Make it possible to create a user without payment details.
We want a new subscription flow, in which the system (not the user) is
responsible for creating a subscription when a new profile is created. This is
to prevent issues where a user has an account, but no subscription. This is bad
because the free trial starts ticking from the day the subscription is created,
so we should try to make the subscription and account creation get created as
close to each other as possible.
Our plan is to instead have the authd service fire off an NSQ event when an
auth.Profile is created, which a subscription listener will be listening for.
When that happens, the listener will use the subscription API to create a
subscription. Then the user will update the subscription with their payment info
and the plan they want to use.
To accomplish this, we changed the way things were handled. The
SubscriptionRequest type, along with its Validate method, were removed. Instead,
we get the SubscriptionChange type which handles both the creation of a
subscription and the updating of a subscription.
We also added an endpoint for patching subscriptions, useful for adding the
StripeSubscription or updating the plan. By default, every subscription is
created with a "Pending" plan which has a 31 day free trial. This is so we can
detect users that haven't actually set up their subscription yet, but their free
trial is still timed correctly.
We changed the way we handle scopes, creating actual auth.Scope instances
instead of just declaring an ID for them. This is useful when we have a client,
for example.
With this change, we lose all the validation we had on creating a Subscription,
and we need to rewrite that validation logic. This is because we no longer have
a specific type for "creating a subscription", so we can't just call a validate
method. We should have a helper method validateCreateRequest(change
SubscriptionChange) that will return the API errors we want, so it's easier to
unit test.
We should really be restricting the CreateSubscriptionHandler to
ScopeSubscriptionAdmin, anyways, since Subscriptions should only ever be created
by the system tools or administrators.
We created a PatchSubscriptionHandler that exposes an interface to updating
properties of a Subscription. It allows users to update their own Subscriptions
or requires the ScopeSubscriptionAdmin scope before allowing you to update
another user's Subscription. It, likewise, needs validation still. We also added
the concept of "system-controlled properties" of the SubscriptionChange type,
which only admins or the system tools can update.
We updated our planOptions to distinguish between plans that do and do not need
administrative credentials to be chosen. Our free and pending plans are
available to administrators only.
We updated our StripeChange object to be better organised (separating out the
system and user-controlled properties), and we added a StripeSource and Email
property, so the Stripe part can be better managed, and all our requests can be
made using just this type. This required updating our SubscriptionChange.IsEmpty
helper, which has been updated (along with its tests) and it passes all tests.
To replace our SubscriptionRequest.Validate helper, we created a
ChangingSystemProperties helper (which returns the system-controlled properties
being changed as a slice of JSON pointers, fit for use in error messages) and an
IsAcceptablePlan helper, which returns true if the plan exists and the user has
the authority to select it.
We also updated our stripe helpers to remove the CreateStripeSubscription (we
create one when we create the customer) and create an UpdateStripeSubscription
instead. It does what you'd think it does. We also added some comments to New,
so it at least has some notes about how it's meant to be used and why. Now it
just creates the customer in stripe, then creates a Subscription based on that
customer. We also updated our StripeSubscriptionChange helper to detect when the
StripeSubscription property changed.
7 "code.secondbit.org/uuid.hg"
11 // ErrSubscriptionAlreadyExists is returned when a Subscription
12 // with an identical ID already exists in the subscriptionStore.
13 ErrSubscriptionAlreadyExists = errors.New("Subscription already exists")
14 // ErrSubscriptionNotFound is returned when a single Subscription
15 // is acted upon or requested, but cannot be found.
16 ErrSubscriptionNotFound = errors.New("Subscription not found")
17 // ErrStripeSubscriptionAlreadyExists is returned when a Subscription
18 // is created or updates its StripeSubscription property, but that
19 // StripeSubscription is already associated with another Subscription.
20 ErrStripeSubscriptionAlreadyExists = errors.New("Stripe subscription already assigned to another Subscription")
21 // ErrSubscriptionChangeEmpty is returned when a SubscriptionChange
22 // is empty but is passed to subscriptionStore.UpdateSubscription
24 ErrSubscriptionChangeEmpty = errors.New("SubscriptionChange is empty")
25 // ErrNoSubscriptionID is returned when one or more Subscription IDs
26 // are required, but none are provided.
27 ErrNoSubscriptionID = errors.New("no Subscription ID provided")
29 planOptions = map[string]bool{
30 "basic_monthly": false,
31 "basic_yearly": false,
32 "supporter_monthly": false,
33 "supporter_yearly": false,
41 // Subscription represents the state of a user's payments. It holds
42 // metadata about the last time a user was charged, how much a user
43 // should be charged, how to charge a user and how much to charge
45 type Subscription struct {
46 UserID uuid.ID `json:"user_id"`
47 StripeSubscription string `json:"stripe_subscription"`
48 Plan string `json:"plan"`
49 Status string `json:"status"`
50 Canceling bool `json:"canceling"`
51 Created time.Time `json:"created"`
52 TrialStart time.Time `json:"trial_start,omitempty"`
53 TrialEnd time.Time `json:"trial_end,omitempty"`
54 PeriodStart time.Time `json:"period_start,omitempty"`
55 PeriodEnd time.Time `json:"period_end,omitempty"`
56 CanceledAt time.Time `json:"canceled_at,omitempty"`
57 FailedChargeAttempts int `json:"failed_charge_attempts"`
58 LastFailedCharge time.Time `json:"last_failed_charge,omitempty"`
59 LastNotified time.Time `json:"last_notified,omitempty"`
62 // SubscriptionChange represents desired changes to a Subscription
63 // object. A nil value means that property should remain unchanged.
