diff options
author | jessib <jessib@leap.se> | 2013-03-25 14:18:14 -0700 |
---|---|---|
committer | Azul <azul@leap.se> | 2013-07-17 10:46:26 +0200 |
commit | 1d52045fe474c2e2e742477d54fe7acc8e0f9f1b (patch) | |
tree | df975a4ca9fcdc62f7660c75d00ff1e7960b3131 /billing | |
parent | 04288c2a2179d7aa71a2fa21267e6f02fb0400e2 (diff) |
One Braintree customer per user, and some permissions checks (will need to change for admins.)
Diffstat (limited to 'billing')
-rw-r--r-- | billing/app/controllers/customer_controller.rb | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/billing/app/controllers/customer_controller.rb b/billing/app/controllers/customer_controller.rb index bdb89f7..e6bf76b 100644 --- a/billing/app/controllers/customer_controller.rb +++ b/billing/app/controllers/customer_controller.rb @@ -2,19 +2,27 @@ class CustomerController < ApplicationController before_filter :authorize def new - @tr_data = Braintree::TransparentRedirect. - create_customer_data(:redirect_url => confirm_customer_url) - end + if customer = Customer.find_by_user_id(current_user.id) + redirect_to edit_customer_path(customer.braintree_customer_id) + else + @tr_data = Braintree::TransparentRedirect. + create_customer_data(:redirect_url => confirm_customer_url) + end + end def edit - customer = Customer.find_by_user_id(current_user.id) - #current_customer.with_braintree_data! - # @credit_card = current_customer.default_credit_card - @braintree_data = Braintree::Customer.find(customer.braintree_customer_id) - @default_cc = @braintree_data.credit_cards.find { |cc| cc.default? } - @tr_data = Braintree::TransparentRedirect. - update_customer_data(:redirect_url => confirm_customer_url, - :customer_id => customer.braintree_customer_id) + if (params[:id] == Customer.find_by_user_id(current_user.id).braintree_customer_id) + #current_customer.with_braintree_data! + # @credit_card = current_customer.default_credit_card + @braintree_data = Braintree::Customer.find(params[:id]) + @default_cc = @braintree_data.credit_cards.find { |cc| cc.default? } + @tr_data = Braintree::TransparentRedirect. + update_customer_data(:redirect_url => confirm_customer_url, + :customer_id => params[:id]) + else + # TODO: will want to have case for admins, presumably + access_denied + end end def confirm |