add PaymentMailer and send email if payment auth is required

2026-02-28 01:53:25 +00:00 · 2020-12-14 10:05:09 -08:00
parent 40f9b063fe
commit 802e49bed3
8 changed files with 74 additions and 0 deletions
--- a/app/controllers/spree/admin/payments_controller.rb
+++ b/app/controllers/spree/admin/payments_controller.rb
@@ -154,6 +154,10 @@ module Spree
        return unless @payment.payment_method.class == Spree::Gateway::StripeSCA

        @payment.authorize!
+        if @payment.cvv_response_message.present?
+          PaymentMailer.authorize_payment(@payment).deliver
+          raise Spree::Core::GatewayError, I18n.t('action_required')
+        end
        return if @payment.pending? && @payment.cvv_response_message.nil?

        raise Spree::Core::GatewayError, I18n.t('authorization_failure')
--- a/app/controllers/spree/payments_controller.rb
+++ b/app/controllers/spree/payments_controller.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Spree
+  class PaymentsController < Spree::StoreController
+    ssl_required :redirect_to_authorize
+
+    respond_to :html
+
+    prepend_before_action :require_logged_in, only: :redirect_to_authorize
+
+    def redirect_to_authorize
+      @payment = Spree::Payment.find(params[:id])
+      authorize! :show, @payment
+
+      if url = @payment.cvv_response_message
+        redirect_to url
+      else
+        redirect_to order_url(@payment.order)
+      end
+    end
+
+    private
+
+    def require_logged_in
+      return if session[:access_token] || params[:token] || spree_current_user
+
+      flash[:error] = I18n.t("spree.orders.edit.login_to_view_order")
+      redirect_to main_app.root_path(anchor: "login?after_login=#{request.env['PATH_INFO']}")
+    end
+  end
+end
--- a/app/mailers/spree/payment_mailer.rb
+++ b/app/mailers/spree/payment_mailer.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Spree
+  class PaymentMailer < BaseMailer
+    include I18nHelper
+
+    def authorize_payment(payment)
+      @payment = payment
+      subject = I18n.t('spree.payment_mailer.authorize_payment.subject',
+                       distributor: @payment.order.distributor.name)
+      mail(to: payment.order.user.email,
+           from: from_address,
+           subject: subject)
+    end
+  end
+end
--- a/app/views/spree/payment_mailer/authorize_payment.html.haml
+++ b/app/views/spree/payment_mailer/authorize_payment.html.haml
@@ -0,0 +1,2 @@
+= t('.instructions', distributor: @payment.order.distributor.name, amount: @payment.display_amount)
+= main_app.authorize_payment_url(@payment)
--- a/app/views/spree/payment_mailer/authorize_payment.text.erb
+++ b/app/views/spree/payment_mailer/authorize_payment.text.erb
@@ -0,0 +1,2 @@
+<%= t('.instructions', distributor: @payment.order.distributor.name, amount: @payment.display_amount) %>
+<%= main_app.authorize_payment_url(@payment) %>
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -2455,6 +2455,7 @@ See the %{link} to find out more about %{sitename}'s features and to start using
  payment_processing_failed: "Payment could not be processed, please check the details you entered"
  payment_method_not_supported: "That payment method is unsupported. Please choose another one."
  payment_updated: "Payment Updated"
+  action_required: "Action required"
  inventory_settings: "Inventory Settings"
  tag_rules: "Tag Rules"
  shop_preferences: "Shop Preferences"
@@ -3644,6 +3645,10 @@ See the %{link} to find out more about %{sitename}'s features and to start using
        subject: "Reset password instructions"
      confirmation_instructions:
        subject: "Please confirm your OFN account"
+    payment_mailer:
+      authorize_payment:
+        subject: "Please authorize your payment to %{distributor} on OFN"
+        instructions: "Your payment of %{amount} to %{distributor} requires additional authentication. Please visit the following URL to authorize your payment:"
    shipment_mailer:
      shipped_email:
        dear_customer: "Dear Customer,"
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -29,6 +29,7 @@ Openfoodnetwork::Application.routes.draw do
  patch "/cart", :to => "spree/orders#update", :as => :update_cart
  put "/cart/empty", :to => 'spree/orders#empty', :as => :empty_cart
  get '/orders/:id/token/:token' => 'spree/orders#show', :as => :token_order
+  get '/payments/:id/authorize' => 'spree/payments#redirect_to_authorize', as: "authorize_payment"

  resource :cart, controller: "cart" do
    post :populate
--- a/spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb
+++ b/spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb
@@ -91,6 +91,19 @@ describe Spree::Admin::PaymentsController, type: :controller do
          end
        end

+        context "where further action is required" do
+          before do
+            allow_any_instance_of(Spree::Payment).to receive(:authorize!) do |payment|
+              payment.update cvv_response_message: "http://redirect_url"
+            end
+          end
+          it "redirects to new payment page with flash error" do
+            spree_post :create, payment: params, order_id: order.number
+
+            redirects_to_new_payment_page_with_flash_error(I18n.t('action_required'))
+          end
+        end
+
        context "where both payment.process! and payment.authorize! work" do
          before do
            allow_any_instance_of(Spree::Payment).to receive(:authorize!) do |payment|