Merge branch 'ipn' of github.com:zyphlar/Open-Source-Access-Control-Web-Interface into ipn

Gemfile

@@ -1,5 +1,7 @@
 source 'https://rubygems.org'
 
+#ruby '1.9.3'
+
 gem 'rails', '3.2.3'
 
 # Bundle edge Rails instead:
@@ -40,7 +42,7 @@ gem 'bcrypt-ruby', '~> 3.0.0'
 # gem 'capistrano'
 
 # To use debugger
-# gem 'ruby-debug'
+#gem 'debugger'
 
 #gem "paperclip", "~> 3.0"
 gem 'gravtastic'

app/assets/javascripts/ipn.js.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/

app/assets/stylesheets/application.css

@@ -12,3 +12,37 @@
  *= require_tree .
 */
 .caption { display: inline-block; background-color: #eee; border: 1px solid #333; border-radius: 5px; margin-bottom: 1em; }
+.btn {
+display: inline-block;
+padding: 4px 10px 4px;
+margin-bottom: 0;
+font-size: 13px;
+line-height: 18px;
+color: #333;
+text-align: center;
+text-decoration: none;
+text-shadow: 0 1px 1px rgba(255,255,255,.75);
+vertical-align: middle;
+background-color: #f5f5f5;
+background-image: -moz-linear-gradient(top, #fff, #e6e6e6);
+background-image: -ms-linear-gradient(top, #fff, #e6e6e6);
+background-image: -webkit-gradient(linear,0 0,0 100%,from( #fff),to( #e6e6e6));
+background-image: -webkit-linear-gradient(top, #fff, #e6e6e6);
+background-image: -o-linear-gradient(top, #fff, #e6e6e6);
+background-image: linear-gradient(top, #fff, #e6e6e6);
+background-repeat: repeat-x;
+filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#e6e6e6', GradientType=0);
+border-color: #e6e6e6 #e6e6e6 #bfbfbf;
+border-color: rgba(0,0,0,.1) rgba(0,0,0,.1) rgba(0,0,0,.25);
+filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
+border: 1px solid #ccc;
+border-bottom-color: #bbb;
+-webkit-border-radius: 4px;
+-moz-border-radius: 4px;
+border-radius: 4px;
+-webkit-box-shadow: inset 0 1px 0 rgba(255,255,255,.2),0 1px 2px rgba(0,0,0,.05);
+-moz-box-shadow: inset 0 1px 0 rgba(255,255,255,.2),0 1px 2px rgba(0,0,0,.05);
+box-shadow: inset 0 1px 0 rgba(255,255,255,.2),0 1px 2px rgba(0,0,0,.05);
+cursor: pointer;
+filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
+}

app/assets/stylesheets/ipn.css.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the Ipn controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/ipns_controller.rb

@@ -0,0 +1,54 @@
+class IpnsController < ApplicationController
+  load_and_authorize_resource :ipn, :except => [:new, :create]
+  before_filter :authenticate_user!, :except => [:new, :create]
+
+  protect_from_forgery :except => [:create]
+
+  def index
+    @ipns = Ipn.all
+  end
+
+  def show
+  end
+
+  def new
+  end
+
+  def create
+    @ipn = Ipn.new_from_dynamic_params(params)
+    @ipn.data = params.to_json
+    @ipn.save
+    render :nothing => true
+    #unless @ipn.validate!
+    #  Rails.logger.error "Unable to validate IPN: #{@ipn.inspect}"
+    #end
+  end
+
+  def import
+    @ipn = Ipn.new_from_dynamic_params(params)
+    @ipn.data = params.to_json
+    @ipn.save
+    redirect_to ipn_path(@ipn)
+    #unless @ipn.validate!
+    #  Rails.logger.error "Unable to validate IPN: #{@ipn.inspect}"
+    #end
+  end
+
+  def validate
+    if @ipn.validate!
+      redirect_to ipns_url, :notice => 'Valid!' 
+    else
+      redirect_to ipns_url, :notice => 'INVALID'
+    end
+  end
+
+  def link
+    result = @ipn.link_payment
+    if result.first
+      redirect_to ipns_url, :notice => 'Payment was successfully linked.' 
+    else
+      redirect_to ipns_url, :notice => result.last
+    end
+  end
+
+end

