Conversation
And also basic test / factory update changelog: Internal, Attempts API, ServiceProviderIdentity has consented scope
This introduces linter error on too-long comments that won't stay, so ignore them for now.
| ) | ||
| end | ||
|
|
||
| # maw: come back and look at this some more. |
There was a problem hiding this comment.
now that we have backfilled the whole table, we can drop the last_estimated_consent || logic entirely
| def find_identity_with_code | ||
| return if code.blank? || code.include?("\x00") | ||
|
|
||
| # mattw: I suspect we want to change this one |
|
|
||
| def load_identity(access_token) | ||
| # mattw: Should we change this one? | ||
| identity = ServiceProviderIdentity.where(access_token: access_token).take |
| { uuid: uuid, service_provider: service_provider } | ||
| end | ||
| # mattw: Same, but I think we should change htis one | ||
| ServiceProviderIdentity.where(criteria).take |
| # mattw: This seems like a confusing use case. Used only in data_requests.rake FWIW. | ||
| User.find_by(uuid: uuid) || | ||
| ServiceProviderIdentity.find_by(uuid: uuid)&.user | ||
| ServiceProviderIdentity.consented.find_by(uuid: uuid)&.user |
There was a problem hiding this comment.
im thinking maybe we take this out for better reporting, because the agency already has the UUID
There was a problem hiding this comment.
Oh! Good catch.
There's a certain myopia that seeps in when one hyperfocuses on this stuff, it seems.
app/services/identity_linker.rb
Outdated
| @identity ||= find_or_create_identity_with_costing | ||
| end | ||
|
|
||
| # mattw: What does this have to do with costing? |
There was a problem hiding this comment.
it probably use to have a costing method but I bet we removed it, maybe we should rename this
| # mattw: I think we should change this but this breaks tests, possibly because | ||
| # the test calls user.identities and we need to change that still? | ||
| event.user. | ||
| service_providers. | ||
| merge(ServiceProviderIdentity.not_deleted). |
There was a problem hiding this comment.
| # mattw: I think we should change this but this breaks tests, possibly because | |
| # the test calls user.identities and we need to change that still? | |
| event.user. | |
| service_providers. | |
| merge(ServiceProviderIdentity.not_deleted). | |
| event.user. | |
| service_providers. | |
| merge(ServiceProviderIdentity.not_deleted). | |
| merge(ServiceProviderIdentity.consented). |
yes definitely should be here, we need to fix the tests
| # rubocop:enable Rails/InverseOf | ||
|
|
||
| scope :not_deleted, -> { where(deleted_at: nil) } | ||
| scope :consented, -> { where.not(last_consented_at: nil) } |
There was a problem hiding this comment.
I'm generally against it since it can be kind of surprising, but is this a situation for default_scope that defaults to consented identities?
The risks involved are not small, and I don't think we should commit to using it long-term, but the column is a big shift in the assumptions we can make about an identity.
There was a problem hiding this comment.
This was actually my first instinct, but a previous project I was on ran into a whole lot of trouble that ultimately convinced me it was evil.
The idea of a short-term default scope is a little tempting, though, especially with some urgency around this. What say ye, @zachmargolis?
There was a problem hiding this comment.
I've been bitten by default_scope... I think our uses cases here are mixed enough that we don't want to use that here
There was a problem hiding this comment.
I don't have any strong opinions on "short-term" but will say that I feel like saying something is short term doesn't guarantee we'll actually remove it quickly 😂
There was a problem hiding this comment.
Yeah, I'm mostly looking for safeguards to not treat users that have not consented as though they have
| ) | ||
| end | ||
|
|
||
| # Not changing; this is inbound RISC calls |
There was a problem hiding this comment.
let's remove this comment? since it's useful in the scope of this PR, but as a permanent comment, not really
| # Not changing; this is inbound RISC calls |
There was a problem hiding this comment.
it's useful in the scope of this PR, but as a permanent comment, not really
I was planning on leaving these comments in while I work, and then pulling them all out when I take this out of draft status. Right now it's a note-to-self as I go through these. Agree 💯 that it should come out before this lands, though.
| )&.uuid || | ||
| ServiceProviderIdentity.find_by( | ||
| # This changes breaks nothing | ||
| ServiceProviderIdentity.consented.find_by( | ||
| user_id: event.user.id, | ||
| service_provider: service_provider.issuer, | ||
| )&.uuid |
There was a problem hiding this comment.
honestly this code could probably be refactored to use AgencyIdentity.for instead of redoing the logic here
mitchellhenke
left a comment
mitchellhenke
left a comment
There was a problem hiding this comment.
Still taking a look into this, will revisit once we've exhausted other options!
| # rubocop:enable Rails/InverseOf | ||
|
|
||
| scope :not_deleted, -> { where(deleted_at: nil) } | ||
| scope :consented, -> { where.not(last_consented_at: nil) } |
There was a problem hiding this comment.
Dropping a "requested change" as something of a formality while we re-evaluate this set of changes internally
|
Closing this out since we're relying on session id/TID instead |
3 participants
DO NOT MERGE THIS until the IdentitiesBackfillJob has completed and we've ensured that there are no rows in prod
where deleted_at IS NULL AND last_consented at IS NULL. (At the moment this is a crude WIP anyway, but the warning remains when this is finished.)