Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Populate UserContext.SocialSecurityNumber in UserHelper #930

Merged
merged 8 commits into from
Nov 29, 2024
Merged

Populate UserContext.SocialSecurityNumber in UserHelper #930

merged 8 commits into from
Nov 29, 2024

Conversation

danielskovli
Copy link
Contributor

@danielskovli danielskovli commented Nov 27, 2024
edited
Loading

Description

The main purpose of this PR is modify the method UserHelper.GetUserContext() to populate the property UserContext.SocialSecurityNumber.

However, I found the flow of that method to be a bit hard to follow, which is the reason for the refactoring. And because those changes potentially modifies the logic of the method, I added a test.

Investigation needed?

I disagreed with the original logic for assignment of UserProfile.Party, so I changed it. At least with our test data, UserProfile.PartyId was not a good indicator to tell if UserProfile.Party contained valid information. The check now inspects UserProfile.Party?.PartyId instead.

If someone actually wants the original value, this is stored in UserProfile.UserParty anyway.

As for whether this impacts existing usage, it would be nice to get a second pair of eyes on the situation. Comparing app-lib-dotnet test data with app-localtest (for instance 1337.json), it appears that the change is beneficial to incomplete data sets (app-lib-dotnet, empty party definition) and will not affect behaviour for complete data sets (app-localtest).

After some back and forth on Slack, we have decided to leave the original Party assignment logic intact. Too many unknowns associated with this modification.

Motivation

A question was recently asked about limiting app access to a list of known national identity numbers (social security numbers): https://digdir.slack.com/archives/C079ZFUSFMW/p1732624713911909

The general recommendation was to solve this in the app code as opposed to XACML. Getting hold of the information seemed easiest with the help of UserHelper, but for some reason this did not populate the SSN field.

Another baffling question is why the national identity number is part of the Party definition and not, say, UserProfile. But I'm sure that makes sense to someone else.

Verification

  • Your code builds clean without any errors or warnings
  • Manual testing done (required)
  • Relevant automated test added (if you find this hard, leave it and we'll help out)
  • All tests run green

Documentation

  • User documentation is updated with a separate linked PR in altinn-studio-docs. (if applicable)

@danielskovli danielskovli self-assigned this Nov 27, 2024
@danielskovli danielskovli requested a review from ivarne November 27, 2024 15:15
martinothamar
martinothamar approved these changes Nov 28, 2024
View reviewed changes
Copy link
Contributor

@martinothamar martinothamar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like it, though I think over time these abstractions will be replaced with this: #880

src/Altinn.App.Core/Helpers/UserHelper.cs Outdated Show resolved Hide resolved
src/Altinn.App.Core/Helpers/UserHelper.cs Show resolved Hide resolved
test/Altinn.App.Api.Tests/TestUtils/AppBuilder.cs Outdated Show resolved Hide resolved
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
85.5% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@danielskovli danielskovli merged commit ad4193e into main Nov 29, 2024
11 checks passed
@danielskovli danielskovli deleted the chore/update-userhelper branch November 29, 2024 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinothamar martinothamar martinothamar approved these changes

@ivarne ivarne Awaiting requested review from ivarne

Assignees

@danielskovli danielskovli

Labels
ignore-for-release kind/chore
Projects
Team Apps
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@danielskovli @martinothamar