RubyGems - solidus_six_saferpay - Versions diffs - 0.1.7 → 0.4.0 - Mend

solidus_six_saferpay 0.1.7 → 0.4.0

Files changed (91) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7202fabe3b8884bc1ab183e397f2ff18c419acd6c654ae75460b25f4c90fe470
-  data.tar.gz: 1e49380bf2304bd3694b307ee6231a73c212f3af216bf24bf44a4dd31f369f8a
+  metadata.gz: e8910f41d3ede2f306709f7a0a628b5f409a1a1b9ccc9bc8c53931cde642b89c
+  data.tar.gz: c4e066bafdf347b44bc8ae097315a4992a7a304b6bf50ddbe037f90c5d5eb3da
 SHA512:
-  metadata.gz: 6467caba523bb6a51aed70eeacf38f2b45e2bc9b0b9a2c5d43d23e4777ae89cca00bbce71312ce108cb2ce981d8bcf4cc1efebcef8a1abececa3c8170ff87550
-  data.tar.gz: 2b2ee111227b9b7df5de845d3ad471916ac73557379e5d77a7ccf43fac6d6ef4523f4b9d4d69f5c9f5aac8dd32093d37c0c3065cdab035a4c86d4bea98ab8147
+  metadata.gz: 4859639f97bd6da726a0f04267161d92b6b6c8df3912de70a93d97fd6f95aff4a977af1a0334dbf028db424a2c1003b8f8d991b8f7a659f199ce0c984ba02a70
+  data.tar.gz: 5fa22b0c98edadae98ff8728599adeada7e0c057c65b30fd749e3a4d4f576516ddc260d00d2f5568be65738acac978536bc4448ca07ca2c5802f8890f62bb95b

data/.circleci/config.yml ADDED

@@ -0,0 +1,35 @@
+version: 2.1
+orbs:
+  # Always take the latest version of the orb, this allows us to
+  # run specs against Solidus supported versions only without the need
+  # to change this configuration every time a Solidus version is released
+  # or goes EOL.
+  solidusio_extensions: solidusio/extensions@volatile
+jobs:
+  run-specs-with-postgres:
+    executor: solidusio_extensions/postgres
+    steps:
+      - solidusio_extensions/run-tests
+  run-specs-with-mysql:
+    executor: solidusio_extensions/mysql
+    steps:
+      - solidusio_extensions/run-tests
+workflows:
+  "Run specs on supported Solidus versions":
+    jobs:
+      - run-specs-with-postgres
+      - run-specs-with-mysql
+  "Weekly run specs against master":
+    triggers:
+      - schedule:
+          cron: "0 0 * * 4" # every Thursday
+          filters:
+            branches:
+              only:
+                - master
+    jobs:
+      - run-specs-with-postgres
+      - run-specs-with-mysql

data/.gem_release.yml ADDED

@@ -0,0 +1,5 @@
+bump:
+  recurse: false
+  file: 'lib/solidus_six_saferpay/version.rb'
+  message: Bump SolidusSixSaferpay to %{version}
+  tag: true

data/.github/stale.yml ADDED

@@ -0,0 +1,17 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+# Label to use when marking an issue as stale
+staleLabel: wontfix
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

data/.gitignore ADDED

@@ -0,0 +1,18 @@
+*.gem
+\#*
+*~
+.#*
+.DS_Store
+.idea
+.project
+.sass-cache
+coverage
+Gemfile.lock
+tmp
+nbproject
+pkg
+*.swp
+spec/dummy
+spec/examples.txt
+sandbox