app/controllers/macs_controller.rb

@@ -1,5 +1,15 @@
 class MacsController < ApplicationController
-load_and_authorize_resource :mac, :except => [:index, :scan, :import]
+rescue_from CanCan::AccessDenied do |exception|
+  today = Date.today
+  event = Date.new(2013,9,1)
+
+  if today == event
+    redirect_to main_app.root_url, :alert => "CryptoParty today; no MAC scanning. Sorry, NSA!"
+  else
+    redirect_to main_app.root_url, :alert => "Nothing to see here!"
+  end
+end
+load_and_authorize_resource :mac
 load_and_authorize_resource :user, :through => :mac, :except => [:index, :show, :scan, :import]
 
 #require "active_record"

app/controllers/user_certifications_controller.rb

@@ -6,7 +6,7 @@ class UserCertificationsController < ApplicationController
 
   # Load users and certs based on current ability
   before_filter :only => [:new, :edit, :create, :update] do
-    @users = User.where(:hidden => false).accessible_by(current_ability).sort_by(&:name)
+    @users = User.where(:hidden => [false,nil]).accessible_by(current_ability).sort_by(&:name)
     @certifications = Certification.accessible_by(current_ability).sort_by(&:name)
   end
   

app/controllers/users_controller.rb

@@ -69,7 +69,7 @@ class UsersController < ApplicationController
   def create
     respond_to do |format|
       if @user.save
-        format.html { redirect_to users_url, :notice => 'User was successfully created.' }
+        format.html { redirect_to @user, :notice => 'User was successfully created.' }
         format.json { render :json => @user, :status => :created, :location => @user }
       else
         format.html { render :action => "new" }
@@ -83,7 +83,7 @@ class UsersController < ApplicationController
   def update
     respond_to do |format|
       if @user.update_attributes(params[:user])
-        format.html { redirect_to users_url, :notice => 'User was successfully updated.' }
+        format.html { redirect_to @user, :notice => 'User was successfully updated.' }
         format.json { head :no_content }
       else
         format.html { render :action => "edit" }

app/helpers/ipn_helper.rb

@@ -0,0 +1,2 @@
+module IpnHelper
+end

app/models/ability.rb

@@ -3,14 +3,20 @@ class Ability
 
   def initialize(user)
     # Anonymous can read mac
+    today = Date.today
+    event = Date.new(2013,9,1)
+    
+    unless today == event
       can :read, Mac
+      can :scan, Mac # Need anonymous so CRON can scan
+    end
 
     if !user.nil?
 
       # By default, users can only see their own stuff
       can :read, Card, :user_id => user.id
       can :read, Certification
-      can :read_details, Mac
+      can :read_details, Mac unless today == event
       can [:update], Mac, :user_id => nil
       can [:create,:update], Mac, :user_id => user.id
       can :read, User, :id => user.id #TODO: why can users update themselves?

app/models/card.rb

@@ -2,6 +2,7 @@ class Card < ActiveRecord::Base
   require 'open-uri'
 
   attr_accessible :id, :user_id, :name, :card_number, :card_permissions
+  validates_presence_of :user_id, :card_number, :card_permissions
   validates_uniqueness_of :id, :card_number
   belongs_to :user
 

app/models/ipn.rb

@@ -0,0 +1,86 @@
+require 'net/http'
+class Ipn < ActiveRecord::Base
+  attr_accessible :data
+  belongs_to :payment
+
+  after_create :create_payment
+
+  def self.new_from_dynamic_params(params)
+    ipn = Ipn.new()
+
+    ipn.attributes.each do |c|
+      unless params[c.first.to_sym].nil?
+        ipn[c.first.to_sym] = params[c.first.to_sym]
+      end
+    end
+
+    return ipn
+  end
+
+  # Post back to Paypal to make sure it's valid
+  def validate!
+    uri = URI.parse('https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate')
+
+    http = Net::HTTP.new(uri.host, uri.port)
+    http.open_timeout = 60
+    http.read_timeout = 60
+    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    http.use_ssl = true
+    response = http.post(uri.request_uri, self.data,
+                         'Content-Length' => "#{self.data.size}",
+                         'User-Agent' => "Ruby on Rails"
+                       ).body
+
+    unless ["VERIFIED", "INVALID"].include?(response)
+      Rails.logger.error "Faulty paypal result: #{response}"
+      return false
+    end
+    unless response == "VERIFIED"
+      Rails.logger.error "Invalid IPN: #{response}" 
+      return false
+    end
+
+    return true
+  end
+
+  def link_payment
+    create_payment
+  end
+
+  private
+  def create_payment
+    # find user by email, then by payee
+    user = User.find_by_email(self.payer_email)
+    user = User.find_by_payee(self.payer_email) if user.nil? && self.payer_email.present?
+
+    # Only create payments if the IPN matches a member
+    if user.present?
+      # And is a payment (not a cancellation, etc)
+      payment_types = ["subscr_payment","send_money"]
+      if payment_types.include?(self.txn_type)
+        # And a member level
+        if User.member_levels[self.payment_gross.to_i].present?
+          payment = Payment.new
+          payment.date = Date.strptime(self.payment_date, "%H:%M:%S %b %e, %Y %Z")
+          payment.user_id = user.id
+          payment.amount = self.payment_gross
+          if payment.save
+            self.payment_id = payment.id
+            self.save!
+          else
+            return [false, "Unable to link payment. Payment error: #{payment.errors.full_messages.first}"]
+          end
+        else
+          return [false, "Unable to link payment. Couldn't find membership level '#{self.payment_gross.to_i}'."]
+        end
+      else
+        return [false, "Unable to link payment. Transaction is a '#{self.txn_type}' instead of '#{payment_types.inspect}'."]
+      end
+    else
+      return [false, "Unable to link payment. Couldn't find user/payee '#{self.payer_email}'."]
+    end
+
+    return [true]
+  end
+
+end

app/models/payment.rb

@@ -1,10 +1,12 @@
 class Payment < ActiveRecord::Base
   belongs_to :user
-  attr_accessible :date, :user_id, :created_by
+  has_one :ipn
+  attr_accessible :date, :user_id, :created_by, :amount
 
-  validates_presence_of :user_id, :date, :created_by
+  validates_presence_of :user_id, :date, :amount # not created_by
   validates_uniqueness_of :date, :scope => :user_id, :message => ' of payment already exists for this user.' 
 
+
   def human_date
     if date.year < DateTime.now.year
       date.strftime("%b %e, %y")

app/models/user.rb

@@ -85,72 +85,80 @@ class User < ActiveRecord::Base
     end
   end
 
+  def self.member_levels
+    {25 => "Associate", 50 => "Basic", 75 => "Basic", 100 => "Plus"}
+  end
+
   def member_status
-    case self.member_level.to_i
+    results = member_status_calculation
-    when 0
+    return results[:rank]
-      if self.payments.count > 0 then
-       2
-      else
-       -1
-      end
-    when 1
-      1
-    when 10..24
-      10
-    when 25..999
-      if self.payments.count > 0 then
-        if self.payments.last.date < (DateTime.now - 45.days)
-          3
-        else
-          case self.member_level.to_i
-          when 25..49
-            25
-          when 50..99
-            50
-          when 100..999
-            100
-          end
-        end
-      else
-        return 0
-      end
-    end
   end
 
