effective_orders 4.0.0beta1 → 4.0.0beta2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e0cf749b4cef2660e59b16b802211c75e79e7400
-  data.tar.gz: c4c452a35a548596146b2fdf099916065361dd55
+  metadata.gz: da1a756900ec2369535464ac59524e04e480c05f
+  data.tar.gz: 593c2b74776dd66558b67efc5ddc2fb09b94203b
 SHA512:
-  metadata.gz: af34590308483e7db60eb579b952167622809d2c0cfb9c1101221800e0a3ce51e5ffe6d8d7895755f7fe18282ac379e6de0406f47802c445e16a2492fd838a7a
-  data.tar.gz: c872866386ab0490fd154cb8caf59119c75ea61cb2f601049d92a75ec0d9a97a7f4e939563a13807b53f3440fe8a0d636c40326da2aa6b89f2858a4fa321f73e
+  metadata.gz: d3d7d27ebe782735240eba20c79372d281c9ffa009305c853e2bdd6ed319cf19936051ce8e82b9859f3ee4f6265e67db02161c984b51e42f229b3d4fb2e2474e
+  data.tar.gz: a8ff40a48e296934603d9841df3a4854d36fe4ce4ffa59d896310a6176aae905b29aab7ca7b4e1ca2d35bdbd75846b3eeea2c6f2b96e6737410c57d80b42f89c

data/README.md

@@ -533,10 +533,10 @@ The one gotcha with the above two scenarios, is that when `purchase!` is called,
 - `validates_numericality_of :total, greater_than_or_equal_to: minimum_charge` where minimum_charge is the configured value, once again from the initializer
 - `validates_presence_of :order_items` the Order must have at least one OrderItem
 
-You can skip validations with the following command, but be careful as this skips all validations:
+You can skip some buyer validations with the following command:
 
 ```ruby
-Effective::Order.new(@product, user: @user).purchase!(validate: false)
+Effective::Order.new(@product, user: @user).purchase!(skip_buyer_validations: true)
 ```
 
 The `@product` is now considered purchased.
@@ -940,136 +940,6 @@ The secret can be any string. Here's a good way to come up with a secret:
 This process should be very similar although you'll create and configure a seller account on paypal.com rather than the sandbox site.
 You should generate separate private and public certificates/keys for this and it is advisable to not keep production certificates/keys in version control.
 
