class Public::OrdersController < ApplicationController
  layout "public"
  http_basic_authenticate_with name: "nico", password: "852321nb", only: :paid_force
  before_filter :check_paybox_integrity!, :only => [:e_trans_cancel, :e_trans_ipn, :e_trans_refuse,:e_trans_effectue]
  
  def billing
    
    @customer = current_customer
    @customer.force_address = true
  end
  
  def new
    
    if params[:credit_product_id]
      @credit_product = CreditProduct.find(params[:credit_product_id])
      @order = Order.new()
      session[:order] = @order
      session[:order].credit_product = @credit_product
      
      
      
    elsif session[:order]
      @order = Order.new(session[:order])
    else
      
    end
    if params[:with_com]
      @order.with_com = true
      
    elsif
      @order.with_com = false
      
    end
    @customer = current_customer
    @customer.force_address = true
    @order.customer = @customer
    
    if @order.billing_address?
    else
      render :action => :billing
    end
    
    
  end
  
  def create

    
    @order = Order.new session[:order]
    @customer = current_customer
    @order.customer = @customer
    @order.name = current_customer.name
    @order.firstname = current_customer.firstname
    @order.address = current_customer.address
    @order.address2 = current_customer.address2
    @order.cp = current_customer.cp
    @order.city = current_customer.city
    @order.country = current_customer.country
    @order.pro = current_customer.pro
    @order.organisation = current_customer.organisation
    
    
    @order.name = @order.credit_product.name
    @order.description = @order.credit_product.description
    @order.nbr_credits = @order.credit_product.nbr_credits_final(current_customer)
    @order.validity = @order.credit_product.validity
    @order.price_ht = @order.credit_product.price_ht_final(current_customer)
    @order.binary_points = @order.credit_product.binary_points_final(current_customer)
    @order.binary_percentage = @order.credit_product.binary_percentage
    
    @order.nbr_parts = @order.credit_product.nbr_parts_final(current_customer)
    
    @order.with_com = params[:with_com]
    
    if @order.with_com
      @order.com_amount = @order.evaluate_use_coms
      @order.amount_ht = @order.evaluate_price_with_coms_ht
      @order.amount_ttc = @order.evaluate_price_with_coms_ttc
    else

      @order.amount_ht = @order.credit_product.price_ht_final(current_customer)
      @order.amount_ttc = @order.credit_product.price_ttc_final(current_customer)
    end
    
    @order.cgv = params[:order][:cgv]
    @order.retractation = params[:order][:retractation]
    
    if @order.save
      
      #redirect_to paid_public_order_path(@order)
      if @order.with_com
        @commission = current_customer.commissions.new(:commission_type_id => 5, :amount => ((@order.com_amount)*(-1.0)))
        @order.commission = @commission
        @order.save
      end

      if @order.amount_ht ==  0
        @order.paid = true
        @order.paid_at = Time.now
        @order.payment_type_id = 3
  
        @order.save
        @order.after_paid(true)
  
        
      end

      

          
  	else
  		render :action => "new" 
  	end
    
    
  end

  def paid
    
    if Rails.env.development?
    
    @host_ts = "http://localhost:3000"
    @server_host = "https://preprod-tpeweb.e-transactions.fr/cgi/MYchoix_pagepaiement.cgi"
    @key = "a828b1a278581b8296aba818b9f3252f125a96ebe34d0f83fabd523dee60ca6dfed109c266d4b0a540ecc479c59c44846fe399756c267344f548e07e7a29f99f"
    
  elsif Rails.env.production? 
    @host_ts = "https://sideplace.com"
    @server_host = "https://tpeweb.e-transactions.fr/cgi/MYchoix_pagepaiement.cgi"
    @key = "11003ee0bd90d3adc4df6a7a8f80e804079c0630b87fc8ad6f504ac4655224fb990e4d043d7f605454a229b7dd937dcece3a4d4e7115f01d686ddb6856f925ab"
  end
    
    
    @order = current_customer.orders.find(params[:id])
    
    
    require "time"
    require "openssl"
    require "base64"
    require "rack"
    
    options = {
                  :site => "1351265", 
                  :rang => "01", 
                  :identifiant => "277631463",
                  :total => (@order.amount_ttc*100).to_i.to_s,
                  :devise => "978",
                  :cmd => @order.id.to_s+"-"+SecureRandom.hex(3).to_s,
                  :porteur => @order.customer.email,
                  :retour => "M:M;Ref:R;T:T;A:A;B:B;C:C;D:D;E:E;F:F;G:G;H:H;I:I;J:J;N:N;O:O;P:P;Q:Q;S:S;U:U;W:W;Y:Y;Z:Z;sign:K;",
                  :annule => "#{@host_ts}/public/orders/e_trans_cancel",
                  :effectue => "#{@host_ts}/public/orders/e_trans_effectue",
                  :refuse => "#{@host_ts}/public/orders/e_trans_refuse",
                  :repondre_a => "#{@host_ts}/public/orders/e_trans_ipn"

      
    }
    #Generation Hash + HMAC
      formatted_options = Hash[options.map { |k, v| ["PBX_#{k.to_s.upcase}", v] }]
      formatted_options["PBX_HASH"] = "SHA512"

      date_iso = Time.now.utc.iso8601
      formatted_options["PBX_TIME"] = date_iso

      base_params_query = formatted_options.to_a.map { |a| a.join("=") }.join("&")

      key = @key

      binary_key = [key].pack("H*")
      signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha512'),
                  binary_key, base_params_query).upcase

      formatted_options["PBX_HMAC"] = signature

      formatted_options
      @base_params_query = base_params_query
      
    @paybox_hash = formatted_options
    
  end
  
  def e_trans_cancel
    params[:order_id] =params[:Ref].split('-')[0] 
    @order = current_customer.orders.find(params[:order_id])
    @etrans_history = EtransHistory.create(
    :order => @order,
      :M => params[:M],
      :R => params[:Ref],
      :T => params[:T],
      :A => params[:A],
      :B => params[:B],
      :C => params[:C],
      :D => params[:D],
      :E => params[:E],
      :F => params[:F],
      :G => params[:G],
      :H  => params[:H],
      :I => params[:I],
      :J => params[:J],
      :K => params[:K],
      :N => params[:N],
      :O => params[:O],
      :P => params[:P],
      :Q => params[:Q],
      :S  => params[:S],
      :U  => params[:U],
      :W => params[:W],
      :Y => params[:Y],
      :Z  => params[:Z]
    )
  end
  
  def e_trans_refuse
    params[:order_id] =params[:Ref].split('-')[0] 
    @order = current_customer.orders.find(params[:order_id])
    @etrans_history = EtransHistory.create(
    :order => @order,
      :M => params[:M],
      :R => params[:Ref],
      :T => params[:T],
      :A => params[:A],
      :B => params[:B],
      :C => params[:C],
      :D => params[:D],
      :E => params[:E],
      :F => params[:F],
      :G => params[:G],
      :H  => params[:H],
      :I => params[:I],
      :J => params[:J],
      :K => params[:K],
      :N => params[:N],
      :O => params[:O],
      :P => params[:P],
      :Q => params[:Q],
      :S  => params[:S],
      :U  => params[:U],
      :W => params[:W],
      :Y => params[:Y],
      :Z  => params[:Z]
    )
    
  end
  
  def e_trans_ipn
    params[:order_id] =params[:Ref].split('-')[0] 
    @order = Order.find(params[:order_id])
    
    
    
    if !@order.paid and params[:E] == "00000"
      
