diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 77ea39a..4c47d04 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true class ApplicationController < ActionController::Base + protect_from_forgery add_flash_types :success, :danger, :warning, :info devise_group :user, contains: %i[admin member] before_action :configure_permitted_parameters, if: :devise_controller? diff --git a/app/controllers/bookings_controller.rb b/app/controllers/bookings_controller.rb index a7689c6..9ef0efe 100644 --- a/app/controllers/bookings_controller.rb +++ b/app/controllers/bookings_controller.rb @@ -56,11 +56,6 @@ def valid_date? def save_booking @booking.status = 0 - if @booking.voucher_id.present? - @booking.total_price = (@booking.room.price.cost - ((@booking.room.price.cost * @booking.voucher.sale) / 100)) + @booking.room.price.cleaning_fee - else - @booking.total_price = (@booking.room.price.cost + @booking.room.price.cleaning_fee) - end if @booking.save redirect_to thank_payment_path else diff --git a/app/controllers/mailpayment_controller.rb b/app/controllers/mailpayment_controller.rb index 31684b5..409514c 100644 --- a/app/controllers/mailpayment_controller.rb +++ b/app/controllers/mailpayment_controller.rb @@ -1,10 +1,52 @@ # frozen_string_literal: true class MailpaymentController < ApplicationController + before_action :load_booking, only: :edit + before_action :check_token, only: :edit + before_action :check_expire_time, only: :edit + def create - @booking = Booking.includes(:room).find(params[:id]) - PaymentMailer.payment_booking(@booking).deliver_now - flash[:notice] = t "messages.notice.mailpayment.sent_mail", email: @booking.email_booking.to_s + @booking = Booking.includes(:room).find_by(id: params[:id]) + if @booking + @booking.create_booking_digest + PaymentMailer.payment_booking(@booking).deliver_now + flash[:notice] = t "messages.notice.mailpayment.sent_mail", email: @booking.email_booking.to_s + else + flash[:danger] = t "messages.failed.mailpayment.sent_mail" + end redirect_to manager_bookings_path end + + def edit + if @booking.Pending? + redirect_to @booking.paypal_url(payment_booking_path(@booking)) + else + flash[:danger] = t "messages.failed.mailpayment.paymented" + redirect_to root_path + end + end + + private + + def check_token + return if @booking.booking_digest == params[:id] + + flash[:danger] = t "messages.failed.mailpayment.token" + redirect_to root_path + end + + def load_booking + return if @booking = Booking.includes(:room).find_by(id: params[:booking]) + + flash[:danger] = t "messages.failed.mailpayment.sent_mail" + redirect_to root_path + end + + def check_expire_time + return unless @booking.booking_expired? + + @booking.destroy + flash[:danger] = t "messages.failed.mailpayment.expire" + redirect_to root_path + end end diff --git a/app/controllers/manager/base_controller.rb b/app/controllers/manager/base_controller.rb index faec852..ec3429e 100644 --- a/app/controllers/manager/base_controller.rb +++ b/app/controllers/manager/base_controller.rb @@ -3,7 +3,6 @@ module Manager class BaseController < ApplicationController layout "manager" - protect_from_forgery with: :exception before_action :authenticate_admin! end end diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index 82026a8..0b9750c 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -11,7 +11,7 @@ def index def show @items = @location + @area + @room - render json: @items + render json: @items.sort end private diff --git a/app/models/booking.rb b/app/models/booking.rb index ce7225f..2c38931 100644 --- a/app/models/booking.rb +++ b/app/models/booking.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class Booking < ApplicationRecord + before_save :downcase_email, :add_total_price + belongs_to :room belongs_to :voucher, optional: true @@ -18,7 +20,7 @@ def country_name country.present? ? country.translations[I18n.locale.to_s] || country.name : country_code end - def paypal_url(_return_path) + def paypal_url(return_path) values = { business: Settings.email.to_s, cmd: "_xclick", @@ -33,11 +35,38 @@ def paypal_url(_return_path) "#{Settings.paypal_host}/cgi-bin/webscr?" + values.to_query end - private + # Returns a random token. + def self.new_token + SecureRandom.urlsafe_base64 + end + + def create_booking_digest + update_attributes(booking_digest: Booking.new_token, + booking_sent_at: Time.zone.now) + end + + def booking_expired? + booking_sent_at < 1.hours.ago + end def checkin_date_after_checkout_date return if checkin.blank? || checkout.blank? errors.add(:checkout, "must be after the start date") if checkout < checkin end + + private + + def add_total_price + total_price = (self.room.price.cost * ((self.checkout - self.checkin) / 86400)) + if self.voucher_id.present? + self.total_price = ( total_price - ((total_price * self.voucher.sale) / 100)) + self.room.price.cleaning_fee + else + self.total_price = total_price + self.room.price.cleaning_fee + end + end + + def downcase_email + self.email_booking = email_booking.downcase + end end diff --git a/app/views/payment_mailer/invoice_payment.html.slim b/app/views/payment_mailer/invoice_payment.html.slim index b51219d..1af1744 100644 --- a/app/views/payment_mailer/invoice_payment.html.slim +++ b/app/views/payment_mailer/invoice_payment.html.slim @@ -34,6 +34,12 @@ table.body border="0" cellpadding="0" cellspacing="0" role="presentation" = t ".sale" .col-7 = number_to_percentage(@booking.voucher.sale, precision: 0) + .row + .col-2 + .col-3 style="font-weight: bold;" + = t ".clean" + .col-7 + = number_to_currency(@room.price.cleaning_fee) .row .col-2 .col-3 style="font-weight: bold;" diff --git a/app/views/payment_mailer/payment_booking.html.slim b/app/views/payment_mailer/payment_booking.html.slim index 33324af..131a3c6 100644 --- a/app/views/payment_mailer/payment_booking.html.slim +++ b/app/views/payment_mailer/payment_booking.html.slim @@ -34,6 +34,12 @@ table.body border="0" cellpadding="0" cellspacing="0" role="presentation" = t ".sale" .col-7 = number_to_percentage(@booking.voucher.sale, precision: 0) + .row + .col-2 + .col-3 style="font-weight: bold;" + = t ".clean" + .col-7 + = number_to_currency(@room.price.cleaning_fee) .row .col-2 .col-3 style="font-weight: bold;" @@ -75,7 +81,7 @@ table.body border="0" cellpadding="0" cellspacing="0" role="presentation" p = t ".end_mail" /! END MAIN CONTENT AREA = link_to t(".payment_now"), - @booking.paypal_url(payment_booking_url(@booking)), + check_payment_url(id: @booking.booking_digest, booking: @booking.id), class: "btn btn-primary", style: "text-decoration: none;" /! END CENTERED WHITE CONTAINER /! START FOOTER diff --git a/app/views/trends/_trend.html.slim b/app/views/trends/_trend.html.slim index c67780b..ae1d511 100644 --- a/app/views/trends/_trend.html.slim +++ b/app/views/trends/_trend.html.slim @@ -2,4 +2,4 @@ h2.extra-bold.p--giant= link_to trend.name, trend_path(trend), class: "trend-title" p = trend.description .row - = render trend.rooms.limit Settings.trend_limit + = render trend.rooms.includes(:trend_rooms, :room_images, :location, :price, :likes, :favorite_space).limit Settings.trend_limit diff --git a/config/locales/en.yml b/config/locales/en.yml index 6dad102..d26c8d6 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -19,9 +19,15 @@ en: failed: admins: create: "Create failed!" + mailpayment: + sent_mail: "Not find booking!" + paymented: "Booking paymented!" + token: "Token not true!" + expire: "Payment expired" notice: mailpayment: sent_mail: "Sent a mail to %{email}" + manager: rooms: create_room: "Thank you to create room" @@ -167,6 +173,7 @@ en: room_name: "Room Name:" cost: "Cost:" sale: "Sale:" + clean: "Clean fee:" total_price: "Total price:" checkin: "Check in:" checkout: "Check out:" @@ -184,6 +191,7 @@ en: room_name: "Room name:" price: "Price:" sale: "Sale:" + clean: "Clean fee:" total_price: "Total price:" checkin: "Check in:" checkout: "Check out:" diff --git a/config/routes.rb b/config/routes.rb index 00fd588..ffe92f6 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -5,6 +5,7 @@ get "/favorite_spaces/:id", to: "home#show" get "/autocomplete", to: "search#show" post "/mailpayment/:id", to: "mailpayment#create", as: :mailpayment + get "/paypal/:id", to: "mailpayment#edit", as: :check_payment post "/payment_update", to: "payment_booking#create", as: :payment_bookings get "/payment_booking/:id", to: "payment_booking#show", as: :payment_booking get "/payment_booking", to: "payment_booking#index", as: :thank_payment diff --git a/config/settings/development.yml b/config/settings/development.yml index 77ae48f..a79d3a1 100644 --- a/config/settings/development.yml +++ b/config/settings/development.yml @@ -1,3 +1,3 @@ paypal_host: https://www.sandbox.paypal.com -app_host: http://514e8bcd.ngrok.io +app_host: http://3fa1c2d5.ngrok.io email: bookinghomestay@merchant.com diff --git a/db/migrate/20190903025307_create_bookings.rb b/db/migrate/20190903025307_create_bookings.rb index 8c0fb89..99a9d68 100644 --- a/db/migrate/20190903025307_create_bookings.rb +++ b/db/migrate/20190903025307_create_bookings.rb @@ -18,6 +18,8 @@ def change t.text :request t.time :intend_time t.decimal :total_price + t.string :booking_digest + t.datetime :booking_sent_at t.timestamps end diff --git a/db/schema.rb b/db/schema.rb index 4b61227..7ea5235 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -76,6 +76,8 @@ t.text "request" t.time "intend_time" t.decimal "total_price", precision: 10 + t.string "booking_digest" + t.datetime "booking_sent_at" t.datetime "created_at", null: false t.datetime "updated_at", null: false t.text "notification_params"