Skip to content

Commit

Permalink
Merge pull request #1 from solidusio/master
Browse files Browse the repository at this point in the history
Update fork
  • Loading branch information
vl3 authored Dec 8, 2020
2 parents f36e61f + 9eadf85 commit 150232a
Show file tree
Hide file tree
Showing 242 changed files with 2,925 additions and 1,024 deletions.
2 changes: 1 addition & 1 deletion .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ workflows:
- mysql
- postgres_rails52
- mysql_rails52
- postgres_rails_master_activestorage
# - postgres_rails_master_activestorage
- stoplight/push:
context: "Solidus Core Team"
project: solidus/solidus-api
Expand Down
379 changes: 378 additions & 1 deletion CHANGELOG.md

Large diffs are not rendered by default.

118 changes: 107 additions & 11 deletions GOVERNANCE.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,12 @@ This file documents Solidus' governance model. It is meant for all users, but pa
## Project Director

At present, [Nebulab](https://www.nebulab.it) is the main code contributor and director of Solidus.
They provide technical guidance and coordinate community efforts and activities.

Project Directors are in charge of the organizational and business aspects of the platform. They handle
the social media communication and marketing/business direction, and advertise Solidus to the software
community and larger eCommerce industry. The project directors commit to hearing all interested parties
around sensitive business development decisions, although they reserve the right to always act in the
best interest of the platform and its community.

## Core Team

Expand All @@ -29,6 +34,11 @@ Here are some of the tasks they are responsible for:
- coordinating the work of contributors;
- maintaining the code, documentation and tools.

Members of the core team make the final decision as to what goes into the core and any other
non-marketing material (e.g. extensions, development tools) hosted in the official Solidus
GitHub organizations, although they may delegate part of this responsibility to other entities
(e.g. a specific company may be put in charge of maintaining an extension it has originally developed).

We understand that not all members will be able to dedicate the same amount of time to Solidus: this
is absolutely okay, since Solidus is an open source project and most of the work is done on a
volunteer basis. With that said, a minimum time investment is expected out of Core Team members.
Expand All @@ -39,7 +49,7 @@ New Core Team members are appointed by the Core Team.

To apply for the Core Team, you must be proposed by an existing member.

If you don't know anyone, simply send a Slack DM to Jacob Herrington (@Jacob Herrington), explaining
If you don't know anyone, simply send a Slack DM to Alberto Vena (@kennyadsl), explaining
why you think you should be in the Core Team and what kind of contribution you expect to bring.

### Leaving the Core Team
Expand All @@ -65,7 +75,7 @@ Making a recurring donation is very simple, simply visit
[our Open Collective profile](https://opencollective.com/solidus), choose the amount and complete
the process.

We have three different donation tiers in Open Collective, each with their own perks, so make sure
We have four different donation tiers in Open Collective, each with their own perks, so make sure
to check them out and choose the one that fits you best.

You can also use Open Collective to make a one-off donation, if you prefer!
Expand All @@ -80,18 +90,104 @@ If you want to interrupt a recurring donation, follow
Stakeholders are members of the Solidus community who have a strong interest in the future of
Solidus. This group includes retailers, agencies and long-term friends of the project.

They coordinate and contribute to Solidus usually in non-technical ways, for instance by choosing
what conferences to attend or organize, by identifying marketing opportunities or by deciding how
to use the funds in Open Collective.
They coordinate with weekly meetings and contribute to Solidus usually in non-technical ways,
for instance by choosing what conferences to attend or organize, by identifying marketing
opportunities or by deciding how to use the funds in Open Collective.

The Stakeholder group, is a group made of:

- Core team members
- Project directors
- Partners
- Advisors

### Voting mechanism

Any of the stakeholders may propose a vote for spending Open Collective funds or electing a
new advisor. The proposal must be added to the meeting agenda in advance.

