solidus_paypal_braintree 1.1.1 → 1.2.0

data/spec/features/backend/new_payment_spec.rb

@@ -0,0 +1,137 @@
+require 'spec_helper'
+require 'spree/testing_support/order_walkthrough'
+
+shared_context "with backend checkout setup" do
+  let(:braintree) { new_gateway(active: true) }
+  let!(:gateway) { create :payment_method }
+  let(:order) { create(:completed_order_with_totals, number: 'R9999999') }
+  let(:pending_case_insensitive) { /pending/i }
+  let(:expiration) { "02/#{Date.current.year.next}" }
+
+  before do
+    braintree.save!
+    create(:store, payment_methods: [gateway, braintree]).tap do |store|
+      store.braintree_configuration.update!(credit_card: true)
+    end
+
+    allow_any_instance_of(SolidusPaypalBraintree::Source).to receive(:nonce).and_return("fake-valid-nonce")
+
+    # Order and payment numbers must be identical between runs to re-use the VCR
+    # cassette
+    allow_any_instance_of(Spree::Payment).to receive(:number).and_return("123ABC")
+  end
+
+  around do |example|
+    Capybara.using_wait_time(20) { example.run }
+  end
+end
+
+describe 'creating a new payment', type: :feature, js: true do
+  stub_authorization!
+
+  context "with valid credit card data", vcr: {
+    cassette_name: 'admin/valid_credit_card',
+    match_requests_on: [:braintree_uri]
+  } do
+    include_context "with backend checkout setup"
+
+    it "checks out successfully" do
+      visit "/admin/orders/#{order.number}/payments/new"
+      choose('Braintree')
+      expect(page).to have_selector("#payment_method_#{braintree.id}", visible: :visible)
+      expect(page).to have_selector("iframe#braintree-hosted-field-number")
+
+      within_frame("braintree-hosted-field-number") do
+        fill_in("credit-card-number", with: "4111111111111111")
+      end
+      within_frame("braintree-hosted-field-expirationDate") do
+        fill_in("expiration", with: expiration)
+      end
+      within_frame("braintree-hosted-field-cvv") do
+        fill_in("cvv", with: "123")
+      end
+
+      click_button("Update")
+
+      within('table#payments') do
+        expect(page).to have_content('Braintree')
+        expect(page).to have_content(pending_case_insensitive)
+      end
+
+      click_icon(:capture)
+
+      expect(page).not_to have_content('Cannot perform requested operation')
+      expect(page).to have_content('Payment Updated')
+    end
+  end
+
+  context "with invalid credit card data" do
+    include_context "with backend checkout setup"
+
+    # Attempt to submit an invalid form once
+    before do
+      visit "/admin/orders/#{order.number}/payments/new"
+      choose('Braintree')
+
+      within_frame("braintree-hosted-field-number") do
+        fill_in("credit-card-number", with: "1111111111111111")
+      end
+      within_frame("braintree-hosted-field-expirationDate") do
+        fill_in("expiration", with: expiration)
+      end
+      within_frame("braintree-hosted-field-cvv") do
+        fill_in("cvv", with: "123")
+      end
+
+      click_button "Update"
+    end
+
+    it "displays a meaningful error message" do
+      expect(page).to have_text(
+        "BraintreeError: Some payment input fields are invalid. Cannot tokenize invalid card fields."
+      )
+    end
+
+    # Same error should be produced when submitting an empty form again
+    context "when user tries to resubmit another invalid form", vcr: {
+      cassette_name: "admin/invalid_credit_card",
+      match_requests_on: [:braintree_uri]
+    } do
+      it "displays a meaningful error message" do
+        click_button "Update"
+        expect(page).to have_text(
+          "BraintreeError: Some payment input fields are invalid. Cannot tokenize invalid card fields."
