feat: remove PII from urls (#452)

Author: zawan-ila

src/ProgramEnrollments/ProgramInspector/ProgramInspector.jsx

@@ -3,7 +3,7 @@ import { useLocation, useNavigate } from 'react-router-dom';
 import {
   Alert, Col, Row, Button, Input,
 } from '@openedx/paragon';
-import { getSsoRecords } from '../../users/data/api';
+import { getSsoRecords, getUser } from '../../users/data/api';
 import EnrollmentDetails from './EnrollmentDetails';
 import SingleSignOnRecordCard from '../../users/SingleSignOnRecordCard';
 import {
@@ -24,7 +24,8 @@ export default function ProgramInspector() {
   const [activeOrgKey, setActiveOrgKey] = useState(params.get('org_key'));
   const [orgKeyList, setOrgKeyList] = useState(undefined);
   const [externalUserKey, setExternalUserKey] = useState(params.get('external_user_key'));
-  const [clickEventCall, setClickEventCall] = useState(false);
+
+  const [query, setQuery] = useState(null);
 
   const getOrgKeyList = () => (orgKeyList
     ? orgKeyList.map((data) => ({
@@ -41,14 +42,10 @@ export default function ProgramInspector() {
       setSsoRecords([]);
       navigate('/programs');
     } else {
-      const newLink = `/programs?edx_user=${
+      const newQuery = `?edx_user=${
         username || ''
       }&org_key=${activeOrgKey}&external_user_key=${externalUserKey || ''}`;
-      if (newLink === location.pathname + location.search) {
-        setClickEventCall(!clickEventCall);
-      } else {
-        navigate(newLink);
-      }
+      setQuery(newQuery);
     }
   };
 
@@ -66,13 +63,38 @@ export default function ProgramInspector() {
         setError(response.error);
         setActiveOrgKey(response.org_keys);
         setLearnerProgramEnrollment(response.learner_program_enrollments);
-      });
+        const name = response?.learner_program_enrollments?.user?.username;
+        return name;
+      }).then((name) => getUser(name)).then((res) => {
+        navigate(`?edx_user_id=${res.id}`);
+      })
+        .catch(err => {
+          console.error(err);
+          setError('An error occurred while fetching user id');
+          navigate('/programs');
+        });
     }
   };
 
   useEffect(() => {
-    fetchInspectorData(location.search);
-  }, [location.search, clickEventCall]);
+    if (query) {
+      fetchInspectorData(query);
+    }
+  }, [query]);
+
+  useEffect(() => {
+    const userId = new URLSearchParams(location.search).get('edx_user_id');
+    if (userId) {
+      getUser(userId).then(res => {
+        setUsername(res.username);
+        setQuery(`?edx_user=${res.username}&org_key=${activeOrgKey}&external_user_key=${externalUserKey}`);
+      }).catch(err => {
+        console.error(err);
+        setError('An error occurred while fetching user id');
+        navigate('/programs');
+      });
+    }
+  }, []);
 
   useEffect(() => {
     if (!orgKeyList) {

src/ProgramEnrollments/ProgramInspector/ProgramInspector.test.jsx

@@ -11,9 +11,10 @@ import {
   programInspectorErrorResponse,
 } from './data/test/programInspector';
 import ssoRecordsData from '../../users/data/test/ssoRecords';
-import * as ssoApi from '../../users/data/api';
+import * as ssoAndUserApi from '../../users/data/api';
 import samlProvidersResponseValues from './data/test/samlProviders';
 import verifiedNameHistory from '../../users/data/test/verifiedNameHistory';
+import UserSummaryData from '../../users/data/test/userSummary';
 
 const mockedNavigator = jest.fn();
 
