spree_unified_payment 1.0.0

data/.gitignore

@@ -0,0 +1,9 @@
+*.DS_Store
+tmp/
+config/initializers/spree.rb
+config/application.rb
+config/boot.rb
+config/database.yml
+config/environment.rb
+log/
+Gemfile.lock

data/.travis.yml

@@ -0,0 +1,6 @@
+language: ruby
+rvm:
+  - ruby-1.9.3
+script:
+  - bundle exec rake test_app
+  - bundle exec rspec spec

data/Gemfile

@@ -0,0 +1,20 @@
+source "https://rubygems.org"
+gem 'rails', '3.2.16'
+gem 'mysql2'
+
+
+gem 'spree', :git => 'git://github.com/spree/spree.git', :tag => 'v2.0.3'
+gem 'spree_wallet', :git => 'git://github.com/vinsol/spree_wallet.git'
+gem 'spree_auth_devise', github: 'spree/spree_auth_devise', branch: '2-0-stable'
+
+gem 'unified_payment', :git => "git@github.com:vinsol/Unified-Payments.git", :branch => 'master', :ref => '4ced91335fec2cf186c30b593d9a1f6083028748'
+gem 'delayed_job_active_record', :tag => 'v4.0.0'
+
+group :test do
+  gem 'rspec-rails', '~> 2.10'
+  gem 'shoulda-matchers', '2.2.0'
+  gem 'simplecov', :require => false
+  gem 'database_cleaner'
+  gem 'rspec-html-matchers'
+end
+gemspec

data/LICENSE

@@ -0,0 +1,26 @@
+Copyright (c) 2014 vinsol.com
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name Spree nor the names of its contributors may be used to
+      endorse or promote products derived from this software without specific
+      prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,61 @@
+Spree-Unified-Payments [![Code Climate](https://codeclimate.com/github/vinsol/Spree-Unified-Payments.png)](https://codeclimate.com/github/vinsol/Spree-Unified-Payments)
+================
+Enable spree store to allow payment via UnifiedPayment
+
+Dependencies
+================
+
+1) gem unified_payment
+```ruby
+gem 'unified_payment'
+```
+2) delayed_job
+```ruby
+gem 'delayed_job_active_record'
+```
+3) spree_wallet
+```ruby
+gem 'spree_wallet'
+```
+
+Set Up
+================
+
+Add To Gemfile:
+```ruby
+gem 'spree_unified_payment'
+```
+
+And run below command
+```ruby
+bundle exec rails g spree_unified_payment:install
+```
+Usage
+---------
+Customer :
+
+Customer can pay via Unified Payment payment method at Checkout and can also see the list of Unified Payment Transactions initiated by them.
+
+If a transaction is completed but the order fails to complete, the amount paid by the customer is added to the customer's account which he can use in future so that the user does not get stuck while making the payment.
+
+Admin :
+
+Admin can see the list of Unified Payment Transactions initiated by customers under admin section.
+
+Admin can also ping Unified Payment gateway for an updated status of a transaction and the transaction is then updated accordingly.
+
+Testing
+---------
+Be sure to bundle your dependencies and then create a dummy test app for the specs to run against.
+```ruby
+bundle
+bundle exec rake test_app
+bundle exec rspec spec
+```
+
+Credits
+-------
+
+[![vinsol.com: Ruby on Rails, iOS and Android developers](http://vinsol.com/vin_logo.png "Ruby on Rails, iOS and Android developers")](http://vinsol.com)
+
+Copyright (c) 2014 [vinsol.com](http://vinsol.com "Ruby on Rails, iOS and Android developers"), released under the New MIT License

data/Versionfile

@@ -0,0 +1,12 @@
+# This file is used to designate compatibilty with different versions of Spree
+# Please see http://spreecommerce.com/documentation/extensions.html#versionfile for details
+
+# Examples
+#
+# '1.2.x'  => { :branch => 'master' }
+# '1.1.x'  => { :branch => '1-1-stable' }
+# '1.0.x'  => { :branch => '1-0-stable' }
+# '0.70.x' => { :branch => '0-70-stable' }
+# '0.40.x' => { :tag => 'v1.0.0', :version => '1.0.0' }
+
+"1.0.x" => { :branch => '2-0-stable' }

