zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-12 23:54:44 +02:00
Code Issues Projects Releases Packages Wiki Activity

Implement partial payment logging for EveryPay / Bank links

Browse source
This commit is contained in:
Karl Erik Õunapuu 2020-01-30 17:24:07 +02:00
parent feb3a5d9da
commit 53fbd2f50c
14 changed files with 470 additions and 345 deletions
Download patch file Download diff file Expand all files Collapse all files

63
app/controllers/registrar/payments_controller.rb
View file

@ -9,27 +9,37 @@ class Registrar
def pay def pay
invoice = Invoice.find(params[:invoice_id]) invoice = Invoice.find(params[:invoice_id])
bank = params[:bank] payment_type = params[:bank]
opts = {
return_url: registrar_return_payment_with_url( channel = if payment_type == 'every_pay'
bank, invoice_id: invoice 'PaymentOrders::EveryPay'
), elsif payment_type == 'seb'
response_url: registrar_response_payment_with_url( 'PaymentOrders::SEB'
bank, invoice_id: invoice elsif payment_type == 'swed'
) 'PaymentOrders::Swed'
} elsif payment_type == 'lhv'
@payment = ::PaymentOrders.create_with_type(bank, invoice, opts) 'PaymentOrders::LHV'
@payment.create_transaction end
@payment_order = PaymentOrder.new(type: channel, invoice: invoice)
@payment_order.save && @payment_order.reload
@payment_order.return_url = registrar_return_payment_with_url(@payment_order)
@payment_order.response_url = registrar_response_payment_with_url(@payment_order)
@payment_order.save && @payment_order.reload
end end
def back def back
invoice = Invoice.find(params[:invoice_id]) puts params
opts = { response: params }
@payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
if @payment.valid_response_from_intermediary? && @payment.settled_payment?
@payment.complete_transaction
if invoice.paid? @payment_order = PaymentOrder.find_by!(id: params[:bank])
@payment_order.update!(response: params.to_unsafe_h)
if @payment_order.valid_response_from_intermediary? && @payment_order.settled_payment?
@payment_order.complete_transaction
if @payment_order.invoice.paid?
flash[:notice] = t(:pending_applied) flash[:notice] = t(:pending_applied)
else else
flash[:alert] = t(:something_wrong) flash[:alert] = t(:something_wrong)
@ -37,16 +47,15 @@ class Registrar
else else
flash[:alert] = t(:something_wrong) flash[:alert] = t(:something_wrong)
end end
redirect_to registrar_invoice_path(invoice) redirect_to registrar_invoice_path(@payment_order.invoice)
end end
def callback def callback
invoice = Invoice.find(params[:invoice_id]) @payment_order = PaymentOrder.find_by!(id: params[:bank])
opts = { response: params } @payment_order.update!(response: params.to_unsafe_h)
@payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
if @payment.valid_response_from_intermediary? && @payment.settled_payment? if @payment_order.valid_response_from_intermediary? && @payment_order.settled_payment?
@payment.complete_transaction @payment_order.complete_transaction
end end
render status: 200, json: { status: 'ok' } render status: 200, json: { status: 'ok' }
@ -56,12 +65,14 @@ class Registrar
def check_supported_payment_method def check_supported_payment_method
return if supported_payment_method? return if supported_payment_method?
raise StandardError.new("Not supported payment method")
raise StandardError.new('Not supported payment method')
end end
def supported_payment_method? def supported_payment_method?
PaymentOrders::PAYMENT_METHODS.include?(params[:bank]) puts "Payment method param is #{params[:bank]}"
# PaymentOrder::PAYMENT_METHODS.include?(params[:bank])
true
end end
end end
end end

3
app/models/invoice.rb
View file

@ -7,6 +7,7 @@ class Invoice < ApplicationRecord
has_one :account_activity has_one :account_activity
has_many :items, class_name: 'InvoiceItem', dependent: :destroy has_many :items, class_name: 'InvoiceItem', dependent: :destroy
has_many :directo_records, as: :item, class_name: 'Directo' has_many :directo_records, as: :item, class_name: 'Directo'
has_many :payment_orders
accepts_nested_attributes_for :items accepts_nested_attributes_for :items
@ -111,4 +112,4 @@ class Invoice < ApplicationRecord
def calculate_total def calculate_total
self.total = subtotal + vat_amount self.total = subtotal + vat_amount
end end
end end

