payola-payments 1.0.7 → 1.0.8

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    Nzc3ZTZjYjM5M2I0MGZlMDMxYjI0Mzc2ZjU2ZjM1NjU0ZDVmZDA3Ng==
+    N2E1ZTQyZDI1ZGM1YjczYmQzOGQxMTRiODIyMWUxNGFiZGNjMDdlOQ==
   data.tar.gz: !binary |-
-    MTY0MzBlYTM1NjNlYmU3OGFiMTQyN2ZiNjZjYmQzYzc3ZTI0YzEwNg==
+    ODgxMDljMjc2ODcyMzM0ZjdiODM4NGUzYWE5Zjg2NWExYmZmN2QyOA==
 SHA512:
   metadata.gz: !binary |-
-    ODcxYzEwYmYzYjJhMjUyMjhiYjk2ODdiMzM4NTNiZjY1M2JiMjNmNTE5YjE5
-    YzRjZWRmNjAwZThhZTgxNGE5ZDQ4ZTFmNTQwZmYwMDg1ZjhmYzBmMzdkYWYz
-    ZjNjZTk2MjRkYTZlN2E5NzlkNmFiYTVjZTRiMzg3YTdjYjgwNTg=
+    ZDJjZmNiMWRiYTY0YzZjYjllMDRiYzAyM2E1MTE2MmM2ZWQ5ZjMyZWNkYmE1
+    YmIxYjk2NWYxZWQ3OWUzODY2MGUyMmY4NmU4NTZmM2Y0Yjc4YTg3MGY2MTJl
+    YThmMDZlOWIyZWRlYmIwMDBkZTg2OWE5ZTNhOGM3OTJhM2UzOGQ=
   data.tar.gz: !binary |-
-    N2VjMjFkMmI2YjAyYzgxNTBhZTYxOGI0ZTE1NzY2Y2M1OWFiMWM4ZTIxN2Ey
-    NDUwYWIwY2UxNzY0ODFjNTYwOGQzNDQ3NmY5MjUxMjMwMjRiYzhlMTQ3ZDI2
-    NjQ2YjJkMGFjNTJiMmFmY2FhNTlmN2IyNGU4NDBjN2U0MmZjNDc=
+    MTFhYWNhZGU5MTExMTY2ODc1NmI1ZGE4ZjA2NmMzNjFhYjFjMGMwMjlkZGJl
+    MWI1NWQ5MWZjYTM0OWY2ZTAwNjNkYjUwMTNmM2NiNzA4YWI0NDg2ZWJjOWEw
+    NWFlNDUwNGI5ZGYxZDM0YWVkYTkwZWM3N2Q5MjA3YjMwMzAzNjA=

data/app/assets/javascripts/payola/checkout_button.js

@@ -1,16 +1,16 @@
-var Payola = {
+var PayolaCheckout = {
     setUpStripeCheckoutButton: function(options) {
         var handler = StripeCheckout.configure({
             key: options.publishable_key,
             image: options.product_image_path,
-            token: function(token) { Payola.tokenHandler(token, options) }
+            token: function(token) { PayolaCheckout.tokenHandler(token, options) }
         });
 
         document.getElementById(options.button_id).addEventListener('click', function(e) {
             handler.open({
                 name: options.name,
                 description: options.description,
-                amount: options.amount,
+                amount: options.price,
                 panelLabel: options.panel_label,
                 allowRememberMe: options.allow_remember_me,
                 zipCode: options.verify_zip_code,
@@ -25,6 +25,10 @@ var Payola = {
         console.log(options.form_id);
         form.append($('<input type="hidden" name="stripeToken">').val(token.id));
         form.append($('<input type="hidden" name="stripeEmail">').val(token.email));
+        if (options.signed_custom_fields) {
+          form.append($('<input type="hidden" name="signed_custom_fields">').val(options.signed_custom_fields));
+        }
+
         $(".payola-checkout-button").prop("disabled", true);
         $(".payola-checkout-button-text").hide();
         $(".payola-checkout-button-spinner").show();
@@ -32,8 +36,8 @@ var Payola = {
             type: "POST",
             url: options.base_path + "/buy/" + options.product_class + "/" + options.product_permalink,
             data: form.serialize(),
-            success: function(data) { Payola.poll(data.guid, 60, options) },
-            error: function(data) { Payola.showError(data.responseJSON.error, options) }
+            success: function(data) { PayolaCheckout.poll(data.guid, 60, options) },
+            error: function(data) { PayolaCheckout.showError(data.responseJSON.error, options) }
         });
     },
 
