duffy-walsh/gist:8e68ab7e7da8b33b23b4

## gistfile1.txt
class SubmissionsController < ApplicationController
  layout "pdf_layout"
  skip_before_action :verify_authenticity_token

  before_filter :verify_request_signature
  after_filter :set_cors_headers

  def index
    shop = Shop.find_by_domain( params[:shop] )
    ShopifyAPI::Base.activate_session( ShopifyAPI::Session.new( shop.domain, shop.token ) )

    if shop.present?
      if params[:order_id] && params[:namespace] && params[:sig] == Digest::MD5.hexdigest(params[:order_id] + ENV['FORMS_PRIVATE_KEY'] + params[:namespace])
        metafields = ShopifyAPI::Metafield.all( params: { resource: 'orders',
                                                          resource_id: params[:order_id],
                                                          namespace: params[:namespace],
                                                          fields: ['key','value'] })

        metafields_hash = Hash.new
        metafields.each do |metafield|
          metafields_hash[metafield.key] = metafield.value
        end

        render json: metafields_hash
      else
        render nothing: true, status: :bad_request
      end
    end
  rescue ActiveResource::UnauthorizedAccess
  end

  def create
    shop = Shop.find_by_domain( params[:shop] )
    ShopifyAPI::Base.activate_session( ShopifyAPI::Session.new( shop.domain, shop.token ) )

    if shop.present?
      if params[:submission] && params[:submission][:order_id] && params[:submission][:namespace] && params[:submission][:fields] && params[:submission][:signature] == Digest::MD5.hexdigest(params[:submission][:order_id] + ENV['FORMS_PRIVATE_KEY'] + params[:submission][:namespace])
        puts "WITH NO PARAMS"
        submission  = params[:submission]
        order       = ShopifyAPI::Order.find( submission[:order_id] )

        for key, value in submission[:fields]
          metafield = ShopifyAPI::Metafield.new(
            key: key,
            value: value,
            value_type: "string",
            namespace: submission[:namespace]
          )

          order.add_metafield metafield
        end

        namespace_array = submission[:namespace].split('_')
        order_name      = namespace_array[0].to_s
        product_id      = namespace_array[1].to_s + "_" + namespace_array[2].to_s

        if params[:submission][:fields][:submit_agree] == "submit_agree"
          NotificationMailer.submission_received(order_name, product_id).deliver
        end

        render nothing: true, status: :created
      else
        render nothing: true, status: :bad_request
      end
    end
  rescue ActiveResource::UnauthorizedAccess
  end

  def export
    html = render_to_string(:action => :export, :layout => "pdf_layout.html.erb")
    pdf = WickedPdf.new.pdf_from_string(html)
    send_file(  pdf,
                :filename     => "test.pdf",
                :disposition  => "attachment" )
  end

end
	class SubmissionsController < ApplicationController
	layout "pdf_layout"
	skip_before_action :verify_authenticity_token

	before_filter :verify_request_signature
	after_filter :set_cors_headers

	def index
	shop = Shop.find_by_domain( params[:shop] )
	ShopifyAPI::Base.activate_session( ShopifyAPI::Session.new( shop.domain, shop.token ) )

	if shop.present?
	if params[:order_id] && params[:namespace] && params[:sig] == Digest::MD5.hexdigest(params[:order_id] + ENV['FORMS_PRIVATE_KEY'] + params[:namespace])
	metafields = ShopifyAPI::Metafield.all( params: { resource: 'orders',
	resource_id: params[:order_id],
	namespace: params[:namespace],
	fields: ['key','value'] })

	metafields_hash = Hash.new
	metafields.each do \|metafield\|
	metafields_hash[metafield.key] = metafield.value
	end

	render json: metafields_hash
	else
	render nothing: true, status: :bad_request
	end
	end
	rescue ActiveResource::UnauthorizedAccess
	end

	def create
	shop = Shop.find_by_domain( params[:shop] )
	ShopifyAPI::Base.activate_session( ShopifyAPI::Session.new( shop.domain, shop.token ) )

	if shop.present?
	if params[:submission] && params[:submission][:order_id] && params[:submission][:namespace] && params[:submission][:fields] && params[:submission][:signature] == Digest::MD5.hexdigest(params[:submission][:order_id] + ENV['FORMS_PRIVATE_KEY'] + params[:submission][:namespace])
	puts "WITH NO PARAMS"
	submission = params[:submission]
	order = ShopifyAPI::Order.find( submission[:order_id] )

	for key, value in submission[:fields]
	metafield = ShopifyAPI::Metafield.new(
	key: key,
	value: value,
	value_type: "string",
	namespace: submission[:namespace]
	)

	order.add_metafield metafield
	end

	namespace_array = submission[:namespace].split('_')
	order_name = namespace_array[0].to_s
	product_id = namespace_array[1].to_s + "_" + namespace_array[2].to_s

	if params[:submission][:fields][:submit_agree] == "submit_agree"
	NotificationMailer.submission_received(order_name, product_id).deliver
	end

	render nothing: true, status: :created
	else
	render nothing: true, status: :bad_request
	end
	end
	rescue ActiveResource::UnauthorizedAccess
	end

	def export
	html = render_to_string(:action => :export, :layout => "pdf_layout.html.erb")
	pdf = WickedPdf.new.pdf_from_string(html)
	send_file( pdf,
	:filename => "test.pdf",
	:disposition => "attachment" )
	end

	end