ricky/redmine_qbo
1
1
Fork 0
mirror of https://github.com/rickbarrette/redmine_qbo.git synced 2026-04-02 08:21:57 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Refactor: Update QBO connection handling to use QboConnectionService for consistency across services and controllers

Browse Source
This commit is contained in:
Ricky Barrette
2026-03-01 00:27:06 -05:00
parent 5a662f67b8
commit ed111fefe7
22 changed files with 232 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/estimate_controller.rb
View File

@@ -65,7 +65,7 @@ class EstimateController < ApplicationController
# Renders the estimate PDF or redirects with an error if rendering fails.
def render_pdf(estimate)
pdf, ref = EstimatePdfService.new(qbo: Qbo.first).fetch_pdf(doc_ids: [estimate.id])
pdf, ref = EstimatePdfService.new(qbo: QboConnectionService.current!).fetch_pdf(doc_ids: [estimate.id])
send_data( pdf, filename: "estimate #{ref}.pdf", disposition: :inline, type: "application/pdf" )
rescue StandardError => e
log "PDF render failed for Estimate #{estimate&.id}: #{e.message}"

2
app/controllers/invoice_controller.rb
View File

@@ -18,7 +18,7 @@ class InvoiceController < ApplicationController
log "Processing request for #{request.original_url}"
invoice_ids = Array(params[:invoice_ids] || params[:id])
pdf, ref = InvoicePdfService.new(qbo: Qbo.first).fetch_pdf(doc_ids: invoice_ids)
pdf, ref = InvoicePdfService.new(qbo: QboConnectionService.current!).fetch_pdf(doc_ids: invoice_ids)
send_data pdf, filename: "invoice #{ref}.pdf", disposition: :inline, type: "application/pdf"

128
app/controllers/qbo_controller.rb
View File

@@ -9,129 +9,67 @@
#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
class QboController < ApplicationController
require 'openssl'
include AuthHelper
before_action :require_user, except: :webhook
skip_before_action :verify_authenticity_token, :check_if_login_required, only: [:webhook]
skip_before_action :verify_authenticity_token, :check_if_login_required, only: :webhook
def allowed_params
params.permit(:code, :state, :realmId, :id)
end
#
# Called when the user requests that Redmine to connect to QBO
#
# Initiates the OAuth authentication process by redirecting the user to the QuickBooks authorization URL. The callback URL is generated based on the application's settings and routes.
def authenticate
redirect_uri = "#{Setting.protocol}://#{Setting.host_name + qbo_oauth_callback_path}"
log "redirect_uri: #{redirect_uri}"
oauth2_client = Qbo.construct_oauth2_client
grant_url = oauth2_client.auth_code.authorize_url(redirect_uri: redirect_uri, response_type: "code", state: SecureRandom.hex(12), scope: "com.intuit.quickbooks.accounting")
redirect_to grant_url
redirect_to QboOauthService.authorization_url(callback_url: callback_url)
end
#
# Called by QBO after authentication has been processed
#
# Handles the OAuth callback from QuickBooks. Exchanges the authorization code for access and refresh tokens, saves the connection details, and redirects to the sync page with a success notice. If any error occurs during the process, logs the error and redirects back to the plugin settings page with an error message.
def oauth_callback
if params[:state].present?
oauth2_client = Qbo.construct_oauth2_client
# use the state value to retrieve from your backend any information you need to identify the customer in your system
redirect_uri = "#{Setting.protocol}://#{Setting.host_name + qbo_oauth_callback_path}"
if resp = oauth2_client.auth_code.get_token(params[:code], redirect_uri: redirect_uri)
# Remove the last authentication information
Qbo.delete_all
# Save the authentication information
qbo = Qbo.new
qbo.update(oauth2_access_token: resp.token, oauth2_refresh_token: resp.refresh_token, realm_id: params[:realmId])
qbo.refresh_token!
if qbo.save!
redirect_to qbo_sync_path, flash: { notice: I18n.t(:label_connected) }
else
redirect_to plugin_settings_path(:redmine_qbo), flash: { error: I18n.t(:label_error) }
end
end
end
QboOauthService.exchange!(code: params[:code], callback_url: callback_url, realm_id: params[:realmId])
redirect_to qbo_sync_path, flash: { notice: I18n.t(:label_connected) }
rescue StandardError => e
log "OAuth failure: #{e.message}"
redirect_to plugin_settings_path(:redmine_qbo), flash: { error: I18n.t(:label_error) }
end
# Manual Billing
# Manual billing endpoint to trigger the billing process for a specific issue. Validates the issue and its associations, enqueues a job to bill the issue's time entries, and redirects back to the issue with a notice. If validation fails, redirects back with an error message.
def bill
issue = Issue.find_by(id: params[:id])
return render_404 unless issue
unless issue.customer
redirect_to issue, flash: { error: I18n.t(:label_billing_error_no_customer) }
return
end
unless issue.assigned_to&.employee_id.present?
redirect_to issue, flash: { error: I18n.t(:label_billing_error_no_employee) }
return
end
unless Qbo.first
redirect_to issue, flash: { error: I18n.t(:label_billing_error_no_qbo) }
return
end
BillingValidator.validate!(issue)
BillIssueTimeJob.perform_later(issue.id)
redirect_to issue, flash: {
notice: I18n.t(:label_billing_enqueued) + " #{issue.customer.name}"
notice: "#{I18n.t(:label_billing_enqueued)} #{issue.customer.name}"
}
rescue StandardError => e
redirect_to issue || root_path, flash: { error: e.message }
end
#
# Synchronizes the QboCustomer table with QBO
#
# Manual sync endpoint to trigger a full synchronization of QuickBooks entities with the local database. Enqueues all relevant sync jobs and redirects to the home page with a notice that syncing has started.
def sync
log "Syncing EVERYTHING"
CustomerSyncJob.perform_later(full_sync: true)
EstimateSyncJob.perform_later(full_sync: true)
InvoiceSyncJob.perform_later(full_sync: true)
EmployeeSyncJob.perform_later(full_sync: true)
QboSyncDispatcher.full_sync!
redirect_to :home, flash: { notice: I18n.t(:label_syncing) }
end
# QuickBooks Webhook Callback
# Endpoint to receive QuickBooks webhook notifications. Validates the request and processes the payload to sync relevant data to Redmine. Responds with appropriate HTTP status codes based on success or failure of processing.
def webhook
log "Webhook received"
signature = request.headers['intuit-signature']
key = Setting.plugin_redmine_qbo['settingsWebhookToken']
body = request.raw_post
digest = OpenSSL::Digest.new('sha256')
computed = Base64.strict_encode64(OpenSSL::HMAC.digest(digest, key, body))
unless secure_compare(computed, signature)
log "Invalid webhook signature"
head :unauthorized
return
end
WebhookProcessJob.perform_later(body)
QboWebhookProcessor.process!(request: request)
head :ok
rescue StandardError => e
log "Webhook failure: #{e.message}"
head :unauthorized
end
private
# Securely compare two strings to prevent timing attacks. Returns false if either string is blank or if they do not match.
def secure_compare(a, b)
return false if a.blank? || b.blank?
ActiveSupport::SecurityUtils.secure_compare(a, b)
# Constructs the OAuth callback URL based on the application's settings and routes. This URL is used during the OAuth flow to redirect users back to the application after authentication with QuickBooks.
def callback_url
"#{Setting.protocol}://#{Setting.host_name}#{qbo_oauth_callback_path}"
end
# Logs messages with a consistent prefix for easier debugging and monitoring.
def log(msg)
Rails.logger.info "[QboController] #{msg}"
end
end
end