-## Paying via CCBill
-
-Effective Orders has implemented checkout with CCBill using their "Dynamic Pricing" API and does not
-integrate with CCBill subscriptions. If you need to make payments for CCBill subscriptions, please help
-by improving Effective Orders with this functionality.
-
-### CCBill Account Setup
-
-You need a merchant account with CCBill so go sign up and login. To set up your account with Dynamic
-Pricing, you'll need to go through some hoops with CCBill:
-
-1. Get approval to operate a merchant account from CCBill Merchant Services (they'll need to see your
-   site in action)
-2. Provide CCBill with two valid forms of ID and wait for them to approve your account
-3. Create two additional sub accounts for a staging server and your localhost
-   ("Account Info" > "Account Setup")
-4. Get each new sub account approved by Merchant Services (mention that they are for testing only)
-5. Ask CCBill tech support to set up all sub accounts with Dynamic Pricing
-6. Set the postback urls for each sub account to be `"#{ your_domain_name }/orders/ccbill_postback`
-   (Look for 'Approval Post URL' and 'Denial Post URL' in "Account Info" > "Sub Account Admin" > select sub account
-   \> "Advanced" > under 'Background Post Information')
-
-### Effective Orders Configuration
-
-Get the following information and add it
-to the Effective Orders initializer. CCBill live chat is generally quick and helpful. They can help you
-find any of this information.
-
-- Account number (`:client_accnum`)
-- Subaccount number (`:client_subacc`)
-- Checkout form id/name (`:form_name`)
-- Currency code (`:currency_code`)
-- Encryption key/salt (`:dynamic_pricing_salt`)("Account Info" > "Sub Account Admin" > select sub account
-  \> "Advanced" > under 'Upgrade Security Setup Information' > 'Encryption key')
-
-Effective Orders will authorize to make changes to the customer's order during CCBill's post back after
-the transaction. Since, this is not an action that the customer takes directly, please make sure
-that the Effective Orders authorization method returns `true` for the controller/action
-`'Effective::OrdersController#ccbill_postback'` with an `Effective::Order` resource.
-
-### Testing transactions with CCBill
-
-To test payments with CCBill:
-
-1. Set up yourself as a user who is authorized to make test transactions
-   ([See this guide](https://www.ccbill.com/cs/wiki/tiki-index.php?page=How+do+I+set+up+a+user+to+process+test+transactions%3F))
-2. Use ngrok on localhost or a staging server to go through a normal payment (remember to configure the
-   postback urls (see #6 of [CCBill Account Setup](#ccbill-account-setup))
-3. Use one of the provided credit card numbers in the guide from step 1 for the associated response
-
-### Helpful CCBill Documentation
-
-- [Dynamic Pricing](https://www.ccbill.com/cs/wiki/tiki-index.php?page=Dynamic+Pricing)
-- [Dynamic Pricing User Guide](https://www.ccbill.com/cs/wiki/tiki-index.php?page=Dynamic+Pricing+User+Guide)
-- [Background Post](https://www.ccbill.com/cs/wiki/tiki-index.php?page=Background+Post)
-- [Webhooks](https://www.ccbill.com/cs/wiki/tiki-index.php?page=Webhooks+User+Guide)
-- [How do I set up a user to process test transactions?](https://www.ccbill.com/cs/wiki/tiki-index.php?page=How+do+I+set+up+a+user+to+process+test+transactions%3F)
-
-## Paying Using App Currency or Logic
-
-There are situations when you want to handle payment logic inside your application. For example, an app could
-have it's own type of currency (tokens, points, kudos) that could be used to make payments.
-
-Let's look at a sample app checkout configuration to see how to get this kind of checkout working:
-
-```ruby
-config.app_checkout_enabled = true
-
-config.app_checkout = {
-  checkout_label: 'Checkout with Tokens',
-  service: TokenCheckoutService,
-  declined_flash: "Payment was unsuccessful. Please try again."
-}
-```
-
-First, decide on a checkout button label (this is only used when there's more than one checkout option available).
-Other checkout buttons follow the pattern of "Checkout with \_\_\_", like "Checkout with Moneris".
-
-Second, create a service object in your app and add a reference to it here ([see below for details](#the-app-checkout-service-object)).
-
-The last configuration option is the declined flash message displayed when the `successful?` method
-returns `false`.
-
-Finally, *the app checkout button is hidden* unless effective orders receives authorzation to
-display it. This is helpful if certain users don't use the in-app currency or in-app checkout.
-To authorize effective orders and display the button, you should make sure that the effective
-orders `authorization_method`, defined earlier in the config file, returns `true` if the three
-arguments are: An instance of `Effective::OrdersController`, the Symbol `:app_checkout`, and the
-instance of `Effective::Order`.
-
-### The App Checkout Service Object
-
-The app checkout [service object](http://stevelorek.com/service-objects.html) is responsible for containing
-the businiess logic of in-app payments (i.e. with tokens).
-
-There are two recommended ways to implement the service object:
-
-1. Create a service object that inherits from `EffectiveOrders::AppCheckoutService`
-2. Use the [interactor gem](https://github.com/collectiveidea/interactor) (interactor is just another
-   term for service object)
-
-Here's a sample service object (and likely the minimal implementation that you'll want):
-
-```ruby
-# located in /app/services/token_checkout_service.rb
-
-# Instances of this class have access to the Effective::Order object in the instance variable, @order.
-class TokenCheckoutService < EffectiveOrders::AppCheckoutService
-  # This method is responsible to complete the payment transaction
-  def call
-    cost_in_tokens = Token.cost_in_tokens(@order.price)
-    @order.user.tokens = @order.user.tokens - cost_in_tokens
-    @success = @order.user.save
-  end
-
-  # Did the purchase finish correctly?
-  def successful?
-    @success
-  end
-
-  # - optional -
-  # return a Hash or easily serializable object like a String
-  #
-  # The return value of this method will be serialized and stored on the `payment_details` attribute
-  # of the `Effective::Order`.
-  def payment_details
-  end
-end
-```
-
 
 ## License
 

data/app/controllers/effective/concerns/purchase.rb

@@ -5,9 +5,9 @@ module Effective
 
       protected
 
-      def order_purchased(provider:, card: 'none', details: 'none', email: true, skip_buyer_validations: false, purchased_url: nil, declined_url: nil)
+      def order_purchased(payment:, provider:, card: 'none', email: true, skip_buyer_validations: false, purchased_url: nil, declined_url: nil)
         begin
-          @order.purchase!(provider: provider, card: card, details: details, email: email, skip_buyer_validations: skip_buyer_validations)
+          @order.purchase!(payment: payment, provider: provider, card: card, email: email, skip_buyer_validations: skip_buyer_validations)
 
           Effective::Cart.where(user_id: @order.user_id).destroy_all
 
@@ -26,8 +26,8 @@ module Effective
         end
       end
 
-      def order_declined(provider:, card: 'none', details: 'none', message: nil, declined_url: nil)
-        @order.decline!(provider: provider, card: card, details: details) rescue nil
+      def order_declined(payment:, provider:, card: 'none', message: nil, declined_url: nil)
+        @order.decline!(payment: payment, provider: provider, card: card) rescue nil
 
         flash[:danger] = message.presence || 'Payment was unsuccessful. Your credit card was declined by the payment processor. Please try again.'
 

data/app/controllers/effective/providers/free.rb

@@ -15,7 +15,7 @@ module Effective
         end
 
         order_purchased(
-          details: 'free order. no payment required.',
+          payment: 'free order. no payment required.',
           provider: 'free',
           card: 'none',
           purchased_url: params[:purchased_url],

data/app/controllers/effective/providers/mark_as_paid.rb

@@ -12,7 +12,7 @@ module Effective
         @order.assign_attributes(mark_as_paid_params.except(:payment, :payment_provider, :payment_card))
 
         order_purchased(
-          details: mark_as_paid_params[:payment],
+          payment: mark_as_paid_params[:payment],
           provider: mark_as_paid_params[:payment_provider],
           card: mark_as_paid_params[:payment_card],
           email: @order.send_mark_as_paid_email_to_buyer?,

data/app/controllers/effective/providers/moneris.rb

@@ -1,3 +1,5 @@
+require 'net/http'
+
 module Effective
   module Providers
     module Moneris
@@ -17,33 +19,40 @@ module Effective
         declined_url = params.delete(:rvar_declined_url)
 
         if @order.purchased?  # Fallback to a success condition of the Order is already purchased
-          order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
-          return
+          return order_purchased(payment: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
         end
 
-        if params[:result].to_s == '1' && params[:transactionKey].present?
-          verify_params = parse_moneris_response(send_moneris_verify_request(params[:transactionKey])) || {}
+        # Invalid Result
+        if params[:result].to_s != '1' || params[:transactionKey].blank?
+          return order_declined(payment: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
+        end
 
-          response_code = verify_params[:response_code].to_i # Sometimes moneris sends us the string 'null'
+        # Verify response from moneris
+        payment = params.merge(verify_moneris_transaction(params[:transactionKey]))
+        valid = (1..49).include?(payment[:response_code].to_i)  # Must be > 0 and < 50 to be valid. Sometimes we get the string 'null'
 
-          if response_code > 0 && response_code < 50  # Less than 50 means a successful validation
-            order_purchased(details: params.merge(verify_params), provider: 'moneris', card: params[:card], purchased_url: purchased_url)
-          else
-            order_declined(details: params.merge(verify_params), provider: 'moneris', card: params[:card], declined_url: declined_url)
-          end
-        else
-          order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
+        if valid == false
+          return order_declined(payment: payment, provider: 'moneris', card: params[:card], declined_url: declined_url)
         end
+
+        order_purchased(payment: payment, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
       end
 
       private
 
-      def parse_moneris_response(text)
-        text.split("<br>").inject(Hash.new()) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last ; h } rescue {response: text}
-      end
+      def verify_moneris_transaction(transactionKey)
+        # Send a verification POST request
+        uri = URI.parse(EffectiveOrders.moneris[:verify_url])
+        params = { ps_store_id: EffectiveOrders.moneris[:ps_store_id], hpp_key: EffectiveOrders.moneris[:hpp_key], transactionKey: transactionKey }
+        headers = { 'Referer': effective_orders.moneris_postback_orders_url }
+
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+
+        body = http.post(uri.path, params.to_query, headers).body
 
-      def send_moneris_verify_request(verify_key)
-        `curl -F ps_store_id='#{EffectiveOrders.moneris[:ps_store_id]}' -F hpp_key='#{EffectiveOrders.moneris[:hpp_key]}' -F transactionKey='#{verify_key}' --referer #{effective_orders.moneris_postback_orders_url} #{EffectiveOrders.moneris[:verify_url]}`
+        # Parse response into a Hash
+        body.split('<br>').inject({}) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last; h }
       end
 
     end

data/app/controllers/effective/providers/paypal.rb

@@ -16,11 +16,11 @@ module Effective
 
         if @order.present?
           if @order.purchased?
-            order_purchased(details: params, provider: 'paypal', card: params[:payment_type])
+            order_purchased(payment: params, provider: 'paypal', card: params[:payment_type])
           elsif (params[:payment_status] == 'Completed' && params[:custom] == EffectiveOrders.paypal[:secret])
-            order_purchased(details: params, provider: 'paypal', card: params[:payment_type])
+            order_purchased(payment: params, provider: 'paypal', card: params[:payment_type])
           else
-            order_declined(details: params, provider: 'paypal', card: params[:payment_type])
+            order_declined(payment: params, provider: 'paypal', card: params[:payment_type])
           end
         end
 

data/app/controllers/effective/providers/pretend.rb

@@ -9,7 +9,7 @@ module Effective
         EffectiveOrders.authorize!(self, :update, @order)
 
         order_purchased(
-          details: 'for pretend',
+          payment: 'for pretend',
           provider: 'pretend',
           card: 'none',
           purchased_url: params[:purchased_url],

data/app/controllers/effective/providers/refund.rb

@@ -18,7 +18,7 @@ module Effective
         @order.assign_attributes(refund_params.except(:payment, :payment_provider, :payment_card))
 
         order_purchased(
-          details: refund_params[:payment],
+          payment: refund_params[:payment],
           provider: refund_params[:payment_provider],
           card: refund_params[:payment_card],
           email: @order.send_mark_as_paid_email_to_buyer?,

data/app/controllers/effective/providers/stripe.rb

@@ -15,7 +15,7 @@ module Effective
 
         if @stripe_charge.valid? && (response = process_stripe_charge(@stripe_charge)) != false
           order_purchased(
-            details: response,
+            payment: response,
             provider: 'stripe',
             card: (response[:charge]['source']['brand'] rescue nil)
           )

data/app/helpers/effective_carts_helper.rb

@@ -35,7 +35,7 @@ module EffectiveCartsHelper
       label: 'My Cart',
       id: 'current_cart',
       rel: :nofollow,
-      class: 'btn btn-default'
+      class: 'btn btn-secondary'
     }.merge(opts)
 
     label = options.delete(:label)

data/app/models/effective/order.rb

@@ -97,6 +97,12 @@ module Effective
       end
     end
 
+    with_options if: -> { confirmed? && !skip_buyer_validations? } do |order|
+      if EffectiveOrders.terms_and_conditions
+        order.validates :terms_and_conditions, presence: true
+      end
+    end
+
     # When Purchased
     with_options if: -> { purchased? } do |order|
       order.validates :purchased_at, presence: true
@@ -132,24 +138,22 @@ module Effective
       return unless atts.present?
 
       if atts.kind_of?(Hash)
-        if (keywords = (atts.keys - [:item, :items, :user, :billing_address, :shipping_address])).present?
-          raise ArgumentError.new("unknown keyword: #{keywords.join(' ')}")
-        end
+        items = Array(atts.delete(:item)) + Array(atts.delete(:items))
 
-        items = Array(atts[:item]) + Array(atts[:items])
+        self.user = atts.delete(:user) || (items.first.user if items.first.respond_to?(:user))
 
-        self.user = atts[:user] || (items.first.user if items.first.respond_to?(:user))
-
-        if atts.key?(:billing_address)
-          self.billing_address = atts[:billing_address]
+        if (address = atts.delete(:billing_address)).present?
+          self.billing_address = address
           self.billing_address.full_name ||= user.to_s.presence
         end
 
-        if atts.key?(:shipping_address)
-          self.shipping_address = atts[:shipping_address]
+        if (address = atts.delete(:shipping_address)).present?
+          self.shipping_address = address
           self.shipping_address.full_name ||= user.to_s.presence
         end
 
+        atts.each { |key, value| self.send("#{key}=", value) }
+
         add(items) if items.present?
       else # Attributes are not a Hash
         self.user = atts.user if atts.respond_to?(:user)
@@ -304,42 +308,35 @@ module Effective
       false
     end
 
-    # Effective::Order.new(Product.first, user: User.first).purchase!(details: 'manual purchase')
-    # order.purchase!(details: {key: value})
-    def purchase!(details: 'none', provider: 'none', card: 'none', validate: true, email: true, skip_buyer_validations: false)
+    # Effective::Order.new(items: Product.first, user: User.first).purchase!(email: false)
+    def purchase!(payment: 'none', provider: 'none', card: 'none', note: nil, email: true, skip_buyer_validations: false)
       return false if purchased?
-
-      success = false
       error = nil
 
+      assign_attributes(
+        state: EffectiveOrders::PURCHASED,
+        purchased_at: Time.zone.now,
+        payment: payment_to_h(payment),
+        payment_provider: provider,
+        payment_card: (card.presence || 'none'),
+        skip_buyer_validations: skip_buyer_validations
+      )
+
       Effective::Order.transaction do
         begin
-          self.state = EffectiveOrders::PURCHASED
-          self.purchased_at ||= Time.zone.now
-
-          self.payment = details.kind_of?(Hash) ? details : { details: details.to_s }
-          self.payment_provider = provider.to_s
-          self.payment_card = card.to_s.presence || 'none'
-
-          self.skip_buyer_validations = skip_buyer_validations
-
-          assign_purchased_order_to_purchasables
-
           run_purchasable_callbacks(:before_purchase)
-
-          save!(validate: validate)
-
-          success = true
+          save!
+          update_purchasables_purchased_order!
         rescue => e
           self.state = state_was
-          self.purchased_at = purchased_at_was
+          self.purchased_at = nil
 
           error = e.message
           raise ::ActiveRecord::Rollback
         end
       end
 
-      raise "Failed to purchase order: #{error || errors.full_messages.to_sentence}" unless success
+      raise "Failed to purchase order: #{error || errors.full_messages.to_sentence}" unless error.nil?
 
       send_order_receipts! if email
 
@@ -348,36 +345,34 @@ module Effective
       true
     end
 
-    def decline!(details: 'none', provider: 'none', card: 'none', validate: true)
+    def decline!(payment: 'none', provider: 'none', card: 'none', validate: true)
       return false if declined?
 
       raise EffectiveOrders::AlreadyPurchasedException.new('order already purchased') if purchased?
 
-      success = false
       error = nil
 
+      assign_attributes(
+        state: EffectiveOrders::DECLINED,
+        purchased_at: nil,
+        payment: payment_to_h(payment),
+        payment_provider: provider,
+        payment_card: (card.presence || 'none'),
+        skip_buyer_validations: true
+      )
+
       Effective::Order.transaction do
         begin
-          self.state = EffectiveOrders::DECLINED
-          self.purchased_at = nil
-
-          self.payment = details.kind_of?(Hash) ? details : { details: details.to_s }
-          self.payment_provider = provider.to_s
-          self.payment_card = card.to_s.presence || 'none'
-
           save!(validate: validate)
-
-          success = true
         rescue => e
           self.state = state_was
-          self.purchased_at = purchased_at_was
 
           error = e.message
           raise ::ActiveRecord::Rollback
         end
       end
 
-      raise "Failed to decline order: #{error || errors.full_messages.to_sentence}" unless success
+      raise "Failed to decline order: #{error || errors.full_messages.to_sentence}" unless error.nil?
 
       run_purchasable_callbacks(:after_decline)
 
@@ -452,8 +447,8 @@ module Effective
       end
     end
 
-    def assign_purchased_order_to_purchasables
-      order_items.each { |oi| oi.purchasable.purchased_order = self }
+    def update_purchasables_purchased_order!
+      order_items.each { |oi| oi.purchasable.update_column(:purchased_order_id, self.id) }
     end
 
     def run_purchasable_callbacks(name)
@@ -472,5 +467,15 @@ module Effective
       end
     end
 
+    def payment_to_h(payment)
+      if payment.respond_to?(:to_unsafe_h)
+        payment.to_unsafe_h.to_h
+      elsif payment.respond_to?(:to_h)
+        payment.to_h
+      else
+        { details: (payment.to_s.presence || 'none') }
+      end
+    end
+
   end
 end

data/app/models/effective/order_item.rb

@@ -16,7 +16,7 @@ module Effective
     # timestamps
 
     validates :purchasable, associated: true, presence: true
-    accepts_nested_attributes_for :purchasable, allow_destroy: false, reject_if: :all_blank, update_only: true
+    accepts_nested_attributes_for :purchasable
 
     validates :title, presence: true
     validates :quantity, presence: true, numericality: { greater_than: 0 }
@@ -34,6 +34,10 @@ module Effective
       price * quantity
     end
 
+    def quantity
+      self[:quantity] || 1
+    end
+
     def tax
       return 0 if tax_exempt?
       raise 'parent Effective::Order must have a tax_rate to compute order item tax' unless order.try(:tax_rate).present?

data/app/views/admin/orders/_actions.html.haml

@@ -1,7 +1,9 @@
 = dropdown(variation: :dropleft) do
   - if datatable.admin_namespace?
     = dropdown_link_to 'View', effective_orders.admin_order_path(order)
-    = dropdown_link_to 'Edit', effective_orders.edit_admin_order_path(order)
+
+    - if order.purchased? == false
+      = dropdown_link_to 'Edit', effective_orders.edit_admin_order_path(order)
 
     - if order.purchased?
       = dropdown_link_to 'Email receipt to buyer', effective_orders.send_buyer_receipt_order_path(order),

data/app/views/effective/orders/declined.html.haml

@@ -2,6 +2,11 @@
 
 %p= flash[:danger]
 
-%p Your #{link_to_current_cart(label: 'Cart')} items have been saved. Please try again.
-
-
+%p.effective-orders-page-content
+  = link_to 'Home', root_path, class: 'btn btn-primary'
+
+%p.effective-orders-page-content
+  - if current_cart.present?
+    Your #{link_to_current_cart(label: 'Cart')} items have been saved. Please try again.
+  - else
+    Please try again.

data/lib/effective_orders.rb

@@ -139,8 +139,8 @@ module EffectiveOrders
       ('pretend' if pretend?),
       ('stripe' if stripe?),
       ('credit card' if mark_as_paid?),
-      ('none' if mark_as_paid?),
       ('other' if mark_as_paid?),
+      'none'
     ].compact
   end
 

data/lib/effective_orders/version.rb

@@ -1,3 +1,3 @@
 module EffectiveOrders
-  VERSION = '4.0.0beta1'.freeze
+  VERSION = '4.0.0beta2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_orders
 version: !ruby/object:Gem::Version
-  version: 4.0.0beta1
+  version: 4.0.0beta2
 platform: ruby
 authors:
 - Code and Effect
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-03-20 00:00:00.000000000 Z
+date: 2018-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails