GCW-3407 Gogox Gem Integration and Transport APIs #1195
Conversation
steveyken
left a comment
steveyken
left a comment
There was a problem hiding this comment.
Great work. Good to see this taking shape and getting ready to integrate the new GGX booking
swatijadhav
requested review from
abulsayyad123,
bharat619,
patrixr,
shreyas098 and
steveyken
| @time.to_i | ||
| end | ||
|
|
||
| class ValueError < StandardError; end |
There was a problem hiding this comment.
Instead of just value error defining here, create a error in errors.rb
something like TransportationServiceError
Co-authored-by: bharat619 <[email protected]>
steveyken
left a comment
steveyken
left a comment
There was a problem hiding this comment.
Can you remove ngrok binary?
Great work, almost complete
| end | ||
|
|
||
| api :POST, '/v1/transports/update_hook', "Webhook to update transport status" | ||
| def update_hook |
There was a problem hiding this comment.
When implemented, we should use our own authorization check here. E.g. webhook can be /api/v1/transports/update_hook?shared_key=ds23f934dfs¶m1=df¶m2=23
Then check shared_key is as expected.
steveyken
left a comment
steveyken
left a comment
There was a problem hiding this comment.
There's a few issues with un-sanitized user input which need to be addressed. Otherwise, looking good.
| status: response["status"], | ||
| scheduled_at: Time.at(response["pickup"]["schedule_at"]).in_time_zone, | ||
| metadata: response, | ||
| source_id: @params[:source_id], |
There was a problem hiding this comment.
As noted in the controller, this is where source_id and source_type is being overridden by user params rather than the sanitized CanCanCan object. Use @transports instead
Ticket Link:
https://jira.crossroads.org.hk/browse/GCW-3407
What does this PR do?
Gogox Gem Integration and Transport APIs
NOTE: webhook implementation is still WIP