caboose-cms 0.5.162 → 0.5.163

data/app/assets/stylesheets/caboose/my_account_edit_order.css.scss

@@ -0,0 +1,119 @@
+
+table.order { 
+  border-collapse: collapse;
+  margin-bottom: 20px;
+  th { margin: 0; padding: 10px; border: #000 0px solid; font-weight: bold; text-align: center; }
+  td { 
+    margin: 0; 
+    padding: 10px; 
+    border: #000 1px solid; 
+    vertical-align: top; 
+    img { float: left; margin-right: 10px; }
+    .package_header { font-weight: bold; text-align: center; border: 0; }
+    .totals_header { font-weight: bold; text-align: center; border: 0; }
+    .line_item_unit_price { text-align: right; }
+    .line_item_quantity { text-align: right; }
+    .line_item_subtotal { text-align: right; }
+  }
+  tr.totals_row td { text-align: right; }
+}
+
+table.shipping_address td,
+table.billing_address td {
+  padding: 0 !important; 
+  margin: 0 !important; 
+  border: 0 !important; 
+}
+
+p { margin-bottom: 10px; }
+
+#payment_form {
+  margin: 0 0 20px 0;
+  padding: 0;
+  background: #EFEFEF;
+  -webkit-border-radius: 5px;
+  -moz-border-radius: 5px;
+  -ms-border-radius: 5px;
+  -o-border-radius: 5px;
+  border-radius: 5px;
+  border: 1px solid #d8d8d8;
+  
+  h2 { margin: 0; padding: 20px; }
+  
+  .field {
+    border-bottom: 1px solid #d8d8d8;
+    width: 100%;
+    padding: 10px 2%;
+    &::after {
+      content: "."; 
+      visibility: hidden; 
+      display: block; 
+      height: 0; 
+      clear: both;
+    }
+    &:last-of-type { border-bottom: 0; }
+    .field-text {
+      float: left;
+      font-size: 14px;
+      color: #000;
+      line-height: 31px;
+    }
+    &#credit-card { 
+      background: #fff; 
+      -webkit-border-top-left-radius: 5px;
+      -webkit-border-top-right-radius: 5px;
+      -moz-border-radius-topleft: 5px;
+      -moz-border-radius-topright: 5px;
+      border-top-left-radius: 5px;
+      border-top-right-radius: 5px;
+      .icons {
+        float: right;
+        width: 120px;
+        position: relative;
+        top: 5px;
+      }
+    }
+    &#card-number {
+      .field-text {
+        width: 20%;
+      }
+      input[type="text"] {
+        background: transparent;
+        font-size: 15px;
+        border-width: 0;
+        outline-width: 0;
+        height: auto;
+      }
+      .icons {
+        width: 20px;
+        float: right;
+        position: relative;
+        top: 7px;
+      }
+    }
+    &#expiry {
+      padding: 15px 2% 5px 2%;
+      .field-text {
+        width: 20%;
+        position: relative;
+        bottom: 3px;
+      }
+      select {
+        &#month {
+          width: 20%;
+          min-width: 100px;
+        }
+        &#year {
+          width: 20%;
+          min-width: 100px;
+        }
+      }
+    }
+  }
+  iframe { display: none }
+
+  #payment_confirm {
+    margin: 20px;
+        
+  }    
+}

