Add new API endpoint for payment validation

Add new API method to perform payment validation. This points to Customers Portal newly added API.

Add new API endpoint for payment validation
Add new API method to perform payment validation. This points to Customers Portal newly added API.
ea3c18c2 · Angelo Gulina · d9e89794 · ea3c18c2 · ea3c18c2 · ea3c18c2
Commit ea3c18c2 authored Apr 04, 2022 by Angelo Gulina
5 changed files
--- a/ee/app/controllers/subscriptions_controller.rb
+++ b/ee/app/controllers/subscriptions_controller.rb
@@ -84,6 +84,11 @@ class SubscriptionsController < ApplicationController
    render json: response[:data]
  end

+  def validate_payment_method
+    response = client.validate_payment_method(params[:id], validate_payment_method_params)
+    render json: response
+  end
+
  def create
    current_user.update(setup_for_company: true) if params[:setup_for_company]
    group = params[:selected_group] ? current_group : create_group
@@ -148,6 +153,10 @@ class SubscriptionsController < ApplicationController
    params.require(:subscription).permit(:plan_id, :is_addon, :payment_method_id, :quantity, :source).merge(params.permit(:active_subscription))
  end

+  def validate_payment_method_params
+    { gitlab_user_id: params[:gitlab_user_id] }
+  end
+
  def find_group(plan_id:)
    selected_group = current_user.manageable_groups.top_most.find(params[:selected_group])


--- a/ee/config/routes/subscription.rb
+++ b/ee/config/routes/subscription.rb
@@ -5,6 +5,7 @@ resource :subscriptions, only: [:new, :create] do
  get :buy_storage
  get :payment_form
  get :payment_method
+  post :validate_payment_method

  scope module: :subscriptions do
    resources :groups, only: [:edit, :update]

--- a/ee/lib/gitlab/subscription_portal/clients/rest.rb
+++ b/ee/lib/gitlab/subscription_portal/clients/rest.rb
@@ -37,6 +37,10 @@ module Gitlab
            http_get("api/payment_methods/#{id}", admin_headers)
          end

+          def validate_payment_method(id, params)
+            http_post("api/payment_methods/#{id}/validate", admin_headers, params)
+          end
+
          def customers_oauth_app_uid
            http_get("api/v1/oauth_app_id", admin_headers)
          end

--- a/ee/spec/controllers/subscriptions_controller_spec.rb
+++ b/ee/spec/controllers/subscriptions_controller_spec.rb
@@ -246,6 +246,32 @@ RSpec.describe SubscriptionsController do
    end
  end

+  describe 'GET #validate_payment_method' do
+    let(:params) { { id: 'foo', gitlab_user_id: 'user-id' } }
+
+    subject do
+      post :validate_payment_method, params: params, as: :json
+    end
+
+    context 'with unauthorized user' do
+      it { is_expected.to have_gitlab_http_status(:unauthorized) }
+    end
+
+    context 'with authorized user' do
+      before do
+        sign_in(user)
+        expect(Gitlab::SubscriptionPortal::Client)
+          .to receive(:validate_payment_method)
+          .with(params[:id], { gitlab_user_id: params[:gitlab_user_id] })
+          .and_return({ success: true })
+      end
+
+      it { is_expected.to have_gitlab_http_status(:ok) }
+
+      it { is_expected.to be_successful }
+    end
+  end
+
  describe 'POST #create', :snowplow do
    subject do
      post :create,

--- a/ee/spec/lib/gitlab/subscription_portal/clients/rest_spec.rb
+++ b/ee/spec/lib/gitlab/subscription_portal/clients/rest_spec.rb
@@ -136,6 +136,19 @@ RSpec.describe Gitlab::SubscriptionPortal::Clients::Rest do
    it_behaves_like 'when http call raises an exception'
  end

+  describe '#validate_payment_method' do
+    subject do
+      client.validate_payment_method('test_payment_method_id', {})
+    end
+
+    let(:http_method) { :post }
+
+    it_behaves_like 'when response is successful'
+    it_behaves_like 'when response code is 422'
+    it_behaves_like 'when response code is 500'
+    it_behaves_like 'when http call raises an exception'
+  end
+
  describe '#customers_oauth_app_uid' do
    subject do
      client.customers_oauth_app_uid