ecommerce 0.0.2 → 0.0.3

data/app/controllers/cart_controller.rb

@@ -10,7 +10,6 @@ class CartController < ApplicationController
   def update
     cart = find_cart()
 
-
     if params.key?('quantity_total_update') && params.key?('cart_item')
       # We are updating the total quantity of multiple items in teh cart. This is likely from teh cart page where
       # the user has updated the quantity text fields and clicked 'Update Cart'
@@ -39,4 +38,7 @@ class CartController < ApplicationController
     redirect_to :back
   end
 
+  def confirmation
+
+  end
 end

data/app/controllers/payment_notifications_controller.rb

@@ -1,80 +1,26 @@
 class PaymentNotificationsController < ApplicationController
+
   # Paypal needs to be able to access this without passing the auth token
   protect_from_forgery :except => [:create]
 
   unloadable
 
-  # https://cms.paypal.com/cms_content/en_US/files/developer/PP_OrderMgmt_IntegrationGuide.pdf
-  SUCCESSFUL_PAYPAL_STATES = %w[instant echeck completed processed pending]
-
-  # For cart info, see:
-  # https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_Appx_websitestandard_htmlvariables
-
   def index
-    if request_seems_to_be_valid()
-      pm = PaymentNotification.create!(:params  => params,
-                                       :cart_id => params[:invoice],
-                                       :status  => params[:payment_status].downcase,
-                                       :transaction_id => params[:txn_id])
-      render :text => pm.inspect
-    else
-      Rails.logger.warn("Something was wrong with this transaction! See PaymentNotification entry for cart_id #{params[:invoice]} and transaction_id #{params[:txn_id]}")
-      render :text => 'test failed'
-    end
+    create()
   end
 
-
   def create
-    if request_seems_to_be_valid()
-      PaymentNotification.create!(:params  => params,
-                                  :cart_id => params[:invoice],
-                                  :status  => params[:payment_status].downcase,
-                                  :transaction_id => params[:txn_id])
-    else
-      Rails.logger.warn("Something was wrong with this transaction! See PaymentNotification entry for cart_id #{params[:invoice]} and transaction_id #{params[:txn_id]}")
-    end
-    render :nothing => true
-  end
-  
-  protected
-
-
-  # TODO -- younker [2011-03-27 15:12]
-  # Move this into the payment notification model and do validations there (change request_seems_to_be_valid to pm.valid?)
-  def request_seems_to_be_valid()
-    # current_cart = find_cart()
-    txn_cart = Cart.find_by_id(params[:invoice])
-
-    # unless current_cart.id.eql?(txn_cart.id)
-    #   Rails.logger.fatal("The user's current cart (#{current_cart.id}) does not match the cart for this transaction #{txn_cart.id}")
-    #   return false
-    # end
-
-    # unless current_cart.total.eql?(txn_cart.total)
-    #   Rails.logger.warn("The total for the current cart (#{current_cart.total}) does not equal the total for the transaction cart #{txn_cart.total}")
-    #   return false
-    # end
-
-    # unless txn_cart.total.to_f.eql?(params[:payment_gross].to_f)
-    #   Rails.logger.warn("The total for the current cart (#{txn_cart.total}) does not equal the payment_gross #{params[:payment_gross]}sent back from paypal")
-    #   return false
-    # end
-
-    unless ECO['paypal']['email'].eql?(params[:receiver_email])
-      Rails.logger.warn("The receiver email from paypal (#{params[:receiver_email]}) does not match our ECO.paypal_email (#{ECO['paypal']['email']})")
-      return false
-    end
-      
-    unless ECO['paypal']['secret'].eql?(params[:secret])
-      Rails.logger.warn("Our secret (#{ECO['paypal']['secret']}) does not match their secret (#{params[:secret]})")
-      return false
+    begin
+      pm = PaymentHandler.create!(:params  => params)
+      if pm.accept?
+        head :accepted
+      else
+        Rails.logger.fatal("Failed Transaction for cart_id #{pm.cart_id}: #{pm.errors}")
+        head :bad_request
+      end
+    rescue => e
+      Rails.logger.fatal(e)
+      head :bad_request
     end
-      
-    if SUCCESSFUL_PAYPAL_STATES.detect{ |str| str.eql?(params[:payment_status].downcase) }.nil?
-      Rails.logger.warn("The payment state reported back from paypal (#{params[:payment_status].downcase}) does not indicate success")
-      return false
-    end
-
-    true
   end
 end

