Merge branch 'main' into 828-repo-validation-throughout-upload-flow

Author: adrian-codecov

VERSION

@@ -1 +1 @@
-24.10.1
+24.11.1

billing/tests/test_views.py

@@ -1,5 +1,6 @@
 import time
-from unittest.mock import patch
+from datetime import datetime
+from unittest.mock import call, patch
 
 import stripe
 from django.conf import settings
@@ -142,6 +143,11 @@ def test_invoice_payment_failed_sets_owner_delinquent_true(self):
                     "object": {
                         "customer": self.owner.stripe_customer_id,
                         "subscription": self.owner.stripe_subscription_id,
+                        "default_payment_method": {
+                            "card": {"brand": "visa", "last4": 1234}
+                        },
+                        "total": 24000,
+                        "hosted_invoice_url": "https://stripe.com",
                     }
                 },
             }
@@ -165,6 +171,11 @@ def test_invoice_payment_failed_sets_multiple_owners_delinquent_true(self):
                     "object": {
                         "customer": self.owner.stripe_customer_id,
                         "subscription": self.owner.stripe_subscription_id,
+                        "default_payment_method": {
+                            "card": {"brand": "visa", "last4": 1234}
+                        },
+                        "total": 24000,
+                        "hosted_invoice_url": "https://stripe.com",
                     }
                 },
             }
@@ -176,6 +187,142 @@ def test_invoice_payment_failed_sets_multiple_owners_delinquent_true(self):
         assert self.owner.delinquent is True
         assert self.other_owner.delinquent is True
 
+    @patch("services.task.TaskService.send_email")
+    def test_invoice_payment_failed_sends_email_to_admins(self, mocked_send_email):
+        non_admin = OwnerFactory(email="[email protected]")
+        admin_1 = OwnerFactory(email="[email protected]")
+        admin_2 = OwnerFactory(email="[email protected]")
+        self.owner.admins = [admin_1.ownerid, admin_2.ownerid]
+        self.owner.plan_activated_users = [non_admin.ownerid]
+        self.owner.email = "[email protected]"
+        self.owner.save()
+
+        response = self._send_event(
+            payload={
+                "type": "invoice.payment_failed",
+                "data": {
+                    "object": {
+                        "customer": self.owner.stripe_customer_id,
+                        "subscription": self.owner.stripe_subscription_id,
+                        "default_payment_method": {
+                            "card": {"brand": "visa", "last4": 1234}
+                        },
+                        "total": 24000,
+                        "hosted_invoice_url": "https://stripe.com",
+                    }
+                },
+            }
+        )
+
+        self.owner.refresh_from_db()
+        assert response.status_code == status.HTTP_204_NO_CONTENT
+        assert self.owner.delinquent is True
+
+        expected_calls = [
+            call(
+                to_addr=self.owner.email,
+                subject="Your Codecov payment failed",
+                template_name="failed-payment",
+                name=self.owner.username,
+                amount=240,
+                card_type="visa",
+                last_four=1234,
+                cta_link="https://stripe.com",
+                date=datetime.now().strftime("%B %-d, %Y"),
+            ),
+            call(
+                to_addr=admin_1.email,
+                subject="Your Codecov payment failed",
+                template_name="failed-payment",
+                name=admin_1.username,
+                amount=240,
+                card_type="visa",
+                last_four=1234,
+                cta_link="https://stripe.com",
+                date=datetime.now().strftime("%B %-d, %Y"),
+            ),
+            call(
+                to_addr=admin_2.email,
+                subject="Your Codecov payment failed",
+                template_name="failed-payment",
+                name=admin_2.username,
+                amount=240,
+                card_type="visa",
+                last_four=1234,
+                cta_link="https://stripe.com",
+                date=datetime.now().strftime("%B %-d, %Y"),
+            ),
+        ]
+        mocked_send_email.assert_has_calls(expected_calls)
+
+    @patch("services.task.TaskService.send_email")
+    def test_invoice_payment_failed_sends_email_to_admins_no_card(
+        self, mocked_send_email
+    ):
+        non_admin = OwnerFactory(email="[email protected]")
+        admin_1 = OwnerFactory(email="[email protected]")
+        admin_2 = OwnerFactory(email="[email protected]")
+        self.owner.admins = [admin_1.ownerid, admin_2.ownerid]
+        self.owner.plan_activated_users = [non_admin.ownerid]
+        self.owner.email = "[email protected]"
+        self.owner.save()
+
+        response = self._send_event(
+            payload={
+                "type": "invoice.payment_failed",
+                "data": {
+                    "object": {
+                        "customer": self.owner.stripe_customer_id,
+                        "subscription": self.owner.stripe_subscription_id,
+                        "default_payment_method": None,
+                        "total": 24000,
+                        "hosted_invoice_url": "https://stripe.com",
+                    }
+                },
+            }
+        )
+
+        self.owner.refresh_from_db()
+        assert response.status_code == status.HTTP_204_NO_CONTENT
+        assert self.owner.delinquent is True
+
+        expected_calls = [
+            call(
+                to_addr=self.owner.email,
+                subject="Your Codecov payment failed",
+                template_name="failed-payment",
+                name=self.owner.username,
+                amount=240,
+                card_type=None,
+                last_four=None,
+                cta_link="https://stripe.com",
+                date=datetime.now().strftime("%B %-d, %Y"),
+            ),
+            call(
+                to_addr=admin_1.email,
+                subject="Your Codecov payment failed",
+                template_name="failed-payment",
+                name=admin_1.username,
+                amount=240,
+                card_type=None,
+                last_four=None,
+                cta_link="https://stripe.com",
+                date=datetime.now().strftime("%B %-d, %Y"),
+            ),
+            call(
+                to_addr=admin_2.email,
+                subject="Your Codecov payment failed",
+                template_name="failed-payment",
+                name=admin_2.username,
+                amount=240,
+                card_type=None,
+                last_four=None,
+                cta_link="https://stripe.com",
+                date=datetime.now().strftime("%B %-d, %Y"),
+            ),
+        ]
+        mocked_send_email.assert_has_calls(expected_calls)
+
     def test_customer_subscription_deleted_sets_plan_to_free(self):
         self.owner.plan = "users-inappy"
         self.owner.plan_user_count = 20
@@ -1003,29 +1150,51 @@ def test_subscription_schedule_updated_logs_changes_to_schedule(
         assert self.owner.plan == original_plan
         assert self.owner.plan_user_count == original_quantity
 
-    def test_checkout_session_completed_sets_stripe_customer_id(self):
+    def test_checkout_session_completed_sets_stripe_ids(self):
         self.owner.stripe_customer_id = None
         self.owner.save()
 
-        expected_id = "fhjtwoo40"
+        expected_customer_id = "cus_1234"
+        expected_subscription_id = "sub_7890"
 
         self._send_event(
             payload={
                 "type": "checkout.session.completed",
                 "data": {
                     "object": {
-                        "customer": expected_id,
+                        "customer": expected_customer_id,
                         "client_reference_id": str(self.owner.ownerid),
+                        "subscription": expected_subscription_id,
                     }
                 },
             }
         )
 
         self.owner.refresh_from_db()
-        assert self.owner.stripe_customer_id == expected_id
+        assert self.owner.stripe_customer_id == expected_customer_id
+        assert self.owner.stripe_subscription_id == expected_subscription_id
 
     @patch("billing.views.stripe.Subscription.modify")
     def test_customer_update_but_not_payment_method(self, subscription_modify_mock):
+        payment_method = "pm_123"
+        self._send_event(
+            payload={
+                "type": "customer.updated",
+                "data": {
+                    "object": {
+                        "invoice_settings": {"default_payment_method": None},
+                        "subscriptions": {
+                            "data": [{"default_payment_method": payment_method}]
+                        },
+                    }
+                },
+            }
+        )
+
+        subscription_modify_mock.assert_not_called()
+
+    @patch("billing.views.stripe.Subscription.modify")
+    def test_customer_update_but_payment_method_is_same(self, subscription_modify_mock):
         payment_method = "pm_123"
         self._send_event(
             payload={

billing/views.py

@@ -1,4 +1,5 @@
 import logging
+from datetime import datetime
 from typing import List
 
 import stripe
@@ -12,6 +13,7 @@
 
 from codecov_auth.models import Owner
 from plan.service import PlanService
+from services.task.task import TaskService
 
 from .constants import StripeHTTPHeaders, StripeWebhookEvents
 
@@ -63,6 +65,43 @@ def invoice_payment_failed(self, invoice: stripe.Invoice) -> None:
         owners.update(delinquent=True)
         self._log_updated(list(owners))
 
+        # Send failed payment email to all owner admins
+
+        admin_ids = set()
+        for owner in owners:
+            if owner.admins:
+                admin_ids.update(owner.admins)
+
+            # Add the owner's email as well - for user owners, admins is empty.
+            if owner.email:
+                admin_ids.add(owner.ownerid)
+
+        admins: QuerySet[Owner] = Owner.objects.filter(pk__in=admin_ids)
+
+        task_service = TaskService()
+        card = (
+            invoice.default_payment_method.card
+            if invoice.default_payment_method
+            else None
+        )
+        template_vars = {
+            "amount": invoice.total / 100,
+            "card_type": card.brand if card else None,
+            "last_four": card.last4 if card else None,
+            "cta_link": invoice.hosted_invoice_url,
+            "date": datetime.now().strftime("%B %-d, %Y"),
+        }
+
+        for admin in admins:
+            if admin.email:
+                task_service.send_email(
+                    to_addr=admin.email,
+                    subject="Your Codecov payment failed",
+                    template_name="failed-payment",
+                    name=admin.username,
+                    **template_vars,
+                )
+
     def customer_subscription_deleted(self, subscription: stripe.Subscription) -> None:
         log.info(
             "Customer Subscription Deleted - Setting free plan and deactivating repos for stripe customer",
@@ -337,6 +376,10 @@ def customer_updated(self, customer: stripe.Customer) -> None:
         new_default_payment_method = customer["invoice_settings"][
             "default_payment_method"
         ]
+
+        if new_default_payment_method is None:
+            return
+
         for subscription in customer.get("subscriptions", {}).get("data", []):
             if new_default_payment_method == subscription["default_payment_method"]:
                 continue
@@ -362,6 +405,7 @@ def checkout_session_completed(
         )
         owner = Owner.objects.get(ownerid=checkout_session.client_reference_id)
         owner.stripe_customer_id = checkout_session.customer
+        owner.stripe_subscription_id = checkout_session.subscription
         owner.save()
 
         self._log_updated([owner])

codecov/settings_base.py

@@ -92,7 +92,6 @@
 
 WSGI_APPLICATION = "codecov.wsgi.application"
 
-
 # GraphQL
 
 GRAPHQL_QUERY_COST_THRESHOLD = get_config(
@@ -105,6 +104,8 @@
 
 GRAPHQL_RATE_LIMIT_RPM = get_config("setup", "graphql", "rate_limit_rpm", default=300)
 
+GRAPHQL_INTROSPECTION_ENABLED = False
+
 # Database
 # https://docs.djangoproject.com/en/2.1/ref/settings/#databases
 
@@ -184,7 +185,6 @@
 
 USE_TZ = True
 
-
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/2.1/howto/static-files/
 
@@ -308,7 +308,6 @@
     "gitlab", "bots", "tokenless", "key", default=GITLAB_BOT_KEY
 )
 
-
 GITLAB_ENTERPRISE_CLIENT_ID = get_config("gitlab_enterprise", "client_id")
 GITLAB_ENTERPRISE_CLIENT_SECRET = get_config("gitlab_enterprise", "client_secret")
 GITLAB_ENTERPRISE_REDIRECT_URI = get_config(
@@ -323,7 +322,6 @@
 GITLAB_ENTERPRISE_URL = get_config("gitlab_enterprise", "url")
 GITLAB_ENTERPRISE_API_URL = get_config("gitlab_enterprise", "api_url")
 
-
 CORS_ALLOW_HEADERS = (
     list(default_headers)
     + ["token-type"]
@@ -344,7 +342,6 @@
     "setup", "http", "file_upload_max_memory_size", default=2621440
 )
 
-
 CORS_ALLOWED_ORIGIN_REGEXES = get_config(
     "setup", "api_cors_allowed_origin_regexes", default=[]
 )
@@ -362,7 +359,6 @@
 
 HIDE_ALL_CODECOV_TOKENS = get_config("setup", "hide_all_codecov_tokens", default=False)
 
-
 SENTRY_JWT_SHARED_SECRET = get_config(
     "sentry", "jwt_shared_secret", default=None
 ) or get_config("setup", "sentry", "jwt_shared_secret", default=None)

codecov/settings_dev.py

@@ -55,3 +55,5 @@
 # SHELTER_SHARED_SECRET = "test-supertoken"
 
 GUEST_ACCESS = True
+
+GRAPHQL_INTROSPECTION_ENABLED = True

codecov/settings_staging.py

@@ -75,3 +75,5 @@
 CSRF_TRUSTED_ORIGINS = [
     get_config("setup", "trusted_origin", default="https://*.codecov.dev")
 ]
+
+GRAPHQL_INTROSPECTION_ENABLED = True

codecov/settings_test.py

@@ -10,3 +10,5 @@
 # Mock the Pub/Sub host for testing
 # this prevents the pubsub SDK from trying to load credentials
 os.environ["PUBSUB_EMULATOR_HOST"] = "localhost"
+
+GRAPHQL_INTROSPECTION_ENABLED = True

graphql_api/views.py

@@ -188,6 +188,7 @@ def __exit__(self, exc_type, exc_value, exc_traceback):
 class AsyncGraphqlView(GraphQLAsyncView):
     schema = schema
     extensions = [QueryMetricsExtension]
+    introspection = getattr(settings, "GRAPHQL_INTROSPECTION_ENABLED", False)
 
     def get_validation_rules(
         self,