effective_orders 6.4.4 → 6.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 39a490616d23d3fa6a77d50362f39001535889c1edf07eff99e591560d77a18c
-  data.tar.gz: e190a899ff398fafce51372870854da6e80bcee2ca9d90d827822e1d44fdd82a
+  metadata.gz: 658dc93673ea1d94b4ef09a9ad65fc267a58d36c7560f8e70a12a8719ee1f917
+  data.tar.gz: 190fcc09c8cd4de5ff184c54bc5612a3ccba50f2c97ea6b579d9cf3ec6b32fd5
 SHA512:
-  metadata.gz: b47f581cacd6d03ba0da55b5e73571a11216fe98386fa1b116cb677b2eb6166361847e1bf94bf45862876126e01f63a490db8102c866fa4e169ded15177b32b0
-  data.tar.gz: 76c775e10083421002756e7226eafa10256dad7be33bb975b4cfd0c9f73914377a45f299a2d52529ab1c5ac3e052dd7f384d73b549b74feae01e595fa56308ec
+  metadata.gz: a75d33e8b848a0a64d1e73617cc45a57070b98bcdf93ebe872d63f2e3f1f1158d697b6fe8786195de74068479c1e7e999b47d0ef25fa1c1482b405c671b53c59
+  data.tar.gz: e13b5214ba7fe0da6e68c981c89a391aedf6e0fbfb0bf1365689f4cb885b9342cca7b32ab21a31d91d215f6ac81fb4b66fc7fe1337daedcf3ccfd38ac0bfc217

data/app/controllers/admin/orders_controller.rb

@@ -85,13 +85,7 @@ module Admin
         flash[:danger] = 'Unable to send payment request'
       end
 
-      if respond_to?(:redirect_back)
-        redirect_back(fallback_location: effective_orders.admin_order_path(@order))
-      elsif request.referrer.present?
-        redirect_to :back
-      else
-        redirect_to effective_orders.admin_order_path(@order)
-      end
+      redirect_back(fallback_location: effective_orders.admin_order_path(@order))
     end
 
     def bulk_send_payment_request

data/app/controllers/effective/concerns/purchase.rb

@@ -5,10 +5,10 @@ module Effective
 
       protected
 
-      def order_purchased(payment:, provider:, card: 'none', email: true, skip_buyer_validations: false, purchased_url: nil)
-        @order.purchase!(payment: payment, provider: provider, card: card, email: email, skip_buyer_validations: skip_buyer_validations)
+      def order_purchased(payment:, provider:, card: 'none', email: true, skip_buyer_validations: false, purchased_url: nil, current_user: nil)
+        @order.purchase!(payment: payment, provider: provider, card: card, email: email, skip_buyer_validations: skip_buyer_validations, current_user: current_user)
 
-        Effective::Cart.where(user: @order.user).destroy_all
+        Effective::Cart.where(user: current_user).destroy_all if current_user.present?
 
         if flash[:success].blank?
           if email && @order.send_order_receipt_to_buyer?
@@ -25,7 +25,7 @@ module Effective
       def order_deferred(provider:, email: true, deferred_url: nil)
         @order.defer!(provider: provider, email: email)
 
-        Effective::Cart.where(user: @order.user).destroy_all
+        Effective::Cart.where(user: @order.user).destroy_all if @order.user.present?
 
         if flash[:success].blank?
           if email

data/app/controllers/effective/providers/free.rb

@@ -20,7 +20,8 @@ module Effective
           payment: 'free order. no payment required.',
           provider: 'free',
           card: 'none',
-          purchased_url: free_params[:purchased_url]
+          purchased_url: free_params[:purchased_url],
+          current_user: current_user
         )
       end
 

data/app/controllers/effective/providers/mark_as_paid.rb

@@ -19,7 +19,8 @@ module Effective
           card: mark_as_paid_params[:payment_card],
           email: @order.send_mark_as_paid_email_to_buyer?,
           skip_buyer_validations: true,
-          purchased_url: effective_orders.admin_order_path(@order)
+          purchased_url: effective_orders.admin_order_path(@order),
+          current_user: nil # Admin action, we don't want to assign current_user to the order
         )
       end
 

data/app/controllers/effective/providers/moneris.rb

@@ -14,7 +14,8 @@ module Effective
 
         @order ||= Effective::Order.find(params[:response_order_id])
 
