Stripe Config Update to match fidesplus (#5718)

Co-authored-by: Adrian Galvan <adrian@ethyca.com>

data/saas/config/stripe_config.yml

@@ -4,7 +4,7 @@ saas_config:
   type: stripe
   user_guide: https://docs.ethyca.com/user-guides/integrations/saas-integrations/stripe
   description: A sample schema representing the Stripe connector for Fides
-  version: 0.0.6
+  version: 0.0.9
 
   connector_params:
     - name: domain

data/saas/dataset/stripe_dataset.yml

@@ -67,6 +67,11 @@ dataset:
             data_categories: [user.contact.email]
             fidesops_meta:
               data_type: string
+              masking_strategy_override:
+                strategy: random_string_rewrite
+                configuration:
+                  format_preservation:
+                    suffix: "+masked@ethyca.com"
           - name: invoice_prefix
             data_categories: [system.operations]
           - name: invoice_settings
@@ -89,6 +94,8 @@ dataset:
             data_categories: [user.contact.phone_number]
             fidesops_meta:
               data_type: string
+              masking_strategy_override:
+                strategy: null_rewrite
           - name: preferred_locales
             data_categories: [user]
             fidesops_meta:
@@ -183,6 +190,11 @@ dataset:
                 data_categories: [user.contact.email]
                 fidesops_meta:
                   data_type: string
+                  masking_strategy_override:
+                    strategy: random_string_rewrite
+                    configuration:
+                      format_preservation:
+                        suffix: "+masked@ethyca.com"
               - name: name
                 data_categories: [user.name]
                 fidesops_meta:
@@ -289,6 +301,11 @@ dataset:
             data_categories: [user.contact.email]
             fidesops_meta:
               data_type: string
+              masking_strategy_override:
+                strategy: random_string_rewrite
+                configuration:
+                  format_preservation:
+                    suffix: "+masked@ethyca.com"
           - name: receipt_number
             data_categories: [system.operations]
           - name: receipt_url
@@ -421,6 +438,11 @@ dataset:
                 data_categories: [user.contact.email]
                 fidesops_meta:
                   data_type: string
+                  masking_strategy_override:
+                    strategy: random_string_rewrite
+                    configuration:
+                      format_preservation:
+                        suffix: "+masked@ethyca.com"
               - name: customer_name
                 data_categories: [user.name]
                 fidesops_meta:
@@ -559,6 +581,11 @@ dataset:
             data_categories: [user.contact.email]
             fidesops_meta:
               data_type: string
+              masking_strategy_override:
+                strategy: random_string_rewrite
+                configuration:
+                  format_preservation:
+                    suffix: "+masked@ethyca.com"
           - name: review
             data_categories: [system.operations]
           - name: setup_future_usage
@@ -634,6 +661,7 @@ dataset:
                     data_categories: [user.contact.address.country]
                     fidesops_meta:
                       data_type: string
+                      read_only: true
                   - name: line1
                     data_categories: [user.contact.address.street]
                     fidesops_meta:
@@ -654,6 +682,11 @@ dataset:
                 data_categories: [user.contact.email]
                 fidesops_meta:
                   data_type: string
+                  masking_strategy_override:
+                    strategy: random_string_rewrite
+                    configuration:
+                      format_preservation:
+                        suffix: "+masked@ethyca.com"
               - name: name
                 data_categories: [user.name]
                 fidesops_meta:
@@ -734,6 +767,7 @@ dataset:
             data_categories: [user.contact.address.country]
             fidesops_meta:
               data_type: string
+              read_only: True
           - name: currency
             data_categories: [system.operations]
           - name: customer
@@ -1041,6 +1075,11 @@ dataset:
             data_categories: [user.contact.email]
             fidesops_meta:
               data_type: string
+              masking_strategy_override:
+                strategy: random_string_rewrite
+                configuration:
+                  format_preservation:
+                    suffix: "+masked@ethyca.com"
           - name: customer_name
             data_categories: [user.name]
             fidesops_meta:

tests/fixtures/saas/stripe_fixtures.py

@@ -367,13 +367,12 @@ def delete_subscription(self, subscription_id):
             headers=self.headers,
         )
 
-    def get_customer(self, email):
+    def get_customer(self, id):
         response = requests.get(
-            url=f"{self.base_url}/v1/customers",
+            url=f"{self.base_url}/v1/customers/{id}",
             headers=self.headers,
-            params={"email": email},
         )
-        customer = response.json()["data"][0]
+        customer = response.json()
         return customer
 
     def get_card(self, customer_id):
@@ -513,7 +512,7 @@ def stripe_create_data(
         stripe_test_client, generate_random_email(), generate_random_phone_number()
     )
 
-    yield
+    yield customer
 
     for data in [customer, random_customer]:
         stripe_test_client.delete_customer(data["customer_id"])

tests/ops/integration_tests/saas/test_stripe_task.py

@@ -143,7 +143,7 @@ async def test_non_strict_erasure_request_with_email(
         policy: Policy,
         dsr_version,
         request,
-        erasure_policy_string_rewrite,
+        erasure_policy_all_categories,
         stripe_identity_email,
         stripe_test_client,
         stripe_create_data,
@@ -153,12 +153,18 @@ async def test_non_strict_erasure_request_with_email(
 
         dataset_name = stripe_runner.dataset_config.fides_key
 
+        generated_customer = stripe_create_data
+        customer_id = generated_customer["customer_id"]
+
+        customer = stripe_test_client.get_customer(customer_id)
+        customer_name = customer["shipping"]["name"]
+
         (
             _,
             erasure_results,
         ) = await stripe_runner.non_strict_erasure_request(
             access_policy=policy,
-            erasure_policy=erasure_policy_string_rewrite,
+            erasure_policy=erasure_policy_all_categories,
             identities={"email": stripe_identity_email},
         )
 
@@ -180,9 +186,8 @@ async def test_non_strict_erasure_request_with_email(
         }
 
         # customer
-        customer = stripe_test_client.get_customer(stripe_identity_email)
-        customer_id = customer["id"]
-        assert customer["shipping"]["name"] == "MASKED"
+        customer = stripe_test_client.get_customer(customer_id)
+        assert customer["shipping"]["name"] != customer_name
 
         # card
         cards = stripe_test_client.get_card(customer_id)
@@ -191,11 +196,11 @@ async def test_non_strict_erasure_request_with_email(
         # payment method
         payment_methods = stripe_test_client.get_payment_method(customer_id)
         for payment_method in payment_methods:
-            assert payment_method["billing_details"]["name"] == "MASKED"
+            assert payment_method["billing_details"]["name"] != customer_name
 
         # bank account
         bank_account = stripe_test_client.get_bank_account(customer_id)
-        assert bank_account["account_holder_name"] == "MASKED"
+        assert bank_account["account_holder_name"] != customer_name
 
         # tax_id
         tax_ids = stripe_test_client.get_tax_ids(customer_id)