paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-23 04:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

corporate: Fix string encoding in billing and sponsorship endpoints.

Browse Source
This commit is contained in:
Vishnu KS
2021-04-09 16:13:44 +05:30
committed by Tim Abbott
parent 760a3861e1
commit 752fd2e2d1
8 changed files with 69 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
corporate/tests/test_stripe.py
View File

@@ -422,8 +422,6 @@ class StripeTestCase(ZulipTestCase):
for key in del_args: for key in del_args:
if key in params: if key in params:
del params[key] del params[key]
for key, value in params.items():
params[key] = orjson.dumps(value).decode()
return self.client_post("/json/billing/upgrade", params, **host_args) return self.client_post("/json/billing/upgrade", params, **host_args)
# Upgrade without talking to Stripe # Upgrade without talking to Stripe
@@ -1287,18 +1285,29 @@ class StripeTest(StripeTestCase):
def test_check_upgrade_parameters(self) -> None: def test_check_upgrade_parameters(self) -> None:
# Tests all the error paths except 'not enough licenses' # Tests all the error paths except 'not enough licenses'
def check_error( def check_error(
error_description: str, upgrade_params: Mapping[str, Any], del_args: Sequence[str] = [] error_message: str,
error_description: str,
upgrade_params: Mapping[str, Any],
del_args: Sequence[str] = [],
) -> None: ) -> None:
response = self.upgrade(talk_to_stripe=False, del_args=del_args, **upgrade_params) response = self.upgrade(talk_to_stripe=False, del_args=del_args, **upgrade_params)
self.assert_json_error_contains(response, "Something went wrong. Please contact") self.assert_json_error_contains(response, error_message)
self.assertEqual(orjson.loads(response.content)["error_description"], error_description) if error_description:
self.assertEqual(
orjson.loads(response.content)["error_description"], error_description
)
hamlet = self.example_user("hamlet") hamlet = self.example_user("hamlet")
self.login_user(hamlet) self.login_user(hamlet)
check_error("unknown billing_modality", {"billing_modality": "invalid"}) check_error("Invalid billing_modality", "", {"billing_modality": "invalid"})
check_error("unknown schedule", {"schedule": "invalid"}) check_error("Invalid schedule", "", {"schedule": "invalid"})
check_error("unknown license_management", {"license_management": "invalid"}) check_error("Invalid license_management", "", {"license_management": "invalid"})
check_error("autopay with no card", {}, del_args=["stripe_token"]) check_error(
"Something went wrong. Please contact",
"autopay with no card",
{},
del_args=["stripe_token"],
)
def test_upgrade_license_counts(self) -> None: def test_upgrade_license_counts(self) -> None:
def check_min_licenses_error( def check_min_licenses_error(
@@ -1401,11 +1410,9 @@ class StripeTest(StripeTestCase):
self.login_user(user) self.login_user(user)
data = { data = {
"organization-type": orjson.dumps("Open-source").decode(), "organization-type": "Open-source",
"website": orjson.dumps("https://infinispan.org/").decode(), "website": "https://infinispan.org/",
"description": orjson.dumps( "description": "Infinispan is a distributed in-memory key/value data store with optional schema.",
"Infinispan is a distributed in-memory key/value data store with optional schema."
).decode(),
} }
response = self.client_post("/json/billing/sponsorship", data) response = self.client_post("/json/billing/sponsorship", data)
self.assert_json_success(response) self.assert_json_success(response)

