Permalink
Browse files

adding episode 143

  • Loading branch information...
1 parent 54a4f3b commit 1642b473ce3cf66798029895b6355b4f1c017a60 @ryanb committed Jan 5, 2009
Showing with 8,754 additions and 0 deletions.
  1. +11 −0 episode-143/README
  2. +3 −0 episode-143/store/.gitignore
  3. +6 −0 episode-143/store/README
  4. +10 −0 episode-143/store/Rakefile
  5. +27 −0 episode-143/store/app/controllers/application.rb
  6. +5 −0 episode-143/store/app/controllers/carts_controller.rb
  7. +44 −0 episode-143/store/app/controllers/categories_controller.rb
  8. +8 −0 episode-143/store/app/controllers/line_items_controller.rb
  9. +8 −0 episode-143/store/app/controllers/payment_notifications_controller.rb
  10. +44 −0 episode-143/store/app/controllers/products_controller.rb
  11. +3 −0 episode-143/store/app/helpers/application_helper.rb
  12. +2 −0 episode-143/store/app/helpers/carts_helper.rb
  13. +2 −0 episode-143/store/app/helpers/categories_helper.rb
  14. +23 −0 episode-143/store/app/helpers/layout_helper.rb
  15. +2 −0 episode-143/store/app/helpers/line_items_helper.rb
  16. +2 −0 episode-143/store/app/helpers/payment_notifications_helper.rb
  17. +2 −0 episode-143/store/app/helpers/products_helper.rb
  18. +38 −0 episode-143/store/app/models/cart.rb
  19. +3 −0 episode-143/store/app/models/category.rb
  20. +8 −0 episode-143/store/app/models/line_item.rb
  21. +15 −0 episode-143/store/app/models/payment_notification.rb
  22. +3 −0 episode-143/store/app/models/product.rb
  23. +4 −0 episode-143/store/app/views/carts/purchase.html.erb
  24. +31 −0 episode-143/store/app/views/carts/show.html.erb
  25. +7 −0 episode-143/store/app/views/categories/_form.html.erb
  26. +8 −0 episode-143/store/app/views/categories/edit.html.erb
  27. +13 −0 episode-143/store/app/views/categories/index.html.erb
  28. +5 −0 episode-143/store/app/views/categories/new.html.erb
  29. +13 −0 episode-143/store/app/views/categories/show.html.erb
  30. +22 −0 episode-143/store/app/views/layouts/application.html.erb
  31. +19 −0 episode-143/store/app/views/products/_form.html.erb
  32. +8 −0 episode-143/store/app/views/products/edit.html.erb
  33. +13 −0 episode-143/store/app/views/products/index.html.erb
  34. +5 −0 episode-143/store/app/views/products/new.html.erb
  35. +21 −0 episode-143/store/app/views/products/show.html.erb
  36. +17 −0 episode-143/store/config/app_config.yml
  37. +109 −0 episode-143/store/config/boot.rb
  38. +19 −0 episode-143/store/config/database.yml
  39. +67 −0 episode-143/store/config/environment.rb
  40. +17 −0 episode-143/store/config/environments/development.rb
  41. +22 −0 episode-143/store/config/environments/production.rb
  42. +22 −0 episode-143/store/config/environments/test.rb
  43. +10 −0 episode-143/store/config/initializers/inflections.rb
  44. +2 −0 episode-143/store/config/initializers/load_app_config.rb
  45. +5 −0 episode-143/store/config/initializers/mime_types.rb
  46. +15 −0 episode-143/store/config/initializers/new_rails_defaults.rb
  47. +11 −0 episode-143/store/config/routes.rb
  48. +12 −0 episode-143/store/db/migrate/20080621194238_create_categories.rb
  49. +15 −0 episode-143/store/db/migrate/20080621194423_create_products.rb
  50. +12 −0 episode-143/store/db/migrate/20081221210944_create_carts.rb
  51. +15 −0 episode-143/store/db/migrate/20081221211031_create_line_items.rb
  52. +15 −0 episode-143/store/db/migrate/20081229060523_create_payment_notifications.rb
  53. +53 −0 episode-143/store/db/schema.rb
  54. +2 −0 episode-143/store/lib/tasks/application.rake
  55. +30 −0 episode-143/store/public/404.html
  56. +30 −0 episode-143/store/public/422.html
  57. +30 −0 episode-143/store/public/500.html
  58. +10 −0 episode-143/store/public/dispatch.cgi
  59. +24 −0 episode-143/store/public/dispatch.fcgi
  60. +10 −0 episode-143/store/public/dispatch.rb
  61. 0 episode-143/store/public/favicon.ico
