#1910 - Student profile returns SIN

[andrepestana-aot]

• Added a new DTO to contain sensitive data and changed the logic to make the student api to not bring the SIN data.
• Removed the SIN property from the student profile retrieved by the student.

Student view

Institution view

Ministry view

[andrewsignori-aot]

We probably have web dtos counterparts for these DTOs. Do they require any change also?

[andrepestana-aot]

I don't think we should change the web. In the web we are using the same DTO for all cases:

and in runtime JS doesn't complain about it:

Institution

Student

[dheepak-aot]

I see ministry student profile has SIN to it. But we can use a seperate service in Vue with different DTO for ministry and student.

[ann-aot]

then shouldn't we make sin as optional in web?

[andrewsignori-aot]

I believe that the below one can reflect both possible DTOs received from the API.

SIMS/sources/packages/web/src/services/http/StudentApi.ts

Lines 46 to 52 in 43ca26b

	async getStudentProfile(
	studentId?: number,
	): Promise<StudentProfileAPIOutDTO> {
	return this.getCall<StudentProfileAPIOutDTO>(
	this.addClientRoot(`student/${studentId ?? ""}`),
	);
	}

The service is already returning a StudentProfile that can have optional properties like SIN, as @ann-aot mentioned.

SIMS/sources/packages/web/src/services/StudentService.ts

Lines 52 to 62 in 43ca26b

	async getStudentProfile(studentId?: number): Promise<StudentProfile> {
	const { dateOnlyLongString } = useFormatters();
	const studentProfile = await ApiClient.Students.getStudentProfile(
	studentId,
	);
	const studentInfoAll: StudentProfile = {
	...studentProfile,
	birthDateFormatted: dateOnlyLongString(studentProfile.dateOfBirth),
	};
	return studentInfoAll;
	}

The StudentProfile would be something like below.

export interface StudentProfile extends StudentProfileAPIOutDTO {
  birthDateFormatted: string;
  sin?: string;
  hasRestriction?: boolean;
}

Does it make sense?

[guru-aot]

LGTM, nice work @andrepestana-aot

[sh16011993]

👍

[sh16011993]

Nice work. 👍

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[github-actions]

Backend Unit Tests Coverage Report

Totals
Statements:	17.44% ( 2205 / 12643 )
Methods:	8.1% ( 129 / 1593 )
Lines:	20.18% ( 1932 / 9573 )
Branches:	9.75% ( 144 / 1477 )

[github-actions]

E2E Queue Consumers Coverage Report

Totals
Statements:	74.93% ( 514 / 686 )
Methods:	67.47% ( 56 / 83 )
Lines:	76.96% ( 451 / 586 )
Branches:	41.18% ( 7 / 17 )

[github-actions]

E2E Workflow Workers Coverage Report

Totals
Statements:	46.73% ( 300 / 642 )
Methods:	40% ( 32 / 80 )
Lines:	51.02% ( 251 / 492 )
Branches:	24.29% ( 17 / 70 )

[github-actions]

E2E SIMS API Coverage Report

Totals
Statements:	54.9% ( 4025 / 7331 )
Methods:	51.89% ( 493 / 950 )
Lines:	59.74% ( 3269 / 5472 )
Branches:	28.93% ( 263 / 909 )

[andrewsignori-aot]

Thanks for making the changes and for the discussions. Looks good 👍

[ann-aot]

Thanks @andrepestana-aot for doing the changes and for the info 👍

[dheepak-aot]

Thanks for doing the changes 👍