The following principles apply to all votes:

- Meeting attendees who are not contributing financially to Open Collective hold no voting rights,
although they may propose votes and/or voice their opinion prior to a vote in order to provide
context and/or to influence the stakeholders.
- One-off Open Collective contributions have no effect on an entity’s voting rights.
- An entity can only vote during stakeholder meetings after a minimum of 3 months of recurring
Open Collective contributions.
- In order to determine the number of votes at disposal of each voting stakeholder, the average
Open Collective contribution of the last 3 months is used.
- If a proposal’s outcome is inconclusive, the stakeholders discuss the outcome until a reasonable
compromise is reached.
- Each entity may invite up to 3 representatives to join the stakeholders group.

### Consensus algorithms

#### Single-choice proposals

Single-choice proposals are proposals where an entity may only vote for one outcome of the request
to spend Open Collective funds. For example:

> Spend $20,000 on the venue for the next SolidusConf
> Pick a feature to implement with OC funds
> Are you in favor of adding John Doe to the advisors group?
During the meeting, the stakeholders vote on the proposal. Each entity gets one vote, and the weight
of each entity’s vote is equal to their monthly Open Collective contribution (e.g. the vote of a
company contributing $750/month on Open Collective weighs 750).

The outcome of the proposal is the outcome that received the highest number of votes.
The weight of each entity’s vote is capped at 1000, regardless of their OC contribution level.

#### Multiple-choice proposals

Multiple-choice proposals are proposals where an entity is asked to choose multiple outcomes for
a proposal. An example would be

> What features do you want to implement with Open Collective funds?
During the meeting, the stakeholders vote on the proposal. Each entity gets a number of votes equal
to their monthly Open Collective contribution, which they can spread across multiple choices or just on one choice.

In multiple-choice proposals, the N proposals with the highest number of votes are picked and prioritized
according to their number of votes. N is an arbitrary number decided upfront by the entity proposing the vote.

The number of votes at disposal of each entity is capped at 1000, regardless of their OC contribution level.

#### Asynchronous voting

If an entity doesn’t plan to attend a meeting but still wants to vote on a proposal, they can communicate their
vote(s) in the stakeholders channel on Slack.

### Joining the stakeholders

To join the stakeholders, you must contribute significantly to Solidus from either a financial or
technical standpoint (or both!).
To join the stakeholders, you must be part of one of the groups described above.

### Join as Partner

Partners are individuals or companies that are financially contributing to the platform’s Open Collective organization,
in exchange for a pre-established set of benefits, mainly the ability to vote during stakeholder meetings.

To join the stakeholders group as Partner, it's just needed that you setup a monthy donation via Open Collective with any of
following partnership tiers:

- **Supporter ($10/month)**: Doesn’t guarantee access to a partnership program.
- **Bronze ($100/month)**: Guarantees access to the partnership program as a Bronze partner and, as a result, access to the stakeholders group.
- **Silver ($325/month)**: Guarantees access to the partnership program as a Silver partner and, as a result, access to the stakeholders group.
- **Gold ($750+/month)**: Guarantees access to the partnership program as a Gold partner and, as a result, access to the stakeholders group.

Once it's done, send a Slack DM to Sean Denny (@seand) to request access to the private Slack channel.

### Join as Advisor

The advisors are individuals or companies that consistently provide value to the Solidus community through their industry
experience, professional network or other means. They participate in the stakeholder meetings and other stakeholder ceremonies
with the purpose of informing the group’s decisions and the platform’s direction. Advisors hold no decisional power. They are
elected during stakeholder meetings and their status must be re-confirmed every 6 months.

You must be nominated by an existing stakeholder. If you don't know anyone, send a Slack DM to Sean
Denny (@seand) to request membership, explaining how you have contributed to Solidus and what value
you can bring to the stakeholders.
If you want to be nominated as Advisor please, send a Slack DM to Sean Denny (@seand) to request membership, explaining
how you have contributed to Solidus and what value you can bring to the stakeholders.

Your request must be approved by 2/3rds of the existing stakeholders for you to become a member.

