For #10173: login duplicates and save

[eliserichards]

For #10173
Related to mozilla/application-services#3330 - fix in mozilla/application-services#3331
Requires mozilla-mobile/android-components#7694

Requirements for this PR

• Save button enabled/disabled based on errors
• Pull list of duplicates and don't allow dupes to be saved
• UX cleanup for login detail and edit screens
• Move AC components.core.passwordsStorage calls into their own store: LoginsDataStore
  • to be tested

Pull Request checklist

• Tests: This PR includes thorough tests or an explanation of why it does not
• Screenshots: This PR includes screenshots or GIFs of the changes made or an explanation of why it does not
• Accessibility: The code in this PR follows accessibility best practices or does not include any user facing features. In addition, it includes a screenshot of a successful accessibility scan to ensure no new defects are added to the product.

After merge

• Milestone: Make sure issues finished by this pull request are added to the milestone of the version currently in development.

To download an APK when reviewing a PR:

1. click on Show All Checks,
2. click Details next to "Taskcluster (pull_request)" after it appears and then finishes with a green checkmark,
3. click on the "Fenix - assemble" task, then click "Run Artifacts".
4. the APK links should be on the left side of the screen, named for each CPU architecture

[ekager]

Can you comment the filed out data review form here so we can get that review rolling too? see example: #11446 (comment)

[eliserichards]

Request for data collection review form

All questions are mandatory. You must receive review from a data steward peer on your responses to these questions before shipping new data collection.

1. What questions will you answer with this data?

• What % of our users use CRUD actions (create, read, update, delete) on their saved logins?
• How frequently do users manipulate their saved logins?

2. Why does Mozilla need to answer these questions? Are there benefits for users? Do we need this information to address product or business requirements?

• It is crucial we know what types of user segments we have so we can prioritize future logins features. This data will help us better slice our user population & figure out retention metrics. It will also help us to understand the relationship between the Lockwise userbase (standalone password manager) and the Fenix browser users who use saved logins.

3. What alternative methods did you consider to answer these questions? Why were they not sufficient?

• There are currently no alternatives.

4. Can current instrumentation answer these questions?

• No, there are no currently metrics around these actions.

5. List all proposed measurements and indicate the category of data collection for each measurement, using the Firefox data collection categories on the found on the Mozilla wiki.

• All data is Category 2.

6. How long will this data be collected?

• Until 09/01/2020

7. What populations will you measure?

• All release, beta, and nightly users with telemetry enabled.

8. Please provide a general description of how you will analyze this data.

• Glean / Amplitude

9. Where do you intend to share the results of your analysis?

• Only on Glean, Amplitude and with mobile teams.

[ekager]

Okay, all the pieces look there but we need to refactor some of the architecture. Let's not create a new paradigm here if possible! The interactor -> controller model that is used elsewhere should really replace the LoginsDataStore. Look at bookmarks, history, or the other logins fragments for examples of how this should look. You should start with a View for the EditLoginFragment following the pattern of the other fragments, then we can update that view in consumeFrom. The view can call the interactor, and the interactor calls the controller.

Let's pull out the string to land separately so we can definitely make string freeze by tomorrow.

[liuche]

Data-review+ only

A few nits and renaming, inline

Data Review Form (to be filled by Data Stewards)

1. Is there or will there be documentation that describes the schema for the ultimate data set in a public, complete, and accurate way?

Yes, documented the 3 view/edit/delete password probes added

2. Is there a control mechanism that allows the user to turn the data collection on and off?

Yes, controlled by Fenix data controls

3. If the request is for permanent data collection, is there someone who will monitor the data over time?

Probes have expiry

4. Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under?

Type 2, interaction with settings

5. Is the data collection request for default-on or default-off?

default on

6. Does the instrumentation include the addition of any new identifiers (whether anonymous or otherwise; e.g., username, random IDs, etc. See the appendix for more details)?

No, user interaction with UI

7. Is the data collection covered by the existing Firefox privacy notice?

Yes

8. Does there need to be a check-in in the future to determine whether to renew the data? (Yes/No) (If yes, set a todo reminder or file a bug if appropriate)**

No

9. Does the data collection use a third-party collection tool?

no

[eliserichards]

Pulled out the string into #11516 and tagged you for approval @ekager 🔥

Addressed issues :)

[eliserichards]

Waiting on mozilla/application-services#3331 to land

[ekager]

Looking much better! Wondering if we can do some of the cleanup I suggested and if you could also cherry-pick @Mugurell 's commits from #12507 into this PR? (Since they conflict with some of your changes)
cc @Mugurell if you also wanted to take a look at these logins changes and leave some feedback since you've been touching it more recently

[ekager]

Why did this change?

[eliserichards]

lint/detekt error

[ekager]

nit - if we're only using the context to grab the activity can we just pass in the activity?

[ekager]

Also looking at the rest of the class it's unclear to me why we need to cast this context to an activity? Can we just use the passed in context?

[Mugurell]

About the Context..
I'm normally against passing it around and then expect all receivers to know how to build/extract their end dependencies from it. (Demeter's law).
To keep the code clean, have a better separation of responsibilities, loose coupling and ease testing I would propose to have end dependencies sent as parameters to the controller.
Here I see that anyway the context, cast to a specific activity!? is only used for obtaining a reference to components.core.passwordsStorage. That can easily be injected in the constructor without even worrying about it become bloated.

[eliserichards]

This is a flow taken from a number of other places in the app. I would not like to change it without cleaning up every other place as well. Maybe we can file an eng health ticket.

[eliserichards]

fenix/app/src/main/java/org/mozilla/fenix/settings/advanced/DefaultLocaleSettingsController.kt

Line 19 in f424656

private val context: Context,

fenix/app/src/main/java/org/mozilla/fenix/library/bookmarks/BookmarkController.kt

Line 52 in f424656

private val activity: HomeActivity,

fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/BrowserToolbarController.kt

Line 63 in f424656

private val activity: HomeActivity,

https://github.com/mozilla-mobile/fenix/blob/master/app/src/main/java/org/mozilla/fenix/tabtray/TabTrayController.kt#L34

[ekager]

It is a common pattern in the rest of the app (that we can file a followup ticket about), but in this case we really are only using the context to get the passwordsStorage, so instead of passing in the context, we can just pass in the passwordsStorage directly.

[eliserichards]

Changed this to use context instead of HomeActivity, and filed a followup: #12565

[ekager]

I think we can still improve this further by changing it pass passwordsStorage directly since AFAICT that's all we use it for

[eliserichards]

is it cool to pass a component around like that?

[ekager]

Ya! See https://github.com/mozilla-mobile/fenix/blob/master/app/src/main/java/org/mozilla/fenix/collections/CollectionCreationController.kt#L76

[ekager]

elsewhere we use AppCompatResources.getDrawable

[eliserichards]

This was a lint or detekt error telling me to use ResourcesCompat. I can use AppCompatResources instead :)

[Mugurell]

Left some drop-by comments mainly about the architecture.
If we are to refactor this I think we should also focus on improving the architecture and code quality.

[Mugurell]

https://github.com/mozilla-mobile/fenix/blob/master/docs/architecture-overview.md#action
"An Action describes something that happened, and carries any data relevant to that change"
Maybe this Action can be changed to something like "DuplicatesListChanged"?

[eliserichards]

I prefer this name. If possible duplicates exist, this list is non-empty. The action does not depend on the list changing; it will be changing with every edit.

[Mugurell]

About the Context..
I'm normally against passing it around and then expect all receivers to know how to build/extract their end dependencies from it. (Demeter's law).
To keep the code clean, have a better separation of responsibilities, loose coupling and ease testing I would propose to have end dependencies sent as parameters to the controller.
Here I see that anyway the context, cast to a specific activity!? is only used for obtaining a reference to components.core.passwordsStorage. That can easily be injected in the constructor without even worrying about it become bloated.

[Mugurell]

We should look into passing end dependencies to clients and so remove the responsability of them knowing how to and creating such dependencies.
In this case the context seems to only be used for getting components.core.passwordsStorage. We can pass that instead of the Context.

[eliserichards]

Wondering if this might warrant a larger cleanup in the codebase...

[Mugurell]

One other important improvement to be made:
Since there are 38 files here it is pretty hard to properly review this, there is a high risk un bugs, and afterwards it will be pretty hard to follow why something changed.
I see 21 commits, there will possibly be more followed by a merge of them all at the end, with.. 38 files.
Would be great to have the code split into smaller commits, each addressing a specific need, each having a clear commit message detailing why the change. And then for every fixup needed, like something being raised in review do a rebase-fixup.
I for one very much trust in this guidelines - https://github.com/google/eng-practices/blob/master/review/developer/index.md

Addressed comments. Will rebase with Mugurell's PR once it's merged. Once the app services version (62.0.0) is updated in AC and we get that version into Fenix, I would like this to land and then do followups. I don't want to keep this open for any longer than it already has been.

[ekager]

test-debug failing on WHEN finding login dupes, THEN update duplicates in the store

[ekager]

r+ with ktlint fix up :)