diff options
| author | Azul <azul@leap.se> | 2013-09-20 14:22:28 +0200 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2013-09-20 14:22:28 +0200 |
| commit | 985406273233905868c70918bafd767d8870c76a (patch) | |
| tree | 2b1ab7c9e89f2aaae379938430f40e5b3babfbbf /billing/app | |
| parent | 13e91941396a74b6245dcb9d81b9cfa77861df95 (diff) | |
| parent | 890c9e170fc038eccb46eca3c1ddcf6f05eaa53f (diff) | |
Merge tag '0.2.3'
Diffstat (limited to 'billing/app')
| -rw-r--r-- | billing/app/controllers/billing_base_controller.rb | 2 | ||||
| -rw-r--r-- | billing/app/controllers/subscriptions_controller.rb | 5 | ||||
| -rw-r--r-- | billing/app/views/subscriptions/show.html.haml | 3 |
3 files changed, 5 insertions, 5 deletions
diff --git a/billing/app/controllers/billing_base_controller.rb b/billing/app/controllers/billing_base_controller.rb index c250831..0453677 100644 --- a/billing/app/controllers/billing_base_controller.rb +++ b/billing/app/controllers/billing_base_controller.rb @@ -7,7 +7,7 @@ class BillingBaseController < ApplicationController def assign_user if params[:user_id] @user = User.find(params[:user_id]) - elsif params[:action] == "confirm" or params[:action] == "destroy" # confirms and subscription deletes will come back with different ID set, so check for this first + elsif params[:action] == "confirm"# confirms will come back with different ID set, so check for this first # This is only for cases where an admin cannot apply action for customer, but should be all confirms @user = current_user elsif params[:id] diff --git a/billing/app/controllers/subscriptions_controller.rb b/billing/app/controllers/subscriptions_controller.rb index 4047847..7689f35 100644 --- a/billing/app/controllers/subscriptions_controller.rb +++ b/billing/app/controllers/subscriptions_controller.rb @@ -3,7 +3,7 @@ class SubscriptionsController < BillingBaseController before_filter :fetch_subscription, :only => [:show, :destroy] before_filter :confirm_no_active_subscription, :only => [:new, :create] # for now, admins cannot create or destroy subscriptions for others: - before_filter :confirm_self, :only => [:destroy, :new, :create] + before_filter :confirm_self, :only => [:new, :create] def new # don't show link to subscribe if they are already subscribed? @@ -31,7 +31,8 @@ class SubscriptionsController < BillingBaseController def fetch_subscription @subscription = Braintree::Subscription.find params[:id] - @subscription_customer_id = @subscription.transactions.first.customer_details.id #all of subscriptions transactions should have same customer + @credit_card = Braintree::CreditCard.find @subscription.payment_method_token + @subscription_customer_id = @credit_card.customer_id current_user_customer = Customer.find_by_user_id(current_user.id) access_denied unless admin? or (current_user_customer and current_user_customer.braintree_customer_id == @subscription_customer_id) diff --git a/billing/app/views/subscriptions/show.html.haml b/billing/app/views/subscriptions/show.html.haml index ebb7e0d..39f4d1a 100644 --- a/billing/app/views/subscriptions/show.html.haml +++ b/billing/app/views/subscriptions/show.html.haml @@ -3,5 +3,4 @@ Current Subscription = render :partial => "subscription_details", :locals => {:subscription => @subscription} -- if @user == current_user - = link_to t(:cancel_subscription), subscription_path(@subscription.id), :confirm => t(:are_you_sure), :method => :delete, :class => 'btn btn-danger' if @subscription.status == 'Active' # permission check or should that just be on show? += link_to t(:cancel_subscription), user_subscription_path(@user, @subscription.id), :confirm => t(:are_you_sure), :method => :delete, :class => 'btn btn-danger' if @subscription.status == 'Active' # permission check or should that just be on show? |