2019-07-30 21:29:24 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-03-25 16:15:39 +00:00
|
|
|
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
|
2018-03-25 17:30:42 +00:00
|
|
|
module QuerySourceToken
|
2019-07-30 21:29:24 +00:00
|
|
|
EXPIRED_TOKEN_MESSAGE = 'There was an error processing your card and it was not charged. Please try again.'
|
2018-03-25 17:30:42 +00:00
|
|
|
AUTH_ERROR_MESSAGE = "You're not authorized to make this charge"
|
|
|
|
|
|
|
|
# @param [String] source_token
|
|
|
|
# @param [User] user the current user
|
|
|
|
# @return [SourceToken] the token object
|
|
|
|
# @raise [ParamValidation::ValidationError] when the source_token can't be found
|
|
|
|
# @raise [AuthenticationError] when user isn't authorized to use that token
|
|
|
|
# @raise [ExpiredTokenError] when the source token has already been used too many times
|
|
|
|
# or we're past the expiration date
|
|
|
|
def self.get_and_increment_source_token(token, user = nil)
|
2019-07-30 21:29:24 +00:00
|
|
|
ParamValidation.new({ token: token },
|
|
|
|
token: { required: true, format: UUID::Regex })
|
2018-03-25 17:30:42 +00:00
|
|
|
source_token = SourceToken.where('token = ?', token).first
|
|
|
|
if source_token
|
2019-07-30 21:29:24 +00:00
|
|
|
source_token.with_lock do
|
2018-03-25 17:30:42 +00:00
|
|
|
unless source_token_unexpired?(source_token)
|
2019-07-30 21:29:24 +00:00
|
|
|
raise ExpiredTokenError, EXPIRED_TOKEN_MESSAGE
|
2018-03-25 17:30:42 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
if source_token.event
|
2019-07-30 21:29:24 +00:00
|
|
|
raise AuthenticationError, AUTH_ERROR_MESSAGE unless user
|
2018-03-25 17:30:42 +00:00
|
|
|
|
|
|
|
unless QueryRoles.is_authorized_for_nonprofit?(user.id, source_token.event.nonprofit.id)
|
2019-07-30 21:29:24 +00:00
|
|
|
raise AuthenticationError, AUTH_ERROR_MESSAGE
|
2018-03-25 17:30:42 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
source_token.total_uses = source_token.total_uses + 1
|
|
|
|
source_token.save!
|
2019-07-30 21:29:24 +00:00
|
|
|
end
|
2018-03-25 17:30:42 +00:00
|
|
|
else
|
2019-07-30 21:29:24 +00:00
|
|
|
raise ParamValidation::ValidationError.new "#{token} doesn't represent a valid source", key: :token
|
2018-03-25 17:30:42 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
source_token
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.source_token_unexpired?(source_token)
|
2019-07-30 21:29:24 +00:00
|
|
|
return false if source_token.max_uses <= source_token.total_uses
|
|
|
|
return false if source_token.expiration < Time.now
|
|
|
|
|
2018-03-25 17:30:42 +00:00
|
|
|
true
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.validate_source_token_type(source_token)
|
|
|
|
tokenizable = source_token.tokenizable
|
|
|
|
unless tokenizable.is_a? Card
|
|
|
|
raise ParamValidation::ValidationError.new("The item for token #{data[:token]} is not a Card", key: :token)
|
|
|
|
end
|
|
|
|
end
|
2019-07-30 21:29:24 +00:00
|
|
|
end
|