Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Limit, cleanup, and secure shop creation #2969

Merged
merged 29 commits into from
Sep 30, 2017
Merged
Show file tree
Hide file tree
Changes from 19 commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
f23079c
Remove "Start Accepting Payment" button and form as those are accompl…
spencern Sep 27, 2017
6b5d51d
Remove stripe signup button template files
spencern Sep 27, 2017
1ad22e2
Remove stripe button from imports
spencern Sep 27, 2017
b619380
We do use this stripeConnectSignupButton in the current marketplace s…
spencern Sep 27, 2017
b3230f8
Fix react proptypes issue on profile
spencern Sep 27, 2017
8799fe4
Don't show "Become a seller" button unless marketplace and allowMerch…
spencern Sep 27, 2017
7e7112f
Cleanup profile template
spencern Sep 28, 2017
e16dffb
Remove unused `allowGuestSellers`, remove `hasMarketplaceAccess`, cle…
spencern Sep 28, 2017
1b5fe39
cleanup `becomeSellerButton` template
spencern Sep 28, 2017
1020aa7
Remove unused marketplace settings template
spencern Sep 28, 2017
ea60b30
Remove merchantFulfillment setting which only has one path currently
spencern Sep 28, 2017
fa4b40e
Add new shop to the merchantShops array on the primaryShop
spencern Sep 28, 2017
3a1f54f
Check that Account subscription is ready before getting user account
spencern Sep 28, 2017
c2a8495
Don't permit anonymous users to create a shop
spencern Sep 28, 2017
f5e81a3
Only marketplace owners can create a shop for others
spencern Sep 28, 2017
a08d075
Fix tests after changing shops/createShop method
spencern Sep 28, 2017
e992349
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
spencern Sep 28, 2017
82caf21
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
spencern Sep 28, 2017
5f07dda
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
impactmass Sep 28, 2017
9366fe3
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
spencern Sep 28, 2017
95e02a2
Fixes remaining issue that Seun found permitting arbitrary creation o…
spencern Sep 28, 2017
cb37825
Fix issue @prosf reported about being to clone arbitrary shops by cha…
spencern Sep 28, 2017
498f443
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
impactmass Sep 29, 2017
7f241c2
Don't permit any users to create multiple shops for a single user
spencern Sep 29, 2017
4cb2a72
Only primary shop owners can create shops for other users
spencern Sep 29, 2017
d1d081d
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
spencern Sep 29, 2017
65ed62d
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
impactmass Sep 29, 2017
8e40078
Fixes failing test by stubbing primaryShopId to be equal to the fake …
spencern Sep 30, 2017
52b7c4b
Merge branch 'marketplace' into spencer-2889-cleanup-marketplace-shop…
spencern Sep 30, 2017
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ class UpdateEmail extends Component {
/>
<Components.Button
bezelStyle={"solid"}
icon={showSpinner && "fa fa-spin fa-circle-o-notch"}
icon={showSpinner ? "fa fa-spin fa-circle-o-notch" : ""}
i18nKeyLabel={showSpinner ? "accountsUI.updatingEmailAddress" : "accountsUI.updateEmailAddress"}
label={showSpinner ? "Updating Email Address" : "Update Email Address"}
status={"primary"}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ <h3 class="panel-title" data-i18n="accountsUI.yourOrders">Your Orders</h3>
{{> addressBookPanel}}
</div>

{{#if isMarketplaceGuest }}
{{#if showMerchantSignup }}
<div class="flex-item">
<div class="panel panel-default">
<div class="panel-heading">
Expand All @@ -57,18 +57,6 @@ <h3 class="panel-title" data-i18n="marketplace.becomeSeller">Become a Seller</h3
</div>
</div>
</div>

<div class="flex-item">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title" data-i18n="marketplace.stripeConnectSignup">Start Accepting Payments</h3>
</div>

