effective_orders 6.6.3 → 6.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 02717fdbe9f5c91a4c6331982a1af5dd676fc06ababd575d0df0d8d80d2c5849
-  data.tar.gz: de81310a27bedc63d827cc0aaaff6073afa5c634136bceabe2ad7e286964b8c3
+  metadata.gz: 7b95b58112e836a932ba93507f74ab11a551110d5e656100be363fef929dff4f
+  data.tar.gz: baa58804ceab0264a4f87b9c97c1268c90a765d5d1d3bc86e224b6ec2e558982
 SHA512:
-  metadata.gz: 8792b83fbfc309b9c351665c8f4a3cf34e3d87014c27465c8211d98ae7e1623b16a34cdea8199fab78647b060e75e38f53b89189d955317188e9a630543015d7
-  data.tar.gz: a514c76ef7b8ccba74b3ae81bb2da0a9534193044471811d2a09a9ca65b93d6caa86aa57e27cf90f05041b9a6ef9e591b9f6a224c63b5455e4ca3db60bc1d077
+  metadata.gz: a4bd65c532f86d5eeb602a4699ff87922f010137825bcfa960f82584f33fd61bb5d7f2db962fdbc93c7044c076597ee677e84b9285909a24d99864f192d8c360
+  data.tar.gz: fe9c072ee1aad78d10216fa930faafe7ebd569b21488347c674c9dc34fe590f23352e6a3820701df89d4366b869cc26d007c94bc2155d4bf4bf162bbb6db20e0

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2021 Code and Effect Inc.
+Copyright 2023 Code and Effect Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -353,7 +353,7 @@ The permissions you actually want to define for a regular user are as follows (u
 can [:manage], Effective::Cart, user_id: user.id
 
 can [:manage], Effective::Order, user_id: user.id # Orders cannot be deleted
-cannot [:edit, :update], Effective::Order, state: 'purchased'
+cannot [:edit, :update], Effective::Order, status: 'purchased'
 
 can [:manage], Effective::Subscription, user_id: user.id
 ```

data/app/controllers/admin/orders_controller.rb

@@ -46,8 +46,7 @@ module Admin
 
       if request.get?
         @order.assign_confirmed_if_valid!
-        render(:checkout)
-        return
+        return render(:checkout)
       end
 
       # Otherwise a post
@@ -96,7 +95,7 @@ module Admin
 
         @orders.each { |order| order.send_payment_request_to_buyer! }
         render json: { status: 200, message: "Successfully sent #{@orders.length} payment request emails"}
-      rescue => e
+      rescue Exception => e
         render json: { status: 500, message: "Bulk send payment request error: #{e.message}" }
       end
     end

data/app/controllers/effective/carts_controller.rb

@@ -33,7 +33,7 @@ module Effective
     def add_to_cart
       @purchasable = (add_to_cart_params[:purchasable_type].constantize.find(add_to_cart_params[:purchasable_id].to_i) rescue nil)
 
-      EffectiveResources.authorize!(self, :update, current_cart)
+      EffectiveResources.authorize!(self, :add_to_cart, current_cart)
 
       begin
         raise "Please select a valid #{add_to_cart_params[:purchasable_type] || 'item' }." unless @purchasable
@@ -42,7 +42,7 @@ module Effective
         flash[:success] = 'Successfully added item to cart.'
       rescue EffectiveOrders::SoldOutException
         flash[:warning] = 'This item is sold out.'
-      rescue => e
+      rescue Exception => e
         flash[:danger] = 'Unable to add item to cart: ' + e.message
       end
 
@@ -52,7 +52,7 @@ module Effective
     def remove_from_cart
       @cart_item = current_cart.cart_items.find(remove_from_cart_params[:id])
 
-      EffectiveResources.authorize!(self, :update, current_cart)
+      EffectiveResources.authorize!(self, :remove_from_cart, current_cart)
 
       if @cart_item.destroy
         flash[:success] = 'Successfully removed item from cart.'

