Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: open-craft/edx-enterprise
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: b74eb6f314ef0e88876962002ec88de8803f6ddb
Choose a base ref
..
head repository: open-craft/edx-enterprise
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 87c69f5796d0634105b59435b580ebbb0bef023d
Choose a head ref
Showing with 11 additions and 2 deletions.
  1. +3 −0 enterprise/api/v1/views.py
  2. +8 −2 tests/test_enterprise/api/test_views.py
3 changes: 3 additions & 0 deletions enterprise/api/v1/views.py
Original file line number Diff line number Diff line change
@@ -531,6 +531,9 @@ def algolia_key(self, request, *args, **kwargs):
"""
Returns an Algolia API key that is secured to only allow searching for
objects associated with enterprise customers that the user is linked to.
This endpoint is used with `frontend-app-learner-portal-enterprise` MFE
currently.
"""

if not (api_key := getattr(settings, "ENTERPRISE_ALGOLIA_SEARCH_API_KEY", "")):
10 changes: 8 additions & 2 deletions tests/test_enterprise/api/test_views.py
Original file line number Diff line number Diff line change
@@ -1677,14 +1677,19 @@ def test_algolia_key(self):
Tests that the endpoint algolia_key endpoint returns the correct secured key.
"""

# Test that the endpoint returns 401 if the user is not logged in.
self.client.logout()
response = self.client.get(ENTERPRISE_CUSTOMER_ALGOLIA_KEY_ENDPOINT)
assert response.status_code == status.HTTP_401_UNAUTHORIZED

username = 'test_learner_portal_user'
self.create_user(username=username, is_staff=False)
self.client.login(username=username, password=TEST_PASSWORD)

# Test that the endpoint returns 500 if the Algolia Search API key is not set.
# Test that the endpoint returns 404 if the Algolia Search API key is not set.
with override_settings(ENTERPRISE_ALGOLIA_SEARCH_API_KEY=None):
response = self.client.get(ENTERPRISE_CUSTOMER_ALGOLIA_KEY_ENDPOINT)
assert response.status_code == status.HTTP_500_INTERNAL_SERVER_ERROR
assert response.status_code == status.HTTP_404_NOT_FOUND

# Test that the endpoint returns 404 if the user is not linked to any enterprise.
response = self.client.get(ENTERPRISE_CUSTOMER_ALGOLIA_KEY_ENDPOINT)
@@ -1693,6 +1698,7 @@ def test_algolia_key(self):
# Test that the endpoint returns 200 if the user is linked to at least one enterprise.
enterprise_customer_1 = factories.EnterpriseCustomerFactory(uuid=FAKE_UUIDS[0])
enterprise_customer_2 = factories.EnterpriseCustomerFactory(uuid=FAKE_UUIDS[1])
factories.EnterpriseCustomerFactory(uuid=FAKE_UUIDS[2]) # extra unlinked enterprise

factories.EnterpriseCustomerUserFactory(
user_id=self.user.id,