<div class="panel-content">
{{> stripeConnectSignupButton}}
</div>
</div>
</div>
{{/if}}
</div>

Expand Down
58 changes: 20 additions & 38 deletions imports/plugins/core/accounts/client/templates/profile/profile.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { Meteor } from "meteor/meteor";
import { Template } from "meteor/templating";
import { Roles } from "meteor/alanning:roles";
import { ReactiveVar } from "meteor/reactive-var";
import { Reaction } from "/client/api";
import { i18next } from "/client/api";
Expand Down Expand Up @@ -66,55 +65,38 @@ Template.accountProfile.helpers({
}
},

/**
* User's account profile
* @return {Object} account profile
*/
account() {
return Collections.Accounts.findOne();
},

/**
* User's display name
* @return {String} display name
*/
displayName() {
const userId = Meteor.userId() || {};
const user = Collections.Accounts.findOne(userId);

if (user) {
if (user.name) {
return user.name;
} else if (user.username) {
return user.username;
} else if (user.profile && user.profile.name) {
return user.profile.name;
if (Reaction.Subscriptions && Reaction.Subscriptions.Account && Reaction.Subscriptions.Account.ready()) {
const account = Collections.Accounts.findOne(Meteor.userId());
if (account) {
if (account.name) {
return account.name;
} else if (account.username) {
return account.username;
} else if (account.profile && account.profile.name) {
return account.profile.name;
}
}
}

if (Roles.userIsInRole(user._id || user.userId, "account/profile",
Reaction.getShopId())) {
if (Reaction.hasPermission("account/profile")) {
return i18next.t("accountsUI.guest", { defaultValue: "Guest" });
}
},

/**
* Returns the address book default view
* @return {String} "addressBookGrid" || "addressBookAdd"
*/
addressBookView: function () {
const account = Collections.Accounts.findOne();
if (account.profile) {
return "addressBookGrid";
showMerchantSignup: function () {
if (Reaction.Subscriptions && Reaction.Subscriptions.Account && Reaction.Subscriptions.Account.ready()) {
const account = Collections.Accounts.findOne({ _id: Meteor.userId() });
const marketplaceEnabled = Reaction.marketplace && Reaction.marketplace.enabled === true;
const allowMerchantSignup = Reaction.marketplace && Reaction.marketplace.allowMerchantSignup === true;
// A user has the primaryShopId until a shop is created for them.
const userHasShop = account.shopId !== Reaction.getPrimaryShopId();
return marketplaceEnabled && allowMerchantSignup && !userHasShop;
}
return "addressBookAdd";
},

isMarketplaceGuest: function () {
return (Reaction.hasMarketplaceAccess("guest") && !Reaction.hasAdminAccess());
},

isMarketplaceSeller: function () {
return (Reaction.hasMarketplaceAccess() && !Reaction.hasOwnerAccess());
return false;
}
});
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<template name="becomeSellerButton">
<button
class="btn {{classes}}"
class="btn btn-info"
data-event-category="marketplace"
data-event-action="button-click-become-seller"
data-event-label="Become a Seller button click"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,33 +2,12 @@ import { Meteor } from "meteor/meteor";
import { Template } from "meteor/templating";
import { Reaction, i18next } from "/client/api";


// Page


// Button
Template.becomeSellerButton.helpers({
/**
* Give it a size and style
* @return {String} The classes
*/
classes() {
const classes = [
(this.type || "btn-info"),
(this.size || "")
];

return classes.join(" ");
}
});


