Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] Implement APD Lock and Unlock #4657

Open
7 tasks
thetif opened this issue Mar 30, 2023 · 0 comments
Open
7 tasks

[Feature] Implement APD Lock and Unlock #4657

thetif opened this issue Mar 30, 2023 · 0 comments
Assignees
@jeromeleecms @SGilliamA1M @stephanieboydcms
Labels
Development Issues for the dev team resolve large

Comments

@thetif
Copy link
Contributor

thetif commented Mar 30, 2023

Description and related issues

Add fields for lockedAt and lockedBy to the APD schema. Create constants for APD_EVENT_TYPE with APD_LOCKED and APD_UNLOCKED.

Locking
When a user calls the get APD endpoint, check to see if the lockedAt and lockedBy fields of the APD have values. If they do, then the user can got access the APD and an error message should be returned. If the fields are empty, then they should be updated with the current time and current user. An entry should also be added to the apd_events table in postgress using createEventForAPD with an APD_LOCKED event.

Unlocking
Add an endpoint to unlock an APD that calls a function to unlock an APD. It should clear out lockedAt and lockedBy in the APD. It should also call the createEventForAPD with an APD_UNLOCKED event, the metadata field can be used to save the reason for the unlock [LOGOUT, TIMEOUT, LEFT_APD, CLOSED_WINDOW] which might give interesting stats.

This new endpoint should be called by the frontend actions that track logging out, timing out, leaving an APD, or closing an APD.

Acceptance criteria

  • when a user opens an unlocked APD
    • the APD is updated with their information in the locked fields
    • the event is recorded in postgres
  • when a user attempts to open a locked APD, they receive an error message
  • when a user unlocks an APD
    • the APD is updated to have empty lockedAt and lockedBy fields
    • the event is recorded in postgres

Testing criteria

Given When Then Covered
an unlocked APD a user opens the APD the APD is updated with the current date and username and the lock even is logged
a locked APD another user attempts to open the APD an error message is returned
a locked APD the locking user logs out the APD is updated to empty out the lock fields and the unlock event is logged
a locked APD the locking user's session times out the APD is updated to empty out the lock fields and the unlock event is logged
a locked APD the locking user navigates away from the APD the APD is updated to empty out the lock fields and the unlock event is logged
a locked APD the locking user closes the window the APD is updated to empty out the lock fields and the unlock event is logged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jeromeleecms jeromeleecms

@SGilliamA1M SGilliamA1M

@stephanieboydcms stephanieboydcms

Labels
Development Issues for the dev team resolve large
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@thetif @jeromeleecms @SGilliamA1M @stephanieboydcms