   def member_status_symbol
-    case self.member_level.to_i
+    results = member_status_calculation
-    when 0
+    return "<img src='/#{results[:icon]}#{results[:flair]}-coin.png' title='#{results[:message]}' />"
-      if self.payments.count > 0 then
-      "<span class='hoverinfo' title='Former Member (#{(DateTime.now - self.payments.last.date).to_i} days ago)'>:(</span>"
-      else
-      "<!-- Not a member -->"
-      end
-    when 1
-      "Unable"
-    when 10..24
-      "<span class='hoverinfo' title='Volunteer'>&#9684;</span>"
-    when 25..999
-      if self.payments.count > 0 then
-        if self.payments.last.date < (DateTime.now - 45.days) 
-          "<span class='hoverinfo' title='Recently Lapsed (#{(DateTime.now - self.payments.last.date).to_i} days ago)'>&#9676;</span>"
-        else
-          case self.member_level.to_i
-          when 25..49
-            "<span class='hoverinfo' title='#{member_level_string}'>&#9681;</span>"
-          when 50..99
-            "<span class='hoverinfo' title='#{member_level_string}'>&#9685;</span>"
-          when 100..999
-            "<span class='hoverinfo' title='#{member_level_string}'>&#9679;</span>"
-          end
-        end
-      else
-        "<span class='hoverinfo' title='No Payments'>?</span>"
-      end
-    end
   end
 
   private
 
+  def member_status_calculation
+    # Begin output buffer
+    message = ""
+    icon = ""
+    flair = ""
+    rank = 0
+
+    # First status item is level
+    case self.member_level.to_i
+    when 0..9
+      if self.payments.count > 0 then
+        message = "Former Member (#{(DateTime.now - self.payments.last.date).to_i} days ago)"
+        icon = :timeout
+        rank = 1
+      else
+        message = "Not a Member"
+        icon = :no
+        rank = 0
+      end
+    when 10..24
+      message = "Volunteer"
+      icon = :heart
+      rank = 101
+    when 25..49
+      message = member_level_string
+      icon = :copper
+      rank = 250
+    when 50..99
+      message = member_level_string
+      icon = :silver
+      rank = 500
+    when 100..999
+      message = member_level_string
+      icon = :gold
+      rank = 1000
+    end
+
+    # Second status item is payment status
+    case self.member_level.to_i
+    when 25..999
+      # There are payments
+      if self.payments.count > 0 then
+        # They're on time
+        if self.payments.last.date > (DateTime.now - 60.days) 
+          flair = "-paid"
+        else
+          message = "Last Payment #{(DateTime.now - self.payments.last.date).to_i/30} months ago"
+          rank = rank/10
+        end
+      else
+        message = "No Payments Recorded"
+        rank = rank/10
+      end
+    end
+
+    return {:message => message, :icon => icon, :flair => flair, :rank => rank}
+  end
+
   def send_new_user_email
     Rails.logger.info UserMailer.new_user_email(self).deliver
   end

app/models/user_certification.rb

@@ -1,16 +1,17 @@
 class UserCertification < ActiveRecord::Base
   attr_accessible :certification_id, :user_id
 
+  validates_presence_of :certification_id, :user_id
   validates_uniqueness_of :certification_id, :scope => :user_id, :message => 'already exists for this user.'  # Makes sure users don't get certified twice
 
   belongs_to :user
   belongs_to :certification
 
   def user_name
-    if user.blank?
+    if self.user.blank?
-      return "n/a (user ##{user_id} missing)"
+      ""
     else
-      return self.user.name 
+      self.user.name 
     end
   end
 end

app/views/cards/_form.html.erb

@@ -11,9 +11,10 @@
     </div>
   <% end %>
 
+  <% @card.user_id = params[:user] if params[:user].present? %>
   <div class="field">
     <%= f.label :user %><br />
-    <%= collection_select(:card, :user_id, User.all.sort_by(&:name), :id, :name) %>
+    <%= collection_select(:card, :user_id, User.all.sort_by(&:name), :id, :name, :include_blank => true) %>
   </div>
   <div class="field">
     <%= f.label :name, "Card Note" %><br />

app/views/certifications/show.html.erb

@@ -8,13 +8,10 @@
   <%= simple_format @certification.description %>
 </p>
 
+<p>
   <b>Certified Users:</b>
-<ul>
+  <%= link_to "Click Here", user_certifications_path %>
-  <% @certification_users.each do |user| %>
+</p>
-      <li><%= link_to user.name, user %></li>
-  <% end %>
-  <% if @certification_users.blank? then %><li>n/a</li><% end %>
-</ul>
 