-        (EffectiveResources.authorize!(self, :update, @order) rescue false)
+        # We do this even if we're not authorized
+        EffectiveResources.authorized?(self, :update, @order)
 
         # Delete the Purchased and Declined Redirect URLs
         purchased_url = params.delete(:rvar_purchased_url)
@@ -37,7 +38,7 @@ module Effective
           return order_declined(payment: payment, provider: 'moneris', card: params[:card], declined_url: declined_url)
         end
 
-        order_purchased(payment: payment, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
+        order_purchased(payment: payment, provider: 'moneris', card: params[:card], purchased_url: purchased_url, current_user: current_user)
       end
 
       private

data/app/controllers/effective/providers/moneris_checkout.rb

@@ -7,7 +7,9 @@ module Effective
         raise('moneris_checkout provider is not available') unless EffectiveOrders.moneris_checkout?
 
         @order = Order.find(params[:id])
-        (EffectiveResources.authorize!(self, :update, @order) rescue false)
+
+        # We do this even if we're not authorized.
+        EffectiveResources.authorized?(self, :update, @order)
 
         payment = moneris_checkout_receipt_request(moneris_checkout_params[:ticket])
         purchased = (1..49).include?(payment['response_code'].to_i) # Must be > 0 and < 50 to be valid. Sometimes we get the string 'null'
@@ -24,7 +26,8 @@ module Effective
           payment: payment,
           provider: 'moneris_checkout',
           card: payment['card_type'],
-          purchased_url: moneris_checkout_params[:purchased_url]
+          purchased_url: moneris_checkout_params[:purchased_url],
+          current_user: current_user
         )
       end
 

data/app/controllers/effective/providers/paypal.rb

@@ -14,13 +14,14 @@ module Effective
 
         @order ||= Effective::Order.where(id: (params[:invoice].to_i rescue 0)).first
 
-        (EffectiveResources.authorize!(self, :update, @order) rescue false)
+        # We do this even if we're not authorized
+        EffectiveResources.authorized?(self, :update, @order)
 
         if @order.present?
           if @order.purchased?
             order_purchased(payment: params, provider: 'paypal', card: params[:payment_type])
           elsif (params[:payment_status] == 'Completed' && params[:custom] == EffectiveOrders.paypal[:secret])
-            order_purchased(payment: params, provider: 'paypal', card: params[:payment_type])
+            order_purchased(payment: params, provider: 'paypal', card: params[:payment_type], current_user: current_user)
           else
             order_declined(payment: params, provider: 'paypal', card: params[:payment_type])
           end

data/app/controllers/effective/providers/pretend.rb

@@ -14,7 +14,8 @@ module Effective
           payment: 'for pretend',
           provider: 'pretend',
           card: 'none',
-          purchased_url: pretend_params[:purchased_url]
+          purchased_url: pretend_params[:purchased_url],
+          current_user: current_user
         )
       end
 

data/app/controllers/effective/providers/stripe.rb

@@ -7,7 +7,7 @@ module Effective
         raise('stripe provider is not available') unless EffectiveOrders.stripe?
 
         @order = Order.find(params[:id])
-        @customer = Effective::Customer.for_user(@order.user)
+        @customer = Effective::Customer.for_user(current_user)
 
         EffectiveResources.authorize!(self, :update, @order)
 
@@ -33,7 +33,8 @@ module Effective
           payment: payment,
           provider: 'stripe',
           card: payment[:card],
-          purchased_url: stripe_params[:purchased_url]
+          purchased_url: stripe_params[:purchased_url],
+          current_user: current_user
         )
       end
 

data/app/helpers/effective_orders_helper.rb

@@ -83,7 +83,8 @@ module EffectiveOrdersHelper
   end
 
   def render_checkout(order, namespace: nil, purchased_url: nil, declined_url: nil, deferred_url: nil)
-    raise 'unable to checkout an order without a user' unless order && order.user
+    raise 'expected an order' unless order.kind_of?(Effective::Order)
+    raise 'unable to checkout an order without a user or organization' if order && (order.user.blank? && order.organization.blank?)
 
