fix: Fix deactivated enterprise user when no plan activated users (#1088

)
codecov · Jan 10, 2025 · a0c8267 · a0c8267
1 parent 47a0933
commit a0c8267
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 2 deletions.
diff --git a/graphql_api/tests/test_owner.py b/graphql_api/tests/test_owner.py
@@ -806,6 +806,26 @@ def test_fetch_owner_on_unauthenticated_enteprise_guest_access_not_activated(sel
             assert e.message == UnauthorizedGuestAccess.message
             assert e.extensions["code"] == UnauthorizedGuestAccess.code
 
+    @override_settings(IS_ENTERPRISE=True, GUEST_ACCESS=False)
+    def test_fetch_owner_plan_activated_users_is_none(self):
+        """
+        This test is when Enterprise guest access is disabled, and you are
+        trying to view an org that does not track plan activated users (e.g., historic data)
+        """
+        user = OwnerFactory(username="sample-user")
+        owner = OwnerFactory(username="sample-owner", plan_activated_users=None)
+        user.save()
+        owner.save()
+        query = """{
+            owner(username: "%s") {
+                username
+            }
+        }
+        """ % (owner.username)
+
+        data = self.gql_request(query, owner=user)
+        assert data["owner"]["username"] == "sample-owner"
+
     def test_fetch_current_user_is_okta_authenticated(self):
         account = AccountFactory()
         owner = OwnerFactory(username="sample-owner", service="github", account=account)

diff --git a/graphql_api/types/query/query.py b/graphql_api/types/query/query.py
@@ -52,8 +52,17 @@ async def resolve_owner(
         if not user or not user.is_authenticated:
             raise UnauthorizedGuestAccess()
 
-        target = await get_owner(service, username)
-        if user.ownerid not in target.plan_activated_users:
+        # if the owner tracks plan activated users, check if the user is in the list
+        target_owner = await get_owner(service, username)
+        has_plan_activated_users = (
+            target_owner
+            and target_owner.plan_activated_users is not None
+            and len(target_owner.plan_activated_users) > 0
+        )
+        if (
+            has_plan_activated_users
+            and user.ownerid not in target_owner.plan_activated_users
+        ):
             raise UnauthorizedGuestAccess()
 
     return await get_owner(service, username)