Remove JaResource from StripePlatformCustomerController (#1020)

landongrindheim · begedin · commit 5a1b8122cf7e · 2017-10-09T14:33:45.000+02:00
diff --git a/lib/code_corps/policy/policy.ex b/lib/code_corps/policy/policy.ex
@@ -70,6 +70,11 @@ defmodule CodeCorps.Policy do
   defp can?(%User{} = user, :show, %StripeConnectAccount{} = stripe_connect_account, %{}), do: Policy.StripeConnectAccount.show?(user, stripe_connect_account)
   defp can?(%User{} = user, :create, %StripeConnectAccount{}, %{} = params), do: Policy.StripeConnectAccount.create?(user, params)
   defp can?(%User{} = user, :update, %StripeConnectAccount{} = stripe_connect_account, %{}), do: Policy.StripeConnectAccount.update?(user, stripe_connect_account)
+  defp can?(%User{} = current_user, :create, %StripePlatformCustomer{}, %{} = params),
+    do: Policy.StripePlatformCustomer.create?(current_user, params)
+  defp can?(%User{} = current_user, :show, %StripePlatformCustomer{} = stripe_platform_customer, %{}),
+    do: Policy.StripePlatformCustomer.show?(current_user, stripe_platform_customer)
+
 
   defimpl Canada.Can, for: User do
     # NOTE: Canary sets an :unauthorized and a :not_found handler on a config level
@@ -104,9 +109,5 @@ defmodule CodeCorps.Policy do
 
     def can?(%User{} = user, :show, %StripeConnectSubscription{} = stripe_connect_subscription), do: Policy.StripeConnectSubscription.show?(user, stripe_connect_subscription)
     def can?(%User{} = user, :create, %Changeset{ data: %StripeConnectSubscription{}} = changeset), do: Policy.StripeConnectSubscription.create?(user, changeset)
-
-    def can?(%User{} = user, :create, %Changeset{data: %StripePlatformCustomer{}} = changeset), do: Policy.StripePlatformCustomer.create?(user, changeset)
-    def can?(%User{} = user, :show, %StripePlatformCustomer{} = stripe_platform_customer), do: Policy.StripePlatformCustomer.show?(user, stripe_platform_customer)
-
   end
 end
diff --git a/lib/code_corps/policy/stripe_platform_customer.ex b/lib/code_corps/policy/stripe_platform_customer.ex
@@ -1,10 +1,9 @@
 defmodule CodeCorps.Policy.StripePlatformCustomer do
   alias CodeCorps.StripePlatformCustomer
   alias CodeCorps.User
-  alias Ecto.Changeset
 
-  def create?(%User{id: current_user_id}, %Changeset{changes: %{user_id: user_id}}), do: current_user_id == user_id
-  def create?(%User{}, %Changeset{}), do: false
+  def create?(%User{id: current_user_id}, %{"user_id" => user_id}), do: current_user_id == user_id
+  def create?(%User{}, %{}), do: false
 
   def show?(%User{admin: true}, %StripePlatformCustomer{}), do: true
   def show?(%User{id: current_user_id}, %StripePlatformCustomer{user_id: user_id}), do: current_user_id == user_id
diff --git a/lib/code_corps_web/controllers/stripe_platform_customer_controller.ex b/lib/code_corps_web/controllers/stripe_platform_customer_controller.ex
@@ -1,18 +1,28 @@
 defmodule CodeCorpsWeb.StripePlatformCustomerController do
   use CodeCorpsWeb, :controller
-  use JaResource
 
-  alias CodeCorps.StripePlatformCustomer
   alias CodeCorps.StripeService.StripePlatformCustomerService
+  alias CodeCorps.{StripePlatformCustomer, User}
 
-  plug :load_and_authorize_resource, model: StripePlatformCustomer, only: [:show]
-  plug :load_and_authorize_changeset, model: StripePlatformCustomer, only: [:create]
-  plug JaResource
+  action_fallback CodeCorpsWeb.FallbackController
+  plug CodeCorpsWeb.Plug.DataToAttributes
+  plug CodeCorpsWeb.Plug.IdsToIntegers
 
-  @spec model :: module
-  def model, do: CodeCorps.StripePlatformCustomer
+  @spec show(Conn.t, map) :: Conn.t
+  def show(%Conn{} = conn, %{"id" => id} = params) do
+    with %User{} = current_user <- conn |> Guardian.Plug.current_resource,
+         %StripePlatformCustomer{} = stripe_platform_customer <- StripePlatformCustomer |> Repo.get(id),
+         {:ok, :authorized} <- current_user |> Policy.authorize(:show, stripe_platform_customer, params) do
+      conn |> render("show.json-api", data: stripe_platform_customer)
+    end
+  end
 
-  def handle_create(_conn, attributes) do
-    attributes |> StripePlatformCustomerService.create
+  @spec create(Plug.Conn.t, map) :: Conn.t
+  def create(%Conn{} = conn, %{} = params) do
+    with %User{} = current_user <- conn |> Guardian.Plug.current_resource,
+         {:ok, :authorized} <- current_user |> Policy.authorize(:create, %StripePlatformCustomer{}, params),
+         {:ok, %StripePlatformCustomer{} = stripe_platform_customer} <- StripePlatformCustomerService.create(params) do
+      conn |> put_status(:created) |> render("show.json-api", data: stripe_platform_customer)
+    end
   end
 end
