# frozen_string_literal: true # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class CardsController < ApplicationController before_action :authenticate_user!, except: [:create] # post /cards def create acct = Supporter.find(card_params[:holder_id]).nonprofit.stripe_account_id render( JsonResp.new(params) do |_d| requires(:card).nested do requires(:name, :stripe_card_token).as_string requires(:holder_id).as_int requires(:holder_type).one_of('Supporter') end end.when_valid do |d| InsertCard.with_stripe(d[:card], acct, params[:event_id], current_user) end ) end private def card_params params.require(:card).permit(:cardholders_name, :email, :name, :failure_message, :status, :stripe_card_token, :stripe_card_id, :stripe_customer_id, :holder, :inactive) end end