user upgrades: add links to Stripe payment & receipt page.

Add links to the Stripe payment page and the Stripe receipt page on
completed user upgrades.

The Stripe payment link is a link to the payment details on the Stripe
dashboard and is only visible to the owner.

app/controllers/user_upgrades_controller.rb

@@ -27,6 +27,16 @@ class UserUpgradesController < ApplicationController
     respond_with(@user_upgrade)
   end
 
+  def receipt
+    @user_upgrade = authorize UserUpgrade.find(params[:id])
+    redirect_to @user_upgrade.receipt_url
+  end
+
+  def payment
+    @user_upgrade = authorize UserUpgrade.find(params[:id])
+    redirect_to @user_upgrade.payment_url
+  end
+
   private
 
   def recipient

app/models/user_upgrade.rb

@@ -198,6 +198,32 @@ class UserUpgrade < ApplicationRecord
       checkout
     end
 
+    def receipt_url
+      return nil if pending? || stripe_id.nil?
+
+      checkout_session = Stripe::Checkout::Session.retrieve(stripe_id)
+      payment_intent = Stripe::PaymentIntent.retrieve(checkout_session.payment_intent)
+      charge = payment_intent.charges.data.first
+      charge.receipt_url
+    end
+
+    def payment_url
+      return nil if pending? || stripe_id.nil?
+
+      checkout_session = Stripe::Checkout::Session.retrieve(stripe_id)
+      payment_intent = Stripe::PaymentIntent.retrieve(checkout_session.payment_intent)
+
+      "https://dashboard.stripe.com/payments/#{payment_intent.id}"
+    end
+
+    def has_receipt?
+      !pending?
+    end
+
+    def has_payment?
+      !pending?
+    end
+
     class_methods do
       def register_webhook
         webhook = Stripe::WebhookEndpoint.create({

app/policies/user_upgrade_policy.rb

@@ -10,4 +10,12 @@ class UserUpgradePolicy < ApplicationPolicy
   def show?
     record.recipient == user || record.purchaser == user || user.is_owner?
   end
+
+  def receipt?
+    (record.purchaser == user || user.is_owner?) && record.has_receipt?
+  end
+
+  def payment?
+    user.is_owner? && record.has_payment?
+  end
 end

app/views/user_upgrades/index.html.erb

@@ -28,8 +28,18 @@
 
       <% t.column :status %>
 
-      <% t.column "Updated" do |artist| %>
-        <%= time_ago_in_words_tagged(artist.updated_at) %>
+      <% t.column "Updated" do |user_upgrade| %>
+        <%= time_ago_in_words_tagged(user_upgrade.updated_at) %>
+      <% end %>
+
+      <% t.column column: "control" do |user_upgrade| %>
+        <%= link_to "Show", user_upgrade %>
+        <% if policy(user_upgrade).receipt? %>
+          | <%= link_to "Receipt", receipt_user_upgrade_path(user_upgrade), target: "_blank" %>
+        <% end %>
+        <% if policy(user_upgrade).payment? %>
+          | <%= link_to "Payment", payment_user_upgrade_path(user_upgrade), target: "_blank" %>
+        <% end %>
       <% end %>
     <% end %>
 

app/views/user_upgrades/show.html.erb

@@ -30,12 +30,18 @@
       <% if @user_upgrade.is_gift? && CurrentUser.user == @user_upgrade.recipient %>
         <p><%= link_to_user @user_upgrade.purchaser %> has upgraded your account to <%= @user_upgrade.level_string %>. Enjoy your new account!</p>
       <% elsif @user_upgrade.is_gift? && CurrentUser.user == @user_upgrade.purchaser %>
-        <p><%= link_to_user @user_upgrade.recipient %> is now a <%= @user_upgrade.level_string %> user. Thanks for supporting the site!</p>
+        <p><%= link_to_user @user_upgrade.recipient %> is now a <%= @user_upgrade.level_string %> user. Thanks for supporting the site! A receipt has been sent to your email.</p>
       <% else %>
-        <p>You are now a <%= @user_upgrade.level_string %> user. Thanks for supporting the site!</p>
+        <p>You are now a <%= @user_upgrade.level_string %> user. Thanks for supporting the site! A receipt has been sent to your email.</p>
       <% end %>
 
