solidus_braintree 0.2.1 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b4a399277a93c8efbab357b8e7c04718847b14ce
-  data.tar.gz: 4d338a2564ad5627d7471441c717a401079e6c9d
+  metadata.gz: 28f5f6d8e3a10296a22d9b5d9bf9f96f7146b5bb
+  data.tar.gz: f4718eedf1bcc717672fc6b97ff5cf9542f48566
 SHA512:
-  metadata.gz: 9604aba646ce971377fe38ad54a76ee9d0186f4211903cecbf9af5b381b956f9b4348c4d54df501c7e2adb2121ede7ae2be8a36faf498628fadcbdd5936d15e9
-  data.tar.gz: 406707b29a747f948fcbaf0f9b2897d03b11a0104f4bae9208b9ac1b35cad1c9ddceeb8a83c7973a39aff88ad3a2453c4cf95a216aa71cdd92cd83a12b9658d2
+  metadata.gz: 54b07c41d17e102b686ff466b4361b07bc6b0b051c53953ee229ea163e05b0dc19f8841e9f866c5ac9bc169b8098f816ae7e3e39fd0d6dff12fc773343c7e4fc
+  data.tar.gz: 7875589e8a6034511cbeed423e44f83cd9adb66de4bea5f94fe5b5d45bbd7ced33c7f58f1f4dce6a339e36979a11afd8224f6582f4c0d55adf8768ec0a119ffa

data/.travis.yml

@@ -1,4 +1,20 @@
+sudo: false
+cache: bundler
 language: ruby
+addons:
+  postgresql: "9.3"
+env:
+  matrix:
+    - SOLIDUS_BRANCH=v1.1   DB=postgres
+    - SOLIDUS_BRANCH=v1.2   DB=postgres
+    - SOLIDUS_BRANCH=v1.3   DB=postgres
+    - SOLIDUS_BRANCH=master DB=postgres
+    - SOLIDUS_BRANCH=v1.1   DB=mysql
+    - SOLIDUS_BRANCH=v1.2   DB=mysql
+    - SOLIDUS_BRANCH=v1.3   DB=mysql
+    - SOLIDUS_BRANCH=master DB=mysql
+script:
+  - bundle exec rake test_app
+  - bundle exec rspec
 rvm:
-  - 2.1.6
-before_install: gem install bundler -v 1.10.5
+  - 2.1.8

data/CHANGELOG.md

@@ -1,5 +1,7 @@
 ## HEAD
 
+* Upgrade braintree to 2.23.0 for bug fixes and fraud detection with deviceData.
+
 ## 0.2.0
 
 * Add functionality around PayPal by adding a json or text field on credit card for storing extra data coming back from Braintree.

data/Gemfile

@@ -1,5 +1,10 @@
 source 'https://rubygems.org'
 
 # Specify your gem's dependencies in solidus_braintree.gemspec
-gem "solidus", github: "solidusio/solidus", branch: "master"
+branch = ENV.fetch('SOLIDUS_BRANCH', 'master')
+gem "solidus", github: "solidusio/solidus", branch: branch
+
+gem 'pg'
+gem 'mysql2'
+
 gemspec

data/README.md

@@ -19,6 +19,13 @@ And then execute:
     $ bundle
     $ bundle exec rails g solidus_braintree:install
 
+
+## Fraud detection
+
+This gem has support for the advanced fraud tools flow from Braintree, to activate
+fully the associated Braintree account must enable advanced fraud tools in the
+Control Panel.
+
 ## Usage
 
 This gem extends your solidus application by adding a `POST /api/payment_client_token` endpoint to you application to generate Braintree payment client token. This endpoint requires an authentication token in your request header.

data/app/controllers/spree/api/braintree_client_token_controller.rb

@@ -1,4 +1,6 @@
 class Spree::Api::BraintreeClientTokenController < Spree::Api::BaseController
+  skip_before_action :authenticate_user
+
   def create
     if params[:payment_method_id]
       gateway = Solidus::Gateway::BraintreeGateway.find_by!(id: params[:payment_method_id])

data/app/helpers/braintree_view_helpers.rb

@@ -0,0 +1,20 @@
+module BraintreeViewHelpers
+  # Returns a link to the Braintree web UI for the given Braintree +payment_id+
+  # (e.g. from Spree::Payment#response_code), or just the +payment_id+ if
+  # Braintree's merchant ID is not configured or +payment_id+ is blank
+  def braintree_transaction_link(payment_id)
+    env = ENV['BRAINTREE_ENV'] == 'production' ? 'www' : 'sandbox'
+    merchant = ENV['BRAINTREE_MERCHANT_ID']
+
+    if payment_id.present? && merchant.present?
+      link_to(
+        payment_id,
+        "https://#{env}.braintreegateway.com/merchants/#{merchant}/transactions/#{payment_id}",
+        title: 'Show payment on Braintree',
+        target: '_blank'
+      )
+    else
+      payment_id
+    end
+  end
+end

