/api/app/controllers/spree/api/payments_controller.rb
Ruby | 94 lines | 77 code | 17 blank | 0 comment | 3 complexity | 493992dba7a26c2e4fc46d75866482af MD5 | raw file
Possible License(s): BSD-3-Clause
- module Spree
- module Api
- class PaymentsController < Spree::Api::BaseController
- before_filter :find_order
- before_filter :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void, :credit]
- def index
- @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
- respond_with(@payments)
- end
- def new
- @payment_methods = Spree::PaymentMethod.available
- respond_with(@payment_method)
- end
- def create
- @payment = @order.payments.build(payment_params)
- if @payment.save
- respond_with(@payment, status: 201, default_template: :show)
- else
- invalid_resource!(@payment)
- end
- end
- def update
- authorize! params[:action], @payment
- if ! @payment.pending?
- render 'update_forbidden', status: 403
- elsif @payment.update_attributes(payment_params)
- respond_with(@payment, default_template: :show)
- else
- invalid_resource!(@payment)
- end
- end
- def show
- respond_with(@payment)
- end
- def authorize
- perform_payment_action(:authorize)
- end
- def capture
- perform_payment_action(:capture)
- end
- def purchase
- perform_payment_action(:purchase)
- end
- def void
- perform_payment_action(:void_transaction)
- end
- def credit
- if params[:amount].to_f > @payment.credit_allowed
- render 'credit_over_limit', status: 422
- else
- perform_payment_action(:credit, params[:amount])
- end
- end
- private
- def find_order
- @order = Spree::Order.find_by(number: order_id)
- authorize! :read, @order
- end
- def find_payment
- @payment = @order.payments.find(params[:id])
- end
- def perform_payment_action(action, *args)
- authorize! action, Payment
- begin
- @payment.send("#{action}!", *args)
- respond_with(@payment, :default_template => :show)
- rescue Spree::Core::GatewayError => e
- @error = e.message
- render 'spree/api/errors/gateway_error', status: 422
- end
- end
- def payment_params
- params.require(:payment).permit(permitted_payment_attributes)
- end
- end
- end
- end