Warn offline users before replicating too many docs

[dianabarsan]

Description

Adds /api/v1/users-info endpoint which

• returns the number of docs a user will replicate and a warn flag if this number exceeds the recommended limit.
• when queried as an offline user, returns the requester doc count.
• when queried as an online user, requires facility_id and role params, plus an optional contact_id param (either GET or POST).
• is queried as a new step in webapp bootstrapper. When resulting warn flag is truthy, the user has to confirm to actually continue bootstrapping and start replication. Cancelling redirects to login.
• is queried as a new step in admin user creation/updating. When resulting warn flag is truthy, a warning message is displayed. The admin would need to click on "Submit" the 2nd time to actually create or update the user document.

Once an hour, API will log warnings of users that have replicated more than 10 000 docs.
Updates webapp bootstrapper to display correct doc count progression, even when interrupted.

#5362

Code review items

• Readable: Concise, well named, follows the style guide, documented if necessary.
• Documented: Configuration and user documentation on medic-docs
• Tested: Unit and/or e2e where appropriate
• Internationalised: All user facing text
• Backwards compatible: Works with existing data and configuration or includes a migration. Any breaking changes documented in Changes.md.

License

The software is provided under AGPL-3.0. Contributions to this project are accepted under the same license.

[dianabarsan]

@garethbowen could you, please, have a look? Thank you!

[garethbowen]

Epic! Great work.

Comments inline.

Were you planning to call this API from medic-conf too?

It's worth documenting this API in our api docs.

[garethbowen]

It'd be good to have some code reuse between this and isOnlineOnly - they do the exact opposite thing I think?

Maybe change isOnlineOnly to take an array of roles?

[dianabarsan]

Well, they don't do the exact opposite thing.
isOnlineOnly checks for the mm-online flag-role in a provided role list part of a userCtx, regardless of roles config, while isOffline checks config to see if the provided roles are configured as offline.
Do you think it would be more correct for isOnlineOnly to check config - and the mm-online flag to only be useful in webapp while bootstrapping?

[garethbowen]

Do you think it would be more correct for isOnlineOnly to check config - and the mm-online flag to only be useful in webapp while bootstrapping?

Yes I think so. That way they're consistent as much as possible.

[dianabarsan]

I had a bit of a philosophical dilemma about this: if a user had no configured role, is it online or offline? One can easily get to this point if a role is created, a user with this role is created, role is removed.
I decided that one such user should be considered offline and updated the isOffline function to return true if none of the provided roles are configured, along with doing a !isOffline in the isOnlineOnly. But I'm not convinced this is correct.

[garethbowen]

I think in that case it should fail before it gets here, ie: every request should 403 if you don't have any known role, because you're not permitted to do anything! Feel free to go with what you have this time, and maybe raise an issue for that edge case?

[garethbowen]

Nice.

[dianabarsan]

@garethbowen

Were you planning to call this API from medic-conf too?

Yes, that's the plan!

It's worth documenting this API in our api docs.

Absolutely, going to start working on that.

[garethbowen]

Awesome! Hopefully this will catch bad configurations before they become an urgent support request...