Version 1.0.0

github rubygems

We're happy to announce Solidus 1.0.0, an updated fork of Spree 2.4 spearheaded by the developers at Bonobos and FreeRunning Technologies.

These changes mostly came from the needs of running a large store like Bonobos and AYR. Changes include refund and cancellation overhaul, performance fixes, customer service enhancements, changes for fulfilment, and many fixes. The downside is that this is a large set of changes. We didn't release 1.0 early but we hope for our future versions to be released often.

We intend this to be a direct upgrade for Spree 2.4 (or earlier) users. We've also tweaked the Spree 2.2 → 2.3 → 2.4 migrations to be faster and more correct. A future version, likely 1.1.0, will provide an upgrade path for users on spree 3.0.

Major Changes

We've upgraded to rails 4.2. Notably this includes ActiveJob, asynchronous emails, and ActiveRecord performance improvements.

See the rails 4.2 release notes

Gems have all been renamed solidus: solidus, solidus_api, solidus_backend, solidus_core, solidus_frontend. Branding and some sample data has been changed. We will continue using the Spree:: namespace.

Previously SSL was enforced by Spree at the controller level by declaring either ssl_required or ssl_allowed, which checked several Spree::Config options to determine if SSL should be used in this environment and if the HTTPS request should be redirected to plain HTTP.

It is now expected that the entire store has SSL enforced. This is to be handled either by Rails, the web server, or the load balancer.

This can be done by setting config.force_ssl = true in config/environments/production.rb

Previously, concurrent requests to the API could put the order into an inconsistent state. Now, concurrent requests to the API will return HTTP 409 "Conflict".

Previously order.next was used to advance an order through the order checkout states and to ultimately complete the order. This made it easy to complete the order unintentionally through the admin or when using the API. This is now changed so that an explicit call to order.complete is required to complete the order. To facilitate this the confirm state is now always required.

The API's advance route will now move the order to the 'confirm' state. The next action will continue to move orders from confirm to complete, but issues a deprecation warning when doing so.

The frontend checkout continues to act as before, but will always have the confirm state.

We wanted to be able to include store credits with Solidus. This integrated the existing spreestorecreditpaymentmethod extension.

This allows assigning an amount of store credit to a user and allow them to pay using those funds.

When physically shipping items to a customer, multiple orders to the same customer may be combined into one package. A single shipment (as seen and paid for by customer) may end up split into multiple packages with different tracking numbers (due to sizing restrictions, for example). To better represent this, we've created the cartons model, which is intended to accurately represent the physical shipment (likely with a tracking number) which was sent out.

This should allow more robust integration with some third party logistics providers and help stores with complex shipping needs. In simple stores this addition will be transparent. For most stores, this change should be transparent. Shipping a shipment will create a 1:1 carton.

We added a whole lot of improvements to the stock transfer feature set, including improved admin for which stock locations the inventory is being transferred between, automatic stock quantity handling, better product search, more data capture, and blind receiving of stock transfers at the warehouse to promote assurance of correct product received.

Stock can now be managed at a per-stock-location level in addition to a per-product level. Additionally, it is far easier to search for and filter products, as well as change stock quantities at specific stock locations. Restrictions can also be put in place to only allow certain users to access or manage certain stock locations.

A single promotion can now have many unique codes. Previous versions only allowed a single code per promotion. This allows reusing promotion rules and actions without having to duplicate the promotion. Each individual code has it's own usage limit and is dynamically generated with a user specified prefix. (e.g. base_owgklx)

Adjustment Reasons are categorizations of why an adjustment occurred. This can help with data reporting, accounting, and business intelligence around why adjustments are occurring to orders.

Similar to Adjustment Reasons, Return Reasons provide an extra level of information around why returns occur.

There are times when orders are unable to be completely fulfilled, or where the customer changes their mind about receiving a product. For this purpose, Item Cancellations were introduced, which can adjust order totals before a shipment occurs, and even change the amount that you use to calculate tax or to charge with your payment provider if you capture payment at dispatch.

A new OrderPromotion model records that a promotion has been applied to an order, allowing item-level promotions to apply to line items or shipments added later to the order.

Removes the spree command, which was an alternative way to add Spree to a new Rails app. We've removed this in favour of the normal installation generator.

Configuration

Spree::Config settings can now be hard-coded during initialization to avoid storing to and fetching from the database. This is recommended and the default for newly generated stores.

  # in config/initializers/solidus.rb
  Spree.config do |config|
    config.use_static_preferences!
    config.currency = "USD"
  end

An interface has been added to configure credentials statically which can be referenced . This avoids storing credentials in the database and can be used to instead fetch them from ENV or from yaml.

  config.static_model_preferences.add(
    Spree::Gateway::StripeGateway,
    'stripe_env_credentials',
    secret_key: ENV['STRIPE_SECRET_KEY'],
    publishable_key: ENV['STRIPE_PUBLISHABLE_KEY'],
    server: Rails.env.production? ? 'production' : 'test',
    test: !Rails.env.production?
  )

Permissions have been grouped together into components, and can be tied to database roles without needing to override the Cancancan ability.

  Spree::RoleConfiguration.configure do |config|
    config.assign_permissions :customer_service, [
      Spree::PermissionSets::OrderDisplay,
      Spree::PermissionSets::UserDisplay,
      Spree::PermissionSets::ProductDisplay
    ]
  end

API

Exceptions should rarely be rescued, Jon Yurek has an excellent explanation of StandardError on the thoughtbot blog. In the future we'd like to remove this catch-all rescue entirely.

In JavaScript we've added the Spree.ajax method, which behaves similarly to jQuery.ajax, but handles the detail of setting the X-Spree-Token header.

Backend

Spree alerts was a system which queried an external service on all API pages in order to deliver security updates or other news. This was a bad unneeded system which had a habit of breaking the entire admin.

We recommend subscribing to the solidus-security mailing list.

Previously Spree::Config held several settings to control how monetary amounts were displayed. These had incorrect defaults for many currencies and had a sizeable performance impact.

This has been removed in favour of using the RubyMoney defaults.

In conjunction with the configurable role permissions, we've added authorization checks around links that would require additional permissions in the admin.

Misc

Bugfixes

Cleanup

Housekeeping

We've made some changes that make developing Solidus a better experience, but don't directly affect stores using it.


Tumblr n3860pifpj1trbh6do1 400