data/app/controllers/caboose/billing_addresses_controller.rb

@@ -45,6 +45,61 @@ module Caboose
       resp.success = save && sa.save      
       render :json => resp
     end
+    
+    #===========================================================================
+    
+    # GET /my-account/orders/:order_id/billing-address/json
+    def my_account_json
+      return if !logged_in?    
+      order = Order.find(params[:order_id])      
+      if order.customer_id != logged_in_user.id        
+        render :json => { :error => "The given order does not belong to you." } 
+        return
+      end
+      render :json => order.billing_address      
+    end
+    
+    # PUT /my-account/orders/:order_id/billing-address
+    def my_account_update
+      return if !logged_in?
+      
+      resp = Caboose::StdClass.new
+      order = Order.find(params[:order_id])
+      if order.customer_id != logged_in_user.id        
+        render :json => { :error => "The given order does not belong to you." } 
+        return
+      end                
+      
+      sa = order.billing_address      
+      if sa.nil?
+        sa = Address.create
+        order.billing_address_id = sa.id
+        order.save
+      end
+      
+      save = true    
+      params.each do |name, value|
+        case name          
+          when 'name'           then sa.name          = value          
+          when 'first_name'     then sa.first_name    = value
+          when 'last_name'      then sa.last_name     = value
+          when 'street'         then sa.street        = value
+          when 'address1'       then sa.address1      = value
+          when 'address2'       then sa.address2      = value
+          when 'company'        then sa.company       = value
+          when 'city'           then sa.city          = value
+          when 'state'          then sa.state         = value
+          when 'province'       then sa.province      = value
+          when 'province_code'  then sa.province_code = value
+          when 'zip'            then sa.zip           = value
+          when 'country'        then sa.country       = value
+          when 'country_code'   then sa.country_code  = value
+          when 'phone'          then sa.phone         = value
+        end
+      end
+      resp.success = save && sa.save      
+      render :json => resp
+    end
         
   end
 end

data/app/controllers/caboose/line_items_controller.rb

@@ -127,11 +127,19 @@ module Caboose
         vars << "%#{str}%"
       end      
       where = where.join(' and ')
-      query = ["select id, title from store_products where #{where} order by title limit 20"]
+      query = ["select id, title, option1, option2, option3 from store_products where #{where} order by title limit 20"]
       vars.each{ |v| query << v }
       
       rows = ActiveRecord::Base.connection.select_rows(ActiveRecord::Base.send(:sanitize_sql_array, query))
-      arr = rows.collect{ |row| { :id => row[0], :title => row[1] }}
+      arr = rows.collect do |row|
+        has_options = row[2] || row[3] || row[4] ? true : false
+        variant_id = nil
+        if !has_options
+          v = Variant.where(:product_id => row[0].to_i, :status => 'Active').first
+          variant_id = v.id if v
+        end          
+        { :id => row[0], :title => row[1], :variant_id => variant_id }
+      end        
       render :json => arr
     end
         

data/app/controllers/caboose/my_account_orders_controller.rb

@@ -1,6 +1,8 @@
 module Caboose
   class MyAccountOrdersController < Caboose::ApplicationController
             
+    helper :authorize_net
+    
     # GET /my-account/orders
     def index
       return if !logged_in?
@@ -27,43 +29,121 @@ module Caboose
         @error = "The given order does not belong to you."
         render :file => 'caboose/extras/error'
         return
-      end      
+      end
+
+      if @order.financial_status == Order::FINANCIAL_STATUS_PENDING
+        
+        sc = @site.store_config
+        case sc.pp_name
+          when 'authorize.net'
+                        
+            @sim_transaction = AuthorizeNet::SIM::Transaction.new(
+              sc.pp_username, 
+              sc.pp_password, 
+              @order.total,                          
+              :relay_response => 'TRUE',              
+              :relay_url => "#{sc.pp_relay_domain}/my-account/orders/authnet-relay",
+              :transaction_type => 'AUTH_ONLY',                        
+              :test => sc.pp_testing
+            )
+            @request = request
+            @show_relay = params[:show_relay] && params[:show_relay].to_i == 1
+            
+          when 'stripe'
+            # TODO: Implement manual order payment for stripe
+            
+        end
+      end
+      
     end
-     # GET /my-account
-    def my_account
+    
+    # GET /my-account/orders/:id/json
+    def order_json
       return if !logged_in?
-      @user = logged_in_user
-      render :layout => 'caboose/modal'
+      
+      order = Order.find(params[:id])
+      if order.customer_id != logged_in_user.id        
+        render :json => { :error => "The given order does not belong to you." } 
+        return
+      end
+      
+      if order.shipping_address_id.nil?
+        sa = Address.create
+        order.shipping_address_id = sa.id
+        order.save
+      end
+      render :json => order.as_json(:include => [        
+        { :line_items => { :include => { :variant => { :include => :product }}}},
+        { :order_packages => { :include => [:shipping_package, :shipping_method] }},
+        { :discounts => { :include => :gift_card }},
+        :customer,
+        :shipping_address,
+        :billing_address,
+        :order_transactions
+      ])
     end
     
