RubyGems - effective_orders - Versions diffs - 3.0.4 → 3.1.0 - Mend

effective_orders 3.0.4 → 3.1.0

Files changed (9) hide show

checksums.yaml +4 -4
data/app/controllers/effective/providers/moneris.rb +23 -17
data/app/models/effective/order.rb +10 -1
data/app/models/effective/providers/moneris_charge.rb +114 -0
data/app/views/effective/orders/_checkout_step2.html.haml +12 -11
data/app/views/effective/orders/_order_actions.html.haml +1 -1
data/app/views/effective/orders/moneris/_form.html.haml +4 -43
data/lib/effective_orders/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c63ea13e03cd733ba8ee14f51ab78df6fbbfc25f4b6546d946b20facfa15aaa6
-  data.tar.gz: 1a5c4d4ca4ce70f3c20c8984cfe2063104908c292f7b37a8ebb0e209c2e60e58
+  metadata.gz: f8a648d7e8218c51c4733d02e64c542fcebf91d04d5bb78c457a1fa835e2b319
+  data.tar.gz: f062fbd9fd8973ea30c1c62e470a327d6d4cac533606a65cfbe43fbc19fd7418
 SHA512:
-  metadata.gz: 9e66345b50629cd33f2e046d910d3d5cf10f735d730e3810c919cfe8fae0fff6731ff85370d2184104898441d9bcc58e7d0bbbdbe06194182e58e70e4d92636d
-  data.tar.gz: 7f6a851d15695bea583d3ba315e2df215df31be66e1bf3d8d46766ffbf500e111bce198be45b4b947373fac3776d3a1c7dfe1827c60b36efd3bba38c5293d5d9
+  metadata.gz: 317b8781f567e20c92ed714b7f7aa823b4de332722fb7d054eaa4134888f95495b5ac138e4677ae746a0566a522e9f346279f53b950bb129c5dd188fe3c3cd50
+  data.tar.gz: 931166730fdbed8d51a34fc3bea22b8d791644050a2673ba74093c7f158b7a187b7de8b5580f94d0b23448d2e9427bf1feda17c89bd5ca83cd65d4caca9a16a3

data/app/controllers/effective/providers/moneris.rb CHANGED Viewed

@@ -17,33 +17,39 @@ module Effective
         declined_url = params.delete(:rvar_declined_url)
         if @order.purchased?  # Fallback to a success condition of the Order is already purchased
-          order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
-          return
+          return order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
         end
-        if params[:result].to_s == '1' && params[:transactionKey].present?
-          verify_params = parse_moneris_response(send_moneris_verify_request(params[:transactionKey])) || {}
+        # Invalid Result
+        if params[:result].to_s != '1' || params[:transactionKey].blank?
+          return order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
+        end
-          response_code = verify_params[:response_code].to_i # Sometimes moneris sends us the string 'null'
+        payment = params.merge(verify_moneris_transaction(params[:transactionKey]))
+        valid = (1..49).include?(payment[:response_code].to_i)  # Must be > 0 and < 50 to be valid. Sometimes we get the string 'null'
-          if response_code > 0 && response_code < 50  # Less than 50 means a successful validation
-            order_purchased(details: params.merge(verify_params), provider: 'moneris', card: params[:card], purchased_url: purchased_url)
-          else
-            order_declined(details: params.merge(verify_params), provider: 'moneris', card: params[:card], declined_url: declined_url)
-          end
-        else
-          order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
+        if valid == false
+          return order_declined(details: payment, provider: 'moneris', card: params[:card], declined_url: declined_url)
         end
+        order_purchased(details: payment, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
       end
       private
-      def parse_moneris_response(text)
-        text.split("<br>").inject(Hash.new()) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last ; h } rescue {response: text}
-      end
+      def verify_moneris_transaction(transactionKey)
+        # Send a verification POST request
+        uri = URI.parse(EffectiveOrders.moneris[:verify_url])
+        params = { ps_store_id: EffectiveOrders.moneris[:ps_store_id], hpp_key: EffectiveOrders.moneris[:hpp_key], transactionKey: transactionKey }
+        headers = { 'Referer': effective_orders.orders_url }
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        body = http.post(uri.path, params.to_query, headers).body
-      def send_moneris_verify_request(verify_key)
-        `curl -F ps_store_id='#{EffectiveOrders.moneris[:ps_store_id]}' -F hpp_key='#{EffectiveOrders.moneris[:hpp_key]}' -F transactionKey='#{verify_key}' --referer #{effective_orders.moneris_postback_orders_url} #{EffectiveOrders.moneris[:verify_url]}`
+        # Parse response into a Hash
+        body.split('<br>').inject({}) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last; h }
       end
     end

data/app/models/effective/order.rb CHANGED Viewed

@@ -310,7 +310,16 @@ module Effective
           self.purchase_state = EffectiveOrders::PURCHASED
           self.purchased_at ||= Time.zone.now
-          self.payment = details.kind_of?(Hash) ? details : { details: details.to_s }
+          self.payment = (
+            if details.kind_of?(Hash)
+              details
+            elsif details.respond_to?(:to_unsafe_h)
+              details.to_unsafe_h
+            else
+              { details: details.to_s }
+            end
+          )
           self.payment_provider = provider.to_s
           self.payment_card = card.to_s.presence || 'none'

data/app/models/effective/providers/moneris_charge.rb ADDED Viewed

@@ -0,0 +1,114 @@
+require 'nokogiri'
+module Effective
+  module Providers
+    class MonerisCharge
+      attr_accessor :order, :purchased_url, :declined_url
+      attr_accessor :hpp_id, :ticket # return values
+      def initialize(order:, purchased_url: nil, declined_url: nil)
+        @order = order
+        @purchased_url = purchased_url
+        @declined_url = declined_url
+        moneris_preload!
+      end
+      def present?
+        ticket.present? && hpp_id.present?
+      end
+      def moneris_preload!
+        # Make the moneris preload request
+        uri = URI.parse(EffectiveOrders.moneris[:hpp_url])
+        params = moneris_preload_payload.to_query
+        headers = {}
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        body = http.post(uri.path, params, headers).body
+        doc = ::Nokogiri::XML(body)
+        # Parse preload request
+        moneris = [:hpp_id, :ticket, :order_id, :response_code].inject({}) do |h, key|
+          h[key] = doc.xpath("//#{key}").children.first.to_s; h
+        end
+        # Transaction Response Code: < 50: data successfully loaded, >= 50: data not loaded
+        moneris[:response_code] = (moneris[:response_code].to_i rescue 50)
+        raise 'data not loaded' unless moneris[:response_code] < 50
+        # Our return value
+        @hpp_id = moneris[:hpp_id]
+        @ticket = moneris[:ticket]
+      end
+      def moneris_preload_payload
+        payload = {
+          ps_store_id: EffectiveOrders.moneris[:ps_store_id],
+          hpp_key: EffectiveOrders.moneris[:hpp_key],
+          hpp_preload: '',
+          charge_total: ('%.2f' % (order.total / 100.0)),
+          # Optional
+          order_id: order_id,
+          lang: 'en-ca',
+          email: order.user.email,
+          rvar_purchased_url: purchased_url,
+          rvar_declined_url: declined_url
+        }.compact
+        if order.tax.present?
+          payload[:gst] = ('%.2f' % (order.tax / 100.0))
+        end
+        if order.billing_name.present?
+          payload[:bill_first_name] = order.billing_name.split(' ')[0]
+          payload[:bill_last_name] = order.billing_name.split(' ')[1..-1].join(' ')
+        end
+        if order.billing_address.present?
+          address = order.billing_address
+          payload[:bill_address_one] = address.address1
+          payload[:bill_city] = address.city
+          payload[:bill_state_or_province] = address.state
+          payload[:bill_postal_code] = address.postal_code
+          payload[:bill_country] = address.country
+        end
+        if order.shipping_address.present?
+          address = order.shipping_address
+          payload[:ship_address_one] = address.address1
+          payload[:ship_city] = address.city
+          payload[:ship_state_or_province] = address.state
+          payload[:ship_postal_code] = address.postal_code
+          payload[:ship_country] = address.country
+        end
+        order.order_items.each_with_index do |item, index|
+          payload["id#{index}"] = index
+          payload["description#{index}"] = item.title
+          payload["quantity#{index}"] = item.quantity
+          payload["price#{index}"] = ('%.2f' % (item.price / 100.0))
+          payload["subtotal#{index}"] = ('%.2f' % (item.subtotal / 100.0))
+        end
+        payload
+      end
+      private
+      def order_id
+        [
+          order.to_param,
+          (order.billing_name.to_s.parameterize.presence if EffectiveOrders.moneris[:include_billing_name_in_order_id])
+        ].compact.join('-')
+      end
+    end
+  end
+end

data/app/views/effective/orders/_checkout_step2.html.haml CHANGED Viewed

@@ -1,36 +1,37 @@
 = render partial: 'effective/orders/order', locals: { order: order }
+- form_locals = { order: order, purchased_url: purchased_url, declined_url: declined_url }
 .effective-order.effective-order-purchase-actions
   - if EffectiveOrders.allow_free_orders && order.free?
-    = render partial: '/effective/orders/free/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+    = render partial: '/effective/orders/free/form', locals: form_locals
   - elsif EffectiveOrders.allow_refunds && order.refund?
     -# Nothing
   - else
     - if EffectiveOrders.allow_pretend_purchase_in_development && !Rails.env.production?
-      = render partial: '/effective/orders/pretend/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/pretend/form', locals: form_locals
     - if EffectiveOrders.allow_pretend_purchase_in_production && Rails.env.production?
-      = render partial: '/effective/orders/pretend/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/pretend/form', locals: form_locals
     - if EffectiveOrders.moneris_enabled
-      = render partial: '/effective/orders/moneris/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/moneris/form', locals: form_locals
     - if EffectiveOrders.paypal_enabled
-      = render partial: '/effective/orders/paypal/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/paypal/form', locals: form_locals
     - if EffectiveOrders.stripe_enabled
-      = render partial: '/effective/orders/stripe/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/stripe/form', locals: form_locals
     - if EffectiveOrders.ccbill_enabled
-      = render partial: '/effective/orders/ccbill/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/ccbill/form', locals: form_locals
     - if EffectiveOrders.app_checkout_enabled && EffectiveOrders.authorized?(controller, :app_checkout, order)
-      = render partial: '/effective/orders/app_checkout/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/app_checkout/form', locals: form_locals
     - if EffectiveOrders.cheque_enabled && order.user == current_user
-      = render partial: '/effective/orders/cheque/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/cheque/form', locals: form_locals
   - if EffectiveOrders.allow_pretend_purchase_in_production && Rails.env.production? && EffectiveOrders.allow_pretend_purchase_in_production_message.present?
     %br
@@ -39,8 +40,8 @@
 - if EffectiveOrders.authorized?(controller, :admin, :effective_orders) && order.user != current_user
   - if EffectiveOrders.allow_refunds && order.refund?
     .effective-order.effective-order-admin-purchase-actions
-      = render partial: '/effective/orders/refund/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/refund/form', locals: form_locals
   - elsif EffectiveOrders.mark_as_paid_enabled
     .effective-order.effective-order-admin-purchase-actions
-      = render partial: '/effective/orders/mark_as_paid/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/mark_as_paid/form', locals: form_locals

data/app/views/effective/orders/_order_actions.html.haml CHANGED Viewed

@@ -4,7 +4,7 @@
   - if order.purchased?
     = link_to 'Resend Receipt', effective_orders.send_buyer_receipt_order_path(order), class: 'btn btn-default', data: { confirm: 'This action will email the buyer a copy of the original email receipt.  Send receipt now?', disable_with: 'Resending...' }
-  - elsif EffectiveOrders.authorized?(controller, :admin, :effective_orders)
+  - elsif EffectiveOrders.authorized?(controller, :admin, :effective_orders) && order.user != current_user
     - if order.pending?
       = link_to 'Admin: Send Payment Request', effective_orders.send_payment_request_admin_order_path(order), class: 'btn btn-default', data: { method: :post, confirm: 'This action will email buyer a payment request. Send it now?', disable_with: 'Sending...' }
     = link_to 'Admin: Delete', effective_orders.admin_order_path(order), class: 'btn btn-default', data: { method: :delete, confirm: 'Are you sure you want to delete? This cannot be undone.', disable_with: 'Deleting...' }

data/app/views/effective/orders/moneris/_form.html.haml CHANGED Viewed

@@ -1,47 +1,8 @@
 = form_tag(EffectiveOrders.moneris[:hpp_url], method: :post) do
-  = hidden_field_tag(:ps_store_id, EffectiveOrders.moneris[:ps_store_id])
-  = hidden_field_tag(:hpp_key, EffectiveOrders.moneris[:hpp_key])
-  = hidden_field_tag(:lang, 'en-ca')
-  = hidden_field_tag(:rvar_authenticity_token, form_authenticity_token)
+  - moneris = Effective::Providers::MonerisCharge.new(order: order, purchased_url: purchased_url, declined_url: declined_url)
-  - if purchased_url.present?
-    = hidden_field_tag(:rvar_purchased_url, purchased_url)
-  - if declined_url.present?
-    = hidden_field_tag(:rvar_declined_url, declined_url)
-  = hidden_field_tag(:email, order.user.try(:email))
-  = hidden_field_tag(:cust_id, order.user.to_param)
-  = hidden_field_tag(:order_id, [order.to_param, order.billing_name.try(:parameterize).presence, Time.zone.now.to_i].compact.join('-'))
-  = hidden_field_tag(:gst, '%.2f' % (order.tax / 100.0))
-  = hidden_field_tag(:charge_total, '%.2f' % (order.total / 100.0))
-  - order.order_items.each_with_index do |item, x|
-    = hidden_field_tag("id#{x}", x)
-    = hidden_field_tag("description#{x}", item.title)
-    = hidden_field_tag("quantity#{x}", item.quantity)
-    = hidden_field_tag("price#{x}", '%.2f' % (item.price / 100.0))
-    = hidden_field_tag("subtotal#{x}", '%.2f' % (item.subtotal / 100.0))
-  - if order.billing_address.present?
-    - address = order.billing_address
-    = hidden_field_tag(:bill_first_name, address.first_name || order.try(:user).try(:first_name))
-    = hidden_field_tag(:bill_last_name, address.last_name || order.try(:user).try(:last_name))
-    = hidden_field_tag(:bill_address_one, address.address1)
-    = hidden_field_tag(:bill_city, address.city)
-    = hidden_field_tag(:bill_state_or_province, address.state)
-    = hidden_field_tag(:bill_postal_code, address.postal_code)
-    = hidden_field_tag(:bill_country, address.country)
-  - if order.shipping_address.present?
-    - address = order.shipping_address
-    = hidden_field_tag(:ship_first_name, address.first_name || order.try(:user).try(:first_name))
-    = hidden_field_tag(:ship_last_name, address.last_name || order.try(:user).try(:last_name))
-    = hidden_field_tag(:ship_address_one, address.address1)
-    = hidden_field_tag(:ship_city, address.city)
-    = hidden_field_tag(:ship_state_or_province, address.state)
-    = hidden_field_tag(:ship_postal_code, address.postal_code)
-    = hidden_field_tag(:ship_country, address.country)
+  = hidden_field_tag :hpp_preload, ''
+  = hidden_field_tag :hpp_id, moneris.hpp_id
+  = hidden_field_tag :ticket, moneris.ticket
   = submit_tag order_checkout_label(:moneris), class: 'btn btn-primary', data: { disable_with: 'Continuing...' }

data/lib/effective_orders/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EffectiveOrders
-  VERSION = '3.0.4'.freeze
+  VERSION = '3.1.0'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_orders
 version: !ruby/object:Gem::Version
-  version: 3.0.4
+  version: 3.1.0
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-08-07 00:00:00.000000000 Z
+date: 2019-08-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -167,6 +167,7 @@ files:
 - app/models/effective/order_item.rb
 - app/models/effective/product.rb
 - app/models/effective/providers/ccbill_postback.rb
+- app/models/effective/providers/moneris_charge.rb
 - app/models/effective/providers/stripe_charge.rb
 - app/models/effective/subscripter.rb
 - app/models/effective/subscription.rb