64 type SubscriptionChange struct {
65 UserID uuid.ID `json:"user_id"`
68 StripeSource *string `json:"stripe_source,omitempty"`
69 Email *string `json:"email,omitempty"`
70 Plan *string `json:"plan,omitempty"`
71 Canceling *bool `json:"cenceling,omitempty"`
74 StripeSubscription *string `json:"stripe_subscription,omitempty"`
75 Status *string `json:"status,omitempty"`
76 TrialStart *time.Time `json:"trial_start,omitempty"`
77 TrialEnd *time.Time `json:"trial_end,omitempty"`
78 PeriodStart *time.Time `json:"period_start,omitempty"`
79 PeriodEnd *time.Time `json:"period_end,omitempty"`
80 CanceledAt *time.Time `json:"canceled_at,omitempty"`
81 FailedChargeAttempts *int `json:"failed_charge_attempts,omitempty"`
82 LastFailedCharge *time.Time `json:"last_failed_charge,omitempty"`
83 LastNotified *time.Time `json:"last_notified,omitempty"`
86 // IsEmpty returns true if the SubscriptionChange doesn't request
87 // a change to any property of the Subscription.
88 func (change SubscriptionChange) IsEmpty() bool {
89 if change.StripeSource != nil {
92 if change.Email != nil {
95 if change.Plan != nil {
98 if change.Canceling != nil {
101 if change.StripeSubscription != nil {
104 if change.Status != nil {
107 if change.TrialStart != nil {
110 if change.TrialEnd != nil {
113 if change.PeriodStart != nil {
116 if change.PeriodEnd != nil {
119 if change.CanceledAt != nil {
122 if change.LastNotified != nil {
125 if change.LastFailedCharge != nil {
128 if change.FailedChargeAttempts != nil {
134 // ApplyChange updates a Subscription based on the changes requested
135 // by a SubscriptionChange.
136 func (s *Subscription) ApplyChange(change SubscriptionChange) {
137 if change.StripeSubscription != nil {
138 s.StripeSubscription = *change.StripeSubscription
140 if change.Plan != nil {
141 s.Plan = *change.Plan
143 if change.Status != nil {
144 s.Status = *change.Status
146 if change.Canceling != nil {
147 s.Canceling = *change.Canceling
149 if change.TrialStart != nil {
150 s.TrialStart = *change.TrialStart
152 if change.TrialEnd != nil {
153 s.TrialEnd = *change.TrialEnd
155 if change.PeriodStart != nil {
156 s.PeriodStart = *change.PeriodStart
158 if change.PeriodEnd != nil {
159 s.PeriodEnd = *change.PeriodEnd
161 if change.CanceledAt != nil {
162 s.CanceledAt = *change.CanceledAt
164 if change.LastFailedCharge != nil {
165 s.LastFailedCharge = *change.LastFailedCharge
167 if change.LastNotified != nil {
168 s.LastNotified = *change.LastNotified
170 if change.FailedChargeAttempts != nil {
171 s.FailedChargeAttempts = *change.FailedChargeAttempts
175 func ChangingSystemProperties(change SubscriptionChange) []string {
177 if change.StripeSubscription != nil {
178 changes = append(changes, "/stripe_subscription")
180 if change.Status != nil {
181 changes = append(changes, "/status")
183 if change.TrialStart != nil {
184 changes = append(changes, "/trial_start")
186 if change.TrialEnd != nil {
187 changes = append(changes, "/trial_end")
189 if change.PeriodStart != nil {
190 changes = append(changes, "/period_start")
192 if change.PeriodEnd != nil {
193 changes = append(changes, "/period_end")
195 if change.CanceledAt != nil {
196 changes = append(changes, "/canceled_at")
198 if change.FailedChargeAttempts != nil {
199 changes = append(changes, "/failed_charge_attempts")
201 if change.LastFailedCharge != nil {
202 changes = append(changes, "/last_failed_charge")
204 if change.LastNotified != nil {
205 changes = append(changes, "/last_notified")
210 func IsAcceptablePlan(plan string, admin bool) bool {
211 for p, adminOnly := range planOptions {
213 return admin || adminOnly == false
219 // SubscriptionStats represents a set of statistics about our Subscription
220 // data that will be exposed to the Prometheus scraper.
221 type SubscriptionStats struct {
225 Plans map[string]int64
226 // BUG(paddy): Currently, Kubernetes doesn't offer any way to contact _all_ nodes in a service.
227 // Because of this, we can only report stats that will be identical across nodes, e.g. stats
228 // that come from the database. More info here: https://github.com/GoogleCloudPlatform/kubernetes/issues/6666
229 // In the future, we'll need per-node metrics. For now, we'll make do.
231 // Actually, as of https://github.com/GoogleCloudPlatform/kubernetes/pull/9073, we may be all set:
232 // "SRV Records are created for named ports that are part of normal or Headless Services. For each named port,
233 // the SRV record would have the form _my-port-name._my-port-protocol.my-svc.my-namespace.svc.cluster.local.
234 // For a regular service, this resolves to the port number and the CNAME: my-svc.my-namespace.svc.cluster.local.
235 // For a headless service, this resolves to multiple answers, one for each pod that is backing the service, and
236 // contains the port number and a CNAME of the pod with the format auto-generated-name.my-svc.my-namespace.svc.cluster.local
237 // SRV records always contain the 'svc' segment in them and are not supported for old-style CNAMEs where the 'svc' segment
241 type SubscriptionStore interface {
243 CreateSubscription(sub Subscription) error
244 UpdateSubscription(id uuid.ID, change SubscriptionChange) error
245 DeleteSubscription(id uuid.ID) error
246 GetSubscriptions(ids []uuid.ID) (map[string]Subscription, error)
247 GetSubscriptionStats() (SubscriptionStats, error)