-    # PUT /my-account
-    def update_my_account  
-      return if !logged_in?
+    # POST /my-account/orders/authnet-relay
+    def authnet_relay
+      Caboose.log("Authorize.net relay for my account, order #{params[:x_invoice_id]}")
       
-      resp = StdClass.new     
-      user = logged_in_user
+      order = Caboose::Order.find(params[:x_invoice_num])
+      ot = Caboose::OrderTransaction.new(
+        :order_id => order.id,
+        :date_processed => DateTime.now.utc,
+        :transaction_type => Caboose::OrderTransaction::TYPE_AUTHORIZE
+      )
+      ot.success        = params[:x_response_code] && params[:x_response_code] == '1'
+      ot.transaction_id = params[:x_trans_id] if params[:x_trans_id]              
+      ot.auth_code      = params[:x_auth_code] if params[:x_auth_code]
+      ot.response_code  = params[:x_response_code] if params[:x_response_code]
+      ot.amount         = order.total
+      ot.save
+      
+      error = nil
+      if ot.success
+        order.financial_status = Order::FINANCIAL_STATUS_AUTHORIZED
+        order.status = Order::STATUS_PENDING if order.status == Order::STATUS_CART
+        order.order_number = @site.store_config.next_order_number if order.order_number.nil?
+        
+        # Send out emails        
+        OrdersMailer.configure_for_site(@site.id).customer_new_order(order).deliver                
+        
+        # Emit order event
+        Caboose.plugin_hook('order_authorized', order)        
+      else
+        order.financial_status = Order::FINANCIAL_STATUS_PENDING        
+        error = "There was a problem processing your payment."
+      end
+            
+      order.save
+      
+      @url = params[:x_after_relay]
+      @url << (ot.success ? "?success=1" : "?error=#{error}")             
+                  
+      render :layout => false
+    end
     
-      save = true
-      params.each do |name,value|
-        case name
-    	  	when "first_name", "last_name", "username", "email", "phone"
-    	  	  user[name.to_sym] = value
-    	  	when "password"			  
-    	  	  confirm = params[:confirm]
-    	  		if (value != confirm)			
-    	  		  resp.error = "Passwords do not match.";
-    	  		  save = false
-    	  		elsif (value.length < 8)
-    	  		  resp.error = "Passwords must be at least 8 characters.";
-    	  		  save = false
-    	  		else
-    	  		  user.password = Digest::SHA1.hexdigest(Caboose::salt + value)
-    	  		end    	  	    		  
-    	  end
-    	end
-    	
-    	resp.success = save && user.save
-    	render json: resp
-    end        
+    # GET  /my-account/orders/:id/authnet-response
+    # POST /my-account/orders/:id/authnet-response    
+    def authnet_response
+      Caboose.log("Authorize.net response for my account, order #{params[:id]}")
+      
+      @resp = Caboose::StdClass.new
+      @resp.success = true if params[:success]
+      @resp.error = params[:error] if params[:error]
+      
+      # Go ahead and capture funds if the order only contained downloadable items
+      @order = Order.find(params[:id])
+      if !@order.has_shippable_items?
+        capture_resp = @order.capture_funds
+        if capture_resp.error
+          @resp.success = false
+          @resp.error = capture_resp.error
+        end        
+      end      
+      render :layout => false
+    end
+            
   end
 end

data/app/controllers/caboose/orders_controller.rb

@@ -45,7 +45,8 @@ module Caboose
       order = Order.create(
         :site_id => @site.id,
         :status => Order::STATUS_PENDING,                          
-        :financial_status => Order::FINANCIAL_STATUS_PENDING
+        :financial_status => Order::FINANCIAL_STATUS_PENDING,
+        :order_number => @site.store_config.next_order_number
       )    
       render :json => { :sucess => true, :redirect => "/admin/orders/#{order.id}" }
     end
@@ -61,103 +62,19 @@ module Caboose
     # GET /admin/orders/:id/capture
     def capture_funds
       return if !user_is_allowed('orders', 'edit')
-      
-      #resp = Caboose::StdClass.new
+           
       order = Order.find(params[:id])
       resp = order.capture_funds
       