data/.rspec ADDED

	@@ -0,0 +1,2 @@
1	+ --color
2	+ --require spec_helper

data/.rubocop.yml ADDED

	@@ -0,0 +1,2 @@
1	+ require:
2	+ - solidus_dev_support/rubocop

data/.travis.yml ADDED

@@ -0,0 +1,12 @@
+language: ruby
+rvm:
+- 2.5.1
+before_install:
+- gem install bundler -v 2.0.1
+script:
+- bin/rake extension:test_app
+- bin/rake extension:specs
+notifications:
+  slack:
+    secure: Vpuu/JENlZAiH67DU5bFmyKlKNmhiAZ0wSd6mjFyzcFAXaEbFIt9xkMigoEwLfQh/ZMUvKQcv3oQ6s9j5FkYImRZ0gfs1me7z/H8NTXMF5eOu7aS/gRHMGq8x2nvDBqNhSVtffqLfF3aydjZPJvGz8cvAQtqw4b+qOSIuxs2BOpcMMgEZEXW7Py6AthY2p1jxByyiqGB7NcvKsQedVtgdrnK4j+jcwK6Q9/DTOMivhWLEWAvn6VJ5zMomM5FdOFfH86uhHASGYB72ufpmKUwmFASSNHBM3CNQhZ0O/LS+a1dOlaW1BhU5q6KS/q6vgEYHyjdqcD7HhKFdlaVm6W/N1lbX+MFFcFT++l6CN8Aa3xmYpy/zWO5wwBRZw0zhYT/7P4BRoCll1D7RetnGcIV6KJyC0ydn2u/pi1kKBOgzuwbgQ+pH/lPH9+HuZzlhynRBdz2v45ctXf6AFQZmfJvFEBNwb38Q08zzGcCru0+Lu4uhFFLEwi2oMCWtpUsk0PfUJf/cUfp0hluh8wZsQWe+VQOS1NjmL8/yxjijFGzmS8WmMTb+fw7bRXFir0ecdntbP9aAhJxBN4PaMfYEFzBjCbc1e2gmwXk0VBV/0IH9hxxzIorUSmGydrWLDWiap0yDC2bm+gndodxKawT4+O45qB9jI5aYXG6JlHzrTn8QU4=
+  email: false

data/Gemfile ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+source 'https://rubygems.org'
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+branch = ENV.fetch('SOLIDUS_BRANCH', 'master')
+gem 'solidus', github: 'solidusio/solidus', branch: branch
+# Needed to help Bundler figure out how to resolve dependencies,
+# otherwise it takes forever to resolve them.
+# See https://github.com/bundler/bundler/issues/6677
+gem 'rails', '>0.a'
+# Provides basic authentication functionality for testing parts of your engine
+gem 'solidus_auth_devise'
+case ENV['DB']
+when 'mysql'
+  gem 'mysql2'
+when 'postgresql'
+  gem 'pg'
+else
+  gem 'sqlite3'
+end
+gemspec
+# Use a local Gemfile to include development dependencies that might not be
+# relevant for the project or for other contributors, e.g. pry-byebug.
+#
+# We use `send` instead of calling `eval_gemfile` to work around an issue with
+# how Dependabot parses projects: https://github.com/dependabot/dependabot-core/issues/1658.
+send(:eval_gemfile, 'Gemfile-local') if File.exist? 'Gemfile-local'

data/LICENSE ADDED

@@ -0,0 +1,26 @@
+Copyright (c) 2020 [name of plugin creator]
+All rights reserved.
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name Solidus nor the names of its contributors may be used to
+      endorse or promote products derived from this software without specific
+      prior written permission.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md CHANGED

