/*
* Copyright 2010-2013 Ning, Inc.
* Copyright 2014 Groupon, Inc
* Copyright 2014 The Billing Project, LLC
*
* The Billing Project licenses this file to you under the Apache License, version 2.0
* (the "License"); you may not use this file except in compliance with the
* License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package org.killbill.billing.jaxrs.resources;
import java.math.BigDecimal;
import java.net.URI;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriInfo;
import org.killbill.billing.ObjectType;
import org.killbill.billing.account.api.Account;
import org.killbill.billing.account.api.AccountApiException;
import org.killbill.billing.account.api.AccountUserApi;
import org.killbill.billing.invoice.api.InvoiceApiException;
import org.killbill.billing.invoice.api.InvoicePayment;
import org.killbill.billing.invoice.api.InvoicePaymentApi;
import org.killbill.billing.jaxrs.json.ChargebackJson;
import org.killbill.billing.jaxrs.json.CustomFieldJson;
import org.killbill.billing.jaxrs.json.HostedPaymentPageFieldsJson;
import org.killbill.billing.jaxrs.json.InvoiceItemJson;
import org.killbill.billing.jaxrs.json.PaymentJson;
import org.killbill.billing.jaxrs.json.RefundJson;
import org.killbill.billing.jaxrs.util.Context;
import org.killbill.billing.jaxrs.util.JaxrsUriBuilder;
import org.killbill.billing.payment.api.DirectPaymentApi;
import org.killbill.billing.payment.api.Payment;
import org.killbill.billing.payment.api.PaymentApi;
import org.killbill.billing.payment.api.PaymentApiException;
import org.killbill.billing.payment.api.Refund;
import org.killbill.billing.util.api.AuditUserApi;
import org.killbill.billing.util.api.CustomFieldApiException;
import org.killbill.billing.util.api.CustomFieldUserApi;
import org.killbill.billing.util.api.TagApiException;
import org.killbill.billing.util.api.TagDefinitionApiException;
import org.killbill.billing.util.api.TagUserApi;
import org.killbill.billing.util.audit.AccountAuditLogs;
import org.killbill.billing.util.callcontext.CallContext;
import org.killbill.billing.util.callcontext.TenantContext;
import org.killbill.billing.util.entity.Pagination;
import org.killbill.clock.Clock;
import com.google.common.base.Function;
import com.google.common.base.Strings;
import com.google.common.collect.Collections2;
import com.google.common.collect.ImmutableMap;
import com.google.inject.Inject;
import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
import static javax.ws.rs.core.MediaType.WILDCARD;
@Path(JaxrsResource.PAYMENTS_PATH)
public class PaymentResource extends JaxRsResourceBase {
private static final String ID_PARAM_NAME = "paymentId";
private final PaymentApi paymentApi;
private final InvoicePaymentApi invoicePaymentApi;
@Inject
public PaymentResource(final AccountUserApi accountUserApi,
final PaymentApi paymentApi,
final InvoicePaymentApi invoicePaymentApi,
final DirectPaymentApi directPaymentApi,
final JaxrsUriBuilder uriBuilder,
final TagUserApi tagUserApi,
final CustomFieldUserApi customFieldUserApi,
final AuditUserApi auditUserApi,
final Clock clock,
final Context context) {
super(uriBuilder, tagUserApi, customFieldUserApi, auditUserApi, accountUserApi, clock, context);
this.paymentApi = paymentApi;
this.invoicePaymentApi = invoicePaymentApi;
}
@GET
@Path("/{paymentId:" + UUID_PATTERN + "}")
@Produces(APPLICATION_JSON)
public Response getPayment(@PathParam(ID_PARAM_NAME) final String paymentIdString,
@QueryParam(QUERY_PAYMENT_WITH_REFUNDS_AND_CHARGEBACKS) @DefaultValue("false") final Boolean withRefundsAndChargebacks,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException {
final TenantContext tenantContext = context.createContext(request);
final UUID paymentId = UUID.fromString(paymentIdString);
final Payment payment = paymentApi.getPayment(paymentId, false, pluginProperties, tenantContext);
final PaymentJson paymentJson;
if (withRefundsAndChargebacks) {
final List<RefundJson> refunds = new ArrayList<RefundJson>();
for (final Refund refund : paymentApi.getPaymentRefunds(paymentId, tenantContext)) {
refunds.add(new RefundJson(refund));
}
final List<ChargebackJson> chargebacks = new ArrayList<ChargebackJson>();