-      #t = OrderTransaction.where(:order_id => order.id, :transaction_type => OrderTransaction::TYPE_AUTHORIZE, :success => true).first
-      #      
-      #if order.financial_status == Order::FINANCIAL_STATUS_CAPTURED
-      #  resp.error = "Funds for this order have already been captured."    
-      #elsif order.total > t.amount
-      #  resp.error = "The order total exceeds the authorized amount."
-      #elsif t.nil?
-      #  resp.error = "This order doesn't seem to be authorized."
-      #else
-      #                  
-      #  sc = @site.store_config
-      #  case sc.pp_name
-      #    when 'authorize.net'
-      #      transaction = AuthorizeNet::AIM::Transaction.new(sc.pp_username, sc.pp_password)
-      #      response = transaction.prior_auth_capture(t.transaction_id, order.total)
-      #                  
-      #      order.update_attribute(:financial_status, Order::FINANCIAL_STATUS_CAPTURED)
-      #      resp.success = 'Captured funds successfully'
-      #
-      #      ot = Caboose::OrderTransaction.new(
-      #        :order_id => order.id,
-      #        :date_processed => DateTime.now.utc,
-      #        :transaction_type => Caboose::OrderTransaction::TYPE_CAPTURE
-      #      )
-      #      ot.success        = response.response_code && response.response_code == '1'            
-      #      ot.transaction_id = response.transaction_id
-      #      ot.auth_code      = response.authorization_code
-      #      ot.response_code  = response.response_code
-      #      ot.amount         = order.total
-      #      ot.save
-      #
-      #    when 'payscape'
-      #      # TODO: Implement capture funds for payscape
-      #
-      #  end
-      #    
-      #  #if (order.discounts.any? && order.total < order.discounts.first.amount_current) || PaymentProcessor.capture(order)
-      #  #  order.financial_status = 'captured'
-      #  #  order.save
-      #  #  
-      #  #  if order.discounts.any?
-      #  #    order.update_attribute(:amount_discounted, order.discounts.first.amount_current)
-      #  #    order.update_gift_cards
-      #  #  end
-      #  #  
-      #  #  response.success = "Captured funds successfully"
-      #  #else
-      #  #  response.error = "Error capturing funds."
-      #  #end
-      #  
-      #end
-      
       render :json => resp
     end
     
     # GET /admin/orders/:id/void
     def admin_void
       return if !user_is_allowed('orders', 'edit')
-      
-      resp = Caboose::StdClass.new      
+            
       order = Order.find(params[:id])
-      t = OrderTransaction.where(:order_id => order.id, :transaction_type => OrderTransaction::TYPE_AUTHORIZE, :success => true).first
-      
-      if order.financial_status == Order::FINANCIAL_STATUS_CAPTURED
-        resp.error = "This order has already been captured, you will need to refund instead"
-      elsif t.nil?
-        resp.error = "This order doesn't seem to be authorized."
-      else
-                
-        sc = @site.store_config
-        case sc.pp_name
-          when 'authorize.net'        
-                    
-            response = AuthorizeNet::SIM::Transaction.new(
-              sc.pp_username, 
-              sc.pp_password,                      
-              order.total,
-              :transaction_type => OrderTransaction::TYPE_VOID,
-              :transaction_id => t.transaction_id
-            )                    
-            order.update_attributes(
-              :financial_status => Order::FINANCIAL_STATUS_VOIDED,
-              :status => Order::STATUS_CANCELED
-            )
-            order.save          
-            # TODO: Add the variant quantities ordered back        
-            resp.success = "Order voided successfully"
-          when 'payscape'
-            # TODO: Implement payscape void order
-        end
-        
-      end
+      resp = order.void
     
       render :json => resp
     end
@@ -166,75 +83,10 @@ module Caboose
     def admin_refund
       return if !user_is_allowed('orders', 'edit')
     
