Class: Spree::Api::V3::Admin::CustomersController

Inherits:
ResourceController show all
Includes:
BulkOperations
Defined in:
app/controllers/spree/api/v3/admin/customers_controller.rb

Constant Summary

Constants included from ScopedAuthorization

ScopedAuthorization::READ_ACTIONS

Constants inherited from BaseController

BaseController::RATE_LIMIT_RESPONSE

Constants included from Idempotent

Idempotent::IDEMPOTENCY_HEADER, Idempotent::IDEMPOTENCY_TTL, Idempotent::MAX_KEY_LENGTH, Idempotent::MUTATING_METHODS

Constants included from ErrorHandler

ErrorHandler::ERROR_CODES

Constants included from JwtAuthentication

JwtAuthentication::JWT_AUDIENCE_ADMIN, JwtAuthentication::JWT_AUDIENCE_STORE, JwtAuthentication::JWT_ISSUER, JwtAuthentication::USER_TYPE_ADMIN, JwtAuthentication::USER_TYPE_CUSTOMER

Instance Method Summary collapse

Methods included from BulkOperations

#bulk_add_tags, #bulk_remove_tags

Methods inherited from ResourceController

#index, #show

Methods included from Spree::Api::V3::ApiKeyAuthentication

#authenticate_api_key!, #authenticate_secret_key!

Methods included from JwtAuthentication

#authenticate_user, #require_authentication!

Instance Method Details

#bulk_add_to_groupsObject

Bulk add the given customers to the given groups. Idempotent —customers already in a group are skipped at the model layer.



54
55
56
 
# File 'app/controllers/spree/api/v3/admin/customers_controller.rb', line 54

def bulk_add_to_groups
  apply_groups(:add_customers)
end

#bulk_remove_from_groupsObject

Bulk remove the given customers from the given groups.



59
60
61
 
# File 'app/controllers/spree/api/v3/admin/customers_controller.rb', line 59

def bulk_remove_from_groups
  apply_groups(:remove_customers)
end

#createObject 



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'app/controllers/spree/api/v3/admin/customers_controller.rb', line 12

def create
  @resource = Spree.user_class.new(permitted_params)
  # Admin-created customers don't pick a password upfront — they
  # claim the account via password reset later.
  # `Spree::UserMethods` exposes `skip_password_validation` so
  # Devise's `:validatable` lets a nil credential through on this
  # code path. Storefront registration never sets the flag, so
  # customer self-signup still requires a password.
  @resource.skip_password_validation = true if @resource.password.blank?
  authorize!(:create, @resource)

  if @resource.save
    render json: serialize_resource(@resource), status: :created
  else
    render_validation_error(@resource.errors)
  end
end

#destroyObject 



40
41
42
43
44
45
46
47
48
49
50
 
# File 'app/controllers/spree/api/v3/admin/customers_controller.rb', line 40

def destroy
  authorize_resource!(@resource)
  @resource.destroy
  head :no_content
rescue Spree::Core::DestroyWithOrdersError => e
  render_error(
    code: 'customer_has_orders',
    message: e.message.presence || Spree.t(:error_user_destroy_with_orders),
    status: :unprocessable_content
  )
end

#updateObject 



30
31
32
33
34
35
36
37
38
 
# File 'app/controllers/spree/api/v3/admin/customers_controller.rb', line 30

def update
  authorize_resource!(@resource)

  if @resource.update(permitted_params)
    render json: serialize_resource(@resource.reload)
  else
    render_validation_error(@resource.errors)
  end
end