Expand Down
27 changes: 15 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@
[![License](http://img.shields.io/badge/license-BSD-yellowgreen.svg)](LICENSE.md)
[![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com)

[![Enthusiasts on Open Collective](https://opencollective.com/solidus/tiers/enthusiast/badge.svg?label=Enthusiasts&color=brightgree)](https://opencollective.com/solidus)
[![Supporters on Open Collective](https://opencollective.com/solidus/tiers/supporter/badge.svg?label=Supporters&color=brightgree)](https://opencollective.com/solidus)
[![Ambassadors on Open Collective](https://opencollective.com/solidus/tiers/ambassador/badge.svg?label=Ambassador&color=brightgree)](https://opencollective.com/solidus)
[![Bronze Partners on Open Collective](https://opencollective.com/solidus/tiers/bronze/badge.svg?label=Bronze Partners&color=brightgree)](https://opencollective.com/solidus)
[![Silver Partners on Open Collective](https://opencollective.com/solidus/tiers/silver/badge.svg?label=Silver Partners&color=brightgree)](https://opencollective.com/solidus)
[![Gold Partners on Open Collective](https://opencollective.com/solidus/tiers/gold/badge.svg?label=Gold Partners&color=brightgree)](https://opencollective.com/solidus)
[![Open Source Helpers](https://www.codetriage.com/solidusio/solidus/badges/users.svg)](https://www.codetriage.com/solidusio/solidus)
[![Slack](http://slack.solidus.io/badge.svg)](http://slack.solidus.io)

Expand Down Expand Up @@ -77,11 +78,13 @@ combine it with your own custom frontend, admin interface, and API.

## Demo

Try out Solidus with one-click on Heroku:
You can try the live Solidus demo [here.](http://demo.solidus.io/) The admin section can be accessed [here.](http://demo.solidus.io/admin)

You can also try out Solidus with one-click on Heroku:

[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/solidusio/solidus-example-app)

Alternatively, you can use Docker to run a demo on your local machine. Run the
Additionally, you can use Docker to run a demo on your local machine. Run the
following command to download the image and run it at
[http://localhost:3000](http://localhost:3000).

Expand All @@ -106,14 +109,12 @@ created.
### Installing Solidus

<details>
<summary>For Solidus v2.10 and below</summary>
<summary>For Solidus v2.11 and above</summary>

Add the following to your Gemfile. Skip the `solidus_auth_devise` part
if you want to use a custom authentication system.
Add the following to your Gemfile.

```ruby
gem 'solidus'
gem 'solidus_auth_devise'
```

Run the `bundle` command to install.
Expand All @@ -122,17 +123,19 @@ created.
configuration files and migrations.

```bash
bin/rails g spree:install
bin/rails g solidus:install
```
</details>

<details>
<summary>For Solidus v2.11 (still unreleased) and above</summary>
<summary>For Solidus v2.10 and below</summary>

Add the following to your Gemfile.
Add the following to your Gemfile. Skip the `solidus_auth_devise` part
if you want to use a custom authentication system.

```ruby
gem 'solidus'
gem 'solidus_auth_devise'
```

Run the `bundle` command to install.
Expand All @@ -141,7 +144,7 @@ created.
configuration files and migrations.

```bash
bin/rails g solidus:install
bin/rails g spree:install
```
</details>

Expand Down
2 changes: 1 addition & 1 deletion api/app/controllers/spree/api/addresses_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ class AddressesController < Spree::Api::BaseController
before_action :find_order

def show
authorize! :read, @order, order_token
authorize! :show, @order, order_token
find_address
respond_with(@address)
end
Expand Down
6 changes: 3 additions & 3 deletions api/app/controllers/spree/api/base_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -135,13 +135,13 @@ def find_product(id)

def product_scope
if can?(:admin, Spree::Product)
scope = Spree::Product.with_discarded.accessible_by(current_ability, :read).includes(*product_includes)
scope = Spree::Product.with_discarded.accessible_by(current_ability).includes(*product_includes)

