Merge 5a001e9 into b3e7b7d

kobotoolbox · May 24, 2024 · 4293bd1 · 4293bd1
2 parents b3e7b7d + 5a001e9
commit 4293bd1
Show file tree

Hide file tree

Showing 6 changed files with 55 additions and 9 deletions.
diff --git a/hub/tests/test_globalsettings.py b/hub/tests/test_globalsettings.py
@@ -3,8 +3,10 @@
 from constance.test import override_config
 from django.urls import reverse
 from django.test import TestCase
+from django.test import override_settings
 
 
+@override_settings(STRIPE_ENABLED=False)
 class GlobalSettingsTestCase(TestCase):
 
     fixtures = ['test_data']

diff --git a/kobo/apps/external_integrations/tests/test_cors.py b/kobo/apps/external_integrations/tests/test_cors.py
@@ -1,10 +1,12 @@
 # coding: utf-8
+from django.test import override_settings
 from django.urls import reverse
 from rest_framework.test import APITestCase
 
 from ..models import CorsModel
 
 
+@override_settings(STRIPE_ENABLED=False)
 class CorsTests(APITestCase):
     def setUp(self):
         self.innocuous_url = reverse('environment')

diff --git a/kobo/settings/base.py b/kobo/settings/base.py
@@ -952,10 +952,7 @@ def __init__(self, *args, **kwargs):
 
 
 ''' Stripe configuration intended for kf.kobotoolbox.org only, tracks usage limit exceptions '''
-STRIPE_ENABLED = False
-if env.str('STRIPE_TEST_SECRET_KEY', None) or env.str('STRIPE_LIVE_SECRET_KEY', None):
-    STRIPE_ENABLED = True
-
+STRIPE_ENABLED = env.bool("STRIPE_ENABLED", False)
 
 def dj_stripe_request_callback_method():
     # This method exists because dj-stripe's documentation doesn't reflect reality.

diff --git a/kpi/tests/api/test_api_environment.py b/kpi/tests/api/test_api_environment.py
@@ -11,6 +11,7 @@
 from django.test import override_settings
 from django.urls import reverse
 from django.utils import timezone
+from djstripe.models import APIKey
 from markdown import markdown
 from model_bakery import baker
 from rest_framework import status
@@ -44,6 +45,16 @@ class EnvironmentTests(BaseTestCase):
       ]
     }
 
+    @classmethod
+    def setUpTestData(cls):
+        # Create a fake APIKey object for testing
+        cls.api_key = APIKey.objects.create(
+            type='publishable',
+            livemode=True,
+            secret='fake_public_key'
+        )
+
+    @override_settings(STRIPE_ENABLED=True)
     def setUp(self):
         self.url = reverse('environment')
         self.user = User.objects.get(username='someuser')
@@ -99,7 +110,11 @@ def setUp(self):
             ),
             'mfa_code_length': settings.TRENCH_AUTH['CODE_LENGTH'],
             'stripe_public_key': (
-                settings.STRIPE_PUBLIC_KEY if settings.STRIPE_ENABLED else None
+                str(
+                    APIKey.objects.get(type='publishable', livemode=True).secret
+                )
+                if settings.STRIPE_ENABLED
+                else None
             ),
             'free_tier_thresholds': to_python_object(
                 constance.config.FREE_TIER_THRESHOLDS
@@ -295,7 +310,7 @@ def test_free_tier_override_uses_organization_owner_join_date(
         self.assertEqual(response.data['free_tier_thresholds'], FREE_TIER_NO_THRESHOLDS)
         self.assertEqual(response.data['free_tier_display'], FREE_TIER_EMPTY_DISPLAY)
 
-    @override_settings(SOCIALACCOUNT_PROVIDERS={})
+    @override_settings(SOCIALACCOUNT_PROVIDERS={}, STRIPE_ENABLED=False)
     def test_social_apps(self):
         # GET mutates state, call it first to test num queries later
         self.client.get(self.url, format='json')
@@ -323,3 +338,15 @@ def test_tos_sitewide_message(self):
         response = self.client.get(self.url, format='json')
         assert response.status_code == status.HTTP_200_OK
         assert response.data['terms_of_service__sitewidemessage__exists']
+
+    @override_settings(STRIPE_ENABLED=False)
+    def test_stripe_public_key_when_stripe_disabled(self):
+        response = self.client.get(self.url, format='json')
+        assert response.status_code == status.HTTP_200_OK
+        assert response.data['stripe_public_key'] is None
+
+    @override_settings(STRIPE_ENABLED=True)
+    def test_stripe_public_key_when_stripe_enabled(self):
+        response = self.client.get(self.url, format='json')
+        assert response.status_code == status.HTTP_200_OK
+        assert response.data['stripe_public_key'] == 'fake_public_key'
diff --git a/kpi/tests/api/v2/test_api_invalid_password_access.py b/kpi/tests/api/v2/test_api_invalid_password_access.py
@@ -2,6 +2,7 @@
 import uuid
 
 from django.contrib.auth import get_user_model
+from django.test import override_settings
 from rest_framework import status
 from rest_framework.authtoken.models import Token
 from rest_framework.reverse import reverse
@@ -40,6 +41,7 @@ def setUp(self):
         self.user = get_user_model().objects.get(username='someuser')
         self.user_token, _ = Token.objects.get_or_create(user=self.user)
 
+    @override_settings(STRIPE_ENABLED=False)
     def test_access_forbidden_with_invalid_password(self):
         # Ensure password is valid first
         self.user.extra_details.validated_password = True

diff --git a/kpi/views/environment.py b/kpi/views/environment.py
@@ -5,6 +5,7 @@
 import constance
 from allauth.socialaccount.models import SocialApp
 from django.conf import settings
+from django.core.exceptions import MultipleObjectsReturned
 from django.utils.translation import gettext_lazy as t
 from markdown import markdown
 from hub.models.sitewide_message import SitewideMessage
@@ -167,9 +168,24 @@ def process_other_configs(request):
             request.user
         )
         data['submission_placeholder'] = SUBMISSION_PLACEHOLDER
-        data['stripe_public_key'] = (
-            settings.STRIPE_PUBLIC_KEY if settings.STRIPE_ENABLED else None
-        )
+
+        if settings.STRIPE_ENABLED:
+            from djstripe.models import APIKey
+
+            try:
+                data['stripe_public_key'] = str(
+                    APIKey.objects.get(type='publishable', livemode=True).secret
+                )
+            except MultipleObjectsReturned:
+                raise MultipleObjectsReturned(
+                    'Remove extra api keys from the django admin.'
+                )
+            except APIKey.DoesNotExist:
+                raise APIKey.DoesNotExist(
+                    'Add a stripe api key to the django admin.'
+                )
+        else:
+            data['stripe_public_key'] = None
 
         # If the user isn't eligible for the free tier override, don't send free tier data to the frontend
         if request.user.id: