Skip to content
Browse files

- Added UUID for order id's

- Added permissions for showing order receipts
- My profile page shows order history
  • Loading branch information...
1 parent 03ee380 commit 1aeca9689cdea246e9c5366bac493aa198efd5a9 @nshbrown nshbrown committed Jul 9, 2011
View
1 Gemfile
@@ -9,6 +9,7 @@ gem "money", "3.7.1"
gem "authlogic"
gem "declarative_authorization"
gem "activemerchant"
+gem "uuidtools", "= 2.1.1"
# Deploy with Capistrano
# gem 'capistrano'
View
2 Gemfile.lock
@@ -142,6 +142,7 @@ GEM
treetop (1.4.9)
polyglot (>= 0.3.1)
tzinfo (0.3.23)
+ uuidtools (2.1.1)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
@@ -168,4 +169,5 @@ DEPENDENCIES
rspec-rails (~> 2.4)
s3_swf_upload (= 0.3.2)!
sqlite3-ruby
+ uuidtools (= 2.1.1)
webrat
View
8 app/controllers/checkout_controller.rb
@@ -1,4 +1,6 @@
class CheckoutController < ApplicationController
+ before_filter :require_user
+
def express
response = EXPRESS_GATEWAY.setup_purchase(@cart.total_price,
:ip => request.remote_ip,
@@ -10,6 +12,10 @@ def express
def confirm
@order = Order.new(:express_token => params[:token])
+ if !current_user.cart || current_user.cart.empty?
+ flash[:error] = 'Your cart is empty'
+ redirect_to root_url
+ end
end
def place_order
@@ -23,7 +29,7 @@ def place_order
flash[:notice] = "Your Order Has Been Submitted"
# @order.notify_video_buyer
# @order.notify_video_seller
- redirect_to order_url(@order) and return
+ redirect_to order_url(@order.uuid) and return
else
@order.destroy
flash[:error] = "Sorry - your purchase failed. Please check your info and try again."
View
36 app/controllers/orders_controller.rb
@@ -1,5 +1,39 @@
class OrdersController < ApplicationController
+ before_filter :require_user
+ before_filter :require_owner
+
def show
- @order = Order.find(params[:id])
+ end
+
+ def download
+ @video = @order.order_items.find(params[:order_item_id]).video
+
+ AWS::S3::Base.establish_connection!(
+ :access_key_id => S3SwfUpload::S3Config.access_key_id,
+ :secret_access_key => S3SwfUpload::S3Config.secret_access_key
+ )
+
+ redirect_to AWS::S3::S3Object.url_for(@video.s3_path, S3SwfUpload::S3Config.bucket, :expires_in => 3600, :use_ssl => false)
+ end
+
+ def watch
+ end
+
+private
+
+ def require_owner
+ @order = Order.find_by_uuid(params[:id])
+
+ # Check if the order is found at all
+ if !@order
+ flash[:error] = 'Order not found'
+ redirect_to root_url
+ end
+
+ # If this isn't the owner, send 'em home
+ if @order.user != current_user
+ flash[:error] = 'You are not authorized'
+ redirect_to root_url
+ end
end
end
View
9 app/models/order.rb
@@ -26,12 +26,19 @@ def express_token=(token)
self.express_payer_id = details.payer_id
self.first_name = details.params["first_name"]
self.last_name = details.params["last_name"]
+ self.email = details.params["payer"]
+ self.address_one = details.params["street1"]
+ self.address_two = details.params["street2"]
+ self.zip_postal_code = details.params["postal_code"]
+ self.city = details.params["city_name"]
+ self.state = details.params["state_or_province"]
+ self.country = details.params["country"]
end
end
def Order.create_order_from_cart(cart, express_token)
# create a new order
- new_order = Order.new(:user_id => cart.user_id, :express_token => express_token)
+ new_order = Order.new(:user_id => cart.user_id, :uuid => UUIDTools::UUID.random_create.to_s, :express_token => express_token)
cart.cart_items.each do |ci|
# add this to OrderItem.build_from_line_item(li)
View
1 app/models/order_item.rb
@@ -1,5 +1,6 @@
class OrderItem < ActiveRecord::Base
belongs_to :order
+ belongs_to :video
composed_of :price,
:class_name => "Money",
View
1 app/models/user.rb
@@ -5,6 +5,7 @@ class User < ActiveRecord::Base
has_many :assignments
has_many :roles, :through => :assignments
+ has_many :orders
has_one :cart
validates_presence_of :first_name
View
9 app/views/checkout/confirm.html.erb
@@ -1,9 +1,12 @@
<h2>Confirm</h2>
-<p>First Name: <%= @order.first_name %> <%= @order.last_name %></p>
+<p>Name: <%= @order.first_name %> <%= @order.last_name %></p>
<% @cart.cart_items.each do |i| -%>
-<li><%= i.video.title %> - via <%= i.delivery %> - $<%= cart_item_price(i, i.delivery) %></li>
