fab-manager/app/controllers/api/payments_controller.rb

# frozen_string_literal: true

# API Controller for handling payments process in the front-end
class API::PaymentsController < API::ApiController
  before_action :authenticate_user!

  ##
  # Client requests to confirm a card payment will ask this endpoint.
  # It will check for the need of a strong customer authentication (SCA) to confirm the payment or confirm that the payment
  # was successfully made. After the payment was made, the reservation/subscription will be created
  ##
  def confirm_payment
    begin
      if params[:payment_method_id].present?
        # Check the coupon
        unless coupon_params[:coupon_code].nil?
          coupon = Coupon.find_by(code: coupon_params[:coupon_code])
          raise InvalidCouponError if coupon.nil? || coupon.status(current_user.id) != 'active'
        end

        # Compute the price
        reservable = cart_items_params[:reservable_type].constantize.find(cart_items_params[:reservable_id])
        price_details = Price.compute(false,
                                      current_user,
                                      reservable,
                                      cart_items_params[:slots_attributes] || [],
                                      cart_items_params[:plan_id],
                                      cart_items_params[:nb_reserve_places],
                                      cart_items_params[:tickets_attributes],
                                      coupon_params[:coupon_code])

        # Subtract wallet amount from total
        total = price_details[:total]
        wallet_debit = get_wallet_debit(current_user, total)

        # Create the PaymentIntent
        intent = Stripe::PaymentIntent.create(
          payment_method: params[:payment_method_id],
          amount: total - wallet_debit,
          currency: Rails.application.secrets.stripe_currency,
          confirmation_method: 'manual',
          confirm: true,
          customer: current_user.stp_customer_id,
        )
      elsif params[:payment_intent_id].present?
        intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id])
      end
    rescue Stripe::CardError => e
      # Display error on client
      render(status: 200, json: { error: e.message }) and return
    end

    render(on_payment_success(intent)) and return if intent.status == 'succeeded'
    render generate_payment_response(intent)
  end

  private

  def on_payment_success(intent)
    # TODO create subscription is needed
    user_id = params[:cart_items][:reservation][:user_id]

    @reservation = Reservation.new(reservation_params)
    is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)
                                      .pay_and_save(@reservation, coupon: coupon_params[:coupon_code], payment_intent_id: intent.id)
    Stripe::PaymentIntent.update(
      intent.id,
      description: "Invoice reference: #{@reservation.invoice.reference}"
    )

    if is_reserve
      SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible

      { template: 'api/reservations/show', status: :created, location: @reservation }
    else
      { json: @reservation.errors, status: :unprocessable_entity }
    end
  rescue InvalidCouponError
    { json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity }
  end

  def generate_payment_response(intent)
    if intent.status == 'requires_action' && intent.next_action.type == 'use_stripe_sdk'
      # Tell the client to handle the action
      {
        status: 200,
        json: {
          requires_action: true,
          payment_intent_client_secret: intent.client_secret
        }
      }
    elsif intent.status == 'succeeded'
      # The payment didn't need any additional actions and is completed!
      # Handle post-payment fulfillment
      { status: 200, json: { success: true } }
    else
      # Invalid status
      { status: 500, json: { error: 'Invalid PaymentIntent status' } }
    end
  end

  def get_wallet_debit(user, total_amount)
    wallet_amount = (user.wallet.amount * 100).to_i
    wallet_amount >= total_amount ? total_amount : wallet_amount
  end

  def reservation_params
    params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :nb_reserve_places,
                                                     tickets_attributes: %i[event_price_category_id booked],
                                                     slots_attributes: %i[id start_at end_at availability_id offered])
  end

  def cart_items_params
    params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places,
                                                     tickets_attributes: %i[event_price_category_id booked],
                                                     slots_attributes: %i[id start_at end_at availability_id offered])
  end

  def coupon_params
    params.require(:cart_items).permit(:coupon_code)
  end
end
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`# frozen_string_literal: true`

			`# API Controller for handling payments process in the front-end`
			`class API::PaymentsController < API::ApiController`
			`before_action :authenticate_user!`

refactor payment process for sca 2019-09-10 11:46:14 +02:00			`##`
			`# Client requests to confirm a card payment will ask this endpoint.`
			`# It will check for the need of a strong customer authentication (SCA) to confirm the payment or confirm that the payment`
			`# was successfully made. After the payment was made, the reservation/subscription will be created`
			`##`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`def confirm_payment`
			`begin`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`if params[:payment_method_id].present?`
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`# Check the coupon`
			`unless coupon_params[:coupon_code].nil?`
			`coupon = Coupon.find_by(code: coupon_params[:coupon_code])`
			`raise InvalidCouponError if coupon.nil? \|\| coupon.status(current_user.id) != 'active'`
			`end`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`# Compute the price`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`reservable = cart_items_params[:reservable_type].constantize.find(cart_items_params[:reservable_id])`
			`price_details = Price.compute(false,`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`current_user,`
			`reservable,`
			`cart_items_params[:slots_attributes] \|\| [],`
			`cart_items_params[:plan_id],`
			`cart_items_params[:nb_reserve_places],`
			`cart_items_params[:tickets_attributes],`
			`coupon_params[:coupon_code])`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`# Subtract wallet amount from total`
			`total = price_details[:total]`
			`wallet_debit = get_wallet_debit(current_user, total)`

			`# Create the PaymentIntent`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`intent = Stripe::PaymentIntent.create(`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`payment_method: params[:payment_method_id],`
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`amount: total - wallet_debit,`
			`currency: Rails.application.secrets.stripe_currency,`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`confirmation_method: 'manual',`
using stp_payment_intent_id instead of stp_invoice_id on new invoices 2019-09-10 16:45:45 +02:00			`confirm: true,`
			`customer: current_user.stp_customer_id,`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`)`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`elsif params[:payment_intent_id].present?`
			`intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id])`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`end`
			`rescue Stripe::CardError => e`
			`# Display error on client`
handle sca in js frontend 2019-09-10 12:46:02 +02:00			`render(status: 200, json: { error: e.message }) and return`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`end`

using stp_payment_intent_id instead of stp_invoice_id on new invoices 2019-09-10 16:45:45 +02:00			`render(on_payment_success(intent)) and return if intent.status == 'succeeded'`
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`render generate_payment_response(intent)`
			`end`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`private`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
using stp_payment_intent_id instead of stp_invoice_id on new invoices 2019-09-10 16:45:45 +02:00			`def on_payment_success(intent)`
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`# TODO create subscription is needed`
			`user_id = params[:cart_items][:reservation][:user_id]`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`@reservation = Reservation.new(reservation_params)`
			`is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)`
using stp_payment_intent_id instead of stp_invoice_id on new invoices 2019-09-10 16:45:45 +02:00			`.pay_and_save(@reservation, coupon: coupon_params[:coupon_code], payment_intent_id: intent.id)`
			`Stripe::PaymentIntent.update(`
			`intent.id,`
			`description: "Invoice reference: #{@reservation.invoice.reference}"`
			`)`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`if is_reserve`
			`SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible`
collect card details on the client & create a paymentIntent on the server 2019-09-05 16:17:02 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`{ template: 'api/reservations/show', status: :created, location: @reservation }`
			`else`
			`{ json: @reservation.errors, status: :unprocessable_entity }`
			`end`
			`rescue InvalidCouponError`
			`{ json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity }`
			`end`
collect card details on the client & create a paymentIntent on the server 2019-09-05 16:17:02 +02:00
			`def generate_payment_response(intent)`
			`if intent.status == 'requires_action' && intent.next_action.type == 'use_stripe_sdk'`
			`# Tell the client to handle the action`
			`{`
			`status: 200,`
			`json: {`
			`requires_action: true,`
			`payment_intent_client_secret: intent.client_secret`
			`}`
			`}`
			`elsif intent.status == 'succeeded'`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`# The payment didn't need any additional actions and is completed!`
collect card details on the client & create a paymentIntent on the server 2019-09-05 16:17:02 +02:00			`# Handle post-payment fulfillment`
			`{ status: 200, json: { success: true } }`
			`else`
			`# Invalid status`
			`{ status: 500, json: { error: 'Invalid PaymentIntent status' } }`
			`end`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`end`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
refactor payment process for sca 2019-09-10 11:46:14 +02:00			`def get_wallet_debit(user, total_amount)`
			`wallet_amount = (user.wallet.amount * 100).to_i`
			`wallet_amount >= total_amount ? total_amount : wallet_amount`
			`end`

ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`def reservation_params`
			`params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :nb_reserve_places,`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`tickets_attributes: %i[event_price_category_id booked],`
			`slots_attributes: %i[id start_at end_at availability_id offered])`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`end`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`def cart_items_params`
			`params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places,`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`tickets_attributes: %i[event_price_category_id booked],`
			`slots_attributes: %i[id start_at end_at availability_id offered])`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`end`

			`def coupon_params`
			`params.require(:cart_items).permit(:coupon_code)`
			`end`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`end`