caboose-cms 0.5.60 → 0.5.61

data/app/controllers/caboose/orders_controller.rb

@@ -6,6 +6,7 @@ module Caboose
       return if !user_is_allowed('orders', 'view')
       
       @pager = Caboose::PageBarGenerator.new(params, {
+        'site_id'              => @site.id,
         'customer_id'          => '', 
         'status'               => 'pending',
         'shipping_method_code' => '',

data/app/mailers/caboose/orders_mailer.rb

@@ -11,13 +11,15 @@ module Caboose
     # Sends a notification email to the fulfillment dept about a new order 
     def fulfillment_new_order(order)
       @order = order
-      mail(:to => Caboose::fulfillment_email, :subject => 'New Order')
+      sc = order.site.store_config
+      mail(:to => sc.fulfillment_email, :subject => 'New Order')
     end
     
     # Sends a notification email to the shipping dept that an order is ready to be shipped
     def shipping_order_ready(order)
       @order = order
-      mail(:to => Caboose::shipping_email, :subject => 'Order ready for shipping')
+      sc = order.site.store_config
+      mail(:to => sc.shipping_email, :subject => 'Order ready for shipping')
     end
     
     # Sends a notification email to the customer that the status of the order has been changed

data/app/models/caboose/authnet.rb

@@ -0,0 +1,140 @@
+
+module Caboose
+  class Authnet
+                         
+    # Sandbox URL:    https://apitest.authorize.net/xml/v1/request.api
+    # Production URL: https://api.authorize.net/xml/v1/request.api
+      
+    # Locker room
+    # 47G9Y5vvQt
+    # 4U6zLSj9u5V4Cq8B
+
+    # williambarry007
+    # API Login ID: 9qR2qa4ZWn
+    # Transaction Key: 386TLme2j8yp4BQy
+    # Secret Question: Simon
+    
+    # Repconnex
+    # api_login_id: 3a79FjaHV
+    # api_transaction_key: 3K4v7n423KvA5R9P
+
+    def self.create_customer_profile(store_config, user)      
+      params = {
+        "createCustomerProfileRequest" => {
+          "merchantAuthentication" => {
+            "name"           => '9qR2qa4ZWn', #store_config.pp_username,
+            "transactionKey" => '386TLme2j8yp4BQy', #store_config.pp_password
+          },
+          "profile" => {
+            "merchantCustomerId" => user.id,
+            "description"        => "#{user.first_name} #{user.last_name}",
+            "email"              => user.email            
+          }          
+        }
+      }            
+      resp = nil      
+      resp = HTTParty.post('https://apitest.authorize.net/xml/v1/request.api', 
+        :headers => { 'Content-Type' => 'application/json' }, 
+        :body => params.to_json,
+        :debug_output => $stdout
+      )
+      resp = JSON.parse(resp.body.to_s[1..-1])
+      Caboose.log(resp)
+      # See if we have a duplicate
+      if resp['messages'] && 
+         resp['messages']['resultCode'] && 
+         resp['messages']['resultCode'] == 'Error' && 
+         resp['messages']['message'][0]['code'] == 'E00039'
+        
+        Caboose.log("Error: duplicate customer profile.")
+        str = resp['messages']['message'][0]['text']
+        str.gsub!('A duplicate record with ID ', '')
+        str.gsub!(' already exists.', '')
+        user.customer_profile_id = str
+        user.save
+      end      
+      return user.customer_profile_id
+    end
+            
+    def self.hosted_profile_page_token(store_config, user)
+      params = {
+        "getHostedProfilePageRequest" => {
+          "merchantAuthentication" => {
+            "name"           => '9qR2qa4ZWn', #store_config.pp_username,
+            "transactionKey" => '386TLme2j8yp4BQy', #store_config.pp_password
+          },
+          "customerProfileId" => user.customer_profile_id,
+          "hostedProfileSettings" => {
+            "setting" => [
+              { "settingName" => "hostedProfileReturnUrl"         , "settingValue" => "https://google.com" },
+              { "settingName" => "hostedProfileReturnUrlText"     , "settingValue" => "Continue to confirmation page." },
+              { "settingName" => "hostedProfilePageBorderVisible" , "settingValue" => "true" }
+            ]
+          }
+        }
+      }
+      resp = nil      
+      resp = HTTParty.get('https://apitest.authorize.net/xml/v1/request.api', 
+        :headers => { 'Content-Type' => 'application/json' }, 
+        :body => params.to_json,
+        :debug_output => $stdout
+      )
+      resp = JSON.parse(resp.body.to_s[1..-1])
+      Caboose.log(resp)
+      if resp['messages'] && resp['messages']['resultCode'] && resp['messages']['resultCode'] == 'Ok'
+        return resp['token']
+      end
+      return nil         
+    end
+           
+    #def self.form_url(order=nil)
+    #  #if Rails.env == 'development'
+    #  'https://test.authorize.net/gateway/transact.dll'
+    #  #else
+    #  #  'https://secure.authorize.net/gateway/transact.dll'
+    #  #end
+    #end
+    #
+    #def self.authorize(order, params)
+    #  order.update_attribute(:transaction_id, params[:x_trans_id]) if params[:x_trans_id]
+    #  return params[:x_response_code] == '1'
+    #end
+    #
+    #def self.void(order)
+    #  response = AuthorizeNet::SIM::Transaction.new(
+    #    CabooseStore::authorize_net_login_id,
+    #    CabooseStore::authorize_net_transaction_key,
+    #    order.total,
+    #    :transaction_type => 'VOID',
+    #    :transaction_id => order.transaction_id
+    #  )
+    #  
+    #  ap response
+    #end
+    #
+    #def self.capture(order)
+    #  response = AuthorizeNet::SIM::Transaction.new(
+    #    CabooseStore::authorize_net_login_id,
+    #    CabooseStore::authorize_net_transaction_key,
+    #    order.total,
+    #    :transaction_type => 'CAPTURE_ONLY',
+    #    :transaction_id => order.transaction_id
+    #  )
+    #  
+    #  ap response
+    #end
+    #
+    #def self.refund(order)
+    #  response = AuthorizeNet::SIM::Transaction.new(
+    #    CabooseStore::authorize_net_login_id,
+    #    CabooseStore::authorize_net_transaction_key,
+    #    order.total,
+    #    :transaction_type => 'CREDIT',
+    #    :transaction_id => order.transaction_id
+    #  )
+    #  
+    #  ap response
+    #end
+    
+  end
+end

