summaryrefslogtreecommitdiff
path: root/billing/app/controllers/customer_controller.rb
blob: 0120e91c17039242cbead7289f5252d2c240a5f2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
class CustomerController < BillingBaseController
  before_filter :authorize, :fetch_customer

  def show
    if @customer
      @customer.with_braintree_data!
      @default_cc = @customer.default_credit_card #TODO not actually right way
      @active_subscription = @customer.subscriptions
      @transactions = @customer.braintree_customer.transactions
    end
  end

  def new
    if @customer.has_payment_info?
      redirect_to edit_customer_path(@user), :notice => 'Here is your saved customer data'
    else
      fetch_new_transparent_redirect_data
    end
  end

  def edit
    fetch_edit_transparent_redirect_data
  end

  def confirm
    @result = Braintree::TransparentRedirect.confirm(request.query_string)
    if @result.success?
      @customer.braintree_customer =  @result.customer
      @customer.save
      render :action => "confirm"
    elsif @customer.has_payment_info?
      fetch_edit_transparent_redirect_data
      render :action => "edit"
    else
      fetch_new_transparent_redirect_data
      render :action => "new"
    end
  end

  protected

  def fetch_new_transparent_redirect_data
    access_denied unless @user == current_user # admins cannot do this for others
    @tr_data = Braintree::TransparentRedirect.
      create_customer_data(:redirect_url => confirm_customer_url)
  end

  def fetch_edit_transparent_redirect_data
    access_denied unless @user == current_user # admins cannot do this for others
    @customer.with_braintree_data!
    @default_cc = @customer.default_credit_card
    @tr_data = Braintree::TransparentRedirect.
      update_customer_data(:redirect_url => confirm_customer_url,
                           :customer_id => @customer.braintree_customer_id) ##??
  end

  def fetch_customer
    @customer = Customer.find_by_user_id(@user.id)
    if @user == current_user
      @customer ||= Customer.new(user: @user)
    end
    access_denied unless (@customer and (@customer.user == current_user)) or admin?
  end
end