From 636692f9921bd695d726695d2d46c91f5a6e56f3 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 11 Apr 2014 10:03:19 +0200
Subject: move engines into engines directory

Also renamed help to support so it's harder to confuse it with documentation
---
 .../app/controllers/credit_card_info_controller.rb | 35 ++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 engines/billing/app/controllers/credit_card_info_controller.rb

(limited to 'engines/billing/app/controllers/credit_card_info_controller.rb')

diff --git a/engines/billing/app/controllers/credit_card_info_controller.rb b/engines/billing/app/controllers/credit_card_info_controller.rb
new file mode 100644
index 0000000..fbaa6f1
--- /dev/null
+++ b/engines/billing/app/controllers/credit_card_info_controller.rb
@@ -0,0 +1,35 @@
+class CreditCardInfoController < ApplicationController
+  before_filter :require_login, :set_user
+
+  def edit
+    @credit_card = Braintree::CreditCard.find(params[:id])
+    customer = Customer.find_by_user_id(@user.id)
+    if customer and customer.braintree_customer_id == @credit_card.customer_id
+      @tr_data = Braintree::TransparentRedirect.
+        update_credit_card_data(:redirect_url => confirm_credit_card_info_url,
+                                :payment_method_token => @credit_card.token)
+    else
+      access_denied
+    end
+
+  end
+
+  def confirm
+    @result = Braintree::TransparentRedirect.confirm(request.query_string)
+    if @result.success?
+      render :action => "confirm"
+    else
+      @credit_card = Braintree::CreditCard.find(@result.params[:payment_method_token])
+      render :action => "edit"
+    end
+  end
+
+
+  private
+
+    def set_user
+    # this assumes anybody, even an admin, will not access for another user.
+    @user = current_user
+  end
+
+end
-- 
cgit v1.2.3