diff --git a/app/controllers/admin/stripe_accounts_controller.rb b/app/controllers/admin/stripe_accounts_controller.rb index e23ab7ffb4..026db1840e 100644 --- a/app/controllers/admin/stripe_accounts_controller.rb +++ b/app/controllers/admin/stripe_accounts_controller.rb @@ -11,21 +11,6 @@ module Admin redirect_to Stripe::OAuth.authorize_url(url_params) end - def connect_callback - connector = Stripe::AccountConnector.new(spree_current_user, params) - - if connector.create_account - flash[:success] = t('admin.controllers.enterprises.stripe_connect_success') - elsif connector.connection_cancelled_by_user? - flash[:notice] = t('admin.controllers.enterprises.stripe_connect_cancelled') - else - flash[:error] = t('admin.controllers.enterprises.stripe_connect_fail') - end - redirect_to main_app.edit_admin_enterprise_path(connector.enterprise, anchor: 'payment_methods') - rescue Stripe::StripeError => e - render text: e.message, status: 500 - end - def destroy stripe_account = StripeAccount.find(params[:id]) authorize! :destroy, stripe_account diff --git a/app/controllers/stripe/callbacks_controller.rb b/app/controllers/stripe/callbacks_controller.rb new file mode 100644 index 0000000000..4db446144f --- /dev/null +++ b/app/controllers/stripe/callbacks_controller.rb @@ -0,0 +1,20 @@ +require 'stripe/account_connector' + +module Stripe + class CallbacksController < BaseController + def index + connector = Stripe::AccountConnector.new(spree_current_user, params) + + if connector.create_account + flash[:success] = t('admin.controllers.enterprises.stripe_connect_success') + elsif connector.connection_cancelled_by_user? + flash[:notice] = t('admin.controllers.enterprises.stripe_connect_cancelled') + else + flash[:error] = t('admin.controllers.enterprises.stripe_connect_fail') + end + redirect_to main_app.edit_admin_enterprise_path(connector.enterprise, anchor: 'payment_methods') + rescue Stripe::StripeError => e + render text: e.message, status: 500 + end + end +end diff --git a/config/application.yml.example b/config/application.yml.example index 1d8bf45f2d..310e248726 100644 --- a/config/application.yml.example +++ b/config/application.yml.example @@ -29,7 +29,7 @@ CURRENCY: AUD # Stripe Connect details for instance account # Find these under 'API keys' and 'Connect' in your Stripe account dashboard -> Account Settings -# Under 'Connect', the Redirect URI should be set to https://YOUR_SERVER_URL/admin/stripe_accounts/connect_callback (e.g. https://openfoodnetwork.org.uk/admin/stripe_accounts/connect_callback) +# Under 'Connect', the Redirect URI should be set to https://YOUR_SERVER_URL/stripe/callbacks (e.g. https://openfoodnetwork.org.uk/stripe/callbacks) # Under 'Webhooks', you should set up a Connect endpoint pointing to https://YOUR_SERVER_URL/stripe/webhooks e.g. (https://openfoodnetwork.org.uk/stripe/webhooks) # STRIPE_INSTANCE_SECRET_KEY: "sk_test_xxxxxx" # This can be a test key or a live key # STRIPE_INSTANCE_PUBLISHABLE_KEY: "pk_test_xxxx" # This can be a test key or a live key diff --git a/config/routes.rb b/config/routes.rb index 1f0a611fb9..0484754d39 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -54,6 +54,7 @@ Openfoodnetwork::Application.routes.draw do end namespace :stripe do + resources :callbacks, only: [:index] resources :webhooks, only: [:create] end @@ -173,7 +174,6 @@ Openfoodnetwork::Application.routes.draw do resources :stripe_accounts, only: [:destroy] do get :connect, on: :collection - get :connect_callback, on: :collection get :status, on: :collection end end diff --git a/spec/controllers/admin/stripe_accounts_controller_spec.rb b/spec/controllers/admin/stripe_accounts_controller_spec.rb index 96a17e02d8..4db449d2df 100644 --- a/spec/controllers/admin/stripe_accounts_controller_spec.rb +++ b/spec/controllers/admin/stripe_accounts_controller_spec.rb @@ -21,75 +21,6 @@ describe Admin::StripeAccountsController, type: :controller do end end - context "#connect_callback" do - let(:params) { { id: enterprise.permalink } } - let(:connector) { double(:connector) } - - before do - allow(controller).to receive(:spree_current_user) { enterprise.owner } - allow(Stripe::AccountConnector).to receive(:new) { connector } - end - - context "when the connector.create_account raises a StripeError" do - before do - allow(connector).to receive(:create_account).and_raise Stripe::StripeError, "some error" - end - - it "returns a 500 error" do - spree_get :connect_callback, params - expect(response.status).to be 500 - end - end - - context "when the connector.create_account raises an AccessDenied error" do - before do - allow(connector).to receive(:create_account).and_raise CanCan::AccessDenied, "some error" - end - - it "redirects to unauthorized" do - spree_get :connect_callback, params - expect(response).to redirect_to spree.unauthorized_path - end - end - - context "when the connector fails in creating a new stripe account record" do - before { allow(connector).to receive(:create_account) { false } } - - context "when the user cancelled the connection" do - before { allow(connector).to receive(:connection_cancelled_by_user?) { true } } - - it "renders a failure message" do - allow(connector).to receive(:enterprise) { enterprise } - spree_get :connect_callback, params - expect(flash[:notice]).to eq I18n.t('admin.controllers.enterprises.stripe_connect_cancelled') - expect(response).to redirect_to edit_admin_enterprise_path(enterprise, anchor: 'payment_methods') - end - end - - context "when some other error caused the failure" do - before { allow(connector).to receive(:connection_cancelled_by_user?) { false } } - - it "renders a failure message" do - allow(connector).to receive(:enterprise) { enterprise } - spree_get :connect_callback, params - expect(flash[:error]).to eq I18n.t('admin.controllers.enterprises.stripe_connect_fail') - expect(response).to redirect_to edit_admin_enterprise_path(enterprise, anchor: 'payment_methods') - end - end - end - - context "when the connector succeeds in creating a new stripe account record" do - before { allow(connector).to receive(:create_account) { true } } - - it "redirects to the enterprise edit path" do - allow(connector).to receive(:enterprise) { enterprise } - spree_get :connect_callback, params - expect(flash[:success]).to eq I18n.t('admin.controllers.enterprises.stripe_connect_success') - expect(response).to redirect_to edit_admin_enterprise_path(enterprise, anchor: 'payment_methods') - end - end - end - describe "#destroy" do let(:params) { { format: :json, id: "some_id" } } diff --git a/spec/controllers/stripe/callbacks_controller_spec.rb b/spec/controllers/stripe/callbacks_controller_spec.rb new file mode 100644 index 0000000000..831dc5e348 --- /dev/null +++ b/spec/controllers/stripe/callbacks_controller_spec.rb @@ -0,0 +1,74 @@ +require 'spec_helper' + +describe Stripe::CallbacksController do + let(:enterprise) { create(:distributor_enterprise) } + + context "#index" do + let(:params) { { id: enterprise.permalink } } + let(:connector) { double(:connector) } + + before do + allow(controller).to receive(:spree_current_user) { enterprise.owner } + allow(Stripe::AccountConnector).to receive(:new) { connector } + end + + context "when the connector.create_account raises a StripeError" do + before do + allow(connector).to receive(:create_account).and_raise Stripe::StripeError, "some error" + end + + it "returns a 500 error" do + spree_get :index, params + expect(response.status).to be 500 + end + end + + context "when the connector.create_account raises an AccessDenied error" do + before do + allow(connector).to receive(:create_account).and_raise CanCan::AccessDenied, "some error" + end + + it "redirects to unauthorized" do + spree_get :index, params + expect(response).to redirect_to spree.unauthorized_path + end + end + + context "when the connector fails in creating a new stripe account record" do + before { allow(connector).to receive(:create_account) { false } } + + context "when the user cancelled the connection" do + before { allow(connector).to receive(:connection_cancelled_by_user?) { true } } + + it "renders a failure message" do + allow(connector).to receive(:enterprise) { enterprise } + spree_get :index, params + expect(flash[:notice]).to eq I18n.t('admin.controllers.enterprises.stripe_connect_cancelled') + expect(response).to redirect_to edit_admin_enterprise_path(enterprise, anchor: 'payment_methods') + end + end + + context "when some other error caused the failure" do + before { allow(connector).to receive(:connection_cancelled_by_user?) { false } } + + it "renders a failure message" do + allow(connector).to receive(:enterprise) { enterprise } + spree_get :index, params + expect(flash[:error]).to eq I18n.t('admin.controllers.enterprises.stripe_connect_fail') + expect(response).to redirect_to edit_admin_enterprise_path(enterprise, anchor: 'payment_methods') + end + end + end + + context "when the connector succeeds in creating a new stripe account record" do + before { allow(connector).to receive(:create_account) { true } } + + it "redirects to the enterprise edit path" do + allow(connector).to receive(:enterprise) { enterprise } + spree_get :index, params + expect(flash[:success]).to eq I18n.t('admin.controllers.enterprises.stripe_connect_success') + expect(response).to redirect_to edit_admin_enterprise_path(enterprise, anchor: 'payment_methods') + end + end + end +end