saucy/app/controllers/contributions_controller.rb

class ContributionsController < ApplicationController
  before_action :require_login
  before_action :set_member, only: %i[ new create ]
  before_action :set_contribution, only: %i[ edit update delete destroy ]

  # GET /members/new
  def new
    @contribution = Contribution.new
  end

  # GET /members/1/edit
  def edit
  end

  # POST /members
  def create
    @contribution = @member.contributions.build(contribution_params)

    Contribution.transaction do
      if @contribution.save
        @member.handle_new_contribution(@contribution, params.dig(:contribution, :overriden_expires_on))
        @member.reset_status!
        @member.regenerate_notifications

        redirect_to @member, notice: "Contribution was successfully created."
      else
        render :new, status: :unprocessable_entity
      end
    end
  end

  # PATCH/PUT /members/1
  def update
    if @contribution.update(contribution_params)
      redirect_to @contribution.member, notice: "Contribution was successfully updated."
    else
      render :edit, status: :unprocessable_entity
    end
  end
  #
  # GET /members/1/delete
  def delete
  end

  # DELETE /members/1
  def destroy
    @member = @contribution.member
    @contribution.destroy

    redirect_to @member, notice: "Member personal data permanently removed."
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_member
      @member = Member.find(params[:member_id])
    end

    def set_contribution
      @contribution = Contribution.find(params[:id])
    end

    # Only allow a list of trusted parameters through.
    def contribution_params
      params.fetch(:contribution, {}).permit(:eurocents, :payment_method, :payment_on, :payment_reference)
    end
end