diff options
author | jessib <jessib@riseup.net> | 2013-08-01 12:18:03 -0700 |
---|---|---|
committer | jessib <jessib@riseup.net> | 2013-08-01 12:18:03 -0700 |
commit | a98752629c8d04a5fde2287a924855de63321bb2 (patch) | |
tree | d76250a6c7998de9a8cff9a8912fda0c70a44057 /billing/app/controllers | |
parent | 368dbc55966b2b74699065e07de28fe321f286b6 (diff) |
Start to functionality for admins viewing billing of other users.
Diffstat (limited to 'billing/app/controllers')
-rw-r--r-- | billing/app/controllers/billing_base_controller.rb | 7 | ||||
-rw-r--r-- | billing/app/controllers/customer_controller.rb | 22 |
2 files changed, 19 insertions, 10 deletions
diff --git a/billing/app/controllers/billing_base_controller.rb b/billing/app/controllers/billing_base_controller.rb index dc15194..67dff72 100644 --- a/billing/app/controllers/billing_base_controller.rb +++ b/billing/app/controllers/billing_base_controller.rb @@ -4,8 +4,13 @@ class BillingBaseController < ApplicationController helper 'billing' # required for navigation to work. + #TODO doesn't work for admins def assign_user - @user = current_user + if params[:id] + @user = User.find_by_param(params[:id]) + else + @user = current_user #TODO not always correct for admins viewing another user! + end end end diff --git a/billing/app/controllers/customer_controller.rb b/billing/app/controllers/customer_controller.rb index 14ea8a7..f38f77e 100644 --- a/billing/app/controllers/customer_controller.rb +++ b/billing/app/controllers/customer_controller.rb @@ -1,10 +1,13 @@ class CustomerController < BillingBaseController before_filter :authorize + def show - customer.with_braintree_data! - @default_cc = customer.default_credit_card #TODO not actually right way - @active_subscription = customer.subscriptions - @transactions = customer.braintree_customer.transactions + if customer = fetch_customer + customer.with_braintree_data! + @default_cc = customer.default_credit_card #TODO not actually right way + @active_subscription = customer.subscriptions + @transactions = customer.braintree_customer.transactions + end end def new @@ -50,12 +53,13 @@ class CustomerController < BillingBaseController :customer_id => customer.braintree_customer_id) ##?? end - def customer - @customer ||= Customer.find(params[:id]) if params[:id] # edit, show - @customer ||= Customer.find_by_user_id(current_user.id) # confirm - @customer ||= Customer.new(user: current_user) + def fetch_customer + @customer = Customer.find_by_user_id(@user.id) + if @user == current_user + @customer ||= Customer.new(user: @user) + end # TODO will want case for admins, presumably - access_denied unless @customer.user == current_user + access_denied unless (@customer and (@customer.user == current_user)) or admin? return @customer end end |