Merge branch 'develop' into feat-Add-German-language-support

pixelwiese · Nov 11, 2024 · 60d0712 · 60d0712
2 parents 6e18999 + 94fb420
commit 60d0712
Show file tree

Hide file tree

Showing 829 changed files with 219,181 additions and 214,059 deletions.
diff --git a/.changeset/beige-dots-divide.md b/.changeset/beige-dots-divide.md
@@ -0,0 +1,5 @@
+---
+"@medusajs/auth-google": patch
+---
+
+fix: Use sub instead of email for google entity ID
diff --git a/.changeset/bright-bees-decide.md b/.changeset/bright-bees-decide.md
@@ -0,0 +1,5 @@
+---
+"@medusajs/core-flows": patch
+---
+
+Keep customer when updating cart
diff --git a/.changeset/cool-buckets-remember.md b/.changeset/cool-buckets-remember.md
diff --git a/.changeset/early-queens-prove.md b/.changeset/early-queens-prove.md
diff --git a/.changeset/eleven-students-cover.md b/.changeset/eleven-students-cover.md
diff --git a/.changeset/gentle-baboons-camp.md b/.changeset/gentle-baboons-camp.md
@@ -0,0 +1,5 @@
+---
+"@medusajs/framework": patch
+---
+
+Exclude nested fields when excluding field from endpoint
diff --git a/.changeset/lucky-pets-glow.md b/.changeset/lucky-pets-glow.md
@@ -0,0 +1,7 @@
+---
+"@medusajs/link-modules": patch
+"@medusajs/types": patch
+"@medusajs/utils": patch
+---
+
+Generate graph schema with readonly links
diff --git a/.changeset/selfish-wombats-smash.md b/.changeset/selfish-wombats-smash.md
@@ -0,0 +1,5 @@
+---
+"@medusajs/payment-stripe": patch
+---
+
+feat(stripe): add promptpay
diff --git a/.changeset/shiny-spiders-raise.md b/.changeset/shiny-spiders-raise.md
diff --git a/.changeset/tall-starfishes-travel.md b/.changeset/tall-starfishes-travel.md
diff --git a/.changeset/tame-sloths-pump.md b/.changeset/tame-sloths-pump.md
diff --git a/.changeset/tough-spiders-admire.md b/.changeset/tough-spiders-admire.md
diff --git a/.github/workflows/admin-i18n-validation.yml b/.github/workflows/admin-i18n-validation.yml
@@ -0,0 +1,47 @@
+name: i18n Validation
+
+on:
+  pull_request:
+    paths:
+      - packages/admin/dashboard/src/i18n/translations/**
+
+
+jobs:
+  i18n-validation-admin-dashboard:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+          cache: 'yarn'
+
+      - name: Install dependencies
+        working-directory: packages/admin/dashboard
+        run: yarn install
+
+      - name: Validate i18n translations
+        working-directory: packages/admin/dashboard
+        run: |
+          git diff --name-only --diff-filter=A origin/develop HEAD -- src/i18n/translations > i18n_added_files.txt
+          
+          cat i18n_added_files.txt
+          
+          while read -r file; do
+            # Get the base name of the file
+            filename=$(basename "$file")
+          
+            # Skip those items
+            if [ "$filename" = "\$schema.json" ] || [ "$filename" = "index.ts" ] || [ -d "$file" ]; then
+              continue
+            fi
+          
+            # Run validation on the file
+            yarn i18n:validate "$filename"
+          done < i18n_added_files.txt
diff --git a/.husky/pre-commit b/.husky/pre-commit
diff --git a/README.md b/README.md
@@ -36,23 +36,21 @@
 
 ## Getting Started
 
-Visit the [Quickstart Guide](https://docs.medusajs.com/create-medusa-app) to set up a server.
-
-Visit the [Docs](https://docs.medusajs.com/development/backend/prepare-environment) to learn more about our system requirements.
+Visit the [Documentation](https://docs.medusajs.com/learn) to set up a Medusa application.
 