data/app/models/caboose/order.rb

@@ -196,6 +196,12 @@ module Caboose
     def shipping_and_handling
       (self.shipping ? self.shipping : 0.0) + (self.handling ? self.handling : 0.0)      
     end
+    
+    def item_count
+      count = 0
+      self.line_items.each{ |li| count = count + li.quantity } if self.line_items
+      return count
+    end
   end
 end
 

data/app/models/caboose/payment_processors/authorizenet.rb

@@ -1,13 +1,14 @@
 class Caboose::PaymentProcessors::Authorizenet < Caboose::PaymentProcessors::Base
+  
   def self.api(root, body, test=false)
   end
   
   def self.form_url(order=nil)
-    #if Rails.env == 'development'
-    'https://test.authorize.net/gateway/transact.dll'
-    #else
-    #  'https://secure.authorize.net/gateway/transact.dll'
-    #end
+    if Rails.env == 'development'
+      'https://test.authorize.net/gateway/transact.dll'
+    else
+      'https://secure.authorize.net/gateway/transact.dll'
+    end
   end
   
   def self.authorize(order, params)
@@ -16,38 +17,32 @@ class Caboose::PaymentProcessors::Authorizenet < Caboose::PaymentProcessors::Bas
   end
   
   def self.void(order)
+    sc = order.site.store_config
     response = AuthorizeNet::SIM::Transaction.new(
-      Caboose::authorize_net_login_id,
-      Caboose::authorize_net_transaction_key,
-      order.total,
+      sc.pp_username, sc.pp_password, order.total,
       :transaction_type => 'VOID',
       :transaction_id => order.transaction_id
-    )
-    
-    ap response
+    )    
+    #ap response
   end
   
   def self.capture(order)
+    sc = order.site.store_config
     response = AuthorizeNet::SIM::Transaction.new(
-      Caboose::authorize_net_login_id,
-      Caboose::authorize_net_transaction_key,
-      order.total,
+      sc.pp_username, sc.pp_password, order.total,
       :transaction_type => 'CAPTURE_ONLY',
       :transaction_id => order.transaction_id
-    )
-    
-    ap response
+    )    
+    #ap response
   end
   
   def self.refund(order)
+    sc = order.site.store_config
     response = AuthorizeNet::SIM::Transaction.new(
-      Caboose::authorize_net_login_id,
-      Caboose::authorize_net_transaction_key,
-      order.total,
+      sc.pp_username, sc.pp_password, order.total,
       :transaction_type => 'CREDIT',
       :transaction_id => order.transaction_id
-    )
-    
-    ap response
+    )    
+    #ap response
   end
 end

data/app/models/caboose/schema.rb

@@ -556,7 +556,9 @@ class Caboose::Schema < Caboose::Utilities::Schema
         [ :token                , :string     ],
         [ :date_created         , :datetime   ],
         [ :image                , :attachment ],
-        [ :is_guest             , :boolean    , { :default => false }]
+        [ :is_guest             , :boolean    , { :default => false }],
+        [ :customer_profile_id  , :string     ],
+        [ :payment_profile_id   , :string     ]
       ],
       Caboose::Variant => [
         [ :product_id            , :integer  ],

data/app/models/caboose/site.rb

@@ -24,4 +24,8 @@ class Caboose::Site < ActiveRecord::Base
     self.name = self.name.downcase.gsub(' ', '_')
   end
   
+  def primary_domain
+    Caboose::Domain.where(:site_id => self.id, :primary => true).first
+  end
+  
 end

data/app/views/caboose/checkout/#Untitled-2#

@@ -0,0 +1,41 @@
+"x_response_code"=>"3", 
+"x_response_reason_code"=>"8", 
+"x_response_reason_text"=>"(TESTMODE) The credit card has expired.", 
+"x_avs_code"=>"P", 
+"x_auth_code"=>"000000", 
+"x_trans_id"=>"0", 
+"x_method"=>"CC", 
+"x_card_type"=>"Visa", 
+"x_account_number"=>"XXXX1111", 
+"x_first_name"=>"", 
+"x_last_name"=>"", 
+"x_company"=>"", 
+"x_address"=>"", 
+"x_city"=>"", 
+"x_state"=>"", 
+"x_zip"=>"", 
+"x_country"=>"", 
+"x_phone"=>"", 
+"x_fax"=>"", 
+"x_email"=>"", 
+"x_invoice_num"=>"", 
+"x_description"=>"", 
+"x_type"=>"auth_only", 
+"x_cust_id"=>"", 
+"x_ship_to_first_name"=>"", 
+"x_ship_to_last_name"=>"", 
+"x_ship_to_company"=>"", 
+"x_ship_to_address"=>"", 
+"x_ship_to_city"=>"", 
+"x_ship_to_state"=>"", 
+"x_ship_to_zip"=>"", 
+"x_ship_to_country"=>"", 
+"x_amount"=>"105.56", 
+"x_tax"=>"0.00", 
+"x_duty"=>"0.00", 
+"x_freight"=>"0.00", 
+"x_tax_exempt"=>"FALSE", 
+"x_po_num"=>"", 
+"x_MD5_Hash"=>"CF7CC5EF1706C38812CF92C2A0EBE276", 
+"x_cvv2_resp_code"=>"", "x_cavv_response"=>"", "x_test_request"=>"true", "month"=>"01", "year"=>"14"}
+WARNING: Can't verify CSRF token authenticity

