RubyGems - effective_orders - Versions diffs - 3.0.4 → 3.1.0 - Mend

effective_orders 3.0.4 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/app/controllers/effective/providers/moneris.rb +23 -17
data/app/models/effective/order.rb +10 -1
data/app/models/effective/providers/moneris_charge.rb +114 -0
data/app/views/effective/orders/_checkout_step2.html.haml +12 -11
data/app/views/effective/orders/_order_actions.html.haml +1 -1
data/app/views/effective/orders/moneris/_form.html.haml +4 -43
data/lib/effective_orders/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c63ea13e03cd733ba8ee14f51ab78df6fbbfc25f4b6546d946b20facfa15aaa6
-  data.tar.gz: 1a5c4d4ca4ce70f3c20c8984cfe2063104908c292f7b37a8ebb0e209c2e60e58
+  metadata.gz: f8a648d7e8218c51c4733d02e64c542fcebf91d04d5bb78c457a1fa835e2b319
+  data.tar.gz: f062fbd9fd8973ea30c1c62e470a327d6d4cac533606a65cfbe43fbc19fd7418
 SHA512:
-  metadata.gz: 9e66345b50629cd33f2e046d910d3d5cf10f735d730e3810c919cfe8fae0fff6731ff85370d2184104898441d9bcc58e7d0bbbdbe06194182e58e70e4d92636d
-  data.tar.gz: 7f6a851d15695bea583d3ba315e2df215df31be66e1bf3d8d46766ffbf500e111bce198be45b4b947373fac3776d3a1c7dfe1827c60b36efd3bba38c5293d5d9
+  metadata.gz: 317b8781f567e20c92ed714b7f7aa823b4de332722fb7d054eaa4134888f95495b5ac138e4677ae746a0566a522e9f346279f53b950bb129c5dd188fe3c3cd50
+  data.tar.gz: 931166730fdbed8d51a34fc3bea22b8d791644050a2673ba74093c7f158b7a187b7de8b5580f94d0b23448d2e9427bf1feda17c89bd5ca83cd65d4caca9a16a3

data/app/controllers/effective/providers/moneris.rb CHANGED Viewed

@@ -17,33 +17,39 @@ module Effective
         declined_url = params.delete(:rvar_declined_url)
         if @order.purchased?  # Fallback to a success condition of the Order is already purchased
-          order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
-          return
+          return order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
         end
-        if params[:result].to_s == '1' && params[:transactionKey].present?
-          verify_params = parse_moneris_response(send_moneris_verify_request(params[:transactionKey])) || {}
+        # Invalid Result
+        if params[:result].to_s != '1' || params[:transactionKey].blank?
+          return order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
+        end
-          response_code = verify_params[:response_code].to_i # Sometimes moneris sends us the string 'null'
+        payment = params.merge(verify_moneris_transaction(params[:transactionKey]))
+        valid = (1..49).include?(payment[:response_code].to_i)  # Must be > 0 and < 50 to be valid. Sometimes we get the string 'null'
-          if response_code > 0 && response_code < 50  # Less than 50 means a successful validation
-            order_purchased(details: params.merge(verify_params), provider: 'moneris', card: params[:card], purchased_url: purchased_url)
-          else
-            order_declined(details: params.merge(verify_params), provider: 'moneris', card: params[:card], declined_url: declined_url)
-          end
-        else
-          order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
+        if valid == false
+          return order_declined(details: payment, provider: 'moneris', card: params[:card], declined_url: declined_url)
         end
+        order_purchased(details: payment, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
       end
       private
-      def parse_moneris_response(text)
-        text.split("<br>").inject(Hash.new()) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last ; h } rescue {response: text}
-      end
+      def verify_moneris_transaction(transactionKey)
+        # Send a verification POST request
+        uri = URI.parse(EffectiveOrders.moneris[:verify_url])
+        params = { ps_store_id: EffectiveOrders.moneris[:ps_store_id], hpp_key: EffectiveOrders.moneris[:hpp_key], transactionKey: transactionKey }
+        headers = { 'Referer': effective_orders.orders_url }
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        body = http.post(uri.path, params.to_query, headers).body
-      def send_moneris_verify_request(verify_key)
-        `curl -F ps_store_id='#{EffectiveOrders.moneris[:ps_store_id]}' -F hpp_key='#{EffectiveOrders.moneris[:hpp_key]}' -F transactionKey='#{verify_key}' --referer #{effective_orders.moneris_postback_orders_url} #{EffectiveOrders.moneris[:verify_url]}`
+        # Parse response into a Hash
+        body.split('<br>').inject({}) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last; h }
       end
     end

data/app/models/effective/order.rb CHANGED Viewed

@@ -310,7 +310,16 @@ module Effective
           self.purchase_state = EffectiveOrders::PURCHASED
           self.purchased_at ||= Time.zone.now
-          self.payment = details.kind_of?(Hash) ? details : { details: details.to_s }
+          self.payment = (
+            if details.kind_of?(Hash)
+              details
+            elsif details.respond_to?(:to_unsafe_h)
+              details.to_unsafe_h
+            else
+              { details: details.to_s }
+            end
+          )
           self.payment_provider = provider.to_s
           self.payment_card = card.to_s.presence || 'none'

data/app/models/effective/providers/moneris_charge.rb ADDED Viewed

@@ -0,0 +1,114 @@
+require 'nokogiri'
+module Effective
+  module Providers
+    class MonerisCharge
+      attr_accessor :order, :purchased_url, :declined_url
+      attr_accessor :hpp_id, :ticket # return values
+      def initialize(order:, purchased_url: nil, declined_url: nil)
+        @order = order
+        @purchased_url = purchased_url
+        @declined_url = declined_url
+        moneris_preload!
+      end
+      def present?
+        ticket.present? && hpp_id.present?
+      end
+      def moneris_preload!
+        # Make the moneris preload request
+        uri = URI.parse(EffectiveOrders.moneris[:hpp_url])
+        params = moneris_preload_payload.to_query
+        headers = {}
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        body = http.post(uri.path, params, headers).body
+        doc = ::Nokogiri::XML(body)
+        # Parse preload request
+        moneris = [:hpp_id, :ticket, :order_id, :response_code].inject({}) do |h, key|
+          h[key] = doc.xpath("//#{key}").children.first.to_s; h
+        end
+        # Transaction Response Code: < 50: data successfully loaded, >= 50: data not loaded
+        moneris[:response_code] = (moneris[:response_code].to_i rescue 50)
+        raise 'data not loaded' unless moneris[:response_code] < 50
+        # Our return value
+        @hpp_id = moneris[:hpp_id]
+        @ticket = moneris[:ticket]
+      end
+      def moneris_preload_payload
+        payload = {
+          ps_store_id: EffectiveOrders.moneris[:ps_store_id],
+          hpp_key: EffectiveOrders.moneris[:hpp_key],
+          hpp_preload: '',
+          charge_total: ('%.2f' % (order.total / 100.0)),
+          # Optional
+          order_id: order_id,
+          lang: 'en-ca',
+          email: order.user.email,
+          rvar_purchased_url: purchased_url,
+          rvar_declined_url: declined_url
+        }.compact
+        if order.tax.present?
+          payload[:gst] = ('%.2f' % (order.tax / 100.0))
+        end
+        if order.billing_name.present?
+          payload[:bill_first_name] = order.billing_name.split(' ')[0]
+          payload[:bill_last_name] = order.billing_name.split(' ')[1..-1].join(' ')
+        end
+        if order.billing_address.present?
+          address = order.billing_address
+          payload[:bill_address_one] = address.address1
+          payload[:bill_city] = address.city
+          payload[:bill_state_or_province] = address.state
+          payload[:bill_postal_code] = address.postal_code
+          payload[:bill_country] = address.country
+        end
+        if order.shipping_address.present?
+          address = order.shipping_address
+          payload[:ship_address_one] = address.address1
+          payload[:ship_city] = address.city
+          payload[:ship_state_or_province] = address.state
+          payload[:ship_postal_code] = address.postal_code
+          payload[:ship_country] = address.country
+        end
+        order.order_items.each_with_index do |item, index|
+          payload["id#{index}"] = index
+          payload["description#{index}"] = item.title
+          payload["quantity#{index}"] = item.quantity
+          payload["price#{index}"] = ('%.2f' % (item.price / 100.0))
+          payload["subtotal#{index}"] = ('%.2f' % (item.subtotal / 100.0))
+        end
+        payload
+      end
+      private
+      def order_id
+        [
+          order.to_param,
+          (order.billing_name.to_s.parameterize.presence if EffectiveOrders.moneris[:include_billing_name_in_order_id])
+        ].compact.join('-')
+      end
+    end
+  end
+end

data/app/views/effective/orders/_checkout_step2.html.haml CHANGED Viewed

@@ -1,36 +1,37 @@
 = render partial: 'effective/orders/order', locals: { order: order }
+- form_locals = { order: order, purchased_url: purchased_url, declined_url: declined_url }
 .effective-order.effective-order-purchase-actions
   - if EffectiveOrders.allow_free_orders && order.free?
-    = render partial: '/effective/orders/free/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+    = render partial: '/effective/orders/free/form', locals: form_locals
   - elsif EffectiveOrders.allow_refunds && order.refund?
     -# Nothing
   - else
     - if EffectiveOrders.allow_pretend_purchase_in_development && !Rails.env.production?
-      = render partial: '/effective/orders/pretend/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/pretend/form', locals: form_locals
     - if EffectiveOrders.allow_pretend_purchase_in_production && Rails.env.production?
-      = render partial: '/effective/orders/pretend/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/pretend/form', locals: form_locals
     - if EffectiveOrders.moneris_enabled
-      = render partial: '/effective/orders/moneris/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/moneris/form', locals: form_locals
     - if EffectiveOrders.paypal_enabled
-      = render partial: '/effective/orders/paypal/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/paypal/form', locals: form_locals
     - if EffectiveOrders.stripe_enabled
-      = render partial: '/effective/orders/stripe/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/stripe/form', locals: form_locals
     - if EffectiveOrders.ccbill_enabled
-      = render partial: '/effective/orders/ccbill/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/ccbill/form', locals: form_locals
     - if EffectiveOrders.app_checkout_enabled && EffectiveOrders.authorized?(controller, :app_checkout, order)
-      = render partial: '/effective/orders/app_checkout/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/app_checkout/form', locals: form_locals
     - if EffectiveOrders.cheque_enabled && order.user == current_user
-      = render partial: '/effective/orders/cheque/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/cheque/form', locals: form_locals
   - if EffectiveOrders.allow_pretend_purchase_in_production && Rails.env.production? && EffectiveOrders.allow_pretend_purchase_in_production_message.present?
     %br
@@ -39,8 +40,8 @@
 - if EffectiveOrders.authorized?(controller, :admin, :effective_orders) && order.user != current_user
   - if EffectiveOrders.allow_refunds && order.refund?
     .effective-order.effective-order-admin-purchase-actions
-      = render partial: '/effective/orders/refund/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/refund/form', locals: form_locals
   - elsif EffectiveOrders.mark_as_paid_enabled
     .effective-order.effective-order-admin-purchase-actions
-      = render partial: '/effective/orders/mark_as_paid/form', locals: { order: order, purchased_url: purchased_url, declined_url: declined_url }
+      = render partial: '/effective/orders/mark_as_paid/form', locals: form_locals

data/app/views/effective/orders/_order_actions.html.haml CHANGED Viewed

@@ -4,7 +4,7 @@
   - if order.purchased?
     = link_to 'Resend Receipt', effective_orders.send_buyer_receipt_order_path(order), class: 'btn btn-default', data: { confirm: 'This action will email the buyer a copy of the original email receipt.  Send receipt now?', disable_with: 'Resending...' }
-  - elsif EffectiveOrders.authorized?(controller, :admin, :effective_orders)
+  - elsif EffectiveOrders.authorized?(controller, :admin, :effective_orders) && order.user != current_user
     - if order.pending?
       = link_to 'Admin: Send Payment Request', effective_orders.send_payment_request_admin_order_path(order), class: 'btn btn-default', data: { method: :post, confirm: 'This action will email buyer a payment request. Send it now?', disable_with: 'Sending...' }
     = link_to 'Admin: Delete', effective_orders.admin_order_path(order), class: 'btn btn-default', data: { method: :delete, confirm: 'Are you sure you want to delete? This cannot be undone.', disable_with: 'Deleting...' }

