1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Paypal
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Abstract Express Checkout Controller
 29:  */
 30: abstract class Mage_Paypal_Controller_Express_Abstract extends Mage_Core_Controller_Front_Action
 31: {
 32:     /**
 33:      * @var Mage_Paypal_Model_Express_Checkout
 34:      */
 35:     protected $_checkout = null;
 36: 
 37:     /**
 38:      * @var Mage_Paypal_Model_Config
 39:      */
 40:     protected $_config = null;
 41: 
 42:     /**
 43:      * @var Mage_Sales_Model_Quote
 44:      */
 45:     protected $_quote = false;
 46: 
 47:     /**
 48:      * Instantiate config
 49:      */
 50:     protected function _construct()
 51:     {
 52:         parent::_construct();
 53:         $this->_config = Mage::getModel($this->_configType, array($this->_configMethod));
 54:     }
 55: 
 56:     /**
 57:      * Start Express Checkout by requesting initial token and dispatching customer to PayPal
 58:      */
 59:     public function startAction()
 60:     {
 61:         try {
 62:             $this->_initCheckout();
 63: 
 64:             if ($this->_getQuote()->getIsMultiShipping()) {
 65:                 $this->_getQuote()->setIsMultiShipping(false);
 66:                 $this->_getQuote()->removeAllAddresses();
 67:             }
 68: 
 69:             $customer = Mage::getSingleton('customer/session')->getCustomer();
 70:             if ($customer && $customer->getId()) {
 71:                 $this->_checkout->setCustomerWithAddressChange(
 72:                     $customer, $this->_getQuote()->getBillingAddress(), $this->_getQuote()->getShippingAddress()
 73:                 );
 74:             }
 75: 
 76:             // billing agreement
 77:             $isBARequested = (bool)$this->getRequest()
 78:                 ->getParam(Mage_Paypal_Model_Express_Checkout::PAYMENT_INFO_TRANSPORT_BILLING_AGREEMENT);
 79:             if ($customer && $customer->getId()) {
 80:                 $this->_checkout->setIsBillingAgreementRequested($isBARequested);
 81:             }
 82: 
 83:             // giropay
 84:             $this->_checkout->prepareGiropayUrls(
 85:                 Mage::getUrl('checkout/onepage/success'),
 86:                 Mage::getUrl('paypal/express/cancel'),
 87:                 Mage::getUrl('checkout/onepage/success')
 88:             );
 89: 
 90:             $token = $this->_checkout->start(Mage::getUrl('*/*/return'), Mage::getUrl('*/*/cancel'));
 91:             if ($token && $url = $this->_checkout->getRedirectUrl()) {
 92:                 $this->_initToken($token);
 93:                 $this->getResponse()->setRedirect($url);
 94:                 return;
 95:             }
 96:         } catch (Mage_Core_Exception $e) {
 97:             $this->_getCheckoutSession()->addError($e->getMessage());
 98:         } catch (Exception $e) {
 99:             $this->_getCheckoutSession()->addError($this->__('Unable to start Express Checkout.'));
100:             Mage::logException($e);
101:         }
102: 
103:         $this->_redirect('checkout/cart');
104:     }
105: 
106:     /**
107:      * Return shipping options items for shipping address from request
108:      */
109:     public function shippingOptionsCallbackAction()
110:     {
111:         try {
112:             $quoteId = $this->getRequest()->getParam('quote_id');
113:             $this->_quote = Mage::getModel('sales/quote')->load($quoteId);
114:             $this->_initCheckout();
115:             $response = $this->_checkout->getShippingOptionsCallbackResponse($this->getRequest()->getParams());
116:             $this->getResponse()->setBody($response);
117:         } catch (Exception $e) {
118:             Mage::logException($e);
119:         }
120:     }
121: 
122:     /**
123:      * Cancel Express Checkout
124:      */
125:     public function cancelAction()
126:     {
127:         try {
128:             $this->_initToken(false);
129:             // TODO verify if this logic of order cancelation is deprecated
130:             // if there is an order - cancel it
131:             $orderId = $this->_getCheckoutSession()->getLastOrderId();
132:             $order = ($orderId) ? Mage::getModel('sales/order')->load($orderId) : false;
133:             if ($order && $order->getId() && $order->getQuoteId() == $this->_getCheckoutSession()->getQuoteId()) {
134:                 $order->cancel()->save();
135:                 $this->_getCheckoutSession()
136:                     ->unsLastQuoteId()
137:                     ->unsLastSuccessQuoteId()
138:                     ->unsLastOrderId()
139:                     ->unsLastRealOrderId()
140:                     ->addSuccess($this->__('Express Checkout and Order have been canceled.'))
