Hide contribution payments from demo user(s) (#738)

* Hide payment contribution options from demo and manually created users Demo data users and manually created users don't have stripe_customer_id set on their family, so they should not see payment/contribution options. Changes: - Add can_manage_subscription? method to Family::Subscribeable that checks for presence of stripe_customer_id - Guard Settings::PaymentsController to return 403 for users without stripe_customer_id - Guard SubscriptionsController#show action (Stripe portal redirect) for users without stripe_customer_id - Update settings navigation to hide the payment link when stripe_customer_id is not present - Add tests for the new behavior * Fix broken test --------- Co-authored-by: Claude <noreply@anthropic.com>
2026-04-19 03:54:08 +00:00 · 2026-01-23 12:35:49 +01:00
parent 5ba051c8cf
commit e0fb585bda
7 changed files with 71 additions and 8 deletions
--- a/app/views/settings/_settings_nav.html.erb
+++ b/app/views/settings/_settings_nav.html.erb
@@ -8,7 +8,7 @@ nav_sections = [
      { label: t(".preferences_label"), path: settings_preferences_path, icon: "bolt" },
      { label: t(".profile_label"), path: settings_profile_path, icon: "circle-user" },
      { label: t(".security_label"), path: settings_security_path, icon: "shield-check" },
-      { label: t(".payment_label"), path: settings_payment_path, icon: "circle-dollar-sign", if: !self_hosted? }
+      { label: t(".payment_label"), path: settings_payment_path, icon: "circle-dollar-sign", if: !self_hosted? && Current.family.can_manage_subscription? }
    ]
  },
  {