data/app/views/caboose/checkout/_confirm.html.erb

@@ -12,23 +12,23 @@
             <tr data-id="<%= li.id %>">
               <td valign='top'>
                 <% if li.variant.product_images.count > 0 %>              
-                  <figure style="background-image: url(<%= li.variant.product_images[0].image.url(:thumb) %>)"></figure>
+                  <img src="<%= li.variant.product_images[0].image.url(:thumb) %>" width="150" />
                 <% end %>                    
                 <p><%= li.title %></p>
               </td>
-              <td valign='top' align='right' class='qty'     ><%= li.quantity %></td>
-              <td valign='top' align='right' class='price'   ><%= number_to_currency(li.price, :precision => 2) %></td>
-              <td valign='top' align='right' class='subtotal'><%= number_to_currency(li.price, :precision => 2) %></td>
+              <td valign='top' align='right' class='qty'      style='text-align: right;'><%= li.quantity %></td>
+              <td valign='top' align='right' class='price'    style='text-align: right;'><%= number_to_currency(li.price, :precision => 2) %></td>
+              <td valign='top' align='right' class='subtotal' style='text-align: right;'><%= number_to_currency(li.price, :precision => 2) %></td>
             </tr>        
           <% end %>                  
-          <tr><td colspan='3' align='right'>Subtotal:            </td><td align='right'><%= number_to_currency(@order.subtotal, :precision => 2)                   %></td></tr>            
-          <tr><td colspan='3' align='right'>Shipping & Handling: </td><td align='right'><%= number_to_currency(@order.shipping + @order.handling, :precision => 2) %></td></tr>
+          <tr><td colspan='3' align='right' style='text-align: right;'>Subtotal:            </td><td align='right' style='text-align: right;'><%= number_to_currency(@order.subtotal, :precision => 2)                   %></td></tr>            
+          <tr><td colspan='3' align='right' style='text-align: right;'>Shipping & Handling: </td><td align='right' style='text-align: right;'><%= number_to_currency(@order.shipping + @order.handling, :precision => 2) %></td></tr>
           <% if @order.tax > 0 && @order.billing_address.state == 'AL' %>
-            <tr><td colspan='3' align='right'>Tax <small>(if in Alabama)</small>: </td><td align='right'><%= number_to_currency(@order.tax, :precision => 2) %></td></tr>
+            <tr><td colspan='3' align='right' style='text-align: right;'>Tax <small>(if in Alabama)</small>: </td><td align='right' style='text-align: right;'><%= number_to_currency(@order.tax, :precision => 2) %></td></tr>
           <% end %>      
-          <tr><td colspan='3' align='right'>Total:               </td><td align='right'><%= number_to_currency(@order.total, :precision => 2) %></td></tr>
+          <tr><td colspan='3' align='right' style='text-align: right;'>Total:               </td><td align='right' style='text-align: right;'><%= number_to_currency(@order.total, :precision => 2) %></td></tr>
         </table>
-      </section>
+      </section><br />
       <section id='shipping_address'>
         <% sa = @order.shipping_address %>        
         <address>
@@ -50,7 +50,7 @@
         <p><a href="/checkout/step-two">Edit billing address</a></p>
       </section>
       <section id='shipping_method'>
-        <p><%= @order.shipping_service_name %> - <%= number_to_currency(@order.shipping) %></p>
+        <p><%= @order.shipping_carrier %> <%= @order.shipping_service_name %> - <%= number_to_currency(@order.shipping) %></p>
         <p><a href="/checkout/step-three">Edit shipping method</a></p>
       </section>
       <section id='payment_method'>

data/app/views/caboose/checkout/authnet_profile_form.html.erb

@@ -0,0 +1,14 @@
+<% if @logged_in_user.payment_profile_id %>
+  <form method="post" action="https://secure.authorize.net/profile/editPayment" id='authnet_form'>
+    <input type="hidden" name="Token" value="<%= raw @token %>" />
+    <input type="submit" value="Edit my existing payment method"/>
+  </form>
+<% else %>
+  <form method="post" action="https://secure.authorize.net/profile/addPayment" id='authnet_form'>
+    <input type="hidden" name="Token" value="<%= raw @token %>" />
+    <input type="submit" value="Add payment method"/>
+  </form>
+<% end %>
+<script type='textjavascript'>
+//document.getElementById('authnet_form').submit();
+</script>

data/app/views/caboose/checkout/authnet_relay.html.erb

@@ -0,0 +1,16 @@
+<%
+# This relay page is rendered from the authorize.net server in a hidden iframe 
+# on the host application's checkout page.
+#
+# Since security rules in browsers disallow javascript access to and from 
+# iframes with pages in different domains, we need to send things back to 
+# a page on our own domain so we can bubble up the response.
+#
+%><!DOCTYPE>
+<html>
+<body>    
+<script type='text/javascript'>
+window.location = <%= raw Caboose.json(@url) %>;
+</script>
+</body>
+</html>

