workarea-paypal 2.0.9 → 3.0.3

data/app/assets/javascripts/workarea/storefront/paypal/modules/paypal_hosted_fields.js

@@ -0,0 +1,96 @@
+/**
+ * @namespace WORKAREA.paypalHostedFields
+ */
+WORKAREA.registerModule('paypalHostedFields', (function () {
+    'use strict';
+
+    var requestWrapper = function (requestData) {
+            var deferred = $.Deferred();
+
+            $.ajax(requestData)
+            .done(function(data) {
+                deferred.resolve(data);
+            })
+            .fail(function(data, status, xhr) {
+                deferred.reject(xhr);
+            });
+
+            return deferred.promise();
+        },
+
+        createOrder = function() {
+            return requestWrapper({
+                url: WORKAREA.routes.storefront.paypalPath(),
+                type: 'post',
+                dataType: 'json'
+            }).then(function (data) {
+                return data.id;
+            });
+        },
+
+        onApprove = function($form, data) {
+            return requestWrapper({
+                url: WORKAREA.routes.storefront.paypalApprovedPath({ id: data.orderId }),
+                type: 'put',
+                dataType: 'json'
+            }).then(
+                function() {
+                    $form
+                    .off('submit')
+                    .trigger('submit');
+                }
+            );
+        },
+
+        addSubmitListener = function($container, hostedFields) {
+            var $form = $container.parents('form');
+
+            $form.on('submit', function(event) {
+                if ($form.find('#payment_new_card').is(':checked')) {
+                    event.preventDefault();
+                    hostedFields.submit({
+                        vault: $container.find('input[name="save_card"]').is(':checked')
+                    }).then(_.partial(onApprove, $form));
+                }
+            });
+        },
+
+        getConfig = function () {
+            return _.assign({}, WORKAREA.config.paypalHostedFields, {
+                createOrder: createOrder
+            });
+        },
+
+
+        setup = function($placeholder, $scope) {
+            var template = JST['workarea/storefront/paypal/templates/paypal_fields'],
+                options = $placeholder.data('paypalHostedFields'),
+                $container = $('.checkout-payment__primary-method--new .checkout-payment__primary-method-edit', $scope);
+
+            $container.html(template(options));
+
+            paypal
+                .HostedFields
+                .render(getConfig())
+                .then(_.partial(addSubmitListener, $container));
+        },
+
+        /**
+         * @method
+         * @name init
+         * @memberof WORKAREA.paypalHostedFields
+         */
+        init = function ($scope) {
+            var $placeholder = $('[data-paypal-hosted-fields]', $scope);
+
+            if (_.isEmpty($placeholder)) {  return;  }
+            if (window.paypal === undefined) { return; }
+            if (!paypal.HostedFields.isEligible()) { return; }
+
+            setup($placeholder, $scope);
+        };
+
+    return {
+        init: init
+    };
+}()));

data/app/assets/javascripts/workarea/storefront/paypal/modules/update_checkout_submit_text.js

@@ -4,9 +4,7 @@
 WORKAREA.registerModule('updateCheckoutSubmitText', (function () {
     'use strict';
 
-    var submitButtonText = function ($selectedPaymentMethod) {
-            var data = $selectedPaymentMethod.data('updateCheckoutSubmitText') || {};
-
+    var submitButtonText = function (data) {
             if (data.prevent) { return; }
 
             if (data.text) {
@@ -17,10 +15,17 @@ WORKAREA.registerModule('updateCheckoutSubmitText', (function () {
         },
 
         updateText = function($selectedPaymentMethod, $checkoutSubmit) {
-            var text = submitButtonText($selectedPaymentMethod);
+            var data = $selectedPaymentMethod.data('updateCheckoutSubmitText') || {},
+                text = submitButtonText(data);
 
             if (_.isEmpty(text)) {  return;  }
 
+            if (data.disabled && !data.prevent) {
+                $checkoutSubmit.attr('disabled', 'disabled');
+            } else {
+                $checkoutSubmit.removeAttr('disabled');
+            }
+
             $checkoutSubmit.text(text);
         },
 
@@ -55,6 +60,7 @@ WORKAREA.registerModule('updateCheckoutSubmitText', (function () {
         };
 
     return {
-        init: init
+        init: init,
+        updateText: updateText
     };
 }()));

data/app/assets/javascripts/workarea/storefront/paypal/templates/paypal_fields.jst.ejs