for (final InvoicePayment chargeback : invoicePaymentApi.getChargebacksByPaymentId(paymentId, tenantContext)) {
chargebacks.add(new ChargebackJson(payment.getAccountId(), chargeback));
}
paymentJson = new PaymentJson(payment,
null, // TODO - the keys are really only used for the timeline
refunds,
chargebacks);
} else {
paymentJson = new PaymentJson(payment, null);
}
return Response.status(Status.OK).entity(paymentJson).build();
}
@GET
@Path("/" + PAGINATION)
@Produces(APPLICATION_JSON)
public Response getPayments(@QueryParam(QUERY_SEARCH_OFFSET) @DefaultValue("0") final Long offset,
@QueryParam(QUERY_SEARCH_LIMIT) @DefaultValue("100") final Long limit,
@QueryParam(QUERY_PAYMENT_PLUGIN_NAME) final String pluginName,
@QueryParam(QUERY_AUDIT) @DefaultValue("NONE") final AuditMode auditMode,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException {
final TenantContext tenantContext = context.createContext(request);
final Pagination<Payment> payments;
if (Strings.isNullOrEmpty(pluginName)) {
payments = paymentApi.getPayments(offset, limit, pluginProperties, tenantContext);
} else {
payments = paymentApi.getPayments(offset, limit, pluginName, pluginProperties, tenantContext);
}
final URI nextPageUri = uriBuilder.nextPage(PaymentResource.class, "getPayments", payments.getNextOffset(), limit, ImmutableMap.<String, String>of(QUERY_PAYMENT_METHOD_PLUGIN_NAME, Strings.nullToEmpty(pluginName),
QUERY_AUDIT, auditMode.getLevel().toString()));
final AtomicReference<Map<UUID, AccountAuditLogs>> accountsAuditLogs = new AtomicReference<Map<UUID, AccountAuditLogs>>(new HashMap<UUID, AccountAuditLogs>());
return buildStreamingPaginationResponse(payments,
new Function<Payment, PaymentJson>() {
@Override
public PaymentJson apply(final Payment payment) {
// Cache audit logs per account
if (accountsAuditLogs.get().get(payment.getAccountId()) == null) {
accountsAuditLogs.get().put(payment.getAccountId(), auditUserApi.getAccountAuditLogs(payment.getAccountId(), auditMode.getLevel(), tenantContext));
}
return new PaymentJson(payment, accountsAuditLogs.get().get(payment.getAccountId()).getAuditLogsForPayment(payment.getId()));
}
},
nextPageUri
);
}
@GET
@Path("/" + SEARCH + "/{searchKey:" + ANYTHING_PATTERN + "}")
@Produces(APPLICATION_JSON)
public Response searchPayments(@PathParam("searchKey") final String searchKey,
@QueryParam(QUERY_SEARCH_OFFSET) @DefaultValue("0") final Long offset,
@QueryParam(QUERY_SEARCH_LIMIT) @DefaultValue("100") final Long limit,
@QueryParam(QUERY_PAYMENT_PLUGIN_NAME) final String pluginName,
@QueryParam(QUERY_AUDIT) @DefaultValue("NONE") final AuditMode auditMode,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException {
final TenantContext tenantContext = context.createContext(request);
// Search the plugin(s)
final Pagination<Payment> payments;
if (Strings.isNullOrEmpty(pluginName)) {
payments = paymentApi.searchPayments(searchKey, offset, limit, pluginProperties, tenantContext);
} else {
payments = paymentApi.searchPayments(searchKey, offset, limit, pluginName, pluginProperties, tenantContext);
}
final URI nextPageUri = uriBuilder.nextPage(PaymentResource.class, "searchPayments", payments.getNextOffset(), limit, ImmutableMap.<String, String>of("searchKey", searchKey,
QUERY_PAYMENT_METHOD_PLUGIN_NAME, Strings.nullToEmpty(pluginName),
QUERY_AUDIT, auditMode.getLevel().toString()));
final AtomicReference<Map<UUID, AccountAuditLogs>> accountsAuditLogs = new AtomicReference<Map<UUID, AccountAuditLogs>>(new HashMap<UUID, AccountAuditLogs>());
return buildStreamingPaginationResponse(payments,
new Function<Payment, PaymentJson>() {
@Override
public PaymentJson apply(final Payment payment) {
// Cache audit logs per account
if (accountsAuditLogs.get().get(payment.getAccountId()) == null) {
accountsAuditLogs.get().put(payment.getAccountId(), auditUserApi.getAccountAuditLogs(payment.getAccountId(), auditMode.getLevel(), tenantContext));
}
return new PaymentJson(payment, accountsAuditLogs.get().get(payment.getAccountId()).getAuditLogsForPayment(payment.getId()));
}
},
nextPageUri
);
}
@PUT
@Path("/{paymentId:" + UUID_PATTERN + "}")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
public Response retryFailedPayment(@PathParam(ID_PARAM_NAME) final String paymentIdString,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request) throws AccountApiException, PaymentApiException {
final CallContext callContext = context.createContext(createdBy, reason, comment, request);
final UUID paymentId = UUID.fromString(paymentIdString);
final Payment payment = paymentApi.getPayment(paymentId, false, pluginProperties, callContext);
final Account account = accountUserApi.getAccountById(payment.getAccountId(), callContext);
final Payment newPayment = paymentApi.retryPayment(account, paymentId, pluginProperties, callContext);
return Response.status(Status.OK).entity(new PaymentJson(newPayment, null)).build();
}
@GET
@Path("/{paymentId:" + UUID_PATTERN + "}/" + CHARGEBACKS)
@Produces(APPLICATION_JSON)
public Response getChargebacksForPayment(@PathParam("paymentId") final String paymentId,
@javax.ws.rs.core.Context final HttpServletRequest request) throws InvoiceApiException {
final TenantContext tenantContext = context.createContext(request);
final List<InvoicePayment> chargebacks = invoicePaymentApi.getChargebacksByPaymentId(UUID.fromString(paymentId), tenantContext);
if (chargebacks.size() == 0) {
return Response.status(Response.Status.NO_CONTENT).build();
}
final UUID invoicePaymentId = chargebacks.get(0).getId();
final UUID accountId = invoicePaymentApi.getAccountIdFromInvoicePaymentId(invoicePaymentId, tenantContext);
final List<ChargebackJson> chargebacksJson = new ArrayList<ChargebackJson>();
for (final InvoicePayment chargeback : chargebacks) {
chargebacksJson.add(new ChargebackJson(accountId, chargeback));
}
return Response.status(Response.Status.OK).entity(chargebacksJson).build();
}
@GET
@Path("/{paymentId:" + UUID_PATTERN + "}/" + REFUNDS)
@Produces(APPLICATION_JSON)
public Response getRefunds(@PathParam("paymentId") final String paymentId,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException {
final List<Refund> refunds = paymentApi.getPaymentRefunds(UUID.fromString(paymentId), context.createContext(request));
final List<RefundJson> result = new ArrayList<RefundJson>(Collections2.transform(refunds, new Function<Refund, RefundJson>() {
@Override
public RefundJson apply(final Refund input) {
// TODO Return adjusted items and audits
return new RefundJson(input, null, null);
}
}));
return Response.status(Status.OK).entity(result).build();
}
@POST
@Path("/{paymentId:" + UUID_PATTERN + "}/" + REFUNDS)
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
public Response createRefund(final RefundJson json,
@PathParam("paymentId") final String paymentId,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final UriInfo uriInfo,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException, AccountApiException {
final CallContext callContext = context.createContext(createdBy, reason, comment, request);
final UUID paymentUuid = UUID.fromString(paymentId);
final Payment payment = paymentApi.getPayment(paymentUuid, false, pluginProperties, callContext);
final Account account = accountUserApi.getAccountById(payment.getAccountId(), callContext);
final Refund result;
if (json.isAdjusted()) {
if (json.getAdjustments() != null && json.getAdjustments().size() > 0) {
final Map<UUID, BigDecimal> adjustments = new HashMap<UUID, BigDecimal>();
for (final InvoiceItemJson item : json.getAdjustments()) {
adjustments.put(UUID.fromString(item.getInvoiceItemId()), item.getAmount());
}
result = paymentApi.createRefundWithItemsAdjustments(account, paymentUuid, adjustments, pluginProperties, callContext);
} else {
// Invoice adjustment
result = paymentApi.createRefundWithAdjustment(account, paymentUuid, json.getAmount(), pluginProperties, callContext);
}
} else {
// Refund without adjustment
result = paymentApi.createRefund(account, paymentUuid, json.getAmount(), pluginProperties, callContext);
}
return uriBuilder.buildResponse(RefundResource.class, "getRefund", result.getId(), uriInfo.getBaseUri().toString());
}
@POST
@Path("/" + HOSTED + "/" + FORM + "/{gateway:" + ANYTHING_PATTERN + "}")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
// Generate form data to redirect the customer to the gateway
public Response buildFormDescriptor(final HostedPaymentPageFieldsJson json,
@PathParam("gateway") final String gateway,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final UriInfo uriInfo,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException {
throw new UnsupportedOperationException();
}
@POST
@Path("/" + HOSTED)
@Consumes(WILDCARD)
@Produces(APPLICATION_JSON)
public Response processNotification(final String body,
@PathParam("gateway") final String gateway,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final UriInfo uriInfo,
@javax.ws.rs.core.Context final HttpServletRequest request) throws PaymentApiException {
// Note: the body is opaque here, as it comes from the gateway. The associated payment plugin will now how to deserialize it though
throw new UnsupportedOperationException();
}
@GET
@Path("/{paymentId:" + UUID_PATTERN + "}/" + CUSTOM_FIELDS)
@Produces(APPLICATION_JSON)
public Response getCustomFields(@PathParam(ID_PARAM_NAME) final String id,
@QueryParam(QUERY_AUDIT) @DefaultValue("NONE") final AuditMode auditMode,
@javax.ws.rs.core.Context final HttpServletRequest request) {
return super.getCustomFields(UUID.fromString(id), auditMode, context.createContext(request));
}
@POST
@Path("/{paymentId:" + UUID_PATTERN + "}/" + CUSTOM_FIELDS)
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
public Response createCustomFields(@PathParam(ID_PARAM_NAME) final String id,
final List<CustomFieldJson> customFields,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request,
@javax.ws.rs.core.Context final UriInfo uriInfo) throws CustomFieldApiException {
return super.createCustomFields(UUID.fromString(id), customFields,
context.createContext(createdBy, reason, comment, request), uriInfo);
}
@DELETE
@Path("/{paymentId:" + UUID_PATTERN + "}/" + CUSTOM_FIELDS)
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
public Response deleteCustomFields(@PathParam(ID_PARAM_NAME) final String id,
@QueryParam(QUERY_CUSTOM_FIELDS) final String customFieldList,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request) throws CustomFieldApiException {
return super.deleteCustomFields(UUID.fromString(id), customFieldList,
context.createContext(createdBy, reason, comment, request));
}
@GET
@Path("/{paymentId:" + UUID_PATTERN + "}/" + TAGS)
@Produces(APPLICATION_JSON)
public Response getTags(@PathParam(ID_PARAM_NAME) final String paymentIdString,
@QueryParam(QUERY_AUDIT) @DefaultValue("NONE") final AuditMode auditMode,
@QueryParam(QUERY_TAGS_INCLUDED_DELETED) @DefaultValue("false") final Boolean includedDeleted,
@javax.ws.rs.core.Context final HttpServletRequest request) throws TagDefinitionApiException, PaymentApiException {
final UUID paymentId = UUID.fromString(paymentIdString);
final TenantContext tenantContext = context.createContext(request);
final Payment payment = paymentApi.getPayment(paymentId, false, pluginProperties, tenantContext);
return super.getTags(payment.getAccountId(), paymentId, auditMode, includedDeleted, tenantContext);
}
@POST
@Path("/{paymentId:" + UUID_PATTERN + "}/" + TAGS)
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
public Response createTags(@PathParam(ID_PARAM_NAME) final String id,
@QueryParam(QUERY_TAGS) final String tagList,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final UriInfo uriInfo,
@javax.ws.rs.core.Context final HttpServletRequest request) throws TagApiException {
return super.createTags(UUID.fromString(id), tagList, uriInfo,
context.createContext(createdBy, reason, comment, request));
}
@DELETE
@Path("/{paymentId:" + UUID_PATTERN + "}/" + TAGS)
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
public Response deleteTags(@PathParam(ID_PARAM_NAME) final String id,
@QueryParam(QUERY_TAGS) final String tagList,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request) throws TagApiException {
return super.deleteTags(UUID.fromString(id), tagList,
context.createContext(createdBy, reason, comment, request));
}
@Override
protected ObjectType getObjectType() {
return ObjectType.PAYMENT;
}
}