data/app/controllers/effective/concerns/purchase.rb

@@ -25,7 +25,7 @@ module Effective
       def order_deferred(provider:, email: true, deferred_url: nil)
         @order.defer!(provider: provider, email: email)
 
-        Effective::Cart.where(user: @order.user).destroy_all if @order.user.present?
+        Effective::Cart.where(user: current_user).destroy_all if current_user.present?
 
         if flash[:success].blank?
           if email

data/app/controllers/effective/orders_controller.rb

@@ -133,7 +133,7 @@ module Effective
         end
 
         render json: { status: 200, message: "Successfully sent #{@orders.length} receipt emails"}
-      rescue => e
+      rescue Exception => e
         render json: { status: 500, message: "Bulk send buyer receipt error: #{e.message}" }
       end
     end

data/app/datatables/admin/effective_orders_datatable.rb

@@ -20,6 +20,7 @@ module Admin
         scope :purchased
 
         scope :deferred if EffectiveOrders.deferred_providers.present?
+        scope :voided
 
         scope :pending_refunds if EffectiveOrders.refund && !EffectiveOrders.buyer_purchases_refund?
         scope :refunds if EffectiveOrders.refund
@@ -40,6 +41,8 @@ module Admin
         '#' + order.to_param
       end
 
+      col :status
+
       col :purchased_at do |order|
         order.purchased_at&.strftime('%F %H:%M') || ('pending refund' if order.pending_refund?) || ("pending #{order.payment_provider}" if order.deferred?) || 'not purchased'
       end

data/app/datatables/effective_orders_datatable.rb

@@ -24,6 +24,8 @@ class EffectiveOrdersDatatable < Effective::Datatable
 
     col :parent, visible: false, search: :string
 
+    col :status
+
     unless attributes[:not_purchased]
       col :purchased_at do |order|
         order.purchased_at&.strftime('%F %H:%M') || 'not purchased'

data/app/helpers/effective_stripe_helper.rb

@@ -50,7 +50,7 @@ module EffectiveStripeHelper
 
     begin
       stripe_payment_intent_payload(order, customer)
-    rescue => e
+    rescue Exception => e
       raise unless Rails.env.development?
       stripe_payment_intent_payload(order, Effective::Customer.new(user: order.user))
     end

data/app/models/concerns/acts_as_purchasable.rb

@@ -30,10 +30,10 @@ module ActsAsPurchasable
     has_many :order_items, as: :purchasable, class_name: 'Effective::OrderItem'
     has_many :orders, -> { order(:id) }, through: :order_items, class_name: 'Effective::Order'
 
-    has_many :purchased_orders, -> { where(state: EffectiveOrders::PURCHASED).order(:purchased_at) },
+    has_many :purchased_orders, -> { where(status: :purchased).order(:purchased_at) },
       through: :order_items, class_name: 'Effective::Order', source: :order
 
-    has_many :deferred_orders, -> { where(state: EffectiveOrders::DEFERRED).order(:created_at) },
+    has_many :deferred_orders, -> { where(status: :deferred).order(:created_at) },
       through: :order_items, class_name: 'Effective::Order', source: :order
 
     # Database max integer value is 2147483647.  So let's round that down and use a max/min of $20 million (2000000000)
@@ -52,10 +52,8 @@ module ActsAsPurchasable
     scope :purchased, -> { where.not(purchased_order_id: nil) }
     scope :not_purchased, -> { where(purchased_order_id: nil) }
 
-    # scope :purchased, -> { joins(order_items: :order).where(orders: {state: EffectiveOrders::PURCHASED}).distinct }
-    # scope :not_purchased, -> { where('id NOT IN (?)', purchased.pluck(:id).presence || [0]) }
-    scope :purchased_by, lambda { |user| joins(order_items: :order).where(orders: { user_id: user.try(:id), state: EffectiveOrders::PURCHASED }).distinct }
-    scope :not_purchased_by, lambda { |user| where('id NOT IN (?)', purchased_by(user).pluck(:id).presence || [0]) }
+    scope :purchased_by, lambda { |user| joins(order_items: :order).where(orders: { purchased_by: user, status: :purchased }).distinct }
+    scope :not_purchased_by, lambda { |user| where.not(id: purchased_by(user)) }
   end
 
   module ClassMethods
@@ -110,7 +108,7 @@ module ActsAsPurchasable
   end
 
   def purchased_by?(user)
-    purchased_orders.any? { |order| order.user_id == user.id }
+    purchased_orders.any? { |order| order.purchased_by_id == user.id }
   end
 
   def purchased_download_url # Override me if this is a digital purchase.

