-
Notifications
You must be signed in to change notification settings - Fork 4.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use versioncake for versioning of API resources
Fixes #2209 * Unversion zones controller so it can be used with Versioncake for testing purposes * Zones controller using versioncake for versioning * Move other controllers so they make use of Versioncake * Rename all views to make use of Versioncake * No v2 of api yet
- Loading branch information
Showing
102 changed files
with
839 additions
and
876 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
module Spree | ||
module Api | ||
class AddressesController < Spree::Api::BaseController | ||
def show | ||
@address = Address.find(params[:id]) | ||
authorize! :read, @address | ||
end | ||
|
||
def update | ||
@address = Address.find(params[:id]) | ||
authorize! :read, @address | ||
@address.update_attributes(params[:address]) | ||
render :show, :status => 200 | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,111 @@ | ||
module Spree | ||
module Api | ||
class BaseController < ActionController::Metal | ||
include Spree::Api::ControllerSetup | ||
|
||
attr_accessor :current_api_user | ||
|
||
before_filter :set_content_type | ||
before_filter :check_for_api_key, :if => :requires_authentication? | ||
before_filter :authenticate_user | ||
after_filter :set_jsonp_format | ||
|
||
rescue_from CanCan::AccessDenied, :with => :unauthorized | ||
rescue_from ActiveRecord::RecordNotFound, :with => :not_found | ||
|
||
helper Spree::Api::ApiHelpers | ||
|
||
def set_jsonp_format | ||
if params[:callback] && request.get? | ||
self.response_body = "#{params[:callback]}(#{self.response_body})" | ||
headers["Content-Type"] = 'application/javascript' | ||
end | ||
end | ||
|
||
def map_nested_attributes_keys(klass, attributes) | ||
nested_keys = klass.nested_attributes_options.keys | ||
attributes.inject({}) do |h, (k,v)| | ||
key = nested_keys.include?(k.to_sym) ? "#{k}_attributes" : k | ||
h[key] = v | ||
h | ||
end.with_indifferent_access | ||
end | ||
|
||
private | ||
|
||
def set_content_type | ||
content_type = case params[:format] | ||
when "json" | ||
"application/json" | ||
when "xml" | ||
"text/xml" | ||
end | ||
headers["Content-Type"] = content_type | ||
end | ||
|
||
def check_for_api_key | ||
render "spree/api/errors/must_specify_api_key", :status => 401 and return if api_key.blank? | ||
end | ||
|
||
def authenticate_user | ||
if requires_authentication? || api_key.present? | ||
unless @current_api_user = Spree.user_class.find_by_spree_api_key(api_key) | ||
render "spree/api/errors/invalid_api_key", :status => 401 and return | ||
end | ||
else | ||
# Effectively, an anonymous user | ||
@current_api_user = Spree.user_class.new | ||
end | ||
end | ||
|
||
def unauthorized | ||
render "spree/api/errors/unauthorized", :status => 401 and return | ||
end | ||
|
||
def requires_authentication? | ||
Spree::Api::Config[:requires_authentication] | ||
end | ||
|
||
def not_found | ||
render "spree/api/errors/not_found", :status => 404 and return | ||
end | ||
|
||
def current_ability | ||
Spree::Ability.new(current_api_user) | ||
end | ||
|
||
def invalid_resource!(resource) | ||
@resource = resource | ||
render "spree/api/errors/invalid_resource", :status => 422 | ||
end | ||
|
||
def api_key | ||
request.headers["X-Spree-Token"] || params[:token] | ||
end | ||
helper_method :api_key | ||
|
||
def find_product(id) | ||
begin | ||
product_scope.find_by_permalink!(id.to_s) | ||
rescue ActiveRecord::RecordNotFound | ||
product_scope.find(id) | ||
end | ||
end | ||
|
||
def product_scope | ||
if current_api_user.has_spree_role?("admin") | ||
scope = Product | ||
unless params[:show_deleted] | ||
scope = scope.not_deleted | ||
end | ||
else | ||
scope = Product.active | ||
end | ||
|
||
scope.includes(:master) | ||
end | ||
|
||
end | ||
end | ||
end | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
module Spree | ||
module Api | ||
class CountriesController < Spree::Api::BaseController | ||
def index | ||
@countries = Country.ransack(params[:q]).result.includes(:states).order('name ASC') | ||
.page(params[:page]).per(params[:per_page]) | ||
end | ||
|
||
def show | ||
@country = Country.find(params[:id]) | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
module Spree | ||
module Api | ||
class ImagesController < Spree::Api::BaseController | ||
def show | ||
@image = Image.find(params[:id]) | ||
end | ||
|
||
def create | ||
authorize! :create, Image | ||
@image = Image.create(params[:image]) | ||
render :show, :status => 201 | ||
end | ||
|
||
def update | ||
authorize! :update, Image | ||
@image = Image.find(params[:id]) | ||
@image.update_attributes(params[:image]) | ||
render :show, :status => 200 | ||
end | ||
|
||
