effective_orders 4.5.0

data/app/helpers/effective_carts_helper.rb

@@ -0,0 +1,113 @@
+module EffectiveCartsHelper
+  # TODO: Consider unique
+  def current_cart(for_user = nil)
+    @cart ||= (
+      user = for_user || (current_user rescue nil) # rescue protects me against Devise not being installed
+
+      if user.present?
+        user_cart = Effective::Cart.where(user: user).first_or_create
+
+        # Merge session cart into user cart.
+        if session[:cart].present?
+          session_cart = Effective::Cart.where(user: nil).where(id: session[:cart]).first
+
+          if session_cart
+            session_cart.cart_items.each { |i| user_cart.add(i.purchasable, quantity: i.quantity, unique: i.unique) }
+            session_cart.destroy
+          end
+
+          session[:cart] = nil
+        end
+
+        user_cart
+      elsif session[:cart].present?
+        Effective::Cart.where(user_id: nil).where(id: session[:cart]).first_or_create
+      else
+        cart = Effective::Cart.create!
+        session[:cart] = cart.id
+        cart
+      end
+    )
+  end
+
+  def link_to_current_cart(opts = {})
+    options = {
+      label: 'My Cart',
+      id: 'current_cart',
+      rel: :nofollow,
+      class: 'btn btn-secondary'
+    }.merge(opts)
+
+    label = options.delete(:label)
+    options[:class] = ((options[:class] || '') + ' btn-current-cart')
+
+    link_to (current_cart.size == 0 ? label : "#{label} (#{current_cart.size})"), effective_orders.cart_path, options
+  end
+
+  def link_to_add_to_cart(purchasable, opts = {})
+    raise 'expecting an acts_as_purchasable object' unless purchasable.kind_of?(ActsAsPurchasable)
+
+    options = { label: 'Add to Cart', class: 'btn btn-primary', rel: :nofollow }.merge(opts)
+
+    label = options.delete(:label)
+    options[:class] = ((options[:class] || '') + ' btn-add-to-cart')
+
+    link_to(label, effective_orders.add_to_cart_path(purchasable_type: purchasable.class.name, purchasable_id: purchasable.id.to_i), options)
+  end
+
+  def link_to_remove_from_cart(cart_item, opts = {})
+    raise 'expecting an Effective::CartItem object' unless cart_item.kind_of?(Effective::CartItem)
+
+    options = {
+      label: 'Remove',
+      class: 'btn btn-primary',
+      rel: :nofollow,
+      data: { confirm: 'Are you sure? This cannot be undone!' },
+      method: :delete
+    }.merge(opts)
+
+    label = options.delete(:label)
+    options[:class] = ((options[:class] || '') + ' btn-remove-from-cart')
+
+    link_to(label, effective_orders.remove_from_cart_path(cart_item), options)
+  end
+
+  def link_to_empty_cart(opts = {})
+    options = {
+      label: 'Empty Cart',
+      class: 'btn btn-danger',
+      rel: :nofollow,
+      data: { confirm: 'This will clear your entire cart. Are you sure?' },
+      method: :delete
+    }.merge(opts)
+
+    label = options.delete(:label)
+    options[:class] = ((options[:class] || '') + ' btn-empty-cart')
+
+    link_to(label, effective_orders.cart_path, options)
+  end
+
+  def link_to_checkout(opts = {})
+    options = { label: 'Checkout', class: 'btn btn-primary', rel: :nofollow }.merge(opts)
+
+    order = options.delete(:order)
+    label = options.delete(:label)
+    options[:class] = ((options[:class] || '') + ' btn-checkout')
+
+    if order.present?
+      link_to(label, effective_orders.edit_order_path(order), options)
+    else
+      link_to(label, effective_orders.new_order_path, options)
+    end
+  end
+
+  def render_cart(cart = nil)
+    cart ||= current_cart
+    render(partial: 'effective/carts/cart', locals: { cart: cart })
+  end
+
+  def render_purchasables(*purchasables)
+    render(partial: 'effective/orders/order_items', locals: { order: Effective::Order.new(purchasables) })
+  end
+
+end

data/app/helpers/effective_orders_helper.rb

@@ -0,0 +1,143 @@
+module EffectiveOrdersHelper
+  def price_to_currency(price)
+    price = price || 0
+    raise 'price_to_currency expects an Integer representing the number of cents' unless price.kind_of?(Integer)
+    number_to_currency(price / 100.0)
+  end
+
+  def tax_rate_to_percentage(tax_rate, options = {})
+    options[:strip_insignificant_zeros] = true if options[:strip_insignificant_zeros].nil?
+    number_to_percentage(tax_rate, strip_insignificant_zeros: true)
+  end
+
+  def order_summary(order)
+    order_item_list = content_tag(:ul) do
+      order.order_items.map do |item|
+        content_tag(:li) do
+          names = item.name.split('<br>')
+          "#{item.quantity}x #{names.first} for #{price_to_currency(item.price)}".tap do |output|
+            names[1..-1].each { |line| output << "<br>#{line}" }
+          end.html_safe
+        end
+      end.join.html_safe
+    end
+    content_tag(:p, "#{price_to_currency(order.total)} total for #{pluralize(order.num_items, 'item')}:") + order_item_list
+  end
+
+  def order_item_summary(order_item)
+    if order_item.quantity > 1
+      content_tag(:p, "#{price_to_currency(order_item.total)} total for #{pluralize(order_item.quantity, 'item')}")
+    else
+      content_tag(:p, "#{price_to_currency(order_item.total)} total")
+    end
+  end
+
+  def order_checkout_label(processor = nil)
+    case processor
+    when :cheque
+      'Pay by Cheque'
+    when :free
+      'Checkout Free'
+    when :mark_as_paid
+      'Admin: Mark as Paid'
+    when :moneris
+      'Checkout with Credit Card'
+    when :paypal
+      'Checkout with PayPal'
+    when :phone
+      'Pay by Phone'
+    when :pretend
+      'Purchase Order (skip payment processor)'
+    when :refund
+      'Accept Refund'
+    when :stripe
+      'Pay Now'
+    else
+      'Checkout'
+    end
+  end
+
+  # This is called on the My Sales Page and is intended to be overridden in the app if needed
+  def acts_as_purchasable_path(purchasable, action = :show)
+    polymorphic_path(purchasable)
+  end
+
+  def order_payment_to_html(order)
+    content_tag(:pre) do
+      raw JSON.pretty_generate(order.payment).html_safe.gsub('\"', '').gsub("[\n\n    ]", '[]').gsub("{\n    }", '{}')
+    end
+  end
+
+  def render_order(order)
+    render(partial: 'effective/orders/order', locals: { order: order })
+  end
+
+  def render_checkout(order, namespace: nil, purchased_url: nil, declined_url: nil, deferred_url: nil)
+    raise 'unable to checkout an order without a user' unless order && order.user
+
+    locals = { order: order, purchased_url: purchased_url, declined_url: declined_url, deferred_url: deferred_url, namespace: namespace }
+
+    if order.purchased?
+      render(partial: 'effective/orders/order', locals: locals)
+    elsif (order.confirmed? || order.deferred?) && order.errors.blank?
+      render(partial: 'effective/orders/checkout_step2', locals: locals)
+    else
+      render(partial: 'effective/orders/checkout_step1', locals: locals)
+    end
+  end
+
+  def render_checkout_step1(order, namespace: nil, purchased_url: nil, declined_url: nil)
+    locals = { order: order, purchased_url: purchased_url, declined_url: declined_url, namespace: namespace }
+    render(partial: 'effective/orders/checkout_step1', locals: locals)
+  end
+
+  def render_checkout_step2(order, namespace: nil, purchased_url: nil, declined_url: nil)
+    locals = { order: order, purchased_url: purchased_url, declined_url: declined_url, namespace: namespace }
+    render(partial: 'effective/orders/checkout_step2', locals: locals)
+  end
+
+  def checkout_step1_form_url(order, namespace = nil)
+    raise 'expected an order' unless order
+    raise 'invalid namespace, expecting nil or :admin' unless [nil, :admin].include?(namespace)
+
+    if order.new_record?
+      namespace == nil ? effective_orders.orders_path : effective_orders.admin_orders_path
+    else
+      namespace == nil ? effective_orders.order_path(order) : effective_orders.checkout_admin_order_path(order)
+    end
+  end
+
+  def render_orders(obj, opts = {})
+    orders = Array(obj.kind_of?(User) ? Effective::Order.purchased_by(obj) : obj)
+
+    if orders.any? { |order| order.kind_of?(Effective::Order) == false }
+      raise 'expected a User or Effective::Order'
+    end
+
+    render(partial: 'effective/orders/orders_table', locals: { orders: orders }.merge(opts))
+  end
+
+  def payment_card_label(card)
+    card = card.to_s.downcase.gsub(' ', '').strip
+
+    case card
+    when ''
+      'None'
+    when 'v', 'visa'
+      'Visa'
+    when 'm', 'mc', 'master', 'mastercard'
+      'MasterCard'
+    when 'a', 'ax', 'american', 'americanexpress'
+      'American Express'
+    when 'd', 'discover'
+      'Discover'
+    else
+      card.to_s
+    end
+  end
+
+  def checkout_icon_to(path, options = {})
+    icon_to('shopping-cart', path, { title: 'Checkout' }.merge(options))
+  end
+
+end

data/app/helpers/effective_paypal_helper.rb

@@ -0,0 +1,49 @@
+module EffectivePaypalHelper
+  class ConfigReader
+    def self.cert_or_key(config)
+      if File.exist?(EffectiveOrders.paypal[config])
+        (File.read(EffectiveOrders.paypal[config]) rescue nil)
+      else
+        EffectiveOrders.paypal[config]
+      end
+    end
+  end
+
+  # These're constants so they only get read once, not every order request
+  if EffectiveOrders.paypal?
+    PAYPAL_CERT_PEM = ConfigReader.cert_or_key(:paypal_cert)
+    APP_CERT_PEM    = ConfigReader.cert_or_key(:app_cert)
+    APP_KEY_PEM     = ConfigReader.cert_or_key(:app_key)
+  end
+
+  def paypal_encrypted_payload(order)
+    raise 'required paypal paypal_cert is missing' unless PAYPAL_CERT_PEM.present?
+    raise 'required paypal app_cert is missing' unless APP_CERT_PEM.present?
+    raise 'required paypal app_key is missing' unless APP_KEY_PEM.present?
+
+    values = {
+      business: EffectiveOrders.paypal[:seller_email],
+      custom: EffectiveOrders.paypal[:secret],
+      cmd: '_cart',
+      upload: 1,
+      return: effective_orders.order_purchased_url(order),
+      notify_url: effective_orders.paypal_postback_url,
+      cert_id: EffectiveOrders.paypal[:cert_id],
+      currency_code: EffectiveOrders.paypal[:currency],
+      invoice: order.id,
+      amount: (order.subtotal / 100.0).round(2),
+      tax_cart: (order.tax / 100.0).round(2)
+    }
+
+    order.order_items.each_with_index do |item, x|
+      values["item_number_#{x+1}"] = x+1
+      values["item_name_#{x+1}"] = item.name
+      values["quantity_#{x+1}"] = item.quantity
+      values["amount_#{x+1}"] = '%.2f' % (item.price / 100.0)
+      values["tax_#{x+1}"] = '%.2f' % ((item.tax / 100.0) / item.quantity)  # Tax for 1 of these items
+    end
+
+    signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
+    OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
+  end
+end

data/app/helpers/effective_stripe_helper.rb

@@ -0,0 +1,85 @@
+module EffectiveStripeHelper
+
+  def stripe_plan_description(obj)
+    plan = (
+      case obj
+      when Hash            ; obj
+      when ::Stripe::Plan  ; EffectiveOrders.stripe_plans.find { |plan| plan[:id] == obj.id }
+      else                 ; raise 'unexpected object'
+      end
+    )
+
+    raise("unknown stripe plan: #{obj}") unless plan.kind_of?(Hash) && plan[:id].present?
+
+    plan[:description]
+  end
+
+  def stripe_invoice_line_description(line, simple: false)
+    [
+      "#{line.quantity}x",
+      line.plan.name,
+      price_to_currency(line.amount),
+      ("#{Time.zone.at(line.period.start).strftime('%F')}" unless simple),
+      ('to' unless simple),
+      ("#{Time.zone.at(line.period.end).strftime('%F')}" unless simple),
+      line.description.presence
+    ].compact.join(' ')
+  end
+
+  def stripe_coupon_description(coupon)
+    amount = coupon.amount_off.present? ? price_to_currency(coupon.amount_off) : "#{coupon.percent_off}%"
+
+    if coupon.duration_in_months.present?
+      "#{coupon.id} - #{amount} off for #{coupon.duration_in_months} months"
+    else
+      "#{coupon.id} - #{amount} off #{coupon.duration}"
+    end
+  end
+
+  def stripe_site_image_url
+    return nil unless EffectiveOrders.stripe? && (url = EffectiveOrders.stripe[:site_image].to_s).present?
+    url.start_with?('http') ? url : asset_url(url)
+  end
+
+  def stripe_order_description(order)
+    "#{order.num_items} items (#{price_to_currency(order.total)})"
+  end
+
+  def stripe_payment_intent(order)
+    customer = Effective::Customer.for_user(order.user)
+    customer.create_stripe_customer! # Only creates if customer not already present
+
+    payment = {
+      amount: order.total,
+      currency: EffectiveOrders.stripe[:currency],
+      customer: customer.stripe_customer_id,
+      payment_method: customer.payment_method_id.presence,
+      description: stripe_order_description(order),
+      metadata: { order_id: order.id },
+    }
+
+    token_required = customer.token_required?
+
+    intent = begin
+      Rails.logger.info "[STRIPE] create payment intent : #{payment}"
+      Stripe::PaymentIntent.create(payment)
+    rescue Stripe::CardError => e
+      token_required = true
+      Rails.logger.info "[STRIPE] (error) get payment intent : #{e.error.payment_intent.id}"
+      Stripe::PaymentIntent.retrieve(e.error.payment_intent.id)
+    end
+
+    payload = {
+      key: EffectiveOrders.stripe[:publishable_key],
+      client_secret: intent.client_secret,
+      payment_method: intent.payment_method,
+
+      active_card: customer.active_card,
+      email: customer.email,
+      token_required: token_required
+    }
+
+    payload
+  end
+
+end

data/app/helpers/effective_subscriptions_helper.rb

@@ -0,0 +1,34 @@
+module EffectiveSubscriptionsHelper
+
+  def subscripter_stripe_data(subscripter)
+    {
+      email: current_user.email,
+      image: stripe_site_image_url,
+      key: EffectiveOrders.stripe[:publishable_key],
+      name: EffectiveOrders.stripe[:site_title],
+    }
+  end
+
+  def subscripter_stripe_plans(subscripter)
+    EffectiveOrders.stripe_plans
+  end
+
+  def subscribable_form_with(subscribable)
+    raise 'form object must be an acts_as_subscribable object' unless subscribable.respond_to?(:subscripter)
+
+    subscripter = subscribable.subscripter
+    raise 'subscribable.subscribable_buyer must match current_user' unless subscripter.user == current_user
+
+    render('effective/subscripter/form', subscripter: subscripter)
+  end
+
+  def customer_form_with(customer)
+    raise 'form object must be an Effective::Customer object' unless customer.kind_of?(Effective::Customer)
+    raise 'expected customer user to match current user' if customer.user != current_user
+
+    subscripter = Effective::Subscripter.new(customer: customer, user: customer.user)
+
+    render('effective/customers/form', subscripter: subscripter)
+  end
+
+end

data/app/mailers/effective/orders_mailer.rb

@@ -0,0 +1,196 @@
+module Effective
+  class OrdersMailer < ActionMailer::Base
+    default from: EffectiveOrders.mailer[:default_from]
+
+    helper EffectiveOrdersHelper
+    layout EffectiveOrders.mailer[:layout].presence || 'effective_orders_mailer_layout'
+
+    def order_receipt_to_admin(order_param)
+      return true unless EffectiveOrders.mailer[:send_order_receipt_to_admin]
+
+      @order = (order_param.kind_of?(Effective::Order) ? order_param : Effective::Order.find(order_param))
+      @user = @order.user
+
+      @subject = subject_for(@order, :order_receipt_to_admin, "Order Receipt: ##{@order.to_param}")
+
+      mail(to: EffectiveOrders.mailer[:admin_email], from: EffectiveOrders.mailer[:default_from], subject: @subject)
+    end
+
+    def order_receipt_to_buyer(order_param)  # Buyer
+      return true unless EffectiveOrders.mailer[:send_order_receipt_to_buyer]
+
+      @order = (order_param.kind_of?(Effective::Order) ? order_param : Effective::Order.find(order_param))
+      @user = @order.user
+
+      @subject = subject_for(@order, :order_receipt_to_buyer, "Order Receipt: ##{@order.to_param}")
+
+      mail(to: @order.email, cc: @order.cc, subject: @subject)
+    end
+
+    # This is sent when an admin creates a new order or /admin/orders/new
+    # Or when Pay by Cheque or Pay by Phone (deferred payments)
+    # Or uses the order action Send Payment Request
+    def payment_request_to_buyer(order_param)
+      return true unless EffectiveOrders.mailer[:send_payment_request_to_buyer]
+
+      @order = (order_param.kind_of?(Effective::Order) ? order_param : Effective::Order.find(order_param))
+      @user = @order.user
+
+      @subject = subject_for(@order, :payment_request_to_buyer, "Request for Payment: Invoice ##{@order.to_param}")
+
+      mail(to: @order.email, cc: @order.cc, subject: @subject)
+    end
+
+    # This is sent when someone chooses to Pay by Cheque
+    def pending_order_invoice_to_buyer(order_param)
+      return true unless EffectiveOrders.mailer[:send_pending_order_invoice_to_buyer]
+
+      @order = (order_param.kind_of?(Effective::Order) ? order_param : Effective::Order.find(order_param))
+      @user = @order.user
+
+      @subject = subject_for(@order, :pending_order_invoice_to_buyer, "Pending Order: ##{@order.to_param}")
+
+      mail(to: @order.email, cc: @order.cc, subject: @subject)
+    end
+
+    # This is sent to admin when someone Accepts Refund
+    def refund_notification_to_admin(order_param)
+      @order = (order_param.kind_of?(Effective::Order) ? order_param : Effective::Order.find(order_param))
+      @user = @order.user
+
+      @subject = subject_for(@order, :refund_notification_to_admin, "New Refund: ##{@order.to_param}")
+
+      mail(to: EffectiveOrders.mailer[:admin_email], subject: @subject)
+    end
+
+    # Sent by the invoice.payment_succeeded webhook event
+    def subscription_payment_succeeded(customer_param)
+      return true unless EffectiveOrders.mailer[:send_subscription_payment_succeeded]
+
+      @customer = (customer_param.kind_of?(Effective::Customer) ? customer_param : Effective::Customer.find(customer_param))
+      @subscriptions = @customer.subscriptions
+      @user = @customer.user
+
+      @subject = subject_for(@customer, :subscription_payment_succeeded, 'Thank you for your payment')
+
+      mail(to: @customer.user.email, subject: @subject)
+    end
+
+    # Sent by the invoice.payment_failed webhook event
+    def subscription_payment_failed(customer_param)
+      return true unless EffectiveOrders.mailer[:send_subscription_payment_failed]
+
+      @customer = (customer_param.kind_of?(Effective::Customer) ? customer_param : Effective::Customer.find(customer_param))
+      @subscriptions = @customer.subscriptions
+      @user = @customer.user
+
+      @subject = subject_for(@customer, :subscription_payment_failed, 'Payment failed - please update your card details')
+
+      mail(to: @customer.user.email, subject: @subject)
+    end
+
+    # Sent by the customer.subscription.created webhook event
+    def subscription_created(customer_param)
+      return true unless EffectiveOrders.mailer[:send_subscription_created]
+
+      @customer = (customer_param.kind_of?(Effective::Customer) ? customer_param : Effective::Customer.find(customer_param))
+      @subscriptions = @customer.subscriptions
+      @user = @customer.user
+
+      @subject = subject_for(@customer, :subscription_created, 'New Subscription')
+
+      mail(to: @customer.user.email, subject: @subject)
+    end
+
+    # Sent by the customer.subscription.updated webhook event
+    def subscription_updated(customer_param)
+      return true unless EffectiveOrders.mailer[:send_subscription_updated]
+
+      @customer = (customer_param.kind_of?(Effective::Customer) ? customer_param : Effective::Customer.find(customer_param))
+      @subscriptions = @customer.subscriptions
+      @user = @customer.user
+
+      @subject = subject_for(@customer, :subscription_updated, 'Subscription Changed')
+
+      mail(to: @customer.user.email, subject: @subject)
+    end
+
+    # Sent by the invoice.payment_failed webhook event
+    def subscription_canceled(customer_param)
+      return true unless EffectiveOrders.mailer[:send_subscription_canceled]
+
+      @customer = (customer_param.kind_of?(Effective::Customer) ? customer_param : Effective::Customer.find(customer_param))
+      @subscriptions = @customer.subscriptions
+      @user = @customer.user
+
+      @subject = subject_for(@customer, :subscription_canceled, 'Subscription canceled')
+
+      mail(to: @customer.user.email, subject: @subject)
+    end
+
+    # Sent by the effective_orders:notify_trial_users rake task.
+    def subscription_trialing(subscribable)
+      return true unless EffectiveOrders.mailer[:send_subscription_trialing]
+
+      @subscribable = subscribable
+      @user = @subscribable.subscribable_buyer
+
+      @subject = subject_for(@customer, :subscription_trialing, 'Trial is active')
+
+      mail(to: @subscribable.subscribable_buyer.email, subject: @subject)
+    end
+
+    # Sent by the effective_orders:notify_trial_users rake task.
+    def subscription_trial_expired(subscribable)
+      return true unless EffectiveOrders.mailer[:send_subscription_trial_expired]
+
+      @subscribable = subscribable
+      @user = @subscribable.subscribable_buyer
+
+      @subject = subject_for(@customer, :subscription_trial_expired, 'Trial expired')
+
+      mail(to: @subscribable.subscribable_buyer.email, subject: @subject)
+    end
+
+    def subscription_event_to_admin(event, customer_param)
+      return true unless EffectiveOrders.mailer[:send_subscription_event_to_admin]
+
+      @customer = (customer_param.kind_of?(Effective::Customer) ? customer_param : Effective::Customer.find(customer_param))
+      @subscriptions = @customer.subscriptions
+      @user = @customer.user
+      @event = event.to_s
+
+      @subject = subject_for(@customer, :subscription_event_to_admin, "Subscription event - @event - @customer").gsub('@event', @event.to_s).gsub('@customer', @customer.to_s)
+
+      mail(to: EffectiveOrders.mailer[:admin_email], subject: @subject)
+    end
+
+    def order_error(order: nil, error: nil, to: nil, from: nil, subject: nil, template: 'order_error')
+      @order = (order.kind_of?(Effective::Order) ? order : Effective::Order.find(order))
+      @error = error.to_s
+
+      @subject = subject_for(@order, :error, "An error occurred with order: ##{@order.try(:to_param)}")
+
+      mail(
+        to: (to || EffectiveOrders.mailer[:admin_email]),
+        from: (from || EffectiveOrders.mailer[:default_from]),
+        subject: (subject || @subject)
+      ) do |format|
+        format.html { render(template) }
+      end
+    end
+
+    private
+
+    def subject_for(order, action, fallback)
+      subject = EffectiveOrders.mailer["subject_for_#{action}".to_sym]
+      prefix = EffectiveOrders.mailer[:subject_prefix].to_s
+
+      subject = self.instance_exec(order, &subject) if subject.respond_to?(:call)
+      subject = subject.presence || fallback
+
+      prefix.present? ? (prefix.chomp(' ') + ' ' + subject) : subject
+    end
+
+  end
+end