class PaymentHandler < ActiveRecord::Base
  belongs_to :cart

  attr_accessible :params, :cart_id, :status, :transaction_id

  # convert params object to yaml when putting into the db and a hash when it comes out
  serialize :params
  
  after_create :set_purchase_date

  # https://cms.paypal.com/cms_content/en_US/files/developer/PP_OrderMgmt_IntegrationGuide.pdf
  SUCCESSFUL_PAYPAL_STATES = %w[instant echeck completed processed pending]

  validates :params, :status, :presence => true
  validates :cart_id, :transaction_id, :presence => true, :uniqueness => true

  before_validation do 
    self.cart_id = self.params['invoice'] unless cart_id?
    self.status = self.params['payment_status'].downcase unless status?
    self.transaction_id = self.params['txn_id'] unless transaction_id?
  end

  # younker [2011-04-16 12:00]
  # We want to create the entry even if it does not pass validation, otherwise we will not insert this into the db.
  # That is why I removed this and created accept?
  # validate do
  #   errors.add(:base, "Secret does not match") unless secrets_match?
  #   errors.add(:base, "Transaction state was invalid") unless valid_state?
  #   errors.add(:base, "Receiver email does not match our paypal email") unless emails_match?
  # end

  def accept?
    errors.add(:base, " Secret does not match") unless secrets_match?
    errors.add(:base, " Transaction state was invalid") unless valid_state?
    errors.add(:base, " Receiver email does not match our paypal email") unless emails_match?
    self.errors.empty?
  end

  private

  # checks to make sure this is valid are done in the payment_notification_controller.create()
  def set_purchase_date
    cart.update_attribute(:purchased_at, Time.now)
  end

  def secrets_match?
    ECO['paypal']['secret'].eql?(self.params['secret'])
  end

  def valid_state?
    SUCCESSFUL_PAYPAL_STATES.include?(self.status)
  end

  def emails_match?
    ECO['paypal']['email'].eql?(self.params[:receiver_email])
  end
end