def destroy | ||
authorize! :delete, Image | ||
@image = Image.find(params[:id]) | ||
@image.destroy | ||
render :text => nil, :status => 204 | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
module Spree | ||
module Api | ||
class LineItemsController < Spree::Api::BaseController | ||
def create | ||
authorize! :read, order | ||
@line_item = order.line_items.build(params[:line_item], :as => :api) | ||
if @line_item.save | ||
render :show, :status => 201 | ||
else | ||
invalid_resource!(@line_item) | ||
end | ||
end | ||
|
||
def update | ||
authorize! :read, order | ||
@line_item = order.line_items.find(params[:id]) | ||
if @line_item.update_attributes(params[:line_item]) | ||
render :show | ||
else | ||
invalid_resource!(@line_item) | ||
end | ||
end | ||
|
||
def destroy | ||
authorize! :read, order | ||
@line_item = order.line_items.find(params[:id]) | ||
@line_item.destroy | ||
render :text => nil, :status => 204 | ||
end | ||
|
||
private | ||
|
||
def order | ||
@order ||= Order.find_by_number!(params[:order_id]) | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
module Spree | ||
module Api | ||
class OrdersController < Spree::Api::BaseController | ||
before_filter :authorize_read!, :except => [:index, :search, :create] | ||
|
||
def index | ||
# should probably look at turning this into a CanCan step | ||
raise CanCan::AccessDenied unless current_api_user.has_spree_role?("admin") | ||
@orders = Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page]) | ||
end | ||
|
||
def show | ||
end | ||
|
||
def create | ||
@order = Order.build_from_api(current_api_user, nested_params) | ||
next!(:status => 201) | ||
end | ||
|
||
def update | ||
authorize! :update, Order | ||
if order.update_attributes(nested_params) | ||
order.update! | ||
render :show | ||
else | ||
invalid_resource!(order) | ||
end | ||
end | ||
|
||
def address | ||
order.build_ship_address(params[:shipping_address]) if params[:shipping_address] | ||
order.build_bill_address(params[:billing_address]) if params[:billing_address] | ||
next! | ||
end | ||
|
||
def delivery | ||
begin | ||
ShippingMethod.find(params[:shipping_method_id]) | ||
rescue ActiveRecord::RecordNotFound | ||
render :invalid_shipping_method, :status => 422 | ||
else | ||
order.update_attribute(:shipping_method_id, params[:shipping_method_id]) | ||
next! | ||
end | ||
end | ||
|
||
def cancel | ||
order.cancel! | ||
render :show | ||
end | ||
|
||
def empty | ||
order.line_items.destroy_all | ||
order.update! | ||
render :text => nil, :status => 200 | ||
end | ||
|
||
private | ||
|
||
def nested_params | ||
map_nested_attributes_keys Order, params[:order] || {} | ||
end | ||
|
||
def order | ||
@order ||= Order.find_by_number!(params[:id]) | ||
end | ||
|
||
def next!(options={}) | ||
if @order.valid? && @order.next | ||
render :show, :status => options[:status] || 200 | ||
else | ||
render :could_not_transition, :status => 422 | ||
end | ||
end | ||
|
||
def authorize_read! | ||
authorize! :read, order | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
module Spree | ||
module Api | ||
class PaymentsController < Spree::Api::BaseController | ||
before_filter :find_order | ||
before_filter :find_payment, :only => [:show, :authorize, :purchase, :capture, :void, :credit] | ||
|
||
def index | ||
@payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page]) | ||
end | ||
|
||
def new | ||
@payment_methods = Spree::PaymentMethod.where(:environment => Rails.env) | ||
end | ||
|
||
def create | ||
@payment = @order.payments.build(params[:payment]) | ||
if @payment.save | ||
render :show, :status => 201 | ||
else | ||
invalid_resource!(@payment) | ||
end | ||
end | ||
|
||
def show | ||
end | ||
|
||
def authorize | ||
perform_payment_action(:authorize) | ||
end | ||
|
||
def capture | ||
perform_payment_action(:capture) | ||
end | ||
|
||
def purchase | ||
perform_payment_action(:purchase) | ||
end | ||
|
||
def void | ||
perform_payment_action(:void_transaction) | ||
end | ||
|
||
def credit | ||
if params[:amount].to_f > @payment.credit_allowed | ||
render "spree/api/payments/credit_over_limit", :status => 422 | ||
else | ||
perform_payment_action(:credit, params[:amount]) | ||
end | ||
end | ||
|
||
private | ||
|
||
def find_order | ||
@order = Order.find_by_number(params[:order_id]) | ||
authorize! :read, @order | ||
end | ||
|
||
def find_payment | ||
@payment = @order.payments.find(params[:id]) | ||
end | ||
|
||
def perform_payment_action(action, *args) | ||
authorize! action, Payment | ||
|
||
begin | ||
@payment.send("#{action}!", *args) | ||
render :show | ||
rescue Spree::Core::GatewayError => e | ||
@error = e.message | ||
render "spree/api/errors/gateway_error", :status => 422 | ||
end | ||
end | ||
end | ||
end | ||
end |
Oops, something went wrong.