 <% if can? :update, @certification %><%= link_to 'Edit', edit_certification_path(@certification) %> |<% end %>
 <%= link_to 'Back', certifications_path %>

app/views/ipns/index.html.erb

@@ -0,0 +1,33 @@
+<html><body>
+    <table>
+      <tr>
+        <th>Date</th>
+        <th>Name</th>
+        <th>Item</th>
+        <th>Amount</th>
+      </tr>
+    <% @ipns.reverse!.each do |ipn| %>
+      <tr>
+        <td><%= ipn.payment_date %></td>
+        <td><%= ipn.first_name %> <%= ipn.last_name %></td> 
+        <td><%= ipn.item_name %></td>
+        <td>
+          <% if ipn.payment_gross.blank? %>
+            <%= ipn.txn_type %>
+          <% else %>
+            <%= ipn.payment_gross %>
+          <% end %>
+        </td>
+        <td>
+          <% if ipn.payment.present? %>
+            <%= link_to "Linked Payment", ipn.payment %>
+          <% else %>
+            <%= link_to "Try to link email '#{ipn.payer_email}' at membership level '#{ipn.payment_gross.to_i}'", link_ipn_path(ipn) %>
+          <% end %>
+        </td>
+        <td><%= link_to "Details", ipn %></td>
+        <td><%= link_to "Validate", validate_ipn_path(ipn) %></td>
+      </tr>
+    <% end %>
+  </table>
+</body></html>

app/views/ipns/new.html.erb

@@ -0,0 +1,123 @@
+  <%= form_tag('/ipns') do |f| %>
+
+  <style type="text/css">
+    label { 
+      width: 10em;
+      display: inline-block;}
+  </style>
+
+  <div class="actions">
+    <%= submit_tag %>
+  </div>
+  <div class="field">
+    <%= label_tag :first_name %>
+    <%= text_field_tag :first_name, "John" %>
+  </div>
+  <div class="field">
+    <%= label_tag :last_name %>
+    <%= text_field_tag :last_name, "Smith" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payer_email %>
+    <%= text_field_tag :payer_email, "jsmith@example.com" %>
+  </div>
+  <div class="field">
+    <%= label_tag :item_name %>
+    <%= text_field_tag :item_name, "Associate Membership" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payment_gross %>
+    <%= text_field_tag :payment_gross, "25.00" %>
+  </div>
+  <div class="field">
+    <%= label_tag :transaction_subject %>
+    <%= text_field_tag :transaction_subject, "" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payment_date %>
+    <%= text_field_tag :payment_date, "20:46:54 Jun 20, 2013 PDT" %>
+  </div>
+  <div class="field">
+    <%= label_tag :txn_type %>
+    <%= text_field_tag :txn_type, "subscr_payment" %>
+  </div>
+  <div class="field">
+    <%= label_tag :subscr_id %>
+    <%= text_field_tag :subscr_id, "I-1234567890" %>
+  </div>
+  <div class="field">
+    <%= label_tag :residence_country %>
+    <%= text_field_tag :residence_country, "US" %>
+  </div>
+  <div class="field">
+    <%= label_tag :mc_currency %>
+    <%= text_field_tag :mc_currency, "USD" %>
+  </div>
+  <div class="field">
+    <%= label_tag :business %>
+    <%= text_field_tag :business, "hslfinances@gmail.com" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payment_type %>
+    <%= text_field_tag :payment_type, "instant" %>
+  </div>
+  <div class="field">
+    <%= label_tag :protection_eligibility %>
+    <%= text_field_tag :protection_eligibility, "Ineligible" %>
+  </div>
+  <div class="field">
+    <%= label_tag :verify_sign %>
+    <%= text_field_tag :verify_sign, "12ru9021j9f21j90fj1290fj2910fj0219fj0" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payer_status %>
+    <%= text_field_tag :payer_status, "verified" %>
+  </div>
+  <div class="field">
+    <%= label_tag :txn_id %>
+    <%= text_field_tag :txn_id, "1234567890" %>
+  </div>
+  <div class="field">
+    <%= label_tag :receiver_email %>
+    <%= text_field_tag :receiver_email, "hslfinances@gmail.com" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payer_id %>
+    <%= text_field_tag :payer_id, "V812314914" %>
+  </div>
+  <div class="field">
+    <%= label_tag :receiver_id %>
+    <%= text_field_tag :receiver_id, "V90R1280182" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payment_status %>
+    <%= text_field_tag :payment_status, "Completed" %>
+  </div>
+  <div class="field">
+    <%= label_tag :payment_fee %>
+    <%= text_field_tag :payment_fee, "0.85" %>
+  </div>
+  <div class="field">
+    <%= label_tag :mc_fee %>
+    <%= text_field_tag :mc_fee, "0.85" %>
+  </div>
+  <div class="field">
+    <%= label_tag :mc_gross %>
+    <%= text_field_tag :mc_gross, "25.00" %>
+  </div>
+  <div class="field">
+    <%= label_tag :charset %>
+    <%= text_field_tag :charset, "windows-1252" %>
+  </div>
+  <div class="field">
+    <%= label_tag :notify_version %>
+    <%= text_field_tag :notify_version, "3.7" %>
+  </div>
+  <div class="field">
+    <%= label_tag :ipn_track_id %>
+    <%= text_field_tag :ipn_track_id, "9d3d032d9070" %>
+  </div>
+  <div class="actions">
+    <%= submit_tag %>
+  </div>
+  <% end %>

