Fix CE Stats API access (#4244)

* fix ce stats api access * changelog * tag groth tests ee only
2024-12-23 17:44:43 +03:00 · 2024-06-20 14:32:21 +07:00 · 2024-06-20 14:32:21 +07:00 · 9cbb9ba79c
commit 9cbb9ba79c
parent a5c61e4930
7 changed files with 35 additions and 23 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,8 @@ All notable changes to this project will be documented in this file.

 ### Fixed

+- Fix access to Stats API feature in CE plausible/analytics#4244
+
 ## v2.1.1 - 2024-06-06

 ### Added
--- a/lib/plausible/auth/auth.ex
+++ b/lib/plausible/auth/auth.ex
@ -77,7 +77,7 @@ defmodule Plausible.Auth do
  end

  @spec create_api_key(Auth.User.t(), String.t(), String.t()) ::
-          {:ok, Auth.ApiKey.t()} | {:error, Ecto.Changeset.t()}
+          {:ok, Auth.ApiKey.t()} | {:error, Ecto.Changeset.t() | :upgrade_required}
  def create_api_key(user, name, key) do
    params = %{name: name, user_id: user.id, key: key}
    changeset = Auth.ApiKey.changeset(%Auth.ApiKey{}, params)
--- a/lib/plausible/billing/feature.ex
+++ b/lib/plausible/billing/feature.ex
@ -202,33 +202,38 @@ defmodule Plausible.Billing.Feature.StatsAPI do
    name: :stats_api,
    display_name: "Stats API"

-  @impl true
-  @doc """
-  Checks whether the user has access to Stats API or not.
+  if Plausible.ee?() do
+    @impl true
+    @doc """
+    Checks whether the user has access to Stats API or not.

-  Before the business tier, users who had not yet started their trial had
-  access to Stats API. With the business tier work, access is blocked and they
-  must either start their trial or subscribe to a plan. This is common when a
-  site owner invites a new user. In such cases, using the owner's API key is
-  recommended.
-  """
-  def check_availability(%Plausible.Auth.User{} = user) do
-    user = Plausible.Users.with_subscription(user)
-    unlimited_trial? = is_nil(user.trial_expiry_date)
-    subscription? = Plausible.Billing.Subscriptions.active?(user.subscription)
+    Before the business tier, users who had not yet started their trial had
+    access to Stats API. With the business tier work, access is blocked and they
+    must either start their trial or subscribe to a plan. This is common when a
+    site owner invites a new user. In such cases, using the owner's API key is
+    recommended.
+    """
+    def check_availability(%Plausible.Auth.User{} = user) do
+      user = Plausible.Users.with_subscription(user)
+      unlimited_trial? = is_nil(user.trial_expiry_date)
+      subscription? = Plausible.Billing.Subscriptions.active?(user.subscription)

-    pre_business_tier_account? =
-      Timex.before?(user.inserted_at, Plausible.Billing.Plans.business_tier_launch())
+      pre_business_tier_account? =
+        Timex.before?(user.inserted_at, Plausible.Billing.Plans.business_tier_launch())

-    cond do
-      !subscription? && unlimited_trial? && pre_business_tier_account? ->
-        :ok
+      cond do
+        !subscription? && unlimited_trial? && pre_business_tier_account? ->
+          :ok

-      !subscription? && unlimited_trial? && !pre_business_tier_account? ->
-        {:error, :upgrade_required}
+        !subscription? && unlimited_trial? && !pre_business_tier_account? ->
+          {:error, :upgrade_required}

-      true ->
-        super(user)
+        true ->
+          super(user)
+      end
    end
+  else
+    @impl true
+    def check_availability(_user), do: :ok
  end
 end
--- a/test/plausible/auth/auth_test.exs
+++ b/test/plausible/auth/auth_test.exs
@ -89,6 +89,7 @@ defmodule Plausible.AuthTest do
                [constraint: :unique, constraint_name: "api_keys_key_hash_index"]}
    end

+    @tag :ee_only
    test "returns error when user is on a growth plan" do
      user = insert(:user, subscription: build(:growth_subscription))

--- a/test/plausible/billing/feature_test.exs
+++ b/test/plausible/billing/feature_test.exs
@ -61,6 +61,7 @@ defmodule Plausible.Billing.FeatureTest do
    assert :ok == Plausible.Billing.Feature.StatsAPI.check_availability(user)
  end

+  @tag :ee_only
  test "Plausible.Billing.Feature.StatsAPI.check_availability/2 returns error when user is on a growth plan" do
    user = insert(:user, subscription: build(:growth_subscription))

@ -79,6 +80,7 @@ defmodule Plausible.Billing.FeatureTest do
    assert :ok == Plausible.Billing.Feature.StatsAPI.check_availability(user)
  end

+  @tag :ee_only
  test "Plausible.Billing.Feature.StatsAPI.check_availability/2 returns error when user trial hasn't started and was created after the business tier launch" do
    user = insert(:user, trial_expiry_date: nil)

--- a/test/plausible_web/controllers/api/external_stats_controller/auth_test.exs
+++ b/test/plausible_web/controllers/api/external_stats_controller/auth_test.exs
@ -150,6 +150,7 @@ defmodule PlausibleWeb.Api.ExternalStatsController.AuthTest do
    })
  end

+  @tag :ee_only
  test "returns HTTP 402 when user is on a growth plan", %{
    conn: conn,
    user: user,
--- a/test/plausible_web/plugins/api/controllers/capabilities_test.exs
+++ b/test/plausible_web/plugins/api/controllers/capabilities_test.exs
@ -85,6 +85,7 @@ defmodule PlausibleWeb.Plugins.API.Controllers.CapabilitiesTest do
      assert_schema(resp, "Capabilities", spec())
    end

+    @tag :ee_only
    test "growth", %{conn: conn, site: site, token: token} do
      site = Plausible.Repo.preload(site, :owner)
      insert(:growth_subscription, user: site.owner)