mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-23 23:32:40 +01:00
fcd2025a85
Summary: Ref T2787. Currently, you add payment providers (Stripe, Paypal, etc) in global configuration. Generally, this approach is cumbersome, limiting, and often hard for users to figure out. It also doesn't provide a natural way to segment payment receivers or provide web access to administrative payment functions like issuing refunds, canceling orders, etc. I think that stuff definitely needs to be in the web UI, and the rule for access to it can't reasonably just be "all administrators" in a lot of reasonable cases. The only real advantage is that it prevents an attacker from adjusting settings and pointing something at an account they control. But this attack can be mitigated through notifications, some sort of CLI-only merchant lock, payment accounts being relatively identifiable, etc. So introduce "merchants", which are basically payable entities. An individual merchant will have attached Paypal, Stripe, etc., accounts, and access rules. When you buy something in an application, the merchant to pay is also specified. They also provide an umbrella for dealing with permissions down the line. This may get a //little// cumbersome because if there are several merchants your saved card information is not shared across them. I think that will be fine in the normal case (most installs will have only one merchant). Even if it isn't and we leave providers global, I think introducing this is the right call from a web UI / permissions point of view. I'll play around with it in the next couple of diffs and figure out exactly where the line goes. Test Plan: Listed, created, edited, viewed merchants. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T2787 Differential Revision: https://secure.phabricator.com/D10648
19 lines
907 B
SQL
19 lines
907 B
SQL
CREATE TABLE {$NAMESPACE}_phortune.phortune_merchanttransaction (
|
|
id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
|
|
phid VARCHAR(64) COLLATE utf8_bin NOT NULL,
|
|
authorPHID VARCHAR(64) COLLATE utf8_bin NOT NULL,
|
|
objectPHID VARCHAR(64) COLLATE utf8_bin NOT NULL,
|
|
viewPolicy VARCHAR(64) COLLATE utf8_bin NOT NULL,
|
|
editPolicy VARCHAR(64) COLLATE utf8_bin NOT NULL,
|
|
commentPHID VARCHAR(64) COLLATE utf8_bin DEFAULT NULL,
|
|
commentVersion INT UNSIGNED NOT NULL,
|
|
transactionType VARCHAR(32) COLLATE utf8_bin NOT NULL,
|
|
oldValue LONGTEXT COLLATE utf8_bin NOT NULL,
|
|
newValue LONGTEXT COLLATE utf8_bin NOT NULL,
|
|
contentSource LONGTEXT COLLATE utf8_bin NOT NULL,
|
|
metadata LONGTEXT COLLATE utf8_bin NOT NULL,
|
|
dateCreated INT UNSIGNED NOT NULL,
|
|
dateModified INT UNSIGNED NOT NULL,
|
|
UNIQUE KEY `key_phid` (`phid`),
|
|
KEY `key_object` (`objectPHID`)
|
|
) ENGINE=InnoDB, COLLATE utf8_general_ci;
|