satellite/{console,web}: allow var users to setup stripe account

This change corrects the VAR partnered user UX by allowing creation of stripe accounts for them, as a result, allowing for invoices to be created for them. Issue: storj/storj-private#667 Change-Id: I4ebca5614be4c2a3a8fdb7a8349170325c86f358
storj · Apr 10, 2024 · 358d06f · 358d06f
1 parent af965b7
commit 358d06f
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 18 deletions.
diff --git a/satellite/console/consoleweb/server.go b/satellite/console/consoleweb/server.go
@@ -354,8 +354,11 @@ func NewServer(logger *zap.Logger, config Config, service *console.Service, oidc
 		paymentsRouter := router.PathPrefix("/api/v0/payments").Subrouter()
 		paymentsRouter.Use(server.withCORS)
 		paymentsRouter.Use(server.withAuth)
-		varBlocker := newVarBlockerMiddleWare(&server, config.VarPartners)
+
+		allowedRoutes := []string{"/api/v0/payments/account"} // var partners can still setup stripe account
+		varBlocker := newVarBlockerMiddleWare(&server, config.VarPartners, allowedRoutes)
 		paymentsRouter.Use(varBlocker.withVarBlocker)
+
 		paymentsRouter.Handle("/payment-methods", server.userIDRateLimiter.Limit(http.HandlerFunc(paymentController.AddCardByPaymentMethodID))).Methods(http.MethodPost, http.MethodOptions)
 		paymentsRouter.Handle("/cards", server.userIDRateLimiter.Limit(http.HandlerFunc(paymentController.AddCreditCard))).Methods(http.MethodPost, http.MethodOptions)
 		paymentsRouter.HandleFunc("/cards", paymentController.MakeCreditCardDefault).Methods(http.MethodPatch, http.MethodOptions)
@@ -703,17 +706,25 @@ func (server *Server) appHandler(w http.ResponseWriter, r *http.Request) {
 type varBlockerMiddleWare struct {
 	partners map[string]struct{}
 	server   *Server
+	// routes that should be allowed by the varBlocker regardless
+	// of whether the request is from a VAR partner user or not
+	allowedRoutes map[string]struct{}
 }
 
 // newVarBlockerMiddleWare creates a new instance of varBlocker.
-func newVarBlockerMiddleWare(server *Server, varPartners []string) *varBlockerMiddleWare {
+func newVarBlockerMiddleWare(server *Server, varPartners []string, allowedRoutes []string) *varBlockerMiddleWare {
 	partners := make(map[string]struct{}, len(varPartners))
 	for _, partner := range varPartners {
 		partners[partner] = struct{}{}
 	}
+	allowed := make(map[string]struct{}, len(allowedRoutes))
+	for _, route := range allowedRoutes {
+		allowed[route] = struct{}{}
+	}
 	return &varBlockerMiddleWare{
-		partners: partners,
-		server:   server,
+		partners:      partners,
+		server:        server,
+		allowedRoutes: allowed,
 	}
 }
 
@@ -725,10 +736,16 @@ func (v *varBlockerMiddleWare) withVarBlocker(handler http.Handler) http.Handler
 
 		defer mon.Task()(&ctx)(&err)
 
-		user, err := console.GetUser(ctx)
-		if _, ok := v.partners[string(user.UserAgent)]; ok {
-			web.ServeJSONError(ctx, v.server.log, w, http.StatusForbidden, errs.New("VAR Partner not supported"))
-			return
+		if _, ok := v.allowedRoutes[r.URL.Path]; !ok {
+			user, err := console.GetUser(ctx)
+			if err != nil {
+				web.ServeJSONError(ctx, v.server.log, w, http.StatusForbidden, Error.Wrap(err))
+				return
+			}
+			if _, ok := v.partners[string(user.UserAgent)]; ok {
+				web.ServeJSONError(ctx, v.server.log, w, http.StatusForbidden, errs.New("VAR Partner not supported"))
+				return
+			}
 		}
 
 		handler.ServeHTTP(w, r.Clone(ctx))

diff --git a/satellite/console/consoleweb/server_test.go b/satellite/console/consoleweb/server_test.go
@@ -239,10 +239,10 @@ func TestVarPartnerBlocker(t *testing.T) {
 	}, func(t *testing.T, ctx *testcontext.Context, planet *testplanet.Planet) {
 		sat := planet.Satellites[0]
 
-		makeRequest := func(token string, shouldForbid bool) {
-			urlLink := "http://" + sat.API.Console.Listener.Addr().String() + "/api/v0/payments/wallet/payments"
+		makeRequest := func(route, method, token string, shouldForbid bool) {
+			urlLink := "http://" + sat.API.Console.Listener.Addr().String() + "/api/v0/payments" + route
 
-			req, err := http.NewRequestWithContext(ctx, http.MethodGet, urlLink, http.NoBody)
+			req, err := http.NewRequestWithContext(ctx, method, urlLink, http.NoBody)
 			require.NoError(t, err)
 
 			req.AddCookie(&http.Cookie{
@@ -257,6 +257,8 @@ func TestVarPartnerBlocker(t *testing.T) {
 			require.NoError(t, result.Body.Close())
 			if shouldForbid {
 				require.Equal(t, http.StatusForbidden, result.StatusCode)
+			} else {
+				require.Equal(t, http.StatusOK, result.StatusCode)
 			}
 		}
 
@@ -273,7 +275,9 @@ func TestVarPartnerBlocker(t *testing.T) {
 
 			tokenStr := tokenInfo.Token.String()
 
-			makeRequest(tokenStr, string(user.UserAgent) == "partner1")
+			makeRequest("/wallet/payments", http.MethodGet, tokenStr, string(user.UserAgent) == "partner1")
+			// account setup account endpoint should be allowed even for var partners
+			makeRequest("/account", http.MethodPost, tokenStr, false)
 		}
 	})
 }

diff --git a/web/satellite/src/App.vue b/web/satellite/src/App.vue
@@ -62,11 +62,6 @@ const isErrorPageShown = computed<boolean>((): boolean => {
     return appStore.state.error.visible;
 });
 
-/**
- * Indicates if billing features are enabled.
- */
-const billingEnabled = computed<boolean>(() => configStore.getBillingEnabled(usersStore.state.user.hasVarPartner));
-
 /**
  * Returns user entity from store.
  */
@@ -86,7 +81,7 @@ async function setup() {
             projectsStore.getUserInvitations(),
             abTestingStore.fetchValues(),
         ];
-        if (billingEnabled.value) {
+        if (configStore.state.config.billingFeaturesEnabled) {
             promises.push(billingStore.setupAccount());
         }
         await Promise.all(promises);