data/app/views/effective/orders/moneris/_form.html.haml CHANGED Viewed

@@ -1,47 +1,8 @@
 = form_tag(EffectiveOrders.moneris[:hpp_url], method: :post) do
-  = hidden_field_tag(:ps_store_id, EffectiveOrders.moneris[:ps_store_id])
-  = hidden_field_tag(:hpp_key, EffectiveOrders.moneris[:hpp_key])
-  = hidden_field_tag(:lang, 'en-ca')
-  = hidden_field_tag(:rvar_authenticity_token, form_authenticity_token)
+  - moneris = Effective::Providers::MonerisCharge.new(order: order, purchased_url: purchased_url, declined_url: declined_url)
-  - if purchased_url.present?
-    = hidden_field_tag(:rvar_purchased_url, purchased_url)
-  - if declined_url.present?
-    = hidden_field_tag(:rvar_declined_url, declined_url)
-  = hidden_field_tag(:email, order.user.try(:email))
-  = hidden_field_tag(:cust_id, order.user.to_param)
-  = hidden_field_tag(:order_id, [order.to_param, order.billing_name.try(:parameterize).presence, Time.zone.now.to_i].compact.join('-'))
-  = hidden_field_tag(:gst, '%.2f' % (order.tax / 100.0))
-  = hidden_field_tag(:charge_total, '%.2f' % (order.total / 100.0))
-  - order.order_items.each_with_index do |item, x|
-    = hidden_field_tag("id#{x}", x)
-    = hidden_field_tag("description#{x}", item.title)
-    = hidden_field_tag("quantity#{x}", item.quantity)
-    = hidden_field_tag("price#{x}", '%.2f' % (item.price / 100.0))
-    = hidden_field_tag("subtotal#{x}", '%.2f' % (item.subtotal / 100.0))
-  - if order.billing_address.present?
-    - address = order.billing_address
-    = hidden_field_tag(:bill_first_name, address.first_name || order.try(:user).try(:first_name))
-    = hidden_field_tag(:bill_last_name, address.last_name || order.try(:user).try(:last_name))
-    = hidden_field_tag(:bill_address_one, address.address1)
-    = hidden_field_tag(:bill_city, address.city)
-    = hidden_field_tag(:bill_state_or_province, address.state)
-    = hidden_field_tag(:bill_postal_code, address.postal_code)
-    = hidden_field_tag(:bill_country, address.country)
-  - if order.shipping_address.present?
-    - address = order.shipping_address
-    = hidden_field_tag(:ship_first_name, address.first_name || order.try(:user).try(:first_name))
-    = hidden_field_tag(:ship_last_name, address.last_name || order.try(:user).try(:last_name))
-    = hidden_field_tag(:ship_address_one, address.address1)
-    = hidden_field_tag(:ship_city, address.city)
-    = hidden_field_tag(:ship_state_or_province, address.state)
-    = hidden_field_tag(:ship_postal_code, address.postal_code)
-    = hidden_field_tag(:ship_country, address.country)
+  = hidden_field_tag :hpp_preload, ''
+  = hidden_field_tag :hpp_id, moneris.hpp_id
+  = hidden_field_tag :ticket, moneris.ticket
   = submit_tag order_checkout_label(:moneris), class: 'btn btn-primary', data: { disable_with: 'Continuing...' }

data/lib/effective_orders/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EffectiveOrders
-  VERSION = '3.0.4'.freeze
+  VERSION = '3.1.0'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_orders
 version: !ruby/object:Gem::Version
-  version: 3.0.4
+  version: 3.1.0
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-08-07 00:00:00.000000000 Z
+date: 2019-08-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -167,6 +167,7 @@ files:
 - app/models/effective/order_item.rb
 - app/models/effective/product.rb
 - app/models/effective/providers/ccbill_postback.rb
+- app/models/effective/providers/moneris_charge.rb
 - app/models/effective/providers/stripe_charge.rb
 - app/models/effective/subscripter.rb
 - app/models/effective/subscription.rb