@@ -48,7 +52,7 @@ var Payola = {
 
     poll: function(guid, num_retries_left, options) {
         if (num_retries_left == 0) {
-            Payola.showError("This seems to be taking too long. Please contact support and give them transaction ID: " + guid, options);
+            PayolaCheckout.showError("This seems to be taking too long. Please contact support and give them transaction ID: " + guid, options);
             return;
         }
 
@@ -56,9 +60,9 @@ var Payola = {
             if (data.status === "finished") {
                 window.location = options.base_path + "/confirm/" + guid;
             } else if (data.status === "errored") {
-                Payola.showError(data.error, options);
+                PayolaCheckout.showError(data.error, options);
             } else {
-                setTimeout(function() { Payola.poll(guid, num_retries_left - 1, options) }, 500);
+                setTimeout(function() { PayolaCheckout.poll(guid, num_retries_left - 1, options) }, 500);
             }
         });
     }

data/app/assets/javascripts/payola/form.js

@@ -0,0 +1,70 @@
+var PayolaPaymentForm = {
+    initialize: function() {
+        $(document).on('submit', '.payola-payment-form', function() {
+            return PayolaPaymentForm.handleSubmit($(this));
+        });
+    },
+
+    handleSubmit: function(form) {
+        form.find(':submit').prop('disabled', true);
+        $('.payola-spinner').show();
+        Stripe.card.createToken(form, function(status, response) {
+            PayolaPaymentForm.stripeResponseHandler(form, status, response);
+        });
+        return false;
+    },
+
+    stripeResponseHandler: function(form, status, response) {
+        if (response.error) {
+            PayolaPaymentForm.showError(form, response.error.message);
+            form.find(':submit').prop('disabled', false);
+        } else {
+            var email = form.find("[data-payola='email']").val();
+
+            var base_path = form.data('payola-base-path');
+            var product = form.data('payola-product');
+            var permalink = form.data('payola-permalink');
+
+            var data_form = $('<form></form>');
+            data_form.append($('<input type="hidden" name="stripeToken">').val(response.id));
+            data_form.append($('<input type="hidden" name="stripeEmail">').val(email));
+            data_form.append(form.find('input[name="authenticity_token"]'));
+            
+            $.ajax({
+                type: "POST",
+                url: base_path + "/buy/" + product + "/" + permalink,
+                data: data_form.serialize(),
+                success: function(data) { PayolaPaymentForm.poll(form, 60, data.guid, base_path) },
+                error: function(data) { PayolaPaymentForm.showError(form, data.responseJSON.error) }
+            });
+        }
+    },
+
+    poll: function(form, num_retries_left, guid, base_path) {
+        if (num_retries_left == 0) {
+            PayolaPaymentForm.showError(form, "This seems to be taking too long. Please contact support and give them transaction ID: " + guid)
+        }
+        $.get(base_path + '/status/' + guid, function(data) {
+            if (data.status === "finished") {
+                form.append($('<input type="hidden" name="payola_sale_guid"></input>').val(guid));
+                form.get(0).submit();
+            } else if (data.status === "errored") {
+                PayolaPaymentForm.showError(form, data.error);
+            } else {
+                setTimeout(function() { PayolaPaymentForm.poll(form, num_retries_left - 1, guid, base_path) }, 500);
+            }
+        });
+    },
+
+    showError: function(form, message) {
+        $('.payola-spinner').hide();
+        var error_selector = form.data('payola-error-selector');
+        if (error_selector) {
+            $(error_selector).text(message);
+        } else {
+            form.find('.payola-payment-error').text(message);
+        }
+    }
+};
+
+$(function() { PayolaPaymentForm.initialize() } );

data/app/controllers/payola/transactions_controller.rb

@@ -17,11 +17,11 @@ module Payola
     end
 
     def create
-      create_params = sale_params.merge(
+      create_params = params.permit!.merge(
         product: @product,
         coupon: @coupon,
         affiliate: @affiliate
-        )
+      )
 
       @sale = CreateSale.call(create_params)
 
@@ -58,9 +58,5 @@ module Payola
 
     end
 
-    def sale_params
-      params.permit(:stripeToken, :stripe_token, :stripeTokenType, :stripeEmail)
-    end
-
   end
 end

data/app/helpers/payola/price_helper.rb

@@ -1,7 +1,7 @@
 module Payola
   module PriceHelper
-    def formatted_price(amount)
-      sprintf("$%0.2f", (amount || 0) / 100.0)
+    def formatted_price(amount, opts = {})
+      number_to_currency((amount || 0) / 100.0, opts)
     end
   end
 end

data/app/models/payola/sale.rb

@@ -44,6 +44,34 @@ module Payola
       end
     end
 
+    def verifier
+      @verifier ||= ActiveSupport::MessageVerifier.new(Payola.secret_key_for_sale(self), digest: 'SHA256')
+    end
+
+    def verify_charge
+      begin
+        self.verify_charge!
+      rescue RuntimeError => e
+        self.error = e.message
+        self.fail!
+      end
+    end
+
+    def verify_charge!
+      if Payola.charge_verifier.arity > 1
+        Payola.charge_verifier.call(self, custom_fields)
+      else
+        Payola.charge_verifier.call(self)
+      end
+    end
+
+    def custom_fields
+      if self.signed_custom_fields.present?
+        verifier.verify(self.signed_custom_fields)
+      else
+        nil
+      end      
+    end
 
     private
 
@@ -63,15 +91,6 @@ module Payola
       Payola.instrument(instrument_key('refunded'), self)
     end
 
-    def verify_charge
-      begin
-        Payola.charge_verifier.call(self)
-      rescue RuntimeError => e
-        self.error = e.message
-        self.fail!
-      end
-    end
-
     def product_class
       product.product_class
     end

data/app/services/payola/charge_card.rb

@@ -5,27 +5,27 @@ module Payola
       secret_key = Payola.secret_key_for_sale(sale)
 
       begin
-        Payola.charge_verifier.call(sale)
-        
+        sale.verify_charge!
+
         customer = Stripe::Customer.create({
           card: sale.stripe_token,
           email: sale.email
         }, secret_key)
-  
+
         charge = Stripe::Charge.create({
           amount: sale.amount,
           currency: sale.currency,
           customer: customer.id,
           description: sale.guid,
         }, secret_key)
-  
+
         if charge.respond_to?(:fee)
           fee = charge.fee
         else
           balance = Stripe::BalanceTransaction.retrieve(charge.balance_transaction, secret_key)
           fee = balance.fee
         end
-  
+
         sale.update_attributes(
           stripe_id:          charge.id,
           stripe_customer_id: customer.id,

data/app/services/payola/create_sale.rb

@@ -7,11 +7,12 @@ module Payola
 
       Payola::Sale.new do |s|
         s.product = product
-        s.email = params[:email] || params[:stripeEmail]
-        s.stripe_token = params[:stripeToken] || params[:stripe_token]
+        s.email = params[:stripeEmail]
+        s.stripe_token = params[:stripeToken]
         s.affiliate_id = affiliate.try(:id)
         s.currency = product.respond_to?(:currency) ? product.currency : 'usd'
-  
+        s.signed_custom_fields = params[:signed_custom_fields]
+
         if coupon
           s.coupon = coupon
           s.amount = product.price * (1 - s.coupon.percent_off / 100.0)

data/app/views/payola/transactions/_checkout.html.erb

@@ -9,6 +9,7 @@
   allow_remember_me = local_assigns.fetch :allow_remember_me, true
   email = local_assigns.fetch :email, ''
   verify_zip_code = local_assigns.fetch :verify_zip_code, false
+  custom_fields = local_assigns.fetch :custom_fields, nil
 
   sale = Payola::Sale.new(product: sellable)
 
@@ -38,7 +39,7 @@
   <% end %>
 <% end %>
 <script type="text/javascript">
-  Payola.setUpStripeCheckoutButton({
+  PayolaCheckout.setUpStripeCheckoutButton({
     base_path: "<%= main_app.payola_path %>",
     form_id: "<%= form_id %>",
     button_id: "<%= button_id %>",
@@ -54,5 +55,8 @@
     allow_remember_me: <%= allow_remember_me %>,
     email: "<%= email %>",
     verify_zip_code: <%= verify_zip_code %>
+    <% if custom_fields %>
+    ,signed_custom_fields: "<%= sale.verifier.generate(custom_fields) %>"
+    <% end %>
   });
 </script>

data/app/views/payola/transactions/_stripe_header.html.erb

@@ -0,0 +1,4 @@
+<script type="text/javascript" src="https://js.stripe.com/v2/"></script>
+<script type="text/javascript">
+  Stripe.setPublishableKey("<%= Payola.publishable_key %>");
+</script>

data/db/migrate/20141026101628_add_custom_fields_to_payola_sale.rb

@@ -0,0 +1,5 @@
+class AddCustomFieldsToPayolaSale < ActiveRecord::Migration
+  def change
+    add_column :payola_sales, :custom_fields, :text
+  end
+end

data/db/migrate/20141026144800_rename_custom_fields_to_signed_custom_fields_on_payola_sale.rb

@@ -0,0 +1,5 @@
+class RenameCustomFieldsToSignedCustomFieldsOnPayolaSale < ActiveRecord::Migration
+  def change
+    rename_column :payola_sales, :custom_fields, :signed_custom_fields
+  end
+end

data/lib/payola/version.rb

@@ -1,3 +1,3 @@
 module Payola
-  VERSION = "1.0.7"
+  VERSION = "1.0.8"
 end

data/spec/controllers/payola/transactions_controller_spec.rb

@@ -2,6 +2,72 @@ require 'spec_helper'
 
 module Payola
   describe TransactionsController do
+    before do
+      @product = create(:product)
+      Payola.register_sellable(@product.class)
+    end
 
+    describe '#create' do
+      it "should pass args to CreateSale and queue the job" do
+        sale = double
+        sale.should_receive(:save).and_return(true)
+        sale.should_receive(:guid).at_least(1).times.and_return('blah')
+
+        CreateSale.should_receive(:call).and_return(sale)
+        Payola.should_receive(:queue!)
+        post :create, product_class: @product.product_class, permalink: @product.permalink, use_route: :payola
+
+        expect(response.status).to eq 200
+        parsed_body = JSON.load(response.body)
+        expect(parsed_body['guid']).to eq 'blah'
+      end
+
+      describe "with an error" do
+        it "should return an error in json" do
+          sale = double
+          sale.should_receive(:save).and_return(false)
+          error = double
+          error.should_receive(:full_messages).and_return(['done did broke'])
+          sale.should_receive(:errors).and_return(error)
+
+          CreateSale.should_receive(:call).and_return(sale)          
+          Payola.should_not_receive(:queue!)
+
+          post :create, product_class: @product.product_class, permalink: @product.permalink, use_route: :payola
+
+          expect(response.status).to eq 400
+          parsed_body = JSON.load(response.body)
+          expect(parsed_body['error']).to eq 'done did broke'
+        end
+      end
+    end
+
+    describe '#status' do
+      it "should return 404 if it can't find the sale" do
+        get :status, guid: 'doesnotexist', use_route: :payola
+        expect(response.status).to eq 404
+      end
+      it "should return json with properties" do
+        sale = create(:sale)
+        get :status, guid: sale.guid, use_route: :payola
+
+        expect(response.status).to eq 200
+
+        parsed_body = JSON.load(response.body)
+
+        expect(parsed_body['guid']).to eq sale.guid
+        expect(parsed_body['status']).to eq sale.state
+        expect(parsed_body['error']).to be_nil
+      end
+    end
+
+    describe '#show' do
+      it "should redirect to the product's redirect path" do
+        sale = create(:sale)
+        get :show, guid: sale.guid, use_route: :payola
+
+        expect(response).to redirect_to '/'
+      end
+    end
   end
 end

data/spec/dummy/app/controllers/buy_controller.rb

@@ -2,6 +2,6 @@ class BuyController < ApplicationController
   helper Payola::PriceHelper
 
   def index
-    @sale = Payola::Sale.new(product: Product.first)
+    @product = Product.first
   end
 end

data/spec/dummy/app/views/buy/index.html.erb

@@ -1 +1,18 @@
-<%= render 'payola/transactions/checkout', sale: @sale, button_class: 'not-a-class' %>
+<%= render 'payola/transactions/checkout', sellable: @product, button_class: 'not-a-class' %>
+
+<hr>
+
+<%= form_for @product, url: '/', method: :post, html: { class: 'payola-payment-form', 'data-payola-base-path' => '/subdir/payola', 'data-payola-product' => @product.product_class, 'data-payola-permalink' => @product.permalink } do |f| %>
+  <span class="payola-payment-error"></span>
+  Email:<br>
+  <input type="email" name="stripeEmail" data-payola="email"></input><br>
+  Card Number<br>
+  <input type="text" data-stripe="number"></input><br>
+  Exp Month<br>
+  <input type="text" data-stripe="exp_month"></input><br>
+  Exp Year<br>
+  <input type="text" data-stripe="exp_year"></input><br>
+  CVC<br>
+  <input type="text" data-stripe="cvc"></input><br>
+  <input type="submit"></input>
+<% end %>