Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove JaResource for StripeConnectSubscriptions #1041

Merged
merged 1 commit into from
Oct 10, 2017
Merged

Remove JaResource for StripeConnectSubscriptions #1041

merged 1 commit into from
Oct 10, 2017

Conversation

landongrindheim
Copy link
Contributor

@landongrindheim landongrindheim commented Oct 10, 2017
edited by code-corps bot
Loading

Remove JaResource/Canary for StripeConnectSubscriptionController

References

Closes #907

Progress on: #864

begedin
begedin requested changes Oct 10, 2017
View reviewed changes
Copy link
Contributor

@begedin begedin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple of things to fix, but otherwise, good work 👍

lib/code_corps/policy/stripe_connect_subscription.ex Outdated
def create?(user, subscription), do: user |> owns?(subscription)

@spec show?(User.t, map) :: boolean
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These specs should be the other way around

@spec create?(User.t, map) :: boolean
def create?(user, params), do: user |> owns?(subscription)

@spec show?(User.t, StripeConnectSubscription.t) :: boolean
def show?(user, subscription), do: user |> owns?(subscription)

lib/code_corps_web/controllers/stripe_connect_subscription_controller.ex Outdated
def model, do: CodeCorps.StripeConnectSubscription
@spec show(Conn.t, map) :: Conn.t
def show(%Conn{} = conn, %{"id" => id}) do
with %StripeConnectSubscription{} = subscription <- StripeConnectSubscription |> Repo.get(id) do
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're missing an authorization step here.

with %StripeConnectSubscription{} = subscription <- StripeConnectSubscription |> Repo.get(id),
     {:ok, :authorized} <- current_user |> Policy.authorize(:create, subscription, params) do # params are optional
  conn |> render("show.json-api", data: subscription)
end

@landongrindheim landongrindheim force-pushed the 907-remove-ja-resource-from-stripe-connect-subscription-controller branch from c916319 to 953fb26 Compare October 10, 2017 12:43
@landongrindheim
Copy link
Contributor Author

@begedin Thanks for the feedback! Can you take another look to make sure the implementation is correct?

I went back to StripeConnectSubscriptionControllerTest and noticed that there aren't any tests for show/2. It'd be good to have that under test, but I'm not sure how to set that up

@begedin
Copy link
Contributor

begedin commented Oct 10, 2017

@landongrindheim Good job noticing that. Feel free to create an issue in cases such as that one.

My approach to it is, always better to close an issue when one was made by mistake, than to forget to open it in the first place.

@begedin begedin merged commit 49eb0b5 into code-corps:develop Oct 10, 2017
@begedin
Copy link
Contributor

begedin commented Oct 10, 2017

Excellent work as always @landongrindheim

@landongrindheim landongrindheim mentioned this pull request Oct 10, 2017
Closed
@landongrindheim landongrindheim deleted the 907-remove-ja-resource-from-stripe-connect-subscription-controller branch October 18, 2017 00:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@begedin begedin begedin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@landongrindheim @begedin