data/app/models/concerns/solidus_braintree/add_name_validation_concern.rb

@@ -0,0 +1,8 @@
+module SolidusBraintree
+  module AddNameValidationConcern
+    extend ActiveSupport::Concern
+    included do
+      validates :name, presence: true, on: :create
+    end
+  end
+end

data/app/models/concerns/solidus_braintree/inject_device_data_concern.rb

@@ -0,0 +1,18 @@
+module SolidusBraintree
+  module InjectDeviceDataConcern
+    extend ActiveSupport::Concern
+    included do
+      prepend(InstanceMethods)
+    end
+
+    module InstanceMethods
+      def gateway_options
+        options = super
+
+        options[:device_data] = order.braintree_device_data if order.braintree_device_data
+
+        options
+      end
+    end
+  end
+end

data/app/models/concerns/solidus_braintree/payment_braintree_nonce_concern.rb

@@ -0,0 +1,8 @@
+module SolidusBraintree
+  module PaymentBraintreeNonceConcern
+    extend ActiveSupport::Concern
+    included do
+      attr_accessor :payment_method_nonce
+    end
+  end
+end

data/app/models/concerns/solidus_braintree/permitted_attributes_concern.rb

@@ -0,0 +1,11 @@
+module SolidusBraintree
+  module PermittedAttributesConcern
+    def payment_attributes
+      super | [:payment_method_nonce]
+    end
+
+    def checkout_attributes
+      super | [:braintree_device_data]
+    end
+  end
+end

data/app/models/concerns/solidus_braintree/skip_require_card_numbers_concern.rb

@@ -0,0 +1,14 @@
+module SolidusBraintree
+  module SkipRequireCardNumbersConcern
+    extend ActiveSupport::Concern
+    included do
+      prepend(InstanceMethods)
+    end
+
+    module InstanceMethods
+      def require_card_numbers?
+        super && !self.payment_method.kind_of?(Solidus::Gateway::BraintreeGateway)
+      end
+    end
+  end
+end

data/app/models/concerns/solidus_braintree/use_data_field_concern.rb

@@ -0,0 +1,23 @@
+module SolidusBraintree
+  module UseDataFieldConcern
+    extend ActiveSupport::Concern
+    included do
+      prepend(InstanceMethods)
+    end
+
+    module InstanceMethods
+
+      def email
+        data["email"]
+      end
+
+      def display_number
+        cc_type == 'paypal' ? email : super
+      end
+
+      def data
+        super.is_a?(String) ? JSON.parse(super) : super
+      end
+    end
+  end
+end

data/app/models/payment_decorator.rb

@@ -1 +1,2 @@
 Spree::Payment.include SolidusBraintree::PaymentBraintreeNonceConcern
+Spree::Payment.include SolidusBraintree::InjectDeviceDataConcern

data/app/models/solidus/gateway/braintree_gateway.rb

@@ -21,6 +21,10 @@ module Solidus
       'Visa' => 'visa',
     }
 
+    def method_type
+      'braintree'
+    end
+
     def gateway_options
       {
         environment: preferred_environment.to_sym,
@@ -49,12 +53,13 @@ module Solidus
       return if source.gateway_customer_profile_id.present? || payment.payment_method_nonce.nil?
 
       user = payment.order.user
+      email = user ? user.email : payment.order.email
       address = (payment.source.address || payment.order.bill_address).try(:active_merchant_hash)
 
       params = {
         first_name: source.first_name,
         last_name: source.last_name,
-        email: user.email,
+        email: email,
         credit_card: {
           cardholder_name: source.name,
           billing_address: map_address(address),
@@ -63,6 +68,7 @@ module Solidus
             verify_card: true,
           },
         },
+        device_data: payment.order.braintree_device_data
       }
 
       result = braintree_gateway.customer.create(params)
@@ -119,9 +125,19 @@ module Solidus
     end
 
     def void(authorization_code, source = {}, options = {})
-      result = braintree_gateway.transaction.void(authorization_code)
-
-      handle_result(result)
+      # Allows voiding payments that are in a checkout state
+      if authorization_code.nil?
+        # Fake response since we don't need to void anything with Braintree
+        ActiveMerchant::Billing::Response.new(
+          true,
+          "OK",
+          {},
+          {}
+        )
+      else
+        result = braintree_gateway.transaction.void(authorization_code)
+        handle_result(result)
+      end
     end
 
     def credit(cents, source, authorization_code, options = {})
@@ -137,6 +153,18 @@ module Solidus
       ].include?(transaction.status)
     end
 
+    def card_number_placeholder
+      '4141 4141 4141 4141'
+    end
+
+    def expiration_date_placeholder
+      '01/2020'
+    end
+
+    def card_code_placeholder
+      '123'
+    end
+
     private
     def message_from_result(result)
       if result.success?
@@ -150,12 +178,25 @@ module Solidus
       end
     end
 
+    def build_results_hash(result)
+      if result.success?
+        {
+          authorization: result.transaction.id,
+          avs_result: {
+            code: result.transaction.avs_street_address_response_code
+          }
+        }
+      else
+        {}
+      end
+    end
+
     def handle_result(result)
       ActiveMerchant::Billing::Response.new(
         result.success?,
         message_from_result(result),
         {},
-        { authorization: (result.transaction.id if result.success?) }
+        build_results_hash(result)
       )
     end
 

data/app/overrides/spree/checkout/_confirm/braintree_security.html.erb.deface

@@ -0,0 +1,9 @@
+<!-- insert_before "erb[loud]:contains('place_order')" -->
+
+<%
+# Currently we assume we only have one braintree
+# payment method. In practice this should be true and it simplifies the code.
+braintree_payment = @order.unprocessed_payments.find {|p| p.payment_method.class == Solidus::Gateway::BraintreeGateway }
+if braintree_payment %>
+  <%= render 'spree/checkout/payment/braintree_initialization', payment_method: braintree_payment.payment_method %>
+<% end %>

data/app/views/spree/admin/payments/source_forms/_braintree.html.erb

@@ -0,0 +1,38 @@
+<fieldset data-id='credit-card' class="no-border-bottom">
+  <div class="field" data-hook="previous_cards">
+    <% if previous_cards.any? %>
+      <% previous_cards.each do |card| %>
+        <label><%= radio_button_tag :card, card.id, card == previous_cards.first %> <%= card.display_number %><br /></label>
+      <% end %>
+      <label><%= radio_button_tag :card, 'new', false, { id: "card_new#{payment_method.id}" } %> <%= Spree.t(:use_new_cc) %></label>
+    <% end %>
+  </div>
+
+  <div id="card_form<%= payment_method.id %>" data-hook>
+    <% param_prefix = "payment_source[#{payment_method.id}]" %>
+
+    <div class="clear"></div>
+
+    <div class="alpha four columns">
+      <div data-hook="card_name">
+        <div class="field">
+          <%= label_tag "card_name#{payment_method.id}", Spree::CreditCard.human_attribute_name(:name), class: 'required' %>
+          <%= text_field_tag "#{param_prefix}[name]", '', id: "card_name#{payment_method.id}", class: 'required fullwidth', maxlength: 19 %>
+        </div>
+      </div>
+    </div>
+
+    <div id="braintree-dropin"></div>
+    <input type="hidden" id="payment_method_nonce" name="payment[payment_method_nonce]">
+
+    <div class="clear"></div>
+
+    <%= label_tag "card_address#{payment_method.id}", Spree.t(:billing_address) %>
+    <% address = @order.bill_address || @order.ship_address || Spree::Address.build_default %>
+    <%= fields_for "#{param_prefix}[address_attributes]", address do |f| %>
+      <%= render :partial => 'spree/admin/shared/address_form', :locals => { :f => f, :type => "billing" } %>
+    <% end %>
+
+    <div class="clear"></div>
+  </div>
+</fieldset>

data/app/views/spree/admin/payments/source_views/_braintree.html.erb

@@ -0,0 +1,30 @@
+<fieldset data-hook="credit_card">
+  <legend align="center"><%= Spree::CreditCard.model_name.human %></legend>
+
+  <div class="row">
+    <div class="alpha six columns">
+      <dl>
+        <dt><%= Spree.t(:identifier) %>:</dt>
+        <dd><%= payment.number %></dd>
+
+        <dt><%= Spree.t(:response_code) %>:</dt>
+        <dd><%= braintree_transaction_link(payment.response_code) %></dd>
+
+        <dt><%= Spree.t(:name_on_card) %>:</dt>
+        <dd><%= payment.source.name %></dd>
+
+        <dt><%= Spree::CreditCard.human_attribute_name(:cc_type) %>:</dt>
+        <dd><%= payment.source.cc_type %></dd>
+
+        <dt><%= Spree::CreditCard.human_attribute_name(:number) %>:</dt>
+        <dd><%= payment.source.display_number %></dd>
+
+        <dt><%= Spree::CreditCard.human_attribute_name(:expiration) %>:</dt>
+        <dd><%= payment.source.month %>/<%= payment.source.year %></dd>
+      </dl>
+      <% if payment.source.address %>
+        <%= render partial: 'spree/admin/shared/address', locals: {address: payment.source.address} %>
+      <% end %>
+    </div>
+  </div>
+</fieldset>

data/app/views/spree/checkout/payment/_braintree.html.erb

@@ -0,0 +1,55 @@
+<div class="braintree-payment">
+  <%= render 'spree/checkout/payment/braintree_initialization', payment_method: payment_method %>
+
+  <div class="braintree-paypal-input">
+    <div class="braintree-paypal-header">
+      <%= t('solidus_braintree.paypal_header_html') %>
+    </div>
+    <div id="#braintree_paypal_container"></div>
+  </div>
+  
+  <div class="braintree-cc-input">
+    <div class="braintree-cc-header">
+      <%= t('solidus_braintree.creditcard_header_html') %>
+      <%= image_tag 'credit_cards/credit_card.gif', :id => 'credit-card-image' %>
+    </div>
+    <% param_prefix = "payment_source[#{payment_method.id}]" %>
+
+    <p class="field">
+      <%= label_tag "name_on_card_#{payment_method.id}", Spree.t(:name_on_card) %><span class="required">*</span><br />
+      <%= text_field_tag "#{param_prefix}[name]", "#{@order.billing_firstname} #{@order.billing_lastname}", { id: "name_on_card_#{payment_method.id}", :autocomplete => "cc-name" } %>
+    </p>
+
+    <p class="field" data-hook="card_number">
+      <%= label_tag "braintree_card_number", Spree.t(:card_number) %><span class="required">*</span><br />
+      <label for="braintree_card_number" id="braintree_card_number" class="braintree-hosted-field"></label>
+      &nbsp;
+      <span id="card_type" style="display:none;">
+        ( <span id="looks_like" ><%= Spree.t(:card_type_is) %> <span id="type"></span></span>
+        <span id="unrecognized"><%= Spree.t(:unrecognized_card_type) %></span>
+        )
+      </span>
+    </p>
+
+    <p class="field" data-hook="card_expiration">
+      <%= label_tag "braintree_card_expiry", Spree.t(:expiration) %><span class="required">*</span><br />
+      <label for="braintree_card_expiry" id="braintree_card_expiry" class="braintree-hosted-field"></label>
+    </p>
+
+    <p class="field" data-hook="card_code">
+      <%= label_tag "braintree_card_code", Spree.t(:card_code) %><span class="required">*</span><br />
+
+      <label for="braintree_card_code" id="braintree_card_code" class="braintree-hosted-field card-code"></label>
+      <%= link_to "(#{Spree.t(:what_is_this)})", spree.cvv_path, :target => '_blank', "data-hook" => "cvv_link", :id => "cvv_link" %>
+    </p>
+  </div>
+
+  <% if @order.bill_address %>
+    <%= fields_for "#{param_prefix}[address_attributes]", @order.bill_address do |f| %>
+      <%= render :partial => 'spree/address/form_hidden', :locals => { :form => f } %>
+    <% end %>
+  <% end %>
+
+  <%= hidden_field_tag "#{param_prefix}[cc_type]", '', :id => "cc_type", :class => 'ccType' %>
+  <%= hidden_field_tag "order[payments_attributes][][payment_method_nonce]", '', :id => "payment_method_nonce" %>
+</div>

data/app/views/spree/checkout/payment/_braintree_initialization.html.erb

@@ -0,0 +1,12 @@
+<% content_for :head do %>
+  <%= javascript_tag do %>
+    braintree.environment = "<%= payment_method.preferred_environment %>"
+    braintree.placeholders = {
+      "number": "<%= payment_method.card_number_placeholder %>",
+      "expirationDate": "<%= payment_method.expiration_date_placeholder %>",
+      "cvv": "<%= payment_method.card_code_placeholder %>"
+    }
+  <% end %>
+<% end %>
+
+<%= hidden_field_tag "order[braintree_device_data]", '', :id => "device_data" %>