@@ -23,7 +24,7 @@ jest.mock('react-router-dom', () => ({
 }));
 
 const ProgramEnrollmentsWrapper = () => (
-  <MemoryRouter initialEntries={['/programs?edx_user=&org_key=&external_user_key=']}>
+  <MemoryRouter initialEntries={['/programs?edx_user_id=123']}>
     <IntlProvider locale="en">
       <UserMessagesProvider>
         <ProgramInspector />
@@ -38,6 +39,7 @@ describe('Program Inspector', () => {
   let samlMock;
   let ssoMock;
   let verifiedNameMock;
+  let getUserMock;
 
   const data = {
     username: 'verified',
@@ -47,14 +49,17 @@ describe('Program Inspector', () => {
 
   beforeEach(() => {
     ssoMock = jest
-      .spyOn(ssoApi, 'getSsoRecords')
+      .spyOn(ssoAndUserApi, 'getSsoRecords')
       .mockImplementationOnce(() => Promise.resolve(ssoRecordsData));
     samlMock = jest
       .spyOn(api, 'getSAMLProviderList')
       .mockImplementationOnce(() => Promise.resolve(samlProvidersResponseValues));
     verifiedNameMock = jest
-      .spyOn(ssoApi, 'getVerifiedNameHistory')
+      .spyOn(ssoAndUserApi, 'getVerifiedNameHistory')
       .mockImplementationOnce(() => Promise.resolve(verifiedNameHistory));
+    getUserMock = jest
+      .spyOn(ssoAndUserApi, 'getUser')
+      .mockImplementation(() => Promise.resolve(UserSummaryData.userData));
     jest.clearAllMocks();
   });
 
@@ -68,6 +73,7 @@ describe('Program Inspector', () => {
     samlMock.mockReset();
     ssoMock.mockReset();
     verifiedNameMock.mockReset();
+    getUserMock.mockReset();
   });
 
   it('default render', async () => {
@@ -78,14 +84,15 @@ describe('Program Inspector', () => {
 
     const usernameInput = wrapper.find("input[name='username']");
     const externalKeyInput = wrapper.find("input[name='externalKey']");
-    expect(usernameInput.prop('defaultValue')).toEqual('');
-    expect(externalKeyInput.prop('defaultValue')).toEqual('');
+    expect(usernameInput.prop('defaultValue')).toEqual(undefined);
+    expect(externalKeyInput.prop('defaultValue')).toEqual(undefined);
   });
 
   it('render when username', async () => {
     apiMock = jest
       .spyOn(api, 'getProgramEnrollmentsInspector')
-      .mockImplementationOnce(() => Promise.resolve(programInspectorSuccessResponse));
+      .mockImplementation(() => Promise.resolve(programInspectorSuccessResponse));
+
     wrapper = mount(<ProgramEnrollmentsWrapper />);
 
     wrapper.find("input[name='username']").simulate(
@@ -98,9 +105,12 @@ describe('Program Inspector', () => {
     );
     wrapper.find('button.btn-primary').simulate('click');
 
-    expect(mockedNavigator).toHaveBeenCalledWith(
-      `/programs?edx_user=${data.username}&org_key=${data.orgKey}&external_user_key=`,
-    );
+    await waitFor(() => {
+      expect(mockedNavigator).toHaveBeenCalledWith(
+        `?edx_user_id=${UserSummaryData.userData.id}`,
+      );
+    });
+
     waitFor(() => {
       expect(wrapper.find('.inspector-name-row p.h5').at(0).text()).toEqual(
         'Username',
@@ -120,7 +130,7 @@ describe('Program Inspector', () => {
   it('render when external_user_key', async () => {
     apiMock = jest
       .spyOn(api, 'getProgramEnrollmentsInspector')
-      .mockImplementationOnce(() => Promise.resolve(programInspectorSuccessResponse));
+      .mockImplementation(() => Promise.resolve(programInspectorSuccessResponse));
     wrapper = mount(<ProgramEnrollmentsWrapper />);
 
     wrapper.find(
@@ -137,9 +147,12 @@ describe('Program Inspector', () => {
     );
     wrapper.find('button.btn-primary').simulate('click');
 
-    expect(mockedNavigator).toHaveBeenCalledWith(
-      `/programs?edx_user=&org_key=${data.orgKey}&external_user_key=${data.externalKey}`,
-    );
+    await waitFor(() => {
+      expect(mockedNavigator).toHaveBeenCalledWith(
+        `?edx_user_id=${UserSummaryData.userData.id}`,
+      );
+    });
+
     waitFor(() => {
       expect(wrapper.find('.inspector-name-row p.h5').at(0).text()).toEqual(
         'Username',
@@ -188,6 +201,37 @@ describe('Program Inspector', () => {
     expect(wrapper.find('.inspector-name-row').exists()).toBeFalsy();
   });
 