data/app/assets/javascripts/admin/spree_unified_payment.js

@@ -0,0 +1,39 @@
+$(document).ready(function() {
+  click_on_overlay = function(pop_up_div) {
+    $('div.ui-widget-overlay').on('click', function(){
+      $('div.ui-widget-overlay').remove();
+      pop_up_div.dialog("close");
+    });
+  }
+
+  ModalPopUp = function(pop_up_div) {
+    var self = {
+      init: function() {
+        pop_up_div.dialog({ 
+          autoOpen: false,
+          modal: true,
+          width:700,
+          closeText: "X",
+          dialogClass:"quick_view_container",
+          close: function(event, ui) {
+            pop_up_div.remove();
+            $('#easy_zoom').remove();
+          }
+        });
+      },
+      show: function() {
+        pop_up_div.dialog("open");
+        click_on_overlay(pop_up_div);
+      } 
+    }
+    self.init();
+    return self;
+  }  
+  
+  $('#reveal_xml').click(function() {
+    ct_id = $(this).attr('data-ct-id');
+    var quick_view = new ModalPopUp($("<div></div>").attr('id', 'quick_view_popup').html($("#xml_response_" + ct_id).clone()));
+    $('#quick_view_popup .xml_response').removeClass('hidden');
+    quick_view.show();
+  })
+});

data/app/assets/stylesheets/store/spree_unified_payment.css

@@ -0,0 +1,7 @@
+#approved_notice { font-family:Georgia, 'Times New Roman', Times, serif; letter-spacing:2px; font-size:12px; text-transform:uppercase; padding:20px; border:solid 1px #3333ff; background:#dedeff; color:#3333ff }
+#unified_payments_approved_info { width:100%; border:0px; cellspacing: 15; cellpadding: 0; }
+#unified_payments_approved_info td.info_attr { color:#000; font-family:Georgia, 'Times New Roman', Times, serif; letter-spacing:2px; font-size:12px; text-transform:uppercase; }
+#unified_payments_approved_info td.info_val { font-family:Arial, Helvetica, sans-serif; font-size:12px; color:#666; }
+#unified_payment_detail_link_container { display:block; padding:10px 0; font-family:Arial, Helvetica, sans-serif; font-size:14px; font-weight:bold; }
+#unified_payment_detail_link_container a { text-decoration:underline; color:#09F; }
+#approved_fail_notice { color:#EC1B23; border:solid 1px #EC1B23; font-family:Georgia, 'Times New Roman', Times, serif; letter-spacing:2px; font-size:12px; text-transform:uppercase; text-align:center; padding:20px 0; background:#ffe0e0; }

data/app/controllers/application_controller.rb

@@ -0,0 +1,2 @@
+class ApplicationController < ActionController::Base
+end

data/app/controllers/spree/admin/unified_payments_controller.rb

@@ -0,0 +1,34 @@
+module Spree
+  module Admin
+    class UnifiedPaymentsController < Spree::Admin::BaseController
+      helper 'transaction_notification_mail'
+      
+      before_filter :load_transactions, :only => [:query_gateway, :receipt]
+
+      def index
+        params[:q] ||= {}
+        @search = UnifiedPayment::Transaction.order('updated_at desc').ransack(params[:q])
+        @card_transactions = @search.result.page(params[:page]).per(20)
+      end
+
+      def receipt
+        @order = @card_transaction.order
+        doc = Nokogiri::XML(@card_transaction.xml_response)
+        @message = Hash.from_xml(doc.to_xml)['Message']
+        render :layout => false
+      end
+
+      def query_gateway
+        response = UnifiedPayment::Client.get_order_status(@card_transaction.gateway_order_id, @card_transaction.gateway_session_id)
+        @card_transaction.update_transaction_on_query(response["orderStatus"])
+      end
+
+      private
+
+      def load_transactions
+        @card_transaction = UnifiedPayment::Transaction.where(:payment_transaction_id => params[:transaction_id]).first
+        render js: "alert('Could not find transaction')" unless @card_transaction
+      end
+    end
+  end
+end

data/app/controllers/spree/checkout_controller_decorator.rb

@@ -0,0 +1,19 @@
+Spree::CheckoutController.class_eval do
+  before_filter :redirect_for_card_payment, :only => :update, :if => :payment_state?
+  
+  private
+
+  def payment_state?
+    params[:state] == 'payment'
+  end
+
+  def redirect_for_card_payment
+    payment_method_id = params[:order][:payments_attributes][0][:payment_method_id] if params[:order] && params[:order][:payments_attributes]
+    payment_method = Spree::PaymentMethod.where(:id => payment_method_id).first
+
+    if payment_method.is_a?(Spree::PaymentMethod::UnifiedPaymentMethod)
+      @order.update_attributes(object_params)
+      redirect_to new_unified_transaction_path
+    end
+  end
+end

data/app/controllers/spree/unified_payments_controller.rb

@@ -0,0 +1,151 @@
+module Spree
+  #
+  # UnifiedPaymentsController controls payment via UnifiedPayment
+  # and has routes via methods : create, declined, canceled, approved
+  #
+
+  class UnifiedPaymentsController < StoreController
+    include UnifiedTransactionHelper
+
+    before_filter :ensure_valid_order, :only => [:new, :create]    
+    skip_before_filter :verify_authenticity_token, :only => [:approved, :declined, :canceled]
+
+    before_filter :load_info_on_return, :only => [:declined, :canceled, :approved]
+    before_filter :ensure_session_transaction_id, :abort_pending_transactions, :only => :create
+
+    def index
+      @card_transactions = spree_current_user.unified_payments.order('updated_at desc').page(params[:page]).per(20)
+    end
+
+    def new
+      session[:transaction_id] = generate_transaction_id
+    end
+
+    def create
+      # We also can extract these options is a method.
+      #[MK] it was decided not giving any options since we want the requested to be redirected defined methods only
+      response = UnifiedPayment::Transaction.create_order_at_unified(@order.total, { :approve_url => approved_unified_payments_url, :cancel_url => canceled_unified_payments_url, :decline_url => declined_unified_payments_url, :description => "Purchasing items from #{Spree::Config[:site_name]}" })
+      if response
+        @payment_url = UnifiedPayment::Transaction.extract_url_for_unified_payment(response)
+        tasks_on_gateway_create_response(response, session[:transaction_id])
+      else
+        @error_message = "Could not create payment at unified, please pay by other methods or try again later." 
+      end
+
+      render js: "$('#confirm_payment').hide();top.location.href = '#{@payment_url}'" if @payment_url
+    end
+
+    def declined
+      transaction_unsuccesful_with_message("Payment declined")
+    end
+
+    def canceled
+      transaction_unsuccesful_with_message("Successfully Canceled payment")
+    end
+
+    def approved
+      @transaction_expired = @card_transaction.expired_at?
+      @card_transaction.xml_response = params[:xmlmsg]
+ 
+      @payment_made = @gateway_message_hash['PurchaseAmountScr'].to_f
+      if @card_transaction.approved_at_gateway?
+        if @card_transaction.amount != @payment_made
+          process_unsuccessful_transaction
+        else
+          process_successful_transaction
+        end
+      else
+        add_error("Not Approved At Gateway")
+      end
+
+      @card_transaction.save(:validate => false)
+    end
+
+    private
+    
+    def process_unsuccessful_transaction
+      add_error("Payment made was not same as requested to gateway. Please contact administrator for queries.")
+      @card_transaction.status = 'unsuccessful'
+    end
+
+    def process_successful_transaction
+      @card_transaction.status = 'successful'
+
+      if @transaction_expired
+        add_error("Payment was successful but transaction has expired. The payment made has been walleted in your account. Please contact administrator to help you further.")
+      elsif @order.paid? || @order.completed?
+        add_error("Order Already Paid Or Completed")
+      elsif @order.total != @payment_made
+        add_error("Payment made is different from order total. Payment made has been walleted to your account.")
+      end
+    end
+
+    def abort_pending_transactions
+      pending_card_transaction = @order.pending_card_transaction
+      pending_card_transaction.abort! if pending_card_transaction
+    end
+
+    def transaction_unsuccesful_with_message(message)
+      @card_transaction.assign_attributes(:status => 'unsuccessful', :xml_response => params[:xmlmsg])
+      @card_transaction.save(:validate => false)
+      flash[:error] = message
+    end
+
+    def add_error(message)
+      flash[:error] = flash[:error] ? [flash[:error], message].join('. ') : message
+    end
+
+    def order_invalid_with_message
+      if current_order 
+        current_order.reason_if_cant_pay_by_card
+      else 
+        'Order not found'
+      end
+    end
+
+    def ensure_valid_order
+      if @invalid_order_message = order_invalid_with_message
+        flash[:error] = @invalid_order_message
+
+        redirect_to cart_path
+      else 
+        load_order
+      end
+    end
+
+    def load_order
+      @order = current_order
+    end
+
+    def load_info_on_return
+      @gateway_message_hash = Hash.from_xml(params[:xmlmsg])['Message']
+      if @card_transaction = UnifiedPayment::Transaction.where(:gateway_order_id => @gateway_message_hash['OrderID']).first
+        @order = @card_transaction.order
+      else
+        flash[:error] = 'No transaction. Please contact our support team.'        
+        redirect_to root_path
+      end
+    end
+
+    def tasks_on_gateway_create_response(response, transaction_id)
+      response_order = response['Order']
+
+      #[TODO_CR] Make required attributes protected and save them with without protection in the place where protection is not necessary.
+      #[MK] Please look into this change. Could not find a good way to implement it without much hastle.
+      gateway_transaction = UnifiedPayment::Transaction.where(:gateway_session_id => response_order['SessionID'], :gateway_order_id => response_order['OrderID'], :url => response_order['URL']).first
+      gateway_transaction.assign_attributes({:user_id => @order.user.try(:id), :payment_transaction_id => transaction_id, :order_id => @order.id, :gateway_order_status => 'CREATED', :amount => @order.total, :currency => Spree::Config[:currency], :response_status => response["Status"], :status => 'pending'}, :without_protection => true)
+      gateway_transaction.save!
+
+      @order.reserve_stock
+      @order.next if @order.state == 'payment'
+      session[:transaction_id] = nil
+    end
+
+    def ensure_session_transaction_id
+      unless session[:transaction_id]
+        flash[:error] = "No transaction id found, please try again"
+        render js: "top.location.href = '#{checkout_state_url('payment')}'"
+      end
+    end
+  end
+end

