Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fix issues with refund queries #5422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kieckhafer merged 9 commits into from
Aug 6, 2019
Merged

Fix issues with refund queries #5422

kieckhafer merged 9 commits into from
Aug 6, 2019

Conversation

@aldeed
Copy link
Contributor

@aldeed aldeed commented Aug 5, 2019
edited
Loading

Impact: major
Type: bugfix

Issue

Discovered a few issues with recently added refunds GraphQL queries. In general, these are blocking being able to check out and view the order on storefront, and being able to capture the payments on admin (using Stripe).

  • There are extra permission checks on refunds and refundsByPaymentIds queries. getOrderQuery util function already does permission checks.
  • imports/plugins/core/orders/server/no-meteor/resolvers/Order/payments.js is calling refundsByPaymentId with order.token for the token param, but that's the hashed token so it fails.
  • When capturing the payment, it fails and there's a server error complaining about the ID namespace not being "reaction/order". I'm guessing somewhere there's a resolver layer that's passing an already-internal ID where an opaque ID is expected.

Solution

  • Removed the extra permission checks
  • There's no reason why refundsByPaymentId should be looking up the order from DB again in cases where we already have it. Maybe payments.js should just pass the whole order, and update refundsByPaymentId to skip the permission / lookup stuff when the order is passed in.
  • Remove comments from the lines of code that convert IDs before calling captureOrderPayment from browser

Breaking changes

None

Testing

  • With Stripe payment set up, verify that you can place an anonymous order from develop branch of the example storefront, and then capture that order payment in Reaction Admin.
  • Same test but with an account order

@aldeed
fix: remove extra permission checks
ce1ae31 
from refund queries

Signed-off-by: Eric Dobbertin <[email protected]>
@aldeed aldeed requested a review from kieckhafer August 5, 2019 23:55
@kieckhafer
Copy link
Member

kieckhafer commented Aug 6, 2019
edited
Loading

@aldeed Updated refundsByPaymentId to accept an order object, and skip the query of the Orders collection if it's provided.

@kieckhafer
tests: update tests for changes
dbb5701 
Signed-off-by: Erik Kieckhafer <[email protected]>
@kieckhafer
remove orderId requirement
fa49690 
Signed-off-by: Erik Kieckhafer <[email protected]>
@kieckhafer
docs: make orderId optional
2728ba2 
Signed-off-by: Erik Kieckhafer <[email protected]>
@aldeed
Copy link
Contributor Author

aldeed commented Aug 6, 2019

@kieckhafer Actually I think GraphQL refundsByPaymentId should go back to what it was. Passing in an order should be an optimization for internal calls only. We wouldn't want to encourage people to pass an entire order to the server over GraphQL.

@kieckhafer
Copy link
Member

kieckhafer commented Aug 6, 2019
edited
Loading

@aldeed reverted most of those changes, now order is an optional param that if passed, will skip that check, but all other params are still required and should function how it was.

@kieckhafer kieckhafer marked this pull request as ready for review August 6, 2019 17:51
@kieckhafer kieckhafer removed their request for review August 6, 2019 19:01
@kieckhafer kieckhafer removed their assignment Aug 6, 2019
@aldeed
Copy link
Contributor Author

aldeed commented Aug 6, 2019

@kieckhafer Everything works correctly now for both anon and account orders. I can't approve this because I created it but I'm fine with merging it.

@aldeed aldeed requested a review from kieckhafer August 6, 2019 20:06
@kieckhafer kieckhafer merged commit c685727 into develop Aug 6, 2019
@kieckhafer kieckhafer mentioned this pull request Aug 6, 2019
Closed
@kieckhafer kieckhafer deleted the fix-aldeed-refund-gql-issues branch August 6, 2019 20:09
@kieckhafer kieckhafer mentioned this pull request Aug 28, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kieckhafer kieckhafer Awaiting requested review from kieckhafer

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aldeed @kieckhafer