Merge pull request #13830 from mkllnk/highline

Bump highline from 2.0.3 to 3.1.2 to support newer rubies

.codeclimate.yml

@@ -1,56 +0,0 @@
-version: "2"
-plugins:
-  rubocop:
-    enabled: true
-    channel: "rubocop-1-12"
-    config:
-      file: ".rubocop.yml"
-  scss-lint:
-    enabled: true
-    checks:
-      ImportantRule:
-        enabled: false
-      VendorPrefix:
-        enabled: false
-      LeadingZero:
-        enabled: false
-      PropertySortOrder:
-        enabled: false
-      StringQuotes:
-        enabled: false
-      DeclarationOrder:
-        enabled: false
-      NestingDepth:
-        enabled: false
-
-  duplication:
-    enabled: true
-    exclude_patterns:
-    - "db/**"
-    - "config/initializers/active_record_postgresql_referential_integrity_patch.rb"
-checks:
-  argument-count:
-    enabled: false
-  complex-logic:
-    enabled: false
-  file-lines:
-    enabled: false
-  method-complexity:
-    enabled: false
-  method-count:
-    enabled: false
-  method-lines:
-    enabled: false
-  nested-control-flow:
-    enabled: false
-  return-statements:
-    enabled: false
-  similar-code:
-    enabled: false
-  identical-code:
-    enabled: false
-exclude_patterns:
-- "spec/**/*"
-- "vendor/**/*"
-- "app/assets/javascripts/shared/*"
-- "app/assets/javascripts/jquery-migrate-1.0.0.js"

.env.test

@@ -1,6 +1,14 @@
 # ENV vars for the test environment
 # Override locally with `.env.test.local`
 
+# Test env specific variables
+#
+# Adjust this to your computer. When you start test-driven development, you may
+# want to reduce this value to avoid waiting for a test that you expect to fail.
+CAPYBARA_MAX_WAIT_TIME="10"
+
+# General app specific variables
+
 # Locale for translation. Using a locale other than `en` tests the
 # successful fallback to `en`.
 LOCALE="en_TST"
@@ -12,7 +20,6 @@ STRIPE_INSTANCE_SECRET_KEY="bogus_key"
 STRIPE_CUSTOMER="bogus_customer"
 STRIPE_ACCOUNT="bogus_account"
 STRIPE_CLIENT_ID="bogus_client_id"
-STRIPE_PUBLIC_TEST_API_KEY="bogus_stripe_publishable_key"
 
 SITE_URL="test.host"
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,4 +1,4 @@
-#### What? Why?
+## What? Why?
 
 - Closes # <!-- Insert issue number here. -->
 
@@ -7,7 +7,7 @@
 
 
 
-#### What should we test?
+## What should we test?
 <!-- List which features should be tested and how.
      This can be similar to the Steps to Reproduce in the issue.
      Also think of other parts of the app which could be affected
@@ -16,7 +16,7 @@
 - Visit ... page.
 - 
 
-#### Release notes
+## Release notes
 
 <!-- Please select one for your PR and delete the other. -->
 
@@ -33,12 +33,12 @@ Changelog Category (reviewers may add a label for the release notes):
 The title of the pull request will be included in the release notes.
 
 
-#### Dependencies
+## Dependencies
 <!-- Does this PR depend on another one?
      Add the link or remove this section. -->
 
 
 
-#### Documentation updates
+## Documentation updates
 <!-- Are there any wiki pages that need updating after merging this PR?
      List them here or remove this section. -->

.github/dependabot.yml

@@ -4,7 +4,28 @@
 # Most of the configuration here is not used for security updates though.
 
 version: 2
+
+multi-ecosystem-groups:
+  turbo_power:
+    schedule:
+      interval: "daily"
+
 updates:
+  - package-ecosystem: "bundler"
+    directory: "/"
+    patterns: ["turbo_power"]
+    multi-ecosystem-group: "turbo_power"
+
+    # Only specific requirements are specified in Gemfile, so don't touch it.
+    versioning-strategy: lockfile-only
+
+  - package-ecosystem: "npm"
+    directory: "/"
+    patterns: ["turbo_power"]
+    multi-ecosystem-group: "turbo_power"
+
+    # Only specific requirements are specified in package.json, so don't touch it.
+    versioning-strategy: lockfile-only
 
   - package-ecosystem: "bundler"
     directory: "/"
@@ -19,5 +40,5 @@ updates:
     schedule:
       interval: "daily"
 
-    # All versions are specified in package.json, so please update them.
-    versioning-strategy: increase
+    # Only specific requirements are specified in package.json, so don't touch it.
+    versioning-strategy: lockfile-only

.github/test-events/dependabot-pr.json

@@ -0,0 +1,15 @@
+{
+  "pull_request": {
+    "number": 13545,
+    "title": "Bump test from 7.0.4 to 7.0.8",
+    "user": {
+      "login": "dependabot[bot]"
+    }
+  },
+  "repository": {
+    "owner": {
+      "login": "openfoodfoundation"
+    },
+    "name": "openfoodnetwork"
+  }
+}

.github/workflows/brakeman-analysis.yml

@@ -1,51 +0,0 @@
-# This workflow integrates Brakeman with GitHub's Code Scanning feature
-# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
-
-name: Brakeman Scan
-
-# This section configures the trigger for the workflow. Feel free to customize depending on your convention
-on:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    branches: [ "master" ]
-
-permissions:
-  contents: read
-
-jobs:
-  brakeman-scan:
-    permissions:
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
-    name: Brakeman Scan
-    runs-on: ubuntu-latest
-    steps:
-    # Checkout the repository to the GitHub Actions runner
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    # Customize the ruby version depending on your needs
-    - name: Setup Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: '2.7'
-
-    - name: Setup Brakeman
-      env:
-        BRAKEMAN_VERSION: '5.4.0'
-      run: |
-        gem install brakeman --version $BRAKEMAN_VERSION
-
-    # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
-    - name: Scan
-      continue-on-error: true
-      run: |
-        git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-        brakeman -f sarif -o output.sarif.json .
-
-    # Upload the SARIF file generated in the previous step
-    - name: Upload SARIF
-      uses: github/codeql-action/upload-sarif@v2
-      with:
-        sarif_file: output.sarif.json

.github/workflows/build.yml

@@ -17,7 +17,7 @@ permissions:
   contents: read
 
 jobs:
-  controllers:
+  controllers_and_models:
     runs-on: ubuntu-22.04
     services:
       postgres:
@@ -81,7 +81,7 @@ jobs:
           # RSpec split test files by test examples feature - it's optional
           # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
           #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
-          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb}"
+          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb,spec/models/**/*_spec.rb}"
         run: |
           git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
           bin/rails assets:precompile knapsack_pro:rspec
@@ -95,7 +95,7 @@ jobs:
           if-no-files-found: ignore
           include-hidden-files: true
 
-  models:
+  system:
     runs-on: ubuntu-22.04
     services:
       postgres:
@@ -116,78 +116,10 @@ jobs:
         # [n] - where the n is a number of parallel jobs you want to run your tests on.
         # Use a higher number if you have slow tests to split them between more parallel jobs.
         # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [2]
+        ci_node_total: [19]
         # Indexes for parallel jobs (starting from zero).
         # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1]
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
-        with:
-          redis-version: 6
-
-      - name: Set up Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
-
-      - name: Set up database
-        run: |
-          bin/rails db:create db:schema:load
-
-      - name: Run tests
-        env:
-          KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: 09476e2ce491c12083df62768667c674
-          KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
-          KNAPSACK_PRO_CI_NODE_INDEX: ${{ matrix.ci_node_index }}
-          KNAPSACK_PRO_LOG_LEVEL: info
-          # if you use Knapsack Pro Queue Mode you must set below env variable
-          # to be able to retry CI build and run previously recorded tests
-          # https://github.com/KnapsackPro/knapsack_pro-ruby#knapsack_pro_fixed_queue_split-remember-queue-split-on-retry-ci-node
-          # KNAPSACK_PRO_FIXED_QUEUE_SPLIT: false
-          # RSpec split test files by test examples feature - it's optional
-          # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
-          #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
-          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/models/**/*_spec.rb}"
-        run: |
-          bin/rake knapsack_pro:rspec
-
-      - name: Save SimpleCov file
-        uses: actions/upload-artifact@v4
-        with:
-          name: simplecov-chunk-models-${{ matrix.ci_node_index }}
-          path: coverage/*.*
-          retention-days: 2 # doesn't need to be long, because it's the combined results that matter
-          if-no-files-found: ignore
-          include-hidden-files: true
-
-  system_admin:
-    runs-on: ubuntu-22.04
-    services:
-      postgres:
-        image: postgres:10
-        ports: ["5432:5432"]
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        env:
-          POSTGRES_DB: open_food_network_test
-          POSTGRES_USER: ofn
-          POSTGRES_PASSWORD: f00d
-    strategy:
-      fail-fast: false
-      matrix:
-        # [n] - where the n is a number of parallel jobs you want to run your tests on.
-        # Use a higher number if you have slow tests to split them between more parallel jobs.
-        # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [10]
-        # Indexes for parallel jobs (starting from zero).
-        # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]
+        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18]
     steps:
       - uses: actions/checkout@v3
 
@@ -227,7 +159,7 @@ jobs:
           # RSpec split test files by test examples feature - it's optional
           # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
           #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
-          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/admin/**/*_spec.rb}"
+          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/admin/**/*_spec.rb,spec/system/consumer/**/*_spec.rb}"
 
         run: |
           bin/rails assets:precompile knapsack_pro:queue:rspec
@@ -235,7 +167,7 @@ jobs:
       - name: Save SimpleCov file
         uses: actions/upload-artifact@v4
         with:
-          name: simplecov-chunk-system-admin-${{ matrix.ci_node_index }}
+          name: simplecov-chunk-system-${{ matrix.ci_node_index }}
           path: coverage/*.*
           retention-days: 2 # doesn't need to be long, because it's the combined results that matter
           if-no-files-found: ignore
@@ -245,94 +177,7 @@ jobs:
         if: failure()
         uses: actions/upload-artifact@v4
         with:
-          name: failed-admin_${{ matrix.ci_node_index }}-tests-screenshots
-          path: tmp/capybara/screenshots/*.png
-          retention-days: 7
-          if-no-files-found: ignore
-
-  system_consumer:
-    runs-on: ubuntu-22.04
-    services:
-      postgres:
-        image: postgres:10
-        ports: ["5432:5432"]
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        env:
-          POSTGRES_DB: open_food_network_test
-          POSTGRES_USER: ofn
-          POSTGRES_PASSWORD: f00d
-    strategy:
-      fail-fast: false
-      matrix:
-        # [n] - where the n is a number of parallel jobs you want to run your tests on.
-        # Use a higher number if you have slow tests to split them between more parallel jobs.
-        # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [6]
-        # Indexes for parallel jobs (starting from zero).
-        # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3, 4, 5]
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
-        with:
-          redis-version: 6
-
-      - name: Set up Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
-
-      - uses: actions/setup-node@v3
-        with:
-          node-version-file: .node-version
-          cache: yarn
-
-      - name: Install JS dependencies
-        run: yarn install --frozen-lockfile
-
-      - name: Set up database
-        run: |
-          bin/rails db:create db:schema:load
-
-      - name: Run tests
-
-        env:
-          KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: e52bd4390c853e6c5bdfe4d0334586c1
-          KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
-          KNAPSACK_PRO_CI_NODE_INDEX: ${{ matrix.ci_node_index }}
-          KNAPSACK_PRO_LOG_LEVEL: info
-          # if you use Knapsack Pro Queue Mode you must set below env variable
-          # to be able to retry CI build and run previously recorded tests
-          # https://github.com/KnapsackPro/knapsack_pro-ruby#knapsack_pro_fixed_queue_split-remember-queue-split-on-retry-ci-node
-          KNAPSACK_PRO_FIXED_QUEUE_SPLIT: true
-          # RSpec split test files by test examples feature - it's optional
-          # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
-          #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
-          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/consumer/**/*_spec.rb}"
-
-        run: |
-          bin/rails assets:precompile knapsack_pro:queue:rspec
-
-      - name: Save SimpleCov file
-        uses: actions/upload-artifact@v4
-        with:
-          name: simplecov-chunk-system-consumer-${{ matrix.ci_node_index }}
-          path: coverage/*.*
-          retention-days: 2 # doesn't need to be long, because it's the combined results that matter
-          if-no-files-found: ignore
-          include-hidden-files: true
-
-      - name: Archive failed tests screenshots
-        if: failure()
-        uses: actions/upload-artifact@v4
-        with:
-          name: failed-consumer_${{ matrix.ci_node_index }}-tests-screenshots
+          name: failed-system_${{ matrix.ci_node_index }}-tests-screenshots
           path: tmp/capybara/screenshots/*.png
           retention-days: 7
           if-no-files-found: ignore
@@ -534,11 +379,9 @@ jobs:
   collate_simplecov_results:
     runs-on: ubuntu-22.04
     needs:
-      - controllers
-      - models
+      - controllers_and_models
       - engines
-      - system_admin
-      - system_consumer
+      - system
       - test_the_rest
     steps:
       - uses: actions/checkout@v3
@@ -565,3 +408,8 @@ jobs:
           retention-days: 7
           if-no-files-found: ignore
           include-hidden-files: true
+      - name: Compare SimpleCov results with Undercover
+        run: |
+          git fetch --no-tags origin ${{ github.event.pull_request.base.ref }}:master
+          bundle exec undercover
+        if: ${{ github.ref != 'refs/heads/master' }} # Does not run on master, as we can't fetch master in the master branch

.github/workflows/linters.yml

@@ -1,50 +1,30 @@
 name: Linters
-on: [push, pull_request]
+on: [pull_request]
 permissions:
   contents: read # to fetch code (actions/checkout)
 jobs:
-  rubocop:
-    name: runner / rubocop
+  lint:
+    name: reviewdog
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
 
+      - uses: actions/setup-node@v3
+        with:
+          node-version-file: .node-version
+      - name: Install JS dependencies
+        run: yarn install --frozen-lockfile
+
       - uses: ruby/setup-ruby@v1
         with:
           bundler-cache: true # runs 'bundle install' and caches installed gems automatically
 
       - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
 
-      - name: rubocop
-        uses: reviewdog/action-rubocop@v2
+      - uses: reviewdog/action-setup@v1
         with:
-          rubocop_version: gemfile
-          rubocop_extensions: rubocop-rails:gemfile rubocop-rspec:gemfile
-          reporter: github-pr-check
-          level: error
-          filter_mode: nofilter
-          use_bundler: true
-          fail_level: any
-  prettier:
-    name: runner / prettier
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v3
+          reviewdog_version: v0.21.0
 
-      - uses: actions/setup-node@v3
-        with:
-          node-version-file: .node-version
-
-      - name: Install JS dependencies
-        run: yarn install --frozen-lockfile
-
-      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-
-      - name: prettier
-        uses: EPMatt/reviewdog-action-prettier@v1
-        with:
-          github_token: ${{ secrets.github_token }}
-          reporter: github-pr-check
-          level: error
-          fail_on_error: true
+      - run: ./script/reviewdog.sh
+        env:
+          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.github_token }}

.github/workflows/mapi.yml

@@ -1,51 +0,0 @@
-name: 'Mayhem for API'
-on: workflow_dispatch
-permissions:
-  contents: read # to fetch code (actions/checkout)
-jobs:
-  test:
-    permissions:
-      contents: read # to fetch code (actions/checkout)
-      security-events: write # to upload SARIF results (github/codeql-action/upload-sarif)
-    if: ${{ github.repository_owner == 'openfoodfoundation' }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: true
-    steps:
-    - uses: actions/checkout@v3
-    - run: docker/build
-    - run: docker compose up --detach
-    - run: until curl -f -s http://localhost:3000; do echo "waiting for api server"; sleep 1; done
-    - run: docker compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="update spree_users set spree_api_key='testing' where login='ofn@example.com'"
-    # equivalent to Flipper.enable(:api_v1)
-    - run: docker compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="insert into flipper_features (key, created_at, updated_at) values ('api_v1', localtimestamp, localtimestamp)"
-    - run: docker compose exec -T db psql postgresql://ofn:f00d@localhost:5432/open_food_network_dev --command="insert into flipper_gates (feature_key, key, value, created_at, updated_at) values ('api_v1', 'boolean', 'true', localtimestamp, localtimestamp)"
-
-    # Run Mayhem for API
-    - name: Run Mayhem for API
-      uses: ForAllSecure/mapi-action@v1
-      continue-on-error: true
-      with:
-        mapi-token: ${{ secrets.MAPI_TOKEN }}
-        api-url: http://localhost:3000
-        api-spec: swagger/v1.yaml
-        target: openfoodfoundation/openfoodnetwork
-        duration: 1min
-        sarif-report: mapi.sarif
-        html-report: mapi.html
-        run-args: |
-          --header-auth
-          X-Api-Token: testing
-
-    # Archive HTML report
-    - name: Archive Mayhem for API report
-      uses: actions/upload-artifact@v3
-      with:
-        name: mapi-report
-        path: mapi.html
-
-    # Upload SARIF file (only available on public repos or github enterprise)
-    - name: Upload SARIF file
-      uses: github/codeql-action/upload-sarif@v2
-      with:
-        sarif_file: mapi.sarif

.github/workflows/move-dependency-pr-to-code-review.yml

@@ -0,0 +1,151 @@
+name: Auto-move Dependabot PRs to Code Review
+permissions:
+  contents: read
+  pull-requests: read
+
+on:
+  pull_request_target:
+    types: [opened]
+
+jobs:
+  move-pr-to-code-review:
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.user.login == 'dependabot[bot]' || startsWith(github.event.pull_request.title, 'Bump')
+    steps:
+      - name: Generate GitHub App Token
+        id: app-token
+        uses: tibdex/github-app-token@v2
+        with:
+          app_id: ${{ secrets.DEPENDABOT_PR_APP_ID }}
+          private_key: ${{ secrets.DEPENDABOT_PR_APP_PRIVATE_KEY }}
+          installation_retrieval_mode: id
+          installation_retrieval_payload: ${{ secrets.DEPENDABOT_PR_APP_INSTALLATION_ID }}
+
+      - name: Move PR to Code Review in Project v2
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ steps.app-token.outputs.token }}
+          script: |
+            const projectNumber   = 8; // for "OFN Delivery board"
+            const org             = "openfoodfoundation";
+            const repo            = context.repo.repo;
+            const prNumber        = context.payload.pull_request.number;
+            const statusFieldName = "Status";
+            const statusValue     = "Code review 🔎";
+
+            // ---- Helper: Get PR Node ID ----
+            async function getPrNodeId(owner, repo, number) {
+              const res = await github.graphql(`
+                query($owner: String!, $repo: String!, $number: Int!) {
+                  repository(owner: $owner, name: $repo) {
+                    pullRequest(number: $number) {
+                      id
+                      number
+                      title
+                    }
+                  }
+                }
+              `, { owner, repo, number });
+              return res.repository.pullRequest.id;
+            }
+
+            console.log("🚀 Starting ProjectV2 automation...");
+
+            // ---- Step 1: Get Project and Fields ----
+            const projectRes = await github.graphql(`
+              query($org: String!, $number: Int!) {
+                organization(login: $org) {
+                  projectV2(number: $number) {
+                    id
+                    title
+                    fields(first: 50) {
+                      nodes {
+                        ... on ProjectV2Field {
+                          id
+                          name
+                        }
+                        ... on ProjectV2SingleSelectField {
+                          id
+                          name
+                          options {
+                            id
+                            name
+                          }
+                        }
+                      }
+                    }
+                  }
+                }
+              }
+            `, { org, number: projectNumber });
+
+            const project = projectRes.organization.projectV2;
+            if (!project) throw new Error(`❌ Project #${projectNumber} not found`);
+
+            console.log(`✅ Found project: ${project.title} (${project.id})`);
+
+            const statusField = project.fields.nodes.find(f => f.name === statusFieldName);
+            if (!statusField) throw new Error(`❌ Field '${statusFieldName}' not found`);
+
+            const option = statusField.options.find(o => o.name === statusValue);
+            if (!option) throw new Error(`❌ Option '${statusValue}' not found in '${statusFieldName}'`);
+
+            console.log(`✅ Found field '${statusFieldName}' and option '${statusValue}'`);
+
+            // ---- Step 2: Get PR Node ID ----
+            const prNodeId = await getPrNodeId(org, repo, prNumber);
+            console.log(`✅ PR #${prNumber} node ID: ${prNodeId}`);
+
+            // ---- Step 3: Check if PR is already in Project ----
+            const itemRes = await github.graphql(`
+              query($prId: ID!) {
+                node(id: $prId) {
+                  ... on PullRequest {
+                    projectItems(first: 50) {
+                      nodes {
+                        id
+                        project { id title }
+                      }
+                    }
+                  }
+                }
+              }
+            `, { prId: prNodeId });
+
+            let projectItem = itemRes.node.projectItems.nodes.find(i => i.project.id === project.id);
+
+            if (!projectItem) {
+              console.log("ℹ️ PR not yet in project, adding...");
+              const addRes = await github.graphql(`
+                mutation($projectId: ID!, $contentId: ID!) {
+                  addProjectV2ItemById(input: {projectId: $projectId, contentId: $contentId}) {
+                    item { id }
+                  }
+                }
+              `, { projectId: project.id, contentId: prNodeId });
+              projectItem = addRes.addProjectV2ItemById.item;
+              console.log(`✅ Added PR to project: ${projectItem.id}`);
+            } else {
+              console.log(`ℹ️ PR already in project: ${projectItem.id}`);
+            }
+
+            // ---- Step 4: Update Status ----
+            await github.graphql(`
+              mutation($projectId: ID!, $itemId: ID!, $fieldId: ID!, $optionId: String!) {
+                updateProjectV2ItemFieldValue(input: {
+                  projectId: $projectId,
+                  itemId: $itemId,
+                  fieldId: $fieldId,
+                  value: { singleSelectOptionId: $optionId }
+                }) {
+                  projectV2Item { id }
+                }
+              }
+            `, {
+              projectId: project.id,
+              itemId: projectItem.id,
+              fieldId: statusField.id,
+              optionId: option.id,
+            });
+
+            console.log(`🎉 Moved PR #${prNumber} → '${statusValue}'`);

.gitignore

@@ -59,3 +59,4 @@ yarn-debug.log*
 
 /config/credentials.yml.enc
 /config/master.key
+.secrets

.haml-lint.yml

@@ -2,19 +2,12 @@
 # frameworks such as Jekyll/Middleman
 skip_frontmatter: false
 
+inherits_from: .haml-lint_todo.yml
+
 linters:
   AltText:
     enabled: false
 
-  ClassAttributeWithStaticValue:
-    enabled: true
-
-  ClassesBeforeIds:
-    enabled: true
-
-  ConsecutiveComments:
-    enabled: true
-
   ConsecutiveSilentScripts:
     enabled: true
     max_consecutive: 2
@@ -32,7 +25,6 @@ linters:
     enabled: true
 
   LineLength:
-    enabled: true
     max: 80
 
   MultilinePipe:
@@ -47,24 +39,11 @@ linters:
   RuboCop:
     enabled: false
 
-  RubyComments:
-    enabled: true
-
-  SpaceBeforeScript:
-    enabled: true
-
   SpaceInsideHashAttributes:
-    enabled: true
     style: no_space
 
   TagName:
     enabled: true
 
-  TrailingWhitespace:
-    enabled: true
-
   UnnecessaryInterpolation:
     enabled: true
-
-  UnnecessaryStringOutput:
-    enabled: true

.haml-lint_todo.yml

@@ -0,0 +1,153 @@
+# This configuration was generated by
+# `haml-lint --auto-gen-config`
+# on 2025-10-30 09:19:50 +0100 using Haml-Lint version 0.66.0.
+# The point is for the user to remove these configuration records
+# one by one as the lints are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of Haml-Lint, may require this file to be generated again.
+
+linters:
+
+  # Offense count: 35
+  ClassAttributeWithStaticValue:
+    enabled: false
+
+  # Offense count: 77
+  ClassesBeforeIds:
+    enabled: false
+
+  # Offense count: 18
+  ConsecutiveComments:
+    enabled: false
+
+  # Offense count: 22
+  ConsecutiveSilentScripts:
+    exclude:
+      - "app/views/admin/contents/_fieldset.html.haml"
+      - "app/views/admin/enterprises/form/_tag_rules.html.haml"
+      - "app/views/admin/order_cycles/edit.html.haml"
+      - "app/views/admin/products_v3/product_preview.turbo_stream.haml"
+      - "app/views/admin/reports/_date_range_form.html.haml"
+      - "app/views/checkout/_details.html.haml"
+      - "app/views/checkout/_payment.html.haml"
+      - "app/views/spree/admin/adjustments/_adjustments_table.html.haml"
+      - "app/views/spree/admin/orders/customer_details/_address_form.html.haml"
+      - "app/views/spree/admin/tax_categories/index.html.haml"
+      - "app/views/spree/admin/users/index.html.haml"
+
+  # Offense count: 14
+  FinalNewline:
+    exclude:
+      - "app/assets/javascripts/templates/shared/question_mark_with_tooltip.html.haml"
+      - "app/views/admin/enterprises/form/_social.html.haml"
+      - "app/views/admin/json/_injection_ams.html.haml"
+      - "app/views/admin/order_cycles/_date_time_warning_modal_content.html.haml"
+      - "app/views/admin/order_cycles/edit.html.haml"
+      - "app/views/admin/product_import/_ams_data.html.haml"
+      - "app/views/admin/reports/_row_group.haml"
+      - "app/views/admin/reports/filters/_enterprise_fee_summary.html.haml"
+      - "app/views/admin/reports/filters/_users_and_enterprises.html.haml"
+      - "app/views/shop/_blocked_cookies.html.haml"
+      - "app/views/spree/admin/orders/_invoice/_order_note.html.haml"
+      - "app/views/spree/admin/orders/invoice4.html.haml"
+      - "app/views/spree/admin/taxons/destroy_taxon.turbo_stream.haml"
+      - "app/views/spree/admin/users/_email_confirmation.html.haml"
+
+  # Offense count: 130
+  IdNames:
+    enabled: false
+
+  # Offense count: 5
+  Indentation:
+    exclude:
+      - "app/views/admin/products_v3/clone.turbo_stream.haml"
+      - "app/views/admin/products_v3/destroy_product_variant.turbo_stream.haml"
+      - "app/views/spree/admin/taxons/destroy_taxon.turbo_stream.haml"
+
+  # Offense count: 191
+  InlineStyles:
+    enabled: false
+
+  # Offense count: 589
+  InstanceVariables:
+    enabled: false
+
+  # Offense count: 2
+  LeadingCommentSpace:
+    exclude:
+      - "app/views/admin/reports/_row_group.haml"
+
+  # Offense count: 2331
+  LineLength:
+    enabled: false
+
+  # Offense count: 1
+  MultilinePipe:
+    exclude:
+      - "app/views/admin/reports/_rendering_options.html.haml"
+
+  # Offense count: 2
+  MultilineScript:
+    exclude:
+      - "app/views/admin/products_v3/product_preview.turbo_stream.haml"
+      - "app/views/checkout/_voucher_section.html.haml"
+
+  # Offense count: 2
+  RepeatedId:
+    exclude:
+      - "app/assets/javascripts/templates/admin/save_bar.html.haml"
+
+  # Offense count: 24
+  RubyComments:
+    enabled: false
+
+  # Offense count: 104
+  SpaceBeforeScript:
+    enabled: false
+
+  # Offense count: 3345
+  SpaceInsideHashAttributes:
+    enabled: false
+
+  # Offense count: 22
+  TrailingEmptyLines:
+    enabled: false
+
+  # Offense count: 73
+  TrailingWhitespace:
+    enabled: false
+
+  # Offense count: 13
+  UnnecessaryInterpolation:
+    exclude:
+      - "app/components/example_component/example_component.html.haml"
+      - "app/views/admin/product_import/_entries_table.html.haml"
+      - "app/views/admin/product_import/import.html.haml"
+      - "app/views/admin/variant_overrides/_filters.html.haml"
+      - "app/views/registration/steps/_introduction.html.haml"
+      - "app/views/spree/order_mailer/_shipping.html.haml"
+      - "app/views/spree/order_mailer/invoice_email.html.haml"
+      - "app/views/spree/shared/_shipment_delivery_details.html.haml"
+      - "app/views/spree/shared/_shipment_pickup_details.html.haml"
+
+  # Offense count: 68
+  UnnecessaryStringOutput:
+    enabled: false
+
+  # Offense count: 14
+  ViewLength:
+    exclude:
+      - "app/assets/javascripts/templates/admin/panels/enterprise_package.html.haml"
+      - "app/views/admin/customers/index.html.haml"
+      - "app/views/admin/enterprises/_new_form.html.haml"
+      - "app/views/admin/enterprises/form/_shop_preferences.html.haml"
+      - "app/views/admin/product_import/_import_review.html.haml"
+      - "app/views/admin/products_v3/product_preview.turbo_stream.haml"
+      - "app/views/checkout/_details.html.haml"
+      - "app/views/groups/show.html.haml"
+      - "app/views/producer_mailer/order_cycle_report.html.haml"
+      - "app/views/shared/_footer.html.haml"
+      - "app/views/spree/admin/orders/bulk_management.html.haml"
+      - "app/views/spree/admin/orders/invoice4.html.haml"
+      - "app/views/spree/admin/products/new.html.haml"
+      - "app/views/spree/admin/variants/_form.html.haml"

.hound.yml

@@ -1,6 +0,0 @@
-rubocop:
-  config_file: .rubocop_styleguide.yml
-scss:
-  config_file: .scss-lint.yml
-haml:
-  config_file: .haml-lint.yml

.node-version

@@ -1 +1 @@
-17.9.1
+24.10.0

.rubocop.yml

@@ -4,7 +4,7 @@
 #
 # The configuration is split into three files. Look into those files for more details.
 #
-require:
+plugins:
   - rubocop-capybara
   - rubocop-factory_bot
   - rubocop-rails

.rubocop_styleguide.yml

@@ -16,6 +16,7 @@ AllCops:
     - node_modules/**/*
     # Excluding: inadequate Naming/FileName rule rejects GemFile name with camelcase
     - engines/web/Gemfile
+    - .undercover
 
 Bundler/DuplicatedGem:
   Enabled: false
@@ -93,7 +94,7 @@ Metrics/PerceivedComplexity:
   Enabled: true
   Max: 14 # default 8
 
-Naming/PredicateName:
+Naming/PredicatePrefix:
   Enabled: false
 
 Naming/VariableNumber:
@@ -102,6 +103,8 @@ Naming/VariableNumber:
     - street_address_2
   AllowedPatterns:
     - _v[\d]+
+    # Cf. conversation https://github.com/openfoodfoundation/openfoodnetwork/pull/13306#pullrequestreview-2831644286 
+    - menu_[\d]
 
 Rails/ApplicationRecord:
   Exclude:

.rubocop_todo.yml

@@ -1,11 +1,44 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400 --no-auto-gen-timestamp`
-# using RuboCop version 1.64.1.
+# using RuboCop version 1.81.7.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: RequireParenthesesForMethodChains.
+Lint/AmbiguousRange:
+  Exclude:
+    - 'app/models/concerns/permalink_generator.rb'
+
+# Offense count: 6
+Lint/CopDirectiveSyntax:
+  Exclude:
+    - 'app/services/orders/bulk_cancel_service.rb'
+    - 'lib/tasks/simplecov.rake'
+    - 'spec/models/database_spec.rb'
+    - 'spec/system/admin/bulk_order_management_spec.rb'
+    - 'spec/system/admin/enterprise_relationships_spec.rb'
+
+# Offense count: 2
+Lint/DuplicateMethods:
+  Exclude:
+    - 'app/models/spree/order.rb'
+    - 'engines/order_management/app/services/order_management/subscriptions/form.rb'
+
+# Offense count: 3
+Lint/UselessConstantScoping:
+  Exclude:
+    - 'app/services/weights_and_measures.rb'
+    - 'lib/reporting/report_metadata_builder.rb'
+
+# Offense count: 1
+Lint/UselessOr:
+  Exclude:
+    - 'app/models/product_import/entry_validator.rb'
+
 # Offense count: 24
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes, Max.
 Metrics/AbcSize:
@@ -42,12 +75,12 @@ Metrics/BlockLength:
     - 'lib/tasks/data.rake'
 
 # Offense count: 1
-# Configuration parameters: CountBlocks, Max.
+# Configuration parameters: CountBlocks, CountModifierForms, Max.
 Metrics/BlockNesting:
   Exclude:
     - 'app/models/spree/payment/processing.rb'
 
-# Offense count: 47
+# Offense count: 49
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ClassLength:
   Exclude:
@@ -63,7 +96,6 @@ Metrics/ClassLength:
     - 'app/controllers/spree/admin/payment_methods_controller.rb'
     - 'app/controllers/spree/admin/payments_controller.rb'
     - 'app/controllers/spree/admin/products_controller.rb'
-    - 'app/controllers/spree/admin/users_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/models/enterprise.rb'
     - 'app/models/invoice/data_presenter.rb'
@@ -89,6 +121,8 @@ Metrics/ClassLength:
     - 'app/services/cart_service.rb'
     - 'app/services/order_cycles/form_service.rb'
     - 'app/services/orders/sync_service.rb'
+    - 'app/services/permissions/order.rb'
+    - 'app/services/products_renderer.rb'
     - 'app/services/sets/product_set.rb'
     - 'engines/order_management/app/services/order_management/order/updater.rb'
     - 'lib/open_food_network/enterprise_fee_calculator.rb'
@@ -100,7 +134,7 @@ Metrics/ClassLength:
     - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
     - 'lib/reporting/reports/xero_invoices/base.rb'
 
-# Offense count: 30
+# Offense count: 37
 # Configuration parameters: AllowedMethods, AllowedPatterns, Max.
 Metrics/CyclomaticComplexity:
   Exclude:
@@ -123,20 +157,24 @@ Metrics/CyclomaticComplexity:
     - 'app/models/spree/tax_rate.rb'
     - 'app/models/spree/zone.rb'
     - 'lib/open_food_network/enterprise_issue_validator.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/order_cycle_customer_totals.rb'
+    - 'lib/reporting/reports/orders_and_fulfillment/order_cycle_supplier_totals.rb'
+    - 'lib/reporting/reports/payments/itemised_payment_totals.rb'
+    - 'lib/reporting/reports/payments/payment_totals.rb'
+    - 'lib/reporting/reports/sales_tax/sales_tax_totals_by_producer.rb'
     - 'lib/reporting/reports/xero_invoices/base.rb'
     - 'lib/spree/core/controller_helpers/order.rb'
     - 'lib/spree/core/controller_helpers/respond_with.rb'
     - 'lib/spree/localized_number.rb'
     - 'spec/models/product_importer_spec.rb'
 
-# Offense count: 23
+# Offense count: 22
 # Configuration parameters: CountComments, Max, CountAsOne, AllowedMethods, AllowedPatterns.
 Metrics/MethodLength:
   Exclude:
     - 'app/controllers/admin/enterprises_controller.rb'
     - 'app/controllers/payment_gateways/paypal_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
-    - 'app/helpers/spree/admin/navigation_helper.rb'
     - 'app/models/spree/ability.rb'
     - 'app/models/spree/gateway/pay_pal_express.rb'
     - 'app/models/spree/order/checkout.rb'
@@ -149,7 +187,7 @@ Metrics/MethodLength:
     - 'lib/spree/localized_number.rb'
     - 'lib/tasks/sample_data/product_factory.rb'
 
-# Offense count: 49
+# Offense count: 10
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ModuleLength:
   Exclude:
@@ -161,46 +199,7 @@ Metrics/ModuleLength:
     - 'app/helpers/spree/admin/orders_helper.rb'
     - 'app/models/spree/order/checkout.rb'
     - 'app/models/spree/payment/processing.rb'
-    - 'engines/catalog/spec/services/catalog/product_import/products_reset_strategy_spec.rb'
-    - 'engines/order_management/spec/services/order_management/order/updater_spec.rb'
-    - 'engines/order_management/spec/services/order_management/stock/package_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/estimator_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/form_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/proxy_order_syncer_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/summarizer_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/summary_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/validator_spec.rb'
-    - 'engines/order_management/spec/services/order_management/subscriptions/variants_list_spec.rb'
     - 'lib/open_food_network/column_preference_defaults.rb'
-    - 'spec/controllers/admin/customers_controller_spec.rb'
-    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
-    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
-    - 'spec/controllers/api/v0/orders_controller_spec.rb'
-    - 'spec/controllers/payment_gateways/stripe_controller_spec.rb'
-    - 'spec/controllers/spree/admin/adjustments_controller_spec.rb'
-    - 'spec/controllers/spree/admin/payment_methods_controller_spec.rb'
-    - 'spec/controllers/spree/admin/variants_controller_spec.rb'
-    - 'spec/lib/open_food_network/address_finder_spec.rb'
-    - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
-    - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
-    - 'spec/lib/open_food_network/order_cycle_permissions_spec.rb'
-    - 'spec/lib/open_food_network/permissions_spec.rb'
-    - 'spec/lib/open_food_network/scope_variant_to_hub_spec.rb'
-    - 'spec/lib/open_food_network/tag_rule_applicator_spec.rb'
-    - 'spec/lib/reports/customers_report_spec.rb'
-    - 'spec/lib/reports/enterprise_fee_summary/authorizer_spec.rb'
-    - 'spec/lib/reports/order_cycle_management_report_spec.rb'
-    - 'spec/lib/reports/products_and_inventory_report_spec.rb'
-    - 'spec/lib/reports/users_and_enterprises_report_spec.rb'
-    - 'spec/models/spree/adjustment_spec.rb'
-    - 'spec/models/spree/credit_card_spec.rb'
-    - 'spec/models/spree/line_item_spec.rb'
-    - 'spec/models/spree/order/tax_spec.rb'
-    - 'spec/models/spree/product_spec.rb'
-    - 'spec/models/spree/shipping_method_spec.rb'
-    - 'spec/models/spree/tax_rate_spec.rb'
-    - 'spec/services/permissions/order_spec.rb'
-    - 'spec/services/variant_units/option_value_namer_spec.rb'
     - 'spec/support/request/stripe_stubs.rb'
 
 # Offense count: 7
@@ -213,7 +212,7 @@ Metrics/ParameterLists:
     - 'spec/support/controller_requests_helper.rb'
     - 'spec/system/admin/reports_spec.rb'
 
-# Offense count: 3
+# Offense count: 4
 # Configuration parameters: AllowedMethods, AllowedPatterns, Max.
 Metrics/PerceivedComplexity:
   Exclude:
@@ -221,241 +220,139 @@ Metrics/PerceivedComplexity:
     - 'app/models/spree/ability.rb'
     - 'app/models/spree/order/checkout.rb'
 
-# Offense count: 5
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyleForLeadingUnderscores.
-# SupportedStylesForLeadingUnderscores: disallowed, required, optional
-Naming/MemoizedInstanceVariableName:
+# Offense count: 1
+# Configuration parameters: EnforcedStyle, AllowedPatterns, ForbiddenIdentifiers, ForbiddenPatterns.
+# SupportedStyles: snake_case, camelCase
+# ForbiddenIdentifiers: __id__, __send__
+Naming/MethodName:
   Exclude:
-    - 'app/mailers/producer_mailer.rb'
-    - 'app/models/concerns/balance.rb'
-    - 'lib/open_food_network/address_finder.rb'
+    - 'engines/dfc_provider/lib/dfc_provider/catalog_item.rb'
 
 # Offense count: 1
 # Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames.
 # AllowedNames: as, at, by, cc, db, id, if, in, io, ip, of, on, os, pp, to
 Naming/MethodParameterName:
   Exclude:
-    - 'app/services/process_payment_intent.rb'
+    - 'engines/dfc_provider/lib/dfc_provider/catalog_item.rb'
 
-# Offense count: 26
-# Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
-# SupportedStyles: snake_case, normalcase, non_integer
-# AllowedIdentifiers: capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
-Naming/VariableNumber:
+# Offense count: 60
+# Configuration parameters: Mode, AllowedMethods, AllowedPatterns, AllowBangMethods, WaywardPredicates.
+# AllowedMethods: call
+# WaywardPredicates: nonzero?
+Naming/PredicateMethod:
   Exclude:
-    - 'app/controllers/spree/orders_controller.rb'
-    - 'app/models/content_configuration.rb'
-    - 'app/models/preference_sections/main_links_section.rb'
-    - 'lib/spree/core/controller_helpers/common.rb'
-    - 'spec/controllers/spree/admin/search_controller_spec.rb'
-    - 'spec/models/spree/stock_item_spec.rb'
-    - 'spec/models/spree/tax_rate_spec.rb'
-    - 'spec/requests/api/orders_spec.rb'
+    - 'app/controllers/admin/product_import_controller.rb'
+    - 'app/controllers/api/v0/order_cycles_controller.rb'
+    - 'app/controllers/spree/admin/overview_controller.rb'
+    - 'app/controllers/spree/admin/payments_controller.rb'
+    - 'app/controllers/voucher_adjustments_controller.rb'
+    - 'app/forms/enterprise_fees_bulk_update.rb'
+    - 'app/forms/schedule_form.rb'
+    - 'app/helpers/spree/orders_helper.rb'
+    - 'app/models/concerns/variant_stock.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/enterprise_fee.rb'
+    - 'app/models/invoice/data_presenter.rb'
+    - 'app/models/order_cycle.rb'
+    - 'app/models/product_import/entry_processor.rb'
+    - 'app/models/product_import/entry_validator.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/order_contents.rb'
+    - 'app/models/spree/payment.rb'
+    - 'app/models/spree/payment/processing.rb'
+    - 'app/models/spree/state_change.rb'
+    - 'app/models/spree/user.rb'
+    - 'app/reflexes/admin/orders_reflex.rb'
+    - 'app/serializers/api/admin/for_order_cycle/enterprise_serializer.rb'
+    - 'app/serializers/api/admin/index_enterprise_serializer.rb'
+    - 'app/serializers/api/admin/index_order_cycle_serializer.rb'
+    - 'app/serializers/api/admin/order_cycle_serializer.rb'
+    - 'app/serializers/api/admin/order_serializer.rb'
+    - 'app/serializers/api/admin/schedule_serializer.rb'
+    - 'app/serializers/api/admin/subscription_line_item_serializer.rb'
+    - 'app/serializers/api/admin/user_serializer.rb'
+    - 'app/serializers/api/admin/variant_serializer.rb'
+    - 'app/serializers/api/enterprise_shopfront_serializer.rb'
+    - 'app/serializers/api/enterprise_thin_serializer.rb'
+    - 'app/serializers/api/order_serializer.rb'
+    - 'app/serializers/api/uncached_enterprise_serializer.rb'
+    - 'app/services/cart_service.rb'
+    - 'app/services/orders/fetch_adjustments_service.rb'
+    - 'app/services/orders/workflow_service.rb'
+    - 'app/services/sets/model_set.rb'
+    - 'app/services/sets/order_cycle_set.rb'
+    - 'app/services/sets/product_set.rb'
+    - 'engines/dfc_provider/app/controllers/dfc_provider/addresses_controller.rb'
+    - 'lib/open_food_network/order_cycle_form_applicator.rb'
+    - 'lib/open_food_network/order_cycle_permissions.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/enterprise_fees_with_tax_report_by_order.rb'
+    - 'lib/reporting/reports/enterprise_fee_summary/enterprise_fees_with_tax_report_by_producer.rb'
+    - 'lib/tasks/data/check_invalid_address_used.rake'
 
-# Offense count: 144
+# Offense count: 3
+# Configuration parameters: EnforcedStyle, AllowedIdentifiers, AllowedPatterns, ForbiddenIdentifiers, ForbiddenPatterns.
+# SupportedStyles: snake_case, camelCase
+Naming/VariableName:
+  Exclude:
+    - 'engines/dfc_provider/lib/dfc_provider/catalog_item.rb'
+
+# Offense count: 6
 # This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: ResponseMethods.
-# ResponseMethods: response, last_response
-RSpecRails/HaveHttpStatus:
+Rails/FindByOrAssignmentMemoization:
   Exclude:
-    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
-    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
-    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
-    - 'spec/controllers/api/v0/base_controller_spec.rb'
-    - 'spec/controllers/api/v0/customers_controller_spec.rb'
-    - 'spec/controllers/api/v0/enterprises_controller_spec.rb'
-    - 'spec/controllers/api/v0/logos_controller_spec.rb'
-    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
-    - 'spec/controllers/api/v0/orders_controller_spec.rb'
-    - 'spec/controllers/api/v0/product_images_controller_spec.rb'
-    - 'spec/controllers/api/v0/products_controller_spec.rb'
-    - 'spec/controllers/api/v0/promo_images_controller_spec.rb'
-    - 'spec/controllers/api/v0/reports/packing_report_spec.rb'
-    - 'spec/controllers/api/v0/reports_controller_spec.rb'
-    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
-    - 'spec/controllers/api/v0/statuses_controller_spec.rb'
-    - 'spec/controllers/api/v0/taxons_controller_spec.rb'
-    - 'spec/controllers/api/v0/terms_and_conditions_controller_spec.rb'
-    - 'spec/controllers/api/v0/variants_controller_spec.rb'
-    - 'spec/controllers/cart_controller_spec.rb'
-    - 'spec/controllers/checkout_controller_spec.rb'
-    - 'spec/controllers/enterprises_controller_spec.rb'
-    - 'spec/controllers/line_items_controller_spec.rb'
-    - 'spec/controllers/shop_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders_controller_spec.rb'
-    - 'spec/controllers/spree/admin/products_controller_spec.rb'
-    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
-    - 'spec/controllers/spree/orders_controller_spec.rb'
-    - 'spec/controllers/stripe/callbacks_controller_spec.rb'
-    - 'spec/controllers/stripe/webhooks_controller_spec.rb'
-    - 'spec/controllers/user_passwords_controller_spec.rb'
-    - 'spec/controllers/user_registrations_controller_spec.rb'
-    - 'spec/requests/api/routes_spec.rb'
-    - 'spec/requests/checkout/stripe_sca_spec.rb'
-    - 'spec/requests/home_controller_spec.rb'
-    - 'spec/requests/omniauth_callbacks_controller_spec.rb'
-    - 'spec/services/embedded_page_service_spec.rb'
-    - 'spec/support/api_helper.rb'
+    - 'app/controllers/admin/customers_controller.rb'
+    - 'app/controllers/admin/resource_controller.rb'
+    - 'app/controllers/api/v0/enterprise_fees_controller.rb'
+    - 'app/controllers/api/v0/order_cycles_controller.rb'
+    - 'lib/stripe/account_connector.rb'
 
-# Offense count: 8
+# Offense count: 32
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Rails/OrderArguments:
+  Exclude:
+    - 'app/controllers/admin/enterprise_fees_controller.rb'
+    - 'app/controllers/admin/enterprises_controller.rb'
+    - 'app/controllers/admin/order_cycles_controller.rb'
+    - 'app/controllers/admin/product_import_controller.rb'
+    - 'app/controllers/api/v0/states_controller.rb'
+    - 'app/controllers/spree/admin/overview_controller.rb'
+    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/helpers/enterprises_helper.rb'
+    - 'app/models/enterprise.rb'
+    - 'app/models/enterprise_group.rb'
+    - 'app/models/enterprise_relationship_permission.rb'
+    - 'app/models/order_cycle.rb'
+    - 'app/models/product_import/product_importer.rb'
+    - 'app/models/schedule.rb'
+    - 'app/models/spree/country.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/shipping_rate.rb'
+    - 'app/models/spree/user.rb'
+    - 'app/models/spree/zone.rb'
+    - 'app/models/subscription_line_item.rb'
+    - 'app/models/tag_rule.rb'
+    - 'app/models/variant_override.rb'
+    - 'lib/open_food_network/address_finder.rb'
+    - 'spec/services/orders/generate_invoice_service_spec.rb'
+    - 'spec/system/admin/order_cycles/simple_spec.rb'
+
+# Offense count: 3
 # This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: numeric, symbolic, be_status
-RSpecRails/HttpStatus:
+Rails/Presence:
   Exclude:
-    - 'spec/controllers/spree/admin/products_controller_spec.rb'
-    - 'spec/requests/api/orders_spec.rb'
+    - 'app/controllers/admin/enterprises_controller.rb'
+    - 'app/models/spree/product.rb'
 
-# Offense count: 144
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: Inferences.
-RSpecRails/InferredSpecType:
+# Offense count: 6
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Severity.
+Rails/RedirectBackOrTo:
   Exclude:
-    - 'engines/dfc_provider/spec/requests/addresses_spec.rb'
-    - 'engines/dfc_provider/spec/requests/catalog_items_spec.rb'
-    - 'engines/dfc_provider/spec/requests/enterprise_groups/affiliated_by_spec.rb'
-    - 'engines/dfc_provider/spec/requests/enterprise_groups_spec.rb'
-    - 'engines/dfc_provider/spec/requests/enterprises_spec.rb'
-    - 'engines/dfc_provider/spec/requests/offers_spec.rb'
-    - 'engines/dfc_provider/spec/requests/persons_spec.rb'
-    - 'engines/dfc_provider/spec/requests/social_medias_spec.rb'
-    - 'engines/dfc_provider/spec/requests/supplied_products_spec.rb'
-    - 'engines/web/spec/helpers/cookies_policy_helper_spec.rb'
-    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
-    - 'spec/controllers/admin/column_preferences_controller_spec.rb'
-    - 'spec/controllers/admin/customers_controller_spec.rb'
-    - 'spec/controllers/admin/enterprises_controller_spec.rb'
-    - 'spec/controllers/admin/inventory_items_controller_spec.rb'
-    - 'spec/controllers/admin/invoice_settings_controller_spec.rb'
-    - 'spec/controllers/admin/matomo_settings_controller_spec.rb'
-    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
-    - 'spec/controllers/admin/product_import_controller_spec.rb'
-    - 'spec/controllers/admin/proxy_orders_controller_spec.rb'
-    - 'spec/controllers/admin/reports_controller_spec.rb'
-    - 'spec/controllers/admin/schedules_controller_spec.rb'
-    - 'spec/controllers/admin/stripe_accounts_controller_spec.rb'
-    - 'spec/controllers/admin/stripe_connect_settings_controller_spec.rb'
-    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
-    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
-    - 'spec/controllers/admin/tag_rules_controller_spec.rb'
-    - 'spec/controllers/admin/terms_of_service_files_controller_spec.rb'
-    - 'spec/controllers/admin/variant_overrides_controller_spec.rb'
-    - 'spec/controllers/api/v0/customers_controller_spec.rb'
-    - 'spec/controllers/api/v0/enterprise_fees_controller_spec.rb'
-    - 'spec/controllers/api/v0/enterprises_controller_spec.rb'
-    - 'spec/controllers/api/v0/exchange_products_controller_spec.rb'
-    - 'spec/controllers/api/v0/logos_controller_spec.rb'
-    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
-    - 'spec/controllers/api/v0/orders_controller_spec.rb'
-    - 'spec/controllers/api/v0/product_images_controller_spec.rb'
-    - 'spec/controllers/api/v0/products_controller_spec.rb'
-    - 'spec/controllers/api/v0/promo_images_controller_spec.rb'
-    - 'spec/controllers/api/v0/reports/packing_report_spec.rb'
-    - 'spec/controllers/api/v0/reports_controller_spec.rb'
-    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
-    - 'spec/controllers/api/v0/shops_controller_spec.rb'
-    - 'spec/controllers/api/v0/statuses_controller_spec.rb'
-    - 'spec/controllers/api/v0/terms_and_conditions_controller_spec.rb'
-    - 'spec/controllers/api/v0/variants_controller_spec.rb'
-    - 'spec/controllers/base_controller_spec.rb'
-    - 'spec/controllers/cart_controller_spec.rb'
-    - 'spec/controllers/checkout_controller_spec.rb'
-    - 'spec/controllers/enterprises_controller_spec.rb'
-    - 'spec/controllers/groups_controller_spec.rb'
-    - 'spec/controllers/line_items_controller_spec.rb'
-    - 'spec/controllers/payment_gateways/paypal_controller_spec.rb'
-    - 'spec/controllers/payment_gateways/stripe_controller_spec.rb'
-    - 'spec/controllers/registration_controller_spec.rb'
-    - 'spec/controllers/shop_controller_spec.rb'
-    - 'spec/controllers/shops_controller_spec.rb'
-    - 'spec/controllers/spree/admin/adjustments_controller_spec.rb'
-    - 'spec/controllers/spree/admin/base_controller_spec.rb'
-    - 'spec/controllers/spree/admin/countries_controller_spec.rb'
-    - 'spec/controllers/spree/admin/general_settings_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders/customer_details_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders/invoices_spec.rb'
-    - 'spec/controllers/spree/admin/orders/payments/payments_controller_refunds_spec.rb'
-    - 'spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders_controller_spec.rb'
-    - 'spec/controllers/spree/admin/overview_controller_spec.rb'
-    - 'spec/controllers/spree/admin/payment_methods_controller_spec.rb'
-    - 'spec/controllers/spree/admin/products_controller_spec.rb'
-    - 'spec/controllers/spree/admin/return_authorizations_controller_spec.rb'
-    - 'spec/controllers/spree/admin/search_controller_spec.rb'
-    - 'spec/controllers/spree/admin/shipping_categories_controller_spec.rb'
-    - 'spec/controllers/spree/admin/shipping_methods_controller_spec.rb'
-    - 'spec/controllers/spree/admin/tax_rates_controller_spec.rb'
-    - 'spec/controllers/spree/admin/tax_settings_controller_spec.rb'
-    - 'spec/controllers/spree/admin/variants_controller_spec.rb'
-    - 'spec/controllers/spree/api_keys_controller_spec.rb'
-    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
-    - 'spec/controllers/spree/orders_controller_spec.rb'
-    - 'spec/controllers/spree/user_sessions_controller_spec.rb'
-    - 'spec/controllers/spree/users_controller_spec.rb'
-    - 'spec/controllers/stripe/callbacks_controller_spec.rb'
-    - 'spec/controllers/stripe/webhooks_controller_spec.rb'
-    - 'spec/controllers/user_confirmations_controller_spec.rb'
-    - 'spec/controllers/user_passwords_controller_spec.rb'
-    - 'spec/controllers/user_registrations_controller_spec.rb'
-    - 'spec/controllers/webhook_endpoints_controller_spec.rb'
-    - 'spec/helpers/admin/enterprises_helper_spec.rb'
-    - 'spec/helpers/admin/orders_helper_spec.rb'
-    - 'spec/helpers/admin/reports_helper_spec.rb'
-    - 'spec/helpers/admin/subscriptions_helper_spec.rb'
-    - 'spec/helpers/application_helper_spec.rb'
-    - 'spec/helpers/checkout_helper_spec.rb'
-    - 'spec/helpers/i18n_helper_spec.rb'
-    - 'spec/helpers/injection_helper_spec.rb'
-    - 'spec/helpers/link_helper_spec.rb'
-    - 'spec/helpers/navigation_helper_spec.rb'
-    - 'spec/helpers/order_cycles_helper_spec.rb'
-    - 'spec/helpers/serializer_helper_spec.rb'
-    - 'spec/helpers/shop_helper_spec.rb'
-    - 'spec/helpers/spree/admin/base_helper_spec.rb'
-    - 'spec/helpers/spree/admin/general_settings_helper_spec.rb'
-    - 'spec/helpers/spree/admin/orders_helper_spec.rb'
-    - 'spec/helpers/spree/orders_helper_spec.rb'
-    - 'spec/helpers/tax_helper_spec.rb'
-    - 'spec/helpers/terms_and_conditions_helper_spec.rb'
-    - 'spec/jobs/connect_app_job_spec.rb'
-    - 'spec/mailers/producer_mailer_spec.rb'
-    - 'spec/mailers/subscription_mailer_spec.rb'
-    - 'spec/models/column_preference_spec.rb'
-    - 'spec/models/connected_app_spec.rb'
-    - 'spec/models/customer_spec.rb'
-    - 'spec/models/invoice_spec.rb'
-    - 'spec/models/oidc_account_spec.rb'
-    - 'spec/models/proxy_order_spec.rb'
-    - 'spec/models/report_blob_spec.rb'
-    - 'spec/models/semantic_link_spec.rb'
-    - 'spec/models/spree/gateway/stripe_sca_spec.rb'
-    - 'spec/models/subscription_spec.rb'
-    - 'spec/models/tag_rule/filter_order_cycles_spec.rb'
-    - 'spec/models/tag_rule/filter_payment_methods_spec.rb'
-    - 'spec/models/tag_rule/filter_products_spec.rb'
-    - 'spec/models/tag_rule/filter_shipping_methods_spec.rb'
-    - 'spec/models/tag_rule_spec.rb'
-    - 'spec/models/webhook_endpoint_spec.rb'
-    - 'spec/requests/admin/images_spec.rb'
-    - 'spec/requests/admin/product_import_spec.rb'
-    - 'spec/requests/admin/vouchers_spec.rb'
-    - 'spec/requests/api/orders_spec.rb'
-    - 'spec/requests/api/routes_spec.rb'
-    - 'spec/requests/api/v1/customers_spec.rb'
-    - 'spec/requests/api_docs_spec.rb'
-    - 'spec/requests/checkout/paypal_spec.rb'
-    - 'spec/requests/checkout/routes_spec.rb'
-    - 'spec/requests/checkout/stripe_sca_spec.rb'
-    - 'spec/requests/errors_spec.rb'
-    - 'spec/requests/home_controller_spec.rb'
-    - 'spec/requests/large_request_spec.rb'
-    - 'spec/requests/omniauth_callbacks_controller_spec.rb'
-    - 'spec/requests/spree/admin/overview_spec.rb'
-    - 'spec/requests/spree/admin/payments_spec.rb'
-    - 'spec/requests/voucher_adjustments_spec.rb'
-    - 'spec/routing/stripe_spec.rb'
+    - 'app/controllers/admin/order_cycles_controller.rb'
+    - 'app/controllers/locales_controller.rb'
+    - 'app/controllers/spree/admin/invoices_controller.rb'
+    - 'app/controllers/spree/admin/orders_controller.rb'
+    - 'app/controllers/spree/admin/return_authorizations_controller.rb'
 
 # Offense count: 1
 # Configuration parameters: TransactionMethods.
@@ -463,38 +360,25 @@ Rails/TransactionExitStatement:
   Exclude:
     - 'app/services/place_proxy_order.rb'
 
-# Offense count: 5
-# Configuration parameters: Include.
-# Include: app/models/**/*.rb
-Rails/UniqueValidationWithoutIndex:
-  Exclude:
-    - 'app/models/customer.rb'
-    - 'app/models/exchange.rb'
-    - 'app/models/spree/stock_item.rb'
-    - 'app/models/spree/tax_category.rb'
-    - 'app/models/spree/zone.rb'
-
-# Offense count: 1
-Security/Open:
-  Exclude:
-    - 'app/services/image_importer.rb'
-
-# Offense count: 7
+# Offense count: 3
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/ArrayIntersect:
   Exclude:
     - 'app/models/spree/ability.rb'
-    - 'app/models/tag_rule/filter_order_cycles.rb'
-    - 'app/models/tag_rule/filter_payment_methods.rb'
-    - 'app/models/tag_rule/filter_products.rb'
-    - 'app/models/tag_rule/filter_shipping_methods.rb'
-    - 'lib/open_food_network/tag_rule_applicator.rb'
-    - 'spec/support/matchers/select2_matchers.rb'
+    - 'app/models/spree/variant.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Style/BitwisePredicate:
+  Exclude:
+    - 'app/helpers/admin/enterprises_helper.rb'
 
 # Offense count: 23
 # This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyle.
+# Configuration parameters: EnforcedStyle, EnforcedStyleForClasses, EnforcedStyleForModules.
 # SupportedStyles: nested, compact
+# SupportedStylesForClasses: ~, nested, compact
+# SupportedStylesForModules: ~, nested, compact
 Style/ClassAndModuleChildren:
   Exclude:
     - 'app/models/calculator/flat_percent_per_item.rb'
@@ -520,67 +404,35 @@ Style/ClassAndModuleChildren:
     - 'lib/open_food_network/locking.rb'
     - 'spec/models/spree/payment_method_spec.rb'
 
-# Offense count: 10
+# Offense count: 14
 # This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: AllowSplatArgument.
-Style/HashConversion:
+Style/CollectionQuerying:
   Exclude:
-    - 'app/controllers/admin/column_preferences_controller.rb'
-    - 'app/controllers/admin/variant_overrides_controller.rb'
-    - 'app/controllers/spree/admin/products_controller.rb'
+    - 'app/controllers/spree/credit_cards_controller.rb'
     - 'app/models/product_import/product_importer.rb'
-    - 'app/serializers/api/admin/exchange_serializer.rb'
-    - 'app/services/variants_stock_levels.rb'
-    - 'spec/controllers/admin/inventory_items_controller_spec.rb'
-    - 'spec/controllers/admin/variant_overrides_controller_spec.rb'
+    - 'app/models/product_import/spreadsheet_entry.rb'
+    - 'app/models/spree/order.rb'
+    - 'app/models/spree/order_inventory.rb'
+    - 'app/models/spree/payment_method.rb'
+    - 'app/models/spree/user.rb'
+    - 'app/models/stripe_account.rb'
+    - 'app/services/order_cycles/warning_service.rb'
+    - 'lib/reporting/report_renderer.rb'
+    - 'lib/tasks/sample_data.rake'
 
-# Offense count: 13
+# Offense count: 2
 # This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: AllowedReceivers.
-# AllowedReceivers: Thread.current
-Style/HashEachMethods:
+Style/HashSlice:
   Exclude:
-    - 'app/controllers/admin/enterprises_controller.rb'
-    - 'app/controllers/spree/admin/shipping_methods_controller.rb'
-    - 'app/forms/enterprise_fees_bulk_update.rb'
-    - 'app/models/product_import/entry_processor.rb'
-    - 'app/models/spree/preferences/configuration.rb'
-    - 'app/services/sets/model_set.rb'
-    - 'lib/reporting/reports/sales_tax/sales_tax_totals_by_producer.rb'
-    - 'spec/models/product_importer_spec.rb'
-    - 'spec/support/cancan_helper.rb'
+    - 'app/services/product_filters.rb'
+    - 'lib/reporting/report_row_builder.rb'
 
-# Offense count: 4
+# Offense count: 1
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/MapToHash:
   Exclude:
-    - 'lib/reporting/report_query_template.rb'
-    - 'lib/reporting/report_row_builder.rb'
-    - 'lib/reporting/reports/enterprise_fee_summary/fee_summary.rb'
     - 'lib/tasks/sample_data/user_factory.rb'
 
-# Offense count: 3
-Style/MissingRespondToMissing:
-  Exclude:
-    - 'app/helpers/application_helper.rb'
-    - 'app/models/spree/gateway.rb'
-    - 'app/models/spree/preferences/configuration.rb'
-
-# Offense count: 22
-# This cop supports safe autocorrection (--autocorrect).
-Style/NestedModifier:
-  Exclude:
-    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
-    - 'spec/controllers/line_items_controller_spec.rb'
-    - 'spec/controllers/spree/admin/orders_controller_spec.rb'
-    - 'spec/controllers/spree/orders_controller_spec.rb'
-    - 'spec/factories/order_factory.rb'
-    - 'spec/models/proxy_order_spec.rb'
-    - 'spec/models/spree/line_item_spec.rb'
-    - 'spec/services/place_proxy_order_spec.rb'
-    - 'spec/system/admin/payments_stripe_spec.rb'
-    - 'spec/system/admin/reports_spec.rb'
-
 # Offense count: 38
 Style/OpenStructUse:
   Exclude:
@@ -610,11 +462,21 @@ Style/OptionalBooleanParameter:
     - 'lib/spree/core/controller_helpers/order.rb'
     - 'spec/support/request/web_helper.rb'
 
-# Offense count: 19
+# Offense count: 3
 # This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: AllowedMethods, AllowedPatterns.
-Style/ReturnNilInPredicateMethodDefinition:
+Style/RedundantFormat:
   Exclude:
-    - 'app/models/order_cycle.rb'
-    - 'app/serializers/api/admin/customer_serializer.rb'
-    - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'
+    - 'spec/models/product_importer_spec.rb'
+    - 'spec/requests/checkout/stripe_sca_spec.rb'
+    - 'spec/system/consumer/account/cards_spec.rb'
+
+# Offense count: 8
+# Configuration parameters: Max.
+Style/SafeNavigationChainLength:
+  Exclude:
+    - 'app/controllers/concerns/extra_fields.rb'
+    - 'app/services/customer_syncer.rb'
+    - 'app/services/fdc_offer_broker.rb'
+    - 'engines/dfc_provider/app/services/dfc_catalog.rb'
+    - 'engines/dfc_provider/app/services/image_builder.rb'
+    - 'engines/dfc_provider/app/services/quantitative_value_builder.rb'

.ruby-version

@@ -1 +1 @@
-3.1.4
+3.2.9

.scss-lint.yml

@@ -1,19 +0,0 @@
-scss_files: 'app/assets/stylesheets/**/*.css.scss'
-
-exclude: 'app/assets/stylesheets/shared/**'
-
-linters:
-  ImportantRule:
-    enabled: false
-    VendorPrefix:
-      enabled: false
-    LeadingZero:
-      enabled: false
-    PropertySortOrder:
-      enabled: false
-    StringQuotes:
-      enabled: false
-    DeclarationOrder:
-      enabled: false
-    NestingDepth:
-      enabled: false

.secrets.example

@@ -0,0 +1,4 @@
+# .secrets file define github secrets value locally
+DEPENDABOT_PR_APP_ID=123456
+DEPENDABOT_PR_APP_INSTALLATION_ID=123456
+DEPENDABOT_PR_APP_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\n....\n-----END RSA PRIVATE KEY-----"

.simplecov

@@ -2,19 +2,17 @@
 # frozen_string_literal: true
 
 SimpleCov.start 'rails' do
+  # The rails profile contains some filters already:
+  #
+  # - "/test/"
+  # - "/features/"
+  # - "/spec/"
+  # - "/autotest/"
+  # - /^\/config\//
+  # - /^\/db\//
   add_filter '/bin/'
-  add_filter '/config/'
-  add_filter '/jobs/application_job.rb'
-  add_filter '/schemas/'
-  add_filter '/lib/generators'
-  add_filter '/spec/'
-  add_filter '/vendor/'
-  add_filter '/public'
-  add_filter '/swagger'
+  add_filter '/config/' # to include engine config
   add_filter '/script'
-  add_filter '/log'
-  add_filter '/db'
-  add_filter '/lib/tasks/sample_data/'
 
   formatter SimpleCov::Formatter::SimpleFormatter
 end

.undercover

@@ -0,0 +1,9 @@
+#!/bin/env ruby
+# frozen_string_literal: true
+
+--compare master
+
+# This shouldn't be needed in undercover > 0.7.4
+#
+# * https://github.com/grodowski/undercover/issues/233
+--exclude-files "bin/*,db/*,config/*,spec/*,engines/*/config/*,engines/*/spec/*"

Dockerfile

@@ -1,8 +1,10 @@
-FROM ruby:3.1.4-alpine3.19 AS base
+FROM ruby:3.2.9-alpine3.19 AS base
 ENV LANG=C.UTF-8 \
     LC_ALL=C.UTF-8 \
     TZ=Europe/London \
-    RAILS_ROOT=/usr/src/app
+    RAILS_ROOT=/usr/src/app \
+    BUNDLE_PATH=/bundles \
+    BUNDLE_APP_CONFIG=/bundles
 RUN apk --no-cache upgrade && \
     apk add --no-cache tzdata postgresql-client imagemagick imagemagick-jpeg && \
     apk add --no-cache --virtual wkhtmltopdf
@@ -14,7 +16,7 @@ FROM base AS development-base
 RUN apk add --no-cache --virtual .build-deps \
     build-base postgresql-dev git nodejs yarn && \
     apk add --no-cache --virtual .dev-utils \
-    bash curl less vim chromium-chromedriver zlib-dev openssl-dev \
+    bash curl less vim chromium-chromedriver zlib-dev openssl-dev cmake\
     readline-dev yaml-dev sqlite-dev libxml2-dev libxslt-dev libffi-dev vips-dev && \
     curl -o /usr/local/bin/wait-for-it https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh && \
     chmod +x /usr/local/bin/wait-for-it

Dockerfile.ubuntu

@@ -25,7 +25,8 @@ RUN apt-get update && apt-get install -y \
   libjemalloc-dev \
   libssl-dev \
   ca-certificates \
-  gnupg
+  gnupg \
+  cmake
 
 # Setup ENV variables
 ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:/usr/local/src/nodenv/shims:/usr/local/src/nodenv/bin:$PATH

GETTING_STARTED.md

@@ -73,7 +73,7 @@ To login as the default user, use:
     email: ofn@example.com
     password: ofn123
     
-Seee [Locale and sample data] about loading data.
+See [Locale and sample data] about loading data.
 
 ### Testing
 

Gemfile

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-source 'https://rubygems.org'
+source 'https://gem.coop'
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 ruby File.read('.ruby-version').chomp
@@ -14,16 +14,19 @@ gem "active_storage_validations"
 gem "aws-sdk-s3", require: false
 gem "image_processing"
 
-gem 'activemerchant', '>= 1.78.0'
-gem 'angular-rails-templates', '>= 0.3.0'
+gem 'activemerchant'
+gem 'angular-rails-templates'
 gem 'ransack', '~> 4.1.0'
 gem 'responders'
 gem 'webpacker', '~> 5'
 
+# Indirect dependency but we access it directly in JS specs.
+# It turns out to be hard to upgrade but please do if you can.
+gem 'sprockets', '~> 3.7'
+
 gem 'i18n'
 gem 'i18n-js', '~> 3.9.0'
 gem 'rails-i18n'
-gem 'rails_safe_tasks', '~> 1.0'
 
 gem "activerecord-import"
 gem "db2fog", github: "openfoodfoundation/db2fog", branch: "rails-7"
@@ -40,13 +43,13 @@ gem 'web', path: './engines/web'
 
 gem "activerecord-postgresql-adapter"
 gem "arel-helpers", "~> 2.12"
-gem "pg", "~> 1.2.3"
+gem "pg"
 
 gem 'acts_as_list', '1.0.4'
 gem 'cancancan', '~> 1.15.0'
 gem 'digest'
 gem 'ffaker'
-gem 'highline', '2.0.3' # Necessary for the install generator
+gem 'highline'
 gem 'json'
 gem 'monetize', '~> 1.11'
 gem 'paranoia', '~> 2.4'
@@ -54,7 +57,7 @@ gem 'state_machines-activerecord'
 gem 'stringex', '~> 2.8.5', require: false
 
 gem 'paypal-sdk-merchant', '1.117.2'
-gem 'stripe'
+gem 'stripe', '~> 15'
 
 gem 'devise'
 gem 'devise-encryptable'
@@ -152,6 +155,7 @@ end
 group :test, :development do
   gem 'bullet'
   gem 'capybara'
+  gem 'capybara-shadowdom'
   gem 'cuprite'
   gem 'database_cleaner', require: false
   gem 'debug', '>= 1.0.0'
@@ -166,13 +170,14 @@ group :test, :development do
   gem 'rswag'
   gem 'shoulda-matchers'
   gem 'stimulus_reflex_testing', github: "podia/stimulus_reflex_testing", branch: :main
-  gem 'timecop'
 end
 
 group :test do
   gem 'pdf-reader'
+  gem 'puffing-billy'
   gem 'rails-controller-testing'
   gem 'simplecov', require: false
+  gem 'undercover', require: false
   gem 'vcr', require: false
   gem 'webmock', require: false
   # See spec/spec_helper.rb for instructions
@@ -180,16 +185,19 @@ group :test do
 end
 
 group :development do
-  gem 'debugger-linecache'
   gem 'foreman'
+  gem 'haml_lint', require: false
   gem 'i18n-tasks'
   gem 'listen'
-  gem 'pry', '~> 0.13.0'
+  gem 'pry'
   gem 'query_count'
   gem 'rails-erd'
   gem 'rubocop'
+  gem 'rubocop-capybara'
+  gem 'rubocop-factory_bot'
   gem 'rubocop-rails'
   gem 'rubocop-rspec'
+  gem 'rubocop-rspec_rails'
   gem 'spring'
   gem 'spring-commands-rspec'
   gem 'spring-commands-rubocop'

app/assets/javascripts/admin/bulk_product_update.js.coffee

@@ -1,390 +0,0 @@
-angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout, $filter, $http, $window, $location, BulkProducts, DisplayProperties, DirtyProducts, VariantUnitManager, StatusMessage, producers, Taxons, Columns, tax_categories, RequestMonitor, SortOptions, ErrorsParser, ProductFiltersUrl) ->
-  $scope.StatusMessage = StatusMessage
-
-  $scope.columns = Columns.columns
-
-  $scope.variant_unit_options = VariantUnitManager.variantUnitOptions()
-
-  $scope.RequestMonitor = RequestMonitor
-  $scope.pagination = BulkProducts.pagination
-  $scope.per_page_options = [
-    {id: 15, name: t('js.admin.orders.index.per_page', results: 15)},
-    {id: 50, name: t('js.admin.orders.index.per_page', results: 50)},
-    {id: 100, name: t('js.admin.orders.index.per_page', results: 100)}
-  ]
-
-  $scope.q = {
-    producerFilter: ""
-    categoryFilter: ""
-    importDateFilter: ""
-    query: ""
-    sorting: ""
-  }
-
-  $scope.sorting = "name asc"
-  $scope.producers = producers
-  $scope.taxons = Taxons.all
-  $scope.tax_categories = tax_categories
-  $scope.page = 1
-  $scope.per_page = 15
-  $scope.products = BulkProducts.products
-  $scope.DisplayProperties = DisplayProperties
-
-  $scope.sortOptions = SortOptions
-
-  $scope.initialise = ->
-    $scope.q = ProductFiltersUrl.loadFromUrl($location.search())
-    $scope.fetchProducts()
-
-  $scope.$watchCollection '[q.query, q.producerFilter, q.categoryFilter, q.importDateFilter, per_page]', ->
-    $scope.page = 1 # Reset page when changing filters for new search
-
-  $scope.changePage = (newPage) ->
-    $scope.page = newPage
-    $scope.fetchProducts()
-
-  $scope.fetchProducts = ->
-    removeClearedValues()
-    params = {
-      'q[name_cont]': $scope.q.query,
-      'q[variants_supplier_id_eq]': $scope.q.producerFilter,
-      'q[variants_primary_taxon_id_eq]': $scope.q.categoryFilter,
-      'q[s]': $scope.sorting,
-      import_date: $scope.q.importDateFilter,
-      page: $scope.page,
-      per_page: $scope.per_page
-    }
-    RequestMonitor.load(BulkProducts.fetch(params).$promise).then ->
-      # update url with the filters used
-      $location.search(ProductFiltersUrl.generate($scope.q))
-      $scope.resetProducts()
-
-  removeClearedValues = ->
-    delete $scope.q.producerFilter if $scope.q.producerFilter == "0"
-    delete $scope.q.categoryFilter if $scope.q.categoryFilter == "0"
-    delete $scope.q.importDateFilter if $scope.q.importDateFilter == "0"
-
-  $timeout ->
-    if $scope.showLatestImport
-      $scope.q.importDateFilter = $scope.importDates[1].id
-
-  $scope.resetProducts = ->
-    DirtyProducts.clear()
-    StatusMessage.clear()
-
-  $scope.updateOnHand = (product) ->
-    on_demand_variants = []
-    if product.variants
-      on_demand_variants = (variant for id, variant of product.variants when variant.on_demand)
-
-    unless product.on_demand || on_demand_variants.length > 0
-      product.on_hand = $scope.onHand(product)
-
-
-  $scope.onHand = (product) ->
-    onHand = 0
-    if product.hasOwnProperty("variants") and product.variants instanceof Object
-      for id, variant of product.variants
-        onHand = onHand + parseInt(if variant.on_hand > 0 then variant.on_hand else 0)
-    else
-      onHand = "error"
-    onHand
-
-  $scope.shiftTab = (tab) ->
-    $scope.visibleTab.visible = false unless $scope.visibleTab == tab || $scope.visibleTab == undefined
-    tab.visible = !tab.visible
-    $scope.visibleTab = tab
-
-  $scope.resetSelectFilters = ->
-    $scope.q.query = ""
-    $scope.q.producerFilter = "0"
-    $scope.q.categoryFilter = "0"
-    $scope.q.importDateFilter = "0"
-    $scope.fetchProducts()
-
-  $scope.$watch 'sortOptions', (sort) ->
-    return unless sort && sort.predicate != ""
-
-    $scope.sorting = sort.getSortingExpr(defaultDirection: "asc")
-    $scope.fetchProducts()
-  , true
-
-  confirm_unsaved_changes = () ->
-    (DirtyProducts.count() > 0 and confirm(t("unsaved_changes_confirmation"))) or (DirtyProducts.count() == 0)
-
-  editProductUrl = (product, variant) ->
-    "/admin/products/" + product.id + ((if variant then "/variants/" + variant.id else "")) + "/edit"
-
-  $scope.editWarn = (product, variant) ->
-    if confirm_unsaved_changes()
-      $window.location.href = ProductFiltersUrl.buildUrl(editProductUrl(product, variant), $scope.q)
-
-  $scope.toggleShowAllVariants = ->
-    showVariants = !DisplayProperties.showVariants 0
-    $scope.products.forEach (product) ->
-      DisplayProperties.setShowVariants product.id, showVariants
-    DisplayProperties.setShowVariants 0, showVariants
-
-  $scope.addVariant = (product) ->
-    # Set new variant category to same as last product variant category to keep compactibility with deleted variant callback to set new variant category
-    newVariantId = $scope.nextVariantId();
-    newVariantCategoryId = product.variants[product.variants.length - 1]?.category_id
-    product.variants.push
-      id: newVariantId
-      unit_value: null
-      unit_description: null
-      on_demand: false
-      display_as: null
-      display_name: null
-      on_hand: null
-      price: null
-      tax_category_id: null
-      category_id: newVariantCategoryId
-    DisplayProperties.setShowVariants product.id, true
-    DirtyProducts.addVariantProperty(product.id, newVariantId, 'category_id', newVariantCategoryId)
-
-
-  $scope.nextVariantId = ->
-    $scope.variantIdCounter = 0 unless $scope.variantIdCounter?
-    $scope.variantIdCounter -= 1
-    $scope.variantIdCounter
-
-  $scope.deleteProduct = (product) ->
-    if confirm(t('are_you_sure'))
-      $http(
-        method: "DELETE"
-        url: "/api/v0/products/" + product.id
-      ).then (response) ->
-        $scope.products.splice $scope.products.indexOf(product), 1
-        DirtyProducts.deleteProduct product.id
-        $scope.displayDirtyProducts()
-
-
-  $scope.deleteVariant = (product, variant) ->
-    if product.variants.length > 1
-      if !$scope.variantSaved(variant)
-        $scope.removeVariant(product, variant)
-      else
-        if confirm(t("are_you_sure"))
-          $http(
-            method: "DELETE"
-            url: "/api/v0/products/" + product.id + "/variants/" + variant.id
-          ).then (response) ->
-            $scope.removeVariant(product, variant)
-    else
-      alert(t("delete_product_variant"))
-
-  $scope.removeVariant = (product, variant) ->
-    product.variants.splice product.variants.indexOf(variant), 1
-    DirtyProducts.deleteVariant product.id, variant.id
-    $scope.displayDirtyProducts()
-
-
-  $scope.cloneProduct = (product) ->
-    BulkProducts.cloneProduct product
-
-  $scope.hasVariants = (product) ->
-    product.variants.length > 0
-
-
-  $scope.hasUnit = (variant) ->
-    variant.variant_unit_with_scale?
-
-  $scope.variantSaved = (variant) ->
-    variant.hasOwnProperty('id') && variant.id > 0
-
-
-  $scope.hasOnDemandVariants = (product) ->
-    (variant for id, variant of product.variants when variant.on_demand).length > 0
-
-
-  $scope.submitProducts = ->
-    # Pack pack $scope.products, so they will match the list returned from the server,
-    # then pack $scope.dirtyProducts, ensuring that the correct product info is sent to the server.
-    $scope.packProduct product for id, product of $scope.products
-    $scope.packProduct product for id, product of DirtyProducts.all()
-
-    productsToSubmit = filterSubmitProducts(DirtyProducts.all())
-    if productsToSubmit.length > 0
-      $scope.updateProducts productsToSubmit # Don't submit an empty list
-    else
-      StatusMessage.display 'alert', t("products_change")
-
-
-  $scope.updateProducts = (productsToSubmit) ->
-    $scope.displayUpdating()
-    $http(
-      method: "POST"
-      url: "/admin/products/bulk_update"
-      data:
-        products: productsToSubmit
-        filters:
-          'q[name_cont]': $scope.q.query
-          'q[variants_supplier_id_eq]': $scope.q.producerFilter
-          'q[variants_primary_taxon_id_eq]': $scope.q.categoryFilter
-          'q[s]': $scope.sorting
-          import_date: $scope.q.importDateFilter
-        page: $scope.page
-        per_page: $scope.per_page
-    ).then((response) ->
-      DirtyProducts.clear()
-      BulkProducts.updateVariantLists(response.data.products || [])
-      $timeout -> $scope.displaySuccess()
-    ).catch (response) ->
-      if response.status == 400 && response.data.errors?
-        errorsString = ErrorsParser.toString(response.data.errors, response.status)
-        $scope.displayFailure t("products_update_error") + "\n" + errorsString
-      else
-        $scope.displayFailure t("products_update_error_data") + response.status
-
-  $scope.cancel = (destination) ->
-    $window.location = destination
-
-  $scope.packProduct = (product) ->
-    if product.variants
-      for id, variant of product.variants
-        $scope.packVariant variant
-
-
-  $scope.packVariant = (variant) ->
-    if variant.variant_unit_with_scale
-      match = variant.variant_unit_with_scale.match(/^([^_]+)_([\d\.]+)$/)
-      if match
-        variant.variant_unit = match[1]
-        variant.variant_unit_scale = parseFloat(match[2])
-      else
-        variant.variant_unit = variant.variant_unit_with_scale
-        variant.variant_unit_scale = null
-
-    if variant.hasOwnProperty("unit_value_with_description")
-      match = variant.unit_value_with_description.match(/^([\d\.\,]+(?= |$)|)( |)(.*)$/)
-      if match
-        variant.unit_value  = parseFloat(match[1].replace(",", "."))
-        variant.unit_value  = null if isNaN(variant.unit_value)
-        if variant.unit_value && variant.variant_unit_scale
-          variant.unit_value = parseFloat(window.bigDecimal.multiply(variant.unit_value, variant.variant_unit_scale, 2))
-        variant.unit_description = match[3]
-
-  $scope.incrementLimit = ->
-    if $scope.limit < $scope.products.length
-      $scope.limit = $scope.limit + 5
-
-
-  $scope.displayUpdating = ->
-    StatusMessage.display 'progress', t("saving")
-
-
-  $scope.displaySuccess = ->
-    StatusMessage.display 'success',t("products_changes_saved")
-    $scope.bulk_product_form.$setPristine()
-
-
-  $scope.displayFailure = (failMessage) ->
-    StatusMessage.display  'failure', t("products_update_error_msg") + " #{failMessage}"
-
-
-  $scope.displayDirtyProducts = ->
-    count = DirtyProducts.count()
-    switch count
-      when 0 then StatusMessage.clear()
-      when 1 then StatusMessage.display 'notice', t("one_product_unsaved")
-      else StatusMessage.display 'notice', t("products_unsaved", n: count)
-
-
-filterSubmitProducts = (productsToFilter) ->
-  filteredProducts = []
-  if productsToFilter instanceof Object
-    angular.forEach productsToFilter, (product) ->
-      if product.hasOwnProperty("id")
-        filteredProduct = {id: product.id}
-        filteredVariants = []
-        hasUpdatableProperty = false
-
-        if product.hasOwnProperty("variants")
-          angular.forEach product.variants, (variant) ->
-            result = filterSubmitVariant variant
-            filteredVariant = result.filteredVariant
-            variantHasUpdatableProperty = result.hasUpdatableProperty
-            filteredVariants.push filteredVariant  if variantHasUpdatableProperty
-
-        if product.hasOwnProperty("name")
-          filteredProduct.name = product.name
-          hasUpdatableProperty = true
-        if product.hasOwnProperty("price")
-          filteredProduct.price = product.price
-          hasUpdatableProperty = true
-        if product.hasOwnProperty("on_hand") and filteredVariants.length == 0 #only update if no variants present
-          filteredProduct.on_hand = product.on_hand
-          hasUpdatableProperty = true
-        if product.hasOwnProperty("on_demand") and filteredVariants.length == 0 #only update if no variants present
-          filteredProduct.on_demand = product.on_demand
-          hasUpdatableProperty = true
-        if product.hasOwnProperty("inherits_properties")
-          filteredProduct.inherits_properties = product.inherits_properties
-          hasUpdatableProperty = true
-        if filteredVariants.length > 0 # Note that the name of the property changes to enable mass assignment of variants attributes with rails
-          filteredProduct.variants_attributes = filteredVariants
-          hasUpdatableProperty = true
-        filteredProducts.push filteredProduct  if hasUpdatableProperty
-
-  filteredProducts
-
-
-filterSubmitVariant = (variant) ->
-  hasUpdatableProperty = false
-  filteredVariant = {}
-  if not variant.deleted_at? and variant.hasOwnProperty("id")
-    filteredVariant.id = variant.id unless variant.id <= 0
-    if variant.hasOwnProperty("sku")
-      filteredVariant.sku = variant.sku
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("on_hand")
-      filteredVariant.on_hand = variant.on_hand
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("on_demand")
-      filteredVariant.on_demand = variant.on_demand
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("price")
-      filteredVariant.price = variant.price
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("unit_value")
-      filteredVariant.unit_value = variant.unit_value
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("unit_description")
-      filteredVariant.unit_description = variant.unit_description
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("display_name")
-      filteredVariant.display_name = variant.display_name
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("tax_category_id")
-      filteredVariant.tax_category_id = variant.tax_category_id
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("category_id")
-      filteredVariant.primary_taxon_id = variant.category_id
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("display_as")
-      filteredVariant.display_as = variant.display_as
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("producer_id")
-      filteredVariant.supplier_id = variant.producer_id
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("variant_unit_with_scale")
-      filteredVariant.variant_unit       = variant.variant_unit
-      filteredVariant.variant_unit_scale = variant.variant_unit_scale
-      hasUpdatableProperty = true
-    if variant.hasOwnProperty("variant_unit_name")
-      filteredVariant.variant_unit_name = variant.variant_unit_name
-      hasUpdatableProperty = true
-
-  {filteredVariant: filteredVariant, hasUpdatableProperty: hasUpdatableProperty}
-
-
-toObjectWithIDKeys = (array) ->
-  object = {}
-
-  for i of array
-    if array[i] instanceof Object and array[i].hasOwnProperty("id")
-      object[array[i].id] = angular.copy(array[i])
-      object[array[i].id].variants = toObjectWithIDKeys(array[i].variants)  if array[i].hasOwnProperty("variants") and array[i].variants instanceof Array
-
-  object

app/assets/javascripts/admin/customers/controllers/customers_controller.js.coffee

@@ -11,6 +11,9 @@ angular.module("admin.customers").controller "customersCtrl", ($scope, $q, $filt
   $scope.confirmRefresh = (event) ->
     event.preventDefault() unless pendingChanges.unsavedCount() == 0 || confirm(t("unsaved_changes_warning"))
 
+  $scope.hasUnsavedChanges = ->
+    pendingChanges.yes()
+
   $scope.$watch "shop_id", ->
     if $scope.shop_id?
       CurrentShop.shop = $filter('filter')($scope.shops, {id: parseInt($scope.shop_id)}, true)[0]

app/assets/javascripts/admin/enterprises/controllers/enterprise_controller.js.coffee

@@ -55,12 +55,6 @@ angular.module("admin.enterprises")
         else
           alert ("#{manager.email}" + " " + t("is_already_manager"))
 
-    $scope.removeLogo = ->
-      $scope.performEnterpriseAction("removeLogo", "immediate_logo_removal_warning", "removed_logo_successfully")
-
-    $scope.removePromoImage = ->
-      $scope.performEnterpriseAction("removePromoImage", "immediate_promo_image_removal_warning", "removed_promo_image_successfully")
-
     $scope.performEnterpriseAction = (enterpriseActionName, warning_message_key, success_message_key) ->
       return unless confirm($scope.translation(warning_message_key))
 

app/assets/javascripts/admin/enterprises/enterprises.js.coffee

@@ -6,7 +6,6 @@ angular.module("admin.enterprises", [
   "admin.side_menu",
   "admin.taxons",
   'admin.indexUtils',
-  'admin.tagRules',
   'admin.dropdown',
   'ngSanitize']
 )

app/assets/javascripts/admin/index_utils/directives/obj_for_update.js.coffee

@@ -4,15 +4,16 @@ angular.module("admin.indexUtils").directive "objForUpdate", (switchClass, pendi
     type: "@objForUpdate"
     attr: "@attrForUpdate"
   link: (scope, element, attrs) ->
-    scope.savedValue = scope.object()[scope.attr]
+    scope.savedValue = scope.object()[scope.attr] || ""
 
     scope.$watch "object().#{scope.attr}", (value) ->
-      if value == scope.savedValue
+      strValue = value || ""
+      if strValue == scope.savedValue
         pendingChanges.remove(scope.object().id, scope.attr)
         scope.clear()
       else
         scope.pending()
-        addPendingChange(scope.attr, value ? "")
+        addPendingChange(scope.attr, strValue)
 
     scope.reset = (value) ->
       scope.savedValue = value
@@ -37,16 +38,13 @@ angular.module("admin.indexUtils").directive "objForUpdate", (switchClass, pendi
     # To ensure the customer is still updated, we check on the $destroy event to see if
     # the attribute has changed, if so we queue up the change.
     scope.$on '$destroy', (value) ->
-      # No update
-      return if scope.object()[scope.attr] is scope.savedValue
+      currentValue = scope.object()[scope.attr] || ""
 
-      # For some reason the code attribute is removed from the object when cleared, so we add
-      # an emptyvalue so it gets updated properly
-      if scope.attr is "code" and scope.object()[scope.attr] is undefined
-        scope.object()["code"] = ""
+      # No update
+      return if currentValue is scope.savedValue
 
       # Queuing up change
-      addPendingChange(scope.attr, scope.object()[scope.attr])
+      addPendingChange(scope.attr, currentValue)
 
     # private
 

app/assets/javascripts/admin/index_utils/services/pending_changes.js.coffee

@@ -16,7 +16,10 @@ angular.module("admin.indexUtils").factory "pendingChanges", ($q, resources, Sta
     remove: (id, attr) =>
       if @pendingChanges.hasOwnProperty("#{id}")
         delete @pendingChanges["#{id}"]["#{attr}"]
-        delete @pendingChanges["#{id}"] if @changeCount( @pendingChanges["#{id}"] ) < 1
+
+        if @changeCount( @pendingChanges["#{id}"] ) < 1
+          delete @pendingChanges["#{id}"]
+          StatusMessage.clear()
 
     submitAll: (form=null) =>
       all = []
@@ -47,5 +50,8 @@ angular.module("admin.indexUtils").factory "pendingChanges", ($q, resources, Sta
     unsavedCount: ->
       Object.keys(@pendingChanges).length
 
+    yes: ->
+      @unsavedCount() > 0
+
     changeCount: (objectChanges) ->
       Object.keys(objectChanges).length

app/assets/javascripts/admin/index_utils/services/switch_class.js.coffee

@@ -1,4 +1,4 @@
-angular.module("admin.indexUtils").factory "switchClass", ($timeout) ->
+angular.module("admin.indexUtils").factory "switchClass", ($timeout, StatusMessage) ->
   return (element, classToAdd, removeClasses, timeout) ->
     $timeout.cancel element.timeout if element.timeout
     element.removeClass className for className in removeClasses
@@ -7,4 +7,6 @@ angular.module("admin.indexUtils").factory "switchClass", ($timeout) ->
     if timeout && intRegex.test(timeout)
       element.timeout = $timeout(->
         element.removeClass classToAdd
+        StatusMessage.clear()
       , timeout, true)
+    element

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -19,18 +19,6 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   $scope.page = 1
   $scope.per_page = $scope.per_page_options[0].id
   $scope.filterByVariantId = null
-  searchThrough = ["order_distributor_name",
-    "order_bill_address_phone",
-    "order_bill_address_firstname",
-    "order_bill_address_lastname",
-    "order_bill_address_full_name",
-    "order_bill_address_full_name_reversed",
-    "order_bill_address_full_name_with_comma",
-    "order_bill_address_full_name_with_comma_reversed",
-    "variant_supplier_name",
-    "order_email",
-    "order_number",
-    "product_name"].join("_or_") + "_cont"
 
   $scope.confirmRefresh = ->
     LineItems.allSaved() || confirm(t("unsaved_changes_warning"))
@@ -75,11 +63,10 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     [formattedStartDate, formattedEndDate] = $scope.formatDates($scope.startDate, $scope.endDate)
 
     RequestMonitor.load LineItems.index(
-      "q[#{searchThrough}]": $scope.query,
-      "q[variant_id_eq]": $scope.filterByVariantId if $scope.filterByVariantId,
       "q[order_state_not_eq]": "canceled",
       "q[order_shipment_state_not_eq]": "shipped",
       "q[order_completed_at_not_null]": "true",
+      "q[variant_id_eq]": $scope.filterByVariantId if $scope.filterByVariantId,
       "q[order_distributor_id_eq]": $scope.distributorFilter,
       "q[variant_supplier_id_eq]": $scope.supplierFilter,
       "q[order_order_cycle_id_eq]": $scope.orderCycleFilter,
@@ -87,7 +74,8 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
       "q[order_completed_at_lt]": if formattedEndDate then formattedEndDate else undefined,
       "q[s]": "order_completed_at desc",
       "page": $scope.page,
-      "per_page": $scope.per_page
+      "per_page": $scope.per_page,
+      "search_query": $scope.query
     )
 
   $scope.formatDates = (startDate, endDate) ->
@@ -97,7 +85,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
 
   $scope.loadAssociatedData = ->
     RequestMonitor.load $scope.distributors = Enterprises.index(action: "visible", ams_prefix: "basic", "q[sells_in][]": ["own", "any"])
-    RequestMonitor.load $scope.orderCycles = OrderCycles.index(ams_prefix: "basic", as: "distributor", "q[orders_close_at_gt]": "#{moment().subtract(90,'days').format()}")
+    RequestMonitor.load $scope.orderCycles = OrderCycles.index(ams_prefix: "basic", as: "distributor", "q[orders_close_at_gt]": "#{moment().subtract(1,'year').format()}")
     RequestMonitor.load $scope.suppliers = Enterprises.index(action: "visible", ams_prefix: "basic", "q[is_primary_producer_eq]": "true")
 
   $scope.dereferenceLoadedData = ->

app/assets/javascripts/admin/orders/controllers/order_controller.js.coffee

@@ -5,6 +5,8 @@ angular.module("admin.orders").controller "orderCtrl", ($scope, shops, orderCycl
 
   $scope.distributor_id = parseInt($attrs.ofnDistributorId)
   $scope.order_cycle_id = parseInt($attrs.ofnOrderCycleId)
+  $scope.search_variants_as = $attrs.ofnSearchVariantsAs
+  $scope.order_id = $attrs.ofnOrderId
 
   $scope.validOrderCycle = (oc) ->
     $scope.orderCycleHasDistributor oc, parseInt($scope.distributor_id)

app/assets/javascripts/admin/payment_methods/controllers/stripe_controller.js.coffee

@@ -15,4 +15,4 @@ angular.module("admin.paymentMethods").controller "StripeController", ($scope, $
     permalink = shops.filter((shop) ->
       shop.id == $scope.paymentMethod.preferred_enterprise_id
     )[0].permalink
-    "/admin/enterprises/#{permalink}/edit#/payment_methods"
+    "/admin/enterprises/#{permalink}/edit#/payment_methods_panel"

app/assets/javascripts/admin/products/controllers/product_image_controller.js.coffee

@@ -1,8 +0,0 @@
-angular.module("ofn.admin").controller "ProductImageCtrl", ($scope, ProductImageService) ->
-  $scope.imageUploader = ProductImageService.imageUploader
-  $scope.imagePreview = ProductImageService.imagePreview
-
-  $scope.$watch 'product.image_url', (newValue, oldValue) ->
-    if newValue != oldValue
-      $scope.imagePreview = newValue
-      $scope.uploadModal.close()

app/assets/javascripts/admin/products/directives/image_modal.js.coffee

@@ -1,6 +0,0 @@
-angular.module("ofn.admin").directive "imageModal", ($modal, ProductImageService) ->
-  restrict: 'C'
-  link: (scope, elem, attrs, ctrl) ->
-    elem.on "click", (ev) =>
-      scope.uploadModal = $modal.open(templateUrl: 'admin/modals/image_upload.html', controller: ctrl, scope: scope, windowClass: 'simple-modal')
-      ProductImageService.configure(scope.product)

app/assets/javascripts/admin/resources/resources/enterprise_resource.js.coffee

@@ -8,10 +8,4 @@ angular.module("admin.resources").factory 'EnterpriseResource', ($resource) ->
       isArray: true
     'update':
       method: 'PUT'
-    'removeLogo':
-      url: '/api/v0/enterprises/:id/logo.json'
-      method: 'DELETE'
-    'removePromoImage':
-      url: '/api/v0/enterprises/:id/promo_image.json'
-      method: 'DELETE'
   })

app/assets/javascripts/admin/resources/resources/product_resource.js.coffee

@@ -1,6 +0,0 @@
-angular.module("admin.resources").factory 'ProductResource', ($resource) ->
-  $resource('/admin/product/:id/:action.json', {}, {
-    'index':
-      url: '/api/v0/products/bulk_products.json'
-      method: 'GET'
-  })

app/assets/javascripts/admin/resources/services/enterprises.js.coffee

@@ -39,17 +39,6 @@ angular.module("admin.resources").factory 'Enterprises', ($q, $filter, Enterpris
     resetAttribute: (enterprise, attribute) ->
       enterprise[attribute] = @pristineByID[enterprise.id][attribute]
 
-    performActionOnEnterpriseResource = (resourceAction) ->
-      (enterprise) ->
-        deferred = $q.defer()
-        resourceAction({id: enterprise.permalink}, ((data) =>
-          @pristineByID[enterprise.id] = angular.copy(data)
-          deferred.resolve(data)
-        ), ((response) ->
-          deferred.reject(response)
-        ))
-        deferred.promise
-
     findByID: (id) ->
       @byID[id]
 
@@ -61,5 +50,3 @@ angular.module("admin.resources").factory 'Enterprises', ($q, $filter, Enterpris
       $filter('filter')(enterprises, term)
 
 
-    removeLogo: performActionOnEnterpriseResource(EnterpriseResource.removeLogo)
-    removePromoImage: performActionOnEnterpriseResource(EnterpriseResource.removePromoImage)

app/assets/javascripts/admin/services/bulk_products.js.coffee

@@ -1,76 +0,0 @@
-angular.module("ofn.admin").factory "BulkProducts", (ProductResource, dataFetcher, $http) ->
-  new class BulkProducts
-    products: []
-    pagination: {}
-
-    fetch: (params) ->
-      ProductResource.index params, (data) =>
-        @products.length = 0
-        @addProducts data.products
-        angular.extend(@pagination, data.pagination)
-
-    cloneProduct: (product) ->
-      $http.post("/api/v0/products/" + product.id + "/clone").then (response) =>
-        dataFetcher("/api/v0/products/" + response.data.id + "?template=bulk_show").then (newProduct) =>
-          @unpackProduct newProduct
-          @insertProductAfter(product, newProduct)
-
-    updateVariantLists: (serverProducts) ->
-      for server_product in serverProducts
-        product = @findProductInList(server_product.id, @products)
-        product.variants = server_product.variants
-        @loadVariantUnitValues product.variants
-
-    find: (id) ->
-      @findProductInList id, @products
-
-    findProductInList: (id, product_list) ->
-      products = (product for product in product_list when product.id == id)
-      if products.length == 0 then null else products[0]
-
-    addProducts: (products) ->
-      for product in products
-        @unpackProduct product
-        @products.push product
-
-    insertProductAfter: (product, newProduct) ->
-      index = @products.indexOf(product)
-      @products.splice(index + 1, 0, newProduct)
-
-    unpackProduct: (product) ->
-      @loadVariantUnit product
-
-    loadVariantUnit: (product) ->
-      @loadVariantUnitValues product.variants if product.variants
-
-    loadVariantUnitValues: (variants) ->
-      for variant in variants
-        @loadVariantUnitValue variant
-
-    loadVariantUnitValue: (variant) ->
-      variant.variant_unit_with_scale =
-        if variant.variant_unit && variant.variant_unit_scale && variant.variant_unit != 'items'
-          "#{variant.variant_unit}_#{variant.variant_unit_scale}"
-        else if variant.variant_unit
-          variant.variant_unit
-        else
-          null
-
-      unit_value = @variantUnitValue variant
-      unit_value = if unit_value? then unit_value else ''
-      variant.unit_value_with_description = "#{unit_value} #{variant.unit_description || ''}".trim()
-
-    variantUnitValue: (variant) ->
-      if variant.unit_value?
-        if variant.variant_unit_scale
-          variant_unit_value = @divideAsInteger variant.unit_value, variant.variant_unit_scale
-          parseFloat(window.bigDecimal.round(variant_unit_value, 2))
-        else
-          variant.unit_value
-      else
-        null
-
-    # forces integer division to avoid javascript floating point imprecision
-    # using one billion as the multiplier so that it works for numbers with up to 9 decimal places
-    divideAsInteger: (a, b) ->
-      (a * 1000000000) / (b * 1000000000)

app/assets/javascripts/admin/tag_rules/controllers/tag_rules_controller.js.coffee

@@ -1,58 +0,0 @@
-angular.module("admin.tagRules").controller "TagRulesCtrl", ($scope, $http, $filter, enterprise) ->
-  $scope.tagGroups = enterprise.tag_groups
-  $scope.defaultTagGroup = enterprise.default_tag_group
-
-  $scope.visibilityOptions = [ { id: "visible", name: t('js.tag_rules.visible')  }, { id: "hidden", name: t('js.tag_rules.not_visible') } ]
-
-  $scope.updateRuleCounts = ->
-    index = $scope.defaultTagGroup.rules.length
-    for tagGroup in $filter('orderBy')($scope.tagGroups, 'position')
-      tagGroup.startIndex = index
-      index = index + tagGroup.rules.length
-
-  $scope.updateRuleCounts()
-
-  $scope.updateTagsRulesFor = (tagGroup) ->
-    for tagRule in tagGroup.rules
-      tagRule.preferred_customer_tags = (tag.text for tag in tagGroup.tags).join(",")
-
-  $scope.addNewRuleTo = (tagGroup, ruleType) ->
-    newRule =
-        id: null
-        is_default: tagGroup == $scope.defaultTagGroup
-        preferred_customer_tags: (tag.text for tag in tagGroup.tags).join(",")
-        type: "TagRule::#{ruleType}"
-    switch ruleType
-      when "FilterShippingMethods"
-        newRule.peferred_shipping_method_tags = []
-        newRule.preferred_matched_shipping_methods_visibility = "visible"
-      when "FilterPaymentMethods"
-        newRule.peferred_payment_method_tags = []
-        newRule.preferred_matched_payment_methods_visibility = "visible"
-      when "FilterProducts"
-        newRule.peferred_variant_tags = []
-        newRule.preferred_matched_variants_visibility = "visible"
-      when "FilterOrderCycles"
-        newRule.peferred_exchange_tags = []
-        newRule.preferred_matched_order_cycles_visibility = "visible"
-    tagGroup.rules.push(newRule)
-    $scope.updateRuleCounts()
-
-  $scope.addNewTag = ->
-    $scope.tagGroups.push { tags: [], rules: [], position: $scope.tagGroups.length + 1 }
-
-  $scope.deleteTagRule = (tagGroup, tagRule) ->
-    index = tagGroup.rules.indexOf(tagRule)
-    return unless index >= 0
-    if tagRule.id is null
-      tagGroup.rules.splice(index, 1)
-      $scope.updateRuleCounts()
-    else
-      if confirm("Are you sure?")
-        $http
-          method: "DELETE"
-          url: "/admin/enterprises/#{enterprise.id}/tag_rules/#{tagRule.id}.json"
-        .then ->
-          tagGroup.rules.splice(index, 1)
-          $scope.updateRuleCounts()
-          $scope.enterprise_form.$setDirty()

app/assets/javascripts/admin/tag_rules/directives/invert_number.js.coffee

@@ -1,11 +0,0 @@
-angular.module("admin.tagRules").directive "invertNumber", ->
-  restrict: "A"
-  require: "ngModel"
-  link: (scope, element, attrs, ngModel) ->
-    ngModel.$parsers.push (viewValue) ->
-      return -parseInt(viewValue) unless isNaN(parseInt(viewValue))
-      viewValue
-
-    ngModel.$formatters.push (modelValue) ->
-      return -parseInt(modelValue) unless isNaN(parseInt(modelValue))
-      modelValue

app/assets/javascripts/admin/tag_rules/directives/new_rule_dialog.js.coffee

@@ -1,31 +0,0 @@
-angular.module("admin.tagRules").directive 'newTagRuleDialog', ($rootScope, $compile, $templateCache, DialogDefaults) ->
-  restrict: 'A'
-  scope:
-    tagGroup: '='
-    addNewRuleTo: '='
-  link: (scope, element, attr) ->
-    # Compile modal template
-    template = $compile($templateCache.get('admin/new_tag_rule_dialog.html'))(scope)
-
-    scope.ruleTypes = [
-      { id: "FilterProducts", name: t('js.tag_rules.show_hide_variants') }
-      { id: "FilterShippingMethods", name: t('js.tag_rules.show_hide_shipping') }
-      { id: "FilterPaymentMethods", name: t('js.tag_rules.show_hide_payment') }
-      { id: "FilterOrderCycles", name: t('js.tag_rules.show_hide_order_cycles') }
-    ]
-
-    scope.ruleType = scope.ruleTypes[0].id
-
-    # Set Dialog options
-    template.dialog(DialogDefaults)
-
-    # Link opening of dialog to click event on element
-    element.bind 'click', (e) ->
-      template.dialog('open')
-      $rootScope.$evalAsync()
-
-    scope.addRule = (tagGroup, ruleType) ->
-      scope.addNewRuleTo(tagGroup, ruleType)
-      template.dialog('close')
-      $rootScope.$evalAsync()
-      return

app/assets/javascripts/admin/tag_rules/directives/tag_rules/tag_rule.js.coffee

@@ -1,41 +0,0 @@
-angular.module("admin.tagRules").directive "tagRule", ->
-  restrict: "C"
-  templateUrl: "admin/tag_rules/tag_rule.html"
-  link: (scope, element, attrs) ->
-    scope.opt =
-      "TagRule::FilterShippingMethods":
-         textTop: t('js.admin.tag_rules.shipping_method_tagged_top')
-         textBottom: t('js.admin.tag_rules.shipping_method_tagged_bottom')
-         taggable: "shipping_method"
-         tagsAttr: "shipping_method_tags"
-         tagListAttr: "preferred_shipping_method_tags"
-         inputTemplate: "admin/tag_rules/filter_shipping_methods_input.html"
-         tagListFor: (rule) ->
-          rule.preferred_shipping_method_tags
-      "TagRule::FilterPaymentMethods":
-         textTop: t('js.admin.tag_rules.payment_method_tagged_top')
-         textBottom: t('js.admin.tag_rules.payment_method_tagged_bottom')
-         taggable: "payment_method"
-         tagsAttr: "payment_method_tags"
-         tagListAttr: "preferred_payment_method_tags"
-         inputTemplate: "admin/tag_rules/filter_payment_methods_input.html"
-         tagListFor: (rule) ->
-          rule.preferred_payment_method_tags
-      "TagRule::FilterOrderCycles":
-         textTop: t('js.admin.tag_rules.order_cycle_tagged_top')
-         textBottom: t('js.admin.tag_rules.order_cycle_tagged_bottom')
-         taggable: "exchange"
-         tagsAttr: "exchange_tags"
-         tagListAttr: "preferred_exchange_tags"
-         inputTemplate: "admin/tag_rules/filter_order_cycles_input.html"
-         tagListFor: (rule) ->
-           rule.preferred_exchange_tags
-      "TagRule::FilterProducts":
-         textTop: t('js.admin.tag_rules.inventory_tagged_top')
-         textBottom: t('js.admin.tag_rules.inventory_tagged_bottom')
-         taggable: "variant"
-         tagsAttr: "variant_tags"
-         tagListAttr: "preferred_variant_tags"
-         inputTemplate: "admin/tag_rules/filter_products_input.html"
-         tagListFor: (rule) ->
-           rule.preferred_variant_tags

app/assets/javascripts/admin/utils/directives/variant_autocomplete.js.coffee

@@ -26,6 +26,8 @@ angular.module("admin.utils").directive "variantAutocomplete", ($timeout) ->
               order_cycle_id: scope.order_cycle_id
               eligible_for_subscriptions: scope.eligible_for_subscriptions
               include_out_of_stock: scope.include_out_of_stock
+              search_variants_as: scope.search_variants_as
+              order_id: scope.order_id
             results: (data, page) ->
               window.variants = data # this is how spree auto complete JS code picks up variants
               results: data

app/assets/javascripts/darkswarm/directives/active_table_hub_link.js.coffee

@@ -1,6 +1,6 @@
 angular.module('Darkswarm').directive "activeTableHubLink", (CurrentHub, CurrentOrder) ->
   # Change the text of the hub link based on CurrentHub
-  # To be used with ofnEmptiesCart
+  # To be used with ofnChangeHub
   # Takes "change" and "shop" as text string attributes
   restrict: "A"
   scope:

app/assets/javascripts/darkswarm/directives/darker_background.js.coffee

@@ -1,11 +0,0 @@
-angular.module('Darkswarm').directive "darkerBackground", ->
-  restrict: "A"
-  link: (scope, elm, attr)->
-    toggleClass = (value) ->
-      elm.closest('.page-view').toggleClass("with-darker-background", value)
-
-    toggleClass(true)
-
-    # if an OrderCycle is selected, disable darker background
-    scope.$watch 'order_cycle.order_cycle_id', (newvalue, oldvalue) ->
-      toggleClass(false) if newvalue

app/assets/javascripts/darkswarm/directives/disable_dynamically.js.coffee

@@ -1,14 +0,0 @@
-# Allows disabling of link buttons via disabled attribute.
-# This is normally ignored, ie the link appears disabled but is still clickable.
-
-angular.module('Darkswarm').directive "disableDynamically", ->
-  restrict: 'A'
-
-  link: (scope, element, attrs) ->
-    element.on 'click', (e) ->
-      if attrs.disabled
-        e.preventDefault()
-      return
-
-    scope.$on "$destroy", ->
-      element.off("click")

app/assets/javascripts/darkswarm/directives/inline_alert.js.coffee

@@ -1,7 +0,0 @@
-angular.module('Darkswarm').directive "ofnInlineAlert", ->
-  restrict: 'A'
-  scope: true
-  link: (scope, elem, attrs) ->
-    scope.visible = true
-    scope.close = ->
-      scope.visible = false

app/assets/javascripts/darkswarm/directives/page_alert.js.coffee

@@ -1,21 +0,0 @@
-angular.module('Darkswarm').directive "ofnPageAlert", ($timeout) ->
-  restrict: 'A'
-  scope: true
-  link: (scope, elem, attrs) ->
-    moveSelectors = [".off-canvas-wrap .inner-wrap",
-                     ".off-canvas-wrap .inner-wrap .fixed",
-                     ".off-canvas-fixed .top-bar",
-                     ".off-canvas-fixed ofn-flash",
-                     ".off-canvas-fixed nav.tab-bar",
-                     ".off-canvas-fixed .page-alert"]
-
-    container_elems = $(moveSelectors.join(", "))
-
-    # Wait a moment after page load before showing the alert. Otherwise we often miss the
-    # start of the animation.
-    $timeout ->
-      container_elems.addClass("move-up")
-    , 1000
-
-    scope.close = ->
-      container_elems.removeClass("move-up")

app/assets/javascripts/templates/admin/new_tag_rule_dialog.html.haml

@@ -1,10 +0,0 @@
-#new-tag-rule-dialog
-  .text-normal.margin-bottom-30.text-center
-    {{ 'js.admin.new_tag_rule_dialog.select_rule_type' | t }}
-
-  .text-center.margin-bottom-30
-    -# %select.fullwidth{ 'select2-min-search' => 5, 'ng-model' => 'newRuleType', 'ng-options' => 'ruleType.id as ruleType.name for ruleType in availableRuleTypes' }
-    %input.ofn-select2.fullwidth{ id: 'rule_type_selector', data: "ruleTypes", "min-search": "5", "ng-model": "ruleType" }
-
-  .text-center
-    %input.button.red.icon-plus{ type: 'button', value: "{{ 'js.admin.new_tag_rule_dialog.add_rule' | t }}", "ng-click": 'addRule(tagGroup, ruleType)' }

app/assets/javascripts/templates/admin/panels/exchange_tags.html.haml

@@ -3,4 +3,4 @@
     %span.text-normal
       {{ 'admin.tags' | t }}
     %br
-    %tags-with-translation.fullwidth{ object: 'object' }
+    %tags-with-translation.fullwidth{ object: 'object', form: 'order_cycle_form', id: 'tags_with_translation'}

app/assets/javascripts/templates/admin/tag_rules/discount_order_input.html.haml

@@ -1,3 +0,0 @@
-%div
-  %input{ type: "number", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_calculator_attributes_preferred_flat_percent", min: -100, max: 100, "invert-number": true, "ng-model": "rule.calculator.preferred_flat_percent" }
-  %span.text-normal %

app/assets/javascripts/templates/admin/tag_rules/filter_order_cycles_input.html.haml

@@ -1,5 +0,0 @@
-%div
-  %input.fullwidth.light.ofn-select2{ id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_order_cycles_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_order_cycles_visibility]", data: 'visibilityOptions', "min-search": 5, "ng-model": "rule.preferred_matched_order_cycles_visibility", "ng-if": "!rule.is_default" }
-  %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_order_cycles_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_order_cycles_visibility]", "ng-value": "'hidden'", "ng-if": "rule.is_default" }
-  %span.text-normal{ "ng-if": "rule.is_default" }
-    =t(:not_visible)

app/assets/javascripts/templates/admin/tag_rules/filter_payment_methods_input.html.haml

@@ -1,5 +0,0 @@
-%div
-  %input.fullwidth.light.ofn-select2{ id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_payment_methods_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_payment_methods_visibility]", data: 'visibilityOptions', "min-search": 5, "ng-model": "rule.preferred_matched_payment_methods_visibility", "ng-if": "!rule.is_default" }
-  %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_payment_methods_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_payment_methods_visibility]", "ng-value": "'hidden'", "ng-if": "rule.is_default" }
-  %span.text-normal{ "ng-if": "rule.is_default" }
-    = t(:not_visible)

app/assets/javascripts/templates/admin/tag_rules/filter_products_input.html.haml

@@ -1,5 +0,0 @@
-%div
-  %input.fullwidth.light.ofn-select2{ id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_variants_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_variants_visibility]", data: 'visibilityOptions', "min-search": 5, "ng-model": "rule.preferred_matched_variants_visibility", "ng-if": "!rule.is_default" }
-  %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_variants_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_variants_visibility]", "ng-value": "'hidden'", "ng-if": "rule.is_default" }
-  %span.text-normal{ "ng-if": "rule.is_default" }
-    = t(:not_visible)

app/assets/javascripts/templates/admin/tag_rules/filter_shipping_methods_input.html.haml

@@ -1,6 +0,0 @@
-%div
-  %input.fullwidth.light.ofn-select2{ id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_shipping_methods_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_shipping_methods_visibility]", data: 'visibilityOptions', "min-search": 5, "ng-model": "rule.preferred_matched_shipping_methods_visibility", "ng-if": "!rule.is_default" }
-  %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_matched_shipping_methods_visibility", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_matched_shipping_methods_visibility]", "ng-value": "'hidden'", "ng-if": "rule.is_default" }
-  %span.text-normal{ "ng-if": "rule.is_default" }
-    = t(:not_visible)
-

app/assets/javascripts/templates/admin/tag_rules/tag_rule.html.haml

@@ -1,32 +0,0 @@
-%div{ id: "tr_{{tagGroup.startIndex + $index}}" }
-  %table
-    %colgroup
-      %col.text{ width: "35%" }
-      %col.inputs{ width: "55%" }
-      %col.actions{ width: "10%" }
-    %tr
-      %td
-        %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_id", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][id]", "ng-value": "rule.id" }
-
-        %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_type", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][type]", "ng-value": "rule.type" }
-
-        %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_priority", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][priority]", "ng-value": "tagGroup.startIndex + $index" }
-
-        %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_is_default", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][is_default]", "ng-value": "rule.is_default" }
-
-        %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_customer_tags", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_customer_tags]", "ng-value": "rule.preferred_customer_tags" }
-
-        %input{ type: "hidden", id: "enterprise_tag_rules_attributes_{{tagGroup.startIndex + $index}}_preferred_{{opt[rule.type].taggable}}_tags", name: "enterprise[tag_rules_attributes][{{tagGroup.startIndex + $index}}][preferred_{{opt[rule.type].taggable}}_tags]", "ng-value": "opt[rule.type].tagListFor(rule)" }
-
-        %span.text-normal {{ opt[rule.type].textTop }}
-      %td
-        %tags-with-translation{ object: "rule", max: 1, "tags-attr" => "{{opt[rule.type].tagsAttr}}", "tag-list-attr" => "{{opt[rule.type].tagListAttr}}" }
-      %td.actions{ rowspan: 2 }
-        %a{ class: "delete-tag-rule icon-trash no-text", "ng-click": "deleteTagRule(tagGroup || defaultTagGroup, rule)" }
-    %tr
-      %td
-        %span.text-normal {{ opt[rule.type].textBottom }}
-      %td
-        %div{ "ng-include": "opt[rule.type].inputTemplate" }
-
-  %hr

app/assets/javascripts/templates/partials/producer_details.html.haml

@@ -12,7 +12,7 @@
     .row
       .columns.small-12
         %a.cta-hub{"ng-repeat" => "hub in enterprise.hubs | filter:{id: '!'+enterprise.id} | orderBy:'-active'",
-        "ng-href" => "{{::hub.path}}#/shop_panel", "ofn-empties-cart" => "hub",
+        "ng-href" => "{{::hub.path}}#/shop_panel",
         "ng-class" => "::{primary: hub.active, secondary: !hub.active}",
         "ng-click" => "$close()",
         "ofn-change-hub" => "hub"}

app/components/add_tag_rule_modal_component.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+class AddTagRuleModalComponent < ModalComponent
+  def initialize(id:, tag_rule_types:, current_index:, div_id:, is_default: false,
+                 customer_tag: "", hidden_field_customer_tag_options: {} )
+    super
+
+    @close_button = false
+    @modal_class = "tiny"
+
+    @tag_rule_types = tag_rule_types
+    @current_index = current_index
+    @div_id = div_id
+    @is_default = is_default
+    @customer_tag = customer_tag
+    @hidden_field_customer_tag_options = hidden_field_customer_tag_options
+  end
+
+  attr_reader :tag_rule_types, :current_index, :div_id, :is_default, :customer_tag,
+              :hidden_field_customer_tag_options
+end

app/components/add_tag_rule_modal_component/add_tag_rule_modal_component.html.haml

@@ -0,0 +1,32 @@
+-# as far as I can tell we can't pass content to the parent template while rendering ie: something like :
+-# = render_parent do
+-#   .something
+-#     my content
+-# Workarount is to copy the ModalComponent template
+%div{ id: @id, "data-controller": @data_controller, "data-action": @data_action, "data-modal-instant-value": @instant, **@options }
+  .reveal-modal-bg.fade{ "data-modal-target": "background", "data-action": "click->modal#close" }
+  .reveal-modal.fade.modal-component{ "data-modal-target": "modal", class: @modal_class }
+    #new-tag-rule-dialog{ "data-controller": "add-tag-rule-modal",
+      "data-add-tag-rule-modal-index-value": current_index } 
+
+      -# Ideally we would use event to communicate the update of customer tag, but we would need 
+      -# the element with  "data-controller": "add-tag-rule-modal" 
+      -# to be parent of the element with "data-controller": "tag-rule-group-form" 
+      -# so it could respond to event generated by  "tag-rule-group-form".
+      -# Here we are in the opposite situation so we use a hidden field to store the value of 
+      -# the customer tag, so it can be updated by "tag-rule-group-form"
+      = hidden_field_tag "customer_tag", customer_tag, { "data-add-tag-rule-modal-target": "ruleCustomerTag" }.merge(hidden_field_customer_tag_options)
+      .text-normal.margin-bottom-30.text-center
+        = t('components.add_tag_rule_modal.select_rule_type')
+      .text-center.margin-bottom-30
+        = select_tag :rule_type_selector, options_for_select(tag_rule_types), { "data-controller": "tom-select", "data-add-tag-rule-modal-target": "rule", class: "primary no-search" }
+      .text-center
+        %input.button.red.icon-plus{ type: 'button',
+          value: "#{t('components.add_tag_rule_modal.add_rule')}",
+          "data-action": "click->add-tag-rule-modal#add click->modal#close",
+          "data-add-tag-rule-modal-div-id-param": div_id,
+          "data-add-tag-rule-modal-is-default-param": "#{is_default}"}
+
+    - if close_button?
+      .text-center
+        %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.close'), "data-action": "click->modal#close" }

app/components/add_tag_rule_modal_component/add_tag_rule_modal_controller.js

@@ -0,0 +1,46 @@
+import { Controller } from "stimulus";
+import showHttpError from "../../webpacker/js/services/show_http_error";
+
+export default class extends Controller {
+  static targets = ["rule", "ruleCustomerTag"];
+  static values = { index: Number };
+
+  add({ params }) {
+    const rule_type = this.ruleTarget.value;
+    const index = this.indexValue;
+    const divId = params["divId"];
+    const isDefault = params["isDefault"];
+    const customerTags = this.hasRuleCustomerTagTarget
+      ? this.ruleCustomerTagTarget.value
+      : undefined;
+
+    const urlParams = new URLSearchParams();
+    urlParams.append("rule_type", rule_type);
+    urlParams.append("index", index);
+    urlParams.append("div_id", divId);
+    urlParams.append("is_default", isDefault);
+    if (customerTags != undefined) {
+      urlParams.append("customer_tags", customerTags);
+    }
+
+    // fetch from backend
+    fetch(`tag_rules/new?${urlParams}`, {
+      method: "GET",
+      headers: {
+        Accept: "text/vnd.turbo-stream.html",
+      },
+    })
+      .then((response) => {
+        if (!response.ok) {
+          showHttpError(response.status);
+          throw response;
+        }
+        return response.text();
+      })
+      .then((html) => {
+        Turbo.renderStreamMessage(html);
+        this.indexValue = parseInt(index) + 1;
+      })
+      .catch((error) => console.error(error));
+  }
+}

app/components/example_component/example_controller.js

@@ -1,4 +1,5 @@
-// This controller will be called "example-component--example", ie "component-subdirectory--js-file-name"
+// This controller will be called "example", ie "js-file-name" minus the "_controller.js"
+// see controller/index.js for more info
 import { Controller } from "stimulus";
 
 export default class extends Controller {}

app/components/searchable_dropdown_component.rb

@@ -30,7 +30,7 @@ class SearchableDropdownComponent < ViewComponent::Base
               :aria_label, :other_attrs
 
   def classes
-    "fullwidth #{remove_search_plugin? ? 'no-input' : ''}"
+    "fullwidth #{'no-input' if remove_search_plugin?}"
   end
 
   def data

app/components/tag_list_input_component.rb

@@ -1,14 +1,29 @@
 # frozen_string_literal: true
 
 class TagListInputComponent < ViewComponent::Base
-  # method in a "hidden_field" form helper and is the method used to get a list of tag on the model
-  def initialize(form:, method:, tags:,
-                 placeholder: I18n.t("components.tag_list_input.default_placeholder"))
-    @f = form
-    @method = method
+  def initialize(name:, tags:,
+                 placeholder: I18n.t("components.tag_list_input.default_placeholder"),
+                 only_one: false,
+                 aria_label: nil,
+                 hidden_field_data_options: {},
+                 autocomplete_url: "")
+    @name = name
     @tags = tags
     @placeholder = placeholder
+    @only_one = only_one
+    @aria_label_option = aria_label ? { 'aria-label': aria_label } : {}
+    @hidden_field_data_options = hidden_field_data_options
+    @autocomplete_url = autocomplete_url
   end
 
-  attr_reader :f, :method, :tags, :placeholder
+  attr_reader :name, :tags, :placeholder, :only_one, :aria_label_option,
+              :hidden_field_data_options, :autocomplete_url
+
+  private
+
+  def display
+    return "none" if tags.length >= 1 && only_one == true
+
+    "block"
+  end
 end

app/components/tag_list_input_component/tag_list_input_component.html.haml

@@ -1,19 +1,27 @@
-%div{ "data-controller": "tag-list-input-component--tag-list-input" }
+%div{ "data-controller": "tag-list-input", "data-tag-list-input-only-one-value": "#{only_one}", "data-tag-list-input-url-value": autocomplete_url, "data-action": "autocomplete.change->tag-list-input#addTag" }
   .tags-input
     .tags
       - # We use display:none instead of hidden field, so changes to the value can be picked up by the bulkFormController 
-      = f.text_field method.to_sym, value: tags.join(","), "data-tag-list-input-component--tag-list-input-target": "tagList", "style": "display: none" 
-      %ul.tag-list{"data-tag-list-input-component--tag-list-input-target": "list"}
-        %template{"data-tag-list-input-component--tag-list-input-target": "template"}
+      = text_field_tag name, tags.join(","), {"data-tag-list-input-target": "tagList", "style": "display: none"}.merge(hidden_field_data_options)
+      %ul.tag-list{"data-tag-list-input-target": "list"}
+        %template{"data-tag-list-input-target": "template"}
           %li.tag-item
             .tag-template
               %span
-              %a.remove-button{ "data-action": "click->tag-list-input-component--tag-list-input#removeTag" }
-                ✖ 
+              %a.remove-button{ "data-action": "click->tag-list-input#removeTag" }
+                ×
         - tags.each do |tag|
           %li.tag-item
             .tag-template
               %span=tag
-              %a.remove-button{ "data-action": "click->tag-list-input-component--tag-list-input#removeTag" }
-                ✖
-      = text_field_tag "variant_add_tag_#{f.object.id}".to_sym, nil, class: "input", placeholder: placeholder, "data-action": "keydown.enter->tag-list-input-component--tag-list-input#addTag keyup->tag-list-input-component--tag-list-input#filterInput", "data-tag-list-input-component--tag-list-input-target": "newTag"
+              %a.remove-button{ "data-action": "click->tag-list-input#removeTag" }
+                ×
+      = text_field_tag("variant_add_tag",
+        nil,
+        { class: "input",
+          placeholder: placeholder,
+          "data-action": "keydown.enter->tag-list-input#keyboardAddTag keyup->tag-list-input#filterInput blur->tag-list-input#onBlur focus->tag-list-input#onInputChange",
+          "data-tag-list-input-target": "input",
+          **aria_label_option,
+          style: "display: #{display};"})
+    %ul.suggestion-list{ "data-tag-list-input-target": "results" , hidden: true }

app/components/tag_list_input_component/tag_list_input_component.scss

@@ -30,7 +30,7 @@
     li.tag-item {
       border-radius: 3px;
       margin: 2px 0 2px 3px;
-      padding: 0 5px;
+      padding: 0 0 0 5px;
       display: inline-block;
       float: left;
       font-size: 14px;
@@ -42,16 +42,18 @@
       background-color: $teal;
 
       .remove-button {
-        margin: 0 0 0 5px;
-        padding: 0;
-        border: none;
+        border-left: 1px solid darken($teal, 5);
+        margin-left: 2px;
+        padding: 0 6px;
         background: 0 0;
         cursor: pointer;
         vertical-align: middle;
-        font:
-          700 16px Arial,
-          sans-serif;
+        font-size: 14px;
         color: white;
+
+        &:hover {
+          background: rgba(0, 0, 0, 0.05);
+        }
       }
     }
 
@@ -65,4 +67,35 @@
       font-size: 14px;
     }
   }
+
+  ul.suggestion-list {
+    margin-top: 5px;
+    padding: 5px 0;
+    z-index: $tag-drop-down-z-index;
+    width: fit-content;
+    background-color: #fff;
+    border: 1px solid rgba(0, 0, 0, 0.2);
+    box-shadow: $shadow-dropdown;
+    list-style-type: none;
+    max-height: 280px;
+    overflow-y: auto;
+    position: relative;
+
+    li.suggestion-item {
+      padding: 5px 10px;
+      cursor: pointer;
+      white-space: nowrap;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      color: #000;
+      background-color: #fff;
+      width: stretch;
+
+      &.active,
+      &:hover {
+        color: #fff;
+        background-color: $color-link-visited;
+      }
+    }
+  }
 }

app/components/tag_list_input_component/tag_list_input_controller.js

@@ -1,28 +1,44 @@
-import { Controller } from "stimulus";
+import { Autocomplete } from "stimulus-autocomplete";
 
-export default class extends Controller {
-  static targets = ["tagList", "newTag", "template", "list"];
+// Extend the stimulus-autocomplete controller, so we can load tag with existing rules
+// The autocomplete functionality is only loaded if the url value is set
+// For more informatioon on "stimulus-autocomplete", see:
+//    https://github.com/afcapel/stimulus-autocomplete/tree/main
+//
+export default class extends Autocomplete {
+  static targets = ["tagList", "input", "template", "list"];
+  static values = { onlyOne: Boolean };
+
+  connect() {
+    // Don't start autocomplete controller if we don't have an url
+    if (this.urlValue.length == 0) return;
+
+    super.connect();
+  }
 
   addTag(event) {
-    // prevent hotkey form submitting the form (default action for "enter" key)
-    event.preventDefault();
-
-    // Check if tag already exist
-    const newTagName = this.newTagTarget.value.trim();
+    const newTagName = this.inputTarget.value.trim().replaceAll(" ", "-");
     if (newTagName.length == 0) {
       return;
     }
 
+    // Check if tag already exist
     const tags = this.tagListTarget.value.split(",");
     const index = tags.indexOf(newTagName);
     if (index != -1) {
       // highlight the value in red
-      this.newTagTarget.classList.add("tag-error");
+      this.inputTarget.classList.add("tag-error");
       return;
     }
 
     // add to tagList
-    this.tagListTarget.value = this.tagListTarget.value.concat(`,${newTagName}`);
+    if (this.tagListTarget.value == "") {
+      this.tagListTarget.value = newTagName;
+    } else {
+      this.tagListTarget.value = this.tagListTarget.value.concat(`,${newTagName}`);
+    }
+    // manualy dispatch an Input event so the change can get picked up by other controllers
+    this.tagListTarget.dispatchEvent(new InputEvent("input"));
 
     // Create new li component with value
     const newTagElement = this.templateTarget.content.cloneNode(true);
@@ -31,7 +47,21 @@ export default class extends Controller {
     this.listTarget.appendChild(newTagElement);
 
     // Clear new tag value
-    this.newTagTarget.value = "";
+    this.inputTarget.value = "";
+
+    // hide tag input if limited to one tag
+    if (this.tagListTarget.value.split(",").length == 1 && this.onlyOneValue == true) {
+      this.inputTarget.style.display = "none";
+    }
+  }
+
+  keyboardAddTag(event) {
+    // prevent hotkey form submitting the form (default action for "enter" key)
+    if (event) {
+      event.preventDefault();
+    }
+
+    this.addTag();
   }
 
   removeTag(event) {
@@ -40,19 +70,24 @@ export default class extends Controller {
 
     // Remove tag from list
     const tags = this.tagListTarget.value.split(",");
-    this.tagListTarget.value = tags.filter(tag => tag != tagName).join(",");
+    this.tagListTarget.value = tags.filter((tag) => tag != tagName).join(",");
 
     // manualy dispatch an Input event so the change gets picked up by the bulk form controller
     this.tagListTarget.dispatchEvent(new InputEvent("input"));
 
     // Remove HTML element from the list
     event.srcElement.parentElement.parentElement.remove();
+
+    // Make sure the tag input is displayed
+    if (this.tagListTarget.value.length == 0) {
+      this.inputTarget.style.display = "block";
+    }
   }
 
   filterInput(event) {
     // clear error class if key is not enter
     if (event.key !== "Enter") {
-      this.newTagTarget.classList.remove("tag-error");
+      this.inputTarget.classList.remove("tag-error");
     }
 
     // Strip comma from tag name
@@ -60,4 +95,53 @@ export default class extends Controller {
       event.srcElement.value = event.srcElement.value.replace(",", "");
     }
   }
+
+  // Add tag if we don't have an autocomplete list open
+  onBlur() {
+    // check if we have any autocomplete results
+    if (this.resultsTarget.childElementCount == 0) this.addTag();
+  }
+
+  // Override original to add tag filtering
+  replaceResults(html) {
+    const filteredHtml = this.#filterResults(html);
+
+    // Don't show result if we don't have anything to show
+    if (filteredHtml.length == 0) return;
+
+    super.replaceResults(filteredHtml);
+  }
+
+  // Override original to all empty query, which will return all existing tags
+  onInputChange = () => {
+    if (this.urlValue.length == 0) return;
+
+    if (this.hasHiddenTarget) this.hiddenTarget.value = "";
+
+    const query = this.inputTarget.value.trim();
+    if (query.length >= this.minLengthValue) {
+      this.fetchResults(query);
+    } else {
+      this.hideAndRemoveOptions();
+    }
+  };
+
+  //private
+
+  #filterResults(html) {
+    const existingTags = this.tagListTarget.value.split(",");
+    // Parse the HTML
+    const parser = new DOMParser();
+    const doc = parser.parseFromString(html, "text/html");
+    const lis = doc.getElementsByTagName("li");
+    // Filter
+    let filteredHtml = "";
+    for (let li of lis) {
+      if (!existingTags.includes(li.dataset.autocompleteValue)) {
+        filteredHtml += li.outerHTML;
+      }
+    }
+
+    return filteredHtml;
+  }
 }

app/components/tag_rule_form_component.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+class TagRuleFormComponent < ViewComponent::Base
+  def initialize(rule:, index:, customer_tags: "",
+                 hidden_field_customer_tag_options: {})
+    @rule = rule
+    @index = index
+    @customer_tags = customer_tags
+    @hidden_field_customer_tag_options = hidden_field_customer_tag_options
+  end
+
+  attr_reader :rule, :index, :customer_tags, :hidden_field_customer_tag_options
+
+  private
+
+  def element_name(name)
+    "enterprise[tag_rules_attributes][#{index}][#{name}]"
+  end
+
+  def rule_data # rubocop:disable Metrics/MethodLength
+    case rule.type
+    when "TagRule::FilterShippingMethods"
+      {
+        text_top: t('components.tag_rule_form.tag_rules.shipping_method_tagged_top'),
+        text_bottom: t('components.tag_rule_form.tag_rules.shipping_method_tagged_bottom'),
+        taggable: "shipping_method",
+        visibility_field: "preferred_matched_shipping_methods_visibility",
+      }
+    when "TagRule::FilterPaymentMethods"
+      {
+        text_top: t('components.tag_rule_form.tag_rules.payment_method_tagged_top'),
+        text_bottom: t('components.tag_rule_form.tag_rules.payment_method_tagged_bottom'),
+        taggable: "payment_method",
+        visibility_field: "preferred_matched_payment_methods_visibility",
+      }
+    when "TagRule::FilterOrderCycles"
+      {
+        text_top: t('components.tag_rule_form.tag_rules.order_cycle_tagged_top'),
+        text_bottom: t('components.tag_rule_form.tag_rules.order_cycle_tagged_bottom'),
+        taggable: "exchange",
+        visibility_field: "preferred_matched_order_cycles_visibility",
+      }
+    when "TagRule::FilterProducts"
+      {
+        text_top: t('components.tag_rule_form.tag_rules.inventory_tagged_top'),
+        text_bottom: t('components.tag_rule_form.tag_rules.inventory_tagged_bottom'),
+        taggable: "variant",
+        visibility_field: "preferred_matched_variants_visibility",
+      }
+    when "TagRule::FilterVariants"
+      {
+        text_top: t('components.tag_rule_form.tag_rules.variant_tagged_top'),
+        text_bottom: t('components.tag_rule_form.tag_rules.variant_tagged_bottom'),
+        taggable: "variant",
+        visibility_field: "preferred_matched_variants_visibility",
+      }
+    end
+  end
+
+  def visibility_options
+    [
+      [t('components.tag_rule_form.tag_rules.visible'), "visible"],
+      [t('components.tag_rule_form.tag_rules.not_visible'), "hidden"]
+    ]
+  end
+end

app/components/tag_rule_form_component/tag_rule_form_component.html.haml

@@ -0,0 +1,35 @@
+%div{ id: "tr_#{index}" } 
+  %table
+    %colgroup
+      %col.text{ width: "35%" }
+      %col.inputs{ width: "55%" }
+      %col.actions{ width: "10%" }
+    %tr
+      %td
+        = hidden_field_tag element_name("id"), rule.id
+        = hidden_field_tag element_name("type"), rule.type
+        = hidden_field_tag element_name("priority"), index
+        = hidden_field_tag element_name("is_default"), rule.is_default
+        = hidden_field_tag element_name("preferred_customer_tags"), customer_tags, hidden_field_customer_tag_options
+        %span.text-normal
+          = rule_data[:text_top]
+      %td
+        = render TagListInputComponent.new(name: element_name("preferred_#{rule_data[:taggable]}_tags"), tags: rule.tags.split(","), only_one: true)
+      %td.actions{ rowspan: 2 , "data-controller": "delete-tag-rule", "data-delete-tag-rule-index-value": index }
+        - if rule.new_record?
+          = link_to("", "#", { "data-action": "click->delete-tag-rule#delete" ,class: "delete-tag-rule icon-trash no-text"})
+        - else
+          = link_to("", "#{admin_enterprise_tag_rule_url(rule.enterprise_id, rule.id)}?index=#{index}", { "data-turbo-method": "delete", "data-turbo-confirm": t("admin.tag_rules.confirm_delete"), class: "delete-tag-rule icon-trash no-text" })
+    %tr
+      %td
+        %span.text-normal 
+          = rule_data[:text_bottom]
+      %td
+        %div
+          %div
+            - if rule.is_default
+              = hidden_field_tag "enterprise[tag_rules_attributes][#{index}][#{rule_data[:visibility_field]}]", "hidden"
+              %span.text-normal
+                = t(:not_visible)
+            - else
+              = select_tag "enterprise[tag_rules_attributes][#{index}][#{rule_data[:visibility_field]}]", options_for_select(visibility_options, rule.public_send(rule_data[:visibility_field].to_sym) ), { "data-controller": "tom-select", class: "primary no-search" }

app/components/tag_rule_group_form_component.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+class TagRuleGroupFormComponent < ViewComponent::Base
+  def initialize(group:, index:, customer_rule_index:, tag_rule_types:)
+    @group = group
+    @index = index
+    @customer_rule_index = customer_rule_index
+    @tag_rule_types = tag_rule_types
+  end
+
+  attr_reader :group, :index, :customer_rule_index, :tag_rule_types
+
+  private
+
+  def form_id
+    "tg_#{index}"
+  end
+
+  def customer_tag_rule_div_id
+    "new-customer-tag-rule-#{index}"
+  end
+
+  def tag_list_input_name
+    "group[#{index}][preferred_customer_tags]"
+  end
+end

app/components/tag_rule_group_form_component/tag_rule_group_form_component.html.haml

@@ -0,0 +1,39 @@
+%div{ id: form_id, "data-controller": "tag-rule-group-form" }
+  - rule_index = customer_rule_index
+  .customer_tag
+    .header
+      %table
+        %colgroup
+          %col{width: '35%'}
+          %col{width: '65%'}
+        %tr
+          %td
+            %h5
+              = t('components.tag_rule_group_form.for_customers_tagged')
+          %td
+            = render(TagListInputComponent.new(name: tag_list_input_name,
+              tags: group[:tags],
+              only_one: true,
+              hidden_field_data_options: { "data-action": "input->tag-rule-group-form#updatePreferredCustomerTag", "data-tag-rule-group-form-target": "customerTag" }))
+    %div{ id: customer_tag_rule_div_id }
+      - if group[:rules].empty?
+        .no_rules
+          = t('components.tag_rule_group_form.no_rules_yet')
+      - else
+        - group[:rules].each do |rule|
+          - rule_index += 1
+          = render(TagRuleFormComponent.new(rule: rule,
+            index: rule_index,
+            customer_tags: group[:tags],
+            hidden_field_customer_tag_options: { "data-tag-rule-group-form-target": "ruleCustomerTag" }))
+
+    %hr
+    .add_rule.text-center
+      %input.button{ type: 'button', value: t('components.tag_rule_group_form.add_new_rule'), "data-controller": "modal-link", "data-action": "click->modal-link#open", "data-modal-link-target-value": "tag_rule_add_new_rule_#{index}" }
+
+  = render AddTagRuleModalComponent.new(id: "tag_rule_add_new_rule_#{index}",
+    tag_rule_types: tag_rule_types,
+    current_index: (rule_index + 1),
+    div_id: customer_tag_rule_div_id,
+    customer_tag: group[:tags],
+    hidden_field_customer_tag_options: { "data-tag-rule-group-form-target": "ruleCustomerTag" })

app/components/tag_rule_group_form_component/tag_rule_group_form_controller.js

@@ -0,0 +1,11 @@
+import { Controller } from "stimulus";
+
+export default class extends Controller {
+  static targets = ["customerTag", "ruleCustomerTag"];
+
+  updatePreferredCustomerTag() {
+    const customerTag = this.customerTagTarget.value;
+
+    this.ruleCustomerTagTargets.forEach((element) => (element.value = customerTag));
+  }
+}

app/components/vertical_ellipsis_menu/component.rb

@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-module VerticalEllipsisMenu
-  class Component < ViewComponent::Base
-  end
-end

app/components/vertical_ellipsis_menu_component.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class VerticalEllipsisMenuComponent < ViewComponent::Base
+end

app/components/vertical_ellipsis_menu_component/vertical_ellipsis_menu_component.html.haml

@@ -1,4 +1,4 @@
-.vertical-ellipsis-menu{ "data-controller": "vertical-ellipsis-menu--component" }
-  %i.fa.fa-ellipsis-v{ "data-action": "click->vertical-ellipsis-menu--component#toggle" }
-  .vertical-ellipsis-menu-content{ "data-vertical-ellipsis-menu--component-target": "content" }
+.vertical-ellipsis-menu{ "data-controller": "vertical-ellipsis-menu" }
+  %i.fa.fa-ellipsis-v{ "data-action": "click->vertical-ellipsis-menu#toggle" }
+  .vertical-ellipsis-menu-content{ "data-vertical-ellipsis-menu-target": "content" }
     = content

app/components/webhook_endpoint_form_component.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class WebhookEndpointFormComponent < ViewComponent::Base
+  def initialize(webhooks:, webhook_type:)
+    @webhooks = webhooks
+    @webhook_type = webhook_type
+  end
+
+  private
+
+  attr_reader :webhooks, :webhook_type
+
+  def is_webhook_payment_status?
+    webhook_type == "payment_status_changed"
+  end
+end

app/components/webhook_endpoint_form_component/webhook_endpoint_form_component.html.haml

@@ -0,0 +1,27 @@
+-# Create new endpoints
+- if webhooks.empty? # Only one allowed for now.
+  %tr
+    %td= t("components.webhook_endpoint_form.event_types.#{webhook_type}")
+    %td
+      = form_with(url: helpers.account_webhook_endpoints_path, id: "#{webhook_type}_webhook_endpoint") do |f|
+        = f.url_field :'webhook_endpoint[url]', id: "#{webhook_type}_webhook_endpoint_url", placeholder: t('components.webhook_endpoint_form.url.create_placeholder'), required: true, size: 64
+        = f.hidden_field :'webhook_endpoint[webhook_type]', id: "#{webhook_type}_webhook_endpoint_webhook_type", value: webhook_type
+    %td.actions
+      = button_tag t(:create), class: 'button primary tiny no-margin', form: "#{webhook_type}_webhook_endpoint"
+
+-# Existing endpoints
+- webhooks.each do |webhook_endpoint|
+  %tr
+    %td= t("components.webhook_endpoint_form.event_types.#{webhook_type}")
+    %td= webhook_endpoint.url
+    %td.actions.endpoints-actions
+      - if webhook_endpoint.persisted?
+        = button_to helpers.account_webhook_endpoint_path(webhook_endpoint), method: :delete,
+                                                                             class: "tiny alert no-margin",
+                                                                             data: { confirm: I18n.t(:are_you_sure) } do
+          = I18n.t(:delete)
+
+        - if is_webhook_payment_status?
+          = form_tag helpers.webhook_endpoint_test_account_path(webhook_endpoint), class: "button_to", 'data-turbo': true do
+            = button_tag type: "submit", class: "tiny alert no-margin", data: { confirm: I18n.t(:are_you_sure) } do
+              = I18n.t("components.webhook_endpoint_form.test_endpoint")

app/controllers/admin/bulk_line_items_controller.rb

@@ -3,6 +3,7 @@
 module Admin
   class BulkLineItemsController < Spree::Admin::BaseController
     include PaginationData
+
     # GET /admin/bulk_line_items.json
     #
     def index
@@ -12,7 +13,7 @@ module Admin
       @line_items = order_permissions.
         editable_line_items.where(order_id: orders).
         includes(:variant).
-        ransack(params[:q]).result.order(:id)
+        ransack(line_items_search_query).result.order(:id)
 
       @pagy, @line_items = pagy(@line_items) if pagination_required?
 