data/app/models/effective/order.rb

@@ -1,24 +1,41 @@
-# When an Order is first initialized it is done in the pending state
-# - when it's in the pending state, none of the buyer entered information is required
+# When an Order is first initialized it is done in the pending status
+# - when it's in the pending status, none of the buyer entered information is required
 # - when a pending order is rendered:
 # - if the user has a billing address, go to step 2
 # - if the user has no billing address, go to step 1
 #
-# After Step1, we go to the confirmed state
-# After Step2, we are in the purchased or declined state
+# After Step1, we go to the confirmed status
+# After Step2, we are in the purchased or declined status
 
 module Effective
   class Order < ActiveRecord::Base
     self.table_name = EffectiveOrders.orders_table_name.to_s
 
+    # Effective Resources
+    acts_as_statused(
+      :pending,         # New orders are created in a pending state
+      :confirmed,       # Once the order has passed checkout step 1
+      :deferred,        # Deferred providers. cheque, etransfer or phone was selected.
+      :purchased,       # Purchased by provider
+      :declined,        # Declined by provider
+      :voided,          # Voided by admin
+      :abandoned        # Not set by this gem. Can be set outside it.
+    )
+
+    # Effective Addresses
+    acts_as_addressable(billing: { singular: true }, shipping: { singular: true })
+
+    # Effective Logging
+    log_changes if respond_to?(:log_changes)
+
+    # Effective Obfuscation
     if EffectiveOrders.obfuscate_order_ids
       raise('unsupported obfuscation with tenant') if defined?(Tenant)
       acts_as_obfuscated format: '###-####-###'
     end
 
-    acts_as_addressable(billing: { singular: true }, shipping: { singular: true })
+    # Effective Reports
     acts_as_reportable if respond_to?(:acts_as_reportable)
-    log_changes if respond_to?(:log_changes)
 
     attr_accessor :terms_and_conditions # Yes, I agree to the terms and conditions
     attr_accessor :confirmed_checkout   # Set on the Checkout Step 1
@@ -47,7 +64,10 @@ module Effective
 
     # Attributes
     effective_resource do
-      state             :string
+      # Acts as Statused
+      status            :string
+      status_steps      :text
+
       purchased_at      :datetime
 
       note              :text   # From buyer to admin
@@ -82,16 +102,17 @@ module Effective
     scope :deep, -> { includes(:addresses, :user, :purchased_by, :organization, order_items: :purchasable) }
     scope :sorted, -> { order(:id) }
 
-    scope :purchased, -> { where(state: EffectiveOrders::PURCHASED) }
+    scope :purchased, -> { where(status: :purchased) }
     scope :purchased_by, lambda { |user| purchased.where(user: user) }
-    scope :not_purchased, -> { where.not(state: [EffectiveOrders::PURCHASED, EffectiveOrders::DEFERRED]) }
-    scope :was_not_purchased, -> { where.not(state: EffectiveOrders::PURCHASED) }
+    scope :not_purchased, -> { where.not(status: [:purchased, :deferred]) }
+    scope :was_not_purchased, -> { where.not(status: :purchased) }
 
-    scope :pending, -> { where(state: EffectiveOrders::PENDING) }
-    scope :confirmed, -> { where(state: EffectiveOrders::CONFIRMED) }
-    scope :deferred, -> { where(state: EffectiveOrders::DEFERRED) }
-    scope :declined, -> { where(state: EffectiveOrders::DECLINED) }
-    scope :abandoned, -> { where(state: EffectiveOrders::ABANDONED) }
+    scope :pending, -> { where(status: :pending) }
