26049684448

Committed 18 May 2026 05:32PM UTC coverage: 87.049% (-0.7%) from 87.786%

Build # 26049684448

Build Type

Pull #921

github

Committed by

web-flow

Commit Message

Merge 68b8265c6 into 9633ffc7c

Pull Request Pull Request #921: chore(deps): bump better-sqlite3 from 12.9.0 to 12.10.0

Coverage Stats

3897 of 4542 branches covered (85.8%)

Branch coverage included in aggregate %.

20106 of 23032 relevant lines covered (87.3%)

846.11 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

27.12

/src/controller/stripe-controller.ts

/**
 *  SudoSOS back-end API service.
 *  Copyright (C) 2026 Study association GEWIS
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as published
 *  by the Free Software Foundation, either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 *
 *  @license
 */

/**
 * This is the module page of the stripe-controller.
 *
 * @module stripe
 */

import log4js, { Logger } from 'log4js';
import { Response } from 'express';
import Dinero from 'dinero.js';
import BaseController, { BaseControllerOptions } from './base-controller';
import Policy from './policy';
import { RequestWithToken } from '../middleware/token-middleware';
import StripeService from '../service/stripe-service';
import { StripeRequest } from './request/stripe-request';
import BalanceService from '../service/balance-service';

export default class StripeController extends BaseController {
  private logger: Logger = log4js.getLogger('StripeController');

  private stripeService: StripeService;

  /**
   * Create a new stripe controller instance
   * @param options
   */
  public constructor(options: BaseControllerOptions) {
    super(options);
    this.configureLogger(this.logger);
    this.stripeService = new StripeService();
  }

  /**
   * @inheritDoc
   */
  public getPolicy(): Policy {
    return {
      '/deposit': {
        POST: {
          policy: async (req) => this.roleManager.can(
            req.token.roles, 'create', 'all', 'StripeDeposit', ['*'],
          ),
          handler: this.createStripeDeposit.bind(this),
          body: { modelName: 'StripeRequest' },
        },
      },
    };
  }

  /**
   * POST /stripe/deposit
   * @summary Start the stripe deposit flow
   * @operationId deposit
   * @tags stripe - Operations of the stripe controller
   * @param {StripeRequest} request.body.required - The deposit that should be created
   * @return {StripePaymentIntentResponse} 200 - Payment Intent information
   * @return {string} 500 - Internal server error
   * @security JWT
   */
  public async createStripeDeposit(req: RequestWithToken, res: Response): Promise<void> {
    this.logger.trace('Create a new stripe deposit by user', req.token.user);
    const request = req.body as StripeRequest;

    try {
      const amount = Dinero(request.amount);
      const balance = await new BalanceService().getBalance(req.token.user.id);

      // Check if top-up satisfies minimum in accordance with TOS.
      if (!StripeService.validateStripeRequestMinimumAmount(balance, request)) {
        res.status(422).json({ error: 'Top-up amount is too low' });
        return;
      }

      // Check if top-up satisfies maximum in accordance with TOS.
      if (!StripeService.validateStripeRequestMaximumAmount(balance, request)) {
        res.status(422).json({ error: 'Top-up amount is too high' });
        return;
      }

      const { deposit, clientSecret } = await this.stripeService.createStripePaymentIntent(req.token.user, amount);
      res.status(200).json({
        id: deposit.id,
        createdAt: deposit.createdAt.toISOString(),
        updatedAt: deposit.updatedAt.toISOString(),
        stripeId: deposit.stripePaymentIntent.stripeId,
        clientSecret,
      });
    } catch (error) {
      this.logger.error('Could not create Stripe payment intent:', error);
      res.status(500).send('Internal server error.');
    }
  }
}

1	/**	1✔
2	* SudoSOS back-end API service.
3	* Copyright (C) 2026 Study association GEWIS
4	*
5	* This program is free software: you can redistribute it and/or modify
6	* it under the terms of the GNU Affero General Public License as published
7	* by the Free Software Foundation, either version 3 of the License, or
8	* (at your option) any later version.
9	*
10	* This program is distributed in the hope that it will be useful,
11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	* GNU Affero General Public License for more details.
14	*
15	* You should have received a copy of the GNU Affero General Public License
16	* along with this program. If not, see <https://www.gnu.org/licenses/>.
17	*
18	* @license
19	*/	1✔
20
21	/**	1✔
22	* This is the module page of the stripe-controller.
23	*
24	* @module stripe
25	*/	1✔
26
27	import log4js, { Logger } from 'log4js';
28	import { Response } from 'express';
29	import Dinero from 'dinero.js';
30	import BaseController, { BaseControllerOptions } from './base-controller';
31	import Policy from './policy';
32	import { RequestWithToken } from '../middleware/token-middleware';
33	import StripeService from '../service/stripe-service';
34	import { StripeRequest } from './request/stripe-request';
35	import BalanceService from '../service/balance-service';
36
37	export default class StripeController extends BaseController {	1✔
38	private logger: Logger = log4js.getLogger('StripeController');	1✔
39
40	private stripeService: StripeService;
41
42	/**	1✔
43	* Create a new stripe controller instance
44	* @param options
45	*/	1✔
46	public constructor(options: BaseControllerOptions) {	1✔
47	super(options);	×
48	this.configureLogger(this.logger);	×
49	this.stripeService = new StripeService();	×
50	}	×
51
52	/**	1✔
53	* @inheritDoc
54	*/	1✔
55	public getPolicy(): Policy {	1✔
56	return {	×
57	'/deposit': {	×
58	POST: {	×
59	policy: async (req) => this.roleManager.can(	×
60	req.token.roles, 'create', 'all', 'StripeDeposit', ['*'],	×
61	),
62	handler: this.createStripeDeposit.bind(this),	×
63	body: { modelName: 'StripeRequest' },	×
64	},	×
65	},	×
66	};	×
67	}	×
68
69	/**	1✔
70	* POST /stripe/deposit
71	* @summary Start the stripe deposit flow
72	* @operationId deposit
73	* @tags stripe - Operations of the stripe controller
74	* @param {StripeRequest} request.body.required - The deposit that should be created
75	* @return {StripePaymentIntentResponse} 200 - Payment Intent information
76	* @return {string} 500 - Internal server error
77	* @security JWT
78	*/	1✔
79	public async createStripeDeposit(req: RequestWithToken, res: Response): Promise<void> {	1✔
80	this.logger.trace('Create a new stripe deposit by user', req.token.user);	×
81	const request = req.body as StripeRequest;	×
82
83	try {	×
84	const amount = Dinero(request.amount);	×
85	const balance = await new BalanceService().getBalance(req.token.user.id);	×
86
87	// Check if top-up satisfies minimum in accordance with TOS.	×
88	if (!StripeService.validateStripeRequestMinimumAmount(balance, request)) {	×
89	res.status(422).json({ error: 'Top-up amount is too low' });	×
90	return;	×
91	}	×
92
93	// Check if top-up satisfies maximum in accordance with TOS.	×
94	if (!StripeService.validateStripeRequestMaximumAmount(balance, request)) {	×
95	res.status(422).json({ error: 'Top-up amount is too high' });	×
96	return;	×
97	}	×
98
99	const { deposit, clientSecret } = await this.stripeService.createStripePaymentIntent(req.token.user, amount);	×
100	res.status(200).json({	×
101	id: deposit.id,	×
102	createdAt: deposit.createdAt.toISOString(),	×
103	updatedAt: deposit.updatedAt.toISOString(),	×
104	stripeId: deposit.stripePaymentIntent.stripeId,	×
105	clientSecret,	×
106	});	×
107	} catch (error) {	×
108	this.logger.error('Could not create Stripe payment intent:', error);	×
109	res.status(500).send('Internal server error.');	×
110	}	×
111	}	×
112	}	1✔

GEWIS / sudosos-backend / 26049684448

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous