[HOLD for payment 2023-06-28] [Secure Logins] Replace login uses with accountIDs throughout App (when accessing Onyx)

[Beamanator]

Part of "Secure Logins in EChat" project

As part of the "Secure Logins in EChat" project, we want it to be impossible to scrape contact information from NewDot. One of the biggest refactors we will do for this project is: Re-keying the ONYXKEYS.PERSONAL_DETAILS data to have accountIDs as keys (currently the keys are logins - emails or phone numbers). This will take a large effort on the server side as well as the front-end, so we need some help getting everything together on the front-end.

In this issue, we will focus on two parts:

List & categorize all changes needed to remove contact info from Onyx

1. Find and note everywhere we currently access data from the PERSONAL_DETAILS onyx key.
2. For each reference, note what kind of change we need to make. Examples:
   1. Change access from [login] to [accountID]
   2. Update helper method OptionsListUtils.getNewChatOptions
   3. Update helper method ReportUtils.getIcons
   4. Change report.managerEmail to report.managerAccountID (this requires backend changes)
3. Propose solutions to as many of the above as possible, in a clean and concise way
   • Many solutions will be repeated, so we want to categorize the changes so it's easy to read what all needs to be updated.

List & categorize all changes needed to remove contact information from API calls

1. Find and note every API command that sends / receives contact information
2. Suggest API commands where we can update contact information parameters to accountIDs. Examples:
   1. For IOU splits, we send email: currentUserEmail for each split participant, but we could use accountID: currentUserAccountID instead
   2. For 'CreateTask', check if the assignee param sends an email / login. If so, we can update that to be something like assigneeAccountID
3. Again, note if we need to update any helper methods along the way

[burczu]

Hi I'm Bartek from Callstack - expert contributor group - I would like to work on this issue.

[Beamanator]

Amazing, thanks! Assigned 💪 Please let us know if you have any questions about what we're looking for here!

[burczu]

Daily update: I've managed to cover around 60-70% of the PERSONAL_DETAILS data usages. I should have everything done tomorrow, and I'll post the final report here then.

[Beamanator]

Sounds good @burczu , that would be great to have this tomorrow 🙏

[Beamanator]

@burczu any updates here?

[burczu]

@Beamanator please check below what I've got so far (I had no time to analyze helper methods yet, but I can do it on Monday). Please also let me know if you need me to fix this list in any way.

List & categorize all changes needed to remove contact info from Onyx

---

1. /src/components/ArchivedReportFooter.js
   • Change access from [login/email] to [accountId]
2. /src/components/ReportActionItem/IOUPreview.js
   • Update helper method OptionsListUtils.getAvatarsForLogins
3. /src/Components/ReportWelcomeText.js
   • Update helper method OptionsListUtils.getPersonalDetailsForLogins
4. /src/components/withCurrentUserPersonalDetails.js
   • Change access from [currentUserEmail] to [accountId]
5. /src/libs/DateUtils.js
   • In Onyx.connect callback - change access from [currentUserEmail] to [accountId]
6. /src/libs/Navigation/AppNavigator/AuthScreens.js
   • In Onyx.connect callback - change access from [currentUserEmail] to [accountId]
7. /src/libs/PersonalDetailsUtils.js
   • In Onyx.connect callback - no changes needed
8. /src/libs/ReportUtils.js
   • In Onyx.connect callback - change access from [currentUserEmail to [accountId]
9. /src/libs/ReportUtils.js
   • Update helper method getPersonalDetailsForLogin by changing its name to getPersonalDetailsForAccountId and its input parameter login by accountId
10. /src/libs/SidebarUtils.js
    • In Onyx.connect callback - no changes needed
11. /src/libs/SidebarUtils.js
    • In the getOptionData method - update helper method call OptionsListUtils.getPersonalDetailsForLogin (the name of the method will change)
12. /src/libs/SidebarUtils.js
    • In the getOptionData method - change access from [report.lastActorEmail] to [report.accountId (backend changes may be required)
13. /src/libs/actions/App.js
    • In the Onyx.connect callback - change access from [currentUserEmail] to [accountId]
14. /src/libs/actions/PersonalDetails.js
    • In the Onyx.connect callback - no changes needed
15. /src/libs/actions/PersonalDetails.js
    • In the getDisplayName method - change its input parameter login by accountId
16. /src/libs/actions/PersonalDetails.js
    • In the getDisplayName method - change access from [login] to [accountId]
17. /src/libs/actions/User.js
    • In the Onyx.connect callback - change access from [currentEmail] to [accountId]
18. /src/pages/DetailsPage.js
    • Change access from [login] to [accountId]
19. /src/pages/NewChatPage.js
    • Update helper method OptionsListUtils.getNewChatOptions (called few times in few places in this file)
20. /src/pages/ReportDetailsPage.js
    • Update helper method OptionsListUtils.getPersonalDetailsForLogis
21. /src/pages/ReportDetailsPage.js
    • Update helper method OptionsListUtils.getIcons
22. /src/pages/ReportParticipantsPage.js
    • Change access from login to accountId
23. /src/pages/SearchPage.js
    • Update helper method OptionsListUtils.getSearchOptions
24. /src/components/MoneyRequestHeader.js
    • Change report.managetEmail to report.managerAccountId (backend change may be needed)
25. /src/components/AvatarWithDisplayName.js
    • Change helper method ReportUtils.getIcons
26. /src/components/AvatarWithDispayName.js
    • Change helper method OptionsListUtils.getPersonalDetailsForLogins
27. /src/pages/home/HeaderView.js
    • Change helper method OptionsListUtils.getPersonalDetailsForLogins
28. /src/pages/home/HeaderView.js
    • Change helper method ReportUtils.getIcons
29. /src/components/TaskHeader.js
    • Change helper method ReportUtils.getAvatar
30. /src/pages/home/report/ReportActionCompose.js
    • Change helper method OptionsListUtils.getNewChatOptions
31. /src/pages/home/report/ReportActionCompose.js
    • Change report.participants to contain accountId's instead of logins (backend changes needed)
32. /src/pages/home/report/ReportActionCompose.js
    • Change helper method ReportUtils.canShowReportRecipientLocalTime
33. /scr/pages/home/report/ReportActionItemCreated.js
    • Change helper method ReportUtils.getIcons
34. /src/pages/home/sidebar/SidebarLinks.js
    • In personalDetailsSelector function - change access from [login] to [accountId]
35. /src/pages/iou/MoneyRequestModal.js
    • Change helper method OptionsListUtils.getParticipantsOptions
36. /src/pages/iou/steps/MoneyRequestParticipantsPage/MoneyRequestParticipantsSelector.js
    • Change helper method OptionsListUtils.getNewChatOptions
37. /src/pages/iou/steps/MoneyRequestParticipantsPage/MoneyRequestParticipantsSelector.js
    • Change helper method OptionsListUtils.isPersonalDetailsReady
38. /src/pages/iou/steps/MoneyRequestParticipantsPage/MoneyRequestParticipantsSplitSelector.js
    • Change helper method OptionsListUtils.getNewChatOptons (used few times)
39. /src/pages/iou/steps/MoneyRequestParticipantsPage/MoneyRequestParticipantsSplitSelector.js
    • Change helper method OptionsListUtils.isPersonalDetailsReady
40. /src/pages/tasks/NewTaskPage.js
    • Change task.assignee to be an accountId not login (backend changes may be needed)
41. /src/pages/tasks/NewTaskPage.js
    • Change helper method TaskUtils.getShareDestination
42. /src/pages/tasks/TaskAssigneeSelectorModal.js
    • Change helper method OptionsListUtils.getNewChatOptions (used few times)
43. /src/pages/tasks/TaskShareDestinationSelectorModal.js
    • Change helper method OptionsListUtils.getShareDestinationOptions (used few times)
44. /src/pages/workspace/WorkspaceInviteMessagePage.js
    • In getAvatarTooltips function - change access from login to accountId (the Personal Details keys are picked by the values taken from invitedMembersDraft list that contains logins - it should contains accountId's)
45. /src/pages/workspace/WorkspaceInvitePage.js
    • Change helper method OptionsListUtils.getMemberInviteOptions (used few times)
46. /src/pages/workspace/WorkspaceInvitePage.js
    • Change helper method OptionsListUtils.isPersonalDetailsReady
47. /src/pages/workspace/WorkspaceMembersPage.js
    • Change access from email to accountId

List & categorize all changes needed to remove contact information from API calls

---

1. /src/libs/actions/App.js
   • For OpenProfile command, we send the timezone value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountId] (applies to optimisticData and failureData)
2. /src/libs/actions/PersonalDetails.js
   • For UpdatePronouns command, we send the pronouns value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
3. /src/libs/actions/PersonalDetails.js
   • For UpdateDisplayName command, we send the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
4. /src/libs/actions/PersonalDetails.js
   • For UpdateDisplayName command, we use the getDisplayName method and passing the currentUserEmail value as a parameter - we should pass the accountId instead
5. /src/libs/actions/PersonalDetails.js
   • For UpdateAutomaticTimezone command, we send the timezone value in the object assigned to the [currentUserEmail key - the key should be changed to [accountId]
6. /src/libs/actions/PersonalDetails.js
   • For UpdateSelectedTimezone command, we send the timezone value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
7. /src/libs/actions/PersonalDetails.js
   • For UpdateUserAvatar command, we send and object assigned to the [currentUserEmail] key - the key should be changed to [accountId] (applies to optimisticData, successData and failureData)
8. /src/libs/actions/PersonalDetails.js
   • For UpdateUserAvatar command, while creating failureData, we are accessing the personal details object using [currentUserEmail] - it could be replaced by [accountId]
9. /src/libs/actions/PersonalDetails.js
   • For DeleteUserAvatar command, we send an avatar value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountID] (applies to optimisticData and failureData)
10. /src/libs/actions/PersonalDetails.js
    • For DeleteUserAvatar command, while creating failureData, we are accessing personal details object using [currentUserEmail] - it could be replaced by [accountId]
11. /src/libs/actions/PersonalDetails.js
    • In the clearAvatarErrors method, we are creating an object using [currentUserEmail] as a key - the key should be changed to [accountId]
12. /src/libs/actions/Report.js
    • In the addActions method, we create an object to be written in Onyx using [currentUserEmail] key - the should be changed to [accountId]
13. /src/libs/actions/User.js
    • For SetContactMethodAsDefault command, we are using logins as old and new contact methods, that are then used as keys - I think this functionality might be redesigned if we don’t want to use logins as keys in the PERSONAL_DETAILS data. Maybe passing accoundId as an additional parameter, and the use it as a key, would be enough here.

[melvin-bot]

Looks like something related to react-navigation may have been mentioned in this issue discussion.

As a reminder, please make sure that all proposals are not workarounds and that any and all attempt to fix the issue holistically have been made before proceeding with a solution. Proposals to change our DeprecatedCustomActions.js files should not be accepted.

Feel free to drop a note in #expensify-open-source with any questions.

[Beamanator]

Hey @burczu thanks for the effort so far! What you've got is definitely useful as a start! Here's a few more things I think we'd like to know:

1. For each of the places we want to "remove contact info from Onyx", I was also hoping to know:
   1. Where exactly did the contact info come from? Example: From the Report object? Report action? Report participants?
      1. The contact info is what we'll have to replace with accountIDs, so i've been finding new places we store contact info every time i look at App code 😅
   2. Where is that contact info updated in NewDot? (it definitely could also be updated on the server & sent from the server, but we don't document that in NewDot anywhere 😅 )
2. For each API call, it looks like you posted what we'd need to change in the Onyx data, but what about the API parameters?
   • Ex: For SetContactMethodAsDefault, there's a parameter partnerUserID which is contact information. Technically we probably won't be able to change that one, which is fine - this is just for that specific user. Nobody else will be able to scrape someone's login list.

Does that make sense?

[burczu]

Hey @Beamanator! It does make sense! I'll continue working on it today.

[burczu]

Daily update: I've made some progress yesterday, but I need more time, so I'll continue working on it. Hopefully I'll be able to post some updates to my report soon (today/tomorrow).

[burczu]

Hey @Beamanator! Please see below the updated report. It should address this part of your last comment:

1. For each of the places we want to "remove contact info from Onyx", I was also hoping to know:
   1. Where exactly did the contact info come from? Example: From the Report object? Report action? Report participants?
      1. The contact info is what we'll have to replace with accountIDs, so i've been finding new places we store contact info every time i look at App code 😅

I've also covered all the helper methods that I've found are related to personal details.
Now I'll continue working on determining all the places where contact info are updated and on expanding the API calls part.

List & categorize all changes needed to remove contact info from Onyx

---

1. /src/components/ArchivedReportFooter.js
   • The personalDetails object - change access from [login/email] to [accountId]
     • The [login/email] comes from the reportAction object
       • Change reportAction.originalMessage.newLogin to reportAction.originalMessage.newAccountID (backend changes needed)
       • Change reportAction.originalMessage.oldLogin to reportAction.originalMessage.oldAccountID (backend changes needed)
   • The report object - change report.ownerEmail to report.ownerAccountId (backend changes needed)
2. /src/components/ReportActionItem/IOUPreview.js
   • Update helper method OptionsListUtils.getAvatarsForLogins
   • The reportAction object - change reportAction.originalMessage.participants array to store accountId values instead of login values (backend change)
3. /src/components/ReportWelcomeText.js
   • Update helper method OptionsListUtils.getPersonalDetailsForLogins
   • The report object - change report.participants array to store accountId values instead of login values (backend change)
   • The report object - change report.ownerEmail to report.ownerAccountId (backend change)
4. /src/components/withCurrentUserPersonalDetails.js
   • Change access from [currentUserEmail] to [accountId]
   • The session object - remove session.email value and use session.accountId value to access personalDetails keys
5. /src/libs/DateUtils.js
   • In Onyx.connect callback - change access from [currentUserEmail] to [currentUserAccountId]
   • The session object - remove session.email value ([currentUserEmail]) and use session.accountId value to access personalDetails keys
6. /src/libs/Navigation/AppNavigator/AuthScreens.js
   • In Onyx.connect callback - change access from [currentUserEmail] to [currentAccountId]
   • The session object - remove session.email value ([currentUserEmail]) and use session.accountId value to access personalDetails keys
7. /src/libs/PersonalDetailsUtils.js
   • In Onyx.connect callback - no changes needed
8. /src/libs/ReportUtