From 4e471f6b35c012d2825f6be19e24ecd5fef8d636 Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 8 Oct 2013 14:33:02 -0700 Subject: Consider pending & past due subscriptions as 'active' in the sense that they should prevent one from adding a new subscription. --- billing/app/controllers/subscriptions_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'billing/app/controllers/subscriptions_controller.rb') diff --git a/billing/app/controllers/subscriptions_controller.rb b/billing/app/controllers/subscriptions_controller.rb index 7689f35..4758adb 100644 --- a/billing/app/controllers/subscriptions_controller.rb +++ b/billing/app/controllers/subscriptions_controller.rb @@ -1,7 +1,7 @@ class SubscriptionsController < BillingBaseController before_filter :authorize before_filter :fetch_subscription, :only => [:show, :destroy] - before_filter :confirm_no_active_subscription, :only => [:new, :create] + before_filter :confirm_no_pending_active_pastdue_subscription, :only => [:new, :create] # for now, admins cannot create or destroy subscriptions for others: before_filter :confirm_self, :only => [:new, :create] @@ -38,10 +38,10 @@ class SubscriptionsController < BillingBaseController end - def confirm_no_active_subscription + def confirm_no_pending_active_pastdue_subscription @customer = Customer.find_by_user_id(@user.id) if subscription = @customer.subscriptions # will return active subscription, if it exists - redirect_to subscription_path(subscription.id), :notice => 'You already have an active subscription' + redirect_to user_subscription_path(@user, subscription.id), :notice => 'You already have a subscription' end end -- cgit v1.2.3 From 51f93fc87c9cadbe52877ddc3e7c5fd07866b397 Mon Sep 17 00:00:00 2001 From: jessib Date: Thu, 10 Oct 2013 11:35:26 -0700 Subject: Admins can cancel pastdue subscriptions, but users cannot cancel their own pastdue subscription, as then admins won't be able to search for them. --- billing/app/controllers/subscriptions_controller.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'billing/app/controllers/subscriptions_controller.rb') diff --git a/billing/app/controllers/subscriptions_controller.rb b/billing/app/controllers/subscriptions_controller.rb index 4758adb..3fd5ae5 100644 --- a/billing/app/controllers/subscriptions_controller.rb +++ b/billing/app/controllers/subscriptions_controller.rb @@ -1,6 +1,7 @@ class SubscriptionsController < BillingBaseController before_filter :authorize before_filter :fetch_subscription, :only => [:show, :destroy] + before_filter :only_admin_active_pending, :only => [:destroy] before_filter :confirm_no_pending_active_pastdue_subscription, :only => [:new, :create] # for now, admins cannot create or destroy subscriptions for others: before_filter :confirm_self, :only => [:new, :create] @@ -38,9 +39,13 @@ class SubscriptionsController < BillingBaseController end + def only_admin_active_pending + access_denied unless admin? or ['Pending', 'Active'].include? @subscription.status + end + def confirm_no_pending_active_pastdue_subscription @customer = Customer.find_by_user_id(@user.id) - if subscription = @customer.subscriptions # will return active subscription, if it exists + if subscription = @customer.subscriptions # will return pending, active or pastdue subscription, if it exists redirect_to user_subscription_path(@user, subscription.id), :notice => 'You already have a subscription' end end -- cgit v1.2.3 From a6f32017f5c7802798f10e2f4041037fb5684def Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 15 Oct 2013 15:08:35 -0700 Subject: Add permissions to subscriptions index, and fix test to stub the subscription's balance. --- billing/app/controllers/subscriptions_controller.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'billing/app/controllers/subscriptions_controller.rb') diff --git a/billing/app/controllers/subscriptions_controller.rb b/billing/app/controllers/subscriptions_controller.rb index 3fd5ae5..0a1c733 100644 --- a/billing/app/controllers/subscriptions_controller.rb +++ b/billing/app/controllers/subscriptions_controller.rb @@ -2,6 +2,7 @@ class SubscriptionsController < BillingBaseController before_filter :authorize before_filter :fetch_subscription, :only => [:show, :destroy] before_filter :only_admin_active_pending, :only => [:destroy] + before_filter :confirm_self_or_admin, :only => [:index] before_filter :confirm_no_pending_active_pastdue_subscription, :only => [:new, :create] # for now, admins cannot create or destroy subscriptions for others: before_filter :confirm_self, :only => [:new, :create] @@ -17,6 +18,7 @@ class SubscriptionsController < BillingBaseController def create @result = Braintree::Subscription.create( :payment_method_token => params[:payment_method_token], :plan_id => params[:plan_id] ) + #if you want to test pastdue, can add :price => '2001', :trial_period => true,:trial_duration => 1,:trial_duration_unit => "day" and then wait a day end def destroy @@ -54,4 +56,8 @@ class SubscriptionsController < BillingBaseController @user == current_user end + def confirm_self_or_admin + access_denied unless confirm_self or admin? + end + end -- cgit v1.2.3 From 92cb054d53aaac6864a6a805d9cdd3919f4a38bc Mon Sep 17 00:00:00 2001 From: jessib Date: Thu, 17 Oct 2013 13:58:54 -0700 Subject: Some cleanup of code to deal with past due subscriptions. --- billing/app/controllers/subscriptions_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'billing/app/controllers/subscriptions_controller.rb') diff --git a/billing/app/controllers/subscriptions_controller.rb b/billing/app/controllers/subscriptions_controller.rb index 0a1c733..01aaab4 100644 --- a/billing/app/controllers/subscriptions_controller.rb +++ b/billing/app/controllers/subscriptions_controller.rb @@ -1,7 +1,7 @@ class SubscriptionsController < BillingBaseController before_filter :authorize before_filter :fetch_subscription, :only => [:show, :destroy] - before_filter :only_admin_active_pending, :only => [:destroy] + before_filter :confirm_cancel_subscription, :only => [:destroy] before_filter :confirm_self_or_admin, :only => [:index] before_filter :confirm_no_pending_active_pastdue_subscription, :only => [:new, :create] # for now, admins cannot create or destroy subscriptions for others: @@ -41,8 +41,8 @@ class SubscriptionsController < BillingBaseController end - def only_admin_active_pending - access_denied unless admin? or ['Pending', 'Active'].include? @subscription.status + def confirm_cancel_subscription + access_denied unless view_context.allow_cancel_subscription(@subscription) end def confirm_no_pending_active_pastdue_subscription -- cgit v1.2.3