class OrdersController < ApplicationController before_filter :login_required

1. class OrdersController < ApplicationController
2. before_filter :login_required
3. before_filter :is_admin?, :only => [:purge_all]
4.  
5. include ActiveMerchant::Billing
6.  
7. def paypal_agreement
8. @order = Order.find(params[:id])
9. end
10.  
11. def paypal_checkout
12. @order = Order.find(params[:id])
13. setup_response = gateway.setup_purchase(@order.total_price * 100,
14. :ip => request.remote_ip,
15. :return_url => url_for(:action => 'paypal_confirm', :id => @order, :only_path => false),
16. :cancel_return_url => url_for(:action => 'index', :only_path => false)
17. )
18. redirect_to gateway.redirect_url_for(setup_response.token)
19. end
20.  
21. def paypal_confirm
22. @order = Order.find(params[:id])
23. redirect_to :action => 'index' unless params[:token]
24.  
25. details_response = gateway.details_for(params[:token])
26.  
27. if !details_response.success?
28. flash[:notice] = details_response.message
29. render :action => 'error'
30. return
31. end
32.  
33. @address = details_response.address
34. end
35.  
36. def paypal_complete
37. @order = Order.find(params[:id])
38. purchase = gateway.purchase(@order.total_price * 100,
39. :ip => request.remote_ip,
40. :payer_id => params[:payer_id],
41. :token => params[:token]
42. )
43.  
44. if !purchase.success?
45. flash[:notice] = purchase.message
46. render :action => 'error'
47. return
48. else
49. Notifier.deliver_email_invoice(current_user,@order.id)
50. session[:basket].clear
51. @order.update_stock_quantities
52. @order.transactions.create!(:amount => @order.total_price,
53. :test => true,
54. :user_id => current_user.id,
55. :payment_method => "paypal",
56. :fee_amount => purchase.params['fee_amount'],
57. :reference => purchase.params['transaction_id'],
58. :currency => "USD",
59. :message => "Paid via Paypal",
60. :success => true)
61. @order.payment_captured!
62. end
63. end
64.  
65. def check_agreement
66. @order = Order.find(params[:id])
67. end
68.  
69. def check_complete
70. @order = Order.find(params[:id])
71. Notifier.deliver_email_invoice(current_user,@order.id)
72. session[:basket].clear
73. @order.update_stock_quantities
74. @order.transactions.create!(:test => true,
75. :user_id => current_user.id,
76. :message => "Selected pay by check",
77. :success => true)
78. end
79.  
80. # GET /orders
81. # GET /orders.xml
82. def index
83. @orders = Order.find(:all)
84.  
85. respond_to do |format|
86. format.html # index.html.erb
87. format.xml { render :xml => @orders }
88. end
89. end
90.  
91. # GET /orders/1
92. # GET /orders/1.xml
93. def show
94. @order = Order.find(params[:id])
95.  
96. respond_to do |format|
97. format.html # show.html.erb
98. format.xml { render :xml => @order }
99. end
100. end
101.  
102. # GET /orders/new
103. # GET /orders/new.xml
104. def new
105. @user = current_user
106. @order = Order.new(:user_id => @user.id, :order_status => "initial", :checkout_at => Time.now, :apples => @basket.apples)
107. @order.save
108. @order.transactions.create!(:test => true,
109. :user_id => current_user.id,
110. :message => "Checkout",
111. :success => true)
112.  
113. respond_to do |format|
114. format.html # new.html.erb
115. format.xml { render :xml => @order }
116. end
117. end
118.  
119. # GET /orders/1/edit
120. def edit
121. @order = Order.find(params[:id])
122. end
123.  
124. # POST /orders
125. # POST /orders.xml
126. def create
127. @order = Order.new(params[:order])
128.  
129. respond_to do |format|
130. if @order.save
131. flash[:notice] = 'Order was successfully created.'
132. format.html { redirect_to(@order) }
133. format.xml { render :xml => @order, :status => :created, :location => @order }
134. else
135. format.html { render :action => "new" }
136. format.xml { render :xml => @order.errors, :status => :unprocessable_entity }
137. end
138. end
139. end
140.  
141. # PUT /orders/1
142. # PUT /orders/1.xml
143. def update
144. @order = Order.find(params[:id])
145.  
146. respond_to do |format|
147. if @order.update_attributes(params[:order])
148. flash[:notice] = 'Order was successfully updated.'
149. format.html { redirect_to(@order) }
150. format.xml { head :ok }
151. else
152. format.html { render :action => "edit" }
153. format.xml { render :xml => @order.errors, :status => :unprocessable_entity }
154. end
155. end
156. end
157.  
158. # DELETE /orders/1
159. # DELETE /orders/1.xml
160. def destroy
161. if params[:purge_all]
162. purge_all
163. redirect_to(root_url) and return
164. else
165. @order = Order.find(params[:id])
166. @order.destroy
167. end
168.  
169. respond_to do |format|
170. format.html { redirect_to(orders_url) }
171. format.xml { head :ok }
172. end
173. end
174.  
175. private
176. def gateway
177. @gateway ||= PaypalExpressGateway.new(
178. :login => 'seller_1209948530_biz_api1.gmail.com',
179. :password => '1209948540',
180. :signature => 'AmpU5zszXSTw3pVOQYaA8LZbdq-XAkYfoBxKNKmE6rcCCKhRwnu6PnbD'
181. )
182. end
183.  
184. def redirect_to_profile
185. redirect_to edit_user_path(current_user.id)
186. end
187.  
188. def purge_all
189. @orders = Order.find(:all)
190. @orders.each do |o|
191. o.line_items.each do |li|
192. li.inventory.update_attribute(:stock_quantity,
193. (li.inventory.stock_quantity + li.full_quantity + li.discount_quantity))
194. li.destroy
195. end
196. o.destroy
197. end
198. end
199.  
200. end