data/app/helpers/transaction_notification_mail_helper.rb

@@ -0,0 +1,12 @@
+module TransactionNotificationMailHelper
+  def mail_content_hash_for_unified(info_hash, card_transaction)
+    send_info = {}
+    
+    UNIFIED_XML_CONTENT_MAPPING.each_pair { |key, value| send_info[key] = info_hash[value] }
+    
+    send_info[:transaction_reference] = card_transaction.payment_transaction_id
+    send_info[:merchants_name] = MERCHANT_NAME
+    send_info[:merchants_url] = MERCHANT_URL
+    send_info
+  end
+end

data/app/helpers/unified_transaction_helper.rb

@@ -0,0 +1,18 @@
+module UnifiedTransactionHelper
+  def naira_to_kobo(amount)
+    (amount.to_f)*100
+  end
+
+  def generate_transaction_id
+    begin
+      payment_transaction_id = generate_id_using_timestamp
+    end while UnifiedPayment::Transaction.exists?(payment_transaction_id: payment_transaction_id)
+    payment_transaction_id
+  end
+
+  private
+
+  def generate_id_using_timestamp(length = 14)
+    (Time.current.to_i.to_s + [*(0..9)].sample(4).join.to_s)[0,length]
+  end
+end

data/app/mailers/spree/transaction_notification_mailer.rb

@@ -0,0 +1,16 @@
+module Spree
+  class TransactionNotificationMailer < ActionMailer::Base
+    helper 'transaction_notification_mail'
+    # helper 'application'
+    default :from => ADMIN_EMAIL
+
+    def send_mail(card_transaction)
+      @card_transaction = card_transaction
+      @message = @card_transaction.xml_response.include?('<Message') ? Hash.from_xml(@card_transaction.xml_response)['Message'] : {}
+      mail(
+        :to => @card_transaction.user.email,
+        :subject => "#{Spree::Config[:site_name]} - Unified Payment Transaction #{@card_transaction.status} notification"
+      )
+    end
+  end
+end