solidusio
diff --git a/‎.rubocop_todo.yml‎
Lines changed: 0 additions & 23 deletions b/‎.rubocop_todo.yml‎
Lines changed: 0 additions & 23 deletions
diff --git a/‎core/app/helpers/spree/core/controller_helpers/auth.rb‎
Lines changed: 66 additions & 0 deletions b/‎core/app/helpers/spree/core/controller_helpers/auth.rb‎
Lines changed: 66 additions & 0 deletions
diff --git a/‎core/app/helpers/spree/core/controller_helpers/common.rb‎
Lines changed: 82 additions & 0 deletions b/‎core/app/helpers/spree/core/controller_helpers/common.rb‎
Lines changed: 82 additions & 0 deletions
diff --git a/‎core/app/helpers/spree/core/controller_helpers/order.rb‎
Lines changed: 86 additions & 0 deletions b/‎core/app/helpers/spree/core/controller_helpers/order.rb‎
Lines changed: 86 additions & 0 deletions
@@ -143,7 +143,6 @@ Layout/LeadingEmptyLines:
 # SupportedStyles: aligned, indented
 Layout/MultilineOperationIndentation:
   Exclude:
-    - "core/lib/spree/core/controller_helpers/strong_parameters.rb"
     - "core/lib/spree/core/engine.rb"
     - "core/lib/spree/core/importer/order.rb"
     - "core/lib/spree/permission_sets/default_customer.rb"
@@ -226,12 +225,6 @@ Lint/EmptyConditionalBody:
   Exclude:
     - "core/lib/spree/preferences/statically_configurable.rb"
 
-# Offense count: 1
-# This cop supports safe autocorrection (--autocorrect).
-Lint/ParenthesesAsGroupedExpression:
-  Exclude:
-    - "core/spec/lib/spree/core/controller_helpers/auth_spec.rb"
-
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
 Lint/RedundantCopDisableDirective:
@@ -325,7 +318,6 @@ Rails/Blank:
     - "core/app/models/spree/reimbursement_type/exchange.rb"
     - "core/app/models/spree/wallet_payment_source.rb"
     - "core/app/models/spree/zone.rb"
-    - "core/lib/spree/core/controller_helpers/auth.rb"
     - "core/lib/spree/core/importer/order.rb"
     - "core/lib/spree/core/search/base.rb"
 
@@ -409,12 +401,6 @@ Rails/OutputSafety:
     - "core/app/helpers/spree/products_helper.rb"
     - "core/app/models/spree/money.rb"
 
-# Offense count: 1
-# This cop supports safe autocorrection (--autocorrect).
-Rails/Presence:
-  Exclude:
-    - "core/lib/spree/core/controller_helpers/common.rb"
-
 # Offense count: 10
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: NotNilAndNotEmpty, NotBlank, UnlessBlank.
@@ -471,7 +457,6 @@ Rails/SafeNavigation:
     - "core/app/models/spree/variant/pricing_options.rb"
     - "core/app/models/spree/wallet.rb"
     - "core/app/models/spree/wallet/default_payment_builder.rb"
-    - "core/spec/lib/spree/core/controller_helpers/order_spec.rb"
     - "core/spec/models/spree/variant/vat_price_generator_spec.rb"
 
 # Offense count: 43
@@ -691,7 +676,6 @@ Style/RedundantRegexpEscape:
 # Configuration parameters: AllowMultipleReturnValues.
 Style/RedundantReturn:
   Exclude:
-    - "core/lib/spree/core/controller_helpers/order.rb"
     - "core/lib/spree/preferences/store.rb"
 
 # Offense count: 2
@@ -713,13 +697,6 @@ Style/RedundantSort:
 Style/SafeNavigation:
   Enabled: false
 
-# Offense count: 2
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowModifier.
-Style/SoleNestedConditional:
-  Exclude:
-    - "core/lib/spree/core/controller_helpers/order.rb"
-
 # Offense count: 13
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: Mode.
 
@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'cancan'
+
+module Spree
+  module Core
+    module ControllerHelpers
+      module Auth
+        extend ActiveSupport::Concern
+
+        # @!attribute [rw] unauthorized_redirect
+        #   @!scope class
+        #   Extension point for overriding behaviour of access denied errors.
+        #   Default behaviour is to redirect back or to "/unauthorized" with a flash
+        #   message.
+        #   @return [Proc] action to take when access denied error is raised.
+
+        included do
+          before_action :set_guest_token
+          helper_method :spree_current_user
+
+          class_attribute :unauthorized_redirect
+          deprecate :unauthorized_redirect= => "Use a custom Spree::Config.unauthorized_redirect_handler_class instead", :deprecator => Spree.deprecator
+
+          rescue_from CanCan::AccessDenied, with: :handle_unauthorized_access
+        end
+
+        # Needs to be overriden so that we use Spree's Ability rather than anyone else's.
+        def current_ability
+          @current_ability ||= Spree::Ability.new(spree_current_user)
+        end
+
+        def redirect_back_or_default(default)
+          redirect_to(session["spree_user_return_to"] || default)
+          session["spree_user_return_to"] = nil
+        end
+
+        def set_guest_token
+          if cookies.signed[:guest_token].blank?
+            cookies.permanent.signed[:guest_token] = Spree::Config[:guest_token_cookie_options].merge(
+              value: SecureRandom.urlsafe_base64(nil, false),
+              httponly: true
+            )
+          end
+        end
+
+        def store_location
+          Spree::UserLastUrlStorer.new(self).store_location
+        end
+
+        # Auth extensions are expected to define it, otherwise it's a no-op
+        def spree_current_user
+          defined?(super) ? super : nil
+        end
+
+        def handle_unauthorized_access
+          if unauthorized_redirect
+            instance_exec(&unauthorized_redirect)
+          else
+            Spree::Config.unauthorized_redirect_handler_class.new(self).call
+          end
+        end
+      end
+    end
+  end
+end
@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'carmen'
+
+module Spree
+  module Core
+    module ControllerHelpers
+      module Common
+        extend ActiveSupport::Concern
+        included do
+          helper_method :title
+          helper_method :title=
+          helper_method :accurate_title
+
+          layout :get_layout
+
+          before_action :set_user_language
+        end
+
+        protected
+
+        # can be used in views as well as controllers.
+        # e.g. <% self.title = 'This is a custom title for this view' %>
+        attr_writer :title
+
+        def title
+          title_string = @title.presence || accurate_title
+          if title_string.present?
+            if Spree::Config[:always_put_site_name_in_title]
+              [title_string, default_title].join(' - ')
+            else
+              title_string
+            end
+          else
+            default_title
+          end
+        end
+
+        def default_title
+          current_store.name
+        end
+
+        # this is a hook for subclasses to provide title
+        def accurate_title
+          current_store.seo_title
+        end
+
+        private
+
+        def set_user_language_locale_key
+          :locale
+        end
+
+        def set_user_language
+          available_locales = Spree.i18n_available_locales
+          locale = [
+            params[:locale],
+            session[set_user_language_locale_key],
+            (config_locale if respond_to?(:config_locale, true)),
+            I18n.default_locale
+          ].detect do |candidate|
+            candidate &&
+              available_locales.include?(candidate.to_sym)
+          end
+          session[set_user_language_locale_key] = locale
+          I18n.locale = locale
+          Carmen.i18n_backend.locale = locale
+        end
+
+        # Returns which layout to render.
+        #
+        # You can set the layout you want to render inside your Spree configuration with the +:layout+ option.
+        #
+        # Default layout is: +app/views/spree/layouts/spree_application+
+        #
+        def get_layout
+          Spree::Config[:layout]
+        end
+      end
+    end
+  end
+end
@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+module Spree
+  module Core
+    module ControllerHelpers
+      module Order
+        extend ActiveSupport::Concern
+        include ControllerHelpers::Pricing
+
+        included do
+          helper_method :current_order
+        end
+
+        # The current incomplete order from the guest_token for use in cart and during checkout
+        def current_order(options = {})
+          should_create = options[:create_order_if_necessary] || false
+          should_build = options[:build_order_if_necessary] || should_create
+
+          return @current_order if @current_order
+
+          @current_order = find_order_by_token_or_user(lock: options[:lock])
+
+          if should_build && (@current_order.nil? || @current_order.completed?)
+            @current_order = Spree::Order.new(new_order_params)
+            @current_order.user ||= spree_current_user
+            # See issue https://github.com/spree/spree/issues/3346 for reasons why this line is here
+            @current_order.created_by ||= spree_current_user
+            @current_order.save! if should_create
+          end
+
+          if @current_order
+            @current_order.record_ip_address(ip_address)
+            @current_order
+          end
+        end
+
+        def associate_user
+          @order ||= current_order
+          if spree_current_user && @order && (@order.user.blank? || @order.email.blank?)
+            @order.associate_user!(spree_current_user)
+          end
+        end
+
+        def set_current_order
+          if spree_current_user && current_order
+            spree_current_user.orders.by_store(current_store).incomplete.where('id != ?', current_order.id).find_each do |order|
+              current_order.merge!(order, spree_current_user)
+            end
+          end
+        end
+
+        def ip_address
+          request.remote_ip
+        end
+
+        private
+
+        def last_incomplete_order
+          @last_incomplete_order ||= spree_current_user.last_incomplete_spree_order(store: current_store)
+        end
+
+        def current_order_params
+          { currency: current_pricing_options.currency, guest_token: cookies.signed[:guest_token], store_id: current_store.id, user_id: spree_current_user.try(:id) }
+        end
+
+        def new_order_params
+          current_order_params.merge(last_ip_address: ip_address)
+        end
+
+        def find_order_by_token_or_user(options = {})
+          should_lock = options[:lock] || false
+
+          # Find any incomplete orders for the guest_token
+          order = Spree::Order.incomplete.lock(should_lock).find_by(current_order_params)
+
+          # Find any incomplete orders for the current user
+          if order.nil? && spree_current_user
+            order = last_incomplete_order
+          end
+
+          order
+        end
+      end
+    end
+  end
+end