public async Task <IActionResult> EditPaymentRequest(string id)
{
SelectList stores = null;
var data = await _PaymentRequestRepository.FindPaymentRequest(id, GetUserId());
if (data == null && !string.IsNullOrEmpty(id))
{
return(NotFound());
}
stores = new SelectList(await _StoreRepository.GetStoresByUserId(GetUserId()), nameof(StoreData.Id),
nameof(StoreData.StoreName), data?.StoreDataId);
if (!stores.Any())
{
TempData.SetStatusMessageModel(new StatusMessageModel()
{
Html = $"Error: You need to create at least one store. <a href='{Url.Action("CreateStore", "UserStores")}' class='alert-link'>Create store</a>",
Severity = StatusMessageModel.StatusSeverity.Error
});
return(RedirectToAction("GetPaymentRequests"));
}
return(View(new UpdatePaymentRequestViewModel(data)
{
Stores = stores
}));
}
public async Task <IActionResult> EditPaymentRequest(string id, string statusMessage = null)
{
SelectList stores = null;
var data = await _PaymentRequestRepository.FindPaymentRequest(id, GetUserId());
if (data == null && !string.IsNullOrEmpty(id))
{
return(NotFound());
}
stores = new SelectList(await _StoreRepository.GetStoresByUserId(GetUserId()), nameof(StoreData.Id),
nameof(StoreData.StoreName), data?.StoreDataId);
if (!stores.Any())
{
return(RedirectToAction("GetPaymentRequests",
new
{
StatusMessage = "Error: You need to create at least one store before creating a payment request"
}));
}
return(View(new UpdatePaymentRequestViewModel(data)
{
Stores = stores,
StatusMessage = statusMessage
}));
}
public async Task <IActionResult> EditPaymentRequest(string id, string statusMessage = null)
{
SelectList stores = null;
var data = await _PaymentRequestRepository.FindPaymentRequest(id, GetUserId());
if (data == null && !string.IsNullOrEmpty(id))
{
return(NotFound());
}
stores = new SelectList(await _StoreRepository.GetStoresByUserId(GetUserId()), nameof(StoreData.Id),
nameof(StoreData.StoreName), data?.StoreDataId);
if (!stores.Any())
{
return(RedirectToAction("GetPaymentRequests",
new
{
StatusMessage = new StatusMessageModel()
{
Html =
$"Error: Necesitas crear al menos una tienda.. <a href='{Url.Action("CreateStore", "UserStores")}'>Crear tienda</a>",
Severity = StatusMessageModel.StatusSeverity.Error
}
}));
}
return(View(new UpdatePaymentRequestViewModel(data)
{
Stores = stores,
StatusMessage = statusMessage
}));
}
public async Task <IActionResult> PayPaymentRequest(string payReqId, bool redirectToInvoice = true,
decimal?amount = null, CancellationToken cancellationToken = default)
{
if (amount.HasValue && amount.Value <= 0)
{
return(BadRequest("Please provide an amount greater than 0"));
}
var result = await _PaymentRequestService.GetPaymentRequest(payReqId, GetUserId());
if (result == null)
{
return(NotFound());
}
if (result.Archived)
{
if (redirectToInvoice)
{
return(RedirectToAction("ViewPaymentRequest", new { Id = payReqId }));
}
return(BadRequest("Payment Request cannot be paid as it has been archived"));
}
result.HubPath = PaymentRequestHub.GetHubPath(Request);
if (result.AmountDue <= 0)
{
if (redirectToInvoice)
{
return(RedirectToAction("ViewPaymentRequest", new { Id = payReqId }));
}
return(BadRequest("Payment Request has already been settled."));
}
if (result.ExpiryDate.HasValue && DateTime.UtcNow >= result.ExpiryDate)
{
if (redirectToInvoice)
{
return(RedirectToAction("ViewPaymentRequest", new { Id = payReqId }));
}
return(BadRequest("Payment Request has expired"));
}
var stateAllowedToDisplay = new HashSet <InvoiceState>
{
new InvoiceState(InvoiceStatusLegacy.New, InvoiceExceptionStatus.None),
new InvoiceState(InvoiceStatusLegacy.New, InvoiceExceptionStatus.PaidPartial),
};
var currentInvoice = result
.Invoices
.FirstOrDefault(invoice => stateAllowedToDisplay.Contains(invoice.State));
if (currentInvoice != null)
{
if (redirectToInvoice)
{
return(RedirectToAction("Checkout", "UIInvoice", new { currentInvoice.Id }));
}
return(Ok(currentInvoice.Id));
}
if (result.AllowCustomPaymentAmounts && amount != null)
{
amount = Math.Min(result.AmountDue, amount.Value);
}
else
{
amount = result.AmountDue;
}
var pr = await _PaymentRequestRepository.FindPaymentRequest(payReqId, null, cancellationToken);
var blob = pr.GetBlob();
var store = pr.StoreData;
try
{
var redirectUrl = _linkGenerator.PaymentRequestLink(payReqId, Request.Scheme, Request.Host, Request.PathBase);
var invoiceMetadata =
new InvoiceMetadata
{
OrderId = PaymentRequestRepository.GetOrderIdForPaymentRequest(payReqId),
PaymentRequestId = payReqId,
BuyerEmail = result.Email
};
var invoiceRequest =
new CreateInvoiceRequest
{
Metadata = invoiceMetadata.ToJObject(),
Currency = blob.Currency,
Amount = amount.Value,
Checkout = { RedirectURL = redirectUrl }
};
var additionalTags = new List <string> {
PaymentRequestRepository.GetInternalTag(payReqId)
};
var newInvoice = await _InvoiceController.CreateInvoiceCoreRaw(invoiceRequest, store, Request.GetAbsoluteRoot(), additionalTags, cancellationToken);
if (redirectToInvoice)
{
return(RedirectToAction("Checkout", "UIInvoice", new { newInvoice.Id }));
}
return(Ok(newInvoice.Id));
}
catch (BitpayHttpException e)
{
return(BadRequest(e.Message));
}
}
public async Task UpdatePaymentRequestStateIfNeeded(string id)
{
var pr = await _PaymentRequestRepository.FindPaymentRequest(id, null);
await UpdatePaymentRequestStateIfNeeded(pr);
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PolicyRequirement requirement)
{
if (context.User.Identity.AuthenticationType != AuthenticationSchemes.Cookie)
{
return;
}
var userId = _userManager.GetUserId(context.User);
if (string.IsNullOrEmpty(userId))
{
return;
}
bool success = false;
var isAdmin = context.User.IsInRole(Roles.ServerAdmin);
AppData app = null;
StoreData store = null;
InvoiceEntity invoice = null;
PaymentRequestData paymentRequest = null;
string storeId;
var explicitResource = false;
if (context.Resource is string s)
{
explicitResource = true;
storeId = s;
}
else
{
storeId = _httpContext.GetImplicitStoreId();
}
var routeData = _httpContext.GetRouteData();
if (routeData != null)
{
// resolve from app
if (routeData.Values.TryGetValue("appId", out var vAppId) && vAppId is string appId)
{
app = await _appService.GetAppDataIfOwner(userId, appId);
if (storeId == null)
{
storeId = app?.StoreDataId ?? String.Empty;
}
else if (app?.StoreDataId != storeId)
{
app = null;
}
}
// resolve from payment request
if (routeData.Values.TryGetValue("payReqId", out var vPayReqId) && vPayReqId is string payReqId)
{
paymentRequest = await _paymentRequestRepository.FindPaymentRequest(payReqId, userId);
if (storeId == null)
{
storeId = paymentRequest?.StoreDataId ?? String.Empty;
}
else if (paymentRequest?.StoreDataId != storeId)
{
paymentRequest = null;
}
}
// resolve from invoice
if (routeData.Values.TryGetValue("invoiceId", out var vInvoiceId) && vInvoiceId is string invoiceId)
{
invoice = await _invoiceRepository.GetInvoice(invoiceId);
if (storeId == null)
{
storeId = invoice?.StoreId ?? String.Empty;
}
else if (invoice?.StoreId != storeId)
{
invoice = null;
}
}
}
// Fall back to user prefs cookie
if (storeId == null)
{
storeId = _httpContext.GetUserPrefsCookie()?.CurrentStoreId;
}
if (string.IsNullOrEmpty(storeId))
{
storeId = null;
}
if (storeId != null)
{
store = await _storeRepository.FindStore(storeId, userId);
}
switch (requirement.Policy)
{
case Policies.CanModifyServerSettings:
if (isAdmin)
{
success = true;
}
break;
case Policies.CanModifyStoreSettings:
if (store != null && (store.Role == StoreRoles.Owner))
{
success = true;
}
break;
case Policies.CanViewInvoices:
case Policies.CanViewStoreSettings:
case Policies.CanCreateInvoice:
if (store != null)
{
success = true;
}
break;
case Policies.CanViewProfile:
case Policies.CanViewNotificationsForUser:
case Policies.CanManageNotificationsForUser:
case Policies.CanModifyStoreSettingsUnscoped:
if (context.User != null)
{
success = true;
}
break;
}
if (success)
{
context.Succeed(requirement);
if (!explicitResource)
{
if (store != null)
{
_httpContext.SetStoreData(store);
// cache associated entities if present
if (app != null)
{
_httpContext.SetAppData(app);
}
if (invoice != null)
{
_httpContext.SetInvoiceData(invoice);
}
if (paymentRequest != null)
{
_httpContext.SetPaymentRequestData(paymentRequest);
}
}
}
}
}