  62. +2 −0 episode-143/store/public/javascripts/application.js
  63. +963 −0 episode-143/store/public/javascripts/controls.js
  64. +972 −0 episode-143/store/public/javascripts/dragdrop.js
  65. +1,120 −0 episode-143/store/public/javascripts/effects.js
  66. +4,225 −0 episode-143/store/public/javascripts/prototype.js
  67. +5 −0 episode-143/store/public/robots.txt
  68. +128 −0 episode-143/store/public/stylesheets/application.css
  69. +3 −0 episode-143/store/script/about
  70. +3 −0 episode-143/store/script/console
  71. +3 −0 episode-143/store/script/dbconsole
  72. +3 −0 episode-143/store/script/destroy
  73. +3 −0 episode-143/store/script/generate
  74. +3 −0 episode-143/store/script/performance/benchmarker
  75. +3 −0 episode-143/store/script/performance/profiler
  76. +3 −0 episode-143/store/script/performance/request
  77. +3 −0 episode-143/store/script/plugin
  78. +3 −0 episode-143/store/script/process/inspector
  79. +3 −0 episode-143/store/script/process/reaper
  80. +3 −0 episode-143/store/script/process/spawner
  81. +3 −0 episode-143/store/script/runner
  82. +3 −0 episode-143/store/script/server
  83. +2 −0 episode-143/store/test/fixtures/carts.yml
  84. +11 −0 episode-143/store/test/fixtures/categories.yml
  85. +5 −0 episode-143/store/test/fixtures/line_items.yml
  86. +11 −0 episode-143/store/test/fixtures/payment_notifications.yml
  87. +23 −0 episode-143/store/test/fixtures/products.yml
  88. +20 −0 episode-143/store/test/functional/carts_controller_test.rb
  89. +54 −0 episode-143/store/test/functional/categories_controller_test.rb
  90. +15 −0 episode-143/store/test/functional/line_items_controller_test.rb
  91. +15 −0 episode-143/store/test/functional/payment_notifications_controller_test.rb
  92. +54 −0 episode-143/store/test/functional/products_controller_test.rb
  93. +38 −0 episode-143/store/test/test_helper.rb
  94. +7 −0 episode-143/store/test/unit/cart_test.rb
  95. +8 −0 episode-143/store/test/unit/category_test.rb
  96. +7 −0 episode-143/store/test/unit/line_item_test.rb
  97. +7 −0 episode-143/store/test/unit/payment_notification_test.rb
  98. +8 −0 episode-143/store/test/unit/product_test.rb
  99. 0 episode-143/store/vendor/plugins/.gitignore
View
@@ -0,0 +1,11 @@
+Railscasts Episode #143: PayPal Security
+
+http://railscasts.com/episodes/143
+
+Commands
+
+ mkdir certs
+ cd certs
+ openssl genrsa -out app_key.pem 1024
+ openssl req -new -key app_key.pem -x509 -days 365 -out app_cert.pem
+ mv ~/Downloads/paypal_cert_pem.txt paypal_cert.pem
@@ -0,0 +1,3 @@
+tmp/*
+log/*
+*.sqlite3
View
@@ -0,0 +1,6 @@
+Railscasts Example Store App
+--
+
+To setup the app, just run `rake setup`.
+
+You'll also need to recreate the certs directory and files as shown in the episode.
View
@@ -0,0 +1,10 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require(File.join(File.dirname(__FILE__), 'config', 'boot'))
+
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+
+require 'tasks/rails'
@@ -0,0 +1,27 @@
+# Filters added to this controller apply to all controllers in the application.
+# Likewise, all the methods added will be available for all controllers.
+
+class ApplicationController < ActionController::Base
+ helper :all # include all helpers, all the time
+
+ # See ActionController::RequestForgeryProtection for details
+ # Uncomment the :secret if you're not using the cookie session store
+ protect_from_forgery # :secret => '526292d4095d0fd8135a9aa118f5956e'
+
+ # See ActionController::Base for details
+ # Uncomment this to filter the contents of submitted sensitive data parameters
+ # from your application log (in this case, all fields with names like "password").
+ # filter_parameter_logging :password
+
+ def current_cart
+ if session[:cart_id]
+ @current_cart ||= Cart.find(session[:cart_id])
+ session[:cart_id] = nil if @current_cart.purchased_at
+ end
+ if session[:cart_id].nil?
+ @current_cart = Cart.create!
+ session[:cart_id] = @current_cart.id
+ end
+ @current_cart
+ end
+end
@@ -0,0 +1,5 @@
+class CartsController < ApplicationController
+ def show
+ @cart = current_cart
+ end
+end
@@ -0,0 +1,44 @@
+class CategoriesController < ApplicationController
+ def index
+ @categories = Category.find(:all)
+ end
+
+ def show
+ @category = Category.find(params[:id])
+ end
+
+ def new
+ @category = Category.new
+ end
+
+ def create
+ @category = Category.new(params[:category])
+ if @category.save
+ flash[:notice] = "Successfully created category."
+ redirect_to @category
+ else
+ render :action => 'new'
+ end
+ end
+
+ def edit
+ @category = Category.find(params[:id])
+ end
+
+ def update
+ @category = Category.find(params[:id])
+ if @category.update_attributes(params[:category])
+ flash[:notice] = "Successfully updated category."
+ redirect_to @category
+ else
+ render :action => 'edit'
+ end
+ end
+
+ def destroy
+ @category = Category.find(params[:id])
+ @category.destroy
+ flash[:notice] = "Successfully destroyed category."
+ redirect_to categories_url
+ end
+end
@@ -0,0 +1,8 @@
+class LineItemsController < ApplicationController
+ def create
+ @product = Product.find(params[:product_id])
+ @line_item = LineItem.create!(:cart => current_cart, :product => @product, :quantity => 1, :unit_price => @product.price)
+ flash[:notice] = "Added #{@product.name} to cart."
+ redirect_to current_cart_url
+ end
+end
@@ -0,0 +1,8 @@
+class PaymentNotificationsController < ApplicationController
+ protect_from_forgery :except => [:create]
+
+ def create
+ PaymentNotification.create!(:params => params, :cart_id => params[:invoice], :status => params[:payment_status], :transaction_id => params[:txn_id])
+ render :nothing => true
+ end
+end
@@ -0,0 +1,44 @@
+class ProductsController < ApplicationController
+ def index
+ @products = Product.all(:limit => 10)
+ end
+
+ def show
+ @product = Product.find(params[:id])
+ end
+
+ def new
+ @product = Product.new
+ end
+
+ def create
+ @product = Product.new(params[:product])
+ if @product.save
+ flash[:notice] = "Successfully created product."
+ redirect_to @product
+ else
+ render :action => 'new'
+ end
+ end
+
+ def edit
+ @product = Product.find(params[:id])
+ end
+
+ def update
+ @product = Product.find(params[:id])
+ if @product.update_attributes(params[:product])
+ flash[:notice] = "Successfully updated product."
+ redirect_to @product
+ else
+ render :action => 'edit'
+ end
+ end
+
+ def destroy
+ @product = Product.find(params[:id])
+ @product.destroy
+ flash[:notice] = "Successfully destroyed product."
+ redirect_to products_url
+ end
+end
@@ -0,0 +1,3 @@
+# Methods added to this helper will be available to all templates in the application.
+module ApplicationHelper
+end
@@ -0,0 +1,2 @@
+module CartsHelper
+end
@@ -0,0 +1,2 @@
+module CategoriesHelper
+end
@@ -0,0 +1,23 @@
+# These helper methods can be called in your template to set variables to be used in the layout
+# This module should be included in all views globally,
+# to do so you may need to add this line to your ApplicationController
+# helper :layout
+module LayoutHelper
+ def title(page_title, show_title = true)
+ @content_for_title = page_title.to_s
+ @show_title = show_title
+ end
+
+ def show_title?
+ @show_title
+ end
+
+ def stylesheet(*args)
+ content_for(:head) { stylesheet_link_tag(*args.map(&:to_s)) }
+ end
+
+ def javascript(*args)
+ args = args.map { |arg| arg == :defaults ? arg : arg.to_s }
+ content_for(:head) { javascript_include_tag(*args) }
+ end
+end
@@ -0,0 +1,2 @@
+module LineItemsHelper
+end
@@ -0,0 +1,2 @@
+module PaymentNotificationsHelper
+end
@@ -0,0 +1,2 @@
+module ProductsHelper
+end
@@ -0,0 +1,38 @@
+class Cart < ActiveRecord::Base
+ has_many :line_items
+
+ def total_price
+ # convert to array so it doesn't try to do sum on database directly
+ line_items.to_a.sum(&:full_price)
+ end
+
+ def paypal_encrypted(return_url, notify_url)
+ values = {
+ :business => APP_CONFIG[:paypal_email],
+ :cmd => '_cart',
+ :upload => 1,
+ :return => return_url,
+ :invoice => id,
+ :notify_url => notify_url,
+ :cert_id => APP_CONFIG[:paypal_cert_id]
+ }
+ line_items.each_with_index do |item, index|
+ values.merge!({
+ "amount_#{index+1}" => item.unit_price,
+ "item_name_#{index+1}" => item.product.name,
+ "item_number_#{index+1}" => item.id,
+ "quantity_#{index+1}" => item.quantity
+ })
+ end
+ encrypt_for_paypal(values)
+ end
+
+ PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
+ APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")
+ APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem")
+
+ def encrypt_for_paypal(values)
+ signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
+ OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
+ end
+end
@@ -0,0 +1,3 @@
+class Category < ActiveRecord::Base
+ has_many :products
+end
@@ -0,0 +1,8 @@
+class LineItem < ActiveRecord::Base
+ belongs_to :cart
+ belongs_to :product
+
+ def full_price
+ unit_price * quantity
+ end
+end
@@ -0,0 +1,15 @@
+class PaymentNotification < ActiveRecord::Base
+ belongs_to :cart
+ serialize :params
+ after_create :mark_cart_as_purchased
+
+ private
+
+ def mark_cart_as_purchased
+ if status == "Completed" && params[:secret] == APP_CONFIG[:paypal_secret] &&
+ params[:receiver_email] == APP_CONFIG[:paypal_email] &&
+ params[:mc_gross] == cart.total_price.to_s && params[:mc_currency] == "USD"
+ cart.update_attribute(:purchased_at, Time.now)
+ end
+ end
+end
@@ -0,0 +1,3 @@
+class Product < ActiveRecord::Base
+ belongs_to :category
+end
@@ -0,0 +1,4 @@
+<% title "Purchase Successful" %>
+
+<p><strong>Thank you for your order!</strong> We will process it within one business day.</p>
+<p><%= link_to "Back to Products", products_path %></p>
@@ -0,0 +1,31 @@
+<% title "Shopping Cart" %>
+
+<table id="line_items">
+ <tr>
+ <th>Product</th>
+ <th>Qty</th>
+ <th class="price">Unit Price</th>
+ <th class="price">Full Price</th>
+ </tr>
+ <% for line_item in @cart.line_items %>
+ <tr class="<%= cycle :odd, :even %>">
+ <td><%=h line_item.product.name %></td>
+ <td class="qty"><%= line_item.quantity %></td>
+ <td class="price"><%= number_to_currency(line_item.unit_price) %></td>
+ <td class="price"><%= number_to_currency(line_item.full_price) %></td>
+ </tr>
+ <% end %>
+ <tr>
+ <td class="total price" colspan="4">
+ Total: <%= number_to_currency @cart.total_price %>
+ </td>
+ </tr>
+</table>
+
+<p><%= link_to "Continue Shopping", products_url %></p>
+
+<% form_tag APP_CONFIG[:paypal_url] do %>
+ <%= hidden_field_tag :cmd, "_s-xclick" %>
+ <%= hidden_field_tag :encrypted, @cart.paypal_encrypted(products_url, payment_notifications_url(:secret => APP_CONFIG[:paypal_secret])) %>
+ <p><%= submit_tag "Checkout" %></p>
+<% end %>
@@ -0,0 +1,7 @@
+<% form_for @category do |f| %>
+ <p>
+ <%= f.label :name %><br />
+ <%= f.text_field :name %>
+ </p>
+ <p><%= f.submit "Submit" %></p>
+<% end %>
@@ -0,0 +1,8 @@
+<% title "Edit Category" %>
+
+<%= render :partial => 'form' %>
+
+<p>
+ <%= link_to "Show", @category %> |
+ <%= link_to "View All", categories_path %>
+</p>
@@ -0,0 +1,13 @@
+<% title "Categories" %>
+
+<% for category in @categories %>
+ <div class="category">
+ <h3><%= link_to h(category.name), category %></h3>
+ <div class="actions">
+ <%= link_to "Edit", edit_category_path(category) %> |
+ <%= link_to "Destroy", category, :confirm => 'Are you sure?', :method => :delete %>
+ </div>
+ </div>
+<% end %>
+
+<p><%= link_to "New Category", new_category_path %></p>
@@ -0,0 +1,5 @@
+<% title "New Category" %>
+
+<%= render :partial => 'form' %>
+
+<p><%= link_to "Back to List", categories_path %></p>
@@ -0,0 +1,13 @@
+<% title @category.name %>
+
+<ul>
+<% for product in @category.products %>
+ <li><%= link_to h(product.name), product %></li>
+<% end %>
+</ul>
+
+<p>
+ <%= link_to "Edit", edit_category_path(@category) %> |
+ <%= link_to "Destroy", @category, :confirm => 'Are you sure?', :method => :delete %> |
+ <%= link_to "View All", categories_path %>
+</p>
Oops, something went wrong.

0 comments on commit 1642b47

Please sign in to comment.