@@ -0,0 +1,43 @@
+<div class="grid grid--auto">
+    <div class="grid__cell">
+        <div class="property">
+            <label class="property__name" for="credit_card_number">
+                <span class="property__text">Card Number</span>
+            </label>
+            <div class="value">
+                <div class="text-box" id="paypal-credit-card-number" style="height: 30px;"></div>
+            </div>
+        </div>
+    </div>
+    <div class="grid__cell">
+        <div class="property">
+            <label class="property__name" for="credit_card_expiration">
+                <span>Expiration</span>
+            </label>
+            <div class="value">
+                <div class="text-box text-box--small" id="paypal-expiration-field" style="height: 30px;"></div>
+            </div>
+        </div>
+    </div>
+    <div class="grid__cell">
+        <div class="property">
+            <label class="property__name" for="credit_card_cvv">
+                <span class="property__text">Security Code</span>
+            </label>
+            <div class="value">
+                <div class="text-box text-box--small" id="paypal-cvv-field" style="height: 30px;"></div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<% if (show_save_card) { %>
+<div class="button-property">
+    <div class="value">
+        <input type="checkbox" name="save_card" id="save_card" value="true" />
+    </div>
+    <label class="button-property__name" for="save_card">
+        <span>Save card for faster checkout</span>
+    </label>
+</div>
+<% } %>

data/app/controllers/workarea/storefront/checkout/place_order_controller.decorator

@@ -1,10 +1,12 @@
 module Workarea
   decorate Storefront::Checkout::PlaceOrderController, with: 'paypal' do
     def place_order
-      if params[:payment] == 'paypal' && !current_checkout.payment.paypal? && params[:from_checkout].present?
-        redirect_to start_paypal_path(from_checkout: 'from_checkout') and return
-      elsif params[:payment] == 'paypal' && !current_checkout.payment.paypal?
-        redirect_to start_paypal_path and return
+      if params[:payment] == 'paypal' && current_checkout.payment.paypal?
+        Paypal::UpdateOrder.new(current_checkout).perform
+        super
+      elsif params[:payment] == 'paypal'
+        flash['info'] = t('workarea.storefront.paypal.errors.place_order')
+        redirect_to checkout_payment_path
       else
         super
       end

data/app/controllers/workarea/storefront/paypal_controller.rb

@@ -2,10 +2,11 @@ module Workarea
   class Storefront::PaypalController < Storefront::ApplicationController
     include Storefront::CurrentCheckout
 
-    before_action :validate_checkout
+    before_action :validate_checkout, except: :event
+    skip_before_action :verify_authenticity_token
 
-    def start
-      unless params[:from_checkout].present?
+    def create
+      unless current_order.checking_out?
         if logged_in?
           current_checkout.start_as(current_user)
         else
@@ -14,38 +15,43 @@ module Workarea
       end
 
       self.current_order = current_checkout.order
-      Pricing.perform(current_order, current_shipping)
       check_inventory || (return)
 
-      setup = Paypal::Setup.new(
-        current_order,
-        current_user,
-        current_shipping,
-        self
-      )
+      if current_checkout.payment.paypal?
+        current_checkout.payment.paypal.update!(approved: false)
+        render json: { id: current_checkout.payment.paypal_id }
+      else
+        response = Paypal::CreateOrder.new(current_checkout).perform
+        render json: { id: response.id }
+      end
 
-      redirect_to setup.redirect_url
+    rescue Paypal::Gateway::RequestError => e
+      Rails.logger.error(e)
+      flash[:error] = t('workarea.storefront.paypal.errors.request_failed')
+      head :internal_server_error
     end
 
-    def complete
-      self.current_order = Order.find(params[:order_id])
-      current_order.user_id = current_user.try(:id)
-      Pricing.perform(current_order, current_shipping)
+    def update
       check_inventory || (return)
 
-      Paypal::Update.new(
-        current_order,
-        current_checkout.payment,
-        current_shipping,
-        params[:token]
-      ).apply
+      Paypal::ApproveOrder.new(current_checkout, params[:id]).perform
 
-      unless current_checkout.complete?
-        flash[:error] = t('workarea.storefront.paypal.address_error')
-        redirect_to(checkout_addresses_path) && (return)
-      end
+      complete = current_checkout.complete?
+      flash[:error] = t('workarea.storefront.paypal.errors.order_incomplete') unless complete
+
+      render json: {
+        success: complete,
+        redirect_url: checkout_payment_path
+      }
+    end
+
+    def event
+      Paypal::HandleWebhookEvent.perform_async(
+        params[:event_type],
+        params[:resource].to_unsafe_h
+      )
 
-      redirect_to checkout_payment_path
+      head :ok
     end
   end
 end

data/app/helpers/workarea/storefront/paypal_helper.rb

@@ -0,0 +1,38 @@
+module Workarea
+  module Storefront
+    module PaypalHelper
+      def set_paypal_client_token
+        return unless Workarea::Paypal.gateway.configured?
+
+        @paypal_client_token =
+          if Workarea.config.use_paypal_hosted_fields
+            request = Workarea::Paypal.gateway.generate_token(user: current_user)
+            request.result.client_token
+          end
+      end
+
+      def include_paypal_javascript_tag(params: {}, data: {})
+        return unless Workarea::Paypal.gateway.configured?
+
+        params =
+          Workarea.config.paypal_sdk_params
+            .merge('client-id' => Workarea::Paypal.gateway.client_id)
+            .merge(params)
+            .compact
+
+        components = params['components'].to_s.split(',')
+        components << 'buttons'
+        components << 'hosted-fields' if Workarea.config.use_paypal_hosted_fields
+        params['components'] = components.compact.uniq.join(',')
+
+        javascript_include_tag(
+          "https://www.paypal.com/sdk/js?#{params.to_query}",
+          data: {
+            partner_attribution_id: 'Workarea_SP', # Do not change this
+            client_token: @paypal_client_token
+          }.merge(data)
+        )
+      end
+    end
+  end
+end

