Make Controller Helpers autoloadable

There's no real good reason to keep these files in lib and require them
on app startup. Let's put them in app/ and let Zeitwerk handle their
loading.

Author: mamhoff

core/app/helpers/spree/core/controller_helpers/auth.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'cancan'
+
+module Spree
+  module Core
+    module ControllerHelpers
+      module Auth
+        extend ActiveSupport::Concern
+
+        # @!attribute [rw] unauthorized_redirect
+        #   @!scope class
+        #   Extension point for overriding behaviour of access denied errors.
+        #   Default behaviour is to redirect back or to "/unauthorized" with a flash
+        #   message.
+        #   @return [Proc] action to take when access denied error is raised.
+
+        included do
+          before_action :set_guest_token
+          helper_method :spree_current_user
+
+          class_attribute :unauthorized_redirect
+          deprecate :unauthorized_redirect= => "Use a custom Spree::Config.unauthorized_redirect_handler_class instead", :deprecator => Spree.deprecator
+
+          rescue_from CanCan::AccessDenied, with: :handle_unauthorized_access
+        end
+
+        # Needs to be overriden so that we use Spree's Ability rather than anyone else's.
+        def current_ability
+          @current_ability ||= Spree::Ability.new(spree_current_user)
+        end
+
+        def redirect_back_or_default(default)
+          redirect_to(session["spree_user_return_to"] || default)
+          session["spree_user_return_to"] = nil
+        end
+
+        def set_guest_token
+          unless cookies.signed[:guest_token].present?
+            cookies.permanent.signed[:guest_token] = Spree::Config[:guest_token_cookie_options].merge(
+              value: SecureRandom.urlsafe_base64(nil, false),
+              httponly: true
+            )
+          end
+        end
+
+        def store_location
+          Spree::UserLastUrlStorer.new(self).store_location
+        end
+
+        # Auth extensions are expected to define it, otherwise it's a no-op
+        def spree_current_user
+          defined?(super) ? super : nil
+        end
+
+        def handle_unauthorized_access
+          if unauthorized_redirect
+            instance_exec(&unauthorized_redirect)
+          else
+            Spree::Config.unauthorized_redirect_handler_class.new(self).call
+          end
+        end
+      end
+    end
+  end
+end

core/app/helpers/spree/core/controller_helpers/common.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'carmen'
+
+module Spree
+  module Core
+    module ControllerHelpers
+      module Common
+        extend ActiveSupport::Concern
+        included do
+          helper_method :title
+          helper_method :title=
+          helper_method :accurate_title
+
+          layout :get_layout
+
+          before_action :set_user_language
+        end
+
+        protected
+
+        # can be used in views as well as controllers.
+        # e.g. <% self.title = 'This is a custom title for this view' %>
+        attr_writer :title
+
+        def title
+          title_string = @title.present? ? @title : accurate_title
+          if title_string.present?
+            if Spree::Config[:always_put_site_name_in_title]
+              [title_string, default_title].join(' - ')
+            else
+              title_string
+            end
+          else
+            default_title
+          end
+        end
+
+        def default_title
+          current_store.name
+        end
+
+        # this is a hook for subclasses to provide title
+        def accurate_title
+          current_store.seo_title
+        end
+
+        private
+
+        def set_user_language_locale_key
+          :locale
+        end
+
+        def set_user_language
+          available_locales = Spree.i18n_available_locales
+          locale = [
+            params[:locale],
+            session[set_user_language_locale_key],
+            (config_locale if respond_to?(:config_locale, true)),
+            I18n.default_locale
+          ].detect do |candidate|
+            candidate &&
+              available_locales.include?(candidate.to_sym)
+          end
+          session[set_user_language_locale_key] = locale
+          I18n.locale = locale
+          Carmen.i18n_backend.locale = locale
+        end
+
+        # Returns which layout to render.
+        #
+        # You can set the layout you want to render inside your Spree configuration with the +:layout+ option.
+        #
+        # Default layout is: +app/views/spree/layouts/spree_application+
+        #
+        def get_layout
+          Spree::Config[:layout]
+        end
+      end
+    end
+  end
+end

core/app/helpers/spree/core/controller_helpers/order.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+module Spree
+  module Core
+    module ControllerHelpers
+      module Order
+        extend ActiveSupport::Concern
+        include ControllerHelpers::Pricing
+
+        included do
+          helper_method :current_order
+        end
+
+        # The current incomplete order from the guest_token for use in cart and during checkout
+        def current_order(options = {})
+          should_create = options[:create_order_if_necessary] || false
+          should_build = options[:build_order_if_necessary] || should_create
+
+          return @current_order if @current_order
+
+          @current_order = find_order_by_token_or_user(lock: options[:lock])
+
+          if should_build && (@current_order.nil? || @current_order.completed?)
+            @current_order = Spree::Order.new(new_order_params)
+            @current_order.user ||= spree_current_user
+            # See issue https://github.com/spree/spree/issues/3346 for reasons why this line is here
+            @current_order.created_by ||= spree_current_user
+            @current_order.save! if should_create
+          end
+
+          if @current_order
+            @current_order.record_ip_address(ip_address)
+            return @current_order
+          end
+        end
+
+        def associate_user
+          @order ||= current_order
+          if spree_current_user && @order
+            @order.associate_user!(spree_current_user) if @order.user.blank? || @order.email.blank?
+          end
+        end
+
+        def set_current_order
+          if spree_current_user && current_order
+            spree_current_user.orders.by_store(current_store).incomplete.where('id != ?', current_order.id).find_each do |order|
+              current_order.merge!(order, spree_current_user)
+            end
+          end
+        end
+
+        def ip_address
+          request.remote_ip
+        end
+
+        private
+
+        def last_incomplete_order
+          @last_incomplete_order ||= spree_current_user.last_incomplete_spree_order(store: current_store)
+        end
+
+        def current_order_params
+          { currency: current_pricing_options.currency, guest_token: cookies.signed[:guest_token], store_id: current_store.id, user_id: spree_current_user.try(:id) }
+        end
+
+        def new_order_params
+          current_order_params.merge(last_ip_address: ip_address)
+        end
+
+        def find_order_by_token_or_user(options = {})
+          should_lock = options[:lock] || false
+
+          # Find any incomplete orders for the guest_token
+          order = Spree::Order.incomplete.lock(should_lock).find_by(current_order_params)
+
+          # Find any incomplete orders for the current user
+          if order.nil? && spree_current_user
+            order = last_incomplete_order
+          end
+
+          order
+        end
+      end
+    end
+  end
+end