@@ -88,5 +89,27 @@ module Admin
     def page
       params[:page] || 1
     end
+
+    def line_items_search_query
+      query = params.permit(q: {}).to_h[:q] || {}
+
+      search_fields_string = [
+        spree_current_user.admin? ? "order_distributor_name" : "order_distributor_name_alias",
+        "order_bill_address_phone",
+        "order_bill_address_firstname",
+        "order_bill_address_lastname",
+        "order_bill_address_full_name",
+        "order_bill_address_full_name_reversed",
+        "order_bill_address_full_name_with_comma",
+        "order_bill_address_full_name_with_comma_reversed",
+        "variant_supplier_name",
+        "order_email",
+        "order_number",
+        "product_name"
+      ].join("_or_")
+      search_query = "#{search_fields_string}_cont"
+
+      query.merge({ search_query => params[:search_query] })
+    end
   end
 end

app/controllers/admin/column_preferences_controller.rb

@@ -40,8 +40,8 @@ module Admin
 
       respond_to do |format|
         format.json do
-          collection_attributes = Hash[permitted_params[:column_preferences].
-            each_with_index.map { |cp, i| [i, cp] }]
+          collection_attributes = permitted_params[:column_preferences].
+            each_with_index.to_h { |cp, i| [i, cp] }
           collection_attributes.select!{ |_i, cp|
             cp[:action_name] == permitted_params[:action_name]
           }

app/controllers/admin/customers_controller.rb

@@ -51,6 +51,18 @@ module Admin
       end
     end
 
+    # copy of Admin::ResourceController without flash notice
+    def update
+      if @object.update(permitted_resource_params)
+        respond_with(@object) do |format|
+          format.html { redirect_to location_after_save }
+          format.js   { render layout: false }
+        end
+      else
+        respond_with(@object)
+      end
+    end
+
     # copy of Admin::ResourceController without flash notice
     def destroy
       if @object.destroy

app/controllers/admin/dfc_product_imports_controller.rb

@@ -15,8 +15,8 @@ module Admin
     def index
       # Fetch DFC catalog JSON for preview
       @catalog_url = params.require(:catalog_url).strip
-      @catalog_json = api.call(@catalog_url)
-      catalog = DfcCatalog.from_json(@catalog_json)
+      @catalog_data = api.call(@catalog_url)
+      catalog = DfcCatalog.from_json(@catalog_data)
 
       # Render table and let user decide which ones to import.
       @items = list_products(catalog)

app/controllers/admin/enterprises_controller.rb

@@ -48,6 +48,10 @@ module Admin
       @object = Enterprise.where(permalink: params[:id]).
         includes(users: [:ship_address, :bill_address]).first
       @object.build_custom_tab if @object.custom_tab.nil?
+
+      load_tag_rule_types
+
+      load_tag_rules
       return unless params[:stimulus]
 
       @enterprise.is_primary_producer = params[:is_primary_producer]
@@ -69,15 +73,19 @@ module Admin
       delete_custom_tab if params[:custom_tab] == 'false'
 
       if @object.update(enterprise_params)
-        flash[:success] = flash_message_for(@object, :successfully_updated)
+        flash[:success] = flash_success_message
+
         respond_with(@object) do |format|
           format.html { redirect_to location_after_save }
           format.js   { render layout: false }
           format.json {
             render_as_json @object, ams_prefix: 'index', spree_current_user:
           }
+          format.turbo_stream
         end
       else
+        load_tag_rule_types
+        load_tag_rules
         respond_with(@object) do |format|
           format.json {
             render json: { errors: @object.errors.messages }, status: :unprocessable_entity
@@ -142,6 +150,30 @@ module Admin
       end
     end
 
+    def new_tag_rule_group
+      load_tag_rule_types
+
+      @index = params[:index]
+      @customer_rule_index = params[:customer_rule_index].to_i
+      @group = { tags: [], rules: [] }
+
+      respond_to do |format|
+        format.turbo_stream
+      end
+    end
+
+    def destroy
+      if @object.destroy
+        flash.now[:success] = flash_message_for(@object, :successfully_removed)
+      else
+        flash.now[:error] = @object.errors.full_messages.to_sentence
+      end
+
+      respond_to do |format|
+        format.turbo_stream { render :destroy, status: :ok }
+      end
+    end
+
     protected
 
     def delete_custom_tab
@@ -164,6 +196,25 @@ module Admin
 
     private
 
+    def flash_success_message
+      if attachment_removal?
+        I18n.t("admin.controllers.enterprises.#{attachment_removal_parameter}_success")
+      else
+        flash_message_for(@object, :successfully_updated)
+      end
+    end
+
+    def attachment_removal?
+      attachment_removal_parameter.present?
+    end
+
+    def attachment_removal_parameter
+      if enterprise_params.keys.one? && enterprise_params.keys.first.to_s.start_with?("remove_")
+        enterprise_params.keys.first
+      end
+    end
+    helper_method :attachment_removal_parameter
+
     def load_enterprise_set_on_index
       return unless spree_current_user.admin?
 
@@ -254,7 +305,7 @@ module Admin
       # methods that are specific to each class do not become available until after the
       # record is persisted. This problem is compounded by the use of calculators.
       @object.transaction do
-        tag_rules_attributes.select{ |_i, attrs| attrs[:type].present? }.each do |_i, attrs|
+        tag_rules_attributes.select{ |_i, attrs| attrs[:type].present? }.each_value do |attrs|
           rule = @object.tag_rules.find_by(id: attrs.delete(:id)) ||
                  attrs[:type].constantize.new(enterprise: @object)
 
@@ -293,7 +344,7 @@ module Admin
     def check_can_change_bulk_sells
       return if spree_current_user.admin?
 
-      params[:sets_enterprise_set][:collection_attributes].each do |_i, enterprise_params|
+      params[:sets_enterprise_set][:collection_attributes].each_value do |enterprise_params|
         unless spree_current_user == Enterprise.find_by(id: enterprise_params[:id]).owner
           enterprise_params.delete :sells
         end
@@ -327,7 +378,7 @@ module Admin
     def check_can_change_bulk_owner
       return if spree_current_user.admin?
 
-      bulk_params[:collection_attributes].each do |_i, enterprise_params|
+      bulk_params[:collection_attributes].each_value do |enterprise_params|
         enterprise_params.delete :owner_id
       end
     end
@@ -354,6 +405,35 @@ module Admin
       @properties = Spree::Property.pluck(:name)
     end
 
+    def load_tag_rule_types
+      @tag_rule_types = [
+        [t(".form.tag_rules.show_hide_shipping"), "FilterShippingMethods"],
+        [t(".form.tag_rules.show_hide_payment"), "FilterPaymentMethods"],
+        [t(".form.tag_rules.show_hide_order_cycles"), "FilterOrderCycles"]
+      ]
+
+      if helpers.feature?(:variant_tag, @object)
+        @tag_rule_types.prepend([t(".form.tag_rules.show_hide_variants"), "FilterVariants"])
+      elsif helpers.feature?(:inventory, @object)
+        @tag_rule_types.prepend([t(".form.tag_rules.show_hide_variants"), "FilterProducts"])
+      end
+    end
+
+    def load_tag_rules
+      if helpers.feature?(:variant_tag, @object)
+        @default_rules = @enterprise.tag_rules.exclude_inventory.select(&:is_default)
+        @rules = @enterprise.tag_rules.exclude_inventory.prioritised.reject(&:is_default)
+      elsif helpers.feature?(:inventory, @object)
+        @default_rules = @enterprise.tag_rules.exclude_variant.select(&:is_default)
+        @rules = @enterprise.tag_rules.exclude_variant.prioritised.reject(&:is_default)
+      else
+        @default_rules =
+          @enterprise.tag_rules.exclude_inventory.exclude_variant.select(&:is_default)
+        @rules =
+          @enterprise.tag_rules.exclude_inventory.exclude_variant.prioritised.reject(&:is_default)
+      end
+    end
+
     def setup_property
       @enterprise.producer_properties.build
     end

app/controllers/admin/product_import_controller.rb

@@ -17,7 +17,10 @@ module Admin
     end
 
     def import
+      return unless can_import_into_inventories?
+
       @filepath = save_uploaded_file(params[:file])
+
       @importer = ProductImport::ProductImporter.new(File.new(@filepath), spree_current_user,
                                                      params[:settings])
       @original_filename = params[:file].try(:original_filename)
@@ -36,7 +39,22 @@ module Admin
     def save_data
       return unless process_data('save')
 
-      render json: @importer.save_results
+      json = {
+        results: {
+          products_created: @importer.products_created_count,
+          products_updated: @importer.products_updated_count,
+          products_reset: @importer.products_reset_count,
+        },
+        updated_ids: @importer.updated_ids,
+        errors: @importer.errors.full_messages
+      }
+
+      if helpers.inventory_enabled?(spree_current_user.enterprises)
+        json[:results][:inventory_created] = @importer.inventory_created_count
+        json[:results][:inventory_updated] = @importer.inventory_updated_count
+      end
+
+      render json:
     end
 
     def reset_absent_products
@@ -154,5 +172,15 @@ module Admin
                   notice: I18n.t(:product_import_no_data_in_spreadsheet_notice)
       raise 'Invalid File Path'
     end
+
+    # Return an error if trying to import into inventories when inventory is disable
+    def can_import_into_inventories?
+      return true if helpers.inventory_enabled?(spree_current_user.enterprises) ||
+                     params.dig(:settings, "import_into") != 'inventories'
+
+      redirect_to admin_product_import_url, notice: I18n.t(:product_import_inventory_disable)
+
+      false
+    end
   end
 end

app/controllers/admin/products_v3_controller.rb

@@ -10,7 +10,9 @@ module Admin
 
     def index
       fetch_products
-      render "index", locals: { producers:, categories:, tax_category_options:, flash: }
+      render "index",
+             locals: { producer_options:, categories:, tax_category_options:, available_tags:,
+                       flash:, allowed_producers: }
 
       session[:products_return_to_url] = request.url
     end
@@ -30,7 +32,10 @@ module Admin
         @error_counts = { saved: product_set.saved_count, invalid: product_set.invalid.count }
 
         render "index", status: :unprocessable_entity,
-                        locals: { producers:, categories:, tax_category_options:, flash: }
+                        locals: {
+                          producer_options:, categories:, tax_category_options:, available_tags:,
+                          allowed_producers:, flash:
+                        }
       end
     end
 
@@ -75,27 +80,29 @@ module Admin
     end
 
     def clone
-      @product = Spree::Product.find(params[:id])
-      authorize! :clone, @product
+      product = Spree::Product.find(params[:id])
+      authorize! :clone, product
 
       status = :ok
 
       begin
-        @cloned_product = @product.duplicate
+        cloned_product = product.duplicate
         flash.now[:success] = t('.success')
 
-        @product_index = "-#{@cloned_product.id}"
-        @producer_options = producers
-        @category_options = categories
-        @tax_category_options = tax_category_options
+        product_index = "-#{cloned_product.id}"
       rescue ActiveRecord::ActiveRecordError => e
         flash.now[:error] = clone_error_message(e)
         status = :unprocessable_entity
-        @product_index = "-1" # Create a unique enough index
+        product_index = "-1" # Create a unique enough index
       end
 
       respond_with do |format|
-        format.turbo_stream { render :clone, status: }
+        format.turbo_stream {
+          render :clone, status:,
+                         locals: { product:, cloned_product:, product_index:, producer_options:,
+                                   category_options: categories, tax_category_options:,
+                                   allowed_producers: }
+        }
       end
     end
 
@@ -112,6 +119,7 @@ module Admin
       @search_term = params[:search_term] || params[:_search_term]
       @producer_id = params[:producer_id] || params[:_producer_id]
       @category_id = params[:category_id] || params[:_category_id]
+      @tags = params[:tags_name_in] || params[:_tags_name_in]
     end
 
     def init_pagination_params
@@ -119,12 +127,32 @@ module Admin
       @page = params[:page].presence || 1
       @per_page = params[:per_page].presence || 15
       @q = params.permit(q: {})[:q] || { s: 'name asc' }
+
+      # Transform on_hand sorting to properly handle On-Demand products:
+      #   - On-Demand products should ignore on_hand completely and sort alphabetically.
+      #   - Non-On-Demand products should continue sorting by on_hand as usual.
+      if @q[:s] == 'on_hand asc'
+        @q[:s] = [
+          'backorderable_priority asc',
+          'backorderable_name asc',
+          @q[:s]
+        ]
+      elsif @q[:s] == 'on_hand desc'
+        @q[:s] = [
+          'backorderable_priority desc',
+          'backorderable_name asc',
+          @q[:s]
+        ]
+      end
     end
 
-    def producers
-      producers = OpenFoodNetwork::Permissions.new(spree_current_user)
+    def allowed_producers
+      OpenFoodNetwork::Permissions.new(spree_current_user)
         .managed_product_enterprises.is_primary_producer.by_name
-      producers.map { |p| [p.name, p.id] }
+    end
+
+    def producer_options
+      allowed_producers.map { |p| [p.name, p.id] }
     end
 
     def categories
@@ -135,11 +163,44 @@ module Admin
       Spree::TaxCategory.order(:name).pluck(:name, :id)
     end
 
+    def available_tags
+      variants = Spree::Variant.where(
+        product: OpenFoodNetwork::Permissions.new(spree_current_user)
+          .editable_products
+          .merge(product_scope)
+      )
+
+      ActsAsTaggableOn::Tag.joins(:taggings).where(
+        taggings: { taggable_type: "Spree::Variant", taggable_id: variants }
+      ).distinct.order(:name).pluck(:name)
+    end
+
     def fetch_products
       product_query = OpenFoodNetwork::Permissions.new(spree_current_user)
-        .editable_products.merge(product_scope).ransack(ransack_query).result
-      @pagy, @products = pagy(product_query.order(:name), limit: @per_page, page: @page,
-                                                          size: [1, 2, 2, 1])
+        .editable_products.merge(product_scope_with_includes).ransack(ransack_query).result
+
+      # Postgres requires ORDER BY expressions to appear in the SELECT list when using DISTINCT.
+      # When the current ransack sort uses the computed stock columns, include them in the select
+      # so the generated COUNT/DISTINCT query is valid.
+      sort_columns = Array(@q && @q[:s]).flatten
+      if sort_columns.any? { |s|
+           s.to_s.include?('on_hand') || s.to_s.include?('backorderable_priority')
+         }
+
+        product_query = product_query.select(
+          Arel.sql('spree_products.*'),
+          Spree::Product.backorderable_priority_sql,
+          Spree::Product.backorderable_name_sql,
+          Spree::Product.on_hand_sql
+        )
+      end
+
+      @pagy, @products = pagy(
+        product_query.order(:name),
+        limit: @per_page,
+        page: @page,
+        size: [1, 2, 2, 1]
+      )
     end
 
     def product_scope
@@ -150,7 +211,11 @@ module Admin
                 Spree::Product.active
               end
 
-      scope.includes(product_query_includes).distinct
+      scope.distinct
+    end
+
+    def product_scope_with_includes
+      product_scope.includes(product_query_includes)
     end
 
     def ransack_query
@@ -160,6 +225,7 @@ module Admin
         query.merge!(Spree::Variant::SEARCH_KEY => @search_term)
       end
       query.merge!(variants_primary_taxon_id_in: @category_id) if @category_id.present?
+      query.merge!(variants_tags_name_in: @tags) if @tags.present?
       query.merge!(@q) if @q
 
       query
@@ -176,6 +242,7 @@ module Admin
           :stock_items,
           :tax_category,
           :supplier,
+          :taggings,
         ] },
       ]
     end

app/controllers/admin/reports_controller.rb

@@ -4,6 +4,7 @@ module Admin
   class ReportsController < Spree::Admin::BaseController
     include ActiveStorage::SetCurrent
     include ReportsActions
+
     helper ReportsHelper
 
     before_action :authorize_report, only: [:show, :create]
@@ -22,14 +23,12 @@ module Admin
     def show
       @report = report_class.new(spree_current_user, params, render: false)
       @rendering_options = rendering_options
-
       show_report
     end
 
     def create
       @report = report_class.new(spree_current_user, params, render: true)
       update_rendering_options
-
       render_in_background
     end
 
@@ -61,7 +60,9 @@ module Admin
       @blob = ReportBlob.create_for_upload_later!(report_filename)
 
       ReportJob.perform_later(
-        report_class:, user: spree_current_user, params:,
+        report_class:,
+        user: spree_current_user,
+        params:,
         format: report_format,
         blob: @blob,
         channel: ScopedChannel.for_id(params[:uuid]),

app/controllers/admin/resource_controller.rb

@@ -61,7 +61,7 @@ module Admin
 
     def destroy
       if @object.destroy
-        flash[:success] = flash_message_for(@object, :successfully_removed)
+        flash[:success] = Spree.t(:successfully_removed)
         respond_with(@object) do |format|
           format.html { redirect_to collection_url }
           format.js   { render partial: "spree/admin/shared/destroy" }
@@ -76,7 +76,7 @@ module Admin
     protected
 
     def resource_not_found
-      flash[:error] = flash_message_for(model_class.new, :not_found)
+      flash[:error] = Spree.t(:not_found)
       redirect_to collection_url
     end
 

app/controllers/admin/stripe_accounts_controller.rb

@@ -6,7 +6,7 @@ module Admin
   class StripeAccountsController < Spree::Admin::BaseController
     def connect
       payload = params.permit(:enterprise_id).to_h
-      key = Openfoodnetwork::Application.config.secret_token
+      key = Rails.application.secret_key_base
       url_params = { state: JWT.encode(payload, key, 'HS256'), scope: "read_write" }
       redirect_to Stripe::OAuth.authorize_url(url_params)
     end

app/controllers/admin/subscription_line_items_controller.rb

@@ -53,7 +53,9 @@ module Admin
       return unless @order_cycle
 
       fee_calculator = OpenFoodNetwork::EnterpriseFeeCalculator.new(@shop, @order_cycle)
+
       OpenFoodNetwork::ScopeVariantToHub.new(@shop).scope(@variant)
+
       @variant.price + fee_calculator.indexed_fees_for(@variant)
     end
 

app/controllers/admin/tag_rules_controller.rb

@@ -1,13 +1,47 @@
 # frozen_string_literal: true
 
 module Admin
-  class TagRulesController < Admin::ResourceController
+  class TagRulesController < Spree::Admin::BaseController
     respond_to :json
 
-    respond_override destroy: { json: {
-      success: lambda { head :no_content }
-    } }
+    def new
+      @index = params[:index]
+      @div_id = params[:div_id]
+      is_default = params[:is_default]
+      @customer_tags = params[:customer_tags]
 
+      status = :ok
+      if permitted_tag_rule_type.include?(params[:rule_type])
+        @default_rule = "TagRule::#{params[:rule_type]}".constantize.new(is_default:)
+      else
+        flash.now[:error] = t(".not_supported_type")
+        status = :internal_server_error
+      end
+
+      respond_with do |format|
+        format.turbo_stream { render :new, status: }
+      end
+    end
+
+    def destroy
+      @rule = TagRule.find(params[:id])
+      @index = params[:index]
+      authorize! :destroy, @rule
+
+      status = :ok
+      if @rule.destroy
+        flash[:success] = Spree.t(:successfully_removed, resource: Spree.t(:tag_rule))
+      else
+        flash.now[:error] = t(".destroy_error")
+        status = :internal_server_error
+      end
+
+      respond_to do |format|
+        format.turbo_stream { render :destroy, status: }
+      end
+    end
+
+    # Used by the tag input autocomplete
     def map_by_tag
       respond_to do |format|
         format.json do
@@ -17,6 +51,26 @@ module Admin
       end
     end
 
+    # Use to populate autocomplete with available rule for the given tag/enterprise
+    def variant_tag_rules
+      tag_rules =
+        TagRule.matching_variant_tag_rules_by_enterprises(params[:enterprise_id], params[:q])
+
+      @formatted_tag_rules = tag_rules.each_with_object({}) do |rule, mapping|
+        rule.preferred_variant_tags.split(",").each do |tag|
+          if mapping[tag]
+            mapping[tag][:rules] += 1
+          else
+            mapping[tag] = { tag:, rules: 1 }
+          end
+        end
+      end.values
+
+      respond_with do |format|
+        format.html { render :variant_tag_rules, layout: false }
+      end
+    end
+
     private
 
     def collection_actions
@@ -39,5 +93,13 @@ module Admin
         Enterprise.managed_by(spree_current_user)
       end
     end
+
+    def model_class
+      TagRule
+    end
+
+    def permitted_tag_rule_type
+      %w{FilterOrderCycles FilterPaymentMethods FilterProducts FilterShippingMethods FilterVariants}
+    end
   end
 end

app/controllers/admin/variant_overrides_controller.rb

@@ -7,7 +7,7 @@ module Admin
     include OpenFoodNetwork::SpreeApiKeyLoader
     include EnterprisesHelper
 
-    prepend_before_action :load_data
+    prepend_before_action :load_data, if: :spree_current_user
     before_action :load_collection, only: [:bulk_update]
     before_action :load_spree_api_key, only: :index
 
@@ -44,6 +44,8 @@ module Admin
     def load_data
       @hubs = OpenFoodNetwork::Permissions.new(spree_current_user).
         variant_override_hubs.by_name
+      # Only display the ones with inventory enabled
+      @hubs = @hubs.select { |p| helpers.feature?(:inventory, p) }
 
       # Used in JS to look up the name of the producer of each product
       @producers = OpenFoodNetwork::Permissions.new(spree_current_user).
@@ -70,7 +72,7 @@ module Admin
     end
 
     def load_collection
-      collection_hash = Hash[variant_overrides_params.each_with_index.map { |vo, i| [i, vo] }]
+      collection_hash = variant_overrides_params.each_with_index.to_h { |vo, i| [i, vo] }
 
       # Reset count_on_hand when switching to producer settings:
       collection_hash.each_value do |vo|

app/controllers/admin/vouchers_controller.rb

@@ -14,7 +14,7 @@ module Admin
       )
 
       if @voucher.save
-        flash[:success] = I18n.t(:successfully_created, resource: "Voucher")
+        flash[:success] = I18n.t(:successfully_created, resource: Spree.t(:voucher))
         redirect_to edit_admin_enterprise_path(@enterprise, anchor: :vouchers_panel)
       else
         render_error

app/controllers/api/v0/enterprises_controller.rb

@@ -43,7 +43,7 @@ module Api
         @enterprise = Enterprise.find_by(permalink: params[:id]) || Enterprise.find(params[:id])
         authorize! :update, @enterprise
 
-        if params[:logo] && @enterprise.update( logo: params[:logo] )
+        if params[:logo] && @enterprise.update!(logo: params[:logo])
           render(html: @enterprise.logo_url(:medium), status: :ok)
         elsif params[:promo] && @enterprise.update!( promo_image: params[:promo] )
           render(html: @enterprise.promo_image_url(:medium), status: :ok)

app/controllers/api/v0/exchange_products_controller.rb

@@ -7,6 +7,7 @@ module Api
   module V0
     class ExchangeProductsController < Api::V0::BaseController
       include PaginationData
+
       DEFAULT_PER_PAGE = 100
 
       skip_authorization_check only: [:index]