@@ -1,33 +1,26 @@
 # SolidusSixSaferpay
 The `solidus_six_saferpay` engine adds checkout options for the Saferpay Payment Page ([Integration Guide](https://saferpay.github.io/sndbx/Integration_PP.html), [JSON API documentation](http://saferpay.github.io/jsonapi/#ChapterPaymentPage)) and the Saferpay Transaction ([Integration Guide](https://saferpay.github.io/sndbx/Integration_trx.html), [JSON API documentation](https://saferpay.github.io/sndbx/Integration_trx.html)).
+### Disclaimer
+This gem is built to be a general-purpose integration of the Six Saferpay payment interface. However due to lack of resources and because we are (as far as we know) the only users of this gem, we are only testing our use cases (PaymentPage). Therefore we can not guarantee that this will work in any other solidus shop. If you consider using this gem, please test everything thoroughly.
 ## Status
 Travis CI status: [![Build Status](https://travis-ci.org/fadendaten/solidus_six_saferpay.svg?branch=master)](https://travis-ci.org/fadendaten/solidus_six_saferpay)
 ## Installation
-Add this line to your application's Gemfile:
+Add solidus_six_saferpay to your Gemfile:
 ```ruby
 gem 'solidus_six_saferpay'
 ```
-And then execute:
-```bash
-$ bundle
-```
-Or install it yourself as:
+Bundle your dependencies and run the installation generator:
-```bash
-$ gem install solidus_six_saferpay
-```
-After installing the gem, copy the migrations to your host application and migrate:
-```bash
-$ bundle exec rails g solidus_six_saferpay:install
+```shell
+bundle
+bundle exec rails g solidus_six_saferpay:install
 ```
 Add the following javascript to your `application.js` manifest file below the `//= require spree` line:
@@ -60,7 +53,6 @@ Spree::Core::Engine.routes.default_url_options { 'http://localhost:3000' }
 Spree::Core::Engine.routes.default_url_options { 'https://url-to-your-solidus-shop.tld' }
 ```
 ## Configuration and Usage
 After adding the `solidus_six_saferpay` gem to your Solidus Rails app, you can create new payment methods `Saferpay Payment Page` and `Saferpay Transaction` in the admin backend under "Settings" > "Payment". When adding a new Saferpay payment method, you can configure the payment method with the information you have received from SIX when creating a new test account.
@@ -212,9 +204,33 @@ When the user confirms the purchase in the checkout process, the saferpay paymen
 #### Checkout: Payment Cancel
 When a user cancels a payment, the `CheckoutController` receives a `fail` request and handles this request in the `#fail` action. The result is that the user is shown an error message stating that the payment was aborted.
+## Testing
+First bundle your dependencies, then run `rake`. `rake` will default to building the dummy app if it does not exist, then it will run specs, and [Rubocop](https://github.com/bbatsov/rubocop) static code analysis. The dummy app can be regenerated by using `rake test_app`.
+```shell
+bundle
+bin/rake
+```
+When testing your application's integration with this extension you may use its factories.
+Simply add this require statement to your spec_helper:
+```ruby
+require 'solidus_six_saferpay/factories'
+```
 ## Contributing
 This gem is available for everyone to use, however chances are that its implementation is still tailored towards our custom solidus-based shop.
 If you see improvements to be made, feel free to fork the gem and submit pull requests. All incoming pull requests will be discussed, but it's possible that we will reject pull requests that break functionality for our use case.
-## License
-The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+## Releasing
+Your new extension version can be released using `gem-release` like this:
+```shell
+bundle exec gem bump -v VERSION --tag --push --remote upstream && gem release
+```
+Copyright (c) 2020 fadendaten GmbH, released under the New BSD License