data/app/views/caboose/checkout/authnet_response.html.erb

@@ -0,0 +1,12 @@
+<%
+# This page is rendered from the host application's domain, and thus is allowed
+# to access the parent's DOM via javascript.
+#
+%><!DOCTYPE>
+<html>
+<body>    
+<script type='text/javascript'>
+parent.relay_handler(<%= raw Caboose.json(@resp) %>);
+</script>
+</body>
+</html>

data/app/views/caboose/checkout/step_four.html.erb

@@ -6,43 +6,44 @@ store_config = @site.store_config
   <%= render :partial => 'caboose/checkout/confirm' %>  
   <section id="checkout-payment">  
     <div class="wrapper">      
-      <% if store_config.pp_name == 'authorize.net' %>
-        <form id="payment" target="relay" action="https://test.authorize.net/gateway/transact.dll" method="post">
+      <% if store_config.pp_name == 'authorize.net' %>              
+        <form id="payment" target="relay" action="https://secure.authorize.net/gateway/transact.dll" method="post">
           <%= sim_fields(@sim_transaction) %>
+          <input id="x_invoice_num" name="x_invoice_num" type="hidden" value="<%= @order.id %>" />
+          <input id="x_description" name="x_after_relay" type="hidden" value="<%= raw "#{@request.protocol}#{@request.host_with_port}/checkout/authnet-response/#{@order.id}" %>" />
+          <p>
+            <label>Card Number</label>
+            <input name="x_card_num" id='billing-cc-number' type="text" maxlength="16" />          
+          </p>          
           
-          <label>Card Number</label>
-          <input name="x_card_num" type="text" maxlength="16" />
-          <!--<br />
-          <label>Security Code</label><br />
-          <input id="x_card_code" name="x_card_code" type="text" />-->
-          <br />          
+          <p>
+            <label>Expiration</label>
+            <input id="expiration" name="x_exp_date" type="hidden" />
+            <select id="month" name="month">                                      
+              <option value="01">01 - Jan</option>
+              <option value="02">02 - Feb</option>
+              <option value="03">03 - Mar</option>
+              <option value="04">04 - Apr</option>
+              <option value="05">05 - May</option>
+              <option value="06">06 - Jun</option>
+              <option value="07">07 - Jul</option>
+              <option value="08">08 - Aug</option>
+              <option value="09">09 - Sep</option>
+              <option value="10">10 - Oct</option>
+              <option value="11">11 - Nov</option>
+              <option value="12">12 - Dec</option>
+            </select>
+            /
+            <select id="year" name="year">
+              <% (DateTime.now.year...DateTime.now.year + 20).each do |i| %>
+                <option value="<%= i-2000 %>"><%= i %></option>
+              <% end %>
+            </select>
+          </p>
+                                        
+          <!--<input type="submit" value="Submit" />-->
           
-          <label>Expiration</label>
-          <input id="expiration" name="x_exp_date" type="hidden" />
-          <select id="month" name="month">                                      
-            <option value="01">01 - Jan</option>
-            <option value="02">02 - Feb</option>
-            <option value="03">03 - Mar</option>
-            <option value="04">04 - Apr</option>
-            <option value="05">05 - May</option>
-            <option value="06">06 - Jun</option>
-            <option value="07">07 - Jul</option>
-            <option value="08">08 - Aug</option>
-            <option value="09">09 - Sep</option>
-            <option value="10">10 - Oct</option>
-            <option value="11">11 - Nov</option>
-            <option value="12">12 - Dec</option>
-          </select>
-          /
-          <select id="year" name="year">
-            <% (DateTime.now.year...DateTime.now.year + 20).each do |i| %>
-              <option value="<%= i-2000 %>"><%= i %></option>
-            <% end %>
-          </select><br />
-          <br />
-          <input type="submit" value="Submit" />
-        </form>
-        <iframe id="relay" name="relay" style='display: block; width: 800px; height: 400px; border: #000 1px solid;'></iframe>
+        </form>                
       <% end %>
     </div>    
   </section>
@@ -52,7 +53,7 @@ store_config = @site.store_config
     <em>or</em>
     <a href="/">return to the store</a>
   </section>
-  
+  <iframe id="relay" name="relay" style='display: block; width: 800px; height: 400px; border: #000 1px solid;'></iframe>
 </div>
 
 <%= content_for :caboose_js do %>