 ## What is Medusa
 
 Medusa is a set of commerce modules and tools that allow you to build rich, reliable, and performant commerce applications without reinventing core commerce logic. The modules can be customized and used to build advanced ecommerce stores, marketplaces, or any product that needs foundational commerce primitives. All modules are open-source and freely available on npm.
 
-Learn more about [Medusa’s architecture](https://docs.medusajs.com/development/fundamentals/architecture-overview) and [commerce modules](https://docs.medusajs.com/modules/overview) in the Docs.
+Learn more about [Medusa’s architecture](https://docs.medusajs.com/learn/advanced-development/architecture/overview) and [commerce modules](https://docs.medusajs.com/resources/commerce-modules) in the Docs.
 
-## Roadmap, Upgrades & Plugins
+## Roadmap, Upgrades & Integrations
 
 You can view the planned, started and completed features in the [Roadmap discussion](https://github.com/medusajs/medusa/discussions/categories/roadmap).
 
-Follow the [Upgrade Guides](https://docs.medusajs.com/upgrade-guides/) to keep your Medusa project up-to-date.
+Follow the [Release Notes](https://github.com/medusajs/medusa/releases) to keep your Medusa project up-to-date.
 
-Check out all [available Medusa plugins](https://medusajs.com/plugins/).
+Check out all [available Medusa integrations](https://docs.medusajs.com/resources/integrations).
 
 ## Community & Contributions
 

diff --git a/integration-tests/http/__tests__/auth/admin/auth.spec.ts b/integration-tests/http/__tests__/auth/admin/auth.spec.ts
@@ -1,6 +1,6 @@
 import { generateResetPasswordTokenWorkflow } from "@medusajs/core-flows"
-import jwt from "jsonwebtoken"
 import { medusaIntegrationTestRunner } from "@medusajs/test-utils"
+import jwt from "jsonwebtoken"
 import {
   adminHeaders,
   createAdminUser,
@@ -230,6 +230,57 @@ medusaIntegrationTestRunner({
         expect(login.data).toEqual({ token: expect.any(String) })
       })
 
+      it("should ensure you can only update password", async () => {
+        // Register user
+        await api.post("/auth/user/emailpass/register", {
+          email: "test@medusa-commerce.com",
+          password: "secret_password",
+        })
+
+        // The token won't be part of the Rest API response, so we need to generate it manually
+        const { result } = await generateResetPasswordTokenWorkflow(
+          container
+        ).run({
+          input: {
+            entityId: "test@medusa-commerce.com",
+            actorType: "user",
+            provider: "emailpass",
+            secret: "test",
+          },
+        })
+
+        const response = await api.post(
+          `/auth/user/emailpass/update?token=${result}`,
+          {
+            email: "test+new@medusa-commerce.com",
+            password: "new_password",
+          }
+        )
+
+        expect(response.status).toEqual(200)
+        expect(response.data).toEqual({ success: true })
+
+        const failedLogin = await api
+          .post("/auth/user/emailpass", {
+            email: "test+new@medusa-commerce.com",
+            password: "new_password",
+          })
+          .catch((e) => e)
+
+        expect(failedLogin.response.status).toEqual(401)
+        expect(failedLogin.response.data.message).toEqual(
+          "Invalid email or password"
+        )
+
+        const login = await api.post("/auth/user/emailpass", {
+          email: "test@medusa-commerce.com",
+          password: "new_password",
+        })
+
+        expect(login.status).toEqual(200)
+        expect(login.data).toEqual({ token: expect.any(String) })
+      })
+
       it("should fail if token has expired", async () => {
         jest.useFakeTimers()
 
