summaryrefslogtreecommitdiff
path: root/billing
diff options
context:
space:
mode:
authorjessib <jessib@leap.se>2013-03-25 14:18:14 -0700
committerAzul <azul@leap.se>2013-07-17 10:46:26 +0200
commit1d52045fe474c2e2e742477d54fe7acc8e0f9f1b (patch)
treedf975a4ca9fcdc62f7660c75d00ff1e7960b3131 /billing
parent04288c2a2179d7aa71a2fa21267e6f02fb0400e2 (diff)
One Braintree customer per user, and some permissions checks (will need to change for admins.)
Diffstat (limited to 'billing')
-rw-r--r--billing/app/controllers/customer_controller.rb30
1 files changed, 19 insertions, 11 deletions
diff --git a/billing/app/controllers/customer_controller.rb b/billing/app/controllers/customer_controller.rb
index bdb89f7..e6bf76b 100644
--- a/billing/app/controllers/customer_controller.rb
+++ b/billing/app/controllers/customer_controller.rb
@@ -2,19 +2,27 @@ class CustomerController < ApplicationController
before_filter :authorize
def new
- @tr_data = Braintree::TransparentRedirect.
- create_customer_data(:redirect_url => confirm_customer_url)
- end
+ if customer = Customer.find_by_user_id(current_user.id)
+ redirect_to edit_customer_path(customer.braintree_customer_id)
+ else
+ @tr_data = Braintree::TransparentRedirect.
+ create_customer_data(:redirect_url => confirm_customer_url)
+ end
+ end
def edit
- customer = Customer.find_by_user_id(current_user.id)
- #current_customer.with_braintree_data!
- # @credit_card = current_customer.default_credit_card
- @braintree_data = Braintree::Customer.find(customer.braintree_customer_id)
- @default_cc = @braintree_data.credit_cards.find { |cc| cc.default? }
- @tr_data = Braintree::TransparentRedirect.
- update_customer_data(:redirect_url => confirm_customer_url,
- :customer_id => customer.braintree_customer_id)
+ if (params[:id] == Customer.find_by_user_id(current_user.id).braintree_customer_id)
+ #current_customer.with_braintree_data!
+ # @credit_card = current_customer.default_credit_card
+ @braintree_data = Braintree::Customer.find(params[:id])
+ @default_cc = @braintree_data.credit_cards.find { |cc| cc.default? }
+ @tr_data = Braintree::TransparentRedirect.
+ update_customer_data(:redirect_url => confirm_customer_url,
+ :customer_id => params[:id])
+ else
+ # TODO: will want to have case for admins, presumably
+ access_denied
+ end
end
def confirm