private async Task EnsureUserCanAccessOrder(HSOrder order, VerifiedUserContext verifiedUser)
{
/* ensures user has access to order through at least 1 of 3 methods
* 1) user submitted the order
* 2) user has access to all orders from the location of the billingAddressID
* 3) the order is awaiting approval and the user is in the approving group
*/
var isOrderSubmitter = order.FromUserID == verifiedUser.UserID;
if (isOrderSubmitter)
{
return;
}
var isUserInLocationOrderAccessGroup = await _locationPermissionCommand.IsUserInAccessGroup(order.BillingAddressID, UserGroupSuffix.ViewAllOrders.ToString(), verifiedUser);
if (isUserInLocationOrderAccessGroup)
{
return;
}
if(order.Status == OrderStatus.AwaitingApproval)
{
// logic assumes there is only one approving group per location
var isUserInApprovalGroup = await _locationPermissionCommand.IsUserInAccessGroup(order.BillingAddressID, UserGroupSuffix.OrderApprover.ToString(), verifiedUser);
if(isUserInApprovalGroup)
{
return;
}
}
// if function has not been exited yet we throw an insufficient access error
Require.That(false, new ErrorCode("Insufficient Access", 403, $"User cannot access order {order.ID}"));
}
private async Task <bool> HasBeenCapturedPreviouslyAsync(HSOrder order, HSPaymentTransaction transaction)
{
var inquire = await _cardConnect.Inquire(new CardConnectInquireRequest
{
merchid = transaction.xp.CardConnectResponse.merchid,
orderid = order.ID,
set = "1",
currency = order.xp.Currency.ToString(),
retref = transaction.xp.CardConnectResponse.retref
});
return(!string.IsNullOrEmpty(inquire.capturedate));
}
public ReportViewer(HSOrder lOrder, ObservableCollection <HSOrderItem> lOrderItems)
{
InitializeComponent();
Telerik.Reporting.InstanceReportSource reportSource = new Telerik.Reporting.InstanceReportSource();
reportSource.ReportDocument = new ReportModel.Invoice(lOrder, lOrderItems);
// Assigning the report to the report viewer.
DefaultViewer.ReportSource = reportSource;
this.Header = "Invoice Report";
}
private void OnPrintOrderCommandExecuted(object Order)
{
DataSource.Order lOrder = Order as DataSource.Order;
HSOrder lhsOrder = new HSOrder();
SunSeven.Reports.ReportViewer lRptViewer = new Reports.ReportViewer(lhsOrder, lhsOrder.OrderItems);
Window lWindows = Models.CommonFunction.GetApplicationWindow();
if (lWindows != null)
{
lRptViewer.Owner = lWindows;
}
lRptViewer.ShowDialog();
//open print dialog
//using (PrintDialog printDlg = new PrintDialog())
//{
// printDlg.AllowSomePages = true;
// printDlg.AllowCurrentPage = false;
// printDlg.UseEXDialog = true;
// if (System.Windows.Forms.DialogResult.OK == printDlg.ShowDialog())
// {
// ReportProcessor reportProcessor1 = new ReportProcessor();
// reportProcessor1.PrintReport(new SunSeven.Reports.ReportModel.rptInvoice(this, this.OrderItems), printDlg.PrinterSettings);
// }
//}
//Direct to default
//try
//{
// ReportProcessor reportProcessor = new ReportProcessor();
// reportProcessor.PrintReport(new SunSeven.Reports.ReportModel.rptInvoice(this, this.OrderItems), new PrinterSettings());
//}
//catch(Exception e)
//{
// MessageBox.Show(e.Message);
//}
}
private async Task CapturePaymentAsync(HSOrder order, HSPayment payment, HSPaymentTransaction transaction)
{
try
{
var response = await _cardConnect.Capture(new CardConnectCaptureRequest
{
merchid = transaction.xp.CardConnectResponse.merchid,
retref = transaction.xp.CardConnectResponse.retref,
currency = order.xp.Currency.ToString()
});
await _oc.Payments.CreateTransactionAsync(OrderDirection.Incoming, order.ID, payment.ID, CardConnectMapper.Map(payment, response));
}
catch (CardConnectInquireException ex)
{
throw new PaymentCaptureJobException("Error inquiring payment. Message: {ex.ApiError.Message}, ErrorCode: {ex.ApiError.ErrorCode}", order.ID, payment.ID, transaction.ID);
}
catch (CardConnectCaptureException ex)
{
await _oc.Payments.CreateTransactionAsync(OrderDirection.Incoming, order.ID, payment.ID, CardConnectMapper.Map(payment, ex.Response));
throw new PaymentCaptureJobException($"Error capturing payment. Message: {ex.ApiError.Message}, ErrorCode: {ex.ApiError.ErrorCode}", order.ID, payment.ID, transaction.ID);
}
}
public void LogVoidAuthorizationFailed(HSPayment payment, string transactionID, HSOrder order, CreditCardVoidException ex)
{
// track in app insights
// to find go to Transaction Search > Event Type = Event > Filter by any of these custom properties or event name "Payment.VoidAuthorizationFailed"
var customProperties = new Dictionary <string, string>
{
{ "Message", "Attempt to void authorization on payment failed" },
{ "OrderID", order.ID },
{ "BuyerID", order.FromCompanyID },
{ "UserEmail", order.FromUser.Email },
{ "PaymentID", payment.ID },
{ "TransactionID", transactionID },
{ "ErrorResponse", JsonConvert.SerializeObject(ex.ApiError, Formatting.Indented) }
};
_telemetry.TrackEvent("Payment.VoidAuthorizationFailed", customProperties);
}
public async Task VoidAuthorizationFailed(HSPayment payment, string transactionID, HSOrder order, CreditCardVoidException ex)
{
LogVoidAuthorizationFailed(payment, transactionID, order, ex);
await _sendgrid.EmailVoidAuthorizationFailedAsync(payment, transactionID, order, ex);
}
private async Task <IList <HSPayment> > DeleteStalePaymentsAsync(IList <HSPayment> requestedPayments, IList <HSPayment> existingPayments, HSOrder order, string userToken)
{
// requestedPayments represents the payments that should be on the order
// if there are any existing payments not reflected in requestedPayments then they should be deleted
foreach (var existingPayment in existingPayments.ToList())
{
if (!requestedPayments.Any(p => p.Type == existingPayment.Type))
{
if (existingPayment.Type == PaymentType.PurchaseOrder)
{
await _oc.Payments.DeleteAsync(OrderDirection.Incoming, order.ID, existingPayment.ID);
existingPayments.Remove(existingPayment);
}
if (existingPayment.Type == PaymentType.CreditCard)
{
await DeleteCreditCardPaymentAsync(existingPayment, order, userToken);
existingPayments.Remove(existingPayment);
}
else
{
await _oc.Payments.DeleteAsync(OrderDirection.Incoming, order.ID, existingPayment.ID);
existingPayments.Remove(existingPayment);
}
}
}
return(existingPayments);
}