zulip/corporate/views/session.py

import logging
from typing import Any, Dict

import stripe
from django.http import HttpRequest, HttpResponse
from django.utils.translation import gettext as _

from corporate.lib.stripe import RealmBillingSession
from corporate.models import PaymentIntent, Session
from zerver.decorator import require_billing_access, require_organization_member
from zerver.lib.exceptions import JsonableError
from zerver.lib.request import REQ, has_request_variables
from zerver.lib.response import json_success
from zerver.models import UserProfile

billing_logger = logging.getLogger("corporate.stripe")


@require_billing_access
@has_request_variables
def start_card_update_stripe_session(request: HttpRequest, user: UserProfile) -> HttpResponse:
    billing_session = RealmBillingSession(user)
    assert billing_session.get_customer() is not None
    metadata = {
        "type": "card_update",
        "user_id": user.id,
    }
    stripe_session = billing_session.create_stripe_checkout_session(
        metadata, Session.CARD_UPDATE_FROM_BILLING_PAGE
    )
    return json_success(
        request,
        data={
            "stripe_session_url": stripe_session.url,
            "stripe_session_id": stripe_session.id,
        },
    )


@require_organization_member
@has_request_variables
def start_retry_payment_intent_session(
    request: HttpRequest, user: UserProfile, stripe_payment_intent_id: str = REQ()
) -> HttpResponse:
    billing_session = RealmBillingSession(user)
    customer = billing_session.get_customer()
    if customer is None:
        raise JsonableError(_("Please create a customer first."))

    try:
        payment_intent = PaymentIntent.objects.get(
            stripe_payment_intent_id=stripe_payment_intent_id, customer=customer
        )
    except PaymentIntent.DoesNotExist:
        raise JsonableError(_("Invalid payment intent id."))

    stripe_payment_intent = stripe.PaymentIntent.retrieve(stripe_payment_intent_id)

    if stripe_payment_intent.status == "succeeded":
        raise JsonableError(_("Payment already succeeded."))

    if (
        stripe_payment_intent.status == "processing"
    ):  # nocoverage: Hard to arrive at this state using card
        raise JsonableError(_("Payment processing."))

    metadata: Dict[str, Any] = {
        "user_id": user.id,
    }
    metadata.update(stripe_payment_intent.metadata)
    stripe_session = billing_session.create_stripe_checkout_session(
        metadata, Session.RETRY_UPGRADE_WITH_ANOTHER_PAYMENT_METHOD, payment_intent
    )
    return json_success(
        request,
        data={
            "stripe_session_id": stripe_session.id,
            "stripe_session_url": stripe_session.url,
        },
    )
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`import logging`
billing: Use UserProfile.id to ascertain customer's email. Previously, our Stripe webhook event handler code retrieved the user's email from Stripe using the stripe.Customer.email attribute. This led to situations such that whenever the email that Stripe had did not correspond to a UserProfile in Zulip, the payment flow failed since we couldn't find a UserProfile associated with the given email. Now, we pass in the UserProfile.id in the metadata to Stripe's checkout Session object, so that we can fetch the correct email in future Stripe requests. 2021-12-03 00:23:56 +01:00			`from typing import Any, Dict`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00
			`import stripe`
			`from django.http import HttpRequest, HttpResponse`
			`from django.utils.translation import gettext as _`

corporate: Add create_stripe_checkout_session to BillingSession class. Adds `create_stripe_checkout_session` to BillingSession abstract class, which is then used in all places where a stripe.checkout.Session and Session were created: start_retry_payment_intent_session, start_card_update_stripe_session, and setup_upgrade_checkout_session_and_payment_intent. Adds a `billing_session_url` abstract property to the BillingSession abstract class and for the RealmBillingSession child class sets that value to `self.realm.uri`. 2023-11-06 13:52:12 +01:00			`from corporate.lib.stripe import RealmBillingSession`
			`from corporate.models import PaymentIntent, Session`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`from zerver.decorator import require_billing_access, require_organization_member`
			`from zerver.lib.exceptions import JsonableError`
			`from zerver.lib.request import REQ, has_request_variables`
			`from zerver.lib.response import json_success`
			`from zerver.models import UserProfile`

			`billing_logger = logging.getLogger("corporate.stripe")`


			`@require_billing_access`
			`@has_request_variables`
			`def start_card_update_stripe_session(request: HttpRequest, user: UserProfile) -> HttpResponse:`
corporate: Add create_stripe_checkout_session to BillingSession class. Adds `create_stripe_checkout_session` to BillingSession abstract class, which is then used in all places where a stripe.checkout.Session and Session were created: start_retry_payment_intent_session, start_card_update_stripe_session, and setup_upgrade_checkout_session_and_payment_intent. Adds a `billing_session_url` abstract property to the BillingSession abstract class and for the RealmBillingSession child class sets that value to `self.realm.uri`. 2023-11-06 13:52:12 +01:00			`billing_session = RealmBillingSession(user)`
			`assert billing_session.get_customer() is not None`
			`metadata = {`
			`"type": "card_update",`
			`"user_id": user.id,`
			`}`
			`stripe_session = billing_session.create_stripe_checkout_session(`
			`metadata, Session.CARD_UPDATE_FROM_BILLING_PAGE`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`)`
			`return json_success(`
backend: Add request as parameter to json_success. Adds request as a parameter to json_success as a refactor towards making `ignored_parameters_unsupported` functionality available for all API endpoints. Also, removes any data parameters that are an empty dict or a dict with the generic success response values. 2022-01-31 13:44:02 +01:00			`request,`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`data={`
			`"stripe_session_url": stripe_session.url,`
			`"stripe_session_id": stripe_session.id,`
backend: Add request as parameter to json_success. Adds request as a parameter to json_success as a refactor towards making `ignored_parameters_unsupported` functionality available for all API endpoints. Also, removes any data parameters that are an empty dict or a dict with the generic success response values. 2022-01-31 13:44:02 +01:00			`},`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`)`


			`@require_organization_member`
			`@has_request_variables`
			`def start_retry_payment_intent_session(`
			`request: HttpRequest, user: UserProfile, stripe_payment_intent_id: str = REQ()`
			`) -> HttpResponse:`
corporate: Add create_stripe_checkout_session to BillingSession class. Adds `create_stripe_checkout_session` to BillingSession abstract class, which is then used in all places where a stripe.checkout.Session and Session were created: start_retry_payment_intent_session, start_card_update_stripe_session, and setup_upgrade_checkout_session_and_payment_intent. Adds a `billing_session_url` abstract property to the BillingSession abstract class and for the RealmBillingSession child class sets that value to `self.realm.uri`. 2023-11-06 13:52:12 +01:00			`billing_session = RealmBillingSession(user)`
			`customer = billing_session.get_customer()`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`if customer is None:`
			`raise JsonableError(_("Please create a customer first."))`

			`try:`
			`payment_intent = PaymentIntent.objects.get(`
			`stripe_payment_intent_id=stripe_payment_intent_id, customer=customer`
			`)`
			`except PaymentIntent.DoesNotExist:`
			`raise JsonableError(_("Invalid payment intent id."))`

			`stripe_payment_intent = stripe.PaymentIntent.retrieve(stripe_payment_intent_id)`

			`if stripe_payment_intent.status == "succeeded":`
			`raise JsonableError(_("Payment already succeeded."))`

			`if (`
			`stripe_payment_intent.status == "processing"`
			`): # nocoverage: Hard to arrive at this state using card`
			`raise JsonableError(_("Payment processing."))`

billing: Use UserProfile.id to ascertain customer's email. Previously, our Stripe webhook event handler code retrieved the user's email from Stripe using the stripe.Customer.email attribute. This led to situations such that whenever the email that Stripe had did not correspond to a UserProfile in Zulip, the payment flow failed since we couldn't find a UserProfile associated with the given email. Now, we pass in the UserProfile.id in the metadata to Stripe's checkout Session object, so that we can fetch the correct email in future Stripe requests. 2021-12-03 00:23:56 +01:00			`metadata: Dict[str, Any] = {`
			`"user_id": user.id,`
			`}`
			`metadata.update(stripe_payment_intent.metadata)`
corporate: Add create_stripe_checkout_session to BillingSession class. Adds `create_stripe_checkout_session` to BillingSession abstract class, which is then used in all places where a stripe.checkout.Session and Session were created: start_retry_payment_intent_session, start_card_update_stripe_session, and setup_upgrade_checkout_session_and_payment_intent. Adds a `billing_session_url` abstract property to the BillingSession abstract class and for the RealmBillingSession child class sets that value to `self.realm.uri`. 2023-11-06 13:52:12 +01:00			`stripe_session = billing_session.create_stripe_checkout_session(`
			`metadata, Session.RETRY_UPGRADE_WITH_ANOTHER_PAYMENT_METHOD, payment_intent`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`)`
			`return json_success(`
backend: Add request as parameter to json_success. Adds request as a parameter to json_success as a refactor towards making `ignored_parameters_unsupported` functionality available for all API endpoints. Also, removes any data parameters that are an empty dict or a dict with the generic success response values. 2022-01-31 13:44:02 +01:00			`request,`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`data={`
			`"stripe_session_id": stripe_session.id,`
			`"stripe_session_url": stripe_session.url,`
backend: Add request as parameter to json_success. Adds request as a parameter to json_success as a refactor towards making `ignored_parameters_unsupported` functionality available for all API endpoints. Also, removes any data parameters that are an empty dict or a dict with the generic success response values. 2022-01-31 13:44:02 +01:00			`},`
billing: Migrate to Stripe hosted checkout page. 2021-08-29 15:33:29 +02:00			`)`