fix: Relax Hubspot cookie tracking (#4905)

Flagsmith · Dec 10, 2024 · 4f20e5a · 4f20e5a
1 parent f97c56f
commit 4f20e5a
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 5 deletions.
diff --git a/api/integrations/lead_tracking/hubspot/services.py b/api/integrations/lead_tracking/hubspot/services.py
@@ -12,18 +12,26 @@ def register_hubspot_tracker(request: Request) -> None:
     hubspot_cookie = request.data.get(HUBSPOT_COOKIE_NAME)
 
     if not hubspot_cookie:
+        logger.info(f"Request did not included Hubspot data for user {request.user.id}")
+        return
+
+    if (
+        HubspotTracker.objects.filter(hubspot_cookie=hubspot_cookie)
+        .exclude(user=request.user)
+        .exists()
+    ):
         logger.info(
-            f"Request did not included Hubspot data for user {request.user.email}"
+            f"HubspotTracker could not be created for user {request.user.id}"
+            f" due to cookie conflict with cookie {hubspot_cookie}"
         )
         return
 
-    logger.info(
-        f"Creating HubspotTracker instance for user {request.user.email} with cookie {hubspot_cookie}"
-    )
-
     HubspotTracker.objects.update_or_create(
         user=request.user,
         defaults={
             "hubspot_cookie": hubspot_cookie,
         },
     )
+    logger.info(
+        f"Created HubspotTracker instance for user {request.user.id} with cookie {hubspot_cookie}"
+    )
diff --git a/api/tests/unit/organisations/test_unit_organisations_views.py b/api/tests/unit/organisations/test_unit_organisations_views.py
@@ -135,6 +135,40 @@ def test_non_superuser_can_create_new_organisation_by_default(
     assert HubspotTracker.objects.filter(user=staff_user).exists()
 
 
+def test_colliding_hubspot_cookies_are_ignored(
+    staff_client: APIClient,
+    staff_user: FFAdminUser,
+    admin_user: FFAdminUser,
+) -> None:
+    # Given
+    org_name = "Test create org"
+    webhook_notification_email = "[email protected]"
+    url = reverse("api-v1:organisations:organisation-list")
+    colliding_cookie = "test_cookie_tracker"
+    HubspotTracker.objects.create(
+        user=admin_user,
+        hubspot_cookie=colliding_cookie,
+    )
+    data = {
+        "name": org_name,
+        "webhook_notification_email": webhook_notification_email,
+        HUBSPOT_COOKIE_NAME: colliding_cookie,
+    }
+
+    assert not HubspotTracker.objects.filter(user=staff_user).exists()
+
+    # When
+    response = staff_client.post(url, data=data)
+
+    # Then
+    assert response.status_code == status.HTTP_201_CREATED
+    assert (
+        Organisation.objects.get(name=org_name).webhook_notification_email
+        == webhook_notification_email
+    )
+    assert not HubspotTracker.objects.filter(user=staff_user).exists()
+
+
 @override_settings(RESTRICT_ORG_CREATE_TO_SUPERUSERS=True)
 def test_create_new_orgnisation_returns_403_with_non_superuser(
     staff_client: APIClient,