solidus_paypal_braintree 1.1.2 → 1.2.0

data/lib/solidus_paypal_braintree.rb

@@ -1,11 +1,13 @@
 # frozen_string_literal: true
 
 require 'solidus_core'
-require 'solidus_paypal_braintree/version'
-require 'solidus_paypal_braintree/engine'
+require 'solidus_support'
+
 require 'solidus_paypal_braintree/country_mapper'
 require 'solidus_paypal_braintree/request_protection'
-require 'solidus_support'
+require 'solidus_paypal_braintree/extension_configuration'
+require 'solidus_paypal_braintree/version'
+require 'solidus_paypal_braintree/engine'
 
 module SolidusPaypalBraintree
   def self.table_name_prefix

data/solidus_paypal_braintree.gemspec

@@ -1,42 +1,42 @@
 # frozen_string_literal: true
 
-$:.push File.expand_path('lib', __dir__)
-require 'solidus_paypal_braintree/version'
-
-Gem::Specification.new do |s|
-  s.name        = 'solidus_paypal_braintree'
-  s.version     = SolidusPaypalBraintree::VERSION
-  s.summary     = 'Officially supported Paypal/Braintree extension'
-  s.description = 'Uses the javascript API for seamless braintree payments'
-  s.license     = 'BSD-3-Clause'
-
-  s.author    = 'Stembolt'
-  s.email     = 'braintree+gemfile@stembolt.com'
-  s.homepage  = 'https://github.com/solidusio/solidus_paypal_braintree'
-
-  s.required_ruby_version = '>= 2.5'
-
-  s.files = Dir.chdir(File.expand_path(__dir__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  end
-  s.bindir = "exe"
-  s.executables = s.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  s.require_paths = ["lib"]
-
-  if s.respond_to?(:metadata)
-    s.metadata["homepage_uri"] = s.homepage if s.homepage
-    s.metadata["source_code_uri"] = s.homepage if s.homepage
-    s.metadata["rubygems_mfa_required"] = 'true'
-  end
-
-  s.add_dependency 'activemerchant', '~> 1.48'
-  s.add_dependency 'braintree', '~> 3.4'
-  s.add_dependency 'solidus_api', ['>= 2.0.0', '< 4']
-  s.add_dependency 'solidus_core', ['>= 2.0.0', '< 4']
-  s.add_dependency 'solidus_support', ['>= 0.8.1', '< 1']
-
-  s.add_development_dependency 'selenium-webdriver'
-  s.add_development_dependency 'solidus_dev_support'
-  s.add_development_dependency 'vcr'
-  s.add_development_dependency 'webmock'
+require_relative 'lib/solidus_paypal_braintree/version'
+
+Gem::Specification.new do |spec|
+  spec.name = 'solidus_paypal_braintree'
+  spec.version = SolidusPaypalBraintree::VERSION
+  spec.authors = ['Stembolt']
+  spec.email = 'braintree+gemfile@stembolt.com'
+
+  spec.summary = 'Officially supported Paypal/Braintree extension'
+  spec.description = 'Uses the javascript API for seamless braintree payments'
+  spec.homepage = 'https://github.com/solidusio/solidus_paypal_braintree'
+  spec.license = 'BSD-3-Clause'
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/solidusio/solidus_paypal_braintree'
+  spec.metadata['changelog_uri'] = 'https://github.com/solidusio/solidus_paypal_braintree/blob/master/CHANGELOG.md'
+
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.5', '< 4')
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  files = Dir.chdir(__dir__) { `git ls-files -z`.split("\x0") }
+
+  spec.files = files.grep_v(%r{^(test|spec|features)/})
+  spec.test_files = files.grep(%r{^(test|spec|features)/})
+  spec.bindir = "exe"
+  spec.executables = files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'activemerchant', '~> 1.48'
+  spec.add_dependency 'braintree', '~> 3.4'
+  spec.add_dependency 'solidus_api', ['>= 2.4.0', '< 4']
+  spec.add_dependency 'solidus_core', ['>= 2.4.0', '< 4']
+  spec.add_dependency 'solidus_support', ['>= 0.8.1', '< 1']
+
+  spec.add_development_dependency 'rails-controller-testing'
+  spec.add_development_dependency 'solidus_dev_support', '~> 2.5'
+  spec.add_development_dependency 'vcr'
+  spec.add_development_dependency 'webmock'
 end

