Merge branch 'ag/zuora_with_token_new_api' into 'master'

Introduce API method for payment validation See merge request gitlab-org/gitlab!84296

Merge branch 'ag/zuora_with_token_new_api' into 'master'
Introduce API method for payment validation See merge request gitlab-org/gitlab!84296
9f4f8a74 · Dylan Griffith · 1615f2de · ea3c18c2 · 9f4f8a74 · 9f4f8a74
Commit 9f4f8a74 authored Apr 08, 2022 by Dylan Griffith
5 changed files
--- a/ee/app/controllers/subscriptions_controller.rb
+++ b/ee/app/controllers/subscriptions_controller.rb
@@ -84,6 +84,11 @@ class SubscriptionsController < ApplicationController
    render json: response[:data]
  end

+  def validate_payment_method
+    response = client.validate_payment_method(params[:id], validate_payment_method_params)
+    render json: response
+  end
+
  def create
    current_user.update(setup_for_company: true) if params[:setup_for_company]
    group = params[:selected_group] ? current_group : create_group
@@ -148,6 +153,10 @@ class SubscriptionsController < ApplicationController
    params.require(:subscription).permit(:plan_id, :is_addon, :payment_method_id, :quantity, :source).merge(params.permit(:active_subscription))
  end

+  def validate_payment_method_params
+    { gitlab_user_id: params[:gitlab_user_id] }
+  end
+
  def find_group(plan_id:)
    selected_group = current_user.manageable_groups.top_most.find(params[:selected_group])


--- a/ee/config/routes/subscription.rb
+++ b/ee/config/routes/subscription.rb
@@ -5,6 +5,7 @@ resource :subscriptions, only: [:new, :create] do
  get :buy_storage
  get :payment_form
  get :payment_method
+  post :validate_payment_method

  scope module: :subscriptions do
    resources :groups, only: [:edit, :update]

--- a/ee/lib/gitlab/subscription_portal/clients/rest.rb
+++ b/ee/lib/gitlab/subscription_portal/clients/rest.rb
@@ -37,6 +37,10 @@ module Gitlab
            http_get("api/payment_methods/#{id}", admin_headers)
          end

+          def validate_payment_method(id, params)
+            http_post("api/payment_methods/#{id}/validate", admin_headers, params)
+          end
+
          def customers_oauth_app_uid
            http_get("api/v1/oauth_app_id", admin_headers)
          end

--- a/ee/spec/controllers/subscriptions_controller_spec.rb
+++ b/ee/spec/controllers/subscriptions_controller_spec.rb
@@ -246,6 +246,32 @@ RSpec.describe SubscriptionsController do
    end
  end

+  describe 'GET #validate_payment_method' do
+    let(:params) { { id: 'foo', gitlab_user_id: 'user-id' } }
+
+    subject do
+      post :validate_payment_method, params: params, as: :json
+    end
+
+    context 'with unauthorized user' do
+      it { is_expected.to have_gitlab_http_status(:unauthorized) }
+    end
+
+    context 'with authorized user' do
+      before do
+        sign_in(user)
+        expect(Gitlab::SubscriptionPortal::Client)
+          .to receive(:validate_payment_method)
+          .with(params[:id], { gitlab_user_id: params[:gitlab_user_id] })
+          .and_return({ success: true })
+      end
+
+      it { is_expected.to have_gitlab_http_status(:ok) }
+
+      it { is_expected.to be_successful }
+    end
+  end
+
  describe 'POST #create', :snowplow do
    subject do
      post :create,

--- a/ee/spec/lib/gitlab/subscription_portal/clients/rest_spec.rb
+++ b/ee/spec/lib/gitlab/subscription_portal/clients/rest_spec.rb
@@ -136,6 +136,19 @@ RSpec.describe Gitlab::SubscriptionPortal::Clients::Rest do
    it_behaves_like 'when http call raises an exception'
  end

+  describe '#validate_payment_method' do
+    subject do
+      client.validate_payment_method('test_payment_method_id', {})
+    end
+
+    let(:http_method) { :post }
+
+    it_behaves_like 'when response is successful'
+    it_behaves_like 'when response code is 422'
+    it_behaves_like 'when response code is 500'
+    it_behaves_like 'when http call raises an exception'
+  end
+
  describe '#customers_oauth_app_uid' do
    subject do
      client.customers_oauth_app_uid