cleanup and add tests

Author: suejung-sentry

api/internal/owner/views.py

@@ -131,29 +131,6 @@ def update_billing_address(self, request, *args, **kwargs):
         billing.update_billing_address(owner, name, billing_address=formatted_address)
         return Response(self.get_serializer(owner).data)
 
-    @action(detail=False, methods=["post"])
-    @stripe_safe
-    def setup_intent(self, request, *args, **kwargs):
-        """
-        Create a Stripe SetupIntent to securely collect payment details.
-
-        Returns:
-            Response with SetupIntent client_secret for frontend payment method setup.
-
-        Raises:
-            ValidationError: If SetupIntent creation fails
-        """
-        try:
-            billing = BillingService(requesting_user=request.current_owner)
-            client_secret = billing.create_setup_intent(self.owner)
-            return Response({"client_secret": client_secret})
-        except Exception as e:
-            log.error(
-                f"Error getting setup intent for owner {self.owner.ownerid}",
-                extra={"error": str(e)},
-            )
-            raise ValidationError(detail="Unable to create setup intent")
-
 
 class UsersOrderingFilter(filters.OrderingFilter):
     def get_valid_fields(self, queryset, view, context=None):

api/internal/tests/views/cassetes/test_account_viewset/AccountViewSetTests/test_update_email_address_with_propagate.yaml

@@ -0,0 +1,82 @@
+interactions:
+- request:
+    body: null
+    headers:
+      Accept:
+      - '*/*'
+      Accept-Encoding:
+      - gzip, deflate
+      Connection:
+      - keep-alive
+      Stripe-Version:
+      - 2024-12-18.acacia
+      User-Agent:
+      - Stripe/v1 PythonBindings/11.4.1
+      X-Stripe-Client-User-Agent:
+      - '{"bindings_version": "11.4.1", "lang": "python", "publisher": "stripe", "httplib":
+        "requests", "lang_version": "3.12.8", "platform": "Linux-6.10.14-linuxkit-aarch64-with-glibc2.36",
+        "uname": "Linux d20f7f8cacbc 6.10.14-linuxkit #1 SMP Fri Nov 29 17:22:03 UTC
+        2024 aarch64 "}'
+    method: GET
+    uri: https://api.stripe.com/v1/customers/flsoe
+  response:
+    body:
+      string: "{\n  \"error\": {\n    \"code\": \"resource_missing\",\n    \"doc_url\":
+        \"https://stripe.com/docs/error-codes/resource-missing\",\n    \"message\":
+        \"No such customer: 'flsoe'\",\n    \"param\": \"id\",\n    \"request_log_url\":
+        \"https://dashboard.stripe.com/test/logs/req_6pLtLMgWfIwlrz?t=1736823224\",\n
+        \   \"type\": \"invalid_request_error\"\n  }\n}\n"
+    headers:
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Access-Control-Allow-Methods:
+      - GET, HEAD, PUT, PATCH, POST, DELETE
+      Access-Control-Allow-Origin:
+      - '*'
+      Access-Control-Expose-Headers:
+      - Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required,
+        X-Stripe-Privileged-Session-Required
+      Access-Control-Max-Age:
+      - '300'
+      Cache-Control:
+      - no-cache, no-store
+      Connection:
+      - keep-alive
+      Content-Length:
+      - '320'
+      Content-Security-Policy:
+      - base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none';
+        img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; upgrade-insecure-requests;
+        report-uri https://q.stripe.com/csp-violation?q=MUUgmXSyxSreBM7-bAyGzVR-Wca5tyHBXs7Sj4nrUFvKjUmrsdjHKQ4xq7a_xXp1ovkYdGrNWQ%3D%3D
+      Content-Type:
+      - application/json
+      Cross-Origin-Opener-Policy-Report-Only:
+      - same-origin; report-to="coop"
+      Date:
+      - Tue, 14 Jan 2025 02:53:44 GMT
+      Report-To:
+      - '{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}'
+      Reporting-Endpoints:
+      - coop="https://q.stripe.com/coop-report"
+      Request-Id:
+      - req_6pLtLMgWfIwlrz
+      Server:
+      - nginx
+      Strict-Transport-Security:
+      - max-age=63072000; includeSubDomains; preload
+      Stripe-Version:
+      - 2024-12-18.acacia
+      Vary:
+      - Origin
+      X-Content-Type-Options:
+      - nosniff
+      X-Stripe-Priority-Routing-Enabled:
+      - 'true'
+      X-Stripe-Routing-Context-Priority-Tier:
+      - api-testmode
+      X-Wc:
+      - AB
+    status:
+      code: 404
+      message: Not Found
+version: 1

api/internal/tests/views/test_account_viewset.py

@@ -1,7 +1,7 @@
 import json
 import os
 from datetime import datetime
-from unittest.mock import MagicMock, patch
+from unittest.mock import MagicMock, Mock, patch
 
 import pytest
 from django.test import override_settings
@@ -1228,6 +1228,43 @@ def test_update_email_address(self, modify_customer_mock, retrieve_mock):
             self.current_owner.stripe_customer_id, email=new_email
         )
 
+    @patch("services.billing.stripe.Subscription.retrieve")
+    @patch("services.billing.stripe.Customer.modify") 
+    @patch("services.billing.stripe.PaymentMethod.modify")
+    @patch("services.billing.stripe.Customer.retrieve")
+    def test_update_email_address_with_propagate(
+        self, customer_retrieve_mock, payment_method_mock, modify_customer_mock, retrieve_mock
+    ):
+        self.current_owner.stripe_customer_id = "flsoe"
+        self.current_owner.stripe_subscription_id = "djfos"
+        self.current_owner.save()
+
+        payment_method_id = "pm_123"
+        customer_retrieve_mock.return_value = {
+            "invoice_settings": {
+                "default_payment_method": payment_method_id
+            }
+        }
+
+        new_email = "[email protected]"
+        kwargs = {
+            "service": self.current_owner.service,
+            "owner_username": self.current_owner.username,
+        }
+        data = {"new_email": new_email, "should_propagate_to_payment_methods": True}
+        url = reverse("account_details-update-email", kwargs=kwargs)
+        response = self.client.patch(url, data=data, format="json")
+        assert response.status_code == status.HTTP_200_OK
+
+        modify_customer_mock.assert_called_once_with(
+            self.current_owner.stripe_customer_id, email=new_email
+        )
+        customer_retrieve_mock.assert_called_once_with(self.current_owner.stripe_customer_id)
+        payment_method_mock.assert_called_once_with(
+            payment_method_id,
+            billing_details={"email": new_email}
+        )
+
     def test_update_billing_address_without_body(self):
         kwargs = {
             "service": self.current_owner.service,

graphql_api/tests/mutation/test_create_stripe_setup_intent.py

@@ -25,8 +25,29 @@ def test_when_unauthenticated(self):
         data = self.gql_request(query, variables={"input": {"owner": "somename"}})
         assert data["createStripeSetupIntent"]["error"]["__typename"] == "UnauthenticatedError"
 
+    def test_when_unauthorized(self):
+        other_owner = OwnerFactory(username="other-user") 
+        data = self.gql_request(
+            query, owner=self.owner, variables={"input": {"owner": other_owner.username}}
+        )
+        assert data["createStripeSetupIntent"]["error"]["__typename"] == "UnauthorizedError"
+
+    @patch("services.billing.stripe.SetupIntent.create")
+    def test_when_validation_error(self, setup_intent_create_mock):
+        setup_intent_create_mock.side_effect = Exception("Some error")
+        data = self.gql_request(
+            query, owner=self.owner, variables={"input": {"owner": self.owner.username}}
+        )
+        assert data["createStripeSetupIntent"]["error"]["__typename"] == "ValidationError"
+
+    def test_when_owner_not_found(self):
+        data = self.gql_request(
+            query, owner=self.owner, variables={"input": {"owner": "nonexistent-user"}}
+        )
+        assert data["createStripeSetupIntent"]["error"]["__typename"] == "ValidationError"
+
     @patch("services.billing.stripe.SetupIntent.create")
-    def test_when_authenticated(self, setup_intent_create_mock):
+    def test_success(self, setup_intent_create_mock):
         setup_intent_create_mock.return_value = {"client_secret": "test-client-secret"}
         data = self.gql_request(
             query, owner=self.owner, variables={"input": {"owner": self.owner.username}}

graphql_api/types/mutation/create_stripe_setup_intent/create_stripe_setup_intent.graphql

@@ -1,4 +1,4 @@
-union CreateStripeSetupIntentError = UnauthenticatedError | ValidationError
+union CreateStripeSetupIntentError = UnauthenticatedError | UnauthorizedError | ValidationError
 
 type CreateStripeSetupIntentPayload {
     error: CreateStripeSetupIntentError

services/billing.py

@@ -603,7 +603,7 @@ def update_email_address(self, owner: Owner, email_address: str, should_propagat
             try:
                 default_payment_method = stripe.Customer.retrieve(
                     owner.stripe_customer_id
-                ).invoice_settings.default_payment_method
+                )["invoice_settings"]["default_payment_method"]
 
                 stripe.PaymentMethod.modify(
                     default_payment_method,
@@ -701,7 +701,7 @@ def create_setup_intent(self, owner: Owner) -> stripe.SetupIntent:
             ),
         )
         return stripe.SetupIntent.create(
-            payment_method_types=['card', 'us_bank_account'],
+            payment_method_configuration=settings.STRIPE_PAYMENT_METHOD_CONFIGURATION_ID,
             customer=owner.stripe_customer_id,
         )
 

services/tests/test_billing.py

@@ -1538,6 +1538,7 @@ def test_create_checkout_session_with_no_stripe_customer_id(
             tax_id_collection={"enabled": True},
             customer_update=None,
         )
+
     @patch("services.billing.stripe.checkout.Session.create")
     def test_create_checkout_session_with_stripe_customer_id(
         self, create_checkout_session_mock
@@ -2031,4 +2032,3 @@ def test_get_invoice(self, get_invoice_mock):
         owner = OwnerFactory()
         self.billing_service.get_invoice(owner, "abc")
         get_invoice_mock.assert_called_once_with(owner, "abc")
-