@@ -264,6 +315,98 @@ medusaIntegrationTestRunner({
         expect(response.response.status).toEqual(401)
         expect(response.response.data.message).toEqual("Invalid token")
       })
+
+      it("should fail if no token is passed", async () => {
+        jest.useFakeTimers()
+
+        // Register user
+        await api.post("/auth/user/emailpass/register", {
+          email: "test@medusa-commerce.com",
+          password: "secret_password",
+        })
+
+        // Advance time by 15 minutes
+        jest.advanceTimersByTime(15 * 60 * 1000)
+
+        const response = await api
+          .post(`/auth/user/emailpass/update`, {
+            email: "test@medusa-commerce.com",
+          })
+          .catch((e) => e)
+
+        expect(response.response.status).toEqual(401)
+        expect(response.response.data.message).toEqual("Invalid token")
+      })
+
+      it("should fail if update is attempted on different actor type", async () => {
+        jest.useFakeTimers()
+
+        // Register user
+        await api.post("/auth/user/emailpass/register", {
+          email: "test@medusa-commerce.com",
+          password: "secret_password",
+        })
+
+        // The token won't be part of the Rest API response, so we need to generate it manually
+        const { result } = await generateResetPasswordTokenWorkflow(
+          container
+        ).run({
+          input: {
+            entityId: "test@medusa-commerce.com",
+            actorType: "user",
+            provider: "emailpass",
+            secret: "test",
+          },
+        })
+
+        // Advance time by 15 minutes
+        jest.advanceTimersByTime(15 * 60 * 1000)
+
+        const response = await api
+          .post(`/auth/customer/emailpass/update?token=${result}`, {
+            email: "test@medusa-commerce.com",
+            password: "new_password",
+          })
+          .catch((e) => e)
+
+        expect(response.response.status).toEqual(401)
+        expect(response.response.data.message).toEqual("Invalid token")
+      })
+
+      it("should fail if token secret is incorrect", async () => {
+        jest.useFakeTimers()
+
+        // Register user
+        await api.post("/auth/user/emailpass/register", {
+          email: "test@medusa-commerce.com",
+          password: "secret_password",
+        })
+
+        // The token won't be part of the Rest API response, so we need to generate it manually
+        const { result } = await generateResetPasswordTokenWorkflow(
+          container
+        ).run({
+          input: {
+            entityId: "test@medusa-commerce.com",
+            actorType: "user",
+            provider: "emailpass",
+            secret: "incorrect_secret",
+          },
+        })
+
+        // Advance time by 15 minutes
+        jest.advanceTimersByTime(15 * 60 * 1000)
+
+        const response = await api
+          .post(`/auth/user/emailpass/update?token=${result}`, {
+            email: "test@medusa-commerce.com",
+            password: "new_password",
+          })
+          .catch((e) => e)
+
+        expect(response.response.status).toEqual(401)
+        expect(response.response.data.message).toEqual("Invalid token")
+      })
     })
 
     it("should refresh the token successfully", async () => {

diff --git a/integration-tests/http/__tests__/product/store/product.spec.ts b/integration-tests/http/__tests__/product/store/product.spec.ts
@@ -1,14 +1,14 @@
+import { medusaIntegrationTestRunner } from "@medusajs/test-utils"
 import { IStoreModuleService } from "@medusajs/types"
 import { ApiKeyType, Modules, ProductStatus } from "@medusajs/utils"
-import { medusaIntegrationTestRunner } from "@medusajs/test-utils"
+import qs from "qs"
 import {
   adminHeaders,
   createAdminUser,
   generatePublishableKey,
   generateStoreHeaders,
 } from "../../../../helpers/create-admin-user"
 import { getProductFixture } from "../../../../helpers/fixtures"
-import qs from "qs"
 
 jest.setTimeout(30000)
 
@@ -589,6 +589,19 @@ medusaIntegrationTestRunner({
         ])
       })
 
+      it("should list all products excluding variants", async () => {
+        let response = await api.get(
+          `/admin/products?fields=-variants`,
+          adminHeaders
+        )
+
+        expect(response.data.count).toEqual(4)
+
+        for (let product of response.data.products) {
+          expect(product.variants).toBeUndefined()
+        }
+      })
+
       it("should list all products for a sales channel", async () => {
         const salesChannel = await createSalesChannel(
           { name: "sales channel test" },