+    scope :confirmed, -> { where(status: :confirmed) }
+    scope :deferred, -> { where(status: :deferred) }
+    scope :declined, -> { where(status: :declined) }
+    scope :abandoned, -> { where(status: :abandoned) }
+    scope :voided, -> { where(status: :voided) }
 
     scope :refunds, -> { purchased.where('total < ?', 0) }
     scope :pending_refunds, -> { not_purchased.where('total < ?', 0) }
@@ -102,8 +123,7 @@ module Effective
     end
 
     before_validation do
-      self.state ||= EffectiveOrders::PENDING
-      self.state = EffectiveOrders::CONFIRMED if pending? && confirmed_checkout
+      assign_attributes(status: :confirmed) if pending? && confirmed_checkout
     end
 
     before_validation do
@@ -126,7 +146,6 @@ module Effective
     validates :cc, email_cc: true
 
     validates :order_items, presence: { message: 'No items are present. Please add additional items.' }
-    validates :state, inclusion: { in: EffectiveOrders::STATES.keys }
 
     validate do
       if EffectiveOrders.organization_enabled?
@@ -179,8 +198,12 @@ module Effective
       end
     end
 
+    validate(if: -> { was_voided? }) do
+      errors.add(:status, "cannot update a voided order") unless (voided? || pending?)
+    end
+
     # Sanity check
-    before_save(if: -> { was_purchased? }) do
+    before_save(if: -> { status_was.to_s == 'purchased' }) do
       raise('cannot unpurchase an order') unless purchased?
 
       raise('cannot change subtotal of a purchased order') if changes[:subtotal].present?
@@ -204,7 +227,7 @@ module Effective
     # Effective::Order.new(items: Product.first, user: User.first, billing_address: Effective::Address.new, shipping_address: Effective::Address.new)
 
     def initialize(atts = nil, &block)
-      super(state: EffectiveOrders::PENDING) # Initialize with state: PENDING
+      super(status: :pending) # Initialize with status pending
 
       return self unless atts.present?
 
@@ -406,24 +429,12 @@ module Effective
       Array(billing_name.to_s.split(' ')[1..-1]).join(' ')
     end
 
-    def pending?
-      state == EffectiveOrders::PENDING
-    end
-
-    def confirmed?
-      state == EffectiveOrders::CONFIRMED
-    end
-
-    def deferred?
-      state == EffectiveOrders::DEFERRED
-    end
-
     def in_progress?
       pending? || confirmed? || deferred?
     end
 
     def done?
-      persisted? && (purchased? || declined?)
+      persisted? && (purchased? || declined? || voided? || abandoned?)
     end
 
     # A custom order is one that was created by an admin
@@ -433,15 +444,11 @@ module Effective
     end
 
     def purchased?(provider = nil)
-      return false if (state != EffectiveOrders::PURCHASED)
+      return false if (status.to_sym != :purchased)
       return true if provider.nil? || payment_provider == provider.to_s
       false
     end
 
-    def was_purchased?
-      state_was == EffectiveOrders::PURCHASED
-    end
-
     def purchased_with_credit_card?
       purchased? && EffectiveOrders.credit_card_payment_providers.include?(payment_provider)
     end
@@ -450,14 +457,6 @@ module Effective
       purchased? && EffectiveOrders.credit_card_payment_providers.exclude?(payment_provider)
     end
 
-    def declined?
-      state == EffectiveOrders::DECLINED
-    end
-
-    def abandoned?
-      state == EffectiveOrders::ABANDONED
-    end
-
     def purchasables
       present_order_items.map { |order_item| order_item.purchasable }.compact
     end
@@ -558,7 +557,7 @@ module Effective
     def pending!
       return false if purchased?
