Remove support for rails 4

.travis.yml

@@ -4,7 +4,3 @@ sudo: false
 
 rvm:
   - 2.3.1
-
-gemfile:
-  - Gemfile.rails40
-  - Gemfile.rails50

README.md

@@ -15,7 +15,7 @@ Table of Contents
 * [**Quickstart**](#quickstart)
 * [**Becoming a Shopify App Developer**](#becoming-a-shopify-app-developer)
 * [**Installation**](#installation)
-  * [Rails 5](#rails-5)
+  * [Rails Compatibility](#rails-compatibility)
 * [**Generators**](#generators)
  * [Default Generator](#default-generator)
  * [Install Generator](#install-generator)
@@ -94,14 +94,9 @@ $ bundle install
 Now we are ready to run any of the shopify_app generators. The following section explains the generators and what they can do.
 
 
-#### Rails 5
+#### Rails Compatibility
 
-shopify_app is compatible with Rails 5 but since the latest ActiveResource release (4.1) is locked on Rails 4.x, you'll need to use the unreleased master version:
-
-```ruby
-gem 'shopify_app'
-gem 'activeresource', github: 'rails/activeresource'
-```
+The lastest version of shopify_app is compatible with Rails `>= 5`. Use version `<= v7.2.8` if you need to work with Rails 4.
 
 
 Generators

lib/shopify_app/app_proxy_verification.rb

@@ -3,12 +3,7 @@ module AppProxyVerification
     extend ActiveSupport::Concern
 
     included do
-      if Rails.version >= '5.0'
-        skip_before_action :verify_authenticity_token, raise: false
-      else
-        skip_before_action :verify_authenticity_token
-      end
-
+      skip_before_action :verify_authenticity_token, raise: false
       before_action :verify_proxy_request
     end
 

lib/shopify_app/webhook_verification.rb

@@ -3,12 +3,7 @@ module WebhookVerification
     extend ActiveSupport::Concern
 
     included do
-      if Rails.version >= '5.0'
-        skip_before_action :verify_authenticity_token, raise: false
-      else
-        skip_before_action :verify_authenticity_token
-      end
-
+      skip_before_action :verify_authenticity_token, raise: false
       before_action :verify_request
     end
 

shopify_app.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
 
   s.required_ruby_version = ">= 2.2.2"
 
-  s.add_runtime_dependency('rails', '>= 4.2.6')
+  s.add_runtime_dependency('rails', '>= 5.0.0')
   s.add_runtime_dependency('shopify_api', '>= 4.3.2')
   s.add_runtime_dependency('omniauth-shopify-oauth2', '~> 1.1.11')
 

test/controllers/sessions_controller_test.rb

@@ -19,14 +19,14 @@ class SessionsControllerTest < ActionController::TestCase
     test "#new should authenticate the shop if a valid shop param exists" do
       ShopifyApp.configuration.embedded_app = true
       shopify_domain = 'my-shop.myshopify.com'
-      get :new, shop: 'my-shop'
+      get :new, params: { shop: 'my-shop' }
       assert_redirected_to_authentication(shopify_domain, response)
     end
 
     test "#new should authenticate the shop if a valid shop param exists non embedded" do
       ShopifyApp.configuration.embedded_app = false
       auth_url = '/auth/shopify?shop=my-shop.myshopify.com'
-      get :new, shop: 'my-shop'
+      get :new, params: { shop: 'my-shop' }
       assert_redirected_to auth_url
     end
 
@@ -35,7 +35,7 @@ class SessionsControllerTest < ActionController::TestCase
       previously_logged_in_shop_id = 1
       session[:shopify] = previously_logged_in_shop_id
       new_shop_domain = "new-shop.myshopify.com"
-      get :new, shop: new_shop_domain
+      get :new, params: { shop: new_shop_domain }
       assert_redirected_to_authentication(new_shop_domain, response)
     end
 
@@ -47,7 +47,7 @@ class SessionsControllerTest < ActionController::TestCase
 
     test "#new should render a full-page if the shop param value is not a shop" do
       non_shop_address = "example.com"
-      get :new, shop: non_shop_address
+      get :new, params: { shop: non_shop_address }
       assert_response :ok
       assert_match %r{Shopify App — Installation}, response.body
     end
@@ -56,7 +56,7 @@ class SessionsControllerTest < ActionController::TestCase
       test "#create should authenticate the shop for the URL (#{good_url})" do
         ShopifyApp.configuration.embedded_app = true
         shopify_domain = 'my-shop.myshopify.com'
-        post :create, shop: good_url
+        post :create, params: { shop: good_url }
         assert_redirected_to_authentication(shopify_domain, response)
       end
     end
@@ -66,14 +66,14 @@ class SessionsControllerTest < ActionController::TestCase
         ShopifyApp.configuration.embedded_app = true
         ShopifyApp.configuration.myshopify_domain = 'myshopify.io'
         shopify_domain = 'my-shop.myshopify.io'
-        post :create, shop: good_url
+        post :create, params: { shop: good_url }
         assert_redirected_to_authentication(shopify_domain, response)
       end
     end
 
     ['myshop.com', 'myshopify.com', 'shopify.com', 'two words', 'store.myshopify.com.evil.com', '/foo/bar'].each do |bad_url|
       test "#create should return an error for a non-myshopify URL (#{bad_url})" do
-        post :create, shop: bad_url
+        post :create, params: { shop: bad_url }
         assert_response :redirect
         assert_redirected_to '/'
       end
@@ -87,33 +87,33 @@ class SessionsControllerTest < ActionController::TestCase
     test '#callback should have a success flash message' do
       mock_shopify_omniauth
 
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
       assert_equal flash[:notice], 'Logged In'
     end
 
     test '#callback should have a success flash message in Spanish' do
       I18n.locale = :es
       mock_shopify_omniauth
 
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
       assert_equal flash[:notice], 'Has iniciado sesión'
     end
 
     test '#callback should flash error when omniauth is not present' do
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
       assert_equal flash[:error], 'Could not log in to Shopify store'
     end
 
     test '#callback should flash error in Spanish' do
       I18n.locale = :es
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
       assert_equal flash[:error], 'No se pudo iniciar sesión en tu tienda de Shopify'
     end
 
     test "#callback should setup a shopify session" do
       mock_shopify_omniauth
 
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
       assert_not_nil session[:shopify]
       assert_equal 'shop.myshopify.com', session[:shopify_domain]
     end
@@ -126,7 +126,7 @@ class SessionsControllerTest < ActionController::TestCase
       ShopifyApp::WebhooksManager.expects(:queue)
 
       mock_shopify_omniauth
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
     end
 
     test "#callback doesn't run the WebhooksManager if no webhooks are configured" do
@@ -137,7 +137,7 @@ class SessionsControllerTest < ActionController::TestCase
       ShopifyApp::WebhooksManager.expects(:queue).never
 
       mock_shopify_omniauth
-      get :callback, shop: 'shop'
+      get :callback, params: { shop: 'shop' }
     end
 
     test "#destroy should clear shopify from session and redirect to login with notice" do

test/integration/webhooks_controller_test.rb

@@ -37,7 +37,7 @@ class WebhooksControllerTest < ActionDispatch::IntegrationTest
     private
 
     def send_webhook(name, data)
-      post shopify_app.webhooks_path(name), data, {'HTTP_X_SHOPIFY_SHOP_DOMAIN' => 'test.myshopify.com'}
+      post shopify_app.webhooks_path(name), params: data, headers: {'HTTP_X_SHOPIFY_SHOP_DOMAIN' => 'test.myshopify.com'}
     end
   end
 end

test/shopify_app/app_proxy_verification_test.rb

@@ -35,17 +35,29 @@ class AppProxyVerificationTest < ActionController::TestCase
     assert query_string_valid? 'shop=some-random-store.myshopify.com&path_prefix=%2Fapps%2Fmy-app&timestamp=1466106083&foo=bar&baz[1]&baz[2]=b&baz[c[0]]=whatup&baz[c[1]]=notmuch&signature=bbf3aa60e098f08919a2ea4c64a388414f164e6a117a63b03479ac7aa9464b4f'
   end
 
-  test 'request_should_fail' do
+  test 'request with invalid signature should fail' do
     with_test_routes do
-      get(:basic, shop: 'some-random-store.myshopify.com', path_prefix: '/apps/my-app', timestamp: '1466106083', signature: 'wrong233558b1c50102a6f33c0b63ad1e1072a2fc126cb58d4500f75223cefcd')
-      assert_response(:unauthorized)
+      invalid_params = {
+        shop: 'some-random-store.myshopify.com',
+        path_prefix: '/apps/my-app',
+        timestamp: '1466106083',
+        signature: 'wrong233558b1c50102a6f33c0b63ad1e1072a2fc126cb58d4500f75223cefcd'
+      }
+      get :basic, params: invalid_params
+      assert_response :unauthorized
     end
   end
 
-  test 'request_should_pass' do
+  test 'request with a valid signature should pass' do
     with_test_routes do
-      get(:basic, shop: 'some-random-store.myshopify.com', path_prefix: '/apps/my-app', timestamp: '1466106083', signature: 'f5cd7233558b1c50102a6f33c0b63ad1e1072a2fc126cb58d4500f75223cefcd')
-      assert_response(:ok)
+      valid_params = {
+        shop: 'some-random-store.myshopify.com',
+        path_prefix: '/apps/my-app',
+        timestamp: '1466106083',
+        signature: 'f5cd7233558b1c50102a6f33c0b63ad1e1072a2fc126cb58d4500f75223cefcd'
+      }
+      get :basic, params: valid_params
+      assert_response :ok
     end
   end
 

test/shopify_app/localization_test.rb

@@ -8,39 +8,39 @@ class LocalizationController < ActionController::Base
   before_action :set_locale
 
   def index
-    render text: I18n.locale
+    head :ok
   end
 end
 
 class LocalizationTest < ActionController::TestCase
   tests LocalizationController
 
