Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Improved order association logic. New orders are no longer associated…

… with intermediate anonymous user before associating with the registered user. New orders are also now associated with the current guest user (so guest user can make back to back orders now.)
  • Loading branch information...
commit 3c0bdbb9b1d9ba081393ebfc5aacea29217d0cda 1 parent 7266628
@schof schof authored
View
6 auth/app/controllers/orders_controller_decorator.rb
@@ -4,11 +4,17 @@
before_filter :check_authorization
private
+
def store_guest
return if current_user
session[:guest_token] ||= @order.user.persistence_token
end
+ # Associate the new order with the currently authenticated user before saving
+ def before_save_new_order
+ @current_order.user = auth_user
+ end
+
def check_authorization
session[:guest_token] ||= params[:token]
order = current_order || Order.find_by_number(params[:id])
View
74 auth/spec/controllers/orders_controller_spec.rb
@@ -3,43 +3,70 @@
describe OrdersController do
let(:user) { mock_model User, :persistence_token => "foo", :has_role? => false }
- let(:order) { mock_model(Order, :user => user).as_null_object }
+ let(:guest_user) { mock_model User, :persistence_token => "guest_token", :has_role? => false }
it "should understand order routes with token" do
assert_routing("/orders/R123456/token/ABCDEF", {:controller => "orders", :action => "show", :id => "R123456", :token => "ABCDEF"})
token_order_path("R123456", "ABCDEF").should == "/orders/R123456/token/ABCDEF"
end
- context "for a new order" do
+ context "when no order exists in the session" do
+ let(:order) { Order.new }
+
+ before { Order.stub :new => order }
+
context "#populate" do
- before do
- controller.stub :authorize! => true
- Order.stub :create => order
- end
+ context "when authenticated as a guest" do
+ before { controller.stub :auth_user => guest_user }
- it "should check if user is authorized for :create" do
- controller.stub :current_user => user
- controller.should_receive(:authorize!).with(:create, Order)
- post :populate
+ it "should not create an anonymous user" do
+ User.should_not_receive :anonymous!
+ post :populate
+ end
+
+ it "should associate the new order with the registered user" do
+ post :populate
+ order.user.should == guest_user
+ end
end
- it "should store a guest token (for new guest order)" do
- controller.should_receive(:current_user).and_return(nil)
- post :populate
- session[:guest_token].should_not be_nil
+ context "when authenticated as a registered user" do
+ before { controller.stub :current_user => user }
+
+ it "should not create an anonymous user" do
+ User.should_not_receive :anonymous!
+ post :populate
+ session[:guest_token].should be_nil
+ end
+
+ it "should associate the new order with the registered user" do
+ post :populate
+ order.user.should == user
+ end
end
- it "should not store a guest token (for new registered user order)" do
- controller.stub :current_user => user
- post :populate
- session[:guest_token].should be_nil
+ context "when not authenticated" do
+ it "should create an anonymous user" do
+ User.should_receive(:anonymous!).and_return guest_user
+ post :populate
+ session[:guest_token].should == "guest_token"
+ end
+
+ it "should associate the new order with the anonymous user" do
+ User.stub :anonymous! => guest_user
+ #User.stub(:find_by_persistence_token).with('guest_token').and_return guest_user
+ #controller.stub :check_authorization => true
+ post :populate
+ order.user.should == guest_user
+ end
end
end
end
- context "for an existing order" do
+ context "when an order exists in the session" do
+ let(:order) { mock_model(Order, :user => user).as_null_object }
before do
controller.stub :current_order => order
@@ -58,13 +85,6 @@
controller.should_receive(:authorize!).with(:edit, order)
get :edit
end
- context "when order is anonymous" do
- it "should associate the order with an authenticated user" do
- user.stub :anonymous? => true
- order.should_receive(:associate_user!).with(user)
- get :edit
- end
- end
end
context "#update" do
@@ -84,6 +104,8 @@
end
context "when no authenticated user" do
+ let(:order) { mock_model(Order, :user => user).as_null_object }
+
context "#show" do
before { Order.stub :find_by_number => order }
View
10 core/lib/spree/current_order.rb
@@ -1,11 +1,19 @@
module Spree
module CurrentOrder
+
+ # This should be overridden by an auth-related extension which would then have the opporutnity to associate the new order with the
+ # current user before saving.
+ def before_save_new_order
+ end
+
# The current incomplete order from the session for use in cart and during checkout
def current_order(create_order_if_necessary = false)
return @current_order if @current_order
@current_order ||= Order.find_by_id(session[:order_id], :include => :adjustments)
if create_order_if_necessary and (@current_order.nil? or @current_order.completed?)
- @current_order = Order.create!
+ @current_order = Order.new
+ before_save_new_order
+ @current_order.save #create!
end
session[:order_id] = @current_order ? @current_order.id : nil
@current_order
Please sign in to comment.
Something went wrong with that request. Please try again.