     locals = { order: order, purchased_url: purchased_url, declined_url: declined_url, deferred_url: deferred_url, namespace: namespace }
 

data/app/mailers/effective/orders_mailer.rb

@@ -21,7 +21,7 @@ module Effective
       subject = subject_for(__method__, "Order Receipt: ##{@order.to_param}", resource, opts)
       headers = headers_for(resource, opts)
 
-      mail(to: @order.email, cc: @order.cc.presence, subject: subject, **headers)
+      mail(to: @order.emails, cc: @order.cc.presence, subject: subject, **headers)
     end
 
     # This is sent when an admin creates a new order or /admin/orders/new
@@ -34,7 +34,7 @@ module Effective
       subject = subject_for(__method__, "Payment request - Order ##{@order.to_param}", resource, opts)
       headers = headers_for(resource, opts)
 
-      mail(to: @order.email, cc: @order.cc.presence, subject: subject, **headers)
+      mail(to: @order.emails, cc: @order.cc.presence, subject: subject, **headers)
     end
 
     # This is sent when someone chooses to Pay by Cheque
@@ -45,7 +45,7 @@ module Effective
       subject = subject_for(__method__, "Pending Order: ##{@order.to_param}", resource, opts)
       headers = headers_for(resource, opts)
 
-      mail(to: @order.email, cc: @order.cc.presence, subject: subject, **headers)
+      mail(to: @order.emails, cc: @order.cc.presence, subject: subject, **headers)
     end
 
     # This is sent to admin when someone Accepts Refund
@@ -158,8 +158,8 @@ module Effective
 
       to ||= EffectiveOrders.mailer_admin
       from ||= EffectiveOrders.mailer_sender
-      subject ||= subject_for(__method__,"An error occurred with order: ##{@order.to_param}", resource, opts)
-      headers = headers_for(resource, opts)
+      subject ||= subject_for(__method__,"An error occurred with order: ##{@order.to_param}", @order, opts)
+      headers = headers_for(@order, opts)
 
       mail(to: to, from: from, subject: subject, **headers) do |format|
         format.html { render(template) }

data/app/models/effective/order.rb

@@ -31,9 +31,13 @@ module Effective
     # If we want to use orders in a has_many way
     belongs_to :parent, polymorphic: true, optional: true
 
-    belongs_to :user, polymorphic: true, validate: false  # This is the buyer/user of the order. We validate it below.
+    belongs_to :user, polymorphic: true, optional: true, validate: false  # This is the buyer of the order. We validate it below.
     accepts_nested_attributes_for :user, allow_destroy: false, update_only: true
 
+    # When an organization is present, any user with role :billing in that organization can purchase this order
+    belongs_to :organization, polymorphic: true, optional: true, validate: false
+    accepts_nested_attributes_for :organization, allow_destroy: false, update_only: true
+
     has_many :order_items, -> { order(:id) }, inverse_of: :order, dependent: :delete_all
     accepts_nested_attributes_for :order_items, allow_destroy: true, reject_if: :all_blank
 
@@ -71,7 +75,7 @@ module Effective
 
     serialize :payment, Hash
 
-    scope :deep, -> { includes(:addresses, :user, order_items: :purchasable) }
+    scope :deep, -> { includes(:addresses, :user, :organization, order_items: :purchasable) }
     scope :sorted, -> { order(:id) }
 
     scope :purchased, -> { where(state: EffectiveOrders::PURCHASED) }
@@ -98,22 +102,35 @@ module Effective
       self.state = EffectiveOrders::CONFIRMED if pending? && confirmed_checkout
     end
 
+    before_validation do
+      assign_attributes(user_type: nil) if user_type.present? && user_id.blank?
+      assign_attributes(organization_type: nil) if organization_type.present? && organization_id.blank?
+    end
+
     with_options(unless: -> { done? }) do
-      before_validation { assign_email }
+      before_validation { assign_organization_address }
       before_validation { assign_user_address }
       before_validation { assign_billing_name }
+      before_validation { assign_billing_email }
       before_validation { assign_order_values }
       before_validation { assign_order_charges }
     end
 