-  test "falls back to I18n.default if locale param is not present" do
+  setup do
     I18n.available_locales = [:en, :de, :es, :ja, :fr]
+  end
+
+  test "falls back to I18n.default if locale param is not present" do
     I18n.default_locale = :ja
 
     with_test_routes do
       get :index
-      assert 'ja', response.body
+      assert_equal :ja, I18n.locale
     end
   end
 
   test "set I18n.locale to passed locale param" do
-    I18n.available_locales = [:en, :de, :es, :ja, :fr]
-
     with_test_routes do
-      get :index, locale: 'de'
-      assert 'de', response.body
+      get :index, params: { locale: 'de' }
+      assert_equal :de, I18n.locale
     end
   end
 
   test "falls back to I18n.default if locale is not supported" do
-    I18n.available_locales = [:en, :de, :es, :ja, :fr]
     I18n.default_locale = :en
 
     with_test_routes do
-      get :index, locale: 'cu'
-      assert 'en', response.body
+      get :index, params: { locale: 'invalid_locale' }
+      assert_equal :en, I18n.locale
     end
   end
 

test/shopify_app/login_protection_test.rb

@@ -67,7 +67,7 @@ class LoginProtectionTest < ActionController::TestCase
       session[:shopify_domain] = "foobar"
       sess = stub(url: 'https://foobar.myshopify.com')
       ShopifyApp::SessionRepository.expects(:retrieve).returns(sess).once
-      get :second_login, shop: 'other_shop'
+      get :second_login, params: { shop: 'other_shop' }
       assert_redirected_to @controller.send(:main_or_engine_login_url, shop: 'other_shop')
       assert_nil session[:shopify]
       assert_nil session[:shopify_domain]
@@ -76,36 +76,36 @@ class LoginProtectionTest < ActionController::TestCase
 
   test '#shopify_session with no Shopify session, redirects to the login url' do
     with_application_test_routes do
-      get :index, shop: 'foobar'
+      get :index, params: { shop: 'foobar' }
       assert_redirected_to @controller.send(:main_or_engine_login_url, shop: 'foobar')
     end
   end
 
   test '#shopify_session with no Shopify session, sets session[:return_to]' do
     with_application_test_routes do
-      get :index, shop: 'foobar'
+      get :index, params: { shop: 'foobar' }
       assert_equal '/?shop=foobar', session[:return_to]
     end
   end
 
   test '#shopify_session with no Shopify session, when the request is an XHR, returns an HTTP 401' do
     with_application_test_routes do
-      xhr :get, :index, shop: 'foobar'
+      get :index, params: { shop: 'foobar' }, xhr: true
       assert_equal 401, response.status
     end
   end
 
   test '#shopify_session when rescuing from unauthorized access, redirects to the login url' do
     with_application_test_routes do
-      get :raise_unauthorized, shop: 'foobar'
+      get :raise_unauthorized, params: { shop: 'foobar' }
       assert_redirected_to @controller.send(:main_or_engine_login_url, shop: 'foobar')
     end
   end
 
   test '#fullpage_redirect_to sends a post message to that shop in the shop param' do
     with_application_test_routes do
       example_shop = 'shop.myshopify.com'
-      get :redirect, shop: example_shop
+      get :redirect, params: { shop: example_shop }
       assert_fullpage_redirected(example_shop, response)
     end
   end

test/shopify_app/webhook_verification_test.rb

@@ -8,7 +8,7 @@ class WebhookVerificationController < ActionController::Base
 
   include ShopifyApp::WebhookVerification
 
-  def carts_update
+  def webhook_action
     head :ok
   end
 end
@@ -22,23 +22,22 @@ class WebhookVerificationTest < ActionController::TestCase
     end
   end
 
-  test "#carts_update should verify request" do
+  test "authorized requests should be successful" do
     with_application_test_routes do
-      data = {foo: :bar}.to_json
+      params = { foo: 'anything' }
       digest = OpenSSL::Digest.new('sha256')
       secret = ShopifyApp.configuration.secret
-      hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, data)).strip
-      @request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = hmac
-      post :carts_update, data
+      valid_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, params.to_query)).strip
+      @request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = valid_hmac
+      post :webhook_action, params: params
       assert_response :ok
     end
   end
 
   test "un-verified request returns unauthorized" do
     with_application_test_routes do
-      data = {foo: :bar}.to_json
       @request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = "invalid_hmac"
-      post :carts_update, data
+      post :webhook_action, params: { foo: anything }
       assert_response :unauthorized
     end
   end
@@ -48,7 +47,7 @@ class WebhookVerificationTest < ActionController::TestCase
   def with_application_test_routes
     with_routing do |set|
       set.draw do
-        post '/carts_update' => 'webhook_verification#carts_update'
+        post '/webhook_action' => 'webhook_verification#webhook_action'
       end
       yield
     end