These are chat archives for reactioncommerce/reaction

17th
Jun 2015
Eli Diaz
@elidiazgt
Jun 17 2015 01:16
Hi, what are the payment system you use, can stripe work with this?
Eli Diaz
@elidiazgt
Jun 17 2015 01:17
@aaronjudd exelent, thanks
Aaron Judd
@aaronjudd
Jun 17 2015 01:23
@boboci9 ok, so what we’re seeing there is the session orders not the user orders.
current behaviour is
new session
return all orders for sessionId  (0)
places an order as a guest - we now have 1 session order
login as user - place order - we now have 2 session order returned (same session)
logout as user - we now have 1 session order returned
clear session - > we now have 0 orders
login as user -> we now have 1 user order
logout as user -> we now have 0 orders
place order as guest -> we now have 1 guest (session) order
the question is.. what should the logic be when the same session exists.
we could create a new session after an order is placed.
Aaron Judd
@aaronjudd
Jun 17 2015 01:32
the only downside I can think to that, is that guest will only see their most recent order
Bogi
@boboci9
Jun 17 2015 07:22
Hi Aaron, well in my opinion, guests didn't even took the fatigue to log in so why would they expect to see their previous orders, I don't consider this a downside, they should log in and see all :)
Aaron Judd
@aaronjudd
Jun 17 2015 14:09
@boboci9 agreed I’ll push an update in a few on this.
Bogi
@boboci9
Jun 17 2015 14:10
:+1:
Bogi
@boboci9
Jun 17 2015 18:09
@aaronjudd are there any future plans to extend the product methods to allow creation of a product in a specific shop?

I can help out with a PR to if we discuss what logic should be followed, I also think

unless ReactionCore.hasPermission('createProduct')
     throw new Meteor.Error 403, "Access Denied"

should also check for a shopId, no?

Bogi
@boboci9
Jun 17 2015 18:15
also regarding the products, in the previous version it was possible to use updateProductField to update the variant of a product but due to the String check of the value parameter it won't accept objects anymore
Bogi
@boboci9
Jun 17 2015 18:56
In my version I changed it to check value, Match.OneOf(String, Object, Array) but I'm not sure it's safe this way either, we could rather do something like
check(value, ReactionCore.Collections.Products.simpleSchema().getDefinition(field, ['type']).type);
Aaron Judd
@aaronjudd
Jun 17 2015 19:11
@boboci9 ReactionCore.hasPermission('createProduct’) should always be shop specific as the actual method has if Roles.userIsInRole userId, permissions, @shopId
I think the missing piece is a nice way of changing the current shop. This might need to change to an array of shops to support marketplace
Bogi
@boboci9
Jun 17 2015 19:48
in both the createProduct and updateProduct we could check for the if the user has createProduct role for the product.shopId shop
Aaron Judd
@aaronjudd
Jun 17 2015 19:56
already has
   unless ReactionCore.hasPermission('createProduct')
      throw new Meteor.Error 403, "Access Denied"
    @unblock()
that is checking for the specific shop that a user has been giving ‘createProduct’ - but of course, the publication, route, are also checked
Bogi
@boboci9
Jun 17 2015 19:59
for me ReactionCore.hasPermission('createProduct') is always returning undefined but I have createProduct role in one of the shops
Vigy
@vigyano
Jun 17 2015 19:59
@saralouhicks thanks for the beta release update. Looking forward to stable beta release in September.
Aaron Judd
@aaronjudd
Jun 17 2015 20:07
@boboci9 server or client? I could (and probably should) return false rather than undefined in reaction-core/client/app.coffee hasPermission, but you should have permissions if the role is in either a shop or global (return true)
Bogi
@boboci9
Jun 17 2015 20:08
ok, let me take a look there too
the server part hasPermission definition checks only for the current shop or the global shops that's why I get undefined
# permission check
  hasPermission: (permissions) ->
    # shop specific check
    if Roles.userIsInRole Meteor.userId(), permissions, @getShopId()
      return true
    # global roles check
    if Roles.userIsInRole Meteor.userId(), permissions, Roles.GLOBAL_GROUP
      return true
Aaron Judd
@aaronjudd
Jun 17 2015 20:16
right, the @getShopId is where I am saying we should add a setter method, and switch to or add an array approach
right now all that does is
  getShopId: ->
    return @shopId
Bogi
@boboci9
Jun 17 2015 20:17
ok I see now
there we should then check if the user is a seller for any of the shops and return accordingly, I see now what you meant
Aaron Judd
@aaronjudd
Jun 17 2015 20:20
I did an update for getSellerShopId that should work in the way your old method worked there - but not sure it will be needed if we fine tune the get/set shopId(s) a bit