data/app/models/cart.rb

@@ -2,6 +2,9 @@ class Cart < ActiveRecord::Base
   attr_reader :currency
   include ActionView::Helpers::NumberHelper
 
+  # Needed to pass the order return path (order_confirmation_path) to paypal
+  include Rails.application.routes.url_helpers
+
   has_many :cart_items
   # Because 'has_many :cart_items, :as => :items' does not appear to work
   def items ; self.cart_items ; end
@@ -78,9 +81,10 @@ class Cart < ActiveRecord::Base
       :cert_id    => ECO['paypal']['cert_id'],
       :cmd        => '_cart',
       :upload     => 1,
-      :weight     => self.shipping_weight
+      :weight     => self.shipping_weight,
+      :return     => order_confirmation_path()
     }
-  
+
     self.items.each_with_index do |item, index|
       values.merge!({
         "amount_#{index+1}"      => item.unit_price,

data/app/models/payment_handler.rb

@@ -0,0 +1,57 @@
+class PaymentHandler < ActiveRecord::Base
+  belongs_to :cart
+
+  attr_accessible :params, :cart_id, :status, :transaction_id
+
+  # convert params object to yaml when putting into the db and a hash when it comes out
+  serialize :params
+  
+  after_create :set_purchase_date
+
+  # https://cms.paypal.com/cms_content/en_US/files/developer/PP_OrderMgmt_IntegrationGuide.pdf
+  SUCCESSFUL_PAYPAL_STATES = %w[instant echeck completed processed pending]
+
+  validates :params, :status, :presence => true
+  validates :cart_id, :transaction_id, :presence => true, :uniqueness => true
+
+  before_validation do 
+    self.cart_id = self.params['invoice'] unless cart_id?
+    self.status = self.params['payment_status'].downcase unless status?
+    self.transaction_id = self.params['txn_id'] unless transaction_id?
+  end
+
+  # younker [2011-04-16 12:00]
+  # We want to create the entry even if it does not pass validation, otherwise we will not insert this into the db.
+  # That is why I removed this and created accept?
+  # validate do
+  #   errors.add(:base, "Secret does not match") unless secrets_match?
+  #   errors.add(:base, "Transaction state was invalid") unless valid_state?
+  #   errors.add(:base, "Receiver email does not match our paypal email") unless emails_match?
+  # end
+
+  def accept?
+    errors.add(:base, " Secret does not match") unless secrets_match?
+    errors.add(:base, " Transaction state was invalid") unless valid_state?
+    errors.add(:base, " Receiver email does not match our paypal email") unless emails_match?
+    self.errors.empty?
+  end
+
+  private
+
+  # checks to make sure this is valid are done in the payment_notification_controller.create()
+  def set_purchase_date
+    cart.update_attribute(:purchased_at, Time.now)
+  end
+
+  def secrets_match?
+    ECO['paypal']['secret'].eql?(self.params['secret'])
+  end
+
+  def valid_state?
+    SUCCESSFUL_PAYPAL_STATES.include?(self.status)
+  end
+
+  def emails_match?
+    ECO['paypal']['email'].eql?(self.params[:receiver_email])
+  end
+end

data/app/models/product.rb

@@ -1,7 +1,7 @@
 class Product < ActiveRecord::Base
   include ActionView::Helpers::NumberHelper
 
-  validates_presence_of :name, :permalink
+  validates_presence_of :name, :permalink, :shipping_weight
 
   has_many :photos
   

data/app/views/cart/confirmation.haml

@@ -0,0 +1,2 @@
+:ruby
+  page_title("Your order has been received. Thank you!")

data/config/initializers/ecommerce-config.rb

@@ -1,6 +1,6 @@
 require 'yaml'
 env = Rails.env.present? ? Rails.env.to_s : 'test'
-ECO = YAML.load(File.read(File.expand_path('../../ecommerce.yml', __FILE__)))[env]
+ECO = YAML.load(File.read("#{Rails.root}/config/ecommerce.yml"))[env]
 
 PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
 APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")

data/config/routes.rb

@@ -2,16 +2,9 @@ Rails.application.routes.draw do
   match '/cart', :via => :get,    :to => 'cart#index'
   match '/cart', :via => :put,    :to => 'cart#update'
   match '/cart', :via => :delete, :to => 'cart#destroy'
-
-
-  # resources :cart, :except => [:update, :edit, :show, :create, :new] do
-  #   collection do
-  #     put :update
-  #   end
-  # end
+  match '/order-confirmation', :via => :get, :to => 'cart#confirmation', :as => 'order_confirmation'
 
   resources :payment_notifications
-  resources :order_confirmation
 
   match '/products/search' => 'products#search'
   resources :products do

data/lib/ecommerce/version.rb

@@ -1,3 +1,3 @@
 module Ecommerce
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

data/lib/generators/ecommerce/templates/migration.rb

@@ -11,7 +11,7 @@ class CreateEcommerceTables < ActiveRecord::Migration
       t.text :meta_description
       t.text :meta_keywords
       t.string :tags
-      t.int :shipping_weight
+      t.integer :shipping_weight
       t.timestamps
     end
 
@@ -37,7 +37,7 @@ class CreateEcommerceTables < ActiveRecord::Migration
     end
 
     # PayPal -- how they let us know when a payment has cleared
-    create_table :payment_notifications do |t|
+    create_table :payment_handlers do |t|
       t.text :params
       t.integer :cart_id
       t.string :status
@@ -52,7 +52,7 @@ class CreateEcommerceTables < ActiveRecord::Migration
     drop_table :photos
     drop_table :carts
     drop_table :cart_items
-    drop_table :payment_notifications
+    drop_table :payment_handlers
   end
 
 end

data/spec/models/payment_handler_spec.rb

@@ -0,0 +1,5 @@
+require 'spec_helper'
+
+describe PaymentHandler do
+  pending "add some examples to (or delete) #{__FILE__}"
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: ecommerce
 version: !ruby/object:Gem::Version 
-  hash: 27
+  hash: 25
   prerelease: 
   segments: 
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors: 
 - Jason Younker
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-03 00:00:00 -07:00
+date: 2011-04-16 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -72,8 +72,10 @@ files:
 - app/helpers/products_helper.rb
 - app/models/cart.rb
 - app/models/cart_item.rb
+- app/models/payment_handler.rb
 - app/models/photo.rb
 - app/models/product.rb
+- app/views/cart/confirmation.haml
 - app/views/cart/index.haml
 - app/views/layouts/application.html.erb
 - app/views/products/_form.html.haml
@@ -98,6 +100,7 @@ files:
 - db/seeds.rb
 - doc/README_FOR_APP
 - ecommerce-0.0.1.gem
+- ecommerce-0.0.2.gem
 - ecommerce.gemspec
 - lib/ecommerce.rb
 - lib/ecommerce/ecommerce.rb
@@ -116,6 +119,7 @@ files:
 - public/robots.txt
 - public/stylesheets/.gitkeep
 - script/rails
+- spec/models/payment_handler_spec.rb
 - spec/spec_helper.rb
 - test/performance/browsing_test.rb
 - test/test_helper.rb
@@ -155,6 +159,7 @@ signing_key:
 specification_version: 3
 summary: Very simple ecommerce framework
 test_files: 
+- spec/models/payment_handler_spec.rb
 - spec/spec_helper.rb
 - test/performance/browsing_test.rb
 - test/test_helper.rb