+  it('render when getUser fails', async () => {
+    apiMock = jest
+      .spyOn(api, 'getProgramEnrollmentsInspector')
+      .mockImplementation(() => Promise.resolve(programInspectorSuccessResponse));
+
+    getUserMock = jest
+      .spyOn(ssoAndUserApi, 'getUser')
+      .mockImplementation(() => Promise.reject(new Error('Error fetching User Info')));
+
+    wrapper = mount(<ProgramEnrollmentsWrapper />);
+
+    await waitFor(() => {
+      wrapper.update();
+      expect(wrapper.find('Alert').at(0).text()).toEqual('An error occurred while fetching user id');
+    });
+
+    wrapper.find(
+      "input[name='username']",
+    ).simulate(
+      'change',
+      { target: { value: 'AnonyMouse' } },
+    );
+    wrapper.find('button.btn-primary').simulate('click');
+
+    await waitFor(() => {
+      wrapper.update();
+      expect(wrapper.find('Alert').at(0).text()).toEqual('An error occurred while fetching user id');
+      expect(mockedNavigator).toHaveBeenCalledTimes(2);
+    });
+  });
+
   it('check if SSO is present', async () => {
     apiMock = jest
       .spyOn(api, 'getProgramEnrollmentsInspector')

src/users/UserPage.jsx

@@ -1,6 +1,6 @@
 import { camelCaseObject } from '@edx/frontend-platform';
 import React, {
-  useCallback, useContext, useEffect, useState, useLayoutEffect,
+  useCallback, useContext, useEffect, useState,
 } from 'react';
 import { useLocation, useNavigate } from 'react-router-dom';
 import PageLoading from '../components/common/PageLoading';
@@ -11,10 +11,9 @@ import { isEmail, isValidUsername, isValidLMSUserID } from '../utils/index';
 import { getAllUserData } from './data/api';
 import UserSearch from './UserSearch';
 import LearnerInformation from './LearnerInformation';
-import { LEARNER_INFO_TAB, TAB_PATH_MAP } from '../SupportToolsTab/constants';
+import { TAB_PATH_MAP } from '../SupportToolsTab/constants';
 import CancelRetirement from './account-actions/CancelRetirement';
 
-// Supports urls such as /users/?username={username}, /users/?email={email} and /users/?lms_user_id={lms_user_id}
 export default function UserPage() {
   const location = useLocation();
   const navigate = useNavigate();
@@ -45,19 +44,13 @@ export default function UserPage() {
     }
   }
 
-  function getUpdatedURL(value) {
-    const updatedHistory = `${TAB_PATH_MAP['learner-information']}/?PARAM_NAME=${value}`;
-    let identifierType = '';
+  function getUpdatedURL(result) {
+    const lmsId = result?.user?.id;
 
-    if (isEmail(value)) {
-      identifierType = 'email';
-    } else if (isValidLMSUserID(value)) {
-      identifierType = 'lms_user_id';
-    } else if (isValidUsername(value)) {
-      identifierType = 'username';
+    if (lmsId) {
+      return `${TAB_PATH_MAP['learner-information']}/?lms_user_id=${lmsId}`;
     }
-
-    return updatedHistory.replace('PARAM_NAME', identifierType);
+    return `${TAB_PATH_MAP['learner-information']}`;
   }
 
   function processSearchResult(searchValue, result) {
@@ -69,7 +62,7 @@ export default function UserPage() {
       navigate(`${TAB_PATH_MAP['learner-information']}`, { replace: true });
       document.title = 'Support Tools | edX';
     } else {
-      pushHistoryIfChanged(getUpdatedURL(searchValue));
+      pushHistoryIfChanged(getUpdatedURL(result));
       document.title = `Support Tools | edX | ${searchValue}`;
     }
 
@@ -137,16 +130,7 @@ export default function UserPage() {
     } else if (params.get('lms_user_id') && params.get('lms_user_id') !== userIdentifier) {
       handleFetchSearchResults(params.get('lms_user_id'));
     }
-  }, [params.get('username'), params.get('email'), params.get('lms_user_id')]);
-
-  // To change the url with appropriate query param if query param info is not present in URL
-  useLayoutEffect(() => {
-    if (userIdentifier
-      && location.pathname.indexOf(TAB_PATH_MAP[LEARNER_INFO_TAB]) !== -1
-      && !(params.get('email') || params.get('username') || params.get('lms_user_id'))) {
-      pushHistoryIfChanged(getUpdatedURL(userIdentifier));
-    }
-  });
+  }, []);
 
   return (
     <main className="mt-3 mb-5">

src/users/UserPage.test.jsx

@@ -0,0 +1,65 @@
+import { mount } from 'enzyme';
+import React from 'react';
+import { MemoryRouter } from 'react-router-dom';
+import { IntlProvider } from '@edx/frontend-platform/i18n';
+import { waitFor } from '@testing-library/react';
+import UserMessagesProvider from '../userMessages/UserMessagesProvider';
+import UserPage from './UserPage';
+import * as ssoAndUserApi from './data/api';
+import UserSummaryData from './data/test/userSummary';
+import verifiedNameHistoryData from './data/test/verifiedNameHistory';
+import onboardingStatusData from './data/test/onboardingStatus';
+import { entitlementsData } from './data/test/entitlements';
+import enterpriseCustomerUsersData from './data/test/enterpriseCustomerUsers';
+import { enrollmentsData } from './data/test/enrollments';
+import ssoRecordsData from './data/test/ssoRecords';
+import licensesData from './data/test/licenses';
+
+const mockedNavigator = jest.fn();
+
+jest.mock('react-router-dom', () => ({
+  ...jest.requireActual('react-router-dom'),
+  useNavigate: () => mockedNavigator,
+}));
+
+const UserPageWrapper = () => (
+  <MemoryRouter>
+    <IntlProvider locale="en">
+      <UserMessagesProvider>
+        <UserPage />
+      </UserMessagesProvider>
+    </IntlProvider>
+  </MemoryRouter>
+);
+
+describe('User Page', () => {
+  let wrapper;
+  let mockedGetUserData;
+  beforeEach(() => {
+    mockedGetUserData = jest.spyOn(ssoAndUserApi, 'getAllUserData').mockImplementation(() => Promise.resolve({ user: UserSummaryData.userData, errors: [] }));
+    jest.spyOn(ssoAndUserApi, 'getVerifiedNameHistory').mockImplementation(() => Promise.resolve(verifiedNameHistoryData));
+    jest.spyOn(ssoAndUserApi, 'getEnrollments').mockImplementation(() => Promise.resolve(enrollmentsData));
+    jest.spyOn(ssoAndUserApi, 'getOnboardingStatus').mockImplementation(() => Promise.resolve(onboardingStatusData));
+    jest.spyOn(ssoAndUserApi, 'getSsoRecords').mockImplementation(() => Promise.resolve(ssoRecordsData));
+    jest.spyOn(ssoAndUserApi, 'getLicense').mockImplementation(() => Promise.resolve(licensesData));
+    jest.spyOn(ssoAndUserApi, 'getEntitlements').mockImplementation(() => Promise.resolve(entitlementsData));
+    jest.spyOn(ssoAndUserApi, 'getEnterpriseCustomerUsers').mockImplementation(() => Promise.resolve(enterpriseCustomerUsersData));
+
+    jest.clearAllMocks();
+  });
+
+  it('default render', async () => {
+    wrapper = mount(<UserPageWrapper />);
+    wrapper.find(
+      "input[name='userIdentifier']",
+    ).instance().value = 'AnonyMouse';
+    wrapper.find('.btn.btn-primary').simulate('click');
+
+    await waitFor(() => {
+      expect(mockedNavigator).toHaveBeenCalledWith(
+        `/learner_information/?lms_user_id=${UserSummaryData.userData.id}`,
+      );
+      expect(mockedGetUserData).toHaveBeenCalled();
+    });
+  });
+});