data/app/models/workarea/payment.decorator

@@ -2,26 +2,40 @@ module Workarea
   decorate Payment, with: :paypal do
     decorated do
       embeds_one :paypal, class_name: 'Workarea::Payment::Tender::Paypal'
+      delegate :paypal_id, to: :paypal, allow_nil: true
     end
 
     def set_paypal(attrs)
       build_paypal unless paypal
       paypal.attributes = attrs.slice(
-        :token,
+        :paypal_id,
         :payer_id,
-        :details
+        :details,
+        :approved,
+        :direct_payment
       )
 
       save
     end
 
     def paypal?
-      paypal.present?
+      paypal.present? && paypal.approved?
     end
 
     def set_credit_card(*)
       self.paypal = nil
       super
     end
+
+    def address
+      addr = super
+      return addr if !paypal? || addr&.valid?
+
+      Payment::NullAddress.new.tap { |na| na.reference = addr || build_address }
+    end
+
+    def real_address
+      method(:address).super_method.call
+    end
   end
 end

data/app/models/workarea/payment/authorize/paypal.rb

@@ -3,27 +3,27 @@ module Workarea
     module Authorize
       class Paypal
         include OperationImplementation
-        include CreditCardOperation
-
-        delegate :gateway, to: Workarea::Paypal
 
         def complete!
-          transaction.response = handle_active_merchant_errors do
-            gateway.authorize(
-              transaction.amount.cents,
-              token: tender.token,
-              payer_id: tender.payer_id,
-              currency: transaction.amount.currency
-            )
+          response = Workarea::Paypal.gateway.capture(tender.paypal_id)
+
+          if response.success? && response.params['status'] == 'PENDING'
+            transaction.action = 'authorize'
+          else
+            transaction.action = 'purchase'
           end
+
+          transaction.response = response
         end
 
         def cancel!
           return unless transaction.success?
 
-          transaction.cancellation = handle_active_merchant_errors do
-            gateway.void(transaction.response.params['transaction_id'])
-          end
+          transaction.cancellation =
+            Workarea::Paypal.gateway.refund(
+              transaction.response.params['id'],
+              amount: transaction.amount
+            )
         end
       end
     end

data/app/models/workarea/payment/capture/paypal.rb

@@ -3,31 +3,21 @@ module Workarea
     class Capture
       class Paypal
         include OperationImplementation
-        include CreditCardOperation
-
-        delegate :gateway, to: Workarea::Paypal
 
         def complete!
-          validate_reference!
-
-          transaction.response = handle_active_merchant_errors do
-            gateway.capture(
-              transaction.amount.cents,
-              transaction.reference.response.params['transaction_id'],
-              currency: transaction.amount.currency
-            )
-          end
+          # Capture can only happen if the initial capture was not completed
+          # immediately. Since we cannot force a pending capture to complete,
+          # this will only fail with an explanation that the capture will
+          # complete via webhook or never be completed.
+          #
+          transaction.response = ActiveMerchant::Billing::Response.new(
+            false,
+            I18n.t('workarea.payment.paypal_capture')
+          )
         end
 
         def cancel!
-          return unless transaction.success?
-
-          transaction.cancellation = handle_active_merchant_errors do
-            gateway.refund(
-              transaction.amount.cents,
-              transaction.response.params['transaction_id']
-            )
-          end
+          # noop, nothing to cancel
         end
       end
     end

data/app/models/workarea/payment/null_address.rb

@@ -0,0 +1,37 @@
+module Workarea
+  class Payment
+    class NullAddress
+      class NullCountry < OpenStruct
+        def to_s; end
+      end
+
+      include Mongoid::Document
+
+      FIELDS = Workarea::Payment::Address.fields.keys.tap { |k| k.delete('_id') }
+
+      attr_writer :reference
+      attr_reader *FIELDS, :region_name
+
+      delegate *FIELDS.map { |f| "#{f}=" }, :assign_attributes, :attributes=,
+        :allow_po_box?, to: :reference
+
+      def reference
+        @reference ||= Workarea::Payment::Address.new
+      end
+
+      def save(*args)
+        true
+      end
+
+      def country
+        NullCountry.new
+      end
+
+      def falsey(*args)
+        false
+      end
+      alias :po_box? :falsey
+      alias :address_eql? :falsey
+    end
+  end
+end