feat(recurring_donations): add strong params

2019-08-06 16:07:35 +02:00 · 2019-08-06 16:07:35 +02:00 · 6a0a674328
commit 6a0a674328
parent 8f1b33cabd
2 changed files with 24 additions and 22 deletions
--- a/app/controllers/nonprofits/recurring_donations_controller.rb
+++ b/app/controllers/nonprofits/recurring_donations_controller.rb
@ -65,15 +65,15 @@ module Nonprofits

    def update
      json_saved UpdateRecurringDonations
-        .update(current_recurring_donation, params[:recurring_donation])
+        .update(current_recurring_donation, recurring_donation_params)
    end

    # post /nonprofits/:nonprofit_id/recurring_donations
    def create
-      if params[:recurring_donation][:token]
-        render_json { InsertRecurringDonation.with_stripe(params[:recurring_donation]) }
-      elsif params[:recurring_donation][:direct_debit_detail_id]
-        render JsonResp.new(params[:recurring_donation]) do |_data|
+      if recurring_donation_params[:token]
+        render_json { InsertRecurringDonation.with_stripe(recurring_donation_params) }
+      elsif recurring_donation_params[:direct_debit_detail_id]
+        render JsonResp.new(recurring_donation_params) do |_data|
          requires(:amount).as_int
          requires(:supporter_id, :nonprofit_id, :direct_debit_detail_id).as_int
          optional(:dedication, :designation).as_string
@ -86,10 +86,14 @@ module Nonprofits
      end
    end

-      private
+    private

    def current_recurring_donation
      @recurring_donation ||= current_nonprofit.recurring_donations.find params[:id]
    end
+
+    def recurring_donation_params
+      params.require(:recurring_donation).permit(:amount, :active, :paydate, :interval, :time_unit, :start_date, :end_date, :n_failures, :edit_token, :cancelled_by, :cancelled_at, :donation_id, :nonprofit_id, :supporter_id)
    end
+  end
 end
--- a/app/models/recurring_donation.rb
+++ b/app/models/recurring_donation.rb
@ -4,22 +4,20 @@
 require 'timespan'

 class RecurringDonation < ApplicationRecord
-  # TODO:
-  # attr_accessible \
-  #   :amount, # int (cents)
-  #   :active, # bool (whether this recurring donation should still be paid)
-  #   :paydate, # int (fixed date of the month for monthly recurring donations)
-  #   :interval, # int (interval of time, ie the '3' in '3 months')
-  #   :time_unit, # str ('month', 'day', 'week', or 'year')
-  #   :start_date, # date (when to start this recurring donation)
-  #   :end_date, # date (when to deactivate this recurring donation)
-  #   :n_failures, # int (how many times the charge has failed)
-  #   :edit_token, # str / uuid to validate the editing page, linked from their email client
-  #   :cancelled_by, # str email of user/supporter who made the cancellation
-  #   :cancelled_at, # datetime of user/supporter who made the cancellation
-  #   :donation_id, :donation,
-  #   :nonprofit_id, :nonprofit,
-  #   :supporter_id #used because things are messed up in the datamodel
+  # :amount, # int (cents)
+  # :active, # bool (whether this recurring donation should still be paid)
+  # :paydate, # int (fixed date of the month for monthly recurring donations)
+  # :interval, # int (interval of time, ie the '3' in '3 months')
+  # :time_unit, # str ('month', 'day', 'week', or 'year')
+  # :start_date, # date (when to start this recurring donation)
+  # :end_date, # date (when to deactivate this recurring donation)
+  # :n_failures, # int (how many times the charge has failed)
+  # :edit_token, # str / uuid to validate the editing page, linked from their email client
+  # :cancelled_by, # str email of user/supporter who made the cancellation
+  # :cancelled_at, # datetime of user/supporter who made the cancellation
+  # :donation_id, :donation,
+  # :nonprofit_id, :nonprofit,
+  # :supporter_id #used because things are messed up in the datamodel

  scope :active,   -> { where(active: true) }
  scope :inactive, -> { where(active: [false, nil]) }