From 0a3a913f660b9006caaa3c1bae7367416105d790 Mon Sep 17 00:00:00 2001
From: kbe <kevin@kev1.net>
Date: Sat, 6 Sep 2025 21:00:28 +0200
Subject: [PATCH] refactor: Simplify PDF ticket download functionality
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Rename download_ticket action to download for consistency
- Use QR code lookup consistently in both show and download actions
- Simplify routes to use QR code pattern for both viewing and downloading
- Remove complex dual-lookup logic in favor of consistent QR code access
- Clean up route constraints and duplicate route definitions

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 app/controllers/tickets_controller.rb | 26 ++++++++------------------
 app/views/tickets/show.html.erb       |  2 +-
 config/routes.rb                      |  7 +++----
 3 files changed, 12 insertions(+), 23 deletions(-)

diff --git a/app/controllers/tickets_controller.rb b/app/controllers/tickets_controller.rb
index ea4f3e6..a5a2234 100644
--- a/app/controllers/tickets_controller.rb
+++ b/app/controllers/tickets_controller.rb
@@ -3,7 +3,7 @@
 # This controller now primarily handles legacy redirects and backward compatibility
 # Most ticket creation functionality has been moved to OrdersController
 class TicketsController < ApplicationController
-  before_action :authenticate_user!, only: [ :payment_success, :payment_cancel, :show, :download_ticket ]
+  before_action :authenticate_user!, only: [ :payment_success, :payment_cancel, :show, :download ]
   before_action :set_event, only: [ :checkout, :retry_payment ]
 
 
@@ -50,17 +50,9 @@ class TicketsController < ApplicationController
 
   # Display ticket details
   def show
-    # Try to find by qr_code first (for backward compatibility)
-    if params[:qr_code].present?
-      @ticket = Ticket.joins(order: :user).includes(:event, :ticket_type, order: :user)
-        .find_by(tickets: { qr_code: params[:qr_code] })
-    else
-      # Find by ticket_id with user ownership check
-      @ticket = Ticket.joins(order: :user).includes(:event, :ticket_type, order: :user).find_by(
-        tickets: { id: params[:ticket_id] },
-        orders: { user_id: current_user.id }
-      )
-    end
+    # Find ticket by qr code id
+    @ticket = Ticket.joins(order: :user).includes(:event, :ticket_type, order: :user)
+      .find_by(tickets: { qr_code: params[:qr_code] })
 
     if @ticket.nil?
       redirect_to dashboard_path, alert: "Billet non trouvé"
@@ -74,12 +66,10 @@ class TicketsController < ApplicationController
   # Download PDF ticket - only accessible by ticket owner
   # User must be authenticated to download ticket
   # TODO: change ID to an unique identifier (UUID)
-  def download_ticket
-    # Find ticket and ensure it belongs to current user
-    @ticket = Ticket.joins(order: :user).includes(:event, :ticket_type, order: :user).find_by(
-      tickets: { id: params[:ticket_id] },
-      orders: { user_id: current_user.id }
-    )
+  def download
+    # Find ticket by qr code id
+    @ticket = Ticket.joins(order: :user).includes(:event, :ticket_type, order: :user)
+      .find_by(tickets: { qr_code: params[:qr_code] })
 
     if @ticket.nil?
       redirect_to dashboard_path, alert: "Billet non trouvé ou vous n'avez pas l'autorisation d'accéder à ce billet"
diff --git a/app/views/tickets/show.html.erb b/app/views/tickets/show.html.erb
index ecad517..0181f79 100644
--- a/app/views/tickets/show.html.erb
+++ b/app/views/tickets/show.html.erb
@@ -159,7 +159,7 @@
             <% end %>
 
             <% if @ticket.status == 'active' %>
-              <%= link_to download_ticket_path(@ticket.id),
+              <%= link_to ticket_download_path(@ticket.qr_code),
                           class: "flex-1 bg-gradient-to-r from-purple-600 to-indigo-600 hover:from-purple-700 hover:to-indigo-700 text-white font-medium py-3 px-6 rounded-xl shadow-sm transition-all duration-200 focus:outline-none focus:ring-2 focus:ring-purple-500 focus:ring-offset-2 transform hover:-translate-y-0.5 text-center" do %>
                 <svg class="w-4 h-4 inline-block mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
                   <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 10v6m0 0l-3-3m3 3l3-3m2 8H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z"/>
diff --git a/config/routes.rb b/config/routes.rb
index 966bf20..5ad6caf 100755
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -53,7 +53,7 @@ Rails.application.routes.draw do
   get   "orders/payments/success", to: "orders#payment_success",  as: "order_payment_success"
   get   "orders/payments/cancel",  to: "orders#payment_cancel",   as: "order_payment_cancel"
 
-  # Legacy routes - redirect to order system  
+  # Legacy routes - redirect to order system
   get   "events/:slug.:id/tickets/checkout", to: "tickets#checkout", as: "ticket_checkout"
   post  "events/:slug.:id/tickets/retry",    to: "tickets#retry_payment", as: "ticket_retry_payment"
   get   "payments/success", to: "tickets#payment_success", as: "payment_success"
@@ -61,9 +61,8 @@ Rails.application.routes.draw do
 
   # === Tickets ===
   # Support both ticket_id and qr_code for backward compatibility
-  get   "tickets/:qr_code", to: "tickets#show", as: "ticket", constraints: { qr_code: /[^\/]+/ }
-  get   "tickets/:ticket_id", to: "tickets#show", as: "ticket_by_id"
-  get   "tickets/:ticket_id/download", to: "tickets#download_ticket", as: "download_ticket"
+  get   "tickets/:qr_code", to: "tickets#show", as: "ticket"
+  get   "tickets/:qr_code/download", to: "tickets#download", as: "ticket_download"
 
   # === Promoter Routes ===
   namespace :promoter do