-      <p><%= link_to "Go back to #{Danbooru.config.canonical_app_name}", "https://danbooru.donmai.us" %> to continue using the site.</p>
+      <% if policy(@user_upgrade).receipt? %>
+        <%= link_to "View Receipt", receipt_user_upgrade_path(@user_upgrade), target: "_blank" %>
+      <% end %>
+
+      <% if policy(@user_upgrade).payment? %>
+        | <%= link_to "View Payment", payment_user_upgrade_path(@user_upgrade), target: "_blank" %>
+      <% end %>
     <% else %>
       <%= content_for :html_header do %>
         <meta http-equiv="refresh" content="5">

config/routes.rb

@@ -254,7 +254,10 @@ Rails.application.routes.draw do
       get :custom_style
     end
   end
-  resources :user_upgrades, only: [:new, :create, :show, :index]
+  resources :user_upgrades, only: [:new, :create, :show, :index] do
+    get :receipt, on: :member
+    get :payment, on: :member
+  end
   resources :user_feedbacks, except: [:destroy]
   resources :user_name_change_requests, only: [:new, :create, :show, :index]
   resources :webhooks do

test/functional/user_upgrades_controller_test.rb

@@ -121,6 +121,68 @@ class UserUpgradesControllerTest < ActionDispatch::IntegrationTest
       end
     end
 
+    context "receipt action" do
+      mock_stripe!
+
+      setup do
+        @user_upgrade = create(:gift_gold_upgrade, status: "complete")
+        @user_upgrade.create_checkout!
+      end
+
+      should "not allow unauthorized users to view the receipt" do
+        get_auth receipt_user_upgrade_path(@user_upgrade), create(:user)
+
+        assert_response 403
+      end
+
+      should "not allow the recipient to view the receipt" do
+        get_auth receipt_user_upgrade_path(@user_upgrade), @user_upgrade.recipient
+
+        assert_response 403
+      end
+
+      should "not allow the purchaser to view a pending receipt" do
+        @user_upgrade.update!(status: "pending")
+        get_auth receipt_user_upgrade_path(@user_upgrade), @user_upgrade.purchaser
+
+        assert_response 403
+      end
+
+      # XXX not supported yet by stripe-ruby-mock
+      should_eventually "allow the purchaser to view the receipt" do
+        get_auth receipt_user_upgrade_path(@user_upgrade), @user_upgrade.purchaser
+
+        assert_redirected_to "xxx"
+      end
+
+      # XXX not supported yet by stripe-ruby-mock
+      should_eventually "allow the site owner to view the receipt" do
+        get_auth receipt_user_upgrade_path(@user_upgrade), create(:owner_user)
+
+        assert_redirected_to "xxx"
+      end
+    end
+
+    context "payment action" do
+      setup do
+        @user_upgrade = create(:gift_gold_upgrade, status: "complete")
+        @user_upgrade.create_checkout!
+      end
+
+      should "not allow unauthorized users to view the receipt" do
+        get_auth payment_user_upgrade_path(@user_upgrade), @user_upgrade.purchaser
+
+        assert_response 403
+      end
+
+      # XXX not supported yet by stripe-ruby-mock
+      should_eventually "allow the site owner to view the receipt" do
+        get_auth payment_user_upgrade_path(@user_upgrade), create(:owner_user)
+
+        assert_redirected_to "xxx"
+      end
+    end
+
     context "create action" do
       mock_stripe!
 

test/unit/user_upgrade_test.rb

@@ -59,5 +59,28 @@ class UserUpgradeTest < ActiveSupport::TestCase
         end
       end
     end
+
+    context "the #receipt_url method" do
+      mock_stripe!
+
+      context "a pending upgrade" do
+        should "not have a receipt" do
+          @user_upgrade = create(:self_gold_upgrade, status: "pending")
+          @user_upgrade.create_checkout!
+
+          assert_equal(nil, @user_upgrade.receipt_url)
+        end
+      end
+
+      context "a complete upgrade" do
+        # XXX not supported yet by stripe-ruby-mock
+        should_eventually "have a receipt" do
+          @user_upgrade = create(:self_gold_upgrade, status: "complete")
+          @user_upgrade.create_checkout!
+
+          assert_equal("xxx", @user_upgrade.receipt_url)
+        end
+      end
+    end
   end
 end