solidus_six_saferpay 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5e228b5766fec776fecd596f1f9316553ed3bc9d48c4ada1adfebb470da63c7c
-  data.tar.gz: 1367d382455ade917798c68ced6fd717e71dafd2caeb2cefccde0d58517903e7
+  metadata.gz: 6a50764caa3e856291be76ef3516ec267c44b056b8824aad3970cb7ba227454e
+  data.tar.gz: d0e1a19041a511d2485415d32efba781ff2558a0d75088e32f1fc20b90ece359
 SHA512:
-  metadata.gz: 181ec3d7959392e3b7c0a100be584091507e74cdab7fb76efe19eaa406ae36ec4bc0777b8927c54d3e41518b52808f0d26e3202a35d703aaf63eced9d3c38199
-  data.tar.gz: 71c01086a0e866e1a0aa48e71304c057ff662cc268db3e961ef9761eb3182f7282c28ccdd2acfd1f7f827cc3939eb64d41921cfbb3f5f590066b2e572da3c5b6
+  metadata.gz: c5e7411ccb2307f1ddd9f0cb4b94a38e8e0ec5702a7a78387dd35593197febb77a684067e6b6e879babc34611de359ec3b38fd79ecc9ac34995ffdf7dbc14b3a
+  data.tar.gz: cd0b224c254e21bb70a3c17576474ab46b2e5b4f8d9ecc9e8a90c3c28e6a1866bdbe596254e6f377bd332954b5a9e9e35a02c60916dce7fc78149abcd1db86e3

data/app/assets/javascripts/solidus_six_saferpay/saferpay_payment.js

@@ -18,7 +18,10 @@ let SaferpayPayment = {
       },
 
       error: function(xhr) {
-        console.error(xhr.responseText);
+        // We have no other option for displaying this message, so to inform
+        // the user we must alert
+        alert(xhr.responseJSON.errors);
+        window.location.replace(xhr.responseJSON.redirect_url);
         return false;
       },
     })

data/app/controllers/spree/solidus_six_saferpay/checkout_controller.rb

@@ -3,9 +3,25 @@ module Spree
     class CheckoutController < StoreController
 
       def init
-        @order = current_order
-        redirect_to(spree.cart_path) && return unless @order
+        order_number = params[:order_number]
+        @order = Spree::Order.find_by(number: order_number)
 
+        # We must make sure that the order for which the user requests a
+        # payment is still their `current_order`.
+        # This can be false if the user tries to add something to the cart
+        # after getting to the payment checkout step, and then switches back to
+        # the payment step and starts the payment process by selecting a
+        # payment method.
+        # In that case, we redirect to the checkout path so the user needs to
+        # go through the checkout process again to ensure that the real
+        # `current_order` contains all necessary information.
+        if @order.nil? || @order != current_order
+          render json: {
+            redirect_url: spree.cart_path,
+            errors: t('.order_was_modified_after_confirmation')
+          }, status: 422
+          return
+        end
 
         payment_method = Spree::PaymentMethod.find(params[:payment_method_id])
         initialized_payment = initialize_payment(@order, payment_method)
@@ -14,7 +30,10 @@ module Spree
           redirect_url = initialized_payment.redirect_url
           render json: { redirect_url: redirect_url }
         else
-          render json: { errors: t('.checkout_not_initialized') }, status: 422
+          render json: {
+            redirect_url: spree.cart_path,
+            errors: t('.checkout_not_initialized')
+          }, status: 422
         end
       end
 
@@ -23,6 +42,20 @@ module Spree
         @order = Spree::Order.find_by(number: order_number)
 
         if @order.nil?
+          handle_order_not_found(order_number)
+
+          flash[:error] = t('.error_while_processing_payment')
+          @redirect_path = spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
+        end
+
+        saferpay_payment = Spree::SixSaferpayPayment.where(order_id: @order.id).order(:created_at).last
+
+        if saferpay_payment.nil?
+          handle_payment_not_found(@order)
+
+          flash[:error] = t('.error_while_processing_payment')
           @redirect_path = spree.cart_path
           render :iframe_breakout_redirect, layout: false
           return
@@ -31,17 +64,14 @@ module Spree
         # ensure that completed orders don't try to reprocess the
         # authorization. This could happen if a user presses the back button
         # after completing an order.
+        # There is no error handling because it should look like you are simply
+        # redirected to the cart page.
         if @order.completed?
           @redirect_path = spree.cart_path
           render :iframe_breakout_redirect, layout: false
           return
         end
 
-        saferpay_payment = Spree::SixSaferpayPayment.where(order_id: @order.id).order(:created_at).last
-
-        if saferpay_payment.nil?
-          raise Spree::Core::GatewayError, t('.saferpay_payment_not_found')
-        end
 
         # NOTE: PaymentPage payments are authorized directly. Instead, we
         # perform an ASSERT here to gather the necessary details.
@@ -77,6 +107,9 @@ module Spree
         @order = Spree::Order.find_by(number: order_number)
 
         if @order.nil?
+          handle_order_not_found(order_number)
+
+          flash[:error] = t('.error_while_processing_payment')
           @redirect_path = spree.cart_path
           render :iframe_breakout_redirect, layout: false
           return
@@ -84,15 +117,19 @@ module Spree
 
         saferpay_payment = Spree::SixSaferpayPayment.where(order_id: @order.id).order(:created_at).last
 
+        if saferpay_payment.nil?
+          handle_payment_not_found(@order)
 
-        if saferpay_payment
-          payment_inquiry = inquire_payment(saferpay_payment)
-          flash[:error] = payment_inquiry.user_message
-        else
-          user_message = I18n.t(:general_error, scope: [:solidus_six_saferpay, :errors])
-          flash[:error] = user_message
+          flash[:error] = t('.error_while_processing_payment')
+          @redirect_path = spree.cart_path
+          render :iframe_breakout_redirect, layout: false
+          return
         end
 
+
+        payment_inquiry = inquire_payment(saferpay_payment)
+        flash[:error] = payment_inquiry.user_message
+
         @redirect_path = order_checkout_path(:payment)
         render :iframe_breakout_redirect, layout: false
       end
@@ -115,13 +152,53 @@ module Spree
         raise NotImplementedError, "Must be implemented in PaymentPageCheckoutController or TransactionCheckoutController"
       end
 
+      # Allows overriding of success behaviour in host application by setting
+      # SolidusSixSaferpay.config.payment_processing_order_not_found_handler
+      # 
+      # If not overridden, it will call the configured error handler without actually raising any errors
+      #
+      # Example
+      # config.payment_processing_order_not_found_handler = Proc.new do |context, order_number|
+      #   puts "No solidus order with this number: #{order_number}!"
+      # end
+      #
+      def handle_order_not_found(order_number)
+        if order_not_found_handler = ::SolidusSixSaferpay.config.payment_processing_order_not_found_handler.presence
+          order_not_found_handler.call(self, order_number)
+        else
+        ::SolidusSixSaferpay::ErrorHandler.handle(
+          StandardError.new("No solidus order could be found for number #{order_number}"),
+          level: :error
+        )
+        end
+      end
+
+      # Allows overriding of success behaviour in host application by setting
+      # SolidusSixSaferpay.config.payment_processing_payment_not_found_handler
+      # 
+      # If not overridden, it will call the configured error handler without actually raising any errors
+      #
+      # Example
+      # config.payment_processing_payment_not_found_handler = Proc.new { |context, order| puts "No saferpay payment found for #{order}!" }
+      #
+      def handle_payment_not_found(order)
+        if payment_not_found_handler = ::SolidusSixSaferpay.config.payment_processing_payment_not_found_handler.presence
+          payment_not_found_handler.call(self, order)
+        else
+          ::SolidusSixSaferpay::ErrorHandler.handle(
+            StandardError.new("No Saferpay Payment found for order #{order.number}"),
+            level: :error
+          )
+        end
+      end
+
       # Allows overriding of success behaviour in host application by setting
       # SolidusSixSaferpay.config.payment_processing_success_handler
       # 
-      # By default, it will ensure that the order state is no longer "payment"
+      # If not overridden, it will ensure that the order state is no longer "payment"
       #
       # Example
-      # config.payment_processing_success_handler = Proc.new { |order| puts "Order #{order} has been successfully paid!" }
+      # config.payment_processing_success_handler = Proc.new { |context, order| puts "Order #{order} has been successfully paid!" }
       #
       def handle_payment_processing_success
         if success_handler = ::SolidusSixSaferpay.config.payment_processing_success_handler.presence

data/app/controllers/spree/solidus_six_saferpay/transaction/checkout_controller.rb

