1 files changed, 64 insertions, 0 deletions

diff --git a/engines/billing/app/controllers/customer_controller.rb b/engines/billing/app/controllers/customer_controller.rb
new file mode 100644
index 0000000..6cbcb44
--- /dev/null
+++ b/engines/billing/app/controllers/customer_controller.rb
@@ -0,0 +1,64 @@
+class CustomerController < BillingBaseController
+  before_filter :require_login, :fetch_customer
+
+  def show
+    if @customer
+      @customer.with_braintree_data!
+      @default_cc = @customer.default_credit_card
+      @active_subscription = @customer.subscriptions
+      @transactions = @customer.braintree_customer.transactions
+    end
+  end
+
+  def new
+    if @customer.has_payment_info?
+      redirect_to edit_customer_path(@user), :notice => 'Here is your saved customer data'
+    else
+      fetch_new_transparent_redirect_data
+    end
+  end
+
+  def edit
+    fetch_edit_transparent_redirect_data
+  end
+
+  def confirm
+    @result = Braintree::TransparentRedirect.confirm(request.query_string)
+    if @result.success?
+      @customer.braintree_customer =  @result.customer
+      @customer.save
+      render :action => "confirm"
+    elsif @customer.has_payment_info?
+      fetch_edit_transparent_redirect_data
+      render :action => "edit"
+    else
+      fetch_new_transparent_redirect_data
+      render :action => "new"
+    end
+  end
+
+  protected
+
+  def fetch_new_transparent_redirect_data
+    access_denied unless @user == current_user # admins cannot do this for others
+    @tr_data = Braintree::TransparentRedirect.
+      create_customer_data(:redirect_url => confirm_customer_url)
+  end
+
+  def fetch_edit_transparent_redirect_data
+    access_denied unless @user == current_user # admins cannot do this for others
+    @customer.with_braintree_data!
+    @default_cc = @customer.default_credit_card
+    @tr_data = Braintree::TransparentRedirect.
+      update_customer_data(:redirect_url => confirm_customer_url,
+                           :customer_id => @customer.braintree_customer_id) ##??
+  end
+
+  def fetch_customer
+    @customer = Customer.find_by_user_id(@user.id)
+    if @user == current_user
+      @customer ||= Customer.new(user: @user)
+    end
+    access_denied unless (@customer and (@customer.user == current_user)) or admin?
+  end
+end