data/spec/controllers/solidus_paypal_braintree/checkouts_controller_spec.rb

@@ -0,0 +1,99 @@
+require 'spec_helper'
+require 'support/order_ready_for_payment'
+
+RSpec.describe SolidusPaypalBraintree::CheckoutsController, type: :controller do
+  routes { SolidusPaypalBraintree::Engine.routes }
+
+  include_context 'when order is ready for payment'
+
+  describe 'PATCH update' do
+    subject(:patch_update) { patch :update, params: params }
+
+    let(:params) do
+      {
+        "state" => "payment",
+        "order" => {
+          "payments_attributes" => [
+            {
+              "payment_method_id" => payment_method.id,
+              "source_attributes" => {
+                "nonce" => "fake-paypal-billing-agreement-nonce",
+                "payment_type" => SolidusPaypalBraintree::Source::PAYPAL
+              }
+            }
+          ],
+          "use_billing" => "1",
+          "use_postmates_shipping" => "0"
+        },
+        "reuse_credit" => "1",
+        "order_bill_address" => "",
+        "reuse_bill_address" => "1"
+      }
+    end
+
+    let!(:payment_method) do
+      create_gateway
+    end
+
+    before do
+      allow(controller).to receive(:try_spree_current_user) { user }
+      allow(controller).to receive(:spree_current_user) { user }
+      allow(controller).to receive(:current_order) { order }
+    end
+
+    context "when a payment is created successfully", vcr: {
+      cassette_name: 'checkout/update',
+      match_requests_on: [:braintree_uri]
+    } do
+      it 'creates a payment' do
+        expect { patch_update }.
+          to change { order.payments.count }.
+          from(0).
+          to(1)
+      end
+
+      it 'creates a payment source' do
+        expect { patch_update }.
+          to change(SolidusPaypalBraintree::Source, :count).
+          from(0).
+          to(1)
+      end
+
+      it 'assigns @order' do
+        patch_update
+        expect(assigns(:order)).to eq order
+      end
+
+      it "is successful" do
+        expect(patch_update).to be_successful
+      end
+
+      it "renders 'ok'" do
+        expect(patch_update.body).to eql("ok")
+      end
+    end
+
+    context "when a payment is not created successfully" do
+      before do
+        allow_any_instance_of(::Spree::Payment).to receive(:save).and_return(false)
+      end
+
+      # No idea why this is the case, but I'm just adding the tests here
+      it "is successful" do
+        expect(patch_update).to be_successful
+      end
+
+      it "renders 'not-ok'" do
+        expect(patch_update.body).to eq('not-ok')
+      end
+
+      it "does not change the number of payments in the system" do
+        expect{ patch_update }.not_to(change(::Spree::Payment, :count))
+      end
+
+      it "does not change the number of sources in the system" do
+        expect{ patch_update }.not_to(change(SolidusPaypalBraintree::Source, :count))
+      end
+    end
+  end
+end

data/spec/controllers/solidus_paypal_braintree/client_tokens_controller_spec.rb

@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe SolidusPaypalBraintree::ClientTokensController do
+  routes { SolidusPaypalBraintree::Engine.routes }
+
+  cassette_options = { cassette_name: "braintree/token" }
+  describe "POST create", vcr: cassette_options do
+    let!(:gateway) { create_gateway }
+    let(:user) { create(:user) }
+    let(:json) { JSON.parse(response.body) }
+
+    before { user.generate_spree_api_key! }
+
+    context 'without a payment method id' do
+      subject(:response) do
+        post :create, params: { token: user.spree_api_key }
+      end
+
+      it "returns a client token", aggregate_failures: true do
+        expect(response).to have_http_status(:success)
+        expect(response.content_type).to include 'application/json'
+        expect(json["client_token"]).to be_present
+        expect(json["client_token"]).to be_a String
+        expect(json["payment_method_id"]).to eq gateway.id
+      end
+
+      context "when there's two gateway's for different stores" do
+        let!(:store1) { create(:store, code: 'store_1') }
+        let!(:store2) { create(:store, code: 'store_2') }
+        let!(:gateway_for_store1) { create_gateway.tap{ |gw| store1.payment_methods << gw } }
+        let!(:gateway_for_store2) { create_gateway.tap{ |gw| store2.payment_methods << gw } }
+
+        it "returns the correct gateway for store1" do
+          allow_any_instance_of(described_class).to receive(:current_store).and_return store1
+          expect(json["payment_method_id"]).to eq gateway_for_store1.id
+        end
+
+        it "returns the correct gateway for store2" do
+          allow_any_instance_of(described_class).to receive(:current_store).and_return store2
+          expect(json["payment_method_id"]).to eq gateway_for_store2.id
+        end
+      end
+    end
+
+    context 'with a payment method id' do
+      subject(:response) do
+        post :create, params: { token: user.spree_api_key, payment_method_id: gateway.id }
+      end
+
+      it 'uses the selected gateway' do
+        expect(json["payment_method_id"]).to eq gateway.id
+      end
+    end
+  end
+end

data/spec/controllers/solidus_paypal_braintree/configurations_controller_spec.rb

@@ -0,0 +1,73 @@
+require 'spec_helper'
+
+describe SolidusPaypalBraintree::ConfigurationsController, type: :controller do
+  routes { SolidusPaypalBraintree::Engine.routes }
+
+  let!(:store_1) { create :store }
+  let!(:store_2) { create :store }
+
+  stub_authorization!
+
+  describe "GET #list" do
+    subject { get :list }
+
+    it "assigns all store's configurations as @configurations" do
+      subject
+      expect(assigns(:configurations)).
+        to eq [store_1.braintree_configuration, store_2.braintree_configuration]
+    end
+
+    it "renders the correct view" do
+      expect(subject).to render_template :list
+    end
+  end
+
+  describe "POST #update" do
+    subject { post :update, params: configurations_params }
+
+    let(:paypal_button_color) { 'blue' }
+    let(:configurations_params) do
+      {
+        configurations: {
+          configuration_fields: {
+            store_1.braintree_configuration.id.to_s => { paypal: true, apple_pay: true },
+            store_2.braintree_configuration.id.to_s => {
+              paypal: true,
+              apple_pay: false,
+              preferred_paypal_button_color: paypal_button_color
+            }
+          }
+        }
+      }
+    end
+
+    context "with valid parameters" do
+      it "updates the configuration" do
+        expect { subject }.to change { store_1.braintree_configuration.reload.paypal }.
+          from(false).to(true)
+      end
+
+      it "displays a success message to the user" do
+        subject
+        expect(flash[:success]).to eq "Successfully updated Braintree configurations."
+      end
+
+      it "displays all configurations" do
+        expect(subject).to redirect_to action: :list
+      end
+    end
+
+    context "with invalid parameters" do
+      let(:paypal_button_color) { 'invalid-color' }
+
+      it "displays an error message to the user" do
+        subject
+        expect(flash[:error]).to eq "An error occurred while updating Braintree configurations."
+      end
+
+      it "returns the user to the edit page" do
+        expect(subject).to redirect_to action: :list
+      end
+    end
+  end
+end

data/spec/controllers/solidus_paypal_braintree/transactions_controller_spec.rb

@@ -0,0 +1,183 @@
+require 'spec_helper'
+
+RSpec.describe SolidusPaypalBraintree::TransactionsController, type: :controller do
+  routes { SolidusPaypalBraintree::Engine.routes }
+
+  let!(:country) { create :country }
+  let(:line_item) { create :line_item, price: 50 }
+  let(:order) do
+    Spree::Order.create!(
+      line_items: [line_item],
+      email: 'test@example.com',
+      bill_address: create(:address, country: country),
+      ship_address: create(:address, country: country),
+      user: create(:user)
+    )
+  end
+
+  let(:payment_method) { create_gateway }
+
+  before do
+    allow(controller).to receive(:spree_current_user) { order.user }
+    allow(controller).to receive(:current_order) { order }
+    create :shipping_method, cost: 5
+    create :state, abbr: "WA", country: country
+  end
+
+  cassette_options = {
+    cassette_name: "transactions_controller/create",
+    match_requests_on: [:braintree_uri]
+  }
+  describe "POST create", vcr: cassette_options do
+    subject(:post_create) { post :create, params: params }
+
+    let!(:country) { create :country, iso: 'US' }
+
+    let(:params) do
+      {
+        transaction: {
+          nonce: "fake-valid-nonce",
+          payment_type: SolidusPaypalBraintree::Source::PAYPAL,
+          phone: "1112223333",
+          email: "batman@example.com",
+          address_attributes: {
+            name: "Wade Wilson",
+            address_line_1: "123 Fake Street",
+            city: "Seattle",
+            zip: "98101",
+            state_code: "WA",
+            country_code: "US"
+          }
+        },
+        payment_method_id: payment_method.id
+      }
+    end
+
+    before do
+      create :state, abbr: "WA", country: country
+    end
+
+    context "when import has invalid address" do
+      before { params[:transaction][:address_attributes][:city] = nil }
+
+      it "raises a validation error" do
+        expect { post_create }.to raise_error(
+          SolidusPaypalBraintree::TransactionsController::InvalidImportError,
+          "Import invalid: " \
+          "Address is invalid, " \
+          "Address City can't be blank"
+        )
+      end
+    end
+
+    context "when the transaction is valid", vcr: {
+      cassette_name: 'transaction/import/valid',
+      match_requests_on: [:braintree_uri]
+    } do
+      it "imports the payment" do
+        expect { post_create }.to change { order.payments.count }.by(1)
+        expect(order.payments.first.amount).to eq 55
+      end
+
+      context "when no end state is provided" do
+        it "advances the order to confirm" do
+          post_create
+          expect(order).to be_confirm
+        end
+      end
+
+      context "when end state provided is delivery" do
+        let(:params) { super().merge(state: 'delivery') }
+
+        it "advances the order to delivery" do
+          post_create
+          expect(order).to be_delivery
+        end
+      end
+
+      context "with provided address" do
+        it "creates a new address" do
+          # Creating the order also creates 3 addresses, we want to make sure
+          # the transaction import only creates 1 new one
+          order
+          expect { post_create }.to change(Spree::Address, :count).by(1)
+          expect(Spree::Address.last.address1).to eq "123 Fake Street"
+        end
+      end
+
+      context "without country ISO" do
+        before do
+          params[:transaction][:address_attributes][:country_code] = ""
+          params[:transaction][:address_attributes][:country_name] = "United States"
+        end
+
+        it "creates a new address, looking up the ISO by country name" do
+          order
+          expect { post_create }.to change(Spree::Address, :count).by(1)
+          expect(Spree::Address.last.country.iso).to eq "US"
+        end
+      end
+
+      context "without transaction address" do
+        before { params[:transaction].delete(:address_attributes) }
+
+        it "does not create a new address" do
+          order
+          expect { post_create }.not_to(change(Spree::Address, :count))
+        end
+      end
+
+      context "when format is HTML" do
+        context "when import! leaves the order in confirm" do
+          it "redirects the user to the confirm page" do
+            expect(post_create).to redirect_to spree.checkout_state_path("confirm")
+          end
+        end
+
+        context "when import! completes the order" do
+          before { allow(order).to receive(:complete?).and_return(true) }
+
+          it "displays the order to the user" do
+            expect(post_create).to redirect_to spree.order_path(order)
+          end
+        end
+      end
+
+      context "when format is JSON" do
+        before { params[:format] = :json }
+
+        it "has a successful response" do
+          post_create
+          expect(response).to be_successful
+        end
+      end
+    end
+
+    context "when the transaction is invalid" do
+      before { params[:transaction][:email] = nil }
+
+      context "when format is HTML" do
+        it "raises an error including the validation messages" do
+          expect { post_create }.to raise_error(
+            SolidusPaypalBraintree::TransactionsController::InvalidImportError,
+            "Import invalid: Email can't be blank"
+          )
+        end
+      end
+
+      context "when format is JSON" do
+        before { params[:format] = :json }
+
+        it "has a failed status" do
+          post_create
+          expect(response).to have_http_status :unprocessable_entity
+        end
+
+        it "returns the errors as JSON" do
+          post_create
+          expect(JSON.parse(response.body)["errors"]["email"]).to eq ["can't be blank"]
+        end
+      end
+    end
+  end
+end

data/spec/features/backend/configuration_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+RSpec.describe "viewing the configuration interface" do
+  stub_authorization!
+
+  # Regression to ensure this page still renders on old versions of solidus
+  it "doesn't raise any errors due to unavailable route helpers" do
+    visit "/solidus_paypal_braintree/configurations/list"
+    expect(page).to have_content("Braintree Configurations")
+  end
+
+  # Regression to ensure this page renders on Solidus 2.4
+  it "doesn't raise any errors due to unavailable preference field partial" do
+    Rails.application.config.spree.payment_methods << SolidusPaypalBraintree::Gateway
+    Spree::PaymentMethod.create!(
+      type: 'SolidusPaypalBraintree::Gateway',
+      name: 'Braintree Payments'
+    )
+    visit '/admin/payment_methods'
+    page.find('a[title="Edit"]').click
+    expect(page).to have_field 'Name', with: 'Braintree Payments'
+  end
+end

data/spec/features/backend/new_payment_spec.rb

@@ -0,0 +1,137 @@
+require 'spec_helper'
+require 'spree/testing_support/order_walkthrough'
+
+shared_context "with backend checkout setup" do
+  let(:braintree) { new_gateway(active: true) }
+  let!(:gateway) { create :payment_method }
+  let(:order) { create(:completed_order_with_totals, number: 'R9999999') }
+  let(:pending_case_insensitive) { /pending/i }
+  let(:expiration) { "02/#{Date.current.year.next}" }
+
+  before do
+    braintree.save!
+    create(:store, payment_methods: [gateway, braintree]).tap do |store|
+      store.braintree_configuration.update!(credit_card: true)
+    end
+
+    allow_any_instance_of(SolidusPaypalBraintree::Source).to receive(:nonce).and_return("fake-valid-nonce")
+
+    # Order and payment numbers must be identical between runs to re-use the VCR
+    # cassette
+    allow_any_instance_of(Spree::Payment).to receive(:number).and_return("123ABC")
+  end
+
+  around do |example|
+    Capybara.using_wait_time(20) { example.run }
+  end
+end
+
+describe 'creating a new payment', type: :feature, js: true do
+  stub_authorization!
+
+  context "with valid credit card data", vcr: {
+    cassette_name: 'admin/valid_credit_card',
+    match_requests_on: [:braintree_uri]
+  } do
+    include_context "with backend checkout setup"
+
+    it "checks out successfully" do
+      visit "/admin/orders/#{order.number}/payments/new"
+      choose('Braintree')
+      expect(page).to have_selector("#payment_method_#{braintree.id}", visible: :visible)
+      expect(page).to have_selector("iframe#braintree-hosted-field-number")
+
+      within_frame("braintree-hosted-field-number") do
+        fill_in("credit-card-number", with: "4111111111111111")
+      end
+      within_frame("braintree-hosted-field-expirationDate") do
+        fill_in("expiration", with: expiration)
+      end
+      within_frame("braintree-hosted-field-cvv") do
+        fill_in("cvv", with: "123")
+      end
+
+      click_button("Update")
+
+      within('table#payments') do
+        expect(page).to have_content('Braintree')
+        expect(page).to have_content(pending_case_insensitive)
+      end
+
+      click_icon(:capture)
+
+      expect(page).not_to have_content('Cannot perform requested operation')
+      expect(page).to have_content('Payment Updated')
+    end
+  end
+
+  context "with invalid credit card data" do
+    include_context "with backend checkout setup"
+
+    # Attempt to submit an invalid form once
+    before do
+      visit "/admin/orders/#{order.number}/payments/new"
+      choose('Braintree')
+
+      within_frame("braintree-hosted-field-number") do
+        fill_in("credit-card-number", with: "1111111111111111")
+      end
+      within_frame("braintree-hosted-field-expirationDate") do
+        fill_in("expiration", with: expiration)
+      end
+      within_frame("braintree-hosted-field-cvv") do
+        fill_in("cvv", with: "123")
+      end
+
+      click_button "Update"
+    end
+
+    it "displays a meaningful error message" do
+      expect(page).to have_text(
+        "BraintreeError: Some payment input fields are invalid. Cannot tokenize invalid card fields."
+      )
+    end
+
+    # Same error should be produced when submitting an empty form again
+    context "when user tries to resubmit another invalid form", vcr: {
+      cassette_name: "admin/invalid_credit_card",
+      match_requests_on: [:braintree_uri]
+    } do
+      it "displays a meaningful error message" do
+        click_button "Update"
+        expect(page).to have_text(
+          "BraintreeError: Some payment input fields are invalid. Cannot tokenize invalid card fields."
+        )
+      end
+    end
+
+    # User should be able to checkout after submit fails once
+    context "when user enters valid data", vcr: {
+      cassette_name: "admin/resubmit_credit_card",
+      match_requests_on: [:braintree_uri]
+    } do
+      it "creates the payment successfully" do
+        within_frame("braintree-hosted-field-number") do
+          fill_in("credit-card-number", with: "4111111111111111")
+        end
+        within_frame("braintree-hosted-field-expirationDate") do
+          fill_in("expiration", with: expiration)
+        end
+        within_frame("braintree-hosted-field-cvv") do
+          fill_in("cvv", with: "123")
+        end
+        click_button("Update")
+
+        within('table#payments') do
+          expect(page).to have_content('Braintree')
+          expect(page).to have_content(pending_case_insensitive)
+        end
+
+        click_icon(:capture)
+
+        expect(page).not_to have_content('Cannot perform requested operation')
+        expect(page).to have_content('Payment Updated')
+      end
+    end
+  end
+end