@@ -1,7 +1,7 @@
 module Spree
   module SolidusSixSaferpay
-    # explicit parent must be stated, otherwise Spree::CheckoutController has precendence
     module Transaction
+    # explicit parent must be stated, otherwise Spree::CheckoutController has precendence
       class CheckoutController < SolidusSixSaferpay::CheckoutController
 
         private

data/app/models/spree/payment_method/saferpay_payment_method.rb

@@ -39,7 +39,7 @@ module Spree
       'saferpay_payment'
     end
 
-    def init_path
+    def init_path(order)
       raise NotImplementedError, "Must be implemented in SaferpayPaymentPage or SaferpayTransaction"
     end
   end

data/app/models/spree/payment_method/saferpay_payment_page.rb

@@ -6,8 +6,8 @@ module Spree
       ::SolidusSixSaferpay::PaymentPageGateway
     end
 
-    def init_path
-      url_helpers.solidus_six_saferpay_payment_page_init_path
+    def init_path(order)
+      url_helpers.solidus_six_saferpay_payment_page_init_path(order.number)
     end
   end
 end

data/app/models/spree/payment_method/saferpay_transaction.rb

@@ -5,8 +5,8 @@ module Spree
       ::SolidusSixSaferpay::TransactionGateway
     end
 
-    def init_path
-      url_helpers.solidus_six_saferpay_transaction_init_path
+    def init_path(order)
+      url_helpers.solidus_six_saferpay_transaction_init_path(order.number)
     end
   end
 end

data/app/services/spree/solidus_six_saferpay/cancel_authorized_payment.rb

@@ -0,0 +1,33 @@
+module Spree
+  module SolidusSixSaferpay
+    class CancelAuthorizedPayment
+
+      attr_reader :saferpay_payment
+
+      def self.call(saferpay_payment)
+        new(saferpay_payment).call
+      end
+
+      def initialize(saferpay_payment)
+        @saferpay_payment = saferpay_payment
+      end
+
+      def call
+        if transaction_id = saferpay_payment.transaction_id
+          gateway.void(saferpay_payment.transaction_id)
+        else
+          ::SolidusSixSaferpay::ErrorHandler.handle(
+            ::SolidusSixSaferpay::InvalidSaferpayPayment.new(
+              details: "Can not cancel payment #{saferpay_payment.id} because it has no transaction ID.")
+          )
+        end
+      end
+
+      private
+
+      def gateway
+        ::SolidusSixSaferpay::Gateway.new
+      end
+    end
+  end
+end

data/app/services/spree/solidus_six_saferpay/initialize_payment.rb

@@ -1,6 +1,5 @@
 module Spree
   module SolidusSixSaferpay
-
     class InitializePayment
 
       attr_reader :order, :payment_method, :redirect_url, :success

data/app/services/spree/solidus_six_saferpay/initialize_transaction.rb

@@ -1,6 +1,5 @@
 module Spree
   module SolidusSixSaferpay
-
     class InitializeTransaction < InitializePayment
       include UseTransactionGateway
 

data/app/services/spree/solidus_six_saferpay/inquire_payment.rb

@@ -19,7 +19,7 @@ module Spree
         inquiry = gateway.inquire(saferpay_payment)
 
         if inquiry.success?
-          saferpay_payment.update_attributes(response_hash: inquiry.api_response.to_h)
+          saferpay_payment.update_attributes(saferpay_payment_attributes(inquiry.api_response))
         else
           saferpay_payment.update_attributes(response_hash: saferpay_payment.response_hash.merge(error: "#{inquiry.error_name}"))
           general_error = I18n.t(:general_error, scope: [:solidus_six_saferpay, :errors])
@@ -39,6 +39,31 @@ module Spree
       def gateway
         raise NotImplementedError, "Must be implemented in AssertPaymentPage or AuthorizeTransaction with UsePaymentPageGateway or UseTransactionGateway"
       end
+
+      private
+
+      def saferpay_payment_attributes(saferpay_response)
+        payment_means = saferpay_response.payment_means
+        brand = payment_means.brand
+        card = payment_means.card
+
+        attributes = {
+          transaction_id: saferpay_response.transaction.id,
+          transaction_status: saferpay_response.transaction.status,
+          transaction_date: DateTime.parse(saferpay_response.transaction.date),
+          six_transaction_reference: saferpay_response.transaction.six_transaction_reference,
+          display_text: saferpay_response.payment_means.display_text,
+          response_hash: saferpay_response.to_h
+        }
+
+        if card
+          attributes[:masked_number] = card.masked_number
+          attributes[:expiration_year] = card.exp_year
+          attributes[:expiration_month] = card.exp_month
+        end
+
+        attributes
+      end
     end
   end
 end

