module Tellimus class SubscriptionsController < ApplicationController before_action :load_owner before_action :show_existing_subscription, only: [:index, :new, :create], unless: :no_owner? before_action :load_subscription, only: [:show, :cancel, :edit, :update] before_action :load_plans, only: [:index, :edit] def load_plans @plans = ::Plan.order(:display_order) end def unauthorized render status: 401, template: "tellimus/subscriptions/unauthorized" false end def load_owner unless params[:owner_id].nil? if current_owner.present? # we need to try and look this owner up via the find method so that we're # taking advantage of any override of the find method that would be provided # by older versions of friendly_id. (support for newer versions default behavior # below.) searched_owner = current_owner.class.find(params[:owner_id]) rescue nil # if we couldn't find them that way, check whether there is a new version of # friendly_id in place that we can use to look them up by their slug. # in christoph's words, "why?!" in my words, "warum?!!!" # (we debugged this together on skype.) if searched_owner.nil? && current_owner.class.respond_to?(:friendly) searched_owner = current_owner.class.friendly.find(params[:owner_id]) rescue nil end if current_owner.try(:id) == searched_owner.try(:id) @owner = current_owner else return unauthorized end else return unauthorized end end end def no_owner? @owner.nil? end def load_subscription ownership_attribute = :"#{Tellimus.subscriptions_owned_by}_id" @subscription = ::Subscription.where(ownership_attribute => current_owner.id).find_by_id(params[:id]) # also, if cancan methods are available, we should use that to authorize. return @subscription.present? ? @subscription : unauthorized end # the following three methods allow us to show the pricing table before someone has an account. # by default these support devise, but they can be overriden to support others. def current_owner # e.g. "self.current_user" send "current_#{Tellimus.subscriptions_owned_by}" end def current_owned_through_or_by # e.g. "self.current_user" send "current_#{Tellimus.subscriptions_owned_through_or_by}" end def redirect_to_sign_up # this is a Devise default variable and thus should not change its name # when we change subscription owners from :user to :company session["#{Tellimus.subscriptions_owned_through_or_by}_return_to"] = new_subscription_path(plan: params[:plan]) redirect_to new_registration_path(Tellimus.subscriptions_owned_through_or_by.to_s) end def index # don't bother showing the index if they've already got a subscription. if current_owner and current_owner.subscription.present? redirect_to tellimus.edit_owner_subscription_path(current_owner, current_owner.subscription) end # Don't prep a subscription unless a user is authenticated. unless no_owner? # we should also set the owner of the subscription here. @subscription = ::Subscription.new({Tellimus.owner_id_sym => @owner.id}) @subscription.subscription_owner = @owner end end def new if no_owner? if defined?(Devise) # by default these methods support devise. if current_owner redirect_to new_owner_subscription_path(current_owner, plan: params[:plan]) else redirect_to_sign_up end else raise I18n.t('tellimus.failure.feature_depends_on_devise') end @braintree_client_token = Tellimus.gateway.client_token.generate else @subscription = ::Subscription.new @subscription.plan = ::Plan.find(params[:plan]) @braintree_client_token = Tellimus.gateway.client_token.generate end end def show_existing_subscription if @owner.subscription.present? redirect_to owner_subscription_path(@owner, @owner.subscription) end end def create @subscription = ::Subscription.new(subscription_params) @subscription.payment_method_nonce = params[:payment_method_nonce] @subscription.subscription_owner = @owner if @subscription.save flash[:notice] = after_new_subscription_message redirect_to after_new_subscription_path else flash[:error] = I18n.t('tellimus.failure.problem_processing_transaction') render :new end end def show end def cancel flash[:notice] = I18n.t('tellimus.confirmations.subscription_cancelled') @subscription.plan_id = nil @subscription.save redirect_to owner_subscription_path(@owner, @subscription) end def edit @braintree_client_token = Tellimus.gateway.client_token.generate end def update @subscription.payment_method_nonce = params[:payment_method_nonce] if @subscription.update(subscription_params) flash[:notice] = I18n.t('tellimus.confirmations.subscription_updated') redirect_to owner_subscription_path(@owner, @subscription) else flash[:error] = I18n.t('tellimus.failure.problem_processing_transaction') render :edit end end private def subscription_params # If strong_parameters is around, use that. if defined?(ActionController::StrongParameters) params.require(:subscription).permit(:plan_id, :braintree_id, :current_price, :credit_card_token, :card_type, :last_two) else # Otherwise, let's hope they're using attr_accessible to protect their models! params[:subscription] end end def after_new_subscription_path return super(@owner, @subscription) if defined?(super) owner_subscription_path(@owner, @subscription) end def after_new_subscription_message controller = ::ApplicationController.new controller.respond_to?(:new_subscription_notice_message) ? controller.try(:new_subscription_notice_message) : I18n.t('tellimus.confirmations.subscription_upgraded') end end end