From 78bb7c67e8e1f8b6a93cc3ed446806d12971188c Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Mon, 21 Nov 2022 12:52:29 +0100 Subject: [PATCH] remove old api tests --- doc/swagger.v1.yml | 1106 ----------------- spec/api/v1/order_articles_spec.rb | 59 - spec/api/v1/swagger_spec.rb | 284 ----- .../v1/user/financial_transactions_spec.rb | 109 -- spec/api/v1/user/group_order_articles_spec.rb | 220 ---- spec/api/v1/user/ordergroup_spec.rb | 55 - 6 files changed, 1833 deletions(-) delete mode 100644 doc/swagger.v1.yml delete mode 100644 spec/api/v1/order_articles_spec.rb delete mode 100644 spec/api/v1/swagger_spec.rb delete mode 100644 spec/api/v1/user/financial_transactions_spec.rb delete mode 100644 spec/api/v1/user/group_order_articles_spec.rb delete mode 100644 spec/api/v1/user/ordergroup_spec.rb diff --git a/doc/swagger.v1.yml b/doc/swagger.v1.yml deleted file mode 100644 index d8e793d3..00000000 --- a/doc/swagger.v1.yml +++ /dev/null @@ -1,1106 +0,0 @@ -swagger: '2.0' -info: - title: Foodsoft API v1 - version: '1.0.0' - description: > - [Foodsoft](https://github.com/foodcoops/foodsoft) is web-based software to manage - a non-profit food coop (product catalog, ordering, accounting, job scheduling). - - - This is a description of Foodsoft's API v1. - - - Note that each food cooperative typically has their own instance (on a shared - server or their own installation), and there are just as many APIs (if the Foodsoft - version is recent enough). - This API description points to the default development url with the default - Foodsoft scope - that would be [http://localhost:3000/f](http://localhost:3000/f). - - You may find the search parameters for index endpoints lacking. They are not - documented here, because there are too many combinations. For now, you'll need - to resort to [Ransack](https://github.com/activerecord-hackery/ransack) and - looking at Foodsoft's `ransackable_*` model class methods. -externalDocs: - description: General Foodsoft API documentation - url: https://github.com/foodcoops/foodsoft/blob/master/doc/API.md - -# development url with default scope -host: localhost:3000 -schemes: - - 'http' -basePath: /f/api/v1 - -produces: - - 'application/json' - -paths: - /user: - get: - summary: info about the currently logged-in user - tags: - - 1. User - responses: - 200: - description: success - schema: - type: object - properties: - user: - $ref: '#/definitions/User' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['user:read', 'user:write'] - - /user/financial_overview: - get: - summary: financial summary about the currently logged-in user - tags: - - 1. User - - 6. FinancialTransaction - responses: - 200: - description: success - schema: - type: object - properties: - financial_overview: - $ref: '#/definitions/FinanceOverview' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['finance:user'] - - /user/financial_transactions: - get: - summary: financial transactions of the member's ordergroup - tags: - - 1. User - - 6. FinancialTransaction - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - responses: - 200: - description: success - schema: - type: object - properties: - financial_transactions: - type: array - items: - $ref: '#/definitions/FinancialTransaction' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup or missing scope - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['finance:user'] - post: - summary: create new financial transaction (requires enabled self service) - tags: - - 1. User - - 6. FinancialTransaction - parameters: - - in: body - name: body - description: financial transaction to create - required: true - schema: - $ref: '#/definitions/FinancialTransactionForCreate' - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction: - $ref: '#/definitions/FinancialTransaction' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup, is below minimum balance, self service is disabled, or missing scope - schema: - $ref: '#/definitions/Error403' - 404: - description: financial transaction type not found - schema: - $ref: '#/definitions/Error404' - 422: - description: invalid parameter value - schema: - $ref: '#/definitions/Error422' - /user/financial_transactions/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find financial transaction by id - tags: - - 1. User - - 6. FinancialTransaction - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction: - $ref: '#/definitions/FinancialTransaction' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup or missing scope - schema: - $ref: '#/definitions/Error403' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['finance:user'] - - /user/group_order_articles: - get: - summary: group order articles - tags: - - 1. User - - 2. Order - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - - $ref: '#/parameters/q_ordered' - responses: - 200: - description: success - schema: - type: object - properties: - group_order_articles: - type: array - items: - $ref: '#/definitions/GroupOrderArticle' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup or missing scope - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['group_orders:user'] - post: - summary: create new group order article - tags: - - 1. User - - 2. Order - parameters: - - in: body - name: body - description: group order article to create - required: true - schema: - $ref: '#/definitions/GroupOrderArticleForCreate' - responses: - 200: - description: success - schema: - type: object - properties: - group_order_article: - $ref: '#/definitions/GroupOrderArticle' - order_article: - $ref: '#/definitions/OrderArticle' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup, order not open, is below minimum balance, has not enough apple points, or missing scope - schema: - $ref: '#/definitions/Error403' - 404: - description: order article not found in open orders - schema: - $ref: '#/definitions/Error404' - 422: - description: invalid parameter value or group order article already exists - schema: - $ref: '#/definitions/Error422' - /user/group_order_articles/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find group order article by id - tags: - - 1. User - - 2. Order - responses: - 200: - description: success - schema: - type: object - properties: - group_order_article: - $ref: '#/definitions/GroupOrderArticle' - order_article: - $ref: '#/definitions/OrderArticle' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup or missing scope - schema: - $ref: '#/definitions/Error403' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['group_orders:user'] - patch: - summary: update a group order article (but