data/app/views/spree/checkout/payment/_saferpay_payment.html.erb

@@ -3,10 +3,10 @@
   <iframe class="saferpay-iframe" width='100%' height='550px' id="<%= payment_container_id %>" src="" frameborder="0">
   </iframe>
   <script charset="utf-8">
-    SaferpayPayment.registerIframePaymentMethod({id: "<%= payment_method.id %>", initUrl: "<%= payment_method.init_path %>", containerId: "#<%= payment_container_id %>"})
+    SaferpayPayment.registerIframePaymentMethod({id: "<%= payment_method.id %>", initUrl: "<%= payment_method.init_path(@order) %>", containerId: "#<%= payment_container_id %>"})
   </script>
 <% else %>
   <script charset="utf-8">
-    SaferpayPayment.registerExternalRedirectPaymentMethod({id: "<%= payment_method.id %>", initUrl: "<%= payment_method.init_path %>"})
+    SaferpayPayment.registerExternalRedirectPaymentMethod({id: "<%= payment_method.id %>", initUrl: "<%= payment_method.init_path(@order) %>"})
   </script>
 <% end %>

data/app/views/spree/solidus_six_saferpay/checkout/{iframe_breakout_redirect.html.erb → iframe_breakout_redirect.erb}

@@ -1,7 +1,7 @@
 <html>
   <body>
     <script type='text/javascript' charset='utf-8'>
-      window.parent.document.location.href = "<%= @redirect_path %>"
+      window.parent.document.location.replace("<%= @redirect_path %>");
     </script>
   </body>
 </html>

data/config/locales/de.yml

@@ -5,7 +5,9 @@ de:
       checkout: &checkout
         init:
           checkout_not_initialized: Zahlung konnte nicht gestartet werden.
+          order_was_modified_after_confirmation: Bestellung wurde nach der Bestätigung verändert. Bitte starten Sie den Zahlungsvorgang erneut.
         success:
+          error_while_processing_payment: Beim Verarbeiten der Bezahlung ist ein Fehler aufgetreten. Bitte starten Sie den Zahlungsvorgang erneut.
           saferpay_payment_not_found: Six Saferpay Zahlung kann nicht gefunden werden.
         fail:
           payment_failed: Die Zahlung konnte nicht abgeschlossen werden.
@@ -19,6 +21,7 @@ de:
     errors:
       general_error: Bezahlungsfehler
       liability_shift_not_granted:  Haftungsumkehr wurde abgelehnt
+      saferpay_payment_not_found: Saferpay Payment konnte nicht gefunden werden
   six_saferpay:
     error_names:
       ACTION_NOT_SUPPORTED: Die angeforderte Aktion wird im Kontext der Aktion nicht unterstützt un kann mit den Anforderungsdaten nicht ausgeführt werden.

data/config/locales/en.yml

@@ -5,7 +5,9 @@ en:
       checkout: &checkout
         init:
           checkout_not_initialized: Payment could not be initialized.
+          order_was_modified_after_confirmation: Order was modified after confirmation. Please restart the checkout process.
         success:
+          error_while_processing_payment: An error occurred while processing the payment. Please restart the checkout process.
           saferpay_payment_not_found: Six Saferpay payment can not be found.
         fail:
           payment_failed: The payment could not be completed.
@@ -19,6 +21,7 @@ en:
     errors:
       general_error: Payment Error
       liability_shift_not_granted:  Liability Shift was rejected
+      saferpay_payment_not_found: Saferpay Payment could not be found
   six_saferpay:
     error_names:
       ACTION_NOT_SUPPORTED:	The requested action is not supported in the given context or the action can't be executed with the request data.

data/config/locales/fr.yml

@@ -5,7 +5,9 @@ fr:
       checkout: &checkout
         init:
           checkout_not_initialized: Le paiement n'a pas pu être initialisé.
+          order_was_modified_after_confirmation: La commande a été modifiée après confirmation. Veuillez redémarrer le processus de paiement.
         success:
+          error_while_processing_payment: Une erreur s'est produite lors du traitement du paiement. Veuillez redémarrer le processus de paiement.
           saferpay_payment_not_found: Paiement Six Saferpay est introuvable.
         fail:
           payment_failed: Le paiement n'a pas pu être complété.
@@ -18,6 +20,7 @@ fr:
   solidus_six_saferpay:
     errors:
       liability_shift_not_granted:  Le transfert de responsabilité a été rejeté
+      saferpay_payment_not_found: Saferpay Payment est introuvable
   six_saferpay:
     error_names:
       ACTION_NOT_SUPPORTED: l'action demandé n'es pas prise en charge dans le contexte de l'action et ne peut pas être exécutée avec les données de la demande.

data/config/routes.rb

@@ -3,13 +3,13 @@
 Spree::Core::Engine.routes.draw do
   namespace :solidus_six_saferpay do
     namespace :payment_page do
-      get :init, controller: :checkout, defaults: { format: :json }
+      get 'init/:order_number', to: 'checkout#init', as: :init, defaults: { format: :json }
       get 'success/:order_number', to: 'checkout#success', as: :success
       get 'fail/:order_number', to: 'checkout#fail', as: :fail
     end
 
     namespace :transaction do
-      get :init, controller: :checkout, defaults: { format: :json }
+      get 'init/:order_number', to: 'checkout#init', as: :init, defaults: { format: :json }
       get 'success/:order_number', to: 'checkout#success', as: :success
       get 'fail/:order_number', to: 'checkout#fail', as: :fail
     end

data/lib/solidus_six_saferpay/configuration.rb

@@ -3,6 +3,8 @@ module SolidusSixSaferpay
     include ActiveSupport::Configurable
 
 
+    config_accessor(:payment_processing_order_not_found_handler)
+    config_accessor(:payment_processing_payment_not_found_handler)
     config_accessor(:payment_processing_success_handler)
     config_accessor(:error_handlers) { [] }
   end

data/lib/solidus_six_saferpay/gateway.rb

@@ -40,7 +40,7 @@ module SolidusSixSaferpay
       capture(amount, saferpay_payment.transaction_id, options)
     end
 
-    def capture(amount, transaction_id, options={})
+    def capture(_amount, transaction_id, options={})
       transaction_reference = SixSaferpay::TransactionReference.new(transaction_id: transaction_id)
       payment_capture = SixSaferpay::SixTransaction::Capture.new(transaction_reference: transaction_reference)
 
@@ -79,15 +79,14 @@ module SolidusSixSaferpay
     end
 
     # aliased to #refund for compatibility with solidus internals
-    def credit(amount, transaction_id, options = {})
-      refund(amount, transaction_id, options)
+    def credit(amount_cents, transaction_id, options = {})
+      refund(amount_cents, transaction_id, options)
     end
 
-    def refund(amount, transaction_id, options = {})
+    def refund(amount_cents, transaction_id, options = {})
       payment = Spree::Payment.find_by!(response_code: transaction_id)
-      refund_amount = Spree::Money.new(amount, currency: payment.currency)
 
-      saferpay_amount = SixSaferpay::Amount.new(value: refund_amount.cents, currency_code: payment.currency)
+      saferpay_amount = SixSaferpay::Amount.new(value: amount_cents, currency_code: payment.currency)
       saferpay_refund = SixSaferpay::Refund.new(amount: saferpay_amount, order_id: payment.order.number)
       capture_reference = SixSaferpay::CaptureReference.new(capture_id: payment.transaction_id)
 
@@ -96,7 +95,7 @@ module SolidusSixSaferpay
       if refund_response = SixSaferpay::Client.post(payment_refund)
 
         # actually capture the refund
-        capture(amount, refund_response.transaction.id, options)
+        capture(amount_cents, refund_response.transaction.id, options)
       end
 
     rescue SixSaferpay::Error => e