1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2024-12-10 21:24:20 +01:00
fab-manager/app/controllers/api/subscriptions_controller.rb
2016-07-21 16:32:55 +02:00

79 lines
2.7 KiB
Ruby

class API::SubscriptionsController < API::ApiController
include FablabConfiguration
before_action :set_subscription, only: [:show, :edit, :update, :destroy]
before_action :authenticate_user!
def show
authorize @subscription
end
def create
if fablab_plans_deactivated?
head 403
else
if current_user.is_admin?
@subscription = Subscription.find_or_initialize_by(user_id: subscription_params[:user_id])
@subscription.update_column(:expired_at, nil) unless @subscription.new_record? # very important
@subscription.attributes = subscription_params
is_subscribe = @subscription.save_with_local_payment(!User.find(subscription_params[:user_id]).invoicing_disabled?)
else
member = User.find(subscription_params[:user_id])
plan = Plan.find(subscription_params[:plan_id])
@subscription = Subscription.find_or_initialize_by(user_id: current_user.id)
if valid_card_token?(subscription_params[:card_token]) or (member.wallet.amount >= plan.amount / 100.0)
@subscription.update_column(:expired_at, nil) unless @subscription.new_record? # very important
@subscription.attributes = subscription_params.merge(user_id: current_user.id)
is_subscribe = @subscription.save_with_payment
else
is_subscribe = false
end
end
if is_subscribe
render :show, status: :created, location: @subscription
else
render json: @subscription.errors, status: :unprocessable_entity
end
end
end
def update
authorize @subscription
free_days = params[:subscription][:free] == true
if @subscription.extend_expired_date(subscription_update_params[:expired_at], free_days)
ex_expired_at = @subscription.previous_changes[:expired_at].first
@subscription.user.generate_admin_invoice(free_days, ex_expired_at)
render status: :ok
else
render status: :unprocessable_entity
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_subscription
@subscription = Subscription.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def subscription_params
params.require(:subscription).permit(:plan_id, :user_id, :card_token)
end
def subscription_update_params
params.require(:subscription).permit(:expired_at)
end
# TODO refactor subscriptions logic and move this in model/validator
def valid_card_token?(token)
begin
Stripe::Token.retrieve(token)
rescue Stripe::InvalidRequestError => e
@subscription.errors[:card_token] << e.message
false
end
end
end