+        )
+      end
+    end
+
+    # User should be able to checkout after submit fails once
+    context "when user enters valid data", vcr: {
+      cassette_name: "admin/resubmit_credit_card",
+      match_requests_on: [:braintree_uri]
+    } do
+      it "creates the payment successfully" do
+        within_frame("braintree-hosted-field-number") do
+          fill_in("credit-card-number", with: "4111111111111111")
+        end
+        within_frame("braintree-hosted-field-expirationDate") do
+          fill_in("expiration", with: expiration)
+        end
+        within_frame("braintree-hosted-field-cvv") do
+          fill_in("cvv", with: "123")
+        end
+        click_button("Update")
+
+        within('table#payments') do
+          expect(page).to have_content('Braintree')
+          expect(page).to have_content(pending_case_insensitive)
+        end
+
+        click_icon(:capture)
+
+        expect(page).not_to have_content('Cannot perform requested operation')
+        expect(page).to have_content('Payment Updated')
+      end
+    end
+  end
+end

data/spec/features/frontend/braintree_credit_card_checkout_spec.rb

@@ -0,0 +1,191 @@
+require 'spec_helper'
+require 'spree/testing_support/order_walkthrough'
+
+shared_context "with frontend checkout setup" do
+  let(:braintree) { new_gateway(active: true) }
+  let!(:gateway) { create :payment_method }
+  let(:three_d_secure_enabled) { false }
+  let(:venmo_enabled) { false }
+  let(:card_number) { "4111111111111111" }
+  let(:card_expiration) { "01/#{Time.now.utc.year + 3}" }
+
+  before do
+    braintree.save!
+
+    create(:store, payment_methods: [gateway, braintree]).tap do |store|
+      store.braintree_configuration.update!(
+        credit_card: true,
+        three_d_secure: three_d_secure_enabled,
+        venmo: venmo_enabled
+      )
+
+      braintree.update(
+        preferred_credit_card_fields_style: { input: { 'font-size': '30px' } },
+        preferred_placeholder_text: { number: "Enter Your Card Number" }
+      )
+    end
+
+    order = if Spree.solidus_gem_version >= Gem::Version.new('2.6.0')
+              Spree::TestingSupport::OrderWalkthrough.up_to(:delivery)
+            else
+              OrderWalkthrough.up_to(:delivery)
+            end
+
+    user = create(:user)
+    order.user = user
+    order.number = "R9999999"
+    order.recalculate
+
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(current_order: order)
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(try_spree_current_user: user)
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(spree_current_user: user)
+    allow_any_instance_of(Spree::Payment).to receive(:number).and_return("123ABC")
+    allow_any_instance_of(SolidusPaypalBraintree::Source).to receive(:nonce).and_return("fake-valid-nonce")
+
+    visit spree.checkout_state_path(:delivery)
+    click_button "Save and Continue"
+    choose("Braintree")
+  end
+
+  around do |example|
+    Capybara.using_wait_time(20) { example.run }
+  end
+end
+
+describe 'entering credit card details', type: :feature, js: true do
+  context 'when page loads' do
+    include_context "with frontend checkout setup"
+
+    it "selectors display correctly" do
+      expect(page).to have_selector("#payment_method_#{braintree.id}", visible: :visible)
+      expect(page).to have_selector("iframe#braintree-hosted-field-number")
+      expect(page).to have_selector("iframe[type='number']")
+    end
+
+    it "credit card field style variable is set" do
+      within_frame("braintree-hosted-field-number") do
+        expect(find("#credit-card-number").style("font-size")).to eq({ "font-size" => "30px" })
+      end
+    end
+
+    it "sets the placeholder text correctly" do
+      within_frame("braintree-hosted-field-number") do
+        expect(find("#credit-card-number")['placeholder']).to eq("Enter Your Card Number")
+      end
+    end
+  end
+
+  context "with valid credit card data", vcr: {
+    cassette_name: 'checkout/valid_credit_card',
+    match_requests_on: [:braintree_uri]
+  } do
+    include_context "with frontend checkout setup"
+    # To ensure Venmo inputs do not conflict with checkout
+    let(:venmo_enabled) { true }
+
+    before do
+      within_frame("braintree-hosted-field-number") do
+        fill_in("credit-card-number", with: card_number)
+      end
+      within_frame("braintree-hosted-field-expirationDate") do
+        fill_in("expiration", with: card_expiration)
+      end
+      within_frame("braintree-hosted-field-cvv") do
+        fill_in("cvv", with: "123")
+      end
+
+      click_button("Save and Continue")
+    end
+
+    it "checks out successfully" do
+      within("#order_details") do
+        expect(page).to have_content("CONFIRM")
+      end
+      click_button("Place Order")
+      expect(page).to have_content("Your order has been processed successfully")
+    end
+
+    context 'with 3D secure enabled' do
+      let(:three_d_secure_enabled) { true }
+
+      it 'checks out successfully' do
+        authenticate_3ds
+
+        within("#order_details") do
+          expect(page).to have_content("CONFIRM")
+        end
+
+        click_button("Place Order")
+        expect(page).to have_content("Your order has been processed successfully")
+      end
+
+      context 'with 3ds authentication error' do
+        let(:card_number) { "4000000000001125" }
+
+        it 'shows a 3ds authentication error' do
+          authenticate_3ds
+          expect(page).to have_content(
+            "3D Secure authentication failed. Please try again using a different payment method."
+          )
+        end
+      end
+    end
+  end
+
+  context "with invalid credit card data" do
+    include_context "with frontend checkout setup"
+
+    # Attempt to submit an empty form once
+    before do
+      click_button "Save and Continue"
+    end
+
+    it "displays an alert with a meaningful error message" do
+      expect(page).to have_text I18n.t("solidus_paypal_braintree.errors.empty_fields")
+      expect(page).to have_selector("input[type='submit']:enabled")
+    end
+
+    # Same error should be produced when submitting an empty form again
+    context "when user tries to resubmit an empty form", vcr: { cassette_name: "checkout/invalid_credit_card" } do
+      it "displays an alert with a meaningful error message" do
+        expect(page).to have_selector("input[type='submit']:enabled")
+
+        click_button "Save and Continue"
+        expect(page).to have_text I18n.t("solidus_paypal_braintree.errors.empty_fields")
+      end
+    end
+
+    # User should be able to checkout after submit fails once
+    context "when user enters valid data", vcr: {
+      cassette_name: "checkout/resubmit_credit_card",
+      match_requests_on: [:braintree_uri]
+    } do
+      it "allows them to resubmit and complete the purchase" do
+        within_frame("braintree-hosted-field-number") do
+          fill_in("credit-card-number", with: "4111111111111111")
+        end
+        within_frame("braintree-hosted-field-expirationDate") do
+          fill_in("expiration", with: card_expiration)
+        end
+        within_frame("braintree-hosted-field-cvv") do
+          fill_in("cvv", with: "123")
+        end
+        click_button("Save and Continue")
+        within("#order_details") do
+          expect(page).to have_content("CONFIRM")
+        end
+        click_button("Place Order")
+        expect(page).to have_content("Your order has been processed successfully")
+      end
+    end
+  end
+
+  def authenticate_3ds
+    within_frame("Cardinal-CCA-IFrame") do
+      fill_in("challengeDataEntry", with: "1234")
+      continue_button = find_button("SUBMIT")
+      continue_button.scroll_to(continue_button)
+      continue_button.click
+    end
+  end
+end

data/spec/features/frontend/paypal_checkout_spec.rb

@@ -0,0 +1,166 @@
+require 'spec_helper'
+
+describe "Checkout", type: :feature, js: true do
+  Capybara.default_max_wait_time = 60
+
+  # let!(:store) do
+  #   create(:store, payment_methods: [payment_method]).tap do |s|
+  #     s.braintree_configuration.update!(braintree_preferences)
+  #   end
+  # end
+  let(:braintree_preferences) { { paypal: true }.merge(paypal_options) }
+  let(:paypal_options) { {} }
+
+  let!(:country) { create(:country, states_required: true) }
+  # let!(:state) { create(:state, country: country, abbr: "CA", name: "California") }
+  # let!(:shipping_method) { create(:shipping_method) }
+  # let!(:stock_location) { create(:stock_location) }
+  let!(:mug) { create(:product, name: "RoR Mug") }
+  let!(:payment_method) { create_gateway }
+  # let!(:zone) { create(:zone) }
+
+  before do
+    create(:store, payment_methods: [payment_method]).tap do |s|
+      s.braintree_configuration.update!(braintree_preferences)
+    end
+    create(:state, country: country, abbr: "CA", name: "California")
+    create(:shipping_method)
+    create(:stock_location)
+    create(:zone)
+  end
+
+  context "when going through express checkout using paypal cart button" do
+    before do
+      payment_method
+      add_mug_to_cart
+    end
+
+    it "checks out successfully", skip: "Broken. To be revisited" do
+      pend_if_paypal_slow do
+        expect_any_instance_of(Spree::Order).to receive(:restart_checkout_flow)
+        move_through_paypal_popup
+        expect(page).to have_content("Shipments")
+        click_on "Place Order"
+        expect(page).to have_content("Your order has been processed successfully")
+      end
+    end
+
+    context 'when using custom paypal button style' do
+      let(:paypal_options) { { preferred_paypal_button_color: 'blue' } }
+
+      it 'displays required PayPal button style' do
+        within_frame find('#paypal-button iframe') do
+          expect(page).to have_selector('.paypal-button-color-blue')
+        end
+      end
+    end
+  end
+
+  context "when going through regular checkout using paypal payment method" do
+    before do
+      payment_method
+      add_mug_to_cart
+      click_button("Checkout")
+      fill_in("order_email", with: "paypal_buyer@paypaltest.com")
+      click_button("Continue")
+      fill_in_address
+      click_button("Save and Continue")
+      click_button("Save and Continue")
+    end
+
+    it "formats the address variable correctly" do
+      expect(page.evaluate_script("address['recipientName']")).to eq "Ryan Bigg"
+    end
+
+    it "checks out successfully", skip: "Broken. To be revisited" do
+      pend_if_paypal_slow do
+        expect_any_instance_of(Spree::Order).not_to receive(:restart_checkout_flow)
+        move_through_paypal_popup
+
+        expect(page).to have_content("Shipments")
+        click_on "Place Order"
+        expect(page).to have_content("Your order has been processed successfully")
+      end
+    end
+  end
+
+  # Selenium does not clear cookies properly between test runs, even when
+  # using Capybara.reset_sessions!, see:
+  # https://github.com/jnicklas/capybara/issues/535
+  #
+  # This causes Paypal to remain logged in and not prompt for an email on the
+  # second test run and causes the test to fail. Adding conditional logic for
+  # this greatly increases the test time, so it is left out since CI runs
+  # these with poltergeist.
+  def move_through_paypal_popup
+    expect(page).to have_css('#paypal-button .paypal-button')
+
+    sleep 2 # the PayPal button is not immediately ready
+
+    popup = page.window_opened_by do
+      within_frame find('#paypal-button iframe') do
+        find('div.paypal-button').click
+      end
+    end
+    page.switch_to_window(popup)
+
+    # We don't control this popup window.
+    # So javascript errors are not our errors.
+    begin
+      expect(page).not_to have_selector('body.loading')
+      fill_in("login_email", with: "stembolt_buyer@stembolttest.com")
+      click_on "Next"
+      fill_in("login_password", with: "test1234")
+
+      expect(page).not_to have_selector('body.loading')
+      click_button("btnLogin")
+
+      expect(page).not_to have_selector('body.loading')
+      click_button("Continue")
+      click_button("Agree & Continue")
+    rescue Selenium::WebDriver::Error::JavascriptError => e
+      pending "PayPal had javascript errors in their popup window."
+      raise e
+    rescue Capybara::ElementNotFound => e
+      pending "PayPal delivered unkown HTML in their popup window."
+      raise e
+    rescue Selenium::WebDriver::Error::NoSuchWindowError => e
+      pending "PayPal popup not available."
+      raise e
+    end
+
+    page.switch_to_window(page.windows.first)
+  end
+
+  def fill_in_address
+    address = "order_bill_address_attributes"
+    if page.has_css?("##{address}_firstname", wait: 0)
+      fill_in "#{address}_firstname", with: "Ryan"
+      fill_in "#{address}_lastname", with: "Bigg"
+    else
+      fill_in "#{address}_name", with: "Ryan Bigg"
+    end
+    fill_in "#{address}_address1", with: "143 Swan Street"
+    fill_in "#{address}_city", with: "San Jose"
+    select "United States of America", from: "#{address}_country_id"
+    select "California", from: "#{address}_state_id"
+    fill_in "#{address}_zipcode", with: "95131"
+    fill_in "#{address}_phone", with: "(555) 555-0111"
+  end
+
+  def add_mug_to_cart
+    visit spree.root_path
+    click_link mug.name
+    click_button "add-to-cart-button"
+  end
+
+  def pend_if_paypal_slow
+    yield
+  rescue RSpec::Expectations::ExpectationNotMetError => e
+    pending "PayPal did not answer in #{Capybara.default_max_wait_time} seconds."
+    raise e
+  rescue Selenium::WebDriver::Error::JavascriptError => e
+    pending "PayPal delivered wrong payload because of errors in their popup window."
+    raise e
+  end
+end

data/spec/features/frontend/venmo_checkout_spec.rb

@@ -0,0 +1,194 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'spree/testing_support/order_walkthrough'
+
+describe "Checkout", type: :feature, js: true do
+  let(:braintree_preferences) { { venmo: true }.merge(preferences) }
+  let(:preferences) { {} }
+  let(:user) { create(:user) }
+  let!(:payment_method) { create_gateway }
+
+  before do
+    create(:store, payment_methods: [payment_method]).tap do |s|
+      s.braintree_configuration.update!(braintree_preferences)
+    end
+
+    go_to_payment_checkout_page
+  end
+
+  context 'with Venmo checkout' do
+    context 'when Venmo is disabled' do
+      let(:preferences) { { venmo: false } }
+
+      it 'does not load the Venmo payment button' do
+        expect(page).not_to have_selector('#venmo-button')
+      end
+    end
+
+    context 'when Venmo is enabled' do
+      it 'loads the Venmo payment button' do
+        expect(page).to have_selector('#venmo-button')
+      end
+    end
+
+    context "when Venmo's button style is customized" do
+      context 'when venmo_button_color is "blue" and venmo_button_width is "280"' do
+        let(:preferences) { { preferred_venmo_button_color: 'blue', preferred_venmo_button_width: '280' } }
+
+        it 'has the correct style' do
+          venmo_button.assert_matches_style(width: '280px', 'background-image': /venmo_blue_button_280x48/)
+          venmo_button.hover
+          venmo_button.assert_matches_style('background-image': /venmo_active_blue_button_280x48/)
+        end
+      end
+
+      context 'when venmo_button_color is "white" and venmo_button_width is "375"' do
+        let(:preferences) { { preferred_venmo_button_color: 'white', preferred_venmo_button_width: '375' } }
+
+        it 'has the correct style' do
+          venmo_button.assert_matches_style(width: '375px', 'background-image': /venmo_white_button_375x48/)
+          venmo_button.hover
+          venmo_button.assert_matches_style('background-image': /venmo_active_white_button_375x48/)
+        end
+      end
+    end
+
+    context 'when the Venmo button is clicked' do
+      before { venmo_button.click }
+
+      it 'opens the QR modal which shows an error when closed' do
+        within_frame(venmo_frame) do
+          expect(page).to have_selector('#venmo-qr-code-view')
+
+          click_button('close-icon')
+
+          expect(page).not_to have_selector('#venmo-qr-code-view')
+        end
+
+        expect(page).to have_content('Venmo authorization was canceled by closing the Venmo Desktop modal.')
+      end
+    end
+
+    # TODO: Reenable these specs once Venmo is enabled on the Braintree sandbox.
+    xcontext 'with Venmo transactions', vcr: { cassette_name: 'checkout/valid_venmo_transaction' } do
+      before do
+        fake_venmo_successful_tokenization
+      end
+
+      context 'with CreditCard disabled' do
+        it 'can checkout with Venmo' do
+          next_checkout_step
+          finalize_checkout
+
+          expect(Spree::Order.last.complete?).to be(true)
+        end
+      end
+
+      # To test that the hosted-fields inputs do not conflict with Venmo's
+      context 'with CreditCard enabled' do
+        let(:preferences) { { credit_card: true } }
+
+        it 'can checkout with Venmo' do
+          disable_hosted_fields_inputs
+          disable_hosted_fields_form_listener
+
+          next_checkout_step
+          finalize_checkout
+
+          expect(Spree::Order.last.complete?).to be(true)
+          expect(Spree::Payment.last.source.venmo?).to be(true)
+        end
+      end
+
+      # https://developer.paypal.com/braintree/docs/guides/venmo/client-side#custom-integration
+      it "meet's Braintree's acceptance criteria during checkout", aggregate_failures: true do
+        next_checkout_step
+
+        expect(page).to have_content('Payment Type: Venmo')
+
+        finalize_checkout
+
+        expect(page).to have_content('Venmo Account: venmojoe')
+      end
+
+      # the VCR must be based on this test, so it includes HTTP requests of the second order
+      it 'saves the used Venmo source in the wallet and can be reused' do
+        next_checkout_step
+        finalize_checkout
+        go_to_payment_checkout_page(order_number: 'R300000002')
+
+        expect(Spree::User.first.wallet.wallet_payment_sources).not_to be_empty
+        expect(page).to have_selector('#existing_cards')
+        expect(page).to have_content('venmojoe')
+
+        next_checkout_step
+        finalize_checkout
+
+        expect(Spree::Order.all.all?(&:complete?)).to be(true)
+      end
+    end
+  end
+
+  private
+
+  def go_to_payment_checkout_page(order_number: 'R300000001' )
+    order = if Spree.solidus_gem_version >= Gem::Version.new('2.6.0')
+              Spree::TestingSupport::OrderWalkthrough.up_to(:address)
+            else
+              OrderWalkthrough.up_to(:address)
+            end
+
+    order.update!(user: user, number: order_number) # constant order number for VCRs
+
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(current_order: order)
+
+    first_user = Spree::User.first
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(try_spree_current_user: first_user)
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(spree_current_user: first_user)
+
+    allow_any_instance_of(Spree::Payment).to receive(:gateway_order_id).and_return(order_number)
+
+    visit spree.checkout_state_path(order.state)
+    next_checkout_step
+  end
+
+  def next_checkout_step
+    click_button('Save and Continue')
+  end
+
+  def finalize_checkout
+    click_button('Place Order')
+  end
+
+  def venmo_button
+    find_button('venmo-button', disabled: false)
+  end
+
+  def venmo_frame
+    find('#venmo-desktop-iframe')
+  end
+
+  def fake_venmo_successful_tokenization
+    enable_venmo_inputs
+    fake_payment_method_nonce
+  end
+
+  def enable_venmo_inputs
+    page.execute_script("$('.venmo-fields input').each(function(_index, input){input.removeAttribute('disabled');});")
+  end
+
+  def fake_payment_method_nonce
+    page.execute_script("$('#venmo_payment_method_nonce').val('fake-venmo-account-nonce');")
+  end
+
+  def disable_hosted_fields_inputs
+    page.execute_script("$('.hosted-fields input').each(function(_index, input){input.disabled=true;});")
+  end
+
+  def disable_hosted_fields_form_listener
+    # Once the submit button is enabled, the submit listener has been added
+    find("#checkout_form_payment input[type='submit']:not(:disabled)")
+    page.execute_script("$('#checkout_form_payment').off('submit');")
+  end
+end