.rb'
+    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/controllers/spree/admin/return_authorizations_controller.rb'
+    - 'app/controllers/spree/admin/search_controller.rb'
+    - 'app/controllers/spree/admin/shipping_methods_controller.rb'
+    - 'app/controllers/spree/admin/users_controller.rb'
+    - 'app/controllers/spree/admin/zones_controller.rb'
+    - 'app/controllers/spree/users_controller.rb'
+
+# Offense count: 56
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: Include.
+# Include: spec/controllers/**/*.rb, spec/requests/**/*.rb, test/controllers/**/*.rb, test/integration/**/*.rb
+Rails/ResponseParsedBody:
+  Exclude:
+    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/customers_controller_spec.rb'
+    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
+    - 'spec/controllers/admin/proxy_orders_controller_spec.rb'
+    - 'spec/controllers/admin/schedules_controller_spec.rb'
+    - 'spec/controllers/admin/stripe_accounts_controller_spec.rb'
+    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
+    - 'spec/controllers/cart_controller_spec.rb'
+    - 'spec/controllers/line_items_controller_spec.rb'
+    - 'spec/controllers/spree/admin/search_controller_spec.rb'
+    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
+    - 'spec/controllers/user_registrations_controller_spec.rb'
+
+# Offense count: 7
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: strict, flexible
+Rails/TimeZone:
+  Exclude:
+    - 'app/models/spree/gateway/pay_pal_express.rb'
+    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
+    - 'spec/services/order_cycles/webhook_service_spec.rb'
+    - 'spec/services/orders/customer_cancellation_service_spec.rb'
+
 # Offense count: 1
 # Configuration parameters: TransactionMethods.
 Rails/TransactionExitStatement:
@@ -508,6 +666,13 @@ Style/ArrayIntersect:
     - 'lib/open_food_network/tag_rule_applicator.rb'
     - 'spec/support/matchers/select2_matchers.rb'
 
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowOnConstant, AllowOnSelfClass.
+Style/CaseEquality:
+  Exclude:
+    - 'spec/models/spree/payment_spec.rb'
+
 # Offense count: 23
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
@@ -537,7 +702,25 @@ Style/ClassAndModuleChildren:
     - 'lib/open_food_network/locking.rb'
     - 'spec/models/spree/payment_method_spec.rb'
 
-# Offense count: 10
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: always, always_true, never
+Style/FrozenStringLiteralComment:
+  Exclude:
+    - '.simplecov'
+
+# Offense count: 6
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Style/GlobalStdStream:
+  Exclude:
+    - 'lib/tasks/data.rake'
+    - 'lib/tasks/missing_payments.rake'
+    - 'lib/tasks/sample_data/logging.rb'
+    - 'lib/tasks/subscriptions/debug.rake'
+    - 'lib/tasks/subscriptions/test.rake'
+
+# Offense count: 12
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: AllowSplatArgument.
 Style/HashConversion:
@@ -545,7 +728,9 @@ Style/HashConversion:
     - 'app/controllers/admin/column_preferences_controller.rb'
     - 'app/controllers/admin/variant_overrides_controller.rb'
     - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/models/order_cycle.rb'
     - 'app/models/product_import/product_importer.rb'
+    - 'app/models/spree/shipping_method.rb'
     - 'app/serializers/api/admin/exchange_serializer.rb'
     - 'app/services/variants_stock_levels.rb'
     - 'spec/controllers/admin/inventory_items_controller_spec.rb'
@@ -627,6 +812,34 @@ Style/OptionalBooleanParameter:
     - 'lib/spree/core/controller_helpers/order.rb'
     - 'spec/support/request/web_helper.rb'
 
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: short, verbose
+Style/PreferredHashMethods:
+  Exclude:
+    - 'app/controllers/api/v0/shipments_controller.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: Methods.
+Style/RedundantArgument:
+  Exclude:
+    - 'engines/dfc_provider/app/services/authorization_control.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantAssignment:
+  Exclude:
+    - 'spec/models/database_spec.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AutoCorrect, AllowComments.
+Style/RedundantInitialize:
+  Exclude:
+    - 'spec/models/spree/gateway_spec.rb'
+
 # Offense count: 19
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: AllowedMethods, AllowedPatterns.
@@ -635,3 +848,11 @@ Style/ReturnNilInPredicateMethodDefinition:
     - 'app/models/order_cycle.rb'
     - 'app/serializers/api/admin/customer_serializer.rb'
     - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'
+
+# Offense count: 3
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Style/SlicingWithRange:
+  Exclude:
+    - 'app/helpers/spree/admin/navigation_helper.rb'
+    - 'app/services/embedded_page_service.rb'
+    - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'

.simplecov

@@ -1,5 +1,4 @@
 #!/bin/env ruby
-# frozen_string_literal: true
 
 SimpleCov.start 'rails' do
   add_filter '/bin/'

Dockerfile

@@ -1,32 +1,92 @@
-FROM ruby:3.1.4-alpine3.19 AS base
-ENV LANG=C.UTF-8 \
-    LC_ALL=C.UTF-8 \
-    TZ=Europe/London \
-    RAILS_ROOT=/usr/src/app
-RUN apk --no-cache upgrade && \
-    apk add --no-cache tzdata postgresql-client imagemagick imagemagick-jpeg && \
-    apk add --no-cache --virtual wkhtmltopdf
+FROM ubuntu:20.04
 
-WORKDIR $RAILS_ROOT
+ENV TZ Europe/London
 
-# Development dependencies
-FROM base AS development-base
-RUN apk add --no-cache --virtual .build-deps \
-    build-base postgresql-dev git nodejs yarn && \
-    apk add --no-cache --virtual .dev-utils \
-    bash curl less vim chromium-chromedriver zlib-dev openssl-dev \
-    readline-dev yaml-dev sqlite-dev libxml2-dev libxslt-dev libffi-dev vips-dev && \
-    curl -o /usr/local/bin/wait-for-it https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh && \
-    chmod +x /usr/local/bin/wait-for-it
+RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
 
-# Install yarn dependencies separately for caching
-FROM development-base AS yarn-dependencies
-COPY package.json yarn.lock ./
-RUN yarn install --frozen-lockfile
+RUN echo "deb http://security.ubuntu.com/ubuntu bionic-security main" >> /etc/apt/sources.list
 
-# Install Ruby gems
-FROM development-base
-COPY . $RAILS_ROOT
-COPY Gemfile Gemfile.lock ./
-RUN bundle install --jobs "$(nproc)"
-COPY --from=yarn-dependencies $RAILS_ROOT/node_modules ./node_modules
+# Install all the requirements
+RUN apt-get update && apt-get install -y \
+  curl \
+  git \
+  build-essential \
+  software-properties-common \
+  wget \
+  zlib1g-dev \
+  libreadline-dev \
+  libyaml-dev \
+  libffi-dev \
+  libxml2-dev \
+  libxslt1-dev \
+  wait-for-it \
+  imagemagick \
+  unzip \
+  libjemalloc-dev \
+  libssl-dev \
+  ca-certificates \
+  gnupg
+
+# Setup ENV variables
+ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:/usr/local/src/nodenv/shims:/usr/local/src/nodenv/bin:$PATH
+ENV RBENV_ROOT /usr/local/src/rbenv
+ENV NODENV_ROOT /usr/local/src/nodenv
+ENV CONFIGURE_OPTS --disable-install-doc
+ENV BUNDLE_PATH /bundles
+ENV LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so
+
+WORKDIR /usr/src/app
+
+# trim spaces and line return from .ruby-version file
+COPY .ruby-version .ruby-version.raw
+RUN cat .ruby-version.raw | tr -d '\r\t ' > .ruby-version
+
+# Install Rbenv & Ruby
+RUN git clone --depth 1 https://github.com/rbenv/rbenv.git ${RBENV_ROOT} && \
+    git clone --depth 1 https://github.com/rbenv/ruby-build.git ${RBENV_ROOT}/plugins/ruby-build && \
+    echo 'eval "$(rbenv init -)"' >> /etc/profile.d/rbenv.sh && \
+    RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install $(cat .ruby-version) && \
+    rbenv global $(cat .ruby-version)
+
+# Install Postgres
+RUN sh -c "echo 'deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main' >> /etc/apt/sources.list.d/pgdg.list" && \
+    curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null && \
+    apt-get update && \
+    apt-get install -yqq --no-install-recommends postgresql-client-10 libpq-dev
+
+
+# trim spaces and line return from .node-version file
+COPY .node-version .node-version.raw
+RUN cat .node-version.raw | tr -d '\r\t ' > .node-version
+
+# Install Node and Yarn with Nodenv
+RUN git clone --depth 1 https://github.com/nodenv/nodenv.git ${NODENV_ROOT} && \
+    git clone --depth 1 https://github.com/nodenv/node-build.git ${NODENV_ROOT}/plugins/node-build && \
+    git clone --depth 1 https://github.com/pine/nodenv-yarn-install.git ${NODENV_ROOT}/plugins/nodenv-yarn-install && \
+    git clone --depth 1 https://github.com/nodenv/nodenv-package-rehash.git ${NODENV_ROOT}/plugins/nodenv-package-rehash && \
+    echo 'eval "$(nodenv init -)"' >> /etc/profile.d/nodenv.sh && \
+    nodenv install $(cat .node-version) && \
+    nodenv global $(cat .node-version)
+
+# Install Chrome
+RUN wget --quiet -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
+    sh -c "echo 'deb [arch=amd64]  http://dl.google.com/linux/chrome/deb/ stable main' >> /etc/apt/sources.list.d/google-chrome.list" && \
+    apt-get update && \
+    apt-get install -fy google-chrome-stable
+
+# Install Chromedriver
+RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.zip && \
+    unzip chromedriver_linux64.zip -d /usr/bin && \
+    chmod u+x /usr/bin/chromedriver
+
+# Copy code and install app dependencies
+COPY . /usr/src/app/
+
+# Install Bundler
+RUN ./script/install-bundler
+
+# Install front-end dependencies
+RUN yarn install
+
+# Run bundler install in parallel with the amount of available CPUs
+RUN bundle install --jobs="$(nproc)"

Dockerfile.ubuntu

@@ -1,92 +0,0 @@
-FROM ubuntu:20.04
-
-ENV TZ Europe/London
-
-RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
-
-RUN echo "deb http://security.ubuntu.com/ubuntu bionic-security main" >> /etc/apt/sources.list
-
-# Install all the requirements
-RUN apt-get update && apt-get install -y \
-  curl \
-  git \
-  build-essential \
-  software-properties-common \
-  wget \
-  zlib1g-dev \
-  libreadline-dev \
-  libyaml-dev \
-  libffi-dev \
-  libxml2-dev \
-  libxslt1-dev \
-  wait-for-it \
-  imagemagick \
-  unzip \
-  libjemalloc-dev \
-  libssl-dev \
-  ca-certificates \
-  gnupg
-
-# Setup ENV variables
-ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:/usr/local/src/nodenv/shims:/usr/local/src/nodenv/bin:$PATH
-ENV RBENV_ROOT /usr/local/src/rbenv
-ENV NODENV_ROOT /usr/local/src/nodenv
-ENV CONFIGURE_OPTS --disable-install-doc
-ENV BUNDLE_PATH /bundles
-ENV LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so
-
-WORKDIR /usr/src/app
-
-# trim spaces and line return from .ruby-version file
-COPY .ruby-version .ruby-version.raw
-RUN cat .ruby-version.raw | tr -d '\r\t ' > .ruby-version
-
-# Install Rbenv & Ruby
-RUN git clone --depth 1 https://github.com/rbenv/rbenv.git ${RBENV_ROOT} && \
-    git clone --depth 1 https://github.com/rbenv/ruby-build.git ${RBENV_ROOT}/plugins/ruby-build && \
-    echo 'eval "$(rbenv init -)"' >> /etc/profile.d/rbenv.sh && \
-    RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install $(cat .ruby-version) && \
-    rbenv global $(cat .ruby-version)
-
-# Install Postgres
-RUN sh -c "echo 'deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main' >> /etc/apt/sources.list.d/pgdg.list" && \
-    curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null && \
-    apt-get update && \
-    apt-get install -yqq --no-install-recommends postgresql-client-10 libpq-dev
-
-
-# trim spaces and line return from .node-version file
-COPY .node-version .node-version.raw
-RUN cat .node-version.raw | tr -d '\r\t ' > .node-version
-
-# Install Node and Yarn with Nodenv
-RUN git clone --depth 1 https://github.com/nodenv/nodenv.git ${NODENV_ROOT} && \
-    git clone --depth 1 https://github.com/nodenv/node-build.git ${NODENV_ROOT}/plugins/node-build && \
-    git clone --depth 1 https://github.com/pine/nodenv-yarn-install.git ${NODENV_ROOT}/plugins/nodenv-yarn-install && \
-    git clone --depth 1 https://github.com/nodenv/nodenv-package-rehash.git ${NODENV_ROOT}/plugins/nodenv-package-rehash && \
-    echo 'eval "$(nodenv init -)"' >> /etc/profile.d/nodenv.sh && \
-    nodenv install $(cat .node-version) && \
-    nodenv global $(cat .node-version)
-
-# Install Chrome
-RUN wget --quiet -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
-    sh -c "echo 'deb [arch=amd64]  http://dl.google.com/linux/chrome/deb/ stable main' >> /etc/apt/sources.list.d/google-chrome.list" && \
-    apt-get update && \
-    apt-get install -fy google-chrome-stable
-
-# Install Chromedriver
-RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.zip && \
-    unzip chromedriver_linux64.zip -d /usr/bin && \
-    chmod u+x /usr/bin/chromedriver
-
-# Copy code and install app dependencies
-COPY . /usr/src/app/
-
-# Install Bundler
-RUN ./script/install-bundler
-
-# Install front-end dependencies
-RUN yarn install
-
-# Run bundler install in parallel with the amount of available CPUs
-RUN bundle install --jobs="$(nproc)"

Gemfile

@@ -86,7 +86,7 @@ gem "active_model_serializers", "0.8.4"
 gem 'activerecord-session_store'
 gem 'acts-as-taggable-on'
 gem 'angularjs-file-upload-rails', '~> 2.4.1'
-gem 'bigdecimal'
+gem 'bigdecimal', '3.0.2'
 gem 'bootsnap', require: false
 gem 'geocoder'
 gem 'gmaps4rails'
@@ -182,7 +182,6 @@ end
 group :development do
   gem 'debugger-linecache'
   gem 'foreman'
-  gem 'i18n-tasks'
   gem 'listen'
   gem 'pry', '~> 0.13.0'
   gem 'query_count'

Gemfile.lock

@@ -180,7 +180,7 @@ GEM
     base64 (0.2.0)
     bcp47_spec (0.2.1)
     bcrypt (3.1.20)
-    bigdecimal (3.1.8)
+    bigdecimal (3.0.2)
     bindata (2.5.0)
     bindex (0.8.1)
     bootsnap (1.18.3)
@@ -191,7 +191,7 @@ GEM
     bullet (7.1.6)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
-    cable_ready (5.0.6)
+    cable_ready (5.0.5)
       actionpack (>= 5.2)
       actionview (>= 5.2)
       activesupport (>= 5.2)
@@ -246,7 +246,7 @@ GEM
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
-    datafoodconsortium-connector (1.1.0)
+    datafoodconsortium-connector (1.0.0.pre.alpha.13)
       virtual_assembly-semantizer (~> 1.0, >= 1.0.5)
     date (3.3.4)
     debug (1.9.2)
@@ -351,16 +351,6 @@ GEM
       concurrent-ruby (~> 1.0)
     i18n-js (3.9.2)
       i18n (>= 0.6.6)
-    i18n-tasks (1.0.14)
-      activesupport (>= 4.0.2)
-      ast (>= 2.1.0)
-      erubi
-      highline (>= 2.0.0)
-      i18n
-      parser (>= 3.2.2.1)
-      rails-i18n
-      rainbow (>= 2.2.2, < 4.0)
-      terminal-table (>= 1.5.1)
     image_processing (1.12.2)
       mini_magick (>= 4.9.5, < 5)
       ruby-vips (>= 2.0.17, < 3)
@@ -525,14 +515,14 @@ GEM
     psych (5.1.2)
       stringio
     public_suffix (5.0.5)
-    puma (6.5.0)
+    puma (6.4.2)
       nio4r (~> 2.0)
     query_count (1.1.1)
       activerecord (>= 4.2)
       railties (>= 4.2)
     raabro (1.4.0)
     racc (1.8.0)
-    rack (2.2.11)
+    rack (2.2.9)
     rack-mini-profiler (2.3.4)
       rack (>= 1.2.0)
     rack-oauth2 (2.2.1)
@@ -603,9 +593,8 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rdf (3.3.2)
+    rdf (3.3.1)
       bcp47_spec (~> 0.2)
-      bigdecimal (~> 3.1, >= 3.1.5)
       link_header (~> 0.0, >= 0.0.8)
     rdoc (6.6.3.1)
       psych (>= 4.0.0)
@@ -622,8 +611,8 @@ GEM
     responders (3.1.1)
       actionpack (>= 5.2)
       railties (>= 5.2)
-    rexml (3.2.9)
-      strscan
+    rexml (3.2.8)
+      strscan (>= 3.0.9)
     roadie (5.2.1)
       css_parser (~> 1.4)
       nokogiri (~> 1.15)
@@ -658,7 +647,7 @@ GEM
       rspec-support (~> 3.13)
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
-    rspec-sql (0.0.3)
+    rspec-sql (0.0.2)
       activesupport
       rspec
     rspec-support (3.13.1)
@@ -694,10 +683,10 @@ GEM
       rubocop (~> 1.41)
     rubocop-factory_bot (2.25.1)
       rubocop (~> 1.41)
-    rubocop-rails (2.28.0)
+    rubocop-rails (2.24.1)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
-      rubocop (>= 1.52.0, < 2.0)
+      rubocop (>= 1.33.0, < 2.0)
       rubocop-ast (>= 1.31.1, < 2.0)
     rubocop-rspec (2.29.2)
       rubocop (~> 1.40)
@@ -766,29 +755,27 @@ GEM
     state_machines-activerecord (0.9.0)
       activerecord (>= 6.0)
       state_machines-activemodel (>= 0.9.0)
-    stimulus_reflex (3.5.3)
-      actioncable (>= 5.2)
-      actionpack (>= 5.2)
-      actionview (>= 5.2)
-      activesupport (>= 5.2)
+    stimulus_reflex (3.5.1)
+      actioncable (>= 5.2, < 8)
+      actionpack (>= 5.2, < 8)
+      actionview (>= 5.2, < 8)
+      activesupport (>= 5.2, < 8)
       cable_ready (~> 5.0)
       nokogiri (~> 1.0)
       nokogiri-html5-inference (~> 0.3)
       rack (>= 2, < 4)
-      railties (>= 5.2)
+      railties (>= 5.2, < 8)
       redis (>= 4.0, < 6.0)
     stringex (2.8.6)
     stringio (3.1.0)
     stripe (11.1.0)
-    strscan (3.1.2)
+    strscan (3.1.0)
     swd (2.0.3)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
       faraday (~> 2.0)
       faraday-follow_redirects
     temple (0.8.2)
-    terminal-table (4.0.0)
-      unicode-display_width (>= 1.1.1, < 4)
     thor (1.3.1)
     thread-local (1.1.0)
     tilt (2.3.0)
@@ -878,7 +865,7 @@ DEPENDENCIES
   angularjs-rails (= 1.8.0)
   arel-helpers (~> 2.12)
   aws-sdk-s3
-  bigdecimal
+  bigdecimal (= 3.0.2)
   bootsnap
   bugsnag
   bullet
@@ -917,7 +904,6 @@ DEPENDENCIES
   highline (= 2.0.3)
   i18n
   i18n-js (~> 3.9.0)
-  i18n-tasks
   image_processing
   immigrant
   invisible_captcha

Procfile.docker

@@ -1,5 +0,0 @@
-# Foreman Procfile for Docker env. Start all dev server processes with: `bundle exec foreman start -f Procfile.docker`
-
-webpack:    WEBPACKER_DEV_SERVER_HOST=0.0.0.0 ./bin/webpack-dev-server
-sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default
-rails:      WEBPACKER_DEV_SERVER_HOST=0.0.0.0 DEV_CACHING=true bundle exec rails s -p 3000 -b 0.0.0.0

app/assets/javascripts/admin/all.js

@@ -67,5 +67,8 @@
 // foundation
 //= require ../shared/mm-foundation-tpls-0.9.0-20180826174721.min.js
 
+// LocalStorage
+//= require ../shared/angular-local-storage.js
+
 // requires the rest of the JS code in this folder
 //= require_tree .

app/assets/javascripts/admin/bulk_product_update.js.coffee

@@ -307,6 +307,9 @@ filterSubmitProducts = (productsToFilter) ->
             variantHasUpdatableProperty = result.hasUpdatableProperty
             filteredVariants.push filteredVariant  if variantHasUpdatableProperty
 
+        if product.hasOwnProperty("sku")
+          filteredProduct.sku = product.sku
+          hasUpdatableProperty = true
         if product.hasOwnProperty("name")
           filteredProduct.name = product.name
           hasUpdatableProperty = true

app/assets/javascripts/admin/services/key_value_map_store.js.coffee

@@ -0,0 +1,29 @@
+angular.module("admin.indexUtils").factory 'KeyValueMapStore', (localStorageService)->
+  new class KeyValueMapStore
+    localStorageKey: ''
+    storableKeys: []
+
+    constructor: ->
+      localStorageService.setStorageType("sessionStorage")
+
+    getStoredKeyValueMap: ->
+      localStorageService.get(@localStorageKey) || {}
+
+    setStoredValues: (source) ->
+      keyValueMap = {}
+      for key in @storableKeys
+        keyValueMap[key] = source[key]
+      localStorageService.set(@localStorageKey, keyValueMap)
+
+    restoreValues: (target) ->
+      storedKeyValueMap = @getStoredKeyValueMap()
+      
+      return false if _.isEmpty(storedKeyValueMap)  
+      
+      for k,v of storedKeyValueMap
+       target[k] = v
+
+      return true
+
+    clearKeyValueMap: () ->
+      localStorageService.remove(@localStorageKey)

app/assets/javascripts/admin/spree/orders/variant_autocomplete.js.erb

@@ -187,17 +187,18 @@ addVariantFromStockLocation = function() {
   $('#stock_details').hide();
 
   var variant_id = $('input.variant_autocomplete').val();
-  var quantity = $("input.quantity").val();
+  var stock_location_id = $(this).data('stock-location-id');
+  var quantity = $("input.quantity[data-stock-location-id='" + stock_location_id + "']").val();
 
   var shipment = _.find(shipments, function(shipment){
-    return shipment.state == 'ready' || shipment.state == 'pending';
+    return shipment.stock_location_id == stock_location_id && (shipment.state == 'ready' || shipment.state == 'pending');
   });
 
   if(shipment==undefined){
     $.ajax({
       type: "POST",
       url: Spree.url(Spree.routes.orders_api + "/" + order_number + "/shipments.json"),
-      data: { variant_id: variant_id, quantity: quantity }
+      data: { variant_id: variant_id, quantity: quantity, stock_location_id: stock_location_id }
     }).done(function( msg ) {
       window.location.reload();
     }).error(function( msg ) {

app/assets/javascripts/darkswarm/all.js.coffee

@@ -17,6 +17,7 @@
 #= require angular-google-maps.min.js
 #= require ../shared/mm-foundation-tpls-0.9.0-20180826174721.min.js
 #= require ../shared/ng-infinite-scroll.min.js
+#= require ../shared/angular-local-storage.js
 #= require ../shared/angular-slideables.js
 #= require ../shared/shared
 #= require_tree ../shared/directives

app/assets/javascripts/darkswarm/darkswarm.js.coffee

@@ -1,6 +1,7 @@
 angular.module("Darkswarm", [
   'ngResource',
   'mm.foundation',
+  'LocalStorageModule',
   'infinite-scroll',
   'angular-flash.service',
   'templates',

app/assets/javascripts/darkswarm/directives/disable_scroll.js.coffee

@@ -0,0 +1,10 @@
+angular.module('Darkswarm').directive "ofnDisableScroll", ()->
+  # Stops scrolling from incrementing or decrementing input value
+  # Useful for number inputs
+  restrict: 'A'
+  link: (scope, element, attrs)->
+    element.bind 'focus', ->
+      element.bind 'mousewheel', (e)->
+        e.preventDefault()
+    element.bind 'blur', ->
+      element.unbind 'mousewheel'

app/assets/javascripts/darkswarm/directives/integer.js.coffee

@@ -0,0 +1,5 @@
+angular.module('Darkswarm').directive "integer", ->
+  restrict: 'A'
+  link: (scope, elem, attr) ->
+    elem.bind 'input', ->
+      elem.val Math.round(elem.val())

app/assets/javascripts/darkswarm/directives/map_search.js.coffee

@@ -20,13 +20,10 @@ angular.module('Darkswarm').directive 'mapSearch', ($timeout, Search) ->
     $timeout =>
       map = ctrl.getMap()
 
-      if !map
-        alert(t('gmap_load_failure'))
-      else
-        searchBox = scope.createSearchBox map
-        scope.bindSearchResponse map, searchBox
-        scope.biasResults map, searchBox
-        scope.performUrlSearch map
+      searchBox = scope.createSearchBox map
+      scope.bindSearchResponse map, searchBox
+      scope.biasResults map, searchBox
+      scope.performUrlSearch map
 
     scope.createSearchBox = (map) ->
       map.controls[google.maps.ControlPosition.TOP_LEFT].push scope.input

app/assets/javascripts/darkswarm/directives/open_street_map.js.coffee

@@ -13,8 +13,6 @@ angular.module('Darkswarm').directive 'ofnOpenStreetMap', ($window, MapCentreCal
 
     buildMarker = (enterprise, latlng, title) ->
       icon = L.icon
-        iconAnchor: [14, 33]
-        iconSize: [28, 33]
         iconUrl: enterprise.icon
       marker = L.marker latlng,
         draggable:   true,

app/assets/javascripts/darkswarm/directives/render_svg.js.coffee

@@ -0,0 +1,14 @@
+angular.module('Darkswarm').directive "renderSvg", ()->
+  # Magical directive that'll render SVGs from URLs
+  # If only there were a neater way of doing this
+  restrict: 'E'
+  priority: 99
+  template: "<svg-wrapper></svg-wrapper>"
+
+  # Fetch SVG via ajax, inject into page using DOM
+  link: (scope, elem, attr)->
+    if /.svg/.test attr.path # Only do this if we've got an svg
+      $.ajax
+        url: attr.path
+        success: (html)->
+          elem.html($(html).find("svg"))

app/assets/javascripts/darkswarm/directives/scrollto.js.coffee

@@ -0,0 +1,9 @@
+angular.module('Darkswarm').directive "ofnScrollTo", ($location, $anchorScroll)->
+  # Onclick sets $location.hash to attrs.ofnScrollTo
+  # Then triggers anchorScroll
+  restrict: 'A'
+  link: (scope, element, attrs)->
+    element.bind 'click', (ev)->
+      ev.stopPropagation()
+      $location.hash attrs.ofnScrollTo 
+      $anchorScroll()

app/assets/javascripts/darkswarm/services/cart.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').factory 'Cart', (CurrentOrder, Variants, $timeout, $http, $modal, $rootScope, $resource, Messages) ->
+angular.module('Darkswarm').factory 'Cart', (CurrentOrder, Variants, $timeout, $http, $modal, $rootScope, $resource, localStorageService, Messages) ->
   # Handles syncing of current cart/order state to server
   new class Cart
     dirty: false
@@ -113,6 +113,7 @@ angular.module('Darkswarm').factory 'Cart', (CurrentOrder, Variants, $timeout, $
 
     clear: ->
       @line_items = []
+      localStorageService.clearAll() # One day this will have to be moar GRANULAR
 
     isOnlyItemInOrder: (id) =>
       deletedItem = @line_items_finalised.find((item) -> item.id == id)

app/assets/javascripts/shared/angular-local-storage.js

@@ -0,0 +1,546 @@
+/**
+ * An Angular module that gives you access to the browsers local storage
+ * @version v0.5.0 - 2016-08-29
+ * @link https://github.com/grevory/angular-local-storage
+ * @author grevory <greg@gregpike.ca>
+ * @license MIT License, http://www.opensource.org/licenses/MIT
+ */
+(function (window, angular) {
+var isDefined = angular.isDefined,
+  isUndefined = angular.isUndefined,
+  isNumber = angular.isNumber,
+  isObject = angular.isObject,
+  isArray = angular.isArray,
+  extend = angular.extend,
+  toJson = angular.toJson;
+
+angular
+  .module('LocalStorageModule', [])
+  .provider('localStorageService', function() {
+    // You should set a prefix to avoid overwriting any local storage variables from the rest of your app
+    // e.g. localStorageServiceProvider.setPrefix('yourAppName');
+    // With provider you can use config as this:
+    // myApp.config(function (localStorageServiceProvider) {
+    //    localStorageServiceProvider.prefix = 'yourAppName';
+    // });
+    this.prefix = 'ls';
+
+    // You could change web storage type localstorage or sessionStorage
+    this.storageType = 'localStorage';
+
+    // Cookie options (usually in case of fallback)
+    // expiry = Number of days before cookies expire // 0 = Does not expire
+    // path = The web path the cookie represents
+    // secure = Wether the cookies should be secure (i.e only sent on HTTPS requests)
+    this.cookie = {
+      expiry: 30,
+      path: '/',
+      secure: false
+    };
+
+    // Decides wether we should default to cookies if localstorage is not supported.
+    this.defaultToCookie = true;
+
+    // Send signals for each of the following actions?
+    this.notify = {
+      setItem: true,
+      removeItem: false
+    };
+
+    // Setter for the prefix
+    this.setPrefix = function(prefix) {
+      this.prefix = prefix;
+      return this;
+    };
+
+    // Setter for the storageType
+    this.setStorageType = function(storageType) {
+      this.storageType = storageType;
+      return this;
+    };
+    // Setter for defaultToCookie value, default is true.
+    this.setDefaultToCookie = function (shouldDefault) {
+      this.defaultToCookie = !!shouldDefault; // Double-not to make sure it's a bool value.
+      return this;
+    };
+    // Setter for cookie config
+    this.setStorageCookie = function(exp, path, secure) {
+      this.cookie.expiry = exp;
+      this.cookie.path = path;
+      this.cookie.secure = secure;
+      return this;
+    };
+
+    // Setter for cookie domain
+    this.setStorageCookieDomain = function(domain) {
+      this.cookie.domain = domain;
+      return this;
+    };
+
+    // Setter for notification config
+    // itemSet & itemRemove should be booleans
+    this.setNotify = function(itemSet, itemRemove) {
+      this.notify = {
+        setItem: itemSet,
+        removeItem: itemRemove
+      };
+      return this;
+    };
+
+    this.$get = ['$rootScope', '$window', '$document', '$parse','$timeout', function($rootScope, $window, $document, $parse, $timeout) {
+      var self = this;
+      var prefix = self.prefix;
+      var cookie = self.cookie;
+      var notify = self.notify;
+      var storageType = self.storageType;
+      var webStorage;
+
+      // When Angular's $document is not available
+      if (!$document) {
+        $document = document;
+      } else if ($document[0]) {
+        $document = $document[0];
+      }
+
+      // If there is a prefix set in the config lets use that with an appended period for readability
+      if (prefix.substr(-1) !== '.') {
+        prefix = !!prefix ? prefix + '.' : '';
+      }
+      var deriveQualifiedKey = function(key) {
+        return prefix + key;
+      };
+
+      // Removes prefix from the key.
+      var underiveQualifiedKey = function (key) {
+        return key.replace(new RegExp('^' + prefix, 'g'), '');
+      };
+
+      // Check if the key is within our prefix namespace.
+      var isKeyPrefixOurs = function (key) {
+        return key.indexOf(prefix) === 0;
+      };
+
+      // Checks the browser to see if local storage is supported
+      var checkSupport = function () {
+        try {
+          var supported = (storageType in $window && $window[storageType] !== null);
+
+          // When Safari (OS X or iOS) is in private browsing mode, it appears as though localStorage
+          // is available, but trying to call .setItem throws an exception.
+          //
+          // "QUOTA_EXCEEDED_ERR: DOM Exception 22: An attempt was made to add something to storage
+          // that exceeded the quota."
+          var key = deriveQualifiedKey('__' + Math.round(Math.random() * 1e7));
+          if (supported) {
+            webStorage = $window[storageType];
+            webStorage.setItem(key, '');
+            webStorage.removeItem(key);
+          }
+
+          return supported;
+        } catch (e) {
+          // Only change storageType to cookies if defaulting is enabled.
+          if (self.defaultToCookie)
+            storageType = 'cookie';
+          $rootScope.$broadcast('LocalStorageModule.notification.error', e.message);
+          return false;
+        }
+      };
+      var browserSupportsLocalStorage = checkSupport();
+
+      // Directly adds a value to local storage
+      // If local storage is not available in the browser use cookies
+      // Example use: localStorageService.add('library','angular');
+      var addToLocalStorage = function (key, value, type) {
+        setStorageType(type);
+
+        // Let's convert undefined values to null to get the value consistent
+        if (isUndefined(value)) {
+          value = null;
+        } else {
+          value = toJson(value);
+        }
+
+        // If this browser does not support local storage use cookies
+        if (!browserSupportsLocalStorage && self.defaultToCookie || self.storageType === 'cookie') {
+          if (!browserSupportsLocalStorage) {
+            $rootScope.$broadcast('LocalStorageModule.notification.warning', 'LOCAL_STORAGE_NOT_SUPPORTED');
+          }
+
+          if (notify.setItem) {
+            $rootScope.$broadcast('LocalStorageModule.notification.setitem', {key: key, newvalue: value, storageType: 'cookie'});
+          }
+          return addToCookies(key, value);
+        }
+
+        try {
+          if (webStorage) {
+            webStorage.setItem(deriveQualifiedKey(key), value);
+          }
+          if (notify.setItem) {
+            $rootScope.$broadcast('LocalStorageModule.notification.setitem', {key: key, newvalue: value, storageType: self.storageType});
+          }
+        } catch (e) {
+          $rootScope.$broadcast('LocalStorageModule.notification.error', e.message);
+          return addToCookies(key, value);
+        }
+        return true;
+      };
+
+      // Directly get a value from local storage
+      // Example use: localStorageService.get('library'); // returns 'angular'
+      var getFromLocalStorage = function (key, type) {
+        setStorageType(type);
+
+        if (!browserSupportsLocalStorage && self.defaultToCookie  || self.storageType === 'cookie') {
+          if (!browserSupportsLocalStorage) {
+            $rootScope.$broadcast('LocalStorageModule.notification.warning', 'LOCAL_STORAGE_NOT_SUPPORTED');
+          }
+
+          return getFromCookies(key);
+        }
+
+        var item = webStorage ? webStorage.getItem(deriveQualifiedKey(key)) : null;
+        // angular.toJson will convert null to 'null', so a proper conversion is needed
+        // FIXME not a perfect solution, since a valid 'null' string can't be stored
+        if (!item || item === 'null') {
+          return null;
+        }
+
+        try {
+          return JSON.parse(item);
+        } catch (e) {
+          return item;
+        }
+      };
+
+      // Remove an item from local storage
+      // Example use: localStorageService.remove('library'); // removes the key/value pair of library='angular'
+      //
+      // This is var-arg removal, check the last argument to see if it is a storageType
+      // and set type accordingly before removing.
+      //
+      var removeFromLocalStorage = function () {
+        // can't pop on arguments, so we do this
+        var consumed = 0;
+        if (arguments.length >= 1 &&
+            (arguments[arguments.length - 1] === 'localStorage' ||
+             arguments[arguments.length - 1] === 'sessionStorage')) {
+          consumed = 1;
+          setStorageType(arguments[arguments.length - 1]);
+        }
+
+        var i, key;
+        for (i = 0; i < arguments.length - consumed; i++) {
+          key = arguments[i];
+          if (!browserSupportsLocalStorage && self.defaultToCookie || self.storageType === 'cookie') {
+            if (!browserSupportsLocalStorage) {
+              $rootScope.$broadcast('LocalStorageModule.notification.warning', 'LOCAL_STORAGE_NOT_SUPPORTED');
+            }
+
+            if (notify.removeItem) {
+              $rootScope.$broadcast('LocalStorageModule.notification.removeitem', {key: key, storageType: 'cookie'});
+            }
+            removeFromCookies(key);
+          }
+          else {
+            try {
+              webStorage.removeItem(deriveQualifiedKey(key));
+              if (notify.removeItem) {
+                $rootScope.$broadcast('LocalStorageModule.notification.removeitem', {
+                  key: key,
+                  storageType: self.storageType
+                });
+              }
+            } catch (e) {
+              $rootScope.$broadcast('LocalStorageModule.notification.error', e.message);
+              removeFromCookies(key);
+            }
+          }
+        }
+      };
+
+      // Return array of keys for local storage
+      // Example use: var keys = localStorageService.keys()
+      var getKeysForLocalStorage = function (type) {
+        setStorageType(type);
+
+        if (!browserSupportsLocalStorage) {
+          $rootScope.$broadcast('LocalStorageModule.notification.warning', 'LOCAL_STORAGE_NOT_SUPPORTED');
+          return [];
+        }
+
+        var prefixLength = prefix.length;
+        var keys = [];
+        for (var key in webStorage) {
+          // Only return keys that are for this app
+          if (key.substr(0, prefixLength) === prefix) {
+            try {
+              keys.push(key.substr(prefixLength));
+            } catch (e) {
+              $rootScope.$broadcast('LocalStorageModule.notification.error', e.Description);
+              return [];
+            }
+          }
+        }
+        return keys;
+      };
+
+      // Remove all data for this app from local storage
+      // Also optionally takes a regular expression string and removes the matching key-value pairs
+      // Example use: localStorageService.clearAll();
+      // Should be used mostly for development purposes
+      var clearAllFromLocalStorage = function (regularExpression, type) {
+        setStorageType(type);
+
+        // Setting both regular expressions independently
+        // Empty strings result in catchall RegExp
+        var prefixRegex = !!prefix ? new RegExp('^' + prefix) : new RegExp();
+        var testRegex = !!regularExpression ? new RegExp(regularExpression) : new RegExp();
+
+        if (!browserSupportsLocalStorage && self.defaultToCookie  || self.storageType === 'cookie') {
+          if (!browserSupportsLocalStorage) {
+            $rootScope.$broadcast('LocalStorageModule.notification.warning', 'LOCAL_STORAGE_NOT_SUPPORTED');
+          }
+          return clearAllFromCookies();
+        }
+        if (!browserSupportsLocalStorage && !self.defaultToCookie)
+          return false;
+        var prefixLength = prefix.length;
+
+        for (var key in webStorage) {
+          // Only remove items that are for this app and match the regular expression
+          if (prefixRegex.test(key) && testRegex.test(key.substr(prefixLength))) {
+            try {
+              removeFromLocalStorage(key.substr(prefixLength));
+            } catch (e) {
+              $rootScope.$broadcast('LocalStorageModule.notification.error', e.message);
+              return clearAllFromCookies();
+            }
+          }
+        }
+        return true;
+      };
+
+      // Checks the browser to see if cookies are supported
+      var browserSupportsCookies = (function() {
+        try {
+          return $window.navigator.cookieEnabled ||
+          ("cookie" in $document && ($document.cookie.length > 0 ||
+            ($document.cookie = "test").indexOf.call($document.cookie, "test") > -1));
+          } catch (e) {
+            $rootScope.$broadcast('LocalStorageModule.notification.error', e.message);
+            return false;
+          }
+        }());
+
+        // Directly adds a value to cookies
+        // Typically used as a fallback if local storage is not available in the browser
+        // Example use: localStorageService.cookie.add('library','angular');
+        var addToCookies = function (key, value, daysToExpiry, secure) {
+
+          if (isUndefined(value)) {
+            return false;
+          } else if(isArray(value) || isObject(value)) {
+            value = toJson(value);
+          }
+
+          if (!browserSupportsCookies) {
+            $rootScope.$broadcast('LocalStorageModule.notification.error', 'COOKIES_NOT_SUPPORTED');
+            return false;
+          }
+
+          try {
+            var expiry = '',
+            expiryDate = new Date(),
+            cookieDomain = '';
+
+            if (value === null) {
+              // Mark that the cookie has expired one day ago
+              expiryDate.setTime(expiryDate.getTime() + (-1 * 24 * 60 * 60 * 1000));
+              expiry = "; expires=" + expiryDate.toGMTString();
+              value = '';
+            } else if (isNumber(daysToExpiry) && daysToExpiry !== 0) {
+              expiryDate.setTime(expiryDate.getTime() + (daysToExpiry * 24 * 60 * 60 * 1000));
+              expiry = "; expires=" + expiryDate.toGMTString();
+            } else if (cookie.expiry !== 0) {
+              expiryDate.setTime(expiryDate.getTime() + (cookie.expiry * 24 * 60 * 60 * 1000));
+              expiry = "; expires=" + expiryDate.toGMTString();
+            }
+            if (!!key) {
+              var cookiePath = "; path=" + cookie.path;
+              if (cookie.domain) {
+                cookieDomain = "; domain=" + cookie.domain;
+              }
+              /* Providing the secure parameter always takes precedence over config
+               * (allows developer to mix and match secure + non-secure) */
+              if (typeof secure === 'boolean') {
+                  if (secure === true) {
+                      /* We've explicitly specified secure,
+                       * add the secure attribute to the cookie (after domain) */
+                      cookieDomain += "; secure";
+                  }
+                  // else - secure has been supplied but isn't true - so don't set secure flag, regardless of what config says
+              }
+              else if (cookie.secure === true) {
+                  // secure parameter wasn't specified, get default from config
+                  cookieDomain += "; secure";
+              }
+              $document.cookie = deriveQualifiedKey(key) + "=" + encodeURIComponent(value) + expiry + cookiePath + cookieDomain;
+            }
+          } catch (e) {
+            $rootScope.$broadcast('LocalStorageModule.notification.error', e.message);
+            return false;
+          }
+          return true;
+        };
+
+        // Directly get a value from a cookie
+        // Example use: localStorageService.cookie.get('library'); // returns 'angular'
+        var getFromCookies = function (key) {
+          if (!browserSupportsCookies) {
+            $rootScope.$broadcast('LocalStorageModule.notification.error', 'COOKIES_NOT_SUPPORTED');
+            return false;
+          }
+
+          var cookies = $document.cookie && $document.cookie.split(';') || [];
+          for(var i=0; i < cookies.length; i++) {
+            var thisCookie = cookies[i];
+            while (thisCookie.charAt(0) === ' ') {
+              thisCookie = thisCookie.substring(1,thisCookie.length);
+            }
+            if (thisCookie.indexOf(deriveQualifiedKey(key) + '=') === 0) {
+              var storedValues = decodeURIComponent(thisCookie.substring(prefix.length + key.length + 1, thisCookie.length));
+              try {
+                return JSON.parse(storedValues);
+              } catch(e) {
+                return storedValues;
+              }
+            }
+          }
+          return null;
+        };
+
+        var removeFromCookies = function (key) {
+          addToCookies(key,null);
+        };
+
+        var clearAllFromCookies = function () {
+          var thisCookie = null;
+          var prefixLength = prefix.length;
+          var cookies = $document.cookie.split(';');
+          for(var i = 0; i < cookies.length; i++) {
+            thisCookie = cookies[i];
+
+            while (thisCookie.charAt(0) === ' ') {
+              thisCookie = thisCookie.substring(1, thisCookie.length);
+            }
+
+            var key = thisCookie.substring(prefixLength, thisCookie.indexOf('='));
+            removeFromCookies(key);
+          }
+        };
+
+        var getStorageType = function() {
+          return storageType;
+        };
+
+        var setStorageType = function(type) {
+          if (type && storageType !== type) {
+            storageType = type;
+            browserSupportsLocalStorage = checkSupport();
+          }
+          return browserSupportsLocalStorage;
+        };
+
+        // Add a listener on scope variable to save its changes to local storage
+        // Return a function which when called cancels binding
+        var bindToScope = function(scope, key, def, lsKey, type) {
+          lsKey = lsKey || key;
+          var value = getFromLocalStorage(lsKey, type);
+
+          if (value === null && isDefined(def)) {
+            value = def;
+          } else if (isObject(value) && isObject(def)) {
+            value = extend(value, def);
+          }
+
+          $parse(key).assign(scope, value);
+
+          return scope.$watch(key, function(newVal) {
+            addToLocalStorage(lsKey, newVal, type);
+          }, isObject(scope[key]));
+        };
+
+        // Add listener to local storage, for update callbacks.
+        if (browserSupportsLocalStorage) {
+            if ($window.addEventListener) {
+                $window.addEventListener("storage", handleStorageChangeCallback, false);
+                $rootScope.$on('$destroy', function() {
+                    $window.removeEventListener("storage", handleStorageChangeCallback);
+                });
+            } else if($window.attachEvent){
+                // attachEvent and detachEvent are proprietary to IE v6-10
+                $window.attachEvent("onstorage", handleStorageChangeCallback);
+                $rootScope.$on('$destroy', function() {
+                    $window.detachEvent("onstorage", handleStorageChangeCallback);
+                });
+            }
+        }
+
+        // Callback handler for storage changed.
+        function handleStorageChangeCallback(e) {
+            if (!e) { e = $window.event; }
+            if (notify.setItem) {
+                if (isKeyPrefixOurs(e.key)) {
+                    var key = underiveQualifiedKey(e.key);
+                    // Use timeout, to avoid using $rootScope.$apply.
+                    $timeout(function () {
+                        $rootScope.$broadcast('LocalStorageModule.notification.changed', { key: key, newvalue: e.newValue, storageType: self.storageType });
+                    });
+                }
+            }
+        }
+
+        // Return localStorageService.length
+        // ignore keys that not owned
+        var lengthOfLocalStorage = function(type) {
+          setStorageType(type);
+
+          var count = 0;
+          var storage = $window[storageType];
+          for(var i = 0; i < storage.length; i++) {
+            if(storage.key(i).indexOf(prefix) === 0 ) {
+              count++;
+            }
+          }
+          return count;
+        };
+
+        return {
+          isSupported: browserSupportsLocalStorage,
+          getStorageType: getStorageType,
+          setStorageType: setStorageType,
+          set: addToLocalStorage,
+          add: addToLocalStorage, //DEPRECATED
+          get: getFromLocalStorage,
+          keys: getKeysForLocalStorage,
+          remove: removeFromLocalStorage,
+          clearAll: clearAllFromLocalStorage,
+          bind: bindToScope,
+          deriveKey: deriveQualifiedKey,
+          underiveKey: underiveQualifiedKey,
+          length: lengthOfLocalStorage,
+          defaultToCookie: this.defaultToCookie,
+          cookie: {
+            isSupported: browserSupportsCookies,
+            set: addToCookies,
+            add: addToCookies, //DEPRECATED
+            get: getFromCookies,
+            remove: removeFromCookies,
+            clearAll: clearAllFromCookies
+          }
+        };
+      }];
+  });
+})(window, window.angular);

app/assets/javascripts/shared/shared.js.coffee

@@ -1,4 +1,5 @@
 window.OFNShared = angular.module("OFNShared", [
   "mm.foundation",
+  "LocalStorageModule"
 ]).config ($httpProvider) ->
   $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"

app/assets/javascripts/templates/admin/columns_dropdown.html.haml

@@ -2,13 +2,13 @@
   .ofn-drop-down-label
     = "  #{t('admin.columns')}".html_safe
     %span{ 'ng-class' => "expanded && 'icon-caret-up' || !expanded && 'icon-caret-down'" }
-  .menu{ 'ng-show' => "expanded" }
+  %div.menu{ 'ng-show' => "expanded" }
     .menu_items
       .menu_item{ "ng-repeat": "column in columns", "ng-click": "toggle(column);" }
         %input{ type: "checkbox", "ng-checked": "column.visible" }
         %span
           {{ column.name }}
       %hr
-      .menu_item.text-center
+      %div.menu_item.text-center
         %input.fullwidth.orange{ type: "button", "ng-value": "saved() ? 'Saved': 'Saving'", "ng-show": "saved() || saving", "ng-disabled": "saved()" }
         %input.fullwidth.red{ type: "button", value: t('admin.column_save_as_default').html_safe, "ng-show": "!saved() && !saving", "ng-click": "saveColumnPreferences(action)" }

app/assets/javascripts/templates/admin/modals/image_upload.html.haml

@@ -2,7 +2,7 @@
   %i.fa.fa-times-circle{'aria-hidden' => "true"}
 
 %form#image_upload{ name: 'form', novalidate: true, enctype: 'multipart/form-data', multipart: true, "ng-controller": "ProductImageCtrl" }
-  .image-preview
+  %div.image-preview
     %img.spinner{ src: image_path("/spinning-circles.svg"), "ng-hide": "!imageUploader.isUploading" }
     %img.preview{ "ng-src": "{{imagePreview}}", "ng-class": "{'faded': imageUploader.isUploading}" }
 

app/assets/javascripts/templates/out_of_stock.html.haml

@@ -1,4 +1,3 @@
-// please update the modal html in app/components/out_of_stock_modal_component/out_of_stock_modal_component.html.haml if updating this template
 %a.close-reveal-modal{"ng-click" => "$close()"}
   %i.ofn-i_009-close
 
@@ -13,4 +12,4 @@
   %span{'ng-if' => "v.on_hand == 0"}
     {{ 'js.out_of_stock.now_out_of_stock' | t }}
   %span{'ng-if' => "v.on_hand > 0"}
-    {{ 'js.out_of_stock.only_n_remaining' | t:{ num: v.on_hand } }}
+    {{ 'js.out_of_stock.only_n_remainging' | t:{ num: v.on_hand } }}

app/assets/javascripts/templates/partials/contact.html.haml

@@ -1,5 +1,5 @@
-.contact-container
-  .modal-centered{"ng-if" => "::enterprise.email_address || enterprise.website || enterprise.phone || enterprise.whatsapp_phone"}
+%div.contact-container
+  %div.modal-centered{"ng-if" => "::enterprise.email_address || enterprise.website || enterprise.phone || enterprise.whatsapp_phone"}
     %p.modal-header {{'contact' | t}}
     %p{"ng-if" => "::enterprise.phone", "ng-bind" => "::enterprise.phone"}
 

app/assets/javascripts/templates/partials/follow.html.haml

@@ -1,4 +1,4 @@
-.modal-centered{ "ng-if" => "::enterprise.twitter || enterprise.facebook || enterprise.linkedin || enterprise.instagram"}
+%div.modal-centered{ "ng-if" => "::enterprise.twitter || enterprise.facebook || enterprise.linkedin || enterprise.instagram"}
   %p.modal-header {{'follow' | t}}
   .follow-icons
     %span{"ng-if" => "::enterprise.twitter"}

app/assets/javascripts/templates/partials/producer_details.html.haml

@@ -7,7 +7,7 @@
       .columns.small-12.fat
         %div{"ng-if" => "::enterprise.name"}
           %label{"ng-bind-html" => "::'shop_for_products_html' | t:{enterprise: enterprise.name}"}
-        .show-for-medium-up{"ng-if" => "::!enterprise.name"}
+        %div.show-for-medium-up{"ng-if" => "::!enterprise.name"}
            
     .row
       .columns.small-12

app/assets/stylesheets/mail/email.scss

@@ -12,6 +12,11 @@ img {
   max-width: 100%;
 }
 
+.collapse {
+  margin: 0;
+  padding: 0;
+}
+
 body {
   -webkit-font-smoothing: antialiased;
   -webkit-text-size-adjust: none;
@@ -27,6 +32,18 @@ a {
   color: #0096ad;
 }
 
+.btn {
+  text-decoration: none;
+  color: #FFF;
+  background-color: #666;
+  padding: 10px 16px;
+  font-weight: bold;
+  margin-right: 10px;
+  text-align: center;
+  cursor: pointer;
+  display: inline-block;
+}
+
 p.callout {
   padding: 15px;
   background-color: #e1f0f5;
@@ -104,12 +121,6 @@ table.order-summary {
   text-align: right;
 }
 
-.logo {
-  vertical-align: middle;
-  max-height: 50px;
-  max-width: 247px;
-}
-
 .social .soc-btn {
   padding: 3px 7px;
   font-size: 12px;
@@ -167,11 +178,17 @@ del.quantity_was {
 
 table.head-wrap {
   width: 100%;
-  background-color: #f2f2f2;
 }
 
-.collapse {
-  margin: 0;
+.header.container table td {
+  &.logo {
+    padding: 15px;
+  }
+
+  &.label {
+    padding: 15px;
+    padding-left: 0px;
+  }
 }
 
 /* -------------------------------------
@@ -250,6 +267,10 @@ h6 {
   color: #999;
 }
 
+.collapse {
+  margin: 0 !important;
+}
+
 p, ul {
   margin-bottom: 10px;
   font-weight: normal;
@@ -361,6 +382,12 @@ ul {
   }
 }
 
+.column-wrap {
+  padding: 0 !important;
+  margin: 0 auto;
+  max-width: 600px !important;
+}
+
 .column table {
   width: 100%;
 }

app/components/multiple_checked_select_component/multiple_checked_select_component.html.haml

@@ -1,12 +1,12 @@
 .ofn-drop-down.ofn-drop-down-v2{ data: { controller: "multiple-checked-select" } }
-  .ofn-drop-down-label{ "data-multiple-checked-select-target": "button" }
+  %div.ofn-drop-down-label{ "data-multiple-checked-select-target": "button" }
     %span{class: "label"}= t('admin.columns')
     %span{ class: "icon-caret-down", "data-multiple-checked-select-target": "caret" }
-  .menu{ class: "hidden", "data-multiple-checked-select-target": "options" }
-    .filter
+  %div.menu{ class: "hidden", "data-multiple-checked-select-target": "options" }
+    %div.filter
       %input{ type: "text", "data-multiple-checked-select-target": "filter", placeholder: I18n.t('components.multiple_checked_select.filter_placeholder') }
     %hr
-    .menu_items
+    %div.menu_items
       - @options.each do |option|
         %label.menu_item{ "data-multiple-checked-select-target": "option", "data-value": option[1], "data-label": option[0] }
           %input{ type: "checkbox", checked: @selected.include?(option[1]), name: "#{@name}[]", value: option[1] }

app/components/out_of_stock_modal_component.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-class OutOfStockModalComponent < ModalComponent
-  def initialize(id:, variants: [], redirect: false)
-    super(id:, modal_class: "medium", instant: true)
-
-    @variants = variants
-    @redirect = redirect
-  end
-end

app/components/out_of_stock_modal_component/out_of_stock_modal_component.html.haml

@@ -1,26 +0,0 @@
-%div{ id: @id, "data-controller": "modal out-of-stock-modal", "data-action": "keyup@document->modal#closeIfEscapeKey modal:closing->out-of-stock-modal#redirect", "data-modal-instant-value": @instant, "data-out-of-stock-modal-redirect-value": @redirect }
-  .reveal-modal-bg.fade{ "data-modal-target": "background", "data-action": "click->modal#close" }
-  .reveal-modal.fade.modal-component{ "data-modal-target": "modal", class: @modal_class }
-    - # please update app/assets/javascripts/templates/out_of_stock.html.haml if updating this view
-    %a.close-reveal-modal{"data-action": "click->modal#close" }
-      %i.ofn-i_009-close
-    %h3
-      = t("js.out_of_stock.reduced_stock_available")
-    %p
-      = t("js.out_of_stock.out_of_stock_text")
-    - @variants.each do |variant|
-      - if variant.on_hand == 0
-        %p
-          %em
-            = "#{variant.name_to_display} - #{variant.unit_to_display}"
-            %span
-              = t("js.out_of_stock.now_out_of_stock")
-      - if variant.on_hand > 0
-        %p
-          %em
-            = "#{variant.name_to_display} - #{variant.unit_to_display}"
-            %span
-              = t("js.out_of_stock.only_n_remaining", num: variant.on_hand)
-
-    .text-center
-      %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.close'), "data-action": "click->modal#close" }

app/controllers/admin/connected_apps_controller.rb

@@ -44,9 +44,9 @@ module Admin
 
       create_connected_app
 
-      jwt_service = Vine::JwtService.new(secret: connected_app_params[:vine_secret])
-      vine_api = Vine::ApiService.new(api_key: connected_app_params[:vine_api_key],
-                                      jwt_generator: jwt_service)
+      jwt_service = VineJwtService.new(secret: connected_app_params[:vine_secret])
+      vine_api = VineApiService.new(api_key: connected_app_params[:vine_api_key],
+                                    jwt_generator: jwt_service)
 
       if !@app.connect(api_key: connected_app_params[:vine_api_key],
                        secret: connected_app_params[:vine_secret], vine_api:)
@@ -77,7 +77,7 @@ module Admin
 
     def log_and_notify_exception(exception)
       Rails.logger.error exception.inspect
-      Alert.raise(exception)
+      Bugsnag.notify(exception)
     end
 
     def vine_params_empty?

app/controllers/admin/dfc_product_imports_controller.rb

@@ -5,89 +5,50 @@ require "private_address_check/tcpsocket_ext"
 
 module Admin
   class DfcProductImportsController < Spree::Admin::BaseController
-    before_action :load_enterprise
-
     # Define model class for `can?` permissions:
     def model_class
       self.class
     end
 
     def index
-      # Fetch DFC catalog JSON for preview
-      @catalog_url = params.require(:catalog_url).strip
-      @catalog_json = api.call(@catalog_url)
-      catalog = DfcCatalog.from_json(@catalog_json)
+      # The plan:
+      #
+      # * Fetch DFC catalog as JSON from URL.
+      enterprise = OpenFoodNetwork::Permissions.new(spree_current_user)
+        .managed_product_enterprises.is_primary_producer
+        .find(params.require(:enterprise_id))
 
-      # Render table and let user decide which ones to import.
-      @items = list_products(catalog)
-      @absent_items = importer(catalog).absent_variants
-    rescue URI::InvalidURIError
-      flash[:error] = t ".invalid_url"
-      redirect_to admin_product_import_path
-    rescue Faraday::Error,
-           Addressable::URI::InvalidURIError,
-           ActionController::ParameterMissing => e
-      flash[:error] = e.message
-      redirect_to admin_product_import_path
-    rescue Rack::OAuth2::Client::Error
-      oidc_settings_link = helpers.link_to(
-        t('spree.admin.tab.oidc_settings'),
-        admin_oidc_settings_path
-      )
-      flash[:error] = t(".connection_invalid_html", oidc_settings_link:)
-      redirect_to admin_product_import_path
-    end
+      catalog_url = params.require(:catalog_url)
 
-    def import
-      ids = params.require(:semanticIds)
+      json_catalog = fetch_catalog(catalog_url)
+      graph = DfcIo.import(json_catalog)
 
-      # Load DFC catalog JSON
-      catalog = DfcCatalog.from_json(params.require(:catalog_json))
-      catalog.apply_wholesale_values!
+      # * First step: import all products for given enterprise.
+      # * Second step: render table and let user decide which ones to import.
+      imported = graph.map do |subject|
+        next unless subject.is_a? DataFoodConsortium::Connector::SuppliedProduct
 
-      # Import all selected products for given enterprise.
-      imported = ids.map do |semantic_id|
-        subject = catalog.item(semantic_id)
-        existing_variant = @enterprise.supplied_variants.linked_to(semantic_id)
+        existing_variant = enterprise.supplied_variants.linked_to(subject.semanticId)
 
         if existing_variant
-          SuppliedProductImporter.update_product(subject, existing_variant)
+          SuppliedProductBuilder.update_product(subject, existing_variant)
         else
-          SuppliedProductImporter.store_product(subject, @enterprise)
+          SuppliedProductBuilder.store_product(subject, enterprise)
         end
       end
 
       @count = imported.compact.count
-      @reset_count = importer(catalog).reset_absent_variants.count
-    rescue ActionController::ParameterMissing => e
+    rescue Faraday::Error,
+           Addressable::URI::InvalidURIError,
+           ActionController::ParameterMissing => e
       flash[:error] = e.message
       redirect_to admin_product_import_path
     end
 
     private
 
-    def api
-      @api ||= DfcRequest.new(spree_current_user)
-    end
-
-    def load_enterprise
-      @enterprise = OpenFoodNetwork::Permissions.new(spree_current_user)
-        .managed_product_enterprises.is_primary_producer
-        .find(params.require(:enterprise_id))
-    end
-
-    # List internal and external products for the preview.
-    def list_products(catalog)
-      catalog.products.map do |subject|
-        [
-          subject,
-          @enterprise.supplied_variants.linked_to(subject.semanticId)&.product
-        ]
-      end
-    end
-
-    def importer(catalog)
-      DfcCatalogImporter.new(@enterprise.supplied_variants, catalog)
+    def fetch_catalog(url)
+      DfcRequest.new(spree_current_user).call(url)
     end
   end
 end

app/controllers/admin/enterprises_controller.rb

@@ -14,8 +14,7 @@ module Admin
     prepend_before_action :override_owner, only: :create
     prepend_before_action :override_sells, only: :create
 
-    before_action :load_countries, except: [:index, :register]
-    before_action :require_enterprise, only: [:edit, :update]
+    before_action :load_countries, except: [:index, :register, :check_permalink]
     before_action :load_methods_and_fees, only: [:edit, :update]
     before_action :load_groups, only: [:new, :edit, :update, :create]
     before_action :load_taxons, only: [:new, :edit, :update, :create]
@@ -217,10 +216,6 @@ module Admin
       [:index, :for_order_cycle, :visible, :bulk_update]
     end
 
-    def require_enterprise
-      raise ActiveRecord::RecordNotFound if @enterprise.blank?
-    end
-
     def load_methods_and_fees
       enterprise_payment_methods = @enterprise.payment_methods.to_a
       enterprise_shipping_methods = @enterprise.shipping_methods.to_a

app/controllers/admin/product_import_controller.rb

@@ -30,13 +30,13 @@ module Admin
     def validate_data
       return unless process_data('validate')
 
-      render json: @importer.import_results
+      render json: @importer.import_results, response: 200
     end
 
     def save_data
       return unless process_data('save')
 
-      render json: @importer.save_results
+      render json: @importer.save_results, response: 200
     end
 
     def reset_absent_products
@@ -76,7 +76,7 @@ module Admin
       begin
         @importer.public_send("#{method}_entries")
       rescue StandardError => e
-        render plain: e.message, status: :internal_server_error
+        render json: e.message, response: 500
         return false
       end
 

app/controllers/admin/products_v3_controller.rb

@@ -144,7 +144,7 @@ module Admin
 
     def product_scope
       user = spree_current_user
-      scope = if user.admin? || user.enterprises.present?
+      scope = if user.has_spree_role?("admin") || user.enterprises.present?
                 Spree::Product
               else
                 Spree::Product.active

app/controllers/admin/variant_overrides_controller.rb

@@ -71,12 +71,6 @@ module Admin
 
     def load_collection
       collection_hash = Hash[variant_overrides_params.each_with_index.map { |vo, i| [i, vo] }]
-
-      # Reset count_on_hand when switching to producer settings:
-      collection_hash.each_value do |vo|
-        vo["count_on_hand"] = nil if vo.fetch("on_demand", :unchanged).nil?
-      end
-
       @vo_set = Sets::VariantOverrideSet.new(@variant_overrides,
                                              collection_attributes: collection_hash)
     end

app/controllers/api/v0/base_controller.rb

@@ -66,7 +66,7 @@ module Api
       end
 
       def error_during_processing(exception)
-        Alert.raise(exception)
+        Bugsnag.notify(exception)
 
         render(json: { exception: exception.message },
                status: :unprocessable_entity) && return

app/controllers/api/v0/orders_controller.rb

@@ -67,8 +67,7 @@ module Api
       def serialized_orders(orders)
         ActiveModel::ArraySerializer.new(
           orders,
-          each_serializer: Api::Admin::OrderSerializer,
-          current_user: current_api_user
+          each_serializer: Api::Admin::OrderSerializer
         )
       end
 

app/controllers/api/v0/shipments_controller.rb

@@ -14,7 +14,7 @@ module Api
       def create
         variant = scoped_variant(params[:variant_id])
         quantity = params[:quantity].to_i
-        @shipment = @order.shipment || @order.shipments.create
+        @shipment = get_or_create_shipment(params[:stock_location_id])
 
         @order.contents.add(variant, quantity, @shipment)
 
@@ -24,7 +24,6 @@ module Api
         Orders::WorkflowService.new(@order).advance_to_payment if @order.line_items.any?
 
         @order.recreate_all_fees!
-        AmendBackorderJob.perform_later(@order) if @order.completed?
 
         render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
       end
@@ -74,7 +73,6 @@ module Api
 
         @order.contents.add(variant, quantity, @shipment)
         @order.recreate_all_fees!
-        AmendBackorderJob.perform_later(@order) if @order.completed?
 
         render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
       end
@@ -88,7 +86,6 @@ module Api
         @shipment.reload if @shipment.persisted?
 
         @order.recreate_all_fees!
-        AmendBackorderJob.perform_later(@order) if @order.completed?
 
         render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
       end
@@ -116,8 +113,12 @@ module Api
         variant
       end
 
+      def get_or_create_shipment(stock_location_id)
+        @order.shipment || @order.shipments.create(stock_location_id:)
+      end
+
       def shipment_params
-        return {} unless params.key? :shipment
+        return {} unless params.has_key? :shipment
 
         params.require(:shipment).permit(:tracking, :selected_shipping_rate_id)
       end

app/controllers/api/v0/variants_controller.rb

@@ -55,14 +55,14 @@ module Api
 
       def scope
         if @product
-          variants = if current_api_user.admin? || params[:show_deleted]
+          variants = if current_api_user.has_spree_role?("admin") || params[:show_deleted]
                        @product.variants.with_deleted
                      else
                        @product.variants
                      end
         else
           variants = Spree::Variant.where(nil)
-          if current_api_user.admin?
+          if current_api_user.has_spree_role?("admin")
             unless params[:show_deleted]
               variants = Spree::Variant.active
             end

app/controllers/api/v1/base_controller.rb

@@ -52,7 +52,7 @@ module Api
       end
 
       def error_during_processing(exception)
-        Alert.raise(exception)
+        Bugsnag.notify(exception)
 
         if Rails.env.development? || Rails.env.test?
           render status: :unprocessable_entity,

app/controllers/cart_controller.rb

@@ -11,7 +11,7 @@ class CartController < BaseController
       order.cap_quantity_at_stock!
       order.recreate_all_fees!
 
-      StockSyncJob.sync_linked_catalogs_later(order)
+      StockSyncJob.sync_linked_catalogs(order)
 
       render json: { error: false, stock_levels: stock_levels(order) }, status: :ok
     else

app/controllers/checkout_controller.rb

@@ -26,7 +26,6 @@ class CheckoutController < BaseController
     if params[:step].blank?
       redirect_to_step_based_on_order
     else
-      handle_insufficient_stock if details_step?
       update_order_state
       check_step
     end
@@ -37,9 +36,6 @@ class CheckoutController < BaseController
   end
 
   def update
-    return render cable_ready: cable_car.redirect_to(url: checkout_step_path(:details)) \
-      unless sufficient_stock?
-
     if confirm_order || update_order
       return if performed?
 
@@ -82,21 +78,8 @@ class CheckoutController < BaseController
 
     return true if redirect_to_payment_gateway
 
-    # Redeem VINE voucher
-    vine_voucher_redeemer = Vine::VoucherRedeemerService.new(order: @order)
-    unless vine_voucher_redeemer.redeem
-      # rubocop:disable Rails/DeprecatedActiveModelErrorsMethods
-      flash[:error] = if vine_voucher_redeemer.errors.keys.include?(:redeeming_failed)
-                        vine_voucher_redeemer.errors[:redeeming_failed]
-                      else
-                        I18n.t('checkout.errors.voucher_redeeming_error')
-                      end
-      return false
-      # rubocop:enable Rails/DeprecatedActiveModelErrorsMethods
-    end
     @order.process_payments!
     @order.confirm!
-    BackorderJob.check_stock(@order)
     order_completion_reset @order
   end
 

app/controllers/concerns/checkout_callbacks.rb

@@ -25,6 +25,7 @@ module CheckoutCallbacks
 
     before_action :ensure_order_not_completed
     before_action :ensure_checkout_allowed
+    before_action :handle_insufficient_stock
     before_action :check_authorization
   end
 

app/controllers/concerns/order_completion.rb

@@ -50,7 +50,9 @@ module OrderCompletion
   end
 
   def order_invalid!
-    Alert.raise_with_record("Notice: invalid order loaded during checkout", @order)
+    Bugsnag.notify("Notice: invalid order loaded during checkout") do |payload|
+      payload.add_metadata :order, :order, @order
+    end
 
     flash[:error] = t('checkout.order_not_loaded')
     redirect_to main_app.shop_path
@@ -90,7 +92,9 @@ module OrderCompletion
   end
 
   def notify_failure(error = RuntimeError.new(order_processing_error))
-    Alert.raise_with_record(error, @order)
+    Bugsnag.notify(error) do |payload|
+      payload.add_metadata :order, @order
+    end
     flash[:error] = order_processing_error if flash.blank?
   end
 

app/controllers/concerns/order_stock_check.rb

@@ -4,26 +4,25 @@ module OrderStockCheck
   include CablecarResponses
   extend ActiveSupport::Concern
 
-  delegate :sufficient_stock?, to: :check_stock_service
-
   def valid_order_line_items?
-    OrderCycles::DistributedVariantsService.new(@order.order_cycle, @order.distributor).
-      distributes_order_variants?(@order)
+    @order.insufficient_stock_lines.empty? &&
+      OrderCycles::DistributedVariantsService.new(@order.order_cycle, @order.distributor).
+        distributes_order_variants?(@order)
   end
 
   def handle_insufficient_stock
-    @any_out_of_stock = false
-
     return if sufficient_stock?
 
-    @any_out_of_stock = true
-    @updated_variants = check_stock_service.update_line_items
+    flash[:error] = Spree.t(:inventory_error_flash_for_insufficient_quantity)
+    redirect_to main_app.cart_path
   end
 
   def check_order_cycle_expiry
     return unless current_order_cycle&.closed?
 
-    Alert.raise_with_record("Notice: order cycle closed during checkout completion", current_order)
+    Bugsnag.notify("Notice: order cycle closed during checkout completion") do |payload|
+      payload.add_metadata :order, :order, current_order
+    end
     current_order.empty!
     current_order.set_order_cycle! nil
 
@@ -39,7 +38,7 @@ module OrderStockCheck
 
   private
 
-  def check_stock_service
-    @check_stock_service ||= Orders::CheckStockService.new(order: @order)
+  def sufficient_stock?
+    @sufficient_stock ||= @order.insufficient_stock_lines.blank?
   end
 end

app/controllers/enterprises_controller.rb

@@ -24,7 +24,6 @@ class EnterprisesController < BaseController
     set_noindex_meta_tag
 
     @enterprise = current_distributor
-    store_location_for :spree_user, request.original_fullpath
   end
 
   def relatives

app/controllers/errors_controller.rb

@@ -4,6 +4,11 @@ class ErrorsController < ApplicationController
   layout "errors"
 
   def not_found
+    Bugsnag.notify("404") do |event|
+      event.severity = "info"
+
+      event.add_metadata(:request, :env, request.env)
+    end
     render status: :not_found, formats: :html
   end
 

app/controllers/omniauth_callbacks_controller.rb

@@ -2,13 +2,8 @@
 
 class OmniauthCallbacksController < Devise::OmniauthCallbacksController
   def openid_connect
-    ActiveRecord::Base.transaction do
-      OidcAccount.link(spree_current_user, request.env["omniauth.auth"])
-    end
+    OidcAccount.link(spree_current_user, request.env["omniauth.auth"])
 
-    redirect_to admin_oidc_settings_path
-  rescue ActiveRecord::RecordNotUnique
-    flash[:error] = t("devise.oidc.record_not_unique", uid: request.env["omniauth.auth"].uid)
     redirect_to admin_oidc_settings_path
   end
 

app/controllers/payment_gateways/paypal_controller.rb

@@ -14,8 +14,6 @@ module PaymentGateways
     after_action :reset_order_when_complete, only: :confirm
 
     def express
-      return redirect_to order_failed_route if @any_out_of_stock == true
-
       pp_request = provider.build_set_express_checkout(
         express_checkout_request_details(@order)
       )
@@ -43,8 +41,6 @@ module PaymentGateways
     end
 
     def confirm
-      return redirect_to order_failed_route if @any_out_of_stock == true
-
       # At this point the user has come back from the Paypal form, and we get one
       # last chance to interact with the payment process before the money moves...
 

app/controllers/payment_gateways/stripe_controller.rb

@@ -8,12 +8,9 @@ module PaymentGateways
     before_action :load_checkout_order, only: :confirm
     before_action :validate_payment_intent, only: :confirm
     before_action :check_order_cycle_expiry, only: :confirm
+    before_action :validate_stock, only: :confirm
 
     def confirm
-      validate_stock
-
-      return redirect_to order_failed_route if @any_out_of_stock == true
-
       process_payment_completion!
     end
 
@@ -68,8 +65,11 @@ module PaymentGateways
     end
 
     def valid_payment_intent?
-      @valid_payment_intent ||= params["payment_intent"]&.starts_with?("pi_") &&
-                                order_and_payment_valid?
+      @valid_payment_intent ||= begin
+        return false unless params["payment_intent"]&.starts_with?("pi_")
+
+        order_and_payment_valid?
+      end
     end
 
     def order_and_payment_valid?

app/controllers/spree/admin/orders_controller.rb

@@ -69,8 +69,7 @@ module Spree
         @order.send_cancellation_email = params[:send_cancellation_email] != "false"
         @order.restock_items = params.fetch(:restock_items, "true") == "true"
 
-        if allowed_events.include?(event) && @order.public_send(event.to_s)
-          AmendBackorderJob.perform_later(@order) if @order.completed?
+        if @order.public_send(event.to_s)
           flash[:success] = Spree.t(:order_updated)
         else
           flash[:error] = Spree.t(:cannot_perform_operation)
@@ -198,10 +197,6 @@ module Spree
                         ocs.closed +
                         ocs.undated
       end
-
-      def allowed_events
-        %w{cancel resume}
-      end
     end
   end
 end

app/controllers/spree/admin/overview_controller.rb

@@ -5,11 +5,9 @@ module Spree
   module Admin
     class OverviewController < Spree::Admin::BaseController
       def index
-        my_enterprises = Enterprise.managed_by(spree_current_user)
-        @enterprises = my_enterprises
+        @enterprises = Enterprise
+          .managed_by(spree_current_user)
           .order('is_primary_producer ASC, name')
-          .limit(25)
-        @enterprises_count = my_enterprises.count if @enterprises.count >= 25
         @product_count = Spree::Product.active.managed_by(spree_current_user).count
         @order_cycle_count = OrderCycle.active.managed_by(spree_current_user).count
 

app/controllers/spree/admin/payments_controller.rb

@@ -24,12 +24,9 @@ module Spree
       end
 
       def create
-        # Try to redeem VINE voucher first as we don't want to create a payment and complete
-        # the order if it fails
-        return redirect_to spree.admin_order_payments_path(@order) unless redeem_vine_voucher
-
         @payment = @order.payments.build(object_params)
         load_payment_source
+
         begin
           unless @payment.save
             redirect_to spree.admin_order_payments_path(@order)
@@ -54,10 +51,6 @@ module Spree
         event = params[:e]
         return unless event && @payment.payment_source
 
-        # capture_and_complete_order will complete the order, so we want to try to redeem VINE
-        # voucher first and exit if it fails
-        return if event == "capture_and_complete_order" && !redeem_vine_voucher
-
         # Because we have a transition method also called void, we do this to avoid conflicts.
         event = "void_transaction" if event == "void"
         if allowed_events.include?(event) && @payment.public_send("#{event}!")
@@ -67,7 +60,7 @@ module Spree
         end
       rescue StandardError => e
         logger.error e.message
-        Alert.raise(e)
+        Bugsnag.notify(e)
         flash[:error] = e.message
       ensure
         redirect_to request.referer
@@ -189,22 +182,6 @@ module Spree
         %w{capture void_transaction credit refund resend_authorization_email
            capture_and_complete_order}
       end
-
-      def redeem_vine_voucher
-        vine_voucher_redeemer = Vine::VoucherRedeemerService.new(order: @order)
-        if vine_voucher_redeemer.redeem == false
-          # rubocop:disable Rails/DeprecatedActiveModelErrorsMethods
-          flash[:error] = if vine_voucher_redeemer.errors.keys.include?(:redeeming_failed)
-                            vine_voucher_redeemer.errors[:redeeming_failed]
-                          else
-                            I18n.t('checkout.errors.voucher_redeeming_error')
-                          end
-          # rubocop:enable Rails/DeprecatedActiveModelErrorsMethods
-          return false
-        end
-
-        true
-      end
     end
   end
 end

app/controllers/spree/admin/products_controller.rb

@@ -11,7 +11,6 @@ module Spree
       include OrderCyclesHelper
       include EnterprisesHelper
       helper ::Admin::ProductsHelper
-      helper Spree::Admin::TaxCategoriesHelper
 
       before_action :load_data
       before_action :load_producers, only: [:index, :new]
@@ -214,7 +213,7 @@ module Spree
       end
 
       def notify_bugsnag(error, product, variant)
-        Alert.raise(error) do |report|
+        Bugsnag.notify(error) do |report|
           report.add_metadata(:product,
                               { product: product.attributes, variant: variant.attributes })
           report.add_metadata(:product, :product_error, product.errors.first) unless product.valid?

app/controllers/spree/admin/users_controller.rb

@@ -11,6 +11,8 @@ module Spree
 
       # http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/
       before_action :check_json_authenticity, only: :index
+      before_action :load_roles, only: [:edit, :new, :update, :create,
+                                        :generate_api_key, :clear_api_key]
 
       def index
         respond_with(@collection) do |format|
@@ -20,9 +22,17 @@ module Spree
       end
 
       def create
+        if params[:user]
+          roles = params[:user].delete("spree_role_ids")
+        end
+
         @user = Spree::User.new(user_params)
         if @user.save
 
+          if roles
+            @user.spree_roles = roles.compact_blank.collect{ |r| Spree::Role.find(r) }
+          end
+
           flash[:success] = Spree.t(:created_successfully)
           redirect_to edit_admin_user_path(@user)
         else
@@ -31,7 +41,15 @@ module Spree
       end
 
       def update
+        if params[:user]
+          roles = params[:user].delete("spree_role_ids")
+        end
+
         if @user.update(user_params)
+          if roles
+            @user.spree_roles = roles.compact_blank.collect{ |r| Spree::Role.find(r) }
+          end
+
           flash[:success] = update_message
           redirect_to edit_admin_user_path(@user)
         else
@@ -105,6 +123,10 @@ module Spree
         sign_in(@user, event: :authentication, bypass: true)
       end
 
+      def load_roles
+        @roles = Spree::Role.where(nil)
+      end
+
       def new_email_unconfirmed?
         params[:user][:email] != @user.email
       end
@@ -115,7 +137,7 @@ module Spree
 
       def user_params
         ::PermittedAttributes::User.new(params).call(
-          %i[admin enterprise_limit show_api_key_view]
+          %i[enterprise_limit show_api_key_view]
         )
       end
     end

app/controllers/spree/admin/variants_controller.rb

@@ -64,10 +64,7 @@ module Spree
       end
 
       def search
-        scoper = OpenFoodNetwork::ScopeVariantsForSearch.new(
-          variant_search_params,
-          spree_current_user
-        )
+        scoper = OpenFoodNetwork::ScopeVariantsForSearch.new(variant_search_params)
         @variants = scoper.search
         render json: @variants, each_serializer: ::Api::Admin::VariantSerializer
       end

app/controllers/spree/api_keys_controller.rb

@@ -2,6 +2,7 @@
 
 module Spree
   class ApiKeysController < ::BaseController
+    include Spree::Core::ControllerHelpers
     include I18nHelper
 
     prepend_before_action :load_object

app/controllers/spree/orders_controller.rb

@@ -70,15 +70,14 @@ module Spree
         @order.recreate_all_fees! # Enterprise fees on line items and on the order itself
 
         # Re apply the voucher
-        OrderManagement::Order::Updater.new(@order).update_voucher
+        VoucherAdjustmentsService.new(@order).update
+        @order.update_totals_and_states
 
         if @order.complete?
           @order.update_payment_fees!
           @order.create_tax_charge!
         end
 
-        AmendBackorderJob.perform_later(@order) if @order.completed?
-
         respond_with(@order) do |format|
           format.html do
             if params.key?(:checkout)

app/controllers/spree/users_controller.rb

@@ -2,6 +2,7 @@
 
 module Spree
   class UsersController < ::BaseController
+    include Spree::Core::ControllerHelpers
     include I18nHelper
     include CablecarResponses
 

app/controllers/user_registrations_controller.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'open_food_network/error_logger'
 require "spree/core/controller_helpers/auth"
 require "spree/core/controller_helpers/common"
 require "spree/core/controller_helpers/order"
@@ -31,12 +32,12 @@ class UserRegistrationsController < Devise::RegistrationsController
     associate_user
 
     respond_to do |format|
-      format.json do
+      format.js do
         render json: { email: @user.email }
       end
     end
   rescue StandardError => e
-    Alert.raise(e)
+    OpenFoodNetwork::ErrorLogger.notify(e)
     render_error(message: I18n.t('unknown_error', scope: I18N_SCOPE))
   end
 
@@ -51,7 +52,7 @@ class UserRegistrationsController < Devise::RegistrationsController
   def render_error(errors = {})
     clean_up_passwords(resource)
     respond_to do |format|
-      format.json do
+      format.js do
         render json: errors, status: :unauthorized
       end
     end

app/controllers/voucher_adjustments_controller.rb

@@ -4,16 +4,7 @@ class VoucherAdjustmentsController < BaseController
   before_action :set_order
 
   def create
-    if voucher_params[:voucher_code].blank?
-      @order.errors.add(:voucher_code, I18n.t('checkout.errors.voucher_not_found'))
-      return render_error
-    end
-
-    voucher = load_voucher
-
-    return render_error unless valid_voucher?(voucher)
-
-    if add_voucher_to_order(voucher)
+    if add_voucher
       update_payment_section
     elsif @order.errors.present?
       render_error
@@ -39,28 +30,19 @@ class VoucherAdjustmentsController < BaseController
     @order = current_order
   end
 
-  def valid_voucher?(voucher)
-    return false if @order.errors.present?
+  def add_voucher
+    if voucher_params[:voucher_code].blank?
+      @order.errors.add(:voucher_code, I18n.t('checkout.errors.voucher_not_found'))
+      return false
+    end
+
+    voucher = Voucher.find_by(code: voucher_params[:voucher_code], enterprise: @order.distributor)
 
     if voucher.nil?
       @order.errors.add(:voucher_code, I18n.t('checkout.errors.voucher_not_found'))
       return false
     end
 
-    if !voucher.valid?
-      @order.errors.add(
-        :voucher_code,
-        I18n.t(
-          'checkout.errors.create_voucher_error', error: voucher.errors.full_messages.to_sentence
-        )
-      )
-      return false
-    end
-
-    true
-  end
-
-  def add_voucher_to_order(voucher)
     adjustment = voucher.create_adjustment(voucher.code, @order)
 
     unless adjustment.persisted?
@@ -69,38 +51,14 @@ class VoucherAdjustmentsController < BaseController
       return false
     end
 
-    # calculate_voucher_adjustment
     clear_payments
 
-    OrderManagement::Order::Updater.new(@order).update_voucher
+    VoucherAdjustmentsService.new(@order).update
+    @order.update_totals_and_states
 
     true
   end
 
-  def load_voucher
-    voucher = Voucher.find_by(code: voucher_params[:voucher_code],
-                              enterprise: @order.distributor)
-    return voucher unless voucher.nil? || voucher.is_a?(Vouchers::Vine)
-
-    vine_voucher
-  end
-
-  def vine_voucher
-    vine_voucher_validator = Vine::VoucherValidatorService.new(
-      voucher_code: voucher_params[:voucher_code], enterprise: @order.distributor
-    )
-    voucher = vine_voucher_validator.validate
-
-    return nil if vine_voucher_validator.errors[:not_found_voucher].present?
-
-    if vine_voucher_validator.errors.present?
-      @order.errors.add(:voucher_code, I18n.t('checkout.errors.add_voucher_error'))
-      return nil
-    end
-
-    voucher
-  end
-
   def update_payment_section
     render cable_ready: cable_car.replace(
       selector: "#checkout-payment-methods",

app/helpers/admin/products_helper.rb

@@ -14,7 +14,6 @@ module Admin
       # e.g producer_options = [['producer name', id]]
       product.variants.build do |new_variant|
         new_variant.supplier_id = producer_options.first.second if producer_options.one?
-        new_variant.tax_category_id = product.variants.first.tax_category_id
       end
     end
 

app/helpers/link_helper.rb

@@ -15,12 +15,4 @@ module LinkHelper
       prefix + url
     end
   end
-
-  def new_tab_option
-    if feature?(:open_in_same_tab, spree_current_user)
-      {}
-    else
-      { target: "_blank" }
-    end
-  end
 end

app/helpers/shared_helper.rb

@@ -6,7 +6,7 @@ module SharedHelper
   end
 
   def admin_user?
-    spree_current_user&.admin?
+    spree_current_user&.has_spree_role? 'admin'
   end
 
   def current_shop_products_path

app/helpers/spree/admin/navigation_helper.rb

@@ -122,7 +122,7 @@ module Spree
           end
         else
           if html_options['data-update'].nil? && html_options[:remote]
-            object_name, action = url.split('/')[-2..]
+            object_name, action = url.split('/')[-2..-1]
             html_options['data-update'] = [action, object_name.singularize].join('_')
           end
 

app/helpers/spree/admin/orders_helper.rb

@@ -142,32 +142,6 @@ module Spree
         end
         number_field_tag :quantity, manifest_item.quantity, html_options
       end
-
-      def prepare_shipment_manifest(shipment)
-        manifest = shipment.manifest
-
-        if filter_by_supplier?(shipment.order)
-          supplier_ids = spree_current_user.enterprises.ids
-          manifest.select! { |mi| supplier_ids.include?(mi.variant.supplier_id) }
-        end
-
-        manifest
-      end
-
-      def filter_by_supplier?(order)
-        order.distributor&.enable_producers_to_edit_orders &&
-          spree_current_user.can_manage_line_items_in_orders_only?
-      end
-
-      def display_value_for_producer(order, value)
-        return value unless filter_by_supplier?(order)
-
-        if order.distributor&.show_customer_names_to_suppliers
-          value
-        else
-          t("admin.reports.hidden_field")
-        end
-      end
     end
   end
 end

app/helpers/spree/admin/tax_categories_helper.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-module Spree
-  module Admin
-    module TaxCategoriesHelper
-      def tax_category_dropdown_options(require_tax_category)
-        if require_tax_category
-          {
-            include_blank: false,
-            selected: Spree::TaxCategory.find_by(is_default: true)&.id
-          }
-        else
-          {
-            include_blank: t(:none),
-          }
-        end
-      end
-    end
-  end
-end

app/helpers/spree/base_helper.rb

@@ -3,7 +3,7 @@
 module Spree
   module BaseHelper
     def available_countries
-      checkout_zone = Zone.find_by(name: ENV.fetch("CHECKOUT_ZONE", nil))
+      checkout_zone = Zone.find_by(name: Spree::Config[:checkout_zone])
 
       countries = if checkout_zone && checkout_zone.kind == 'country'
                     checkout_zone.countries

app/jobs/amend_backorder_job.rb

@@ -1,38 +1,98 @@
 # frozen_string_literal: true
 
-# When orders are created, adjusted or cancelled, we need to amend
+# When orders are cancelled, we need to amend
 # an existing backorder as well.
+# We're not dealing with line item changes just yet.
 class AmendBackorderJob < ApplicationJob
   sidekiq_options retry: 0
 
-  def self.schedule_bulk_update_for(orders)
-    # We can have one backorder per order cycle and distributor.
-    groups = orders.group_by { |order| [order.order_cycle, order.distributor] }
-    groups.each_value do |orders_with_same_backorder|
-      # We need to trigger only one update per backorder.
-      perform_later(orders_with_same_backorder.first)
-    end
-  end
-
   def perform(order)
     OrderLocker.lock_order_and_variants(order) do
       amend_backorder(order)
     end
   end
 
+  # The following is a mix of the BackorderJob and the CompleteBackorderJob.
+  # TODO: Move the common code into a re-usable service class.
   def amend_backorder(order)
-    backorder = BackorderUpdater.new.amend_backorder(order)
+    order_cycle = order.order_cycle
+    distributor = order.distributor
+    user = distributor.owner
+    items = backorderable_items(order)
 
-    if backorder
-      user = order.distributor.owner
-      urls = nil # Not needed to send order. The backorder id is the URL.
-      FdcBackorderer.new(user, urls).send_order(backorder)
-    elsif !order.order_cycle.closed?
+    return if items.empty?
 
-      # We don't have an order to amend but the order cycle is or will open.
-      # We can assume that this job was triggered by an admin creating a new
-      # order or adding backorderable items to an order.
-      BackorderJob.new.place_backorder(order)
+    # We are assuming that all variants are linked to the same wholesale
+    # shop and its catalog:
+    reference_link = items[0].variant.semantic_links[0].semantic_id
+    urls = FdcUrlBuilder.new(reference_link)
+    orderer = FdcBackorderer.new(user, urls)
+
+    backorder = orderer.find_open_order(order)
+
+    variants = order_cycle.variants_distributed_by(distributor)
+    adjust_quantities(order_cycle, user, backorder, urls, variants)
+
+    FdcBackorderer.new(user, urls).send_order(backorder)
+  end
+
+  # Check if we have enough stock to reduce the backorder.
+  #
+  # Our local stock can increase when users cancel their orders.
+  # But stock levels could also have been adjusted manually. So we review all
+  # quantities before finalising the order.
+  def adjust_quantities(order_cycle, user, order, urls, variants)
+    broker = FdcOfferBroker.new(user, urls)
+
+    order.lines.each do |line|
+      line.quantity = line.quantity.to_i
+      wholesale_product_id = line.offer.offeredItem.semanticId
+      transformation = broker.wholesale_to_retail(wholesale_product_id)
+      linked_variant = variants.linked_to(transformation.retail_product_id)
+
+      # Assumption: If a transformation is present then we only sell the retail
+      # variant. If that can't be found, it was deleted and we'll ignore that
+      # for now.
+      next if linked_variant.nil?
+
+      # Find all line items for this order cycle
+      # Update quantity accordingly
+      if linked_variant.on_demand
+        release_superfluous_stock(line, linked_variant, transformation)
+      else
+        aggregate_final_quantities(order_cycle, line, linked_variant, transformation)
+      end
+    end
+
+    # Clean up empty lines:
+    order.lines.reject! { |line| line.quantity.zero? }
+  end
+
+  # We look at all linked variants.
+  def backorderable_items(order)
+    order.line_items.select do |item|
+      # TODO: scope variants to hub.
+      # We are only supporting producer stock at the moment.
+      item.variant.semantic_links.present?
     end
   end
+
+  def release_superfluous_stock(line, linked_variant, transformation)
+    # Note that a division of integers dismisses the remainder, like `floor`:
+    wholesale_items_contained_in_stock = linked_variant.on_hand / transformation.factor
+
+    # But maybe we didn't actually order that much:
+    deductable_quantity = [line.quantity, wholesale_items_contained_in_stock].min
+    line.quantity -= deductable_quantity
+
+    retail_stock_changes = deductable_quantity * transformation.factor
+    linked_variant.on_hand -= retail_stock_changes
+  end
+
+  def aggregate_final_quantities(order_cycle, line, variant, transformation)
+    orders = order_cycle.orders.invoiceable
+    quantity = Spree::LineItem.where(order: orders, variant:).sum(:quantity)
+    wholesale_quantity = (quantity.to_f / transformation.factor).ceil
+    line.quantity = wholesale_quantity
+  end
 end

app/jobs/backorder_job.rb

@@ -19,7 +19,9 @@ class BackorderJob < ApplicationJob
   rescue StandardError => e
     # Errors here shouldn't affect the checkout. So let's report them
     # separately:
-    Alert.raise_with_record(e, order)
+    Bugsnag.notify(e) do |payload|
+      payload.add_metadata(:order, :order, order)
+    end
   end
 
   def perform(order)
@@ -55,11 +57,12 @@ class BackorderJob < ApplicationJob
       ordered_quantities[item] = retail_quantity
     end
 
-    return if backorder.lines.empty?
-
     place_order(user, order, orderer, backorder)
 
-    adjust_stock(items, ordered_quantities)
+    items.each do |item|
+      variant = item.variant
+      variant.on_hand += ordered_quantities[item] if variant.on_demand
+    end
   end
 
   # We look at linked variants which are either stock controlled or
@@ -79,9 +82,6 @@ class BackorderJob < ApplicationJob
     needed_quantity = needed_quantity(line_item)
     solution = broker.best_offer(variant.semantic_links[0].semantic_id)
 
-    # If this product was removed from the catalog, we can't order it.
-    return 0 unless solution.offer
-
     # The number of wholesale packs we need to order to fulfill the
     # needed quantity.
     # For example, we order 2 packs of 12 cans if we need 15 cans.
@@ -119,8 +119,7 @@ class BackorderJob < ApplicationJob
   end
 
   def load_broker(user, urls)
-    catalog = DfcCatalog.load(user, urls.catalog_url)
-    FdcOfferBroker.new(catalog)
+    FdcOfferBroker.new(user, urls)
   end
 
   def place_order(user, order, orderer, backorder)
@@ -137,14 +136,4 @@ class BackorderJob < ApplicationJob
 
     order.exchange.semantic_links.create!(semantic_id: placed_order.semanticId)
   end
-
-  def adjust_stock(items, ordered_quantities)
-    items.each do |item|
-      variant = item.variant
-      quantity = ordered_quantities[item]
-      next if quantity.zero?
-
-      variant.on_hand += quantity if variant.on_demand
-    end
-  end
 end

app/jobs/complete_backorder_job.rb

@@ -24,7 +24,8 @@ class CompleteBackorderJob < ApplicationJob
 
     urls = FdcUrlBuilder.new(order.lines[0].offer.offeredItem.semanticId)
 
-    BackorderUpdater.new.update(order, user, distributor, order_cycle)
+    variants = order_cycle.variants_distributed_by(distributor)
+    adjust_quantities(order_cycle, user, order, urls, variants)
 
     FdcBackorderer.new(user, urls).complete_order(order)
 
@@ -35,4 +36,55 @@ class CompleteBackorderJob < ApplicationJob
 
     raise
   end
+
+  # Check if we have enough stock to reduce the backorder.
+  #
+  # Our local stock can increase when users cancel their orders.
+  # But stock levels could also have been adjusted manually. So we review all
+  # quantities before finalising the order.
+  def adjust_quantities(order_cycle, user, order, urls, variants)
+    broker = FdcOfferBroker.new(user, urls)
+
+    order.lines.each do |line|
+      line.quantity = line.quantity.to_i
+      wholesale_product_id = line.offer.offeredItem.semanticId
+      transformation = broker.wholesale_to_retail(wholesale_product_id)
+      linked_variant = variants.linked_to(transformation.retail_product_id)
+
+      # Assumption: If a transformation is present then we only sell the retail
+      # variant. If that can't be found, it was deleted and we'll ignore that
+      # for now.
+      next if linked_variant.nil?
+
+      # Find all line items for this order cycle
+      # Update quantity accordingly
+      if linked_variant.on_demand
+        release_superfluous_stock(line, linked_variant, transformation)
+      else
+        aggregate_final_quantities(order_cycle, line, linked_variant, transformation)
+      end
+    end
+
+    # Clean up empty lines:
+    order.lines.reject! { |line| line.quantity.zero? }
+  end
+
+  def release_superfluous_stock(line, linked_variant, transformation)
+    # Note that a division of integers dismisses the remainder, like `floor`:
+    wholesale_items_contained_in_stock = linked_variant.on_hand / transformation.factor
+
+    # But maybe we didn't actually order that much:
+    deductable_quantity = [line.quantity, wholesale_items_contained_in_stock].min
+    line.quantity -= deductable_quantity
+
+    retail_stock_changes = deductable_quantity * transformation.factor
+    linked_variant.on_hand -= retail_stock_changes
+  end
+
+  def aggregate_final_quantities(order_cycle, line, variant, transformation)
+    orders = order_cycle.orders.invoiceable
+    quantity = Spree::LineItem.where(order: orders, variant:).sum(:quantity)
+    wholesale_quantity = (quantity.to_f / transformation.factor).ceil
+    line.quantity = wholesale_quantity
+  end
 end

app/jobs/open_order_cycle_job.rb

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-# Run any pre-conditions and mark order cycle as open.
-#
-# Currently, an order cycle is considered open in the shopfront when orders_open_at >= now.
-# But now there are some pre-conditions for opening an order cycle, so we would like to change that.
-# Instead, the presence of opened_at (and absence of processed_at) should indicate it is open.
-class OpenOrderCycleJob < ApplicationJob
-  sidekiq_options retry_for: 10.minutes
-
-  def perform(order_cycle_id)
-    ActiveRecord::Base.transaction do
-      # Fetch order cycle if it's still unopened, and lock DB row until finished
-      order_cycle = OrderCycle.lock.find_by!(id: order_cycle_id, opened_at: nil)
-
-      sync_remote_variants(order_cycle)
-
-      # Mark as opened
-      opened_at = Time.zone.now
-      order_cycle.update_columns(opened_at:)
-
-      # And notify any subscribers
-      OrderCycles::WebhookService.create_webhook_job(order_cycle, 'order_cycle.opened', opened_at)
-    end
-  end
-
-  private
-
-  def sync_remote_variants(order_cycle)
-    # Sync any remote variants for each supplier
-    order_cycle.suppliers.each do |supplier|
-      links = variant_links_for(order_cycle, supplier)
-      next if links.empty?
-
-      # Find authorised user to access remote products
-      dfc_user = supplier.owner # we assume the owner's account is the one used to import from dfc.
-
-      import_variants(links, dfc_user)
-    end
-  end
-
-  # Fetch all remote variants for this supplier in the order cycle
-  def variant_links_for(order_cycle, supplier)
-    variants = order_cycle.exchanges.incoming.from_enterprise(supplier)
-      .joins(:exchange_variants).select('exchange_variants.variant_id')
-    SemanticLink.where(subject_id: variants)
-  end
-
-  def import_variants(links, dfc_user)
-    # Find any catalogues associated with the variants
-    catalogs = links.group_by do |link|
-      FdcUrlBuilder.new(link.semantic_id).catalog_url
-    end
-
-    # Import selected variants from each catalog
-    catalogs.each do |catalog_url, catalog_links|
-      catalog = DfcCatalog.load(dfc_user, catalog_url)
-      catalog.apply_wholesale_values!
-
-      catalog_links.each do |link|
-        catalog_item = catalog.item(link.semantic_id)
-
-        if catalog_item
-          SuppliedProductImporter.update_product(catalog_item, link.subject)
-        else
-          DfcCatalogImporter.reset_variant(link.subject)
-        end
-      end
-    end
-  end
-end

app/jobs/order_cycle_closing_job.rb

@@ -25,7 +25,8 @@ class OrderCycleClosingJob < ApplicationJob
 
   def mark_as_processed
     OrderCycle.where(id: recently_closed_order_cycles).update_all(
-      processed_at: Time.zone.now
+      processed_at: Time.zone.now,
+      updated_at: Time.zone.now
     )
   end
 end

app/jobs/order_cycle_opened_job.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# Trigger jobs for any order cycles that recently opened
+class OrderCycleOpenedJob < ApplicationJob
+  def perform
+    ActiveRecord::Base.transaction do
+      recently_opened_order_cycles.find_each do |order_cycle|
+        OrderCycles::WebhookService.create_webhook_job(order_cycle, 'order_cycle.opened')
+      end
+      mark_as_opened(recently_opened_order_cycles)
+    end
+  end
+
+  private
+
+  def recently_opened_order_cycles
+    @recently_opened_order_cycles ||= OrderCycle
+      .where(opened_at: nil)
+      .where(orders_open_at: 1.hour.ago..Time.zone.now)
+      .lock.order(:id)
+  end
+
+  def mark_as_opened(order_cycles)
+    now = Time.zone.now
+    order_cycles.update_all(opened_at: now, updated_at: now)
+  end
+end

app/jobs/report_job.rb

@@ -22,8 +22,11 @@ class ReportJob < ApplicationJob
 
     broadcast_result(channel, format, blob) if channel
   rescue StandardError => e
-    Alert.raise(e, { report: { report_class:, user:, params:, format: } })
-    Rails.logger.error(e.message)
+    Bugsnag.notify(e) do |payload|
+      payload.add_metadata :report, {
+        report_class:, user:, params:, format:
+      }
+    end
 
     broadcast_error(channel)
   end
@@ -47,14 +50,10 @@ class ReportJob < ApplicationJob
   end
 
   def broadcast_error(channel)
-    cable_ready[channel]
-      .inner_html(
-        selector: "#report-go",
-        html: Spree::Admin::BaseController.helpers.button(I18n.t(:go), "report__submit-btn")
-      ).inner_html(
-        selector: "#report-table",
-        html: I18n.t("report_job.report_failed")
-      ).broadcast
+    cable_ready[channel].inner_html(
+      selector: "#report-table",
+      html: I18n.t("report_job.report_failed")
+    ).broadcast
   end
 
   def actioncable_content(format, blob)

app/jobs/stock_sync_job.rb

@@ -8,12 +8,30 @@ class StockSyncJob < ApplicationJob
   # product. These variants are rare though and we check first before we
   # enqueue a new job. That should save some time loading the order with
   # all the stock data to make this decision.
-  def self.sync_linked_catalogs_later(order)
-    sync_catalogs_by_perform_method(order, :perform_later)
+  def self.sync_linked_catalogs(order)
+    user = order.distributor.owner
+    catalog_ids(order).each do |catalog_id|
+      perform_later(user, catalog_id)
+    end
+  rescue StandardError => e
+    # Errors here shouldn't affect the shopping. So let's report them
+    # separately:
+    Bugsnag.notify(e) do |payload|
+      payload.add_metadata(:order, :order, order)
+    end
   end
 
   def self.sync_linked_catalogs_now(order)
-    sync_catalogs_by_perform_method(order, :perform_now)
+    user = order.distributor.owner
+    catalog_ids(order).each do |catalog_id|
+      perform_now(user, catalog_id)
+    end
+  rescue StandardError => e
+    # Errors here shouldn't affect the shopping. So let's report them
+    # separately:
+    Bugsnag.notify(e) do |payload|
+      payload.add_metadata(:order, :order, order)
+    end
   end
 
   def self.catalog_ids(order)
@@ -26,10 +44,7 @@ class StockSyncJob < ApplicationJob
   end
 
   def perform(user, catalog_id)
-    catalog = DfcCatalog.load(user, catalog_id)
-    catalog.apply_wholesale_values!
-
-    products = catalog.products
+    products = load_products(user, catalog_id)
     products_by_id = products.index_by(&:semanticId)
     product_ids = products_by_id.keys
     variants = linked_variants(user.enterprises, product_ids)
@@ -47,23 +62,18 @@ class StockSyncJob < ApplicationJob
     end
   end
 
