As reported [on Meta](https://meta.discourse.org/t/discourse-subscriptions/140818/352?u=justin), moderators could access all of the subscriptions data (plugins/prices/subscribers) and manage them. This should not be the case, so this PR adds a route constraint to 404 moderators from these routes.
1. Improve mobile checkout styling
These are pretty simple changes. The buttons were crammed together and not wrapping properly on mobile if there were more than a few. Also the padding was weird and causing text to overflow out of the #main-outlet on phone viewports.
2. Renders the top campaign banner on mobile even if sidebar is selected
In the original PR, we refactored using the connector JS out since we now have more Ember operators; however, we needed some more complex logic that couldn't be done in the template. Basically, we choose which outlet to render the component in based on two criteria:
If the setting is set to sidebar or top
If we're on a mobile device
Previously, if the site showed the banner on the sidebar and the user browsed to mobile, they wouldn't see a banner at all. This PR changes the logic to use the top outlet on mobile, even if the sidebar is selected.
Commit does 3 things:
Remove the duplicative currency abbreviation in favor of the currency symbol alone
Reorders plans by the cost in ascending order.
Fixes a flexbox button bug
Meta topic: https://meta.discourse.org/t/subscriptions-add-pagination-to-admin-subscriptions-view/172500
This adds support for pagination using our `{{load-more}}` component in core. Implementation on the backend was a bit tricky because we don't return all results from Stripe, only those that match local subscriptions stored in the `DiscourseSubscriptions::Subscription` model.
Feature requested here: https://meta.discourse.org/t/subscriptions-allow-users-to-purchase-one-time-products-multiple-times/173732/
There may be cases where a site admin wants to allow the repurchasing of a product. This implements the functionality by adding a repurchaseable toggle in the admin screen when creating a product. This saves an attribute to the Stripe product metadata.
When a user has already purchased an item with this toggle enabled, they will be able to purchase it again when browsing to `/s`.
Adds full support to create coupon/promo codes in the Admin > Plugins > Subscriptions section of the plugin. The Create Coupon button opens a form on the same page, and the active checkboxes toggle the active status of the coupon code.
This adds support for Stripe Promo Codes in the user checkout process.
Also adds a discounted field to User > Billing > Subscriptions to show the amount or percent discounted.
This does not currently add in support for creating promo codes in the Subscriptions interface (that will come at a later point in time). Instead a coupon can be created with a promo code right from the Stripe dashboard.
Bumping the API gem to 5.29.0 and to the latest API version. This takes into account changes in the API over the last few months and also lays the groundwork for some other improvements to the plugin (namely promo codes).
Not all URLs in Subscriptions were not subfolder install friendly. This commit uses link-to in places its needed to properly set URLs if on a subfolder install.
An implementation of refunds from the Admin dashboard. To refund, go to Plugins > Subscriptions > Subscriptions then click the `Cancel` button. You'll be presented with a modal. If you wish to refund only the most recent payment, check the box.
This only implements refunds for Subscriptions, not One Time Payments. One Time Payments will still need to be handled manually at this time.
Due to putting the Stripe Elements HTML inside an if block in the
template, this caused state to be funky. As a result, calling
`this.stripe.createToken` failed to return a promise. Opted instead to
hide the elements via CSS for anonymous users to prevent this
showstopping bug.
Improves the subscription flow for anonymous users by making the routes available, and showing a login button. Clicking login from this page will save a `destination_url` cookie so that when logging in they're redirected back to the subscription page they were at.
The code in the plugin needed a dramatic cleanup. This refactor collapses the Plan/Product/Subscription controllers on the backend into one new controller: `SubscribeController`.
This reduces N+1 calls to the back end during the subscription process and simplifies use of the code.
I've also removed a bunch of dead code and refactored some logic into methods for easier readability. No feature/functionality changes in this commit; only refactoring. However, refactoring will allow for implementation of better anonymous user handling, so this is largely a foundation to enable making that change.
We don't want foreign keys in migrations going forward as they can be
expensive for large tables. However, we shouldn't be changing old
migrations, so we're having rubocop ignore it in this plugin for now.