25
corporate/views.py
View File

@@ -46,7 +46,7 @@ from zerver.decorator import (
from zerver.lib.request import REQ, has_request_variables from zerver.lib.request import REQ, has_request_variables
from zerver.lib.response import json_error, json_success from zerver.lib.response import json_error, json_success
from zerver.lib.send_email import FromAddress, send_email from zerver.lib.send_email import FromAddress, send_email
from zerver.lib.validator import check_int, check_string from zerver.lib.validator import check_int, check_string_in
from zerver.models import UserProfile, get_realm from zerver.models import UserProfile, get_realm
billing_logger = logging.getLogger("corporate.stripe") billing_logger = logging.getLogger("corporate.stripe")
@@ -127,14 +127,17 @@ def payment_method_string(stripe_customer: stripe.Customer) -> str:
def upgrade( def upgrade(
request: HttpRequest, request: HttpRequest,
user: UserProfile, user: UserProfile,
billing_modality: str = REQ(json_validator=check_string), billing_modality: str = REQ(str_validator=check_string_in(VALID_BILLING_MODALITY_VALUES)),
schedule: str = REQ(json_validator=check_string), schedule: str = REQ(str_validator=check_string_in(VALID_BILLING_SCHEDULE_VALUES)),
license_management: Optional[str] = REQ(json_validator=check_string, default=None), signed_seat_count: str = REQ(),
salt: str = REQ(),
license_management: Optional[str] = REQ(
default=None, str_validator=check_string_in(VALID_LICENSE_MANAGEMENT_VALUES)
),
licenses: Optional[int] = REQ(json_validator=check_int, default=None), licenses: Optional[int] = REQ(json_validator=check_int, default=None),
stripe_token: Optional[str] = REQ(json_validator=check_string, default=None), stripe_token: Optional[str] = REQ(default=None),
signed_seat_count: str = REQ(json_validator=check_string),
salt: str = REQ(json_validator=check_string),
) -> HttpResponse: ) -> HttpResponse:
try: try:
seat_count = unsign_seat_count(signed_seat_count, salt) seat_count = unsign_seat_count(signed_seat_count, salt)
if billing_modality == "charge_automatically" and license_management == "automatic": if billing_modality == "charge_automatically" and license_management == "automatic":
@@ -236,9 +239,9 @@ def initial_upgrade(request: HttpRequest) -> HttpResponse:
def sponsorship( def sponsorship(
request: HttpRequest, request: HttpRequest,
user: UserProfile, user: UserProfile,
organization_type: str = REQ("organization-type", json_validator=check_string), organization_type: str = REQ("organization-type"),
website: str = REQ("website", json_validator=check_string), website: str = REQ(),
description: str = REQ("description", json_validator=check_string), description: str = REQ(),
) -> HttpResponse: ) -> HttpResponse:
realm = user.realm realm = user.realm
@@ -388,7 +391,7 @@ def change_plan_status(
def replace_payment_source( def replace_payment_source(
request: HttpRequest, request: HttpRequest,
user: UserProfile, user: UserProfile,
stripe_token: str = REQ("stripe_token", json_validator=check_string), stripe_token: str = REQ(),
) -> HttpResponse: ) -> HttpResponse:
try: try:
do_replace_payment_source(user, stripe_token, pay_invoices=True) do_replace_payment_source(user, stripe_token, pay_invoices=True)

3
frontend_tests/node_tests/billing.js
View File

@@ -86,11 +86,10 @@ run_test("initialize", (override) => {
}); });
create_ajax_request_called = false; create_ajax_request_called = false;
function plan_change_ajax(url, form_name, stripe_token, numeric_inputs) { function plan_change_ajax(url, form_name, stripe_token) {
assert.equal(url, "/json/billing/plan/change"); assert.equal(url, "/json/billing/plan/change");
assert.equal(form_name, "planchange"); assert.equal(form_name, "planchange");
assert.equal(stripe_token, undefined); assert.equal(stripe_token, undefined);
assert.deepEqual(numeric_inputs, ["status"]);
create_ajax_request_called = true; create_ajax_request_called = true;
} }

18
frontend_tests/node_tests/billing_helpers.js
View File

@@ -127,13 +127,13 @@ run_test("create_ajax_request", (override) => {
assert.equal(url, "/json/billing/upgrade"); assert.equal(url, "/json/billing/upgrade");
assert.equal(Object.keys(data).length, 8); assert.equal(Object.keys(data).length, 8);
assert.equal(data.stripe_token, '"stripe_token_id"'); assert.equal(data.stripe_token, "stripe_token_id");
assert.equal(data.seat_count, '"{{ seat_count }}"'); assert.equal(data.seat_count, "{{ seat_count }}");
assert.equal(data.signed_seat_count, '"{{ signed_seat_count }}"'); assert.equal(data.signed_seat_count, "{{ signed_seat_count }}");
assert.equal(data.salt, '"{{ salt }}"'); assert.equal(data.salt, "{{ salt }}");
assert.equal(data.billing_modality, '"charge_automatically"'); assert.equal(data.billing_modality, "charge_automatically");
assert.equal(data.schedule, '"monthly"'); assert.equal(data.schedule, "monthly");
assert.equal(data.license_management, '"automatic"'); assert.equal(data.license_management, "automatic");
assert.equal(data.licenses, ""); assert.equal(data.licenses, "");
history.pushState = (state_object, title, path) => { history.pushState = (state_object, title, path) => {
@@ -174,9 +174,7 @@ run_test("create_ajax_request", (override) => {
assert.equal(state.free_trial_alert_message_show, 1); assert.equal(state.free_trial_alert_message_show, 1);
}); });
helpers.create_ajax_request("/json/billing/upgrade", "autopay", {id: "stripe_token_id"}, [ helpers.create_ajax_request("/json/billing/upgrade", "autopay", {id: "stripe_token_id"});
"licenses",
]);
}); });
run_test("format_money", () => { run_test("format_money", () => {

42
frontend_tests/node_tests/upgrade.js
View File

@@ -36,30 +36,24 @@ run_test("initialize", (override) => {
}); });
let create_ajax_request_form_call_count = 0; let create_ajax_request_form_call_count = 0;
helpers.__Rewire__( helpers.__Rewire__("create_ajax_request", (url, form_name, stripe_token, redirect_to) => {
"create_ajax_request", create_ajax_request_form_call_count += 1;
(url, form_name, stripe_token, numeric_inputs, redirect_to) => { if (form_name === "autopay") {
create_ajax_request_form_call_count += 1; assert.equal(url, "/json/billing/upgrade");
if (form_name === "autopay") { assert.equal(stripe_token, "stripe_add_card_token");
assert.equal(url, "/json/billing/upgrade"); assert.equal(redirect_to, undefined);
assert.equal(stripe_token, "stripe_add_card_token"); } else if (form_name === "invoice") {
assert.deepEqual(numeric_inputs, ["licenses"]); assert.equal(url, "/json/billing/upgrade");
assert.equal(redirect_to, undefined); assert.equal(stripe_token, undefined);
} else if (form_name === "invoice") { assert.equal(redirect_to, undefined);
assert.equal(url, "/json/billing/upgrade"); } else if (form_name === "sponsorship") {
assert.equal(stripe_token, undefined); assert.equal(url, "/json/billing/sponsorship");
assert.deepEqual(numeric_inputs, ["licenses"]); assert.equal(stripe_token, undefined);
assert.equal(redirect_to, undefined); assert.equal(redirect_to, "/");
} else if (form_name === "sponsorship") { } else {
assert.equal(url, "/json/billing/sponsorship"); throw new Error("Unhandled case");
assert.equal(stripe_token, undefined); }
assert.equal(numeric_inputs, undefined); });
assert.equal(redirect_to, "/");
} else {
throw new Error("Unhandled case");
}
},
);
const open_func = (config_opts) => { const open_func = (config_opts) => {
assert.equal(config_opts.name, "Zulip"); assert.equal(config_opts.name, "Zulip");

4
static/js/billing/billing.js
View File

@@ -30,9 +30,7 @@ export function initialize() {
}); });
$("#change-plan-status").on("click", (e) => { $("#change-plan-status").on("click", (e) => {
helpers.create_ajax_request("/json/billing/plan/change", "planchange", undefined, [ helpers.create_ajax_request("/json/billing/plan/change", "planchange");
"status",
]);
e.preventDefault(); e.preventDefault();
}); });
} }

16
static/js/billing/helpers.js
View File

@@ -3,13 +3,7 @@ import $ from "jquery";
import * as loading from "../loading"; import * as loading from "../loading";
import {page_params} from "../page_params"; import {page_params} from "../page_params";
export function create_ajax_request( export function create_ajax_request(url, form_name, stripe_token = null, redirect_to = "/billing") {
url,
form_name,
stripe_token = null,
numeric_inputs = [],
redirect_to = "/billing",
) {
const form = $(`#${CSS.escape(form_name)}-form`); const form = $(`#${CSS.escape(form_name)}-form`);
const form_loading_indicator = `#${CSS.escape(form_name)}_loading_indicator`; const form_loading_indicator = `#${CSS.escape(form_name)}_loading_indicator`;
const form_input_section = `#${CSS.escape(form_name)}-input-section`; const form_input_section = `#${CSS.escape(form_name)}-input-section`;
@@ -32,15 +26,11 @@ export function create_ajax_request(
const data = {}; const data = {};
if (stripe_token) { if (stripe_token) {
data.stripe_token = JSON.stringify(stripe_token.id); data.stripe_token = stripe_token.id;
} }
for (const item of form.serializeArray()) { for (const item of form.serializeArray()) {
if (numeric_inputs.includes(item.name)) { data[item.name] = item.value;
data[item.name] = item.value;
} else {
data[item.name] = JSON.stringify(item.value);
}
} }
$.post({ $.post({

14
static/js/billing/upgrade.js
View File

@@ -12,9 +12,7 @@ export const initialize = () => {
image: "/static/images/logo/zulip-icon-128x128.png", image: "/static/images/logo/zulip-icon-128x128.png",
locale: "auto", locale: "auto",
token(stripe_token) { token(stripe_token) {
helpers.create_ajax_request("/json/billing/upgrade", "autopay", stripe_token, [ helpers.create_ajax_request("/json/billing/upgrade", "autopay", stripe_token);
"licenses",
]);
}, },
}); });
@@ -43,7 +41,7 @@ export const initialize = () => {
return; return;
} }
e.preventDefault(); e.preventDefault();
helpers.create_ajax_request("/json/billing/upgrade", "invoice", undefined, ["licenses"]); helpers.create_ajax_request("/json/billing/upgrade", "invoice");
}); });
$("#sponsorship-button").on("click", (e) => { $("#sponsorship-button").on("click", (e) => {
@@ -51,13 +49,7 @@ export const initialize = () => {
return; return;
} }
e.preventDefault(); e.preventDefault();
helpers.create_ajax_request( helpers.create_ajax_request("/json/billing/sponsorship", "sponsorship", undefined, "/");
"/json/billing/sponsorship",
"sponsorship",
undefined,
undefined,
"/",
);
}); });
const prices = {}; const prices = {};