configure online payment from the UI

app/assets/javascripts/app.js

@@ -81,8 +81,6 @@ angular.module('application', ['ngCookies', 'ngResource', 'ngSanitize', 'ui.rout
         $state.prevParams = fromParams;
       });
 
-      // Global config: if true, all payments will be disabled in the application for the members (only admins will be able to proceed reservations)
-      $rootScope.fablabWithoutOnlinePayment = Fablab.withoutOnlinePayment;
       // Global config: if true, user must confirm his email to sign in
       $rootScope.userConfirmationNeededToSignIn = Fablab.userConfirmationNeededToSignIn;
       // Global config: if true, wallet will be disabled

app/assets/javascripts/controllers/admin/invoices.js.erb

@@ -169,6 +169,9 @@ Application.Controllers.controller('InvoicesController', ['$scope', '$state', 'I
       }
     };
 
+    // all settings
+    $scope.allSettings = settings;
+
     // Placeholding date for the invoice creation
     $scope.today = moment();
 

app/assets/javascripts/controllers/events.js.erb

@@ -13,8 +13,8 @@
  * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
  */
 
-Application.Controllers.controller('EventsController', ['$scope', '$state', 'Event', 'categoriesPromise', 'themesPromise', 'ageRangesPromise',
-  function ($scope, $state, Event, categoriesPromise, themesPromise, ageRangesPromise) {
+Application.Controllers.controller('EventsController', ['$scope', '$state', 'Event', 'categoriesPromise', 'themesPromise', 'ageRangesPromise', 'settingsPromise',
+  function ($scope, $state, Event, categoriesPromise, themesPromise, ageRangesPromise, settingsPromise) {
   /* PUBLIC SCOPE */
 
     // The events displayed on the page
@@ -305,7 +305,7 @@ Application.Controllers.controller('ShowEventController', ['$scope', '$state', '
           const amountToPay = helpers.getAmountToPay($scope.reserve.amountTotal, wallet.amount);
           if ((AuthService.isAuthorized(['member']) && amountToPay > 0)
             || (AuthService.isAuthorized('manager') && $scope.ctrl.member.id === $rootScope.currentUser.id && amountToPay > 0)) {
-            if ($rootScope.fablabWithoutOnlinePayment) {
+            if (settingsPromise.online_payment_module !== 'true') {
               growl.error(_t('app.public.events_show.online_payment_disabled'));
             } else {
               return payByStripe(reservation);

app/assets/javascripts/controllers/plans.js.erb

@@ -12,8 +12,8 @@
  */
 'use strict';
 
-Application.Controllers.controller('PlansIndexController', ['$scope', '$rootScope', '$state', '$uibModal', 'Auth', 'AuthService', 'dialogs', 'growl', 'plansPromise', 'groupsPromise', 'Subscription', 'Member', 'subscriptionExplicationsPromise', '_t', 'Wallet', 'helpers',
-  function ($scope, $rootScope, $state, $uibModal, Auth, AuthService, dialogs, growl, plansPromise, groupsPromise, Subscription, Member, subscriptionExplicationsPromise, _t, Wallet, helpers) {
+Application.Controllers.controller('PlansIndexController', ['$scope', '$rootScope', '$state', '$uibModal', 'Auth', 'AuthService', 'dialogs', 'growl', 'plansPromise', 'groupsPromise', 'Subscription', 'Member', 'subscriptionExplicationsPromise', '_t', 'Wallet', 'helpers', 'settingsPromise',
+  function ($scope, $rootScope, $state, $uibModal, Auth, AuthService, dialogs, growl, plansPromise, groupsPromise, Subscription, Member, subscriptionExplicationsPromise, _t, Wallet, helpers, settingsPromise) {
     /* PUBLIC SCOPE */
 
     // list of groups
@@ -92,7 +92,7 @@ Application.Controllers.controller('PlansIndexController', ['$scope', '$rootScop
         const amountToPay = helpers.getAmountToPay($scope.cart.total, wallet.amount);
         if ((AuthService.isAuthorized('member') && amountToPay > 0)
           || (AuthService.isAuthorized('manager') && $scope.ctrl.member.id === $rootScope.currentUser.id && amountToPay > 0)) {
-          if ($rootScope.fablabWithoutOnlinePayment) {
+          if (settingsPromise.online_payment_module !== 'true') {
             growl.error(_t('app.public.plans.online_payment_disabled'));
           } else {
             return payByStripe();

app/assets/javascripts/directives/cart.js.erb

@@ -759,7 +759,7 @@ Application.Directives.directive('cart', [ '$rootScope', '$uibModal', 'dialogs',
             const amountToPay = helpers.getAmountToPay($scope.amountTotal, wallet.amount);
             if ((AuthService.isAuthorized(['member']) && amountToPay > 0)
               || (AuthService.isAuthorized('manager') && $scope.user.id === $rootScope.currentUser.id && amountToPay > 0)) {
-              if ($rootScope.fablabWithoutOnlinePayment) {
+              if ($scope.settings.online_payment_module !== 'true') {
                 growl.error(_t('app.shared.cart.online_payment_disabled'));
               } else {
                 return payByStripe(reservation);

app/assets/javascripts/router.js.erb

@@ -348,14 +348,9 @@ angular.module('application.router', ['ui.router'])
           machinePromise: ['Machine', '$stateParams', function (Machine, $stateParams) { return Machine.get({ id: $stateParams.id }).$promise; }],
           settingsPromise: ['Setting', function (Setting) {
             return Setting.query({
-              names: `['machine_explications_alert', \
-                       'booking_window_start', \
-                       'booking_window_end', \
-                       'booking_move_enable', \
-                       'booking_move_delay', \
-                       'booking_cancel_enable', \
-                       'booking_cancel_delay', \
-                       'subscription_explications_alert']`
+              names: `['machine_explications_alert', 'booking_window_start',  'booking_window_end',  'booking_move_enable', \
+                       'booking_move_delay', 'booking_cancel_enable',  'booking_cancel_delay', 'subscription_explications_alert' \
+                       'online_payment_module']`
             }).$promise;
           }]
         }
@@ -440,14 +435,9 @@ angular.module('application.router', ['ui.router'])
           groupsPromise: ['Group', function (Group) { return Group.query().$promise; }],
           settingsPromise: ['Setting', function (Setting) {
             return Setting.query({
-              names: `['booking_window_start', \
-                       'booking_window_end', \
-                       'booking_move_enable', \
-                       'booking_move_delay', \
-                       'booking_cancel_enable', \
-                       'booking_cancel_delay', \
-                       'subscription_explications_alert', \
-                       'space_explications_alert']` }).$promise;
+              names: `['booking_window_start', 'booking_window_end', 'booking_move_enable',  'booking_move_delay', \
+                       'booking_cancel_enable', 'booking_cancel_delay', 'subscription_explications_alert',  \
+                       'space_explications_alert', 'online_payment_module']` }).$promise;
           }]
         }
       })
@@ -495,15 +485,9 @@ angular.module('application.router', ['ui.router'])
           }],
           settingsPromise: ['Setting', function (Setting) {
             return Setting.query({
-              names: `['booking_window_start', \
-                       'booking_window_end', \
-                       'booking_move_enable', \
-                       'booking_move_delay', \
-                       'booking_cancel_enable', \
-                       'booking_cancel_delay', \
-                       'subscription_explications_alert', \
-                       'training_explications_alert', \
-                       'training_information_message']` }).$promise;
+              names: `['booking_window_start', 'booking_window_end', 'booking_move_enable', 'booking_move_delay', \
+                       'booking_cancel_enable', 'booking_cancel_delay', 'subscription_explications_alert', \
+                       'training_explications_alert', 'training_information_message', 'online_payment_module']` }).$promise;
           }]
         }
       })
@@ -531,7 +515,8 @@ angular.module('application.router', ['ui.router'])
         resolve: {
           subscriptionExplicationsPromise: ['Setting', function (Setting) { return Setting.get({ name: 'subscription_explications_alert' }).$promise; }],
           plansPromise: ['Plan', function (Plan) { return Plan.query().$promise; }],
-          groupsPromise: ['Group', function (Group) { return Group.query().$promise; }]
+          groupsPromise: ['Group', function (Group) { return Group.query().$promise; }],
+          settingsPromise: ['Setting', function (Setting) { return Setting.query({ names: "['online_payment_module']" }).$promise; }]
         }
       })
 
@@ -547,7 +532,8 @@ angular.module('application.router', ['ui.router'])
         resolve: {
           categoriesPromise: ['Category', function (Category) { return Category.query().$promise; }],
           themesPromise: ['EventTheme', function (EventTheme) { return EventTheme.query().$promise; }],
-          ageRangesPromise: ['AgeRange', function (AgeRange) { return AgeRange.query().$promise; }]
+          ageRangesPromise: ['AgeRange', function (AgeRange) { return AgeRange.query().$promise; }],
+          settingsPromise: ['Setting', function (Setting) { return Setting.query({ names: "['online_payment_module']" }).$promise; }]
         }
       })
       .state('app.public.events_show', {
@@ -853,7 +839,7 @@ angular.module('application.router', ['ui.router'])
                        'accounting_VAT_code', 'accounting_VAT_label', 'accounting_subscription_code', 'accounting_subscription_label', \
                        'accounting_Machine_code', 'accounting_Machine_label', 'accounting_Training_code', 'accounting_Training_label', \
                        'accounting_Event_code', 'accounting_Event_label', 'accounting_Space_code', 'accounting_Space_label', \
-                       'feature_tour_display']` }).$promise;
+                       'feature_tour_display', 'online_payment_module']` }).$promise;
           }],
           invoices: [ 'Invoice', function (Invoice) {
             return Invoice.list({

app/assets/templates/admin/invoices/index.html.erb

@@ -41,6 +41,10 @@
         <uib-tab heading="{{ 'app.admin.invoices.accounting_codes' | translate }}" index="2" class="accounting-codes-tab">
           <ng-include src="'<%= asset_path "admin/invoices/codes.html" %>'"></ng-include>
         </uib-tab>
+
+        <uib-tab heading="{{ 'app.admin.invoices.payment.payment_settings' | translate }}" index="3" class="payment-settings">
+          <ng-include src="'<%= asset_path "admin/invoices/payment.html" %>'"></ng-include>
+        </uib-tab>
 	    </uib-tabset>
 	  </div>
 

app/assets/templates/admin/invoices/payment.html.erb

@@ -0,0 +1,17 @@
+<div class="panel panel-default m-t-md">
+  <div class="panel-heading">
+    <span class="font-sbold" translate>{{ 'app.admin.invoices.payment.payment_settings' }}</span>
+  </div>
+  <div class="panel-body">
+    <div class="row">
+      <h3 class="m-l" translate>{{ 'app.admin.invoices.payment.online_payment' }}</h3>
+      <p class="alert alert-warning m-h-md" ng-bind-html="'app.admin.invoices.payment.online_payment_info_html' | translate"></p>
+      <boolean-setting name="online_payment_module"
+                       settings="allSettings"
+                       label="app.admin.invoices.payment.enable_online_payment"
+                       classes="m-l"
+                       fa-icon="fa-font">
+      </boolean-setting>
+    </div>
+  </div>
+</div>

app/controllers/api/payments_controller.rb

@@ -10,7 +10,7 @@ class API::PaymentsController < API::ApiController
   # was successfully made. After the payment was made, the reservation/subscription will be created
   ##
   def confirm_payment
-    render(json: { error: 'Online payment is disabled' }, status: :unauthorized) and return if Rails.application.secrets.fablab_without_online_payments
+    render(json: { error: 'Online payment is disabled' }, status: :unauthorized) and return unless Setting.get('online_payment_module')
 
     amount = nil # will contains the amount and the details of each invoice lines
     intent = nil # stripe's payment intent

app/models/setting.rb

@@ -95,7 +95,8 @@ class Setting < ApplicationRecord
                              allowed_cad_mime_types
                              openlab_app_id
                              openlab_app_secret
-                             openlab_default] }
+                             openlab_default
+                             online_payment_module] }
   def value
     last_value = history_values.order(HistoryValue.arel_table['created_at'].desc).first
     last_value&.value

app/services/health_service.rb

@@ -41,7 +41,7 @@ class HealthService
       reservations: last_week_new_reservations,
       plans: Setting.get('plans_module'),
       spaces: Setting.get('spaces_module'),
-      online_payment: !Rails.application.secrets.fablab_without_online_payments,
+      online_payment: Setting.get('online_payment_module'),
       invoices: Setting.get('invoicing_module'),
       openlab: Setting.get('openlab_app_secret').present?
     }

app/views/application/index.html.erb

@@ -25,7 +25,6 @@
 
       Fablab.plansModule = ('<%= Setting.get('plans_module') %>' === 'true');
       Fablab.spacesModule = ('<%= Setting.get('spaces_module') %>' === 'true');
-      Fablab.withoutOnlinePayment = ('<%= Rails.application.secrets.fablab_without_online_payments %>' === 'true');
       Fablab.fablabWithoutWallet = ('<%= Rails.application.secrets.fablab_without_wallet %>' === 'true');
       Fablab.defaultHost = "<%= Rails.application.secrets.default_host %>";
       Fablab.trackingId = "<%= Setting.get('tracking_id') %>";

config/locales/app.admin.en.yml

@@ -614,6 +614,11 @@ en:
           debit_euro: "Euro debit"
           credit_euro: "Euro credit"
           lettering: "Lettering"
+        payment:
+          payment_settings: "Payment settings"
+          online_payment: "Online payment"
+          online_payment_info_html: "You can enable your members to book directly online, paying by card. Alternatively, you can restrict the booking and payment processes for administrators and managers."
+          enable_online_payment: "Enable online payment"
       #management of users, labels, groups, and so on
       members:
         users_management: "Users management"

config/locales/app.admin.fr.yml

@@ -614,6 +614,11 @@ fr:
           debit_euro: "Débit euro"
           credit_euro: "Crédit euro"
           lettering: "Lettrage"
+        payment:
+          payment_settings: "Paramètres de paiement"
+          online_payment: "Paiement en ligne"
+          online_payment_info_html: "Vous pouvez permettre à vos membres de réserver directement en ligne, en payment par carte bancaire. De manière alternative, vous pouvez restreindre les processus de réservation et de paiement aux administrateurs et aux gestionnaires."
+          enable_online_payment: "Activer le paiement en ligne"
       #management of users, labels, groups, and so on
       members:
         users_management: "Gestion des utilisateurs"

config/secrets.yml

@@ -15,7 +15,6 @@ development:
   stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
   stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %>
   stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
-  fablab_without_online_payments: <%= ENV["FABLAB_WITHOUT_ONLINE_PAYMENT"] %>
   fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
   user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
@@ -48,7 +47,6 @@ test:
   stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
   stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %>
   stripe_currency: usd
-  fablab_without_online_payments: false
   fablab_without_wallet: false
   user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
@@ -81,7 +79,6 @@ staging:
   stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
   stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %>
   stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
-  fablab_without_online_payments: <%= ENV["FABLAB_WITHOUT_ONLINE_PAYMENT"] %>
   fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
   user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
@@ -125,7 +122,6 @@ production:
   stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
   stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %>
   stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
-  fablab_without_online_payments: <%= ENV["FABLAB_WITHOUT_ONLINE_PAYMENT"] %>
   fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
   user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>

db/seeds.rb

@@ -859,6 +859,27 @@ Setting.set('feature_tour_display', 'once') unless Setting.find_by(name: 'featur
 
 Setting.set('email_from', 'noreply@fab-manager.com') unless Setting.find_by(name: 'email_from').try(:value)
 
+Setting.set('online_payment_module', false) unless Setting.find_by(name: 'online_payment_module').try(:value)
+
+unless Setting.find_by(name: 'allowed_cad_extensions').try(:value)
+  Setting.set(
+    'allowed_cad_extensions',
+    'pdf ai eps cad math svg stl dxf dwg obj step iges igs 3dm 3dmf doc docx png ino scad fcad skp sldprt sldasm slddrw' \
+    'slddrt tex latex ps fcstd fcstd1'
+  )
+end
+
+unless Setting.find_by(name: 'allowed_cad_mime_types').try(:value)
+  Setting.set(
+    'allowed_cad_mime_types',
+    'application/pdf application/postscript application/illustrator image/x-eps image/svg+xml application/sla application/dxf ' \
+    'application/acad application/dwg application/octet-stream application/step application/iges model/iges x-world/x-3dmf ' \
+    'application/vnd.openxmlformats-officedocument.wordprocessingml.document image/png text/x-arduino text/plain application/scad ' \
+    'application/vnd.sketchup.skp application/x-koan application/vnd-koan koan/x-skm application/vnd.koan application/x-tex ' \
+    'application/x-latex application/x-extension-fcstd'
+  )
+end
+
 if StatisticCustomAggregation.count.zero?
   # available reservations hours for machines
   machine_hours = StatisticType.find_by(key: 'hour', statistic_index_id: 2)

lib/tasks/fablab/setup.rake

@@ -125,7 +125,8 @@ namespace :fablab do
         %w[_ ALLOWED_MIME_TYPES allowed_cad_mime_types],
         %w[_ OPENLAB_APP_ID openlab_app_id],
         %w[_ OPENLAB_APP_SECRET openlab_app_secret],
-        %w[_ OPENLAB_DEFAULT openlab_default]
+        %w[_ OPENLAB_DEFAULT openlab_default],
+        %w[! FABLAB_WITHOUT_ONLINE_PAYMENT online_payment_module false]
       ]
 
       mapping.each do |m|

test/fixtures/history_values.yml

@@ -629,3 +629,11 @@ history_value_65:
   created_at: 2020-06-01 11:12:21.255550000 Z
   updated_at: 2020-06-01 11:12:21.255550000 Z
   footprint:
+
+history_value_66:
+  id: 66
+  setting_id: 66
+  invoicing_profile_id: 1
+  value: true
+  created_at: 2020-06-08 17:12:16.846525000 Z
+  updated_at: 2020-06-08 17:12:16.846525000 Z

test/fixtures/settings.yml

@@ -382,3 +382,9 @@ setting_65:
   name: email_from
   created_at: 2020-06-01 11:12:21.255550000 Z
   updated_at: 2020-06-01 11:12:21.255550000 Z
+
+setting_66:
+  id: 66
+  name: online_payment_module
+  created_at: 2020-06-08 17:12:16.846525000 Z
+  updated_at: 2020-06-08 17:12:16.846525000 Z