data/Rakefile CHANGED

@@ -1,56 +1,6 @@
-# begin
-#   require 'bundler/setup'
-# rescue LoadError
-#   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
-# end
+# frozen_string_literal: true
-# require 'rdoc/task'
+require 'solidus_dev_support/rake_tasks'
+SolidusDevSupport::RakeTasks.install
-# RDoc::Task.new(:rdoc) do |rdoc|
-#   rdoc.rdoc_dir = 'rdoc'
-#   rdoc.title    = 'SolidusSixSaferpay'
-#   rdoc.options << '--line-numbers'
-#   rdoc.rdoc_files.include('README.md')
-#   rdoc.rdoc_files.include('lib/**/*.rb')
-# end
-# APP_RAKEFILE = File.expand_path("spec/dummy/Rakefile", __dir__)
-# load 'rails/tasks/engine.rake'
-# load 'rails/tasks/statistics.rake'
-# require 'bundler/gem_tasks'
-# require 'rspec/core/rake_task'
-# RSpec::Core::RakeTask.new(:spec)
-# task default: :spec
-require 'bundler'
-Bundler::GemHelper.install_tasks
-begin
-  require 'spree/testing_support/extension_rake'
-  require 'rspec/core/rake_task'
-  RSpec::Core::RakeTask.new(:spec)
-  # task default: %i(first_run spec)
-  task default: %i(first_run spec)
-rescue LoadError
-  # no rspec available
-end
-task :first_run do
-  if Dir['spec/dummy'].empty?
-    Rake::Task[:test_app].invoke
-    Dir.chdir('../../')
-  end
-end
-desc 'Generates a dummy app for testing'
-task :test_app do
-  ENV['LIB_NAME'] = 'solidus_six_saferpay'
-  Rake::Task['extension:test_app'].invoke
-end
+task default: 'extension:specs'

data/app/assets/config/solidus_six_saferpay_manifest.js CHANGED

@@ -1,2 +1,3 @@
+//= link_tree ../images
 //= link_directory ../javascripts/solidus_six_saferpay .js
 //= link_directory ../stylesheets/solidus_six_saferpay .css

data/app/assets/images/solidus_six_saferpay/.keep ADDED

File without changes

data/app/assets/javascripts/solidus_six_saferpay/saferpay_payment.js CHANGED

@@ -18,7 +18,10 @@ let SaferpayPayment = {
       },
       error: function(xhr) {
-        console.error(xhr.responseText);
+        // We have no other option for displaying this message, so to inform
+        // the user we must alert
+        alert(xhr.responseJSON.errors);
+        window.location.replace(xhr.responseJSON.redirect_url);
         return false;
       },
     })

data/app/assets/javascripts/spree/backend/solidus_six_saferpay.js ADDED

	@@ -0,0 +1,2 @@
1	+ // Placeholder manifest file.
2	+ // the installer will append this file to the app vendored assets here: vendor/assets/javascripts/spree/backend/all.js'

data/app/assets/javascripts/spree/frontend/solidus_six_saferpay.js ADDED

	@@ -0,0 +1,2 @@
1	+ // Placeholder manifest file.
2	+ // the installer will append this file to the app vendored assets here: vendor/assets/javascripts/spree/frontend/all.js'

data/app/assets/stylesheets/spree/backend/solidus_six_saferpay.css ADDED

@@ -0,0 +1,4 @@
+/*
+Placeholder manifest file.
+the installer will append this file to the app vendored assets here: 'vendor/assets/stylesheets/spree/backend/all.css'
+*/

data/app/assets/stylesheets/spree/frontend/solidus_six_saferpay.css ADDED

@@ -0,0 +1,4 @@
+/*
+Placeholder manifest file.
+the installer will append this file to the app vendored assets here: 'vendor/assets/stylesheets/spree/frontend/all.css'
+*/