57
app/models/payment_order.rb Normal file
View file

@ -0,0 +1,57 @@
class PaymentOrder < ApplicationRecord
#include Versions
include ActionView::Helpers::NumberHelper
PAYMENT_INTERMEDIARIES = ENV['payments_intermediaries'].to_s.strip.split(', ').freeze
PAYMENT_BANKLINK_BANKS = ENV['payments_banks'].to_s.strip.split(', ').freeze
PAYMENT_METHODS = [PAYMENT_INTERMEDIARIES, PAYMENT_BANKLINK_BANKS].flatten.freeze
belongs_to :invoice, optional: false
validate :invoice_cannot_be_already_paid, on: :create
# validates :type, inclusion: { in: PAYMENT_METHODS }
enum status: { issued: 'issued', paid: 'paid', cancelled: 'cancelled' }
attr_accessor :return_url, :response_url
# Name of configuration namespace
def self.config_namespace_name; end
def invoice_cannot_be_already_paid
return unless invoice&.paid?
errors.add(:invoice, 'is already paid')
end
def self.supported_method?(some_class)
raise ArgumentError unless some_class < PaymentOrder
if PAYMENT_METHODS.include?(some_class.name)
true
else
false
end
end
def self.supported_methods
enabled = []
ENABLED_METHODS.each do |method|
class_name = method.constantize
raise(Errors::ExpectedPaymentOrder, class_name) unless class_name < PaymentOrder
enabled << class_name
end
enabled
end
def channel
type.gsub('PaymentOrders::', '')
end
def form_url
ENV["payments_#{self.class.config_namespace_name}_url"]
end
end

15
app/models/payment_orders.rb
View file

@ -1,15 +0,0 @@
module PaymentOrders
PAYMENT_INTERMEDIARIES = ENV['payments_intermediaries'].to_s.strip.split(', ').freeze
PAYMENT_BANKLINK_BANKS = ENV['payments_banks'].to_s.strip.split(', ').freeze
PAYMENT_METHODS = [PAYMENT_INTERMEDIARIES, PAYMENT_BANKLINK_BANKS].flatten.freeze
def self.create_with_type(type, invoice, opts = {})
raise ArgumentError unless PAYMENT_METHODS.include?(type)
if PAYMENT_BANKLINK_BANKS.include?(type)
BankLink.new(type, invoice, opts)
elsif type == 'every_pay'
EveryPay.new(type, invoice, opts)
end
end
end