app/views/ipns/show.html.erb

@@ -0,0 +1,18 @@
+<h2>IPN Details</h2>
+
+<% @ipn.attributes.except("data","payment_id").each do |attr| %>
+<p>
+  <b><%= attr.first.to_s %>:</b>
+  <%= @ipn.attributes[attr.first] %>
+</p>
+<% end %>
+<p>
+  <% if @ipn.payment.present? %>
+    <%= link_to "Linked Payment", @ipn.payment %>
+  <% else %>
+    <span class="alert">Couldn't link automatically. Please create payment manually or adjust the user account and try again to <%= link_to "link email '#{@ipn.payer_email}' at membership level '#{@ipn.payment_gross.to_i}'", link_ipn_path(@ipn) %>.</span>
+  <% end %>
+
+</p>
+
+<%= link_to "Back", ipns_path %>

app/views/layouts/application.html.erb

@@ -11,7 +11,7 @@
     <a href="/" title="Home"><img src="/assets/logo.png" id="logo" /></a>
     <%= link_to 'People', users_path if can? :read, User %>
     <%= link_to 'Access Cards', cards_path if can? :manage, Card %>
-    <% if can? :manage, UserCertification %>
+    <% if can? :create, UserCertification %>
       <%= link_to 'Cert Classes', certifications_path if can? :read, Certification %>
       <%= link_to 'User Certs', user_certifications_path if can? :create, UserCertification %>
     <% else %>

app/views/macs/scan.html.erb

@@ -1,5 +1,7 @@
 Scanning...
-<% @log.each do |log| %>
+<% if can? :read_details, Mac
+ @log.each do |log| %>
   <%= log.mac %> = 
   <%= log.ip %><br/>
-<% end %>
+<% end 
+end %>

app/views/payments/_form.html.erb

@@ -19,6 +19,10 @@
     <%= f.label :date, "Paid for month beginning" %><br />
     <%= f.date_select :date, :default => (DateTime.now - 1.month) %>
   </div>
+  <div class="field">
+    <%= f.label :amount %><br />
+    <%= f.number_field :amount %>
+  </div>
   <div class="actions">
     <%= f.submit %>
   </div>

app/views/payments/index.html.erb

@@ -6,6 +6,7 @@
   <tr>
     <th>User</th>
     <th>Paid for month <br/>beginning</th>
+    <th>Amount</th>
     <th></th>
     <th></th>
     <th></th>
@@ -15,6 +16,7 @@
   <tr>
     <td><%= link_to payment.user.name_with_payee_and_member_level, payment.user unless payment.user.blank? %></td>
     <td><%= payment.human_date %></td>
+    <td><%= payment.amount %></td>
     <td><%= link_to 'Details', payment %></td>
     <td><%= link_to 'Edit', edit_payment_path(payment) %></td>
   </tr>

app/views/payments/show.html.erb

@@ -1,6 +1,6 @@
 <p>
   <b>User:</b>
-  <%= @payment.user.name_with_payee_and_member_level unless @payment.user.blank? %>
+  <%= link_to @payment.user.name_with_payee_and_member_level, @payment.user unless @payment.user.blank? %>
 </p>
 
 <p>
@@ -8,9 +8,19 @@
   <%= @payment.date %>
 </p>
 
+<p>
+  <b>Amount:</b>
+  <%= @payment.amount %>
+</p>
+
 <p>
   <b>Last Modified by:</b>
-  <%= user = @users.find{|u| u.id == @payment.created_by}; link_to user.name, user unless user.blank? %>
+  <% user = @users.find{|u| u.id == @payment.created_by} %>
+  <% if user.blank? %>
+    n/a
+  <% else %>
+    <%= link_to user.name, user %>
+  <% end %>
 </p>
 
 <p>
@@ -23,6 +33,13 @@
   <%= @payment.updated_at %>
 </p>
 
+<% if @payment.ipn.present? %>
+  <p>
+    <%= link_to "Paid via PayPal", @payment.ipn %>
+  </p>
+<% end %>
+
+
 
 <%= link_to 'Edit', edit_payment_path(@payment) %> |
 <%= link_to 'Destroy', @payment, :confirm => 'Are you sure you want to destroy this payment?', :method => :delete if can? :destroy, @payment %> | 

app/views/user_certifications/_form.html.erb

@@ -11,13 +11,14 @@
     </div>
   <% end %>
 
+  <% @user_certification.user_id = params[:user] if params[:user].present? %>
   <div class="field">
     <%= f.label :user_id, "User" %><br />
-    <%= collection_select(:user_certification, :user_id, @users, :id, :name) %>
+    <%= collection_select(:user_certification, :user_id, @users, :id, :name, :include_blank => true) %>
   </div>
   <div class="field">
     <%= f.label :certification_id, "Certification" %><br />
-    <%= collection_select(:user_certification, :certification_id, @certifications, :id, :name) %>
+    <%= collection_select(:user_certification, :certification_id, @certifications, :id, :name, :include_blank => true) %>
   </div>
   <div class="actions">
     <%= f.submit %>

app/views/user_certifications/show.html.erb

@@ -1,6 +1,6 @@
 <p>
   <b>User:</b>
-  <%= @user_certification.user_name %>
+  <%= link_to @user_certification.user.name, @user_certification.user %>
 </p>
 
 <p>
@@ -14,12 +14,7 @@
 </p>
 
 <p>
-  <b>Updated:</b> by 
+  <b>Updated:</b> by <%= link_to @updated_by.name, @updated_by unless @updated_by.blank? %>
-  <% if @updated_by.blank? %>
-    #<%= @user_certification.updated_by ||= "nil" %>
-  <% else %>
-    <%= link_to @updated_by.name, @updated_by %>
-  <% end %>
   at <%= @user_certification.updated_at %> 
 </p>
 

app/views/users/show.html.erb

@@ -74,17 +74,19 @@
   </p>
 <% end %>
 <p>
-  <b>Card:</b>
+  <b>Card:  </b><%= link_to "+ Add", (new_card_path+"?user="+@user.id.to_s), :class => 'btn' if can? :create, Card %>
   <% if current_user.admin? then %>
+    <ul>
     <% @user.cards.each do |c| %>
-      <%= link_to c.card_number, c %><%= "," unless c == @user.cards.last %>
+      <li><%= link_to c.card_number, c %><%= "," unless c == @user.cards.last %></li>
     <% end %>
+    </ul>
   <% else %>
     <%= unless @user.cards.blank? then raw("&#x2713;") end %>
   <% end %>
 </p>
 
-<b>Certifications:</b>
+<b>Certifications:  </b><%= link_to "+ Add", (new_user_certification_path+"?user="+@user.id.to_s), :class => 'btn' if can? :create, UserCertification %>
 <ul>
   <% @user.certifications.each do |certification| %>
     <li><%= link_to certification.name, certification %></li>

config/routes.rb

@@ -1,4 +1,8 @@
 Dooraccess::Application.routes.draw do
+  match 'ipns/import' => 'ipns#import', :as => :import_ipn
+  resources :ipns
+  match 'ipns/:id/link' => 'ipns#link', :as => :link_ipn
+  match 'ipns/:id/validate' => 'ipns#validate', :as => :validate_ipn
 
   resources :payments
 

db/migrate/20130824062334_create_ipns.rb

@@ -0,0 +1,24 @@
+class CreateIpns < ActiveRecord::Migration
+  def change
+    create_table :ipns do |t|
+      t.integer :payment_id
+      t.text :data
+      t.string :txn_id
+      t.string :txn_type
+      t.string :first_name
+      t.string :last_name
+      t.string :payer_business_name
+      t.string :payer_email
+      t.string :payer_id
+      t.string :auth_amount
+      t.string :payment_date
+      t.string :payment_fee
+      t.string :payment_gross
+      t.string :payment_status
+      t.string :item_name
+      t.string :payment_type
+
+      t.timestamps
+    end
+  end
+end

db/migrate/20130824072157_add_amount_to_payments.rb

@@ -0,0 +1,5 @@
+class AddAmountToPayments < ActiveRecord::Migration
+  def change
+    add_column :payments, :amount, :decimal
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20130212083412) do
+ActiveRecord::Schema.define(:version => 20130824072157) do
 
   create_table "cards", :force => true do |t|
     t.string   "card_number"
@@ -35,6 +35,27 @@ ActiveRecord::Schema.define(:version => 20130212083412) do
     t.datetime "updated_at", :null => false
   end
 
+  create_table "ipns", :force => true do |t|
+    t.integer  "payment_id"
+    t.text     "data"
+    t.string   "txn_id"
+    t.string   "txn_type"
+    t.string   "first_name"
+    t.string   "last_name"
+    t.string   "payer_business_name"
+    t.string   "payer_email"
+    t.string   "payer_id"
+    t.string   "auth_amount"
+    t.string   "payment_date"
+    t.string   "payment_fee"
+    t.string   "payment_gross"
+    t.string   "payment_status"
+    t.string   "item_name"
+    t.string   "payment_type"
+    t.datetime "created_at",          :null => false
+    t.datetime "updated_at",          :null => false
+  end
+
   create_table "mac_logs", :force => true do |t|
     t.string   "mac"
     t.string   "ip"
@@ -64,6 +85,7 @@ ActiveRecord::Schema.define(:version => 20130212083412) do
     t.datetime "created_at", :null => false
     t.datetime "updated_at", :null => false
     t.integer  "created_by"
+    t.decimal  "amount"
   end
 
   add_index "payments", ["user_id"], :name => "index_payments_on_user_id"

test/fixtures/ipns.yml

@@ -0,0 +1,7 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  data: MyText
+
+two:
+  data: MyText

test/functional/ipn_controller_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class IpnControllerTest < ActionController::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end

test/unit/helpers/ipn_helper_test.rb

@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class IpnHelperTest < ActionView::TestCase
+end

test/unit/ipn_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class IpnTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end