Template.becomeSellerButton.events({
"click [data-event-action='button-click-become-seller']": function () {
Meteor.call("shop/createShop", Meteor.userId(), function (error, response) {
if (error) {
const errorMessage = i18next.t("marketplace.errorCannotCreateShop", { defaultValue: "Could not create shop for current user {{user}}" });
return Alerts.toast(errorMessage, "error");
return Alerts.toast(`${errorMessage} ${error}`, "error");
}

const success = i18next.t("marketplace.yourShopIsReady", { defaultValue: "Your shop is now ready!" });
Expand Down
Original file line number Diff line number Diff line change
@@ -1,27 +1,8 @@
<template name="marketplaceSettings">
<div class="panel panel-default">
<div class="panel-heading panel-heading-flex">
<h3 class="panel-title">
<i class="{{PackageData.settings.icon}}"></i> General
</h3>
</div>
<div class="panel-body">
{{#autoForm collection=Collections.Packages schema=MarketplacePackageConfig
doc=packageData id="marketplaceOptionsForm" type="update" autosave=true}}
{{> afFieldInput name="settings.public.allowGuestSellers"}}
{{/autoForm}}

{{schema}}
</div>
</div>
</template>

<template name="marketplaceShopSettings">
{{#autoForm collection=Collections.Packages schema=MarketplacePackageConfig
doc=packageData id="marketplaceOptionsForm" type="update" autosave=true}}
{{> afFieldInput name="settings.public.allowGuestSellers"}}
{{> afFieldInput name="settings.public.merchantFulfillment"}}
{{> afFieldInput name="settings.public.allowMerchantSignup"}}
<!-- TODO: As we add optional functionality to marketplace, add options here -->
{{/autoForm}}

{{schema}}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@ import { MarketplacePackageConfig } from "../../../lib/collections/schemas";
import { Components } from "@reactioncommerce/reaction-components";

/**
* marketplaceSettings helpers
* marketplaceShopSettings helpers
*
*/
Template.marketplaceSettings.helpers({
Template.marketplaceShopSettings.helpers({
MarketplacePackageConfig() {
return MarketplacePackageConfig;
},
Expand All @@ -25,11 +25,6 @@ Template.marketplaceSettings.helpers({
}
});

/**
* marketplace Catalog settings
*/
Template.marketplaceShopSettings.inheritsHelpersFrom("marketplaceSettings");

/**
* marketplaceSettings autoform alerts
*/
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,9 @@ export const MarketplacePackageConfig = new SimpleSchema([
type: Boolean,
defaultValue: false
},
// Deprecated - no longer used in any marketplace considerations
// marketplace is enabled and disabled via the package
// seller signup is controlled by the allowMerchantSignup setting
"settings.public.allowGuestSellers": {
type: Boolean,
defaultValue: false
Expand Down
1 change: 0 additions & 1 deletion imports/plugins/included/marketplace/register.js
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ Reaction.registerPackage({
}]
},
public: {
allowGuestSellers: true, // TODO: Eliminate in favor of marketplace.enabled and allowMerchantSignup
allowMerchantSignup: false, // Merchants can sign up without an invite
marketplaceNakedRoutes: true, // Routes to the primary marketplace shop should not use shop prefix
merchantCart: false, // Unique cart for each merchant
Expand Down
22 changes: 1 addition & 21 deletions lib/api/core.js
Original file line number Diff line number Diff line change
Expand Up @@ -93,31 +93,11 @@ function getSellerShop(user, noFallback = false) {
return Shops.findOne({ _id });
}

/**
* hasMarketplaceAccess
* @summary Checks if the current user has access to the marketplace based on role(s),
* when the Marketplace module is enabled and with guest access on
* @param {String|Array} role The role(s) to check for access
* @returns {Boolean} True if current user has access
*/
function hasMarketplaceAccess(role = "admin") {
const currentUser = Meteor.user();
const packageSettings = Core.Reaction.getPackageSettings("reaction-marketplace");

return (
packageSettings &&
packageSettings.enabled &&
packageSettings.settings.public.allowGuestSellers &&
Roles.userIsInRole(currentUser, role, this.getSellerShopId())
);
}

const Reaction = Object.assign(Core.Reaction, {
isPackageEnabled,
getSeller,
getSellerShopId,
getSellerShop,
hasMarketplaceAccess
getSellerShop
});

export {
Expand Down
Loading