fab-manager/app/controllers/api/reservations_controller.rb

# frozen_string_literal: true

# API Controller for resources of type Reservation
# Reservations are used for Training, Machine, Space and Event
class API::ReservationsController < API::ApiController
  before_action :authenticate_user!
  before_action :set_reservation, only: %i[show update]
  respond_to :json

  def index
    if params[:reservable_id] && params[:reservable_type] && params[:user_id]
      params[:user_id] = current_user.id unless current_user.admin?

      @reservations = Reservation.where(params.permit(:reservable_id, :reservable_type, :user_id))
    elsif params[:reservable_id] && params[:reservable_type] && current_user.admin?
      @reservations = Reservation.where(params.permit(:reservable_id, :reservable_type))
    else
      @reservations = []
    end
  end

  def show; end

  # Admins can create any reservations. Members can directly create reservations if total = 0,
  # otherwise, they must use payments_controller#confirm_payment
  def create
    authorize Reservation

    user_id = params[:reservation][:user_id]

    @reservation = Reservation.new(reservation_params)
    is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)
                                      .pay_and_save(@reservation, coupon: coupon_params[:coupon_code])

    if is_reserve
      SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible

      render :show, status: :created, location: @reservation
    else
      render json: @reservation.errors, status: :unprocessable_entity
    end
  rescue InvalidCouponError
    render json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity
  end

  def update
    authorize @reservation
    if @reservation.update(reservation_params)
      render :show, status: :ok, location: @reservation
    else
      render json: @reservation.errors, status: :unprocessable_entity
    end
  end

  private

  def set_reservation
    @reservation = Reservation.find(params[:id])
  end

  def reservation_params
    params.require(:reservation).permit(:message, :reservable_id, :reservable_type, :plan_id, :nb_reserve_places,
                                        tickets_attributes: %i[event_price_category_id booked],
                                        slots_attributes: %i[id start_at end_at availability_id offered])
  end

  def coupon_params
    params.permit(:coupon_code)
  end
end
rubocop api controllers TODO: - events controller - availabilies controller - members controller - plans controller 2019-01-16 16:28:25 +01:00			`# frozen_string_literal: true`

			`# API Controller for resources of type Reservation`
			`# Reservations are used for Training, Machine, Space and Event`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`class API::ReservationsController < API::ApiController`
			`before_action :authenticate_user!`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`before_action :set_reservation, only: %i[show update]`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`respond_to :json`

			`def index`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`if params[:reservable_id] && params[:reservable_type] && params[:user_id]`
refactored roles methods to match ruby conventions 2019-01-14 12:57:31 +01:00			`params[:user_id] = current_user.id unless current_user.admin?`
fix reservation + subscription 2018-12-11 15:07:21 +01:00
release 2.0 rc 2016-03-23 18:39:41 +01:00			`@reservations = Reservation.where(params.permit(:reservable_id, :reservable_type, :user_id))`
refactored roles methods to match ruby conventions 2019-01-14 12:57:31 +01:00			`elsif params[:reservable_id] && params[:reservable_type] && current_user.admin?`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`@reservations = Reservation.where(params.permit(:reservable_id, :reservable_type))`
			`else`
			`@reservations = []`
			`end`
			`end`

fix reservation + subscription 2018-12-11 15:07:21 +01:00			`def show; end`
release 2.0 rc 2016-03-23 18:39:41 +01:00
compute subscription price server-side for payments 2019-09-11 10:31:22 +02:00			`# Admins can create any reservations. Members can directly create reservations if total = 0,`
			`# otherwise, they must use payments_controller#confirm_payment`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`def create`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`authorize Reservation`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
			`user_id = params[:reservation][:user_id]`
fix reservation + subscription 2018-12-11 15:07:21 +01:00
			`@reservation = Reservation.new(reservation_params)`
move invoice->operator to invoicing_profile + minor fixes to handle user deletion 2019-06-12 12:22:38 +02:00			`is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)`
using stp_payment_intent_id instead of stp_invoice_id on new invoices 2019-09-10 16:45:45 +02:00			`.pay_and_save(@reservation, coupon: coupon_params[:coupon_code])`
refacto subscription extension with first training using a service 2016-04-07 17:57:48 +02:00
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`if is_reserve`
			`SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible`

			`render :show, status: :created, location: @reservation`
			`else`
			`render json: @reservation.errors, status: :unprocessable_entity`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`rescue InvalidCouponError`
			`render json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`

			`def update`
			`authorize @reservation`
			`if @reservation.update(reservation_params)`
			`render :show, status: :ok, location: @reservation`
			`else`
			`render json: @reservation.errors, status: :unprocessable_entity`
			`end`
			`end`

			`private`
rubocop api controllers TODO: - events controller - availabilies controller - members controller - plans controller 2019-01-16 16:28:25 +01:00
release 2.0 rc 2016-03-23 18:39:41 +01:00			`def set_reservation`
			`@reservation = Reservation.find(params[:id])`
			`end`

			`def reservation_params`
[bug] wallet usage is noted on subscription invoices even if wallet was not used + use payment confirm API for subscriptions only (sca) 2019-09-10 17:57:46 +02:00			`params.require(:reservation).permit(:message, :reservable_id, :reservable_type, :plan_id, :nb_reserve_places,`
fix reservation + subscription 2018-12-11 15:07:21 +01:00			`tickets_attributes: %i[event_price_category_id booked],`
			`slots_attributes: %i[id start_at end_at availability_id offered])`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`
rebase coupon usage on code instead of id (more secure) 2016-08-10 15:34:47 +02:00
			`def coupon_params`
			`params.permit(:coupon_code)`
			`end`
release 2.0 rc 2016-03-23 18:39:41 +01:00			`end`