CoCalc -- cancel-payment-intent.ts

GitHub Repository: sagemathinc/cocalc
Path: blob/master/src/packages/next/pages/api/v2/purchases/stripe/cancel-payment-intent.ts
¹⁴⁵⁶ views

1
/*
2
An admin can cancel anybody's payment intent, whereas a user can only cancel their own.
3
*/
4

5
import getAccountId from "lib/account/get-account";
6
import {
7
  cancelPaymentIntent,
8
  getPaymentIntentAccountId,
9
} from "@cocalc/server/purchases/stripe/create-payment-intent";
10
import getParams from "lib/api/get-params";
11
import userIsInGroup from "@cocalc/server/accounts/is-in-group";
12
import throttle from "@cocalc/util/api/throttle";
13

14
export default async function handle(req, res) {
15
  try {
16
    res.json(await get(req));
17
  } catch (err) {
18
    res.json({ error: `${err.message}` });
19
    return;
20
  }
21
}
22

23
async function get(req) {
24
  const account_id = await getAccountId(req);
25
  if (account_id == null) {
26
    throw Error("must be signed in");
27
  }
28
  throttle({
29
    account_id,
30
    endpoint: "purchases/stripe/cancel-payment-intent",
31
  });
32
  const { id, reason } = getParams(req);
33
  const owner_id = await getPaymentIntentAccountId(id);
34
  if (owner_id != account_id) {
35
    if (!(await userIsInGroup(account_id, "admin"))) {
36
      throw Error("only admins can cancel other user's payment intents");
37
    }
38
  }
39
  await cancelPaymentIntent({ id, reason });
40
  return { success: true };
41
}
42

43

Product

Resources

Company