 
-      self.state = EffectiveOrders::PENDING
+      assign_attributes(status: :pending)
       self.addresses.clear if addresses.any? { |address| address.valid? == false }
       save!
 
@@ -572,18 +571,18 @@ module Effective
     # Used by admin checkout only
     def confirm!
       return false if purchased?
-      update!(state: EffectiveOrders::CONFIRMED)
+      confirmed!
     end
 
     # This lets us skip to the confirmed workflow for an admin...
     def assign_confirmed_if_valid!
       return unless pending?
 
-      self.state = EffectiveOrders::CONFIRMED
+      assign_attributes(status: :confirmed)
       return true if valid?
 
       self.errors.clear
-      self.state = EffectiveOrders::PENDING
+      assign_attributes(status: :pending)
       false
     end
 
@@ -604,11 +603,13 @@ module Effective
     def purchase!(payment: nil, provider: nil, card: nil, email: true, skip_buyer_validations: false, skip_quickbooks: false, current_user: nil)
       return true if purchased?
 
+      raise('unable to purchase voided order') if voided?
+
       # Assign attributes
       assign_attributes(
-        state: EffectiveOrders::PURCHASED,
         skip_buyer_validations: skip_buyer_validations,
 
+        status: :purchased,
         purchased_at: (purchased_at.presence || Time.zone.now),
         purchased_by: (purchased_by.presence || current_user),
 
@@ -633,7 +634,7 @@ module Effective
 
           run_purchasable_callbacks(:after_purchase)
         end
-      rescue => e
+      rescue ActiveRecord::RecordInvalid => e
         Effective::Order.transaction do
           save!(validate: false)
           update_purchasables_purchased_order!
@@ -668,8 +669,8 @@ module Effective
     def defer!(provider: 'none', email: true)
       return false if purchased?
 
-      assign_attributes(state: EffectiveOrders::DEFERRED, payment_provider: provider)
-      save!
+      assign_attributes(payment_provider: provider)
+      deferred!
 
       send_payment_request_to_buyer! if email
 
@@ -684,12 +685,15 @@ module Effective
       error = nil
 
       assign_attributes(
-        state: EffectiveOrders::DECLINED,
+        skip_buyer_validations: true,
+
+        status: :declined,
         purchased_at: nil,
+        purchased_by: nil,
+
         payment: payment_to_h(payment),
         payment_provider: provider,
-        payment_card: (card.presence || 'none'),
-        skip_buyer_validations: true
+        payment_card: (card.presence || 'none')
       )
 
       Effective::Order.transaction do
@@ -697,8 +701,8 @@ module Effective
           run_purchasable_callbacks(:before_decline)
           save!(validate: validate)
           run_purchasable_callbacks(:after_decline)
-        rescue => e
-          self.state = state_was
+        rescue ActiveRecord::RecordInvalid => e
+          self.status = status_was
 
           error = e.message
           raise ::ActiveRecord::Rollback
@@ -710,6 +714,16 @@ module Effective
       true
     end
 
+    def void!
+      raise('unable to void a purchased order') if purchased?
+      voided!
+    end
+
+    def unvoid!
+      raise('order must be voided to unvoid') unless voided?
+      pending!
+    end
+
     # These are all the emails we send all notifications to
     def emails
       ([purchased_by.try(:email)] + [email] + [user.try(:email)] + Array(organization.try(:billing_emails))).map(&:presence).compact.uniq

data/app/views/effective/orders/_datatable_actions.html.haml

@@ -1,5 +1,8 @@
 = dropdown(variation: :dropleft) do
-  = dropdown_link_to (order.purchased? ? 'View' : 'Checkout'), effective_orders.order_path(order)
+  - if EffectiveResources.authorized?(controller, :checkout, order)
+    = dropdown_link_to 'Checkout', effective_orders.order_path(order)
+  - else
+    = dropdown_link_to 'View', effective_orders.order_path(order)
 
   - if EffectiveResources.authorized?(controller, :send_buyer_receipt, order)
     = dropdown_link_to 'E-mail Receipt', effective_orders.send_buyer_receipt_order_path(order),

data/app/views/effective/orders/_order_header.html.haml

@@ -5,3 +5,7 @@
     %h2 #{order.label} from Example Inc.
 
     %p.text-muted= order.to_s
+
+    - if order.voided?
+      %p 
+        %strong VOID

data/app/views/effective/orders/show.html.haml

@@ -1,7 +1,7 @@
 = render 'layout' do
   %h1.effective-heading= @page_title
 
-  - if !@order.purchased? && EffectiveResources.authorized?(self, :update, @order)
+  - if EffectiveResources.authorized?(self, :checkout, @order)
     = render_checkout(@order)
   - else
     = render(@order)

data/config/routes.rb

@@ -51,6 +51,9 @@ EffectiveOrders::Engine.routes.draw do
         post :send_payment_request
         post :send_buyer_receipt
 
+        post :void
+        post :unvoid
+
         # GET should be last here
         post :checkout
         patch :checkout

data/db/migrate/01_create_effective_orders.rb.erb

@@ -10,7 +10,9 @@ class CreateEffectiveOrders < ActiveRecord::Migration[4.2]
       t.integer   :parent_id
       t.string    :parent_type
 
-      t.string    :state
+      t.string    :status
+      t.text      :status_steps
+
       t.datetime  :purchased_at
 
       t.integer   :purchased_by_id

data/lib/effective_orders/version.rb

@@ -1,3 +1,3 @@
 module EffectiveOrders
-  VERSION = '6.6.3'.freeze
+  VERSION = '6.7.0'.freeze
 end

data/lib/effective_orders.rb

@@ -4,22 +4,6 @@ require 'effective_orders/engine'
 require 'effective_orders/version'
 
 module EffectiveOrders
-  # Order states
-  PENDING = 'pending'        # New orders are created in a pending state
-  CONFIRMED = 'confirmed'    # Once the order has passed checkout step 1
-  DEFERRED = 'deferred'      # Deferred providers. cheque, etransfer or phone was selected.
-  PURCHASED = 'purchased'    # Purchased by provider
-  DECLINED = 'declined'      # Declined by provider
-  ABANDONED = 'abandoned'    # Not set by this gem. Can be set outside it.
-
-  STATES = {
-    PENDING => PENDING,
-    CONFIRMED => CONFIRMED,
-    DEFERRED => DEFERRED,
-    PURCHASED => PURCHASED,
-    DECLINED => DECLINED,
-    ABANDONED => ABANDONED
-  }
 
   # Subscription statuses (as per stripe)
   ACTIVE = 'active'
@@ -238,7 +222,7 @@ module EffectiveOrders
 
       plans = begin
         Stripe::Plan.respond_to?(:all) ? Stripe::Plan.all : Stripe::Plan.list
-      rescue => e
+      rescue Exception => e
         raise e if Rails.env.production?
         Rails.logger.info "[STRIPE ERROR]: #{e.message}"
         Rails.logger.info "[STRIPE ERROR]: effective_orders continuing with empty stripe plans. This would fail loudly in Rails.env.production."
@@ -310,8 +294,4 @@ module EffectiveOrders
 
   class SoldOutException < Exception; end
 
-  def self.gem_path
-    __dir__.chomp('/lib')
-  end
-
 end

data/lib/generators/templates/effective_orders_mailer_preview.rb

@@ -62,7 +62,7 @@ class EffectiveOrdersMailerPreview < ActionMailer::Preview
     order.user = preview_user
     preview_order_items.each { |atts| order.order_items.build(atts) }
 
-    order.state = 'purchased'
+    order.status = :purchased
     order.payment_card = 'visa'
     order.purchased_at = Time.zone.now
     order.payment = { 'f4l4' => '1234'}

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_orders
 version: !ruby/object:Gem::Version
-  version: 6.6.3
+  version: 6.7.0
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-03 00:00:00.000000000 Z
+date: 2023-08-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails