diff options
-rw-r--r-- | billing/app/controllers/billing_base_controller.rb | 2 | ||||
-rw-r--r-- | billing/app/controllers/subscriptions_controller.rb | 2 | ||||
-rw-r--r-- | billing/app/views/subscriptions/show.html.haml | 3 | ||||
-rw-r--r-- | billing/config/routes.rb | 4 | ||||
-rw-r--r-- | billing/test/integration/subscription_test.rb | 48 |
5 files changed, 53 insertions, 6 deletions
diff --git a/billing/app/controllers/billing_base_controller.rb b/billing/app/controllers/billing_base_controller.rb index c250831..0453677 100644 --- a/billing/app/controllers/billing_base_controller.rb +++ b/billing/app/controllers/billing_base_controller.rb @@ -7,7 +7,7 @@ class BillingBaseController < ApplicationController def assign_user if params[:user_id] @user = User.find(params[:user_id]) - elsif params[:action] == "confirm" or params[:action] == "destroy" # confirms and subscription deletes will come back with different ID set, so check for this first + elsif params[:action] == "confirm"# confirms will come back with different ID set, so check for this first # This is only for cases where an admin cannot apply action for customer, but should be all confirms @user = current_user elsif params[:id] diff --git a/billing/app/controllers/subscriptions_controller.rb b/billing/app/controllers/subscriptions_controller.rb index 4047847..4b1851a 100644 --- a/billing/app/controllers/subscriptions_controller.rb +++ b/billing/app/controllers/subscriptions_controller.rb @@ -3,7 +3,7 @@ class SubscriptionsController < BillingBaseController before_filter :fetch_subscription, :only => [:show, :destroy] before_filter :confirm_no_active_subscription, :only => [:new, :create] # for now, admins cannot create or destroy subscriptions for others: - before_filter :confirm_self, :only => [:destroy, :new, :create] + before_filter :confirm_self, :only => [:new, :create] def new # don't show link to subscribe if they are already subscribed? diff --git a/billing/app/views/subscriptions/show.html.haml b/billing/app/views/subscriptions/show.html.haml index ebb7e0d..39f4d1a 100644 --- a/billing/app/views/subscriptions/show.html.haml +++ b/billing/app/views/subscriptions/show.html.haml @@ -3,5 +3,4 @@ Current Subscription = render :partial => "subscription_details", :locals => {:subscription => @subscription} -- if @user == current_user - = link_to t(:cancel_subscription), subscription_path(@subscription.id), :confirm => t(:are_you_sure), :method => :delete, :class => 'btn btn-danger' if @subscription.status == 'Active' # permission check or should that just be on show? += link_to t(:cancel_subscription), user_subscription_path(@user, @subscription.id), :confirm => t(:are_you_sure), :method => :delete, :class => 'btn btn-danger' if @subscription.status == 'Active' # permission check or should that just be on show? diff --git a/billing/config/routes.rb b/billing/config/routes.rb index 8b7b5bf..e024f43 100644 --- a/billing/config/routes.rb +++ b/billing/config/routes.rb @@ -4,7 +4,7 @@ Rails.application.routes.draw do match 'payments/confirm' => 'payments#confirm', :as => :confirm_payment resources :users do resources :payments, :only => [:index] - resources :subscriptions, :only => [:index, :show] + resources :subscriptions, :only => [:index, :show, :destroy] end resources :customer, :only => [:new, :edit] @@ -14,7 +14,7 @@ Rails.application.routes.draw do match 'customer/show/:id' => 'customer#show', :as => :show_customer match 'credit_card_info/confirm' => 'credit_card_info#confirm', :as => :confirm_credit_card_info - resources :subscriptions, :only => [:new, :create, :update, :destroy] # index and show are within users path + resources :subscriptions, :only => [:new, :create, :update] # index, show & destroy are within users path #match 'transactions/:product_id/new' => 'transactions#new', :as => :new_transaction #match 'transactions/confirm/:product_id' => 'transactions#confirm', :as => :confirm_transaction diff --git a/billing/test/integration/subscription_test.rb b/billing/test/integration/subscription_test.rb new file mode 100644 index 0000000..7410118 --- /dev/null +++ b/billing/test/integration/subscription_test.rb @@ -0,0 +1,48 @@ +require 'test_helper' +require 'fake_braintree' +require 'capybara/rails' + +class SubscriptionTest < ActionDispatch::IntegrationTest + include Warden::Test::Helpers + include Capybara::DSL + + setup do + Warden.test_mode! + @admin = User.find_by_login('admin') || FactoryGirl.create(:user, login: 'admin') + @customer = FactoryGirl.create(:customer) + @braintree_customer = FactoryGirl.create(:braintree_customer) + @customer.braintree_customer_id = @braintree_customer.id + @customer.save + @subscription = FakeBraintree::Subscription.new({:payment_method_token => @braintree_customer.credit_cards.first, :plan_id => '5'}, {:id => @braintree_customer.id, :merchant_id => Braintree::Configuration.merchant_id}) + # unfortunately @braintree_customer.credit_cards.first.subscriptions still returns empty array + end + + teardown do + Warden.test_reset! + @admin.destroy + @customer.destroy + end + + test "admin can cancel subscription for another" do + skip "not sure about testing admin cancelling subscription with fake_braintree" + login_as @admin + #visit user_subscriptions_path(@customer.user_id) + #delete :destroy, :id => @subscription.id + end + + #test "admin cannot add subscription for another" do + #end + + #test "authenticated user can cancel own subscription" do + #end + + #test "user cannot add subscription if they have active one" do + #end + + #test "user can view own subscriptions" + #end + + #test "admin can view another user's subscriptions" do + #end + +end |