GitLab user signature appears Authorized at corporate cla console while user terminated ecla process at docu-singed stage

[thakurveerendras]

Summary

GitLab user signature appears Authorized at corporate cla console while user terminated ecla process at docu-singed stage

Background

1. Login CD & PCC
2. Add GitLab user under approval list
3. Create GitLab MR
4. Click on Please click here to be authorized. options
5. Chose process as Corporate Contributor
6. Search company say Infosys Limited
7. See-ICLA required appears
8. Process next & terminate process at docusigned page

MR : https://gitlab.com/childearthgroup/project1/-/merge_requests/1

Actual behavior

GitLab user signature appears Authorized at corporate cla console while user terminated ecla process at docu-singed stage

Expected behavior

User should not Authorized on above case, working fine at PCC signature table

Screenshots

[umeshlumbhani247]

@thakurveerendras
Is it still reproducible ? Please confirm it.
On our call, we could not get the similar issue.

[thakurveerendras]

MR : https://gitlab.com/gitlabcommenttest/repo/-/merge_requests/7
Issue : #3937
Current behavior : Contributor records not created when user performed ECLA process

[umeshlumbhani247]

@thakurveerendras
According to our call, I could generate duplicate case and working on it.

[umeshlumbhani247]

@thakurveerendras
I found another issue, While going to sign CLA, getting below error:
problem initiating sign request for :{HTTPRequest:0xc001d13100 XREQUESTID:0xc00070d880 GitlabRepositoryID:44953039 MergeRequestID:9 OrganizationID:bf020d98-b195-450b-9750-ee3f88523e8d}

Please find below ss:

[umeshlumbhani247]

@thakurveerendras
I have investigated in both, gitlab as well as github too. In both side, I could observed same behaviour in both.
On backend side, it's giving proper response. No any issue is there, we need to handle this from front end side.
In Current implementation we have handled last-signature API response only, if it's null then it shows prompt box and proceed for ICLA signature which is expected, but while getting response from last-signature API, then also need to validate flag : "requires_resigning"
Please find below screenshot for more information.

@amolsontakke3576 Can you look at this issue ?

[amolsontakke3576]

@umeshlumbhani247 I have tested the flow and when user declined ICLA docusign (by hitting back button from docusign page without completing the submission) and tried again to signing, I got requires_resigning flag false but ideally it should be true

[thakurveerendras]

Confirmed requires_resigning: false & signature_approved: true on API response, @umeshlumbhani247 kindly review it

{
"auto_create_ecla": false,
"date_created": "2023-06-23T11:27:59.256137+0000",
"date_modified": "2023-06-23T11:28:39.410237+0000",
"domain_whitelist": null,
"email_whitelist": null,
"github_org_whitelist": null,
"github_whitelist": null,
"gitlab_org_approval_list": null,
"gitlab_username_approval_list": null,
"note": null,
"signatory_name": null,
"signature_acl": [
"gitlab:9810034"
],
"signature_approved": true,
"signature_callback_url": "https://api.lfcla.dev.platform.linuxfoundation.org/v2/signed/gitlab/individual/b76d0cb3-d1da-11ed-8d48-7e99d773176c/d9680751-31ac-444c-aba6-39f0dadd2aca/44684682/7",
"signature_company_initial_manager_email": null,
"signature_company_initial_manager_id": null,
"signature_company_initial_manager_name": null,
"signature_company_secondary_manager_list": null,
"signature_company_signatory_email": null,
"signature_company_signatory_id": null,
"signature_company_signatory_name": null,
"signature_document_major_version": "2",
"signature_document_minor_version": "1",
"signature_envelope_id": "cdcee42e-dc19-4dc5-80a0-a076fcb18675",
"signature_external_id": null,
"signature_id": "a9d8dcba-b3be-4a30-ac2f-f7c368c21238",
"signature_project_external_id": null,
"signature_project_id": "01af041c-fa69-4052-a23c-fb8c1d3bef24",
"signature_reference_id": "b76d0cb3-d1da-11ed-8d48-7e99d773176c",
"signature_reference_name": "vthakur singh",
"signature_reference_name_lower": "vthakur singh",
"signature_reference_type": "user",
"signature_return_url": "https://gitlab.com/gitlabcommenttest/repo/-/merge_requests/7",
"signature_return_url_type": "Gitlab",
"signature_sign_url": "https://demo.docusign.net/Signing/MTRedeem/v1/ad5ddfde-6163-463f-8ad8-0d91832d7055?slt=eyJ0eXAiOiJNVCIsImFsZyI6IlJTMjU2Iiwia2lkIjoiNjgxODVmZjEtNGU1MS00Y2U5LWFmMWMtNjg5ODEyMjAzMzE3In0.AQYAAAABAAMABwCAzbv93HPbSAgAgG3NhP5z20gYAAEAAAAAAAAAIQC9AgAAeyJUb2tlbklkIjoiYzMyZjkwZDAtOGYyMy00MzZhLWFlNTctN2Q1MDgxZGRkZjAxIiwiRXhwaXJhdGlvbiI6IjIwMjMtMDYtMjNUMTE6MzM6MzkrMDA6MDAiLCJJc3N1ZWRBdCI6IjIwMjMtMDYtMjNUMTE6Mjg6MzkuMzI3ODc4NyswMDowMCIsIlJlc291cmNlSWQiOiJjZGNlZTQyZS1kYzE5LTRkYzUtODBhMC1hMDc2ZmNiMTg2NzUiLCJSZXNvdXJjZXMiOiJ7XCJFbnZlbG9wZUlkXCI6XCJjZGNlZTQyZS1kYzE5LTRkYzUtODBhMC1hMDc2ZmNiMTg2NzVcIixcIkFjdG9yVXNlcklkXCI6XCJhMjYyZWRiMy1mN2YzLTQ5ZTUtYmVkNy00YTNkZjYzNTc2MGRcIixcIlJlY2lwaWVudElkXCI6XCI5NWExY2UzOS05ODFhLTRlYTMtOGM0Zi04N2Q0ODUxODFhZDRcIixcIkZha2VRdWVyeVN0cmluZ1wiOlwidD0wZmU5Y2YwZi05ODRhLTRiNmUtYjM5Mi1kZjJhYTg2ZjMzNTJcIixcIkludGVncmF0b3JLZXlcIjpcIjZlODQwMmNjLTg5ZGEtNGMwMi04NzY0LWU1MjE2N2JjNmRhMFwifSIsIlRva2VuVHlwZSI6MSwiQXVkaWVuY2UiOiIyNWUwOTM5OC0wMzQ0LTQ5MGMtOGU1My0zYWIyY2E1NjI3YmYiLCJSZWRpcmVjdFVyaSI6Imh0dHBzOi8vZGVtby5kb2N1c2lnbi5uZXQvU2lnbmluZy9TdGFydEluU2Vzc2lvbi5hc3B4IiwiSGFzaEFsZ29yaXRobSI6MCwiSGFzaFJvdW5kcyI6MCwiVG9rZW5TdGF0dXMiOjAsIklzU2luZ2xlVXNlIjpmYWxzZX0_AACV86_dc9tI.aZhXqCAuW7Prj7SGfqaXqyOizkf3pIJiq--9XOW3FiXGJgxZaWgj1Z-SvBeWZh10622ouQd-bqEpuk75EJoxNfYnFCykXGggofac1mLTWvCDcwlYrUghfAkD2P6H7kxIK61e-LBEWKTOIOT5sxCH_YJ43h04QfaBJGk5dKS98_rrjEwjkXcT6gmCOaIZrlxtEOKGoW0vbMNyLW5j9QWvlYkJDy2Tc9Wg7eAEaT4mVwW-AzwMDc3TPnfR_9sQLGfEKetIPu-cPfFcC-5NapYiBo9-f_xmubX80Lpl11StIcsBMvqETRVViYATCKo7n3zRyHH_mLijyZxgsXKxLeawlA",
"signature_signed": false,
"signature_type": "cla",
"signature_user_ccla_company_id": null,
"signed_on": null,
"signing_entity_name": null,
"sigtype_signed_approved_id": "icla#false#true#b76d0cb3-d1da-11ed-8d48-7e99d773176c",
"user_docusign_date_signed": null,
"user_docusign_name": null,
"user_email": "vthakur@contractor.linuxfoundation.org",
"user_github_username": null,
"user_lf_username": null,
"user_name": "vthakur singh",
"version": "v1",
"latest_document_major_version": "2",
"latest_document_minor_version": "1",
"requires_resigning": false
}

[thakurveerendras]

Hi @umeshlumbhani247
Now Authorized appears when user close docu-signed prompt ,
Refer video clip :

3937.mp4

[umeshlumbhani247]

@thakurveerendras
You are looking at ECLA contributor acknowledgement , which is authorised because ECLA is signed and approved by default as you have added gitlab username in a approved contributor list. But here your CLA group required ECLA as well as ICLA so your PR seems blocked. While in CD , It is showing authorised because it's ECLA record only.
CC: @nickmango

[thakurveerendras]

Hello @dealako , @jarias-lfx
Requesting you to review issue #3937 & let us know the desired behavior
CC: @mlehotskylf