unless params[:show_deleted]
scope = scope.not_deleted
end
else
scope = Spree::Product.accessible_by(current_ability, :read).available.includes(*product_includes)
scope = Spree::Product.accessible_by(current_ability).available.includes(*product_includes)
end

scope
Expand All @@ -161,7 +161,7 @@ def order_id

def authorize_for_order
@order = Spree::Order.find_by(number: order_id)
authorize! :read, @order, order_token
authorize! :show, @order, order_token
end

def lock_order
Expand Down
4 changes: 2 additions & 2 deletions api/app/controllers/spree/api/countries_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ class CountriesController < Spree::Api::BaseController

def index
@countries = Spree::Country.
accessible_by(current_ability, :read).
accessible_by(current_ability).
ransack(params[:q]).
result.
order('name ASC')
Expand All @@ -21,7 +21,7 @@ def index
end

def show
@country = Spree::Country.accessible_by(current_ability, :read).find(params[:id])
@country = Spree::Country.accessible_by(current_ability, :show).find(params[:id])
respond_with(@country)
end
end
Expand Down
4 changes: 2 additions & 2 deletions api/app/controllers/spree/api/credit_cards_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ class CreditCardsController < Spree::Api::BaseController
def index
@credit_cards = user
.credit_cards
.accessible_by(current_ability, :read)
.accessible_by(current_ability)
.with_payment_profile
.ransack(params[:q]).result

Expand All @@ -29,7 +29,7 @@ def update

def user
if params[:user_id].present?
@user ||= Spree.user_class.accessible_by(current_ability, :read).find(params[:user_id])
@user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:user_id])
end
end

Expand Down
6 changes: 3 additions & 3 deletions api/app/controllers/spree/api/customer_returns_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ def index

@customer_returns = @order.
customer_returns.
accessible_by(current_ability, :read).
accessible_by(current_ability).
ransack(params[:q]).
result

Expand All @@ -38,7 +38,7 @@ def new

def show
authorize! :show, CustomerReturn
@customer_return = @order.customer_returns.accessible_by(current_ability, :read).find(params[:id])
@customer_return = @order.customer_returns.accessible_by(current_ability, :show).find(params[:id])
respond_with(@customer_return)
end

Expand All @@ -56,7 +56,7 @@ def update

def load_order
@order ||= Spree::Order.find_by!(number: order_id)
authorize! :read, @order
authorize! :show, @order
end

def customer_return_params
Expand Down
6 changes: 3 additions & 3 deletions api/app/controllers/spree/api/images_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@ module Spree
module Api
class ImagesController < Spree::Api::BaseController
def index
@images = scope.images.accessible_by(current_ability, :read)
@images = scope.images.accessible_by(current_ability)
respond_with(@images)
end

def show
@image = scope.images.accessible_by(current_ability, :read).find(params[:id])
@image = scope.images.accessible_by(current_ability, :show).find(params[:id])
respond_with(@image)
end

Expand All @@ -20,7 +20,7 @@ def create
end

def update
@image = scope.images.accessible_by(current_ability, :update).find(params[:id])
@image = scope.gallery.images.accessible_by(current_ability, :update).find(params[:id])
@image.update(image_params)
respond_with(@image, default_template: :show)
end
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ def update
private

def inventory_unit
@inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :read).find(params[:id])
@inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :show).find(params[:id])
end

def prepare_event
Expand Down
6 changes: 3 additions & 3 deletions api/app/controllers/spree/api/option_types_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,15 @@ module Api
class OptionTypesController < Spree::Api::BaseController
def index
if params[:ids]
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).where(id: params[:ids].split(','))
else
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).load.ransack(params[:q]).result
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).load.ransack(params[:q]).result
end
respond_with(@option_types)
end

def show
@option_type = Spree::OptionType.accessible_by(current_ability, :read).find(params[:id])
@option_type = Spree::OptionType.accessible_by(current_ability, :show).find(params[:id])
respond_with(@option_type)
end

Expand Down
Loading

0 comments on commit 150232a

Please sign in to comment.