fab-manager/app/controllers/api/payments_controller.rb

# frozen_string_literal: true

# API Controller for handling payments process in the front-end
class API::PaymentsController < API::ApiController
  before_action :authenticate_user!

  def confirm_payment
    begin
      if params[:payment_method_id].present?
        # Create the PaymentIntent
        # TODO the client has to provide the reservation details. Then, we use Price.compute - user.walletAmount to get the amount
        # currency is set in Rails.secrets

        reservable = cart_items_params[:reservable_type].constantize.find(cart_items_params[:reservable_id])
        price_details = Price.compute(false,
                                      current_user,
                                      reservable,
                                      cart_items_params[:slots_attributes] || [],
                                      cart_items_params[:plan_id],
                                      cart_items_params[:nb_reserve_places],
                                      cart_items_params[:tickets_attributes],
                                      coupon_params[:coupon_code])

        intent = Stripe::PaymentIntent.create(
          payment_method: params[:payment_method_id],
          amount: price_details[:total],
          currency: 'eur',
          confirmation_method: 'manual',
          confirm: true
        )
      elsif params[:payment_intent_id].present?
        intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id])


      end
    rescue Stripe::CardError => e
      # Display error on client
      render status: 200, json: { error: e.message }
    end

    # TODO extract in subroutine
    if intent.status == 'succeeded'
      begin
        user_id = params[:cart_items][:reservation][:user_id]

        @reservation = Reservation.new(reservation_params)
        is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)
                                          .pay_and_save(@reservation, :stripe, coupon_params[:coupon_code])

        if is_reserve
          SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible

          render('api/reservations/show', status: :created, location: @reservation) and return
        else
          render(json: @reservation.errors, status: :unprocessable_entity) and return
        end
      rescue InvalidCouponError
        render(json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity) and return
      end
    end

    render generate_payment_response(intent)
  end

  private

  def generate_payment_response(intent)
    if intent.status == 'requires_action' && intent.next_action.type == 'use_stripe_sdk'
      # Tell the client to handle the action
      {
        status: 200,
        json: {
          requires_action: true,
          payment_intent_client_secret: intent.client_secret
        }
      }
    elsif intent.status == 'succeeded'
      # The payment didn't need any additional actions and is completed!
      # Handle post-payment fulfillment
      { status: 200, json: { success: true } }
    else
      # Invalid status
      { status: 500, json: { error: 'Invalid PaymentIntent status' } }
    end
  end

  def reservation_params
    params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :nb_reserve_places,
                                                     tickets_attributes: %i[event_price_category_id booked],
                                                     slots_attributes: %i[id start_at end_at availability_id offered])
  end

  def cart_items_params
    params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places,
                                                     tickets_attributes: %i[event_price_category_id booked],
                                                     slots_attributes: %i[id start_at end_at availability_id offered])
  end

  def coupon_params
    params.require(:cart_items).permit(:coupon_code)
  end
end
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`# frozen_string_literal: true`

			`# API Controller for handling payments process in the front-end`
			`class API::PaymentsController < API::ApiController`
			`before_action :authenticate_user!`

			`def confirm_payment`
			`begin`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`if params[:payment_method_id].present?`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`# Create the PaymentIntent`
handle 2nd confirmation on server + display confirmation modal on the client 2019-09-05 17:17:51 +02:00			`# TODO the client has to provide the reservation details. Then, we use Price.compute - user.walletAmount to get the amount`
			`# currency is set in Rails.secrets`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`reservable = cart_items_params[:reservable_type].constantize.find(cart_items_params[:reservable_id])`
			`price_details = Price.compute(false,`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`current_user,`
			`reservable,`
			`cart_items_params[:slots_attributes] \|\| [],`
			`cart_items_params[:plan_id],`
			`cart_items_params[:nb_reserve_places],`
			`cart_items_params[:tickets_attributes],`
			`coupon_params[:coupon_code])`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`intent = Stripe::PaymentIntent.create(`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`payment_method: params[:payment_method_id],`
			`amount: price_details[:total],`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`currency: 'eur',`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`confirmation_method: 'manual',`
			`confirm: true`
			`)`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`elsif params[:payment_intent_id].present?`
			`intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id])`

quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`end`
			`rescue Stripe::CardError => e`
			`# Display error on client`
handle 2nd confirmation on server + display confirmation modal on the client 2019-09-05 17:17:51 +02:00			`render status: 200, json: { error: e.message }`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`end`

quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`# TODO extract in subroutine`
			`if intent.status == 'succeeded'`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`begin`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`user_id = params[:cart_items][:reservation][:user_id]`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
			`@reservation = Reservation.new(reservation_params)`
			`is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)`
			`.pay_and_save(@reservation, :stripe, coupon_params[:coupon_code])`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`if is_reserve`
			`SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`render('api/reservations/show', status: :created, location: @reservation) and return`
			`else`
			`render(json: @reservation.errors, status: :unprocessable_entity) and return`
			`end`
			`rescue InvalidCouponError`
			`render(json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity) and return`
			`end`
			`end`

collect card details on the client & create a paymentIntent on the server 2019-09-05 16:17:02 +02:00			`render generate_payment_response(intent)`
			`end`

			`private`

			`def generate_payment_response(intent)`
			`if intent.status == 'requires_action' && intent.next_action.type == 'use_stripe_sdk'`
			`# Tell the client to handle the action`
			`{`
			`status: 200,`
			`json: {`
			`requires_action: true,`
			`payment_intent_client_secret: intent.client_secret`
			`}`
			`}`
			`elsif intent.status == 'succeeded'`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`# The payment didn't need any additional actions and is completed!`
collect card details on the client & create a paymentIntent on the server 2019-09-05 16:17:02 +02:00			`# Handle post-payment fulfillment`
			`{ status: 200, json: { success: true } }`
			`else`
			`# Invalid status`
			`{ status: 500, json: { error: 'Invalid PaymentIntent status' } }`
			`end`
[ongoing] upgrade stripe gem & api version to allow SCA 2019-09-05 11:03:22 +02:00			`end`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00
			`def reservation_params`
			`params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :nb_reserve_places,`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`tickets_attributes: %i[event_price_category_id booked],`
			`slots_attributes: %i[id start_at end_at availability_id offered])`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`end`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`def cart_items_params`
			`params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places,`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`tickets_attributes: %i[event_price_category_id booked],`
			`slots_attributes: %i[id start_at end_at availability_id offered])`
ongoing work on sca stripe 2019-09-09 17:37:54 +02:00			`end`

			`def coupon_params`
			`params.require(:cart_items).permit(:coupon_code)`
			`end`
quick coding rules checking with rubocop 2019-09-09 18:04:31 +02:00			`end`