replace tab api key to secrets

2015-09-12 11:47:00 +02:00 · 2015-09-12 11:47:00 +02:00 · 891e596fda
parent 052989e819
commit 891e596fda
3 changed files with 22 additions and 15 deletions
--- a/app/models/order.rb
+++ b/app/models/order.rb
@ -39,20 +39,6 @@ class Order < ActiveRecord::Base
    write_attribute(:price_cents, price_cents)
  end

-  def tab_api_created
-    body = { transaction: { debtor: user.uid, cents: price_cents, message: to_sentence } }
-    headers = { "Authorization" => "Token token=LNJxGqkM39O21gcJJq6BLQ==" }
-    HTTParty.post("https://zeus.ugent.be/tab/transactions", body: body, headers: headers )
-  end
-  handle_asynchronously :tab_api_created
-
-  def tab_api_cancelled
-    body = { transaction: { creditor: user.uid, cents: price_cents, message: "Order cancelled" } }
-    headers = { "Authorization" => "Token token=LNJxGqkM39O21gcJJq6BLQ==" }
-    HTTParty.post("https://zeus.ugent.be/tab/transactions", body: body, headers: headers )
-  end
-  handle_asynchronously :tab_api_cancelled
-
  def cancel
    return false if cancelled || created_at < 5.minutes.ago

@ -78,4 +64,23 @@ class Order < ActiveRecord::Base
      end
    end
  end
+
+  private
+
+  def tab_api_created
+    body = { transaction: { debtor: user.uid, cents: price_cents, message: to_sentence } }
+    tab_api body
+  end
+  handle_asynchronously :tab_api_created
+
+  def tab_api_cancelled
+    body = { transaction: { creditor: user.uid, cents: price_cents, message: "Order cancelled" } }
+    tab_api body
+  end
+  handle_asynchronously :tab_api_cancelled
+
+  def tab_api body
+    headers = { "Authorization" => "Token token=#{Rails.application.secrets.tab_api_key}" }
+    HTTParty.post("https://zeus.ugent.be/tab/transactions", body: body, headers: headers )
+  end
 end
--- a/app/views/users/_sidebar.html.erb
+++ b/app/views/users/_sidebar.html.erb
@ -22,7 +22,7 @@
        <% if @user.dagschotel %>
          Huidige dagschotel
          <%= image_tag @user.dagschotel.avatar %>
-          <%= link_to "Change dagschotel", dit_dagschotel_user_path(@user), class: "btn btn-default btn-block" %>
+          <%= link_to "Change dagschotel", edit_dagschotel_user_path(@user), class: "btn btn-default btn-block" %>
        <% else %>
          <%= link_to "Set dagschotel", edit_dagschotel_user_path(@user), class: "btn btn-default btn-block" %>
        <% end %>
--- a/config/secrets.yml
+++ b/config/secrets.yml
@ -15,6 +15,7 @@ development:
  omniauth_client_id: tomtest
  omniauth_client_secret: blargh
  access_token: "token"
+  tab_api_key: ""

 test:
  secret_key_base: 961437e28e7d6055ffaad9cf1f8d614354f57f10cb2d7601c9d6ede72a03b9c9535ad9e63507e3eb31252c4895970a63117493408f2e9a46c7a0c4a5a7836b81
@ -27,3 +28,4 @@ production:
  omniauth_client_id: ""
  omniauth_client_secret: ""
  access_token: ""
+  tab_api_key: ""