     # Order validations
-    validates :user_id, presence: true
-    validates :email, presence: true, email: true  # email and cc validators are from effective_resources
+    validates :email, presence: true, email: true, if: -> { user_id.present? }  # email and cc validators are from effective_resources
     validates :cc, email_cc: true
 
     validates :order_items, presence: { message: 'No items are present. Please add additional items.' }
     validates :state, inclusion: { in: EffectiveOrders::STATES.keys }
 
+    validate do
+      if EffectiveOrders.organization_enabled?
+        errors.add(:base, "must have a User or #{EffectiveOrders.organization_class_name || 'Organization'}") if user_id.blank? && organization_id.blank?
+      else
+        errors.add(:base, "must have a User") if user_id.blank?
+      end
+    end
+
     # Price validations
     validates :subtotal, presence: true
     validates :total, presence: true, if: -> { EffectiveOrders.minimum_charge.to_i > 0 }
@@ -164,7 +181,7 @@ module Effective
       raise('cannot change subtotal of a purchased order') if changes[:subtotal].present?
 
       raise('cannot change tax of a purchased order') if changes[:tax].present?
-      raise('cannot change tax of a purchased order') if changes[:tax_rate].present?
+      raise('cannot change tax rate of a purchased order') if changes[:tax_rate].present?
 
       raise('cannot change surcharge of a purchased order') if changes[:surcharge].present?
       raise('cannot change surcharge percent of a purchased order') if changes[:surcharge_percent].present?
@@ -573,7 +590,7 @@ module Effective
     end
 
     # Effective::Order.new(items: Product.first, user: User.first).purchase!(email: false)
-    def purchase!(payment: nil, provider: nil, card: nil, email: true, skip_buyer_validations: false, skip_quickbooks: false)
+    def purchase!(payment: nil, provider: nil, card: nil, email: true, skip_buyer_validations: false, skip_quickbooks: false, current_user: nil)
       return true if purchased?
 
       # Assign attributes
@@ -588,6 +605,10 @@ module Effective
         payment_card: (card.presence || 'none')
       )
 
+      if current_user&.email.present?
+        assign_attributes(email: current_user.email)
+      end
+
       # Updates surcharge and total based on payment_provider
       assign_order_charges()
 
@@ -677,9 +698,14 @@ module Effective
       true
     end
 
+    # These are all the emails we send all notifications to
+    def emails
+      ([email] + [user.try(:email)] + Array(organization.try(:billing_emails))).map(&:presence).compact.uniq
+    end
+
     # Doesn't control anything. Purely for the flash messaging
     def emails_send_to
-      [email, cc.presence].compact.to_sentence
+      (emails + [cc.presence]).compact.uniq.to_sentence
     end
 
     def send_order_receipts!
@@ -775,12 +801,29 @@ module Effective
       order_items.reject { |oi| oi.marked_for_destruction? }
     end
 
+    # Organization first
     def assign_billing_name
-      self.billing_name = billing_address.try(:full_name).presence || user.to_s.presence
+      self.billing_name = billing_address.try(:full_name).presence || organization.to_s.presence || user.to_s.presence
+    end
+
+    # User first
+    def assign_billing_email
+      email = emails.first
+      assign_attributes(email: email) if email.present?
     end
 
-    def assign_email
-      self.email = user.email if user.try(:email).present?
+    def assign_organization_address
+      return unless organization.present?
+
+      if EffectiveOrders.billing_address && billing_address.blank? && organization.try(:billing_address).present?
+        self.billing_address = organization.billing_address
+        self.billing_address.full_name ||= organization.to_s.presence
+      end
+
+      if EffectiveOrders.shipping_address && shipping_address.blank? && organization.try(:shipping_address).present?
+        self.shipping_address = organization.shipping_address
+        self.shipping_address.full_name ||= organization.to_s.presence
+      end
     end
 
     def assign_user_address

data/app/views/admin/orders/_form_order.html.haml

@@ -1,10 +1,18 @@
 = effective_form_with(model: [:admin, order], engine: true) do |f|
-  = f.hidden_field :user_type, value: (f.object.user || current_user).class.name
+  -# User
+  - klass = (f.object.user || current_user).class
+  - ajax_url = (@select2_users_ajax_path || effective_resources.users_admin_select2_ajax_index_path) unless Rails.env.test?
 
-  - ajax_url = (@select2_ajax_path || effective_resources.users_admin_select2_ajax_index_path) unless Rails.env.test?
+  = f.hidden_field :user_type, value: klass.name
+  = f.select :user_id, klass.all, ajax_url: ajax_url
 
-  = f.select :user_id, current_user.class.all, label: 'Buyer', required: true,
-    ajax_url: ajax_url, hint: 'The user that should purchase this order.'
+  -# Organization
+  - if EffectiveOrders.organization_enabled?
+    - klass = (f.object.organization || EffectiveOrders.Organization.new).class
+    - ajax_url = (@select2_organizations_ajax_path || effective_resources.organizations_admin_select2_ajax_index_path) unless Rails.env.test?
+
+    = f.hidden_field :organization_type, value: klass.name
+    = f.select :organization_id, klass.all, ajax_url: ajax_url
 
   = f.email_cc_field :cc, hint: "Cc the above on any emailed receipts or payment requests."
 

data/app/views/effective/orders/_orders_table.html.haml

@@ -15,7 +15,7 @@
             = (order.purchased_at || order.created_at).strftime("%F %H:%M")
           %td= order_summary(order)
           %td
-            - if order.pending?
+            - if order.pending? || order.confirmed?
               = link_to_checkout(order: order)
             - else
               = link_to 'View', effective_orders.order_path(order)

data/app/views/effective/orders/show.html.haml

@@ -1,7 +1,7 @@
 = render 'layout' do
   %h1.effective-heading= @page_title
 
-  - if !@order.purchased? && @order.user == current_user
+  - if !@order.purchased? && EffectiveResources.authorized?(self, :update, @order)
     = render_checkout(@order)
   - else
     = render(@order)

data/config/effective_orders.rb

@@ -23,6 +23,11 @@ EffectiveOrders.setup do |config|
   # Use effective_obfuscation gem to change order.id into a seemingly random 10-digit number
   config.obfuscate_order_ids = false
 
+  # Allow orders to be purchased by organization members
+  # This will fallback to EffectiveMemberships.Organization if you have that gem installed
+  # config.organization_enabled = false
+  # config.organization_class_name = 'Example::Organization'
+
   # Synchronize with Quickbooks
   config.use_effective_qb_sync = false
   config.use_effective_qb_online = false

data/db/migrate/01_create_effective_orders.rb.erb

@@ -4,6 +4,9 @@ class CreateEffectiveOrders < ActiveRecord::Migration[4.2]
       t.integer   :user_id
       t.string    :user_type
 
+      t.integer   :organization_id
+      t.string    :organization_type
+
       t.integer   :parent_id
       t.string    :parent_type
 

data/lib/effective_orders/version.rb

@@ -1,3 +1,3 @@
 module EffectiveOrders
-  VERSION = '6.4.4'.freeze
+  VERSION = '6.5.0'.freeze
 end

data/lib/effective_orders.rb

@@ -41,6 +41,9 @@ module EffectiveOrders
       :terms_and_conditions, :terms_and_conditions_label, :minimum_charge,
       :credit_card_surcharge_percent, :credit_card_surcharge_qb_item_name,
 
+      # Organization mode
+      :organization_enabled, :organization_class_name,
+
       # Mailer
       :mailer, :parent_mailer, :deliver_method, :mailer_layout, :mailer_sender, :mailer_admin, :mailer_subject,
 
@@ -70,6 +73,18 @@ module EffectiveOrders
     ]
   end
 
+  def self.organization_enabled?
+    organization_enabled == true
+  end
+
+  def self.Organization
+    klass = organization_class_name&.constantize
+    klass ||= (EffectiveMemberships.Organization if defined?(EffectiveMemberships))
+    raise('Please set the effective_orders config.organization_class_name') if klass.blank?
+
+    klass
+  end
+
   def self.cheque?
     cheque.kind_of?(Hash)
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_orders
 version: !ruby/object:Gem::Version
-  version: 6.4.4
+  version: 6.5.0
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-06-01 00:00:00.000000000 Z
+date: 2023-06-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails