Page MenuHomePhabricator

[lib] Add a function for sanitizing the state on identity actions
ClosedPublic

Authored by inka on Jan 24 2024, 5:33 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Mon, Dec 30, 12:56 AM
Unknown Object (File)
Sun, Dec 29, 4:34 PM
Subscribers

Details

Summary

issue: ENG-6424
We want to reset the state to default on identity login / logout / delete account. We want to do it in one place, to reduce the risk of accidentally not clearing some state, and leaking data.
We want to have a "white list" of fields that are not supposed to be wiped. For example commServicesAccessToken, loadingStatuses, notifPermissionAlertInfo, lifecycleState etc.

Test Plan

ran the provided test

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

inka requested review of this revision.Jan 24 2024, 5:53 AM

Reame file, remove action type chceck - I think it's better to do it in the reducer

lib/utils/reducers-utils.js
15–23 ↗(On Diff #36094)

Can you explain what's going on here? I'm a little confused... it seems like we're starting with defaultState, and then going through every key in state, and adding the value for that key only if it's supposed to be excluded

Is that backwards?

ashoat requested changes to this revision.Jan 24 2024, 12:57 PM

Unrelatedly, the term "sanitize" is already used in our codebase, with the specific meaning of cleaning up personally-identifiable user information from reports. Can you maybe pick a different verb here?

lib/utils/reducers-utils.js
15–23 ↗(On Diff #36094)

Oh, I see... the fields to exclude are the ones NOT to sanitize. Not sure this reduce is the most readable... I would probably do something more like this:

const newState = { ...defaultState };
for (const field of fieldsToExcludeFromSanitization) {
  newState[field] = state[field];
}

This also has perf benefits... we don't need to bother iterating through every key, or creating a Set

This revision now requires changes to proceed.Jan 24 2024, 12:57 PM

Simplify, update names

lib/utils/reducers-utils.js
10 ↗(On Diff #36127)

This is necessary

ashoat added inline comments.
lib/utils/reducers-utils.js
10 ↗(On Diff #36127)

I played around with this because I felt that the way you're typing it might be compromising the typechecker (it doesn't seem to be formally correct).

I was able to get things to work with this... I like the types better, but because all of the enumerated properties in BaseAppState are read-only, it prevents us from mutating newState directly.

Let me know what you think

This revision is now accepted and ready to land.Jan 25 2024, 6:28 PM
lib/utils/reducers-utils.js
10 ↗(On Diff #36127)

This seems better, thank you!