blob: 717fa1830f5381bf3cd8d762ee2976d791880bd4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
class CreditCardInfoController < ApplicationController
before_filter :authorize, :set_user
def edit
@credit_card = Braintree::CreditCard.find(params[:id])
customer = Customer.find_by_user_id(@user.id)
if customer and customer.braintree_customer_id == @credit_card.customer_id
@tr_data = Braintree::TransparentRedirect.
update_credit_card_data(:redirect_url => confirm_credit_card_info_url,
:payment_method_token => @credit_card.token)
else
access_denied
end
end
def confirm
@result = Braintree::TransparentRedirect.confirm(request.query_string)
if @result.success?
render :action => "confirm"
else
@credit_card = Braintree::CreditCard.find(@result.params[:payment_method_token])
render :action => "edit"
end
end
private
def set_user
# this assumes anybody, even an admin, will not access for another user.
@user = current_user
end
end
|