jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

user upgrades: upgrade to new Stripe checkout system.

Browse Source 
This upgrades from the legacy version of Stripe's checkout system to the
new version:

> The legacy version of Checkout presented customers with a modal dialog
> that collected card information, and returned a token or a source to
> your website. In contrast, the new version of Checkout is a smart
> payment page hosted by Stripe that creates payments or subscriptions. It
> supports Apple Pay, Dynamic 3D Secure, and many other features.

Basic overview of the new system:

* We send the user to a checkout page on Stripe.
* Stripe collects payment and sends us a webhook notification when the
  order is complete.
* We receive the webhook notification and upgrade the user.

Docs:

* https://stripe.com/docs/payments/checkout
* https://stripe.com/docs/payments/checkout/migration#client-products
* https://stripe.com/docs/payments/handling-payment-events
* https://stripe.com/docs/payments/checkout/fulfill-orders
This commit is contained in:
evazion
2020-12-23 05:15:08 -06:00
parent c17678d509
commit 7762489d7d
18 changed files with 536 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
test/functional/user_upgrades_controller_test.rb
View File

@@ -1,14 +1,6 @@
require 'test_helper'
class UserUpgradesControllerTest < ActionDispatch::IntegrationTest
setup do
StripeMock.start
end
teardown do
StripeMock.stop
end
context "The user upgrades controller" do
context "new action" do
should "render" do
@@ -25,103 +17,24 @@ class UserUpgradesControllerTest < ActionDispatch::IntegrationTest
end
context "create action" do
setup do
@user = create(:user)
@token = StripeMock.generate_card_token
end
mock_stripe!
context "a self upgrade" do
should "upgrade a Member to Gold" do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_gold?)
end
should "upgrade a Member to Platinum" do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Platinum" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_platinum?)
end
should "upgrade a Gold user to Platinum" do
@user.update!(level: User::Levels::GOLD)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade Gold to Platinum" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_platinum?)
end
should "log an account upgrade modaction" do
assert_difference("ModAction.user_account_upgrade.count") do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
end
end
should "send the user a dmail" do
assert_difference("@user.dmails.received.count") do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
end
end
end
context "a gifted upgrade" do
should "upgrade the user to Gold" do
@other_user = create(:user)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold", user_id: @other_user.id }
assert_redirected_to user_upgrade_path(user_id: @other_user.id)
assert_equal(true, @other_user.reload.is_gold?)
assert_equal(false, @user.reload.is_gold?)
end
end
context "an upgrade for a user above Platinum level" do
should "not demote the user" do
@builder = create(:builder_user)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold", user_id: @builder.id }
assert_response 403
assert_equal(true, @builder.reload.is_builder?)
end
end
context "an upgrade with a missing Stripe token" do
should "not upgrade the user" do
post_auth user_upgrade_path, @user, params: { desc: "Upgrade to Gold" }
context "for a self upgrade to Gold" do
should "redirect the user to the Stripe checkout page" do
user = create(:member_user)
post_auth user_upgrade_path(user_id: user.id), user, params: { level: User::Levels::GOLD }, xhr: true
assert_response :success
assert_equal(true, @user.reload.is_member?)
end
end
context "an upgrade with an invalid Stripe token" do
should "not upgrade the user" do
post_auth user_upgrade_path, @user, params: { stripeToken: "garbage", desc: "Upgrade to Gold" }
context "for a gifted upgrade to Gold" do
should "redirect the user to the Stripe checkout page" do
recipient = create(:member_user)
purchaser = create(:member_user)
post_auth user_upgrade_path(user_id: recipient.id), purchaser, params: { level: User::Levels::GOLD }, xhr: true
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_member?)
end
end
context "an upgrade with an credit card that is declined" do
should "not upgrade the user" do
StripeMock.prepare_card_error(:card_declined)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_member?)
end
end
context "an upgrade with an credit card that is expired" do
should "not upgrade the user" do
StripeMock.prepare_card_error(:expired_card)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_member?)
assert_response :success
end
end
end

167
test/functional/webhooks_controller_test.rb Normal file
View File

@@ -0,0 +1,167 @@
require 'test_helper'
class WebhooksControllerTest < ActionDispatch::IntegrationTest
mock_stripe!
def post_webhook(*args, **metadata)
event = StripeMock.mock_webhook_event(*args, metadata: metadata)
signature = generate_stripe_signature(event)
headers = { "Stripe-Signature": signature }
post receive_webhooks_path(source: "stripe"), headers: headers, params: event, as: :json
end
# https://github.com/stripe-ruby-mock/stripe-ruby-mock/issues/467#issuecomment-634674913
# https://stripe.com/docs/webhooks/signatures
def generate_stripe_signature(event)
time = Time.now
secret = UserUpgrade.stripe_webhook_secret
signature = Stripe::Webhook::Signature.compute_signature(time, event.to_json, secret)
Stripe::Webhook::Signature.generate_header(time, signature, scheme: Stripe::Webhook::Signature::EXPECTED_SCHEME)
end
context "The webhooks controller" do
context "receive action" do
context "for a request from an unrecognized source" do
should "fail" do
post receive_webhooks_path(source: "blah")
assert_response 400
end
end
context "for a Stripe webhook" do
context "with a missing signature" do
should "fail" do
event = StripeMock.mock_webhook_event("payment_intent.created")
post receive_webhooks_path(source: "stripe"), params: event, as: :json
assert_response 400
end
end
context "with an invalid signature" do
should "fail" do
event = StripeMock.mock_webhook_event("payment_intent.created")
headers = { "Stripe-Signature": "blah" }
post receive_webhooks_path(source: "stripe"), headers: headers, params: event, as: :json
assert_response 400
end
end
context "for a payment_intent.created event" do
should "work" do
post_webhook("payment_intent.created")
assert_response 200
end
end
context "for a checkout.session.completed event" do
context "for a self upgrade" do
context "of a Member to Gold" do
should "upgrade the user" do
@user = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @user.id,
purchaser_id: @user.id,
upgrade_type: "gold_upgrade",
level: User::Levels::GOLD,
})
assert_response 200
assert_equal(User::Levels::GOLD, @user.reload.level)
end
end
context "of a Member to Platinum" do
should "upgrade the user" do
@user = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @user.id,
purchaser_id: @user.id,
upgrade_type: "platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @user.reload.level)
end
end
context "of a Gold user to Platinum" do
should "upgrade the user" do
@user = create(:gold_user)
post_webhook("checkout.session.completed", {
recipient_id: @user.id,
purchaser_id: @user.id,
upgrade_type: "gold_to_platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @user.reload.level)
end
end
end
context "for a gifted upgrade" do
context "of a Member to Gold" do
should "upgrade the user" do
@recipient = create(:member_user)
@purchaser = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @recipient.id,
purchaser_id: @purchaser.id,
upgrade_type: "gold_upgrade",
level: User::Levels::GOLD,
})
assert_response 200
assert_equal(User::Levels::GOLD, @recipient.reload.level)
end
end
context "of a Member to Platinum" do
should "upgrade the user" do
@recipient = create(:member_user)
@purchaser = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @recipient.id,
purchaser_id: @purchaser.id,
upgrade_type: "platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @recipient.reload.level)
end
end
context "of a Gold user to Platinum" do
should "upgrade the user" do
@recipient = create(:gold_user)
@purchaser = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @recipient.id,
purchaser_id: @purchaser.id,
upgrade_type: "gold_to_platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @recipient.reload.level)
end
end
end
end
end
end
end
end