1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-03 04:02:43 +01:00
phorge-phorge/src/applications/phortune/controller/PhortuneCartAcceptController.php
epriestley 38927d5704 Add a "Review" status to Phortune
Summary: Ref T2787. Allow merchants to flag orders for review. For now, all orders are flagged for review. Eventually, I could imagine Herald rules for coarse things (e.g., require review of all orders over $1,000, or require review of all orders by users not on a whitelist) and maybe examining fraud data for the providers which support it.

Test Plan: {F215848}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D10675
2014-10-10 11:29:13 -07:00

57 lines
1.5 KiB
PHP

<?php
final class PhortuneCartAcceptController
extends PhortuneCartController {
private $id;
public function willProcessRequest(array $data) {
$this->id = $data['id'];
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
$cart = id(new PhortuneCartQuery())
->setViewer($viewer)
->withIDs(array($this->id))
->needPurchases(true)
->executeOne();
if (!$cart) {
return new Aphront404Response();
}
// You must control the merchant to accept orders.
PhabricatorPolicyFilter::requireCapability(
$viewer,
$cart->getMerchant(),
PhabricatorPolicyCapability::CAN_EDIT);
$cancel_uri = $cart->getDetailURI();
if ($cart->getStatus() !== PhortuneCart::STATUS_REVIEW) {
return $this->newDialog()
->setTitle(pht('Order Not in Review'))
->appendParagraph(
pht(
'This order does not need manual review, so you can not '.
'accept it.'))
->addCancelButton($cancel_uri);
}
if ($request->isFormPost()) {
$cart->didReviewCart();
return id(new AphrontRedirectResponse())->setURI($cancel_uri);
}
return $this->newDialog()
->setTitle(pht('Accept Order?'))
->appendParagraph(
pht(
'This order has been flagged for manual review. You should review '.
'it carefully before accepting it.'))
->addCancelButton($cancel_uri)
->addSubmitButton(pht('Accept Order'));
}
}