Display a helpful message when users are redirected to the purchase management page because they don't have access to a checkout URL

[DavidRothstein]

What

When you visit a checkout URL you don't have access to (for example, if you are logged in as User A but the checkout URL came from a renewal email for User B's subscription) you get redirected to https://wordpress.com/me/purchases instead.

I think the redirect makes sense, but we should also display a message on the screen in this case explaining e.g. that you don't have access to renew the subscription that you were trying to renew and that the reason is probably because it belongs to a different user account.

Why

This would inform users of why they can't actually renew the subscription they were trying to renew, rather than giving them no feedback (which can cause them to get confused and start trying to buy or renew something else on the wrong account).

Background: https://github.com/Automattic/wp-calypso/issues/74310

How

No response

[michaeldcain]

From planning:

If you visit Checkout for a product you don't own, we should already be displaying a notice of what happened. In this case, it's likely handled at the Checkout router for a Checkout address for a site that you don't own. We should follow similar logic and display the failure reason on purchase management. It's possible the first message isn't showing either, so let's double-check that too.

[sirbrillig]

For reference (not that we have to do the same sort of thing), if you try to add a product to your cart that doesn't exist via the Checkout URL (eg: /checkout/example.com/aasdadas) the shopping-cart endpoint returns an error which is then displayed for the user and checkout does not redirect anywhere.

[sirbrillig]

When you visit a checkout URL you don't have access to (for example, if you are logged in as User A but the checkout URL came from a renewal email for User B's subscription) you get redirected to https://wordpress.com/me/purchases instead.

Interestingly, this is not totally accurate. If you visit /checkout/:site or /checkout/:site/:product for a site you do not own, you are redirected by the siteSelection middleware to the site picker (or the primary site if only one exists) which will then send you back to checkout.

To reproduce the reported issue of ending up on the purchases page, you have to specifically visit a renewal URL for a site you don't own, and that's because of the following events:

• Visit /checkout/:product/renew/:subscription/:site.
• When preparing to load checkout, the controller fails to find the site and redirects to /checkout/:product/renew/:subscription (the same URL without the site).
• The checkout routes specifically redirect a renewal link without a site to the purchases page.

I think that both of these redirect flows could benefit from an error notice, but as they are quite different they'll need to be handled separately.

[sirbrillig]

Working on the renewal flow in https://github.com/Automattic/wp-calypso/pull/75309