+  def load_products(user, catalog_id)
+    json_catalog = DfcRequest.new(user).call(catalog_id)
+    graph = DfcIo.import(json_catalog)
+
+    graph.select do |subject|
+      subject.is_a? DataFoodConsortium::Connector::SuppliedProduct
+    end
+  end
+
   def linked_variants(enterprises, product_ids)
     Spree::Variant.where(supplier: enterprises)
       .includes(:semantic_links).references(:semantic_links)
       .where(semantic_links: { semantic_id: product_ids })
   end
-
-  def self.sync_catalogs_by_perform_method(order, perform_method)
-    distributor = order.distributor
-    return unless distributor
-
-    user = distributor.owner
-    catalog_ids(order).each do |catalog_id|
-      public_send(perform_method, user, catalog_id)
-    end
-  rescue StandardError => e
-    # Errors here shouldn't affect the shopping. So let's report them
-    # separately:
-    Alert.raise_with_record(e, order)
-  end
 end

app/jobs/subscription_confirm_job.rb

@@ -55,7 +55,9 @@ class SubscriptionConfirmJob < ApplicationJob
     if order.errors.any?
       send_failed_payment_email(order)
     else
-      Alert.raise_with_record(e, order)
+      Bugsnag.notify(e) do |payload|
+        payload.add_metadata :order, :order, order
+      end
       send_failed_payment_email(order, e.message)
     end
   end
@@ -106,6 +108,8 @@ class SubscriptionConfirmJob < ApplicationJob
     record_and_log_error(:failed_payment, order, error_message)
     SubscriptionMailer.failed_payment_email(order).deliver_now
   rescue StandardError => e
-    Alert.raise(e, { subscription_data: { order:, error_message: } })
+    Bugsnag.notify(e) do |payload|
+      payload.add_metadata :subscription_data, { order:, error_message: }
+    end
   end
 end

app/jobs/trigger_order_cycles_to_open_job.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-# Trigger jobs for any order cycles that recently opened
-class TriggerOrderCyclesToOpenJob < ApplicationJob
-  def perform
-    recently_opened_order_cycles.find_each do |order_cycle|
-      OpenOrderCycleJob.perform_later(order_cycle.id)
-    end
-  end
-
-  private
-
-  def recently_opened_order_cycles
-    OrderCycle
-      .where(opened_at: nil)
-      .where(orders_open_at: 1.hour.ago..Time.zone.now)
-  end
-end

app/jobs/webhook_delivery_job.rb

@@ -13,11 +13,11 @@ class WebhookDeliveryJob < ApplicationJob
 
   queue_as :default
 
-  def perform(url, event, payload, at: Time.zone.now)
+  def perform(url, event, payload)
     body = {
       id: job_id,
+      at: Time.zone.now.to_s,
       event:,
-      at: at.to_s,
       data: payload,
     }
 

app/mailers/application_mailer.rb

@@ -18,7 +18,6 @@ class ApplicationMailer < ActionMailer::Base
 
   def roadie_options
     # This lets us specify assets using relative paths in email templates
-    url = URI(main_app.root_url)
-    super.merge(url_options: { host: url.host, port: url.port })
+    super.merge(url_options: { host: URI(main_app.root_url).host })
   end
 end

app/mailers/enterprise_mailer.rb

@@ -23,8 +23,7 @@ class EnterpriseMailer < ApplicationMailer
     I18n.with_locale valid_locale(@enterprise.owner) do
       subject = t('enterprise_mailer.invite_manager.subject', enterprise: @enterprise.name)
       mail(to: user.email,
-           subject:,
-           reply_to: @enterprise.contact.email)
+           subject:)
     end
   end
 

app/mailers/payment_mailer.rb

@@ -5,25 +5,21 @@ class PaymentMailer < ApplicationMailer
 
   def authorize_payment(payment)
     @payment = payment
-    @order = @payment.order
     subject = I18n.t('spree.payment_mailer.authorize_payment.subject',
-                     distributor: @order.distributor.name)
-    I18n.with_locale valid_locale(@order.user) do
-      mail(to: @order.email,
-           subject:,
-           reply_to: @order.distributor.contact.email)
+                     distributor: @payment.order.distributor.name)
+    I18n.with_locale valid_locale(@payment.order.user) do
+      mail(to: payment.order.email, subject:)
     end
   end
 
   def authorization_required(payment)
-    @order = payment.order
-    shop_owner = @order.distributor.owner
+    @payment = payment
+    shop_owner = @payment.order.distributor.owner
     subject = I18n.t('spree.payment_mailer.authorization_required.subject',
-                     order: @order)
+                     order: @payment.order)
     I18n.with_locale valid_locale(shop_owner) do
       mail(to: shop_owner.email,
-           subject:,
-           reply_to: @order.email)
+           subject:)
     end
   end
 end

app/mailers/producer_mailer.rb

@@ -79,19 +79,14 @@ class ProducerMailer < ApplicationMailer
   def set_customer_data(line_items)
     return unless @coordinator.show_customer_names_to_suppliers?
 
-    @display_business_name = false
     line_items.map do |line_item|
-      customer_code = line_item.order.customer&.code
-      @display_business_name = true if customer_code.present?
-
       {
         sku: line_item.variant.sku,
         supplier_name: line_item.variant.supplier.name,
         product_and_full_name: line_item.product_and_full_name,
         quantity: line_item.quantity,
         first_name: line_item.order.billing_address.first_name,
-        last_name: line_item.order.billing_address.last_name,
-        business_name: customer_code,
+        last_name: line_item.order.billing_address.last_name
       }
     end.sort_by { |line_item| [line_item[:last_name].downcase, line_item[:first_name].downcase] }
   end

app/mailers/spree/order_mailer.rb

@@ -13,8 +13,7 @@ module Spree
       @order = find_order(order_or_order_id)
       I18n.with_locale valid_locale(@order.user) do
         mail(to: @order.email,
-             subject: mail_subject(t('spree.order_mailer.cancel_email.subject'), resend),
-             reply_to: @order.distributor.contact.email)
+             subject: mail_subject(t('spree.order_mailer.cancel_email.subject'), resend))
       end
     end
 
@@ -23,8 +22,7 @@ module Spree
       I18n.with_locale valid_locale(@order.distributor.owner) do
         subject = I18n.t('spree.order_mailer.cancel_email_for_shop.subject')
         mail(to: @order.distributor.contact.email,
-             subject:,
-             reply_to: @order.email)
+             subject:)
       end
     end
 
@@ -44,8 +42,7 @@ module Spree
       I18n.with_locale valid_locale(@order.user) do
         subject = mail_subject(t('spree.order_mailer.confirm_email.subject'), resend)
         mail(to: @order.distributor.contact.email,
-             subject:,
-             reply_to: @order.email)
+             subject:)
       end
     end
 

app/mailers/spree/shipment_mailer.rb

@@ -5,11 +5,8 @@ module Spree
     def shipped_email(shipment, delivery:)
       @shipment = shipment.respond_to?(:id) ? shipment : Spree::Shipment.find(shipment)
       @delivery = delivery
-      @order = @shipment.order
       subject = base_subject
-      mail(to: @order.email,
-           subject:,
-           reply_to: @order.distributor.contact.email)
+      mail(to: @shipment.order.email, subject:)
     end
 
     private

app/models/calculator/default_tax.rb

@@ -28,7 +28,7 @@ module Calculator
       # In theory it should never be called any more after this has been deployed.
       # If the message below doesn't show up in Bugsnag, we can safely delete this method and all
       # the related methods below it.
-      Alert.raise("Calculator::DefaultTax was called with legacy tax calculations")
+      Bugsnag.notify("Calculator::DefaultTax was called with legacy tax calculations")
 
       calculator = OpenFoodNetwork::EnterpriseFeeCalculator.new(order.distributor,
                                                                 order.order_cycle)

app/models/concerns/product_stock.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'active_support/concern'
+
+module ProductStock
+  extend ActiveSupport::Concern
+
+  def on_demand
+    raise 'Cannot determine product on_demand value of product with multiple variants' if
+      variants.size > 1
+
+    variants.first.on_demand
+  end
+
+  def on_hand
+    variants.map(&:on_hand).reduce(:+)
+  end
+end

app/models/concerns/variant_stock.rb

@@ -67,18 +67,6 @@ module VariantStock
     end
   end
 
-  def on_demand_desired_or_current
-    return on_demand_desired if new_record?
-
-    on_demand
-  end
-
-  def on_hand_desired_or_current
-    return on_hand_desired if new_record?
-
-    on_hand
-  end
-
   # Moving Spree::Stock::Quantifier.can_supply? to the variant enables us
   #   to override this behaviour for variant overrides
   # We can have this responsibility here in the variant because there is
@@ -90,6 +78,11 @@ module VariantStock
     on_demand || total_on_hand >= quantity
   end
 
+  # Moving Spree::StockLocation.fill_status to the variant enables us
+  #   to override this behaviour for variant overrides
+  # We can have this responsibility here in the variant because there is
+  #   only one stock item per variant
+  #
   # Here we depend only on variant.total_on_hand and variant.on_demand.
   #   This way, variant_overrides only need to override variant.total_on_hand and variant.on_demand.
   def fill_status(quantity)
@@ -114,15 +107,13 @@ module VariantStock
     raise_error_if_no_stock_item_available
 
     # Creates a stock movement: it updates stock_item.count_on_hand and fills backorders
+    #
+    # This is the original Spree::StockLocation#move,
+    #   except that we raise an error if the stock item is missing,
+    #   because, unlike Spree, we should always have exactly one stock item per variant.
     stock_item.stock_movements.create!(quantity:, originator:)
   end
 
-  # There shouldn't be any other stock items, because we should
-  # have only one stock location.
-  def stock_item
-    stock_items.first
-  end
-
   private
 
   # Persists the single stock item associated to this variant. As defined in
@@ -148,4 +139,10 @@ module VariantStock
   def overwrite_stock_levels(new_level)
     stock_item.adjust_count_on_hand(new_level.to_i - stock_item.count_on_hand)
   end
+
+  # There shouldn't be any other stock items, because we should
+  # have only one stock location.
+  def stock_item
+    stock_items.first
+  end
 end

app/models/concerns/vouchers/flat_ratable.rb

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-require "active_support/concern"
-
-module Vouchers
-  module FlatRatable
-    extend ActiveSupport::Concern
-
-    included do
-      validates :amount,
-                presence: true,
-                numericality: { greater_than: 0 }
-    end
-
-    def display_value
-      Spree::Money.new(amount)
-    end
-
-    # We limit adjustment to the maximum amount needed to cover the order, ie if the voucher
-    # covers more than the order.total we only need to create an adjustment covering the order.total
-    def compute_amount(order)
-      -amount.clamp(0, order.pre_discount_total)
-    end
-
-    def rate(order)
-      amount = compute_amount(order)
-
-      amount / order.pre_discount_total
-    end
-  end
-end

app/models/enterprise.rb

@@ -31,25 +31,19 @@ class Enterprise < ApplicationRecord
 
   has_many :relationships_as_parent, class_name: 'EnterpriseRelationship',
                                      foreign_key: 'parent_id',
-                                     inverse_of: :parent,
                                      dependent: :destroy
   has_many :relationships_as_child, class_name: 'EnterpriseRelationship',
                                     foreign_key: 'child_id',
-                                    inverse_of: :child,
                                     dependent: :destroy
   has_and_belongs_to_many :groups, join_table: 'enterprise_groups_enterprises',
                                    class_name: 'EnterpriseGroup'
-  has_many :producer_properties, foreign_key: 'producer_id',
-                                 inverse_of: :producer,
-                                 dependent: :destroy
+  has_many :producer_properties, foreign_key: 'producer_id', dependent: :destroy
   has_many :properties, through: :producer_properties
   has_many :supplied_variants,
-           class_name: 'Spree::Variant', foreign_key: 'supplier_id',
-           inverse_of: :supplier, dependent: :destroy
+           class_name: 'Spree::Variant', foreign_key: 'supplier_id', dependent: :destroy
   has_many :supplied_products, through: :supplied_variants, source: :product
   has_many :distributed_orders, class_name: 'Spree::Order',
                                 foreign_key: 'distributor_id',
-                                inverse_of: :distributor,
                                 dependent: :restrict_with_exception
 
   belongs_to :address, class_name: 'Spree::Address'
@@ -133,9 +127,6 @@ class Enterprise < ApplicationRecord
               message: Spree.t('errors.messages.invalid_instagram_url')
             }, allow_blank: true
   validate :validate_white_label_logo_link
-  validates :external_billing_id,
-            format: { with: /\A\S+\z/ },
-            allow_blank: true
 
   before_validation :initialize_permalink, if: lambda { permalink.nil? }
   before_validation :set_unused_address_fields
@@ -227,7 +218,7 @@ class Enterprise < ApplicationRecord
   }
 
   scope :managed_by, lambda { |user|
-    if user.admin?
+    if user.has_spree_role?('admin')
       where(nil)
     else
       joins(:enterprise_roles).where(enterprise_roles: { user_id: user.id })
@@ -384,10 +375,6 @@ class Enterprise < ApplicationRecord
     sells == 'any'
   end
 
-  def is_producer_only
-    is_primary_producer && sells == 'none'
-  end
-
   # Simplify enterprise categories for frontend logic and icons, and maybe other things.
   def category
     # Make this crazy logic human readable so we can argue about it sanely.
@@ -494,7 +481,7 @@ class Enterprise < ApplicationRecord
 
     image_variant_url_for(image.variant(name))
   rescue StandardError => e
-    Alert.raise "Enterprise ##{id} #{image.try(:name)} error: #{e.message}"
+    Bugsnag.notify "Enterprise ##{id} #{image.try(:name)} error: #{e.message}"
     Rails.logger.error(e.message)
 
     nil