-      response = Caboose::StdClass.new({
-        'refresh' => nil,
-        'error' => nil,
-        'success' => nil
-      })
-    
       order = Order.find(params[:id])
-    
-      if order.financial_status != Order::FINANCIAL_STATUS_CAPTURED
-        response.error = "This order hasn't been captured yet, you will need to void instead"
-      else
-        if PaymentProcessor.refund(order)
-          order.update_attributes(
-            :financial_status => Order::FINANCIAL_STATUS_REFUNDED,
-            :status => Order::STATUS_CANCELED
-          )
-          
-          response.success = 'Order refunded successfully'
-        else
-          response.error = 'Error refunding order'
-        end
-        
-        #if order.calculate_net < (order.amount_discounted || 0) || PaymentProcessor.refund(order)
-        #  order.financial_status = 'refunded'
-        #  order.status = 'refunded'
-        #  order.save
-        #  
-        #  if order.discounts.any?
-        #    discount = order.discounts.first
-        #    amount_to_refund = order.calculate_net < order.amount_discounted ? order.calculate_net : order.amount_discounted
-        #    discount.update_attribute(:amount_current, amount_to_refund + discount.amount_current)
-        #  end
-        #  
-        #  response.success = "Order refunded successfully"
-        #else
-        #  response.error = "Error refunding order."
-        #end
-      end
-    
-      render json: response
+      resp = order.refund 
       
-      # return if !user_is_allowed('orders', 'edit')
-      #     
-      # response = Caboose::StdClass.new({
-      #   'refresh' => nil,
-      #   'error' => nil,
-      #   'success' => nil
-      # })
-      #     
-      # order = Order.find(params[:id])
-      #     
-      # if order.financial_status != 'captured'
-      #   response.error = "This order hasn't been captured yet, you will need to void instead"
-      # else
-      #   if PaymentProcessor.refund(order)
-      #     order.financial_status = 'refunded'
-      #     order.status = 'refunded'
-      #     order.save
-      #     
-      #     # Add the variant quantities ordered back
-      #     order.cancel
-      #     
-      #     response.success = "Order refunded successfully"
-      #   else
-      #     response.error = "Error refunding order."
-      #   end
-      # end
-      #     
-      # render :json => response
+      render :json => resp            
     end
     
     # POST /admin/orders/:id/resend-confirmation
@@ -258,6 +110,7 @@ module Caboose
       render :json => order.as_json(:include => [        
         { :line_items => { :include => { :variant => { :include => :product }}}},
         { :order_packages => { :include => [:shipping_package, :shipping_method] }},
+        { :discounts => { :include => :gift_card }},
         :customer,
         :shipping_address,
         :billing_address,
@@ -317,43 +170,7 @@ module Caboose
       })
     end
 
-    # GET /admin/orders/:id/refund
-    # def refund
-    #   return if !user_is_allowed('orders', 'edit')
-    # 
-    #   response = Caboose::StdClass.new({
-    #     'refresh' => nil,
-    #     'error' => nil,
-    #     'success' => nil
-    #   })
-    # 
-    #   order = Order.find(params[:id])
-    # 
-    #   if order.financial_status != 'captured'
-    #     response.error = "This order hasn't been captured yet, you will need to void instead"
-    #   else
-    #     ap order.total
-    #     ap order.amount_discounted
-    #     
-    #     if order.total < order.amount_discounted || PaymentProcessor.refund(order)
-    #       order.financial_status = 'refunded'
-    #       order.status = 'refunded'
-    #       order.save
-    #       
-    #       discount = order.discounts.first
-    #       ap '==========================='
-    #       ap order.amount_discounted + discount.amount_current
-    #       ap '==========================='
-    #       discount.update_attribute(:amount_current, order.amount_discounted + discount.amount_current) if order.discounts.any?
-    #       
-    #       response.success = "Order refunded successfully"
-    #     else
-    #       response.error = "Error refunding order."
-    #     end
-    #   end
-    # 
-    #   render json: response
-    # end
+    
 
     # GET /admin/orders/status-options
     def admin_status_options