141:                 ;
142:             } else {
143:                 $this->_getCheckoutSession()->addSuccess($this->__('Express Checkout has been canceled.'));
144:             }
145:         } catch (Mage_Core_Exception $e) {
146:             $this->_getCheckoutSession()->addError($e->getMessage());
147:         } catch (Exception $e) {
148:             $this->_getCheckoutSession()->addError($this->__('Unable to cancel Express Checkout.'));
149:             Mage::logException($e);
150:         }
151: 
152:         $this->_redirect('checkout/cart');
153:     }
154: 
155:     /**
156:      * Return from PayPal and dispatch customer to order review page
157:      */
158:     public function returnAction()
159:     {
160:         try {
161:             $this->_initCheckout();
162:             $this->_checkout->returnFromPaypal($this->_initToken());
163:             $this->_redirect('*/*/review');
164:             return;
165:         }
166:         catch (Mage_Core_Exception $e) {
167:             Mage::getSingleton('checkout/session')->addError($e->getMessage());
168:         }
169:         catch (Exception $e) {
170:             Mage::getSingleton('checkout/session')->addError($this->__('Unable to process Express Checkout approval.'));
171:             Mage::logException($e);
172:         }
173:         $this->_redirect('checkout/cart');
174:     }
175: 
176:     /**
177:      * Review order after returning from PayPal
178:      */
179:     public function reviewAction()
180:     {
181:         try {
182:             $this->_initCheckout();
183:             $this->_checkout->prepareOrderReview($this->_initToken());
184:             $this->loadLayout();
185:             $this->_initLayoutMessages('paypal/session');
186:             $reviewBlock = $this->getLayout()->getBlock('paypal.express.review');
187:             $reviewBlock->setQuote($this->_getQuote());
188:             $reviewBlock->getChild('details')->setQuote($this->_getQuote());
189:             if ($reviewBlock->getChild('shipping_method')) {
190:                 $reviewBlock->getChild('shipping_method')->setQuote($this->_getQuote());
191:             }
192:             $this->renderLayout();
193:             return;
194:         }
195:         catch (Mage_Core_Exception $e) {
196:             Mage::getSingleton('checkout/session')->addError($e->getMessage());
197:         }
198:         catch (Exception $e) {
199:             Mage::getSingleton('checkout/session')->addError(
200:                 $this->__('Unable to initialize Express Checkout review.')
201:             );
202:             Mage::logException($e);
203:         }
204:         $this->_redirect('checkout/cart');
205:     }
206: 
207:     /**
208:      * Dispatch customer back to PayPal for editing payment information
209:      */
210:     public function editAction()
211:     {
212:         try {
213:             $this->getResponse()->setRedirect($this->_config->getExpressCheckoutEditUrl($this->_initToken()));
214:         }
215:         catch (Mage_Core_Exception $e) {
216:             $this->_getSession()->addError($e->getMessage());
217:             $this->_redirect('*/*/review');
218:         }
219:     }
220: 
221:     /**
222:      * Update shipping method (combined action for ajax and regular request)
223:      */
224:     public function saveShippingMethodAction()
225:     {
226:         try {
227:             $isAjax = $this->getRequest()->getParam('isAjax');
228:             $this->_initCheckout();
229:             $this->_checkout->updateShippingMethod($this->getRequest()->getParam('shipping_method'));
230:             if ($isAjax) {
231:                 $this->loadLayout('paypal_express_review_details');
232:                 $this->getResponse()->setBody($this->getLayout()->getBlock('root')
233:                     ->setQuote($this->_getQuote())
234:                     ->toHtml());
235:                 return;
236:             }
237:         } catch (Mage_Core_Exception $e) {
238:             $this->_getSession()->addError($e->getMessage());
239:         } catch (Exception $e) {
240:             $this->_getSession()->addError($this->__('Unable to update shipping method.'));
241:             Mage::logException($e);
242:         }
243:         if ($isAjax) {
244:             $this->getResponse()->setBody('<script type="text/javascript">window.location.href = '
245:                 . Mage::getUrl('*/*/review') . ';</script>');
246:         } else {
247:             $this->_redirect('*/*/review');
248:         }
249:     }
250: 
251:     /**
252:      * Update Order (combined action for ajax and regular request)
253:      */
254:     public function updateShippingMethodsAction()
255:     {
256:         try {
257:             $this->_initCheckout();
258:             $this->_checkout->prepareOrderReview($this->_initToken());
259:             $this->loadLayout('paypal_express_review');
260: 
261:             $this->getResponse()->setBody($this->getLayout()->getBlock('express.review.shipping.method')
262:                 ->setQuote($this->_getQuote())
263:                 ->toHtml());
264:             return;
265:         } catch (Mage_Core_Exception $e) {
266:             $this->_getSession()->addError($e->getMessage());
267:         } catch (Exception $e) {
268:             $this->_getSession()->addError($this->__('Unable to update Order data.'));
269:             Mage::logException($e);
270:         }
271:         $this->getResponse()->setBody('<script type="text/javascript">window.location.href = '
272:             . Mage::getUrl('*/*/review') . ';</script>');
273:     }
274: 
275:     /**
276:      * Update Order (combined action for ajax and regular request)
277:      */
278:     public function updateOrderAction()
279:     {
280:         try {
281:             $isAjax = $this->getRequest()->getParam('isAjax');
282:             $this->_initCheckout();
283:             $this->_checkout->updateOrder($this->getRequest()->getParams());
284:             if ($isAjax) {
285:                 $this->loadLayout('paypal_express_review_details');
286:                 $this->getResponse()->setBody($this->getLayout()->getBlock('root')
287:                     ->setQuote($this->_getQuote())
288:                     ->toHtml());
289:                 return;
290:             }
291:         } catch (Mage_Core_Exception $e) {
292:             $this->_getSession()->addError($e->getMessage());
293:         } catch (Exception $e) {
294:             $this->_getSession()->addError($this->__('Unable to update Order data.'));
295:             Mage::logException($e);
296:         }
297:         if ($isAjax) {
298:             $this->getResponse()->setBody('<script type="text/javascript">window.location.href = '
299:                 . Mage::getUrl('*/*/review') . ';</script>');
300:         } else {
301:             $this->_redirect('*/*/review');
302:         }
303:     }
304: 
305:     /**
306:      * Submit the order
307:      */
308:     public function placeOrderAction()
309:     {
310:         try {
311:             $requiredAgreements = Mage::helper('checkout')->getRequiredAgreementIds();
312:             if ($requiredAgreements) {
313:                 $postedAgreements = array_keys($this->getRequest()->getPost('agreement', array()));
314:                 if (array_diff($requiredAgreements, $postedAgreements)) {
315:                     Mage::throwException(Mage::helper('paypal')->__('Please agree to all the terms and conditions before placing the order.'));
316:                 }
317:             }
318: 
319:             $this->_initCheckout();
320:             $this->_checkout->place($this->_initToken());
321: 
322:             // prepare session to success or cancellation page
323:             $session = $this->_getCheckoutSession();
324:             $session->clearHelperData();
325: 
326:             // "last successful quote"
327:             $quoteId = $this->_getQuote()->getId();
328:             $session->setLastQuoteId($quoteId)->setLastSuccessQuoteId($quoteId);
329: 
330:             // an order may be created
331:             $order = $this->_checkout->getOrder();
332:             if ($order) {
333:                 $session->setLastOrderId($order->getId())
334:                     ->setLastRealOrderId($order->getIncrementId());
335:                 // as well a billing agreement can be created
336:                 $agreement = $this->_checkout->getBillingAgreement();
337:                 if ($agreement) {
338:                     $session->setLastBillingAgreementId($agreement->getId());
339:                 }
340:             }
341: 
342:             // recurring profiles may be created along with the order or without it
343:             $profiles = $this->_checkout->getRecurringPaymentProfiles();
344:             if ($profiles) {
345:                 $ids = array();
