Removed unncessary checks for global webhook endpoint validation setting

tdfrshv · Apr 25, 2024 · 4cb52ca · 4cb52ca
1 parent 2f7eaec
commit 4cb52ca
Showing 1 changed file with 0 additions and 76 deletions.
diff --git a/djstripe/checks.py b/djstripe/checks.py
@@ -155,82 +155,6 @@ def check_stripe_api_host(app_configs=None, **kwargs):
     return messages
 
 
-def _check_webhook_endpoint_validation(secret, messages, endpoint=None):
-    if not secret:
-        if endpoint:
-            extra_msg = f"but Webhook Endpoint: {endpoint} has no secret set"
-            secret_attr = "secret"
-        else:
-            extra_msg = "but DJSTRIPE_WEBHOOK_SECRET is not set"
-            secret_attr = "DJSTRIPE_WEBHOOK_SECRET"
-
-        messages.append(
-            checks.Info(
-                f"DJSTRIPE_WEBHOOK_VALIDATION is set to 'verify_signature' {extra_msg}",
-                hint=(
-                    f"Set {secret_attr} from Django shell or set"
-                    " DJSTRIPE_WEBHOOK_VALIDATION='retrieve_event'"
-                ),
-                id="djstripe.I006",
-            )
-        )
-    return messages
-
-
-@checks.register("djstripe")
-def check_webhook_validation(app_configs=None, **kwargs):
-    """
-    Check that DJSTRIPE_WEBHOOK_VALIDATION is valid
-    """
-    from .models import WebhookEndpoint
-    from .settings import djstripe_settings
-
-    setting_name = "DJSTRIPE_WEBHOOK_VALIDATION"
-
-    messages = []
-
-    validation_options = ("verify_signature", "retrieve_event")
-
-    if djstripe_settings.WEBHOOK_VALIDATION is None:
-        messages.append(
-            checks.Warning(
-                (
-                    "Webhook validation is disabled, this is a security risk if the "
-                    "webhook view is enabled"
-                ),
-                hint=f"Set {setting_name} to one of: {validation_options}",
-                id="djstripe.W004",
-            )
-        )
-    elif djstripe_settings.WEBHOOK_VALIDATION == "verify_signature":
-        try:
-            webhooks = list(WebhookEndpoint.objects.all())
-        except DatabaseError:
-            # Skip the db-based check (database most likely not migrated yet)
-            webhooks = []
-
-        if webhooks:
-            for endpoint in webhooks:
-                secret = endpoint.secret
-                # check secret
-                _check_webhook_endpoint_validation(secret, messages, endpoint=endpoint)
-        else:
-            secret = djstripe_settings.WEBHOOK_SECRET
-            # check secret
-            _check_webhook_endpoint_validation(secret, messages)
-
-    elif djstripe_settings.WEBHOOK_VALIDATION not in validation_options:
-        messages.append(
-            checks.Critical(
-                f"{setting_name} is invalid",
-                hint=f"Set {setting_name} to one of: {validation_options} or None",
-                id="djstripe.C007",
-            )
-        )
-
-    return messages
-
-
 @checks.register("djstripe")
 def check_webhook_endpoint_has_secret(app_configs=None, **kwargs):
     """Checks if all Webhook Endpoints have not empty secrets."""