87
app/models/payment_orders/bank_link.rb
View file

@ -1,44 +1,44 @@
module PaymentOrders module PaymentOrders
class BankLink < Base class BankLink < PaymentOrder
BANK_LINK_VERSION = '008' BANK_LINK_VERSION = '008'.freeze
NEW_TRANSACTION_SERVICE_NUMBER = '1012' NEW_TRANSACTION_SERVICE_NUMBER = '1012'.freeze
SUCCESSFUL_PAYMENT_SERVICE_NUMBER = '1111' SUCCESSFUL_PAYMENT_SERVICE_NUMBER = '1111'.freeze
CANCELLED_PAYMENT_SERVICE_NUMBER = '1911' CANCELLED_PAYMENT_SERVICE_NUMBER = '1911'.freeze
NEW_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT NEW_MESSAGE_KEYS = %w[VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT
VK_CURR VK_REF VK_MSG VK_RETURN VK_CANCEL VK_CURR VK_REF VK_MSG VK_RETURN VK_CANCEL
VK_DATETIME).freeze VK_DATETIME].freeze
SUCCESS_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP SUCCESS_MESSAGE_KEYS = %w[VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP
VK_T_NO VK_AMOUNT VK_CURR VK_REC_ACC VK_REC_NAME VK_T_NO VK_AMOUNT VK_CURR VK_REC_ACC VK_REC_NAME
VK_SND_ACC VK_SND_NAME VK_REF VK_MSG VK_SND_ACC VK_SND_NAME VK_REF VK_MSG
VK_T_DATETIME).freeze VK_T_DATETIME].freeze
CANCEL_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP CANCEL_MESSAGE_KEYS = %w[VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP
VK_REF VK_MSG).freeze VK_REF VK_MSG].freeze
def form_fields def form_fields
hash = {} hash = {}
hash["VK_SERVICE"] = NEW_TRANSACTION_SERVICE_NUMBER hash['VK_SERVICE'] = NEW_TRANSACTION_SERVICE_NUMBER
hash["VK_VERSION"] = BANK_LINK_VERSION hash['VK_VERSION'] = BANK_LINK_VERSION
hash["VK_SND_ID"] = seller_account hash['VK_SND_ID'] = seller_account
hash["VK_STAMP"] = invoice.number hash['VK_STAMP'] = invoice.number
hash["VK_AMOUNT"] = number_with_precision(invoice.total, precision: 2, separator: ".") hash['VK_AMOUNT'] = number_with_precision(invoice.total, precision: 2, separator: ".")
hash["VK_CURR"] = invoice.currency hash['VK_CURR'] = invoice.currency
hash["VK_REF"] = "" hash['VK_REF'] = ''
hash["VK_MSG"] = invoice.order hash['VK_MSG'] = invoice.order
hash["VK_RETURN"] = return_url hash['VK_RETURN'] = return_url
hash["VK_CANCEL"] = return_url hash['VK_CANCEL'] = return_url
hash["VK_DATETIME"] = Time.zone.now.strftime("%Y-%m-%dT%H:%M:%S%z") hash['VK_DATETIME'] = Time.zone.now.strftime('%Y-%m-%dT%H:%M:%S%z')
hash["VK_MAC"] = calc_mac(hash) hash['VK_MAC'] = calc_mac(hash)
hash["VK_ENCODING"] = "UTF-8" hash['VK_ENCODING'] = 'UTF-8'
hash["VK_LANG"] = "ENG" hash['VK_LANG'] = 'ENG'
hash hash
end end
def valid_response_from_intermediary? def valid_response_from_intermediary?
return false unless response return false unless response
case response["VK_SERVICE"] case response['VK_SERVICE']
when SUCCESSFUL_PAYMENT_SERVICE_NUMBER when SUCCESSFUL_PAYMENT_SERVICE_NUMBER
valid_successful_transaction? valid_successful_transaction?
when CANCELLED_PAYMENT_SERVICE_NUMBER when CANCELLED_PAYMENT_SERVICE_NUMBER
@ -49,30 +49,31 @@ module PaymentOrders
end end
def complete_transaction def complete_transaction
return unless valid_successful_transaction? return unless valid_response_from_intermediary? && settled_payment?
transaction = BankTransaction.find_by( transaction = BankTransaction.where(description: invoice.order).first_or_initialize(
description: invoice.order, description: invoice.order,
reference_no: invoice.reference_no,
currency: invoice.currency, currency: invoice.currency,
iban: invoice.seller_iban iban: invoice.seller_iban
) )
transaction.sum = response['VK_AMOUNT'] transaction.sum = response['VK_AMOUNT']
transaction.bank_reference = response['VK_T_NO'] transaction.bank_reference = response['VK_T_NO']
transaction.buyer_bank_code = response["VK_SND_ID"] transaction.buyer_bank_code = response['VK_SND_ID']
transaction.buyer_iban = response["VK_SND_ACC"] transaction.buyer_iban = response['VK_SND_ACC']
transaction.buyer_name = response["VK_SND_NAME"] transaction.buyer_name = response['VK_SND_NAME']
transaction.paid_at = Time.parse(response["VK_T_DATETIME"]) transaction.paid_at = Time.parse(response['VK_T_DATETIME'])
transaction.save! transaction.save!
transaction.autobind_invoice transaction.autobind_invoice
end end
def settled_payment? def settled_payment?
response["VK_SERVICE"] == SUCCESSFUL_PAYMENT_SERVICE_NUMBER response['VK_SERVICE'] == SUCCESSFUL_PAYMENT_SERVICE_NUMBER
end end
private # private
def valid_successful_transaction? def valid_successful_transaction?
valid_success_notice? && valid_amount? && valid_currency? valid_success_notice? && valid_amount? && valid_currency?
@ -88,17 +89,17 @@ module PaymentOrders
def valid_amount? def valid_amount?
source = number_with_precision( source = number_with_precision(
BigDecimal.new(response["VK_AMOUNT"]), precision: 2, separator: "." BigDecimal(response['VK_AMOUNT']), precision: 2, separator: '.'
) )
target = number_with_precision( target = number_with_precision(
invoice.total, precision: 2, separator: "." invoice.total, precision: 2, separator: '.'
) )
source == target source == target
end end
def valid_currency? def valid_currency?
invoice.currency == response["VK_CURR"] invoice.currency == response['VK_CURR']
end end
def sign(data) def sign(data)
@ -116,7 +117,7 @@ module PaymentOrders
def valid_mac?(hash, keys) def valid_mac?(hash, keys)
data = keys.map { |element| prepend_size(hash[element]) }.join data = keys.map { |element| prepend_size(hash[element]) }.join
verify_mac(data, hash["VK_MAC"]) verify_mac(data, hash['VK_MAC'])
end end
def verify_mac(data, mac) def verify_mac(data, mac)
@ -125,22 +126,22 @@ module PaymentOrders
end end
def prepend_size(value) def prepend_size(value)
value = (value || "").to_s.strip value = (value || '').to_s.strip
string = "" string = ''
string << format("%03i", value.size) string << format("%03i", value.size)
string << value string << value
end end
def seller_account def seller_account
ENV["payments_#{type}_seller_account"] ENV["payments_#{self.class.config_namespace_name}_seller_account"]
end end
def seller_certificate def seller_certificate
ENV["payments_#{type}_seller_private"] ENV["payments_#{self.class.config_namespace_name}_seller_private"]
end end
def bank_certificate def bank_certificate
ENV["payments_#{type}_bank_certificate"] ENV["payments_#{self.class.config_namespace_name}_bank_certificate"]
end end
end end
end end

33
app/models/payment_orders/base.rb
View file

@ -1,33 +0,0 @@
module PaymentOrders
class Base
include ActionView::Helpers::NumberHelper
attr_reader :type,
:invoice,
:return_url,
:response_url,
:response
def initialize(type, invoice, opts = {})
@type = type
@invoice = invoice
@return_url = opts[:return_url]
@response_url = opts[:response_url]
@response = opts[:response]
end
def create_transaction
transaction = BankTransaction.where(description: invoice.order).first_or_initialize(
reference_no: invoice.reference_no,
currency: invoice.currency,
iban: invoice.seller_iban
)
transaction.save!
end
def form_url
ENV["payments_#{type}_url"]
end
end
end

46
app/models/payment_orders/every_pay.rb
View file

@ -1,9 +1,15 @@
module PaymentOrders module PaymentOrders
class EveryPay < Base class EveryPay < PaymentOrder
USER = ENV['payments_every_pay_api_user'].freeze USER = ENV['payments_every_pay_api_user']
KEY = ENV['payments_every_pay_api_key'].freeze KEY = ENV['payments_every_pay_api_key']
ACCOUNT_ID = ENV['payments_every_pay_seller_account'].freeze ACCOUNT_ID = ENV['payments_every_pay_seller_account']
SUCCESSFUL_PAYMENT = %w(settled authorized).freeze SUCCESSFUL_PAYMENT = %w[settled authorized].freeze
CONFIG_NAMESPACE = 'every_pay'
def self.config_namespace_name
CONFIG_NAMESPACE
end
def form_fields def form_fields
base_json = base_params base_json = base_params
@ -20,32 +26,31 @@ module PaymentOrders
def valid_response_from_intermediary? def valid_response_from_intermediary?
return false unless response return false unless response
valid_hmac? && valid_amount? && valid_account? valid_hmac? && valid_amount? && valid_account?
end end
def settled_payment? def settled_payment?
SUCCESSFUL_PAYMENT.include?(response[:payment_state]) SUCCESSFUL_PAYMENT.include?(response['payment_state'])
end end
def complete_transaction def complete_transaction
return unless valid_response_from_intermediary? && settled_payment? return unless valid_response_from_intermediary? && settled_payment?
transaction = BankTransaction.find_by( transaction = BankTransaction.where(description: invoice.order).first_or_initialize(
description: invoice.order, description: invoice.order,
currency: invoice.currency, reference_no: invoice.reference_no,
iban: invoice.seller_iban currency: invoice.currency,
iban: invoice.seller_iban
) )
transaction.sum = response[:amount] transaction.sum = response['amount']
transaction.paid_at = Date.strptime(response[:timestamp], '%s') transaction.paid_at = Date.strptime(response['timestamp'], '%s')
transaction.buyer_name = response[:cc_holder_name] transaction.buyer_name = response['cc_holder_name']
transaction.save!
transaction.autobind_invoice transaction.autobind_invoice
end end
private
def base_params def base_params
{ {
api_username: USER, api_username: USER,
@ -61,24 +66,23 @@ module PaymentOrders
end end
def valid_hmac? def valid_hmac?
hmac_fields = response[:hmac_fields].split(',') hmac_fields = response['hmac_fields'].split(',')
hmac_hash = {} hmac_hash = {}
hmac_fields.map do |field| hmac_fields.map do |field|
symbol = field.to_sym hmac_hash[field] = response[field]
hmac_hash[symbol] = response[symbol]
end end
hmac_string = hmac_hash.map { |key, _v| "#{key}=#{hmac_hash[key]}" }.join('&') hmac_string = hmac_hash.map { |key, _v| "#{key}=#{hmac_hash[key]}" }.join('&')
expected_hmac = OpenSSL::HMAC.hexdigest('sha1', KEY, hmac_string) expected_hmac = OpenSSL::HMAC.hexdigest('sha1', KEY, hmac_string)
expected_hmac == response[:hmac] expected_hmac == response['hmac']
end end
def valid_amount? def valid_amount?
invoice.total == BigDecimal.new(response[:amount]) invoice.total == BigDecimal(response['amount'])
end end
def valid_account? def valid_account?
response[:account_id] == ACCOUNT_ID response['account_id'] == ACCOUNT_ID
end end
end end
end end

7
app/models/payment_orders/lhv.rb Normal file
View file

@ -0,0 +1,7 @@
module PaymentOrders
class LHV < BankLink
def self.config_namespace_name
'lhv'
end
end
end

7
app/models/payment_orders/seb.rb Normal file
View file

@ -0,0 +1,7 @@
module PaymentOrders
class SEB < BankLink
def self.config_namespace_name
'seb'
end
end
end

7
app/models/payment_orders/swed.rb Normal file
View file

@ -0,0 +1,7 @@
module PaymentOrders
class Swed < BankLink
def self.config_namespace_name
'swed'
end
end
end

2
app/views/registrar/invoices/show.haml
View file

@ -17,4 +17,4 @@
- if @invoice.payable? - if @invoice.payable?
.row.semifooter .row.semifooter
.col-md-6-offset-6.text-right= render 'registrar/invoices/partials/banklinks', locals: { payment_channels: PaymentOrders::PAYMENT_METHODS } .col-md-6-offset-6.text-right= render 'registrar/invoices/partials/banklinks', locals: { payment_channels: PaymentOrder::PAYMENT_METHODS }

4
app/views/registrar/payments/pay.html.haml
View file

@ -2,8 +2,8 @@
= t('registrar.invoices.redirected_to_intermediary') = t('registrar.invoices.redirected_to_intermediary')
.payment-form .payment-form
= form_tag @payment.form_url, method: :post do = form_tag @payment_order.form_url, method: :post do
- @payment.form_fields.each do |k, v| - @payment_order.form_fields.each do |k, v|
= hidden_field_tag k, v = hidden_field_tag k, v
= submit_tag t('registrar.invoices.go_to_intermediary') = submit_tag t('registrar.invoices.go_to_intermediary')

13
db/migrate/20200130092113_create_payment_orders.rb Normal file
View file

@ -0,0 +1,13 @@
class CreatePaymentOrders < ActiveRecord::Migration[5.0]
def change
create_table :payment_orders do |t|
t.string :type, null: false
t.string :status, default: 0, null: false
t.belongs_to :invoice, foreign_key: true
t.jsonb :response, null: true
t.string :notes, null: true
t.timestamps
end
end
end

471
db/structure.sql
View file

File diff suppressed because it is too large Load diff