+<li><%= i.video.title %> - via <%= i.delivery %> - <%= number_to_currency cart_item_price(i, i.delivery) %></li>
<% end -%>
-<% form_for @order, :url => place_order_checkout_path do |f| -%>
+<p>Total: <%= number_to_currency @cart.total_price %></p>
+
+<%= form_for @order, :url => place_order_checkout_path do |f| -%>
<%= f.hidden_field :express_token %>
<%= f.submit 'Place Order '%>
+ or <%= link_to 'Cancel', root_url %>
<% end -%>
View
13 app/views/orders/_order_list.html.erb
@@ -0,0 +1,13 @@
+<h3>Orders</h3>
+<table>
+ <tr>
+ <th>Order Date</th>
+ <th>Total</th>
+ </tr>
+<% current_user.orders.each do |o| -%>
+ <tr>
+ <td><%= link_to o.created_at, order_path(o.uuid) %></td>
+ <td><%= number_to_currency o.total %></td>
+ </tr>
+<% end -%>
+</table>
View
10 app/views/orders/show.html.erb
@@ -1 +1,9 @@
-<h1>Order Receipt</h1>
+<h1>Order Receipt</h1>
+<ul>
+<% @order.order_items.each do |i| -%>
+ <li><%= i.video.title %> - via <%= i.delivery %> - <%= number_to_currency i.price %></li>
+ <% if i.delivery == 'download' %><%= link_to 'Download Video', download_order_item_path(@order.uuid, i.id) %><% end -%>
+ <% if i.delivery == 'streaming' %><%= link_to 'Watch Your Video', watch_order_item_path(@order.uuid, i.id) %><% end -%>
+<% end -%>
+</ul>
+<p>Total: <%= number_to_currency @order.total %></p>
View
1 app/views/orders/watch.html.erb
@@ -0,0 +1 @@
+<h2>Watch Video</h2>
View
1 app/views/users/show.html.erb
@@ -1,2 +1,3 @@
<h2>User Profile</h2>
<%= render :partial => 'authorizations' if permitted_to? :index, :admin_videos %>
+<%= render :partial => 'orders/order_list' %>
View
17 config/routes.rb
@@ -18,9 +18,11 @@
end
end
+ ## VIDEOS
+ match 'videos/show/:id', :to => 'videos#show', :as => 'show_video'
+
## CART
match 'cart', :to => 'cart#index', :as => 'cart'
- match 'videos/show/:id', :to => 'videos#show', :as => 'show_video'
match 'cart/add/download/:id', :to => 'cart#add', :delivery => 'download', :as => 'add_download_cart'
match 'cart/add/streaming/:id', :to => 'cart#add', :delivery => 'streaming', :as => 'add_streaming_cart'
match 'cart/remove/:id', :to => 'cart#remove', :as => 'remove_cart_item'
@@ -30,21 +32,26 @@
match 'checkout/confirm', :to => 'checkout#confirm', :as => 'confirm_checkout'
match 'checkout/place_order', :to => 'checkout#place_order', :as => 'place_order_checkout'
- resources :user_sessions
-
+ ## ORDERS
resources :orders
+ match 'orders/download/:id/:order_item_id', :to => 'orders#download', :as => 'download_order_item'
+ match 'orders/watch/:id/:order_item_id', :to => 'orders#watch', :as => 'watch_order_item'
+ ## USERS
resources :users do
member do
get "register"
post "update_roles"
end
end
+ match 'register' => "users#new", :as => :register
+ match 'account' => "users#show", :as => :account
+
+ ## USER SESSIONS
+ resources :user_sessions
match 'login' => "user_sessions#new", :as => :login
match 'logout' => "user_sessions#destroy", :as => :logout
- match 'register' => "users#new", :as => :register
- match 'account' => "users#show", :as => :account
match ':controller(/:action(/:id))'
View
9 db/migrate/20110709212943_add_uuid_to_orders.rb
@@ -0,0 +1,9 @@
+class AddUuidToOrders < ActiveRecord::Migration
+ def self.up
+ add_column :orders, :uuid, :string
+ end
+
+ def self.down
+ remove_column :orders, :uuid
+ end
+end
View
3 db/schema.rb
@@ -10,7 +10,7 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20110705213950) do
+ActiveRecord::Schema.define(:version => 20110709212943) do
create_table "assignments", :force => true do |t|
t.integer "role_id"
@@ -69,6 +69,7 @@
t.datetime "created_at"
t.datetime "updated_at"
t.integer "total_in_cents"
+ t.string "uuid"
end
create_table "roles", :force => true do |t|
View
2 lib/authorize_fu.rb
@@ -1,12 +1,10 @@
module AuthorizeFu
def current_user_session
- logger.debug "ApplicationController::current_user_session"
return @current_user_session if defined?(@current_user_session)
@current_user_session = UserSession.find
end
def current_user
- logger.debug "ApplicationController::current_user"
return @current_user if defined?(@current_user)
@current_user = current_user_session && current_user_session.user
end

0 comments on commit 1aeca96

Please sign in to comment.
Something went wrong with that request. Please try again.