data/app/controllers/spree/solidus_six_saferpay/checkout_controller.rb CHANGED

@@ -2,9 +2,27 @@ module Spree
   module SolidusSixSaferpay
     class CheckoutController < StoreController
-      before_action :load_order
       def init
+        order_number = params[:order_number]
+        @order = Spree::Order.find_by(number: order_number)
+        # We must make sure that the order for which the user requests a
+        # payment is still their `current_order`.
+        # This can be false if the user tries to add something to the cart
+        # after getting to the payment checkout step, and then switches back to
+        # the payment step and starts the payment process by selecting a
+        # payment method.
+        # In that case, we redirect to the checkout path so the user needs to
+        # go through the checkout process again to ensure that the real
+        # `current_order` contains all necessary information.
+        if @order.nil? || @order != current_order
+          render json: {
+            redirect_url: spree.cart_path,
+            errors: t('.order_was_modified_after_confirmation')
+          }, status: 422
+          return
+        end
         payment_method = Spree::PaymentMethod.find(params[:payment_method_id])
         initialized_payment = initialize_payment(@order, payment_method)
@@ -12,17 +30,51 @@ module Spree
           redirect_url = initialized_payment.redirect_url
           render json: { redirect_url: redirect_url }
         else
-          render json: { errors: t('.checkout_not_initialized') }, status: 422
+          render json: {
+            redirect_url: spree.cart_path,
+            errors: t('.checkout_not_initialized')
+          }, status: 422
         end
       end
       def success
+        order_number = params[:order_number]
+        @order = Spree::Order.find_by(number: order_number)
+        if @order.nil?
+          OrderNotFoundHandler.call(controller_context: self, order_number: order_number)
+          flash[:error] = t('.error_while_processing_payment')
+          @redirect_path ||= spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
+        end
         saferpay_payment = Spree::SixSaferpayPayment.where(order_id: @order.id).order(:created_at).last
         if saferpay_payment.nil?
-          raise Spree::Core::GatewayError, t('.saferpay_payment_not_found')
+          PaymentNotFoundHandler.call(controller_context: self, order: @order)
+          flash[:error] = t('.error_while_processing_payment')
+          @redirect_path ||= spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
         end
+        # ensure that completed orders don't try to reprocess the
+        # authorization. This could happen if a user presses the back button
+        # after completing an order.
+        # There is no error handling because it should look like you are simply
+        # redirected to the cart page.
+        if @order.completed?
+          @redirect_path = spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
+        end
         # NOTE: PaymentPage payments are authorized directly. Instead, we
         # perform an ASSERT here to gather the necessary details.
         # This might be confusing at first, but doing it this way makes sense
@@ -38,7 +90,7 @@ module Spree
           processed_authorization = process_authorization(saferpay_payment)
           if processed_authorization.success?
-            @order.next! if @order.payment?
+            PaymentProcessingSuccessHandler.call(controller_context: self, order: @order)
           else
             flash[:error] = processed_authorization.user_message
           end
@@ -48,20 +100,39 @@ module Spree
           flash[:error] = payment_inquiry.user_message
         end
-        @redirect_path = order_checkout_path(@order.state)
+        @redirect_path ||= order_checkout_path(@order.state)
         render :iframe_breakout_redirect, layout: false
       end
       def fail
+        order_number = params[:order_number]
+        @order = Spree::Order.find_by(number: order_number)
+        if @order.nil?
+          OrderNotFoundHandler.call(controller_context: self, order_number: order_number)
+          flash[:error] = t('.error_while_processing_payment')
+          @redirect_path ||= spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
+        end
         saferpay_payment = Spree::SixSaferpayPayment.where(order_id: @order.id).order(:created_at).last
-        if saferpay_payment
-          payment_inquiry = inquire_payment(saferpay_payment)
-          flash[:error] = payment_inquiry.user_message
-        else
-          flash[:error] = I18n.t(:general_error, scope: [:solidus_six_saferpay, :errors])
+        if saferpay_payment.nil?
+          PaymentNotFoundHandler.call(controller_context: self, order: @order)
+          flash[:error] = t('.error_while_processing_payment')
+          @redirect_path = spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
         end
+        payment_inquiry = inquire_payment(saferpay_payment)
+        flash[:error] = payment_inquiry.user_message
         @redirect_path = order_checkout_path(:payment)
         render :iframe_breakout_redirect, layout: false
       end
@@ -84,11 +155,6 @@ module Spree
         raise NotImplementedError, "Must be implemented in PaymentPageCheckoutController or TransactionCheckoutController"
       end
-      def load_order
-        @order = current_order
-        redirect_to(spree.cart_path) && return unless @order
-      end
       def order_checkout_path(state)
         Spree::Core::Engine.routes.url_helpers.checkout_state_path(state)
       end