From 88208627c9ef1103dd7eb5f38bdc1d1f99f35fda Mon Sep 17 00:00:00 2001 From: Sylvain Date: Wed, 10 Jun 2020 11:02:30 +0200 Subject: [PATCH] read stripe_public_key from the db --- app/assets/javascripts/controllers/events.js.erb | 12 ++++++++---- app/assets/javascripts/controllers/plans.js.erb | 10 +++++++--- app/assets/javascripts/directives/cart.js.erb | 10 +++++++--- app/assets/javascripts/directives/stripe-form.js.erb | 5 +++-- app/assets/templates/stripe/payment_modal.html.erb | 2 +- app/services/setting_service.rb | 6 +----- config/secrets.yml | 4 ---- doc/environment.md | 5 ++--- env.example | 3 +-- lib/tasks/fablab/stripe.rake | 2 +- setup/env.example | 1 - setup/setup.sh | 2 +- 12 files changed, 32 insertions(+), 30 deletions(-) diff --git a/app/assets/javascripts/controllers/events.js.erb b/app/assets/javascripts/controllers/events.js.erb index 2e49b97a7..42c140a05 100644 --- a/app/assets/javascripts/controllers/events.js.erb +++ b/app/assets/javascripts/controllers/events.js.erb @@ -698,10 +698,11 @@ Application.Controllers.controller('ShowEventController', ['$scope', '$state', ' }, cartItems () { return mkRequestParams(reservation, $scope.coupon.applied); - } + }, + stripeKey: ['Setting', function (Setting) { return Setting.get({ name: 'stripe_public_key' }).$promise; }] }, - controller: ['$scope', '$uibModalInstance', '$state', 'reservation', 'price', 'cgv', 'Auth', 'Reservation', 'growl', 'wallet', 'helpers', '$filter', 'coupon', 'cartItems', - function ($scope, $uibModalInstance, $state, reservation, price, cgv, Auth, Reservation, growl, wallet, helpers, $filter, coupon, cartItems) { + controller: ['$scope', '$uibModalInstance', '$state', 'reservation', 'price', 'cgv', 'Auth', 'Reservation', 'growl', 'wallet', 'helpers', '$filter', 'coupon', 'cartItems', 'stripeKey', + function ($scope, $uibModalInstance, $state, reservation, price, cgv, Auth, Reservation, growl, wallet, helpers, $filter, coupon, cartItems, stripeKey) { // User's wallet amount $scope.walletAmount = wallet.amount; @@ -720,8 +721,11 @@ Application.Controllers.controller('ShowEventController', ['$scope', '$state', ' // Used in wallet info template to interpolate some translations $scope.numberFilter = $filter('number'); + // stripe publishable key + $scope.stripeKey = stripeKey.setting.value; + // Callback to handle the post-payment and reservation - return $scope.onPaymentSuccess = function (reservation) { + $scope.onPaymentSuccess = function (reservation) { $uibModalInstance.close(reservation); }; } diff --git a/app/assets/javascripts/controllers/plans.js.erb b/app/assets/javascripts/controllers/plans.js.erb index adc9aac38..2033d2ad4 100644 --- a/app/assets/javascripts/controllers/plans.js.erb +++ b/app/assets/javascripts/controllers/plans.js.erb @@ -244,10 +244,11 @@ Application.Controllers.controller('PlansIndexController', ['$scope', '$rootScop wallet () { return Wallet.getWalletByUser({ user_id: $scope.ctrl.member.id }).$promise; }, - coupon () { return $scope.coupon.applied; } + coupon () { return $scope.coupon.applied; }, + stripeKey: ['Setting', function (Setting) { return Setting.get({ name: 'stripe_public_key' }).$promise; }] }, - controller: ['$scope', '$uibModalInstance', '$state', 'selectedPlan', 'member', 'price', 'Subscription', 'CustomAsset', 'wallet', 'helpers', '$filter', 'coupon', - function ($scope, $uibModalInstance, $state, selectedPlan, member, price, Subscription, CustomAsset, wallet, helpers, $filter, coupon) { + controller: ['$scope', '$uibModalInstance', '$state', 'selectedPlan', 'member', 'price', 'Subscription', 'CustomAsset', 'wallet', 'helpers', '$filter', 'coupon', 'stripeKey', + function ($scope, $uibModalInstance, $state, selectedPlan, member, price, Subscription, CustomAsset, wallet, helpers, $filter, coupon, stripeKey) { // User's wallet amount $scope.walletAmount = wallet.amount; @@ -268,6 +269,9 @@ Application.Controllers.controller('PlansIndexController', ['$scope', '$rootScop } }; + // stripe publishable key + $scope.stripeKey = stripeKey.setting.value; + // retrieve the CGV CustomAsset.get({ name: 'cgv-file' }, function (cgv) { $scope.cgv = cgv.custom_asset; }); diff --git a/app/assets/javascripts/directives/cart.js.erb b/app/assets/javascripts/directives/cart.js.erb index d214f6fc8..f3085bb84 100644 --- a/app/assets/javascripts/directives/cart.js.erb +++ b/app/assets/javascripts/directives/cart.js.erb @@ -632,10 +632,11 @@ Application.Directives.directive('cart', [ '$rootScope', '$uibModal', 'dialogs', }, cartItems () { return mkRequestParams(reservation, $scope.coupon.applied); - } + }, + stripeKey: ['Setting', function (Setting) { return Setting.get({ name: 'stripe_public_key' }).$promise; }] }, - controller: ['$scope', '$uibModalInstance', '$state', 'reservation', 'price', 'cgv', 'Auth', 'Reservation', 'wallet', 'helpers', '$filter', 'coupon', 'cartItems', - function ($scope, $uibModalInstance, $state, reservation, price, cgv, Auth, Reservation, wallet, helpers, $filter, coupon, cartItems) { + controller: ['$scope', '$uibModalInstance', '$state', 'reservation', 'price', 'cgv', 'Auth', 'Reservation', 'wallet', 'helpers', '$filter', 'coupon', 'cartItems', 'stripeKey', + function ($scope, $uibModalInstance, $state, reservation, price, cgv, Auth, Reservation, wallet, helpers, $filter, coupon, cartItems, stripeKey) { // user wallet amount $scope.walletAmount = wallet.amount; @@ -654,6 +655,9 @@ Application.Directives.directive('cart', [ '$rootScope', '$uibModal', 'dialogs', // Used in wallet info template to interpolate some translations $scope.numberFilter = $filter('number'); + // stripe publishable key + $scope.stripeKey = stripeKey.setting.value; + /** * Callback to handle the post-payment and reservation */ diff --git a/app/assets/javascripts/directives/stripe-form.js.erb b/app/assets/javascripts/directives/stripe-form.js.erb index 4f125e4b4..5aa8c7ee4 100644 --- a/app/assets/javascripts/directives/stripe-form.js.erb +++ b/app/assets/javascripts/directives/stripe-form.js.erb @@ -12,10 +12,11 @@ Application.Directives.directive('stripeForm', ['Payment', 'growl', '_t', restrict: 'A', scope: { cartItems: '=', - onPaymentSuccess: '=' + onPaymentSuccess: '=', + stripeKey: '@' }, link: function($scope, element, attributes) { - const stripe = Stripe('<%= Rails.application.secrets.stripe_publishable_key %>'); + const stripe = Stripe($scope.stripeKey); const elements = stripe.elements(); const style = { diff --git a/app/assets/templates/stripe/payment_modal.html.erb b/app/assets/templates/stripe/payment_modal.html.erb index 7f6f70be8..d87527559 100644 --- a/app/assets/templates/stripe/payment_modal.html.erb +++ b/app/assets/templates/stripe/payment_modal.html.erb @@ -7,7 +7,7 @@ {{alert.msg}}
-
+

diff --git a/app/services/setting_service.rb b/app/services/setting_service.rb index 97dfa72e3..7dc653aa6 100644 --- a/app/services/setting_service.rb +++ b/app/services/setting_service.rb @@ -13,10 +13,6 @@ class SettingService NotifyPrivacyUpdateWorker.perform_async(id) if setting.name == 'privacy_body' # sync all users on stripe - return unless %w[stripe_public_key stripe_secret_key].include? setting.name - - SyncMembersOnStripeWorker.perform_async( - setting.history_values.last&.invoicing_profile&.user&.id - ) + SyncMembersOnStripeWorker.perform_async(setting.history_values.last&.invoicing_profile&.user&.id) if setting.name == 'stripe_secret_key' end end diff --git a/config/secrets.yml b/config/secrets.yml index 280eb96d0..603775086 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -13,7 +13,6 @@ development: secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> stripe_api_key: <%= ENV["STRIPE_API_KEY"] %> - stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %> stripe_currency: <%= ENV["STRIPE_CURRENCY"] %> fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %> user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %> @@ -45,7 +44,6 @@ development: test: secret_key_base: 83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30 stripe_api_key: <%= ENV["STRIPE_API_KEY"] %> - stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %> stripe_currency: usd fablab_without_wallet: false user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %> @@ -77,7 +75,6 @@ test: staging: secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> stripe_api_key: <%= ENV["STRIPE_API_KEY"] %> - stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %> stripe_currency: <%= ENV["STRIPE_CURRENCY"] %> fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %> user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %> @@ -120,7 +117,6 @@ staging: production: secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> stripe_api_key: <%= ENV["STRIPE_API_KEY"] %> - stripe_publishable_key: <%= ENV["STRIPE_PUBLISHABLE_KEY"] %> stripe_currency: <%= ENV["STRIPE_CURRENCY"] %> fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %> user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %> diff --git a/doc/environment.md b/doc/environment.md index 128d368c2..de2a8ad06 100644 --- a/doc/environment.md +++ b/doc/environment.md @@ -51,9 +51,9 @@ When using docker-compose, you should provide the name of the service in your [d Used by the authentication system to generate random tokens, eg. for resetting passwords. Used by Rails to verify the integrity of signed cookies. You can generate such a random key by running `rails secret`. - + - STRIPE_API_KEY & STRIPE_PUBLISHABLE_KEY + STRIPE_API_KEY Key and secret used to identify you Stripe account through the API. Retrieve them from https://dashboard.stripe.com/account/apikeys. @@ -64,7 +64,6 @@ If you change these keys during the application lifecycle, you must run `rails f Please note that Stripe have changed the naming of their keys. Here's the matching: `STRIPE_API_KEY` = secret key -`STRIPE_PUBLISHABLE_KEY` = public key STRIPE_CURRENCY diff --git a/env.example b/env.example index 888ceb410..49cadffe3 100644 --- a/env.example +++ b/env.example @@ -8,8 +8,7 @@ ELASTICSEARCH_HOST=fabmanager-elastic # Stripe SECRET_KEY_BASE=83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30 -STRIPE_API_KEY= -STRIPE_PUBLISHABLE_KEY= +STRIPE_API_KEY== STRIPE_CURRENCY=eur # Invoices diff --git a/lib/tasks/fablab/stripe.rake b/lib/tasks/fablab/stripe.rake index 579eaf513..fdcbffd3d 100644 --- a/lib/tasks/fablab/stripe.rake +++ b/lib/tasks/fablab/stripe.rake @@ -40,7 +40,7 @@ namespace :fablab do Dir['test/vcr_cassettes/*.yml'].each do |cassette_file| cassette = File.read(cassette_file) cassette = cassette.gsub(Rails.application.secrets.stripe_api_key, 'sk_test_testfaketestfaketestfake') - cassette = cassette.gsub(Rails.application.secrets.stripe_publishable_key, 'pk_test_faketestfaketestfaketest') + cassette = cassette.gsub(Setting.get('stripe_public_key'), 'pk_test_faketestfaketestfaketest') puts cassette File.write(cassette_file, cassette) end diff --git a/setup/env.example b/setup/env.example index 862847836..ae4049a37 100644 --- a/setup/env.example +++ b/setup/env.example @@ -5,7 +5,6 @@ ELASTICSEARCH_HOST=elasticsearch SECRET_KEY_BASE= STRIPE_API_KEY= -STRIPE_PUBLISHABLE_KEY= STRIPE_CURRENCY=eur INVOICE_PREFIX=Demo-FabLab_facture diff --git a/setup/setup.sh b/setup/setup.sh index aa4ed6596..e338c1aae 100755 --- a/setup/setup.sh +++ b/setup/setup.sh @@ -234,7 +234,7 @@ configure_env_file() local doc variables secret doc=$(\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/doc/environment.md) - variables=(STRIPE_API_KEY STRIPE_PUBLISHABLE_KEY STRIPE_CURRENCY INVOICE_PREFIX FABLAB_WITHOUT_ONLINE_PAYMENT FABLAB_WITHOUT_WALLET \ + variables=(STRIPE_API_KEY STRIPE_CURRENCY INVOICE_PREFIX FABLAB_WITHOUT_ONLINE_PAYMENT FABLAB_WITHOUT_WALLET \ USER_CONFIRMATION_NEEDED_TO_SIGN_IN DEFAULT_HOST DEFAULT_PROTOCOL DELIVERY_METHOD SMTP_ADDRESS SMTP_PORT SMTP_USER_NAME SMTP_PASSWORD SMTP_AUTHENTICATION \ SMTP_ENABLE_STARTTLS_AUTO SMTP_OPENSSL_VERIFY_MODE SMTP_TLS \ LOG_LEVEL MAX_IMAGE_SIZE MAX_CAO_SIZE MAX_IMPORT_SIZE DISK_SPACE_MB_ALERT \