      @etrans_history = EtransHistory.create(
      :order => @order,
        :M => params[:M],
        :R => params[:Ref],
        :T => params[:T],
        :A => params[:A],
        :B => params[:B],
        :C => params[:C],
        :D => params[:D],
        :E => params[:E],
        :F => params[:F],
        :G => params[:G],
        :H  => params[:H],
        :I => params[:I],
        :J => params[:J],
        :K => params[:K],
        :N => params[:N],
        :O => params[:O],
        :P => params[:P],
        :Q => params[:Q],
        :S  => params[:S],
        :U  => params[:U],
        :W => params[:W],
        :Y => params[:Y],
        :Z  => params[:Z]
      )
      
      @order.paid = true
      @order.paid_at = Time.now
      @order.payment_type_id = 2
  
      @order.save
      @order.after_paid
    end
    
    render :inline => "OK"
    

  end
  
  def e_trans_effectue
    params[:order_id] =params[:Ref].split('-')[0] 
    @order = current_customer.orders.find(params[:order_id])
    
    
    
    if !@order.paid and params[:E] == "00000"
      
      @etrans_history = EtransHistory.create(
      :order => @order,
        :M => params[:M],
        :R => params[:Ref],
        :T => params[:T],
        :A => params[:A],
        :B => params[:B],
        :C => params[:C],
        :D => params[:D],
        :E => params[:E],
        :F => params[:F],
        :G => params[:G],
        :H  => params[:H],
        :I => params[:I],
        :J => params[:J],
        :K => params[:K],
        :N => params[:N],
        :O => params[:O],
        :P => params[:P],
        :Q => params[:Q],
        :S  => params[:S],
        :U  => params[:U],
        :W => params[:W],
        :Y => params[:Y],
        :Z  => params[:Z]
      )
      
      @order.paid = true
      @order.paid_at = Time.now
      @order.payment_type_id = 2
  
      @order.save
      @order.after_paid
    end
    
  end
  
  
  def paid_force
    
      @order = current_customer.orders.find(params[:id])
      if !@order.paid
        @order.paid = true
        @order.paid_at = Time.now
        @order.payment_type_id = 1
  
        @order.save
        @order.after_paid(true)
      end
      
    redirect_to public_my_account_path
  
  end
  
  
  def bill_print
    @order = current_customer.orders.find(params[:id])
    
    render :layout => false
    
    
    
   
    
  end
  
  
  def bill_print_pdf
    @final_file = "#{Rails.root}/pdf/#{@order.bill_token}.pdf"
    
    
      view = ActionView::Base.new(Rails.root.join('app/views'))
      view.class.include ApplicationHelper
      view.class.include Rails.application.routes.url_helpers

      pdf = view.render( 
              :pdf => "#{@order.bill_token}",
              :template => "public/orders/bill_print.pdf.haml",  
              :margin =>  {   top:               0,                     # default 10 (mm)
                                          bottom:            0,
                                          left:              0,
                                          right:             0 },
              :locals => {:@order => @order})
                                          
      # then save to a file
      pdf = WickedPdf.new.pdf_from_string(pdf)

      save_path = @final_file
      File.open(save_path, 'wb') do |file|
      file << pdf
      end
      
      
      @data_to_send = File.open( @final_file).read
      
      send_data @data_to_send, :filename =>"facture.pdf" , :type => 'application/pdf',:disposition => (params[:inline] ? 'inline' : "attachment")
  end
  
  def bills
    @no_search = true
  end
  
  protected
  
  def check_paybox_integrity!
      
      render :inline => "Bad response" unless params[:sign].present?
      request_fullpath = request.fullpath

      request_params = request_fullpath[request_fullpath.index("?")+1..request_fullpath.index("&sign")-1]
      request_sign = request_fullpath[request_fullpath.index("&sign")+6..-1]

      digest = OpenSSL::Digest::SHA1.new
      public_key = OpenSSL::PKey::RSA.new(File.read(Rails.root.join('pubkey.pem')))

      @verif = public_key.verify(digest, Base64.decode64(Rack::Utils.unescape(request_sign)), request_params)
      
      if !@verif
        render :inline => "Bad integrity test"
      end
      
  end
  


end