delete if quantity and tolerance are zero) - tags: - - 1. User - - 2. Order - parameters: - - $ref: '#/parameters/idInUrl' - - in: body - name: body - description: group order article update - required: true - schema: - $ref: '#/definitions/GroupOrderArticleForUpdate' - responses: - 200: - description: success - schema: - type: object - properties: - group_order_article: - $ref: '#/definitions/GroupOrderArticle' - order_article: - $ref: '#/definitions/OrderArticle' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup, order not open, is below minimum balance, has not enough apple points, or missing scope - schema: - $ref: '#/definitions/Error403' - 404: - description: order article not found in open orders - schema: - $ref: '#/definitions/Error404' - 422: - description: invalid parameter value - schema: - $ref: '#/definitions/Error422' - delete: - summary: remove group order article - tags: - - 1. User - - 2. Order - parameters: - - $ref: '#/parameters/idInUrl' - responses: - 200: - description: success - schema: - type: object - properties: - group_order_article: - $ref: '#/definitions/GroupOrderArticle' - order_article: - $ref: '#/definitions/OrderArticle' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: user has no ordergroup, order not open, is below minimum balance, has not enough apple points, or missing scope - schema: - $ref: '#/definitions/Error403' - 404: - description: order article not found in open orders - schema: - $ref: '#/definitions/Error404' - - /financial_transactions: - get: - summary: financial transactions - tags: - - 6. FinancialTransaction - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - responses: - 200: - description: success - schema: - type: object - properties: - financial_transactions: - type: array - items: - $ref: '#/definitions/FinancialTransaction' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['finance:read', 'finance:write'] - /financial_transactions/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find financial transaction by id - tags: - - 6. FinancialTransaction - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction: - $ref: '#/definitions/FinancialTransaction' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['finance:read', 'finance:write'] - /orders: - get: - summary: orders - tags: - - 2. Order - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - responses: - 200: - description: success - schema: - type: object - properties: - orders: - type: array - items: - $ref: '#/definitions/Order' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['orders:read', 'orders:write'] - /orders/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find order by id - tags: - - 2. Order - responses: - 200: - description: success - schema: - type: object - properties: - order: - $ref: '#/definitions/Order' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['orders:read', 'orders:write'] - /order_articles: - get: - summary: order articles - tags: - - 2. Order - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - - $ref: '#/parameters/q_ordered' - responses: - 200: - description: success - schema: - type: object - properties: - order_articles: - type: array - items: - $ref: '#/definitions/OrderArticle' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['group_orders:user'] - /order_articles/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find order article by id - tags: - - 2. Order - responses: - 200: - description: success - schema: - type: object - properties: - order_article: - $ref: '#/definitions/OrderArticle' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['orders:read', 'orders:write'] - /article_categories: - get: - summary: article categories - tags: - - 2. Category - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - responses: - 200: - description: success - schema: - type: object - properties: - article_categories: - type: array - items: - $ref: '#/definitions/ArticleCategory' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - - security: - - foodsoft_auth: ['all'] - /article_categories/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find article category by id - tags: - - 2. Category - responses: - 200: - description: success - schema: - type: object - properties: - article_category: - $ref: '#/definitions/ArticleCategory' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['all'] - - /financial_transaction_classes: - get: - summary: financial transaction classes - tags: - - 2. Category - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction_classes: - type: array - items: - $ref: '#/definitions/FinancialTransactionClass' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - - security: - - foodsoft_auth: ['all'] - /financial_transaction_classes/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find financial transaction class by id - tags: - - 2. Category - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction_class: - $ref: '#/definitions/FinancialTransactionClass' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['all'] - - /financial_transaction_types: - get: - summary: financial transaction types - tags: - - 2. Category - parameters: - - $ref: '#/parameters/page' - - $ref: '#/parameters/per_page' - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction_types: - type: array - items: - $ref: '#/definitions/FinancialTransactionType' - meta: - $ref: '#/definitions/Meta' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - - security: - - foodsoft_auth: ['all'] - /financial_transaction_types/{id}: - parameters: - - $ref: '#/parameters/idInUrl' - get: - summary: find financial transaction type by id - tags: - - 2. Category - responses: - 200: - description: success - schema: - type: object - properties: - financial_transaction_type: - $ref: '#/definitions/FinancialTransactionType' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 404: - description: not found - schema: - $ref: '#/definitions/Error404' - security: - - foodsoft_auth: ['all'] - - /config: - get: - summary: configuration variables - tags: - - 7. General - responses: - 200: - description: success - schema: - type: object - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - 403: - description: missing scope or no permission - schema: - $ref: '#/definitions/Error403' - security: - - foodsoft_auth: ['config:user', 'config:read', 'config:write'] - /navigation: - get: - summary: navigation - tags: - - 7. General - responses: - 200: - description: success - schema: - type: object - properties: - navigation: - $ref: '#/definitions/Navigation' - 401: - description: not logged-in - schema: - $ref: '#/definitions/Error401' - security: - - foodsoft_auth: [] - -parameters: - # url parameters - idInUrl: - name: id - type: integer - in: path - minimum: 1 - required: true - - # query parameters - page: - name: page - type: integer - in: query - description: page number - minimum: 0 - default: 0 - per_page: - name: per_page - type: integer - in: query - description: items per page - minimum: 0 - default: 20 - - # non-ransack query parameters - q_ordered: - name: q[ordered] - type: string - in: query - description: "'member' show articles ordered by the user's ordergroup, 'all' by all members, and 'supplier' ordered at the supplier" - enum: ['member', 'all', 'supplier'] - -definitions: - # models - User: - type: object - properties: - id: - type: integer - name: - type: string - description: full name - email: - type: string - description: email address - locale: - type: string - description: language code - required: ['id', 'name', 'email'] - - FinancialTransactionForCreate: - type: object - properties: - amount: - type: number - description: amount credited (negative for a debit transaction) - financial_transaction_type_id: - type: integer - description: id of the type of the transaction - note: - type: string - description: note entered with the transaction - required: ['amount', 'financial_transaction_type_id', 'note'] - FinancialTransaction: - allOf: - - $ref: '#/definitions/FinancialTransactionForCreate' - - type: object - properties: - id: - type: integer - user_id: - type: ['integer', 'null'] - description: id of user who entered the transaction (may be null for deleted users or 0 for a system user) - user_name: - type: ['string', 'null'] - description: name of user who entered the transaction (may be null or empty string for deleted users or system users) - financial_transaction_type_name: - type: string - description: name of the type of the transaction - created_at: - type: string - format: date-time - description: when the transaction was entered - required: ['id', 'user_id', 'user_name', 'financial_transaction_type_name', 'created_at'] - - FinancialTransactionClass: - type: object - properties: - id: - type: integer - name: - type: string - description: full name - required: ['id', 'name'] - - FinancialTransactionType: - type: object - properties: - id: - type: integer - name: - type: string - description: full name - name_short: - type: ['string', 'null'] - description: short name (used for bank transfers) - bank_account_id: - type: ['integer', 'null'] - description: id of the bank account used for this transaction type - bank_account_name: - type: ['string', 'null'] - description: name of the bank account used for this transaction type - bank_account_iban: - type: ['string', 'null'] - description: IBAN of the bank account used for this transaction type - financial_transaction_class_id: - type: integer - description: id of the class of the transaction - financial_transaction_class_name: - type: string - description: name of the class of the transaction - required: ['id', 'name', 'financial_transaction_class_id', 'financial_transaction_class_name'] - - FinanceOverview: - type: object - properties: - account_balance: - type: number - description: booked accout balance of ordergroup - available_funds: - type: number - description: fund available to order articles - financial_transaction_class_sums: - type: array - items: - type: object - properties: - id: - type: integer - description: id of the financial transaction class - name: - type: string - description: name of the financial transaction class - amount: - type: number - description: sum of the amounts belonging to the financial transaction class - required: ['id', 'name', 'amount'] - required: ['account_balance', 'available_funds', 'financial_transaction_class_sums'] - - ArticleCategory: - type: object - properties: - id: - type: integer - name: - type: string - required: ['id', 'name'] - - Order: - type: object - properties: - id: - type: integer - name: - type: string - description: name of the order's supplier (or stock) - starts: - type: string - format: date-time - description: when the order was opened - ends: - type: ['string', 'null'] - format: date-time - description: when the order will close or was closed - boxfill: - type: ['string', 'null'] - format: date-time - description: when the order will enter or entered the boxfill phase - pickup: - type: ['string', 'null'] - format: date - description: pickup date - is_open: - type: boolean - description: if the order is currently open or not - is_boxfill: - type: boolean - description: if the order is currently in the boxfill phase or not - - Article: - type: object - properties: - id: - type: integer - name: - type: string - supplier_id: - type: integer - description: id of supplier, or 0 for stock articles - supplier_name: - type: ['string', 'null'] - description: name of the supplier, or null for stock articles - unit: - type: string - description: amount of each unit, e.g. "100 g" or "kg" - unit_quantity: - type: integer - description: units can only be ordered from the supplier in multiples of unit_quantity - note: - type: ['string', 'null'] - description: generic note - manufacturer: - type: ['string', 'null'] - description: manufacturer - origin: - type: ['string', 'null'] - description: origin, preferably (starting with a) 2-letter ISO country code - article_category_id: - type: integer - description: id of article category - quantity_available: - type: integer - description: number of units available (only present on stock articles) - required: ['id', 'name', 'supplier_id', 'supplier_name', 'unit', 'unit_quantity', 'note', 'manufacturer', 'origin', 'article_category_id'] - - OrderArticle: - type: object - properties: - id: - type: integer - order_id: - type: integer - description: id of order this order article belongs to - price: - type: number - format: float - description: foodcoop price - quantity: - type: integer - description: number of units ordered by members - tolerance: - type: integer - description: number of extra units that members are willing to buy to fill a box - units_to_order: - type: integer - description: number of units to order from the supplier - article: - $ref: '#/definitions/Article' - - GroupOrderArticleForUpdate: - type: object - properties: - quantity: - type: integer - description: number of units ordered by the user's ordergroup - tolerance: - type: integer - description: number of extra units the user's ordergroup is willing to buy for filling a box - GroupOrderArticleForCreate: - allOf: - - $ref: '#/definitions/GroupOrderArticleForUpdate' - - type: object - properties: - order_article_id: - type: integer - description: id of order article - GroupOrderArticle: - allOf: - - $ref: '#/definitions/GroupOrderArticleForCreate' - - type: object - properties: - id: - type: integer - result: - type: number - format: float - description: number of units the user's ordergroup will receive or has received - total_price: - type: number - format: float - description: total price of this group order article - - Navigation: - type: array - items: - type: object - properties: - name: - type: string - description: title - url: - type: string - description: link - items: - $ref: '#/definitions/Navigation' - required: ['name'] - minProperties: 2 # name+url or name+items - - # collection meta object in root of a response - Meta: - type: object - properties: - page: - type: integer - description: page number of the returned collection - per_page: - type: integer - description: number of items per page - total_pages: - type: integer - description: total number of pages - total_count: - type: integer - description: total number of items in the collection - required: ['page', 'per_page', 'total_pages', 'total_count'] - - Error: - type: object - properties: - error: - type: string - description: error code - error_description: - type: string - description: human-readable error message (localized) - Error404: - type: object - properties: - error: - type: string - description: 'not_found' - error_description: - $ref: '#/definitions/Error/properties/error_description' - Error401: - type: object - properties: - error: - type: string - description: 'unauthorized' - error_description: - $ref: '#/definitions/Error/properties/error_description' - Error403: - type: object - properties: - error: - type: string - description: 'forbidden or invalid_scope' - error_description: - $ref: '#/definitions/Error/properties/error_description' - Error422: - type: object - properties: - error: - type: string - description: unprocessable entity - error_description: - $ref: '#/definitions/Error/properties/error_description' - - -securityDefinitions: - foodsoft_auth: - type: oauth2 - flow: implicit - authorizationUrl: http://localhost:3000/f/oauth/authorize - scopes: - config:user: reading Foodsoft configuration for regular users - config:read: reading Foodsoft configuration values - config:write: reading and updating Foodsoft configuration values - finance:user: accessing your own financial transactions - finance:read: reading all financial transactions - finance:write: reading and creating financial transactions - user:read: reading your own user profile - user:write: reading and updating your own user profile - offline_access: retain access after user has logged out diff --git a/spec/api/v1/order_articles_spec.rb b/spec/api/v1/order_articles_spec.rb deleted file mode 100644 index e65867db..00000000 --- a/spec/api/v1/order_articles_spec.rb +++ /dev/null @@ -1,59 +0,0 @@ -require 'spec_helper' - -# Most routes are tested in the swagger_spec, this tests (non-ransack) parameters. -describe Api::V1::OrderArticlesController, type: :controller do - include ApiOAuth - let(:api_scopes) { ['orders:read'] } - - let(:json_order_articles) { json_response['order_articles'] } - let(:json_order_article_ids) { json_order_articles.map { |joa| joa["id"] } } - - describe "GET :index" do - context "with param q[ordered]" do - let(:order) { create(:order, article_count: 4) } - let(:order_articles) { order.order_articles } - - before do - order_articles[0].update!(quantity: 0, tolerance: 0, units_to_order: 0) - order_articles[1].update!(quantity: 1, tolerance: 0, units_to_order: 0) - order_articles[2].update!(quantity: 0, tolerance: 1, units_to_order: 0) - order_articles[3].update!(quantity: 0, tolerance: 0, units_to_order: 1) - end - - it "(unset)" do - get :index, params: { foodcoop: 'f' } - expect(json_order_articles.count).to eq 4 - end - - it "all" do - get :index, params: { foodcoop: 'f', q: { ordered: 'all' } } - expect(json_order_article_ids).to match_array order_articles[1..2].map(&:id) - end - - it "supplier" do - get :index, params: { foodcoop: 'f', q: { ordered: 'supplier' } } - expect(json_order_article_ids).to match_array [order_articles[3].id] - end - - it "member" do - get :index, params: { foodcoop: 'f', q: { ordered: 'member' } } - expect(json_order_articles.count).to eq 0 - end - - context "when ordered by user" do - let(:user) { create(:user, :ordergroup) } - let(:go) { create(:group_order, order: order, ordergroup: user.ordergroup) } - - before do - create(:group_order_article, group_order: go, order_article: order_articles[1], quantity: 1) - create(:group_order_article, group_order: go, order_article: order_articles[2], tolerance: 0) - end - - it "member" do - get :index, params: { foodcoop: 'f', q: { ordered: 'member' } } - expect(json_order_article_ids).to match_array order_articles[1..2].map(&:id) - end - end - end - end -end diff --git a/spec/api/v1/swagger_spec.rb b/spec/api/v1/swagger_spec.rb deleted file mode 100644 index 5202af83..00000000 --- a/spec/api/v1/swagger_spec.rb +++ /dev/null @@ -1,284 +0,0 @@ -require 'spec_helper' -require 'apivore' - -# we want to load a local file in YAML-format instead of a served JSON file -class SwaggerCheckerFile < Apivore::SwaggerChecker - def fetch_swagger! - YAML.load(File.read(swagger_path)) - end -end - -describe 'API v1', :skip, type: :apivore, order: :defined do - include ApiHelper - - subject { SwaggerCheckerFile.instance_for Rails.root.join('doc', 'swagger.v1.yml') } - - context 'has valid paths' do - # context 'user' do - # let(:api_scopes) { ['user:read'] } - # # create multiple users to make sure we're getting the authenticated user, not just any - # let!(:other_user_1) { create :user } - # let!(:user) { create :user } - # let!(:other_user_2) { create :user } - - # it { is_expected.to validate(:get, '/user', 200, api_auth) } - # it { is_expected.to validate(:get, '/user', 401) } - - # # it_handles_invalid_token_and_scope(:get, '/user') - # end - - context 'user/financial_overview' do - let(:api_scopes) { ['finance:user'] } - let!(:user) { create :user, :ordergroup } - - it { is_expected.to validate(:get, '/user/financial_overview', 200, api_auth) } - it { is_expected.to validate(:get, '/user/financial_overview', 401) } - - # it_handles_invalid_token_and_scope(:get, '/user/financial_overview') - end - - context 'user/financial_transactions' do - let(:api_scopes) { ['finance:user'] } - let(:other_user) { create :user, :ordergroup } - let!(:other_ft_1) { create :financial_transaction, ordergroup: other_user.ordergroup } - - context 'without ordergroup' do - it { is_expected.to validate(:get, '/user/financial_transactions', 403, api_auth) } - it { is_expected.to validate(:get, '/user/financial_transactions/{id}', 403, api_auth({ 'id' => other_ft_1.id })) } - end - - context 'with ordergroup' do - let(:user) { create :user, :ordergroup } - let!(:ft_1) { create :financial_transaction, ordergroup: user.ordergroup } - let!(:ft_2) { create :financial_transaction, ordergroup: user.ordergroup } - let!(:ft_3) { create :financial_transaction, ordergroup: user.ordergroup } - - let(:create_params) { { '_data' => { financial_transaction: { amount: 1, financial_transaction_type_id: ft_1.financial_transaction_type.id, note: 'note' } } } } - - it { is_expected.to validate(:get, '/user/financial_transactions', 200, api_auth) } - it { is_expected.to validate(:get, '/user/financial_transactions/{id}', 200, api_auth({ 'id' => ft_2.id })) } - it { is_expected.to validate(:get, '/user/financial_transactions/{id}', 404, api_auth({ 'id' => other_ft_1.id })) } - it { is_expected.to validate(:get, '/user/financial_transactions/{id}', 404, api_auth({ 'id' => FinancialTransaction.last.id + 1 })) } - - context 'without using self service' do - it { is_expected.to validate(:post, '/user/financial_transactions', 403, api_auth(create_params)) } - end - - context 'with using self service' do - before { FoodsoftConfig[:use_self_service] = true } - - it { is_expected.to validate(:post, '/user/financial_transactions', 200, api_auth(create_params)) } - - context 'with invalid financial transaction type' do - let(:create_params) { { '_data' => { financial_transaction: { amount: 1, financial_transaction_type_id: -1, note: 'note' } } } } - - it { is_expected.to validate(:post, '/user/financial_transactions', 404, api_auth(create_params)) } - end - - context 'without note' do - let(:create_params) { { '_data' => { financial_transaction: { amount: 1, financial_transaction_type_id: ft_1.financial_transaction_type.id } } } } - - it { is_expected.to validate(:post, '/user/financial_transactions', 422, api_auth(create_params)) } - end - - context 'without enough balance' do - before { FoodsoftConfig[:minimum_balance] = 1000 } - - it { is_expected.to validate(:post, '/user/financial_transactions', 403, api_auth(create_params)) } - end - end - - # it_handles_invalid_token_and_scope(:get, '/user/financial_transactions') - # it_handles_invalid_token_and_scope(:post, '/user/financial_transactions', -> { api_auth(create_params) }) - # it_handles_invalid_token_and_scope(:get, '/user/financial_transactions/{id}', -> { api_auth('id' => ft_2.id) }) - end - end - - context 'user/group_order_articles' do - let(:api_scopes) { ['group_orders:user'] } - let(:order) { create(:order, article_count: 2) } - - let(:user_2) { create :user, :ordergroup } - let(:group_order_2) { create(:group_order, order: order, ordergroup: user_2.ordergroup) } - let!(:goa_2) { create :group_order_article, order_article: order.order_articles[0], group_order: group_order_2 } - - before { group_order_2.update_price!; user_2.ordergroup.update_stats! } - - context 'without ordergroup' do - it { is_expected.to validate(:get, '/user/group_order_articles', 403, api_auth) } - it { is_expected.to validate(:get, '/user/group_order_articles/{id}', 403, api_auth({ 'id' => goa_2.id })) } - end - - context 'with ordergroup' do - let(:user) { create :user, :ordergroup } - let(:update_params) { { 'id' => goa.id, '_data' => { group_order_article: { quantity: goa.quantity + 1, tolerance: 0 } } } } - let(:create_params) { { '_data' => { group_order_article: { order_article_id: order.order_articles[1].id, quantity: 1 } } } } - let(:group_order) { create(:group_order, order: order, ordergroup: user.ordergroup) } - let!(:goa) { create :group_order_article, order_article: order.order_articles[0], group_order: group_order } - - before { group_order.update_price!; user.ordergroup.update_stats! } - - it { is_expected.to validate(:get, '/user/group_order_articles', 200, api_auth) } - it { is_expected.to validate(:get, '/user/group_order_articles/{id}', 200, api_auth({ 'id' => goa.id })) } - it { is_expected.to validate(:get, '/user/group_order_articles/{id}', 404, api_auth({ 'id' => goa_2.id })) } - it { is_expected.to validate(:get, '/user/group_order_articles/{id}', 404, api_auth({ 'id' => GroupOrderArticle.last.id + 1 })) } - - it { is_expected.to validate(:post, '/user/group_order_articles', 200, api_auth(create_params)) } - it { is_expected.to validate(:patch, '/user/group_order_articles/{id}', 200, api_auth(update_params)) } - it { is_expected.to validate(:delete, '/user/group_order_articles/{id}', 200, api_auth({ 'id' => goa.id })) } - - context 'with an existing group_order_article' do - let(:create_params) { { '_data' => { group_order_article: { order_article_id: order.order_articles[0].id, quantity: 1 } } } } - - it { is_expected.to validate(:post, '/user/group_order_articles', 422, api_auth(create_params)) } - end - - context 'with invalid parameter values' do - let(:create_params) { { '_data' => { group_order_article: { order_article_id: order.order_articles[0].id, quantity: -1 } } } } - let(:update_params) { { 'id' => goa.id, '_data' => { group_order_article: { quantity: -1, tolerance: 0 } } } } - - it { is_expected.to validate(:post, '/user/group_order_articles', 422, api_auth(create_params)) } - it { is_expected.to validate(:patch, '/user/group_order_articles/{id}', 422, api_auth(update_params)) } - end - - context 'with a closed order' do - let(:order) { create(:order, article_count: 2, state: :finished) } - - it { is_expected.to validate(:post, '/user/group_order_articles', 404, api_auth(create_params)) } - it { is_expected.to validate(:patch, '/user/group_order_articles/{id}', 404, api_auth(update_params)) } - it { is_expected.to validate(:delete, '/user/group_order_articles/{id}', 404, api_auth({ 'id' => goa.id })) } - end - - context 'without enough balance' do - before { FoodsoftConfig[:minimum_balance] = 1000 } - - it { is_expected.to validate(:post, '/user/group_order_articles', 403, api_auth(create_params)) } - it { is_expected.to validate(:patch, '/user/group_order_articles/{id}', 403, api_auth(update_params)) } - it { is_expected.to validate(:delete, '/user/group_order_articles/{id}', 200, api_auth({ 'id' => goa.id })) } - end - - context 'without enough apple points' do - before { allow_any_instance_of(Ordergroup).to receive(:not_enough_apples?).and_return(true) } - - it { is_expected.to validate(:post, '/user/group_order_articles', 403, api_auth(create_params)) } - it { is_expected.to validate(:patch, '/user/group_order_articles/{id}', 403, api_auth(update_params)) } - it { is_expected.to validate(:delete, '/user/group_order_articles/{id}', 200, api_auth({ 'id' => goa.id })) } - end - - # it_handles_invalid_token_and_scope(:get, '/user/group_order_articles') - # it_handles_invalid_token_and_scope(:post, '/user/group_order_articles', -> { api_auth(create_params) }) - # it_handles_invalid_token_and_scope(:get, '/user/group_order_articles/{id}', -> { api_auth({ 'id' => goa.id }) }) - # it_handles_invalid_token_and_scope(:patch, '/user/group_order_articles/{id}', -> { api_auth(update_params) }) - # it_handles_invalid_token_and_scope(:delete, '/user/group_order_articles/{id}', -> { api_auth({ 'id' => goa.id }) }) - end - end - - context 'config' do - let(:api_scopes) { ['config:user'] } - - it { is_expected.to validate(:get, '/config', 200, api_auth) } - it { is_expected.to validate(:get, '/config', 401) } - - # it_handles_invalid_token_and_scope(:get, '/config') - end - - context 'navigation' do - it { is_expected.to validate(:get, '/navigation', 200, api_auth) } - it { is_expected.to validate(:get, '/navigation', 401) } - - # #it_handles_invalid_token(:get, '/navigation') - end - - context 'financial_transactions' do - let(:api_scopes) { ['finance:read'] } - let(:user) { create(:user, :role_finance) } - let(:other_user) { create :user, :ordergroup } - let!(:ft_1) { create :financial_transaction, ordergroup: other_user.ordergroup } - let!(:ft_2) { create :financial_transaction, ordergroup: other_user.ordergroup } - - it { is_expected.to validate(:get, '/financial_transactions', 200, api_auth) } - it { is_expected.to validate(:get, '/financial_transactions/{id}', 200, api_auth({ 'id' => ft_2.id })) } - it { is_expected.to validate(:get, '/financial_transactions/{id}', 404, api_auth({ 'id' => FinancialTransaction.last.id + 1 })) } - - context 'without role_finance' do - let(:user) { create(:user) } - - it { is_expected.to validate(:get, '/financial_transactions', 403, api_auth) } - it { is_expected.to validate(:get, '/financial_transactions/{id}', 403, api_auth({ 'id' => ft_2.id })) } - end - - # it_handles_invalid_token_and_scope(:get, '/financial_transactions') - # it_handles_invalid_token_and_scope(:get, '/financial_transactions/{id}', -> { api_auth({ 'id' => ft_2.id }) }) - end - - context 'financial_transaction_classes' do - let!(:cla_1) { create :financial_transaction_class } - let!(:cla_2) { create :financial_transaction_class } - - it { is_expected.to validate(:get, '/financial_transaction_classes', 200, api_auth) } - it { is_expected.to validate(:get, '/financial_transaction_classes/{id}', 200, api_auth({ 'id' => cla_2.id })) } - it { is_expected.to validate(:get, '/financial_transaction_classes/{id}', 404, api_auth({ 'id' => cla_2.id + 1 })) } - - #it_handles_invalid_token(:get, '/financial_transaction_classes') - #it_handles_invalid_token(:get, '/financial_transaction_classes/{id}', -> { api_auth({ 'id' => cla_1.id }) }) - end - - context 'financial_transaction_types' do - let!(:tpy_1) { create :financial_transaction_type } - let!(:tpy_2) { create :financial_transaction_type } - - it { is_expected.to validate(:get, '/financial_transaction_types', 200, api_auth) } - it { is_expected.to validate(:get, '/financial_transaction_types/{id}', 200, api_auth({ 'id' => tpy_2.id })) } - it { is_expected.to validate(:get, '/financial_transaction_types/{id}', 404, api_auth({ 'id' => tpy_2.id + 1 })) } - - ##it_handles_invalid_token(:get, '/financial_transaction_types') - ##it_handles_invalid_token(:get, '/financial_transaction_types/{id}', -> { api_auth({ 'id' => tpy_1.id }) }) - end - - context 'orders' do - let(:api_scopes) { ['orders:read'] } - let!(:order) { create :order } - - it { is_expected.to validate(:get, '/orders', 200, api_auth) } - it { is_expected.to validate(:get, '/orders/{id}', 200, api_auth({ 'id' => order.id })) } - it { is_expected.to validate(:get, '/orders/{id}', 404, api_auth({ 'id' => Order.last.id + 1 })) } - - # #it_handles_invalid_token_and_scope(:get, '/orders') - # #it_handles_invalid_token_and_scope(:get, '/orders/{id}', -> { api_auth({ 'id' => order.id }) }) - end - - context 'order_articles' do - let(:api_scopes) { ['orders:read'] } - let!(:order_article) { create(:order, article_count: 1).order_articles.first } - let!(:stock_article) { create(:stock_article) } - let!(:stock_order_article) { create(:stock_order, article_ids: [stock_article.id]).order_articles.first } - - it { is_expected.to validate(:get, '/order_articles', 200, api_auth) } - it { is_expected.to validate(:get, '/order_articles/{id}', 200, api_auth({ 'id' => order_article.id })) } - it { is_expected.to validate(:get, '/order_articles/{id}', 200, api_auth({ 'id' => stock_order_article.id })) } - it { is_expected.to validate(:get, '/order_articles/{id}', 404, api_auth({ 'id' => Article.last.id + 1 })) } - - # it_handles_invalid_token_and_scope(:get, '/order_articles') - # it_handles_invalid_token_and_scope(:get, '/order_articles/{id}', -> { api_auth({ 'id' => order_article.id }) }) - end - - context 'article_categories' do - let!(:cat_1) { create :article_category } - let!(:cat_2) { create :article_category } - - it { is_expected.to validate(:get, '/article_categories', 200, api_auth) } - it { is_expected.to validate(:get, '/article_categories/{id}', 200, api_auth({ 'id' => cat_2.id })) } - it { is_expected.to validate(:get, '/article_categories/{id}', 404, api_auth({ 'id' => cat_2.id + 1 })) } - - #it_handles_invalid_token(:get, '/article_categories') - #it_handles_invalid_token(:get, '/article_categories/{id}', -> { api_auth({ 'id' => cat_1.id }) }) - end - end - - # needs to be last context so it is always run at the end - context 'and finally' do - it 'tests all documented routes' do - is_expected.to validate_all_paths - end - end -end diff --git a/spec/api/v1/user/financial_transactions_spec.rb b/spec/api/v1/user/financial_transactions_spec.rb deleted file mode 100644 index c7e8f826..00000000 --- a/spec/api/v1/user/financial_transactions_spec.rb +++ /dev/null @@ -1,109 +0,0 @@ -require 'spec_helper' - -# Most routes are tested in the swagger_spec, this tests endpoints that change data. -describe Api::V1::User::FinancialTransactionsController, type: :controller do - include ApiOAuth - let(:user) { create(:user, :ordergroup) } - let(:api_scopes) { ['finance:user'] } - - let(:ftc1) { create :financial_transaction_class } - let(:ftc2) { create :financial_transaction_class } - let(:ftt1) { create :financial_transaction_type, financial_transaction_class: ftc1 } - let(:ftt2) { create :financial_transaction_type, financial_transaction_class: ftc2 } - let(:ftt3) { create :financial_transaction_type, financial_transaction_class: ftc2 } - - let(:amount) { rand(-100..100) } - let(:note) { Faker::Lorem.sentence } - - let(:json_ft) { json_response['financial_transaction'] } - - shared_examples "financial_transactions endpoint success" do - before { request } - - it "returns status 200" do - expect(response).to have_http_status :ok - end - end - - shared_examples "financial_transactions create/update success" do - include_examples "financial_transactions endpoint success" - - it "returns the financial_transaction" do - expect(json_ft['id']).to be_present - expect(json_ft['financial_transaction_type_id']).to eq ftt1.id - expect(json_ft['financial_transaction_type_name']).to eq ftt1.name - expect(json_ft['amount']).to eq amount - expect(json_ft['note']).to eq note - expect(json_ft['user_id']).to eq user.id - end - - it "updates the financial_transaction" do - resulting_ft = FinancialTransaction.where(id: json_ft['id']).first - expect(resulting_ft).to be_present - expect(resulting_ft.financial_transaction_type).to eq ftt1 - expect(resulting_ft.amount).to eq amount - expect(resulting_ft.note).to eq note - expect(resulting_ft.user).to eq user - end - end - - shared_examples "financial_transactions endpoint failure" do |status| - it "returns status #{status}" do - request - expect(response.status).to eq status - end - - it "does not change the ordergroup" do - expect { request }.to_not change { - user.ordergroup.attributes - } - end - - it "does not change the financial_transactions of ordergroup" do - expect { request }.to_not change { - user.ordergroup.financial_transactions.count - } - end - end - - describe "POST :create" do - let(:ft_params) { { amount: amount, financial_transaction_type_id: ftt1.id, note: note } } - let(:request) { post :create, params: { financial_transaction: ft_params, foodcoop: 'f' } } - - context 'without using self service' do - include_examples "financial_transactions endpoint failure", 403 - end - - context 'with using self service' do - before { FoodsoftConfig[:use_self_service] = true } - - context "with no existing financial transaction" do - include_examples "financial_transactions create/update success" - end - - context "with existing financial transaction" do - before { user.ordergroup.add_financial_transaction! 5000, 'for ordering', user, ftt3 } - - include_examples "financial_transactions create/update success" - end - - context "with invalid financial transaction type" do - let(:ft_params) { { amount: amount, financial_transaction_type_id: -1, note: note } } - - include_examples "financial_transactions endpoint failure", 404 - end - - context "without note" do - let(:ft_params) { { amount: amount, financial_transaction_type_id: ftt1.id } } - - include_examples "financial_transactions endpoint failure", 422 - end - - context 'without enough balance' do - before { FoodsoftConfig[:minimum_balance] = 1000 } - - include_examples "financial_transactions endpoint failure", 403 - end - end - end -end diff --git a/spec/api/v1/user/group_order_articles_spec.rb b/spec/api/v1/user/group_order_articles_spec.rb deleted file mode 100644 index 3bfa299e..00000000 --- a/spec/api/v1/user/group_order_articles_spec.rb +++ /dev/null @@ -1,220 +0,0 @@ -require 'spec_helper' - -# Most routes are tested in the swagger_spec, this tests endpoints that change data. -describe Api::V1::User::GroupOrderArticlesController, type: :controller do - include ApiOAuth - let(:user) { create(:user, :ordergroup) } - let(:json_goa) { json_response['group_order_article'] } - let(:json_oa) { json_response['order_article'] } - let(:api_scopes) { ['group_orders:user'] } - - let(:order) { create(:order, article_count: 1) } - let(:oa_1) { order.order_articles.first } - - let(:other_quantity) { rand(1..10) } - let(:other_tolerance) { rand(1..10) } - let(:user_other) { create(:user, :ordergroup) } - let!(:go_other) { create(:group_order, order: order, ordergroup: user_other.ordergroup) } - let!(:goa_other) { create(:group_order_article, group_order: go_other, order_article: oa_1, quantity: other_quantity, tolerance: other_tolerance) } - - before { go_other.update_price!; user_other.ordergroup.update_stats! } - - shared_examples "group_order_articles endpoint success" do - before { request } - - it "returns status 200" do - expect(response).to have_http_status :ok - end - - it "returns the order_article" do - expect(json_oa['id']).to eq oa_1.id - expect(json_oa['quantity']).to eq new_quantity + other_quantity - expect(json_oa['tolerance']).to eq new_tolerance + other_tolerance - end - - it "updates the group_order" do - go = nil - expect { - request - go = user.ordergroup.group_orders.where(order: order).last - }.to change { go&.updated_by }.to(user) - .and change { go&.price } - end - end - - shared_examples "group_order_articles create/update success" do - include_examples "group_order_articles endpoint success" - - it "returns the group_order_article" do - expect(json_goa['id']).to be_present - expect(json_goa['order_article_id']).to eq oa_1.id - expect(json_goa['quantity']).to eq new_quantity - expect(json_goa['tolerance']).to eq new_tolerance - end - - it "updates the group_order_article" do - resulting_goa = GroupOrderArticle.where(id: json_goa['id']).first - expect(resulting_goa).to be_present - expect(resulting_goa.quantity).to eq new_quantity - expect(resulting_goa.tolerance).to eq new_tolerance - end - end - - shared_examples "group_order_articles endpoint failure" do |status| - it "returns status #{status}" do - request - expect(response.status).to eq status - end - - it "does not change the group_order" do - expect { request }.to_not change { - go = user.ordergroup.group_orders.where(order: order).last - go&.attributes - } - end - - it "does not change the group_order_article" do - expect { request }.to_not change { - goa = GroupOrderArticle.joins(:group_order) - .where(order_article_id: oa_1.id, group_orders: { ordergroup: user.ordergroup }).last - goa&.attributes - } - end - end - - describe "POST :create" do - let(:new_quantity) { rand(1..10) } - let(:new_tolerance) { rand(1..10) } - - let(:goa_params) { { order_article_id: oa_1.id, quantity: new_quantity, tolerance: new_tolerance } } - let(:request) { post :create, params: { group_order_article: goa_params, foodcoop: 'f' } } - - context "with no existing group_order" do - include_examples "group_order_articles create/update success" - end - - context "with an existing group_order" do - let!(:go) { create(:group_order, order: order, ordergroup: user.ordergroup) } - - include_examples "group_order_articles create/update success" - end - - context "with an existing group_order_article" do - let!(:go) { create(:group_order, order: order, ordergroup: user.ordergroup) } - let!(:goa) { create(:group_order_article, group_order: go, order_article: oa_1, quantity: 0, tolerance: 1) } - - before { go.update_price!; user.ordergroup.update_stats! } - - include_examples "group_order_articles endpoint failure", 422 - end - - context "with invalid parameter values" do - let(:goa_params) { { order_article_id: oa_1.id, quantity: -1, tolerance: new_tolerance } } - - include_examples "group_order_articles endpoint failure", 422 - end - - context 'with a closed order' do - let(:order) { create(:order, article_count: 1, state: :finished) } - - include_examples "group_order_articles endpoint failure", 404 - end - - context 'without enough balance' do - before { FoodsoftConfig[:minimum_balance] = 1000 } - - include_examples "group_order_articles endpoint failure", 403 - end - - context 'without enough apple points' do - before { allow_any_instance_of(Ordergroup).to receive(:not_enough_apples?).and_return(true) } - - include_examples "group_order_articles endpoint failure", 403 - end - end - - describe "PATCH :update" do - let(:new_quantity) { rand(2..10) } - let(:goa_params) { { quantity: new_quantity, tolerance: new_tolerance } } - let(:request) { patch :update, params: { id: goa.id, group_order_article: goa_params, foodcoop: 'f' } } - let(:new_tolerance) { rand(2..10) } - - let!(:go) { create(:group_order, order: order, ordergroup: user.ordergroup) } - let!(:goa) { create(:group_order_article, group_order: go, order_article: oa_1, quantity: 1, tolerance: 0) } - - before { go.update_price!; user.ordergroup.update_stats! } - - context "happy flow" do - include_examples "group_order_articles create/update success" - end - - context "with invalid parameter values" do - let(:goa_params) { { order_article_id: oa_1.id, quantity: -1, tolerance: new_tolerance } } - - include_examples "group_order_articles endpoint failure", 422 - end - - context 'with a closed order' do - let(:order) { create(:order, article_count: 1, state: :finished) } - - include_examples "group_order_articles endpoint failure", 404 - end - - context 'without enough balance' do - before { FoodsoftConfig[:minimum_balance] = 1000 } - - include_examples "group_order_articles endpoint failure", 403 - end - - context 'without enough apple points' do - before { allow_any_instance_of(Ordergroup).to receive(:not_enough_apples?).and_return(true) } - - include_examples "group_order_articles endpoint failure", 403 - end - end - - describe "DELETE :destroy" do - let(:new_quantity) { 0 } - let(:request) { delete :destroy, params: { id: goa.id, foodcoop: 'f' } } - let(:new_tolerance) { 0 } - - let!(:go) { create(:group_order, order: order, ordergroup: user.ordergroup) } - let!(:goa) { create(:group_order_article, group_order: go, order_article: oa_1) } - - before { go.update_price!; user.ordergroup.update_stats! } - - shared_examples "group_order_articles destroy success" do - include_examples "group_order_articles endpoint success" - - it "does not return the group_order_article" do - expect(json_goa).to be_nil - end - - it "deletes the group_order_article" do - expect(GroupOrderArticle.where(id: goa.id)).to be_empty - end - end - - context "happy flow" do - include_examples "group_order_articles destroy success" - end - - context 'with a closed order' do - let(:order) { create(:order, article_count: 1, state: :finished) } - - include_examples "group_order_articles endpoint failure", 404 - end - - context 'without enough balance' do - before { FoodsoftConfig[:minimum_balance] = 1000 } - - include_examples "group_order_articles destroy success" - end - - context 'without enough apple points' do - before { allow_any_instance_of(Ordergroup).to receive(:not_enough_apples?).and_return(true) } - - include_examples "group_order_articles destroy success" - end - end -end diff --git a/spec/api/v1/user/ordergroup_spec.rb b/spec/api/v1/user/ordergroup_spec.rb deleted file mode 100644 index 5eacb63e..00000000 --- a/spec/api/v1/user/ordergroup_spec.rb +++ /dev/null @@ -1,55 +0,0 @@ -require 'spec_helper' - -describe Api::V1::User::OrdergroupController, type: :controller do - include ApiOAuth - let(:user) { create :user, :ordergroup } - let(:api_scopes) { ['finance:user'] } - - let(:ftc1) { create :financial_transaction_class } - let(:ftc2) { create :financial_transaction_class } - let(:ftt1) { create :financial_transaction_type, financial_transaction_class: ftc1 } - let(:ftt2) { create :financial_transaction_type, financial_transaction_class: ftc2 } - let(:ftt3) { create :financial_transaction_type, financial_transaction_class: ftc2 } - - describe "GET :financial_overview" do - let(:order) { create(:order, article_count: 1) } - let(:json_financial_overview) { json_response['financial_overview'] } - let(:oa_1) { order.order_articles.first } - - let!(:go) { create(:group_order, order: order, ordergroup: user.ordergroup) } - let!(:goa) { create(:group_order_article, group_order: go, order_article: oa_1, quantity: 1, tolerance: 0) } - - before { go.update_price!; user.ordergroup.update_stats! } - - before do - og = user.ordergroup - og.add_financial_transaction!(-1, '-1', user, ftt1) - og.add_financial_transaction!(2, '2', user, ftt1) - og.add_financial_transaction!(3, '3', user, ftt1) - - og.add_financial_transaction!(-10, '-10', user, ftt2) - og.add_financial_transaction!(20, '20', user, ftt2) - og.add_financial_transaction!(30, '30', user, ftt2) - - og.add_financial_transaction!(-100, '-100', user, ftt3) - og.add_financial_transaction!(200, '200', user, ftt3) - og.add_financial_transaction!(300, '300', user, ftt3) - end - - it "returns correct values" do - get :financial_overview, params: { foodcoop: 'f' } - expect(json_financial_overview['account_balance']).to eq 444 - expect(json_financial_overview['available_funds']).to eq 444 - go.price - - ftcs = Hash[json_financial_overview['financial_transaction_class_sums'].map { |x| [x['id'], x] }] - - ftcs1 = ftcs[ftc1.id] - expect(ftcs1['name']).to eq ftc1.name - expect(ftcs1['amount']).to eq 4 - - ftcs2 = ftcs[ftc2.id] - expect(ftcs2['name']).to eq ftc2.name - expect(ftcs2['amount']).to eq 440 - end - end -end