[Help] Subscriptions: wixPaidPlans.cancelOrder() problem

jacobhothersall · December 23, 2020, 6:28pm

When a user cancels a subscription on my site this block of code will run:

cancelPlan(wixUsers.currentUser.id)
.then( (results) => {
    if (results === "SUCCESS") {
        wixPaidPlans.cancelOrder(orderId)
        .then( () => {
            wixWindow.openLightbox("PlanCancelled");
        })
        .catch( (err) => {
            wixWindow.openLightbox("PlanCancelFailed");
        });
    }else {
        wixWindow.openLightbox("PlanCancelFailed");
    }
})
.catch( (err) => {
    wixWindow.openLightbox("PlanCancelFailed");
});

cancelPlan() is a backend function that removes some extra information from a collection on my site prior to order removal. Since this code runs client-side would it be possible for a user to manipulate the code to only run the wixPaidPlans.cancelOrder() for example? The cancelPlan() function ensures a user will no longer be able to access certain HTTP functions I have exposed on the website so if this was possible this could cause issues.

Is this something I should be worrying about? And if so does anybody have any suggestions on how I could go about sorting this? I was hoping to suggest adding a ‘onPlanCanceled’ event in Corvid but without publishing the website I can’t use the “request a feature” yet.

yisrael-wix · December 24, 2020, 9:59am

The PaidPlans APIs are currently limited in the backend. Most of the functionality is restricted to the frontend, and only for logged in users.

You can request a feature… The Wishlist Page is the official platform for requesting new features. You can vote, comment, and track the status of the requested features.

jacobhothersall · December 24, 2020, 12:18pm

Ah yes, I was going to check that although my website isn’t published yet as it isn’t ready to use (eg: the above code) so I thought I’d double check here first before filling out the form. As for the code I’ve shown is this as unsafe as I suspect?

kreativthold · January 5, 2024, 1:27am

Hey Jacob,

I’m trying to get button a button onClick function to result in canceling subscriptions of currentUser

From this post here it seems like you’ve worked som magic in the backend with a “cancelPlan” module.

I’m wondering how I go about acheiving my desired result – Is there any chance you could help?

Topic		Replies	Views
▷ wixPaidPlans : cancelOrder Does not work Ask the community code , question	3	200	December 19, 2020
No Way to Handle Paid Plans Cancellation? Ask the community code , question	1	120	May 17, 2021
wix-paid-plans-backend onPlanCanceled/onPlanInactive Ask the community code , question	3	266	March 4, 2021
WIX pricing api Ask the community code , question	1	95	May 7, 2020
URGENT HELP NEEDED: Using Paid Plans API to Customize Ordering and Payment Ask the community code , question	0	176	October 8, 2019

[Help] Subscriptions: wixPaidPlans.cancelOrder() problem

Related topics