346:                 foreach($profiles as $profile) {
347:                     $ids[] = $profile->getId();
348:                 }
349:                 $session->setLastRecurringProfileIds($ids);
350:             }
351: 
352:             // redirect if PayPal specified some URL (for example, to Giropay bank)
353:             $url = $this->_checkout->getRedirectUrl();
354:             if ($url) {
355:                 $this->getResponse()->setRedirect($url);
356:                 return;
357:             }
358:             $this->_initToken(false); // no need in token anymore
359:             $this->_redirect('checkout/onepage/success');
360:             return;
361:         }
362:         catch (Mage_Core_Exception $e) {
363:             $this->_getSession()->addError($e->getMessage());
364:         }
365:         catch (Exception $e) {
366:             $this->_getSession()->addError($this->__('Unable to place the order.'));
367:             Mage::logException($e);
368:         }
369:         $this->_redirect('*/*/review');
370:     }
371: 
372:     /**
373:      * Instantiate quote and checkout
374:      * @throws Mage_Core_Exception
375:      */
376:     private function _initCheckout()
377:     {
378:         $quote = $this->_getQuote();
379:         if (!$quote->hasItems() || $quote->getHasError()) {
380:             $this->getResponse()->setHeader('HTTP/1.1','403 Forbidden');
381:             Mage::throwException(Mage::helper('paypal')->__('Unable to initialize Express Checkout.'));
382:         }
383:         $this->_checkout = Mage::getSingleton($this->_checkoutType, array(
384:             'config' => $this->_config,
385:             'quote'  => $quote,
386:         ));
387:     }
388: 
389:     /**
390:      * Search for proper checkout token in request or session or (un)set specified one
391:      * Combined getter/setter
392:      *
393:      * @param string $setToken
394:      * @return Mage_Paypal_ExpressController|string
395:      */
396:     protected function _initToken($setToken = null)
397:     {
398:         if (null !== $setToken) {
399:             if (false === $setToken) {
400:                 // security measure for avoid unsetting token twice
401:                 if (!$this->_getSession()->getExpressCheckoutToken()) {
402:                     Mage::throwException($this->__('PayPal Express Checkout Token does not exist.'));
403:                 }
404:                 $this->_getSession()->unsExpressCheckoutToken();
405:             } else {
406:                 $this->_getSession()->setExpressCheckoutToken($setToken);
407:             }
408:             return $this;
409:         }
410:         if ($setToken = $this->getRequest()->getParam('token')) {
411:             if ($setToken !== $this->_getSession()->getExpressCheckoutToken()) {
412:                 Mage::throwException($this->__('Wrong PayPal Express Checkout Token specified.'));
413:             }
414:         } else {
415:             $setToken = $this->_getSession()->getExpressCheckoutToken();
416:         }
417:         return $setToken;
418:     }
419: 
420:     /**
421:      * PayPal session instance getter
422:      *
423:      * @return Mage_PayPal_Model_Session
424:      */
425:     private function _getSession()
426:     {
427:         return Mage::getSingleton('paypal/session');
428:     }
429: 
430:     /**
431:      * Return checkout session object
432:      *
433:      * @return Mage_Checkout_Model_Session
434:      */
435:     private function _getCheckoutSession()
436:     {
437:         return Mage::getSingleton('checkout/session');
438:     }
439: 
440:     /**
441:      * Return checkout quote object
442:      *
443:      * @return Mage_Sale_Model_Quote
444:      */
445:     private function _getQuote()
446:     {
447:         if (!$this->_quote) {
448:             $this->_quote = $this->_getCheckoutSession()->getQuote();
449:         }
450:         return $this->_quote;
451:     }
452: 
453:     /**
454:      * Redirect to login page
455:      *
456:      */
457:     public function redirectLogin()
458:     {
459:         $this->setFlag('', 'no-dispatch', true);
460:         $this->getResponse()->setRedirect(
461:             Mage::helper('core/url')->addRequestParam(
462:                 Mage::helper('customer')->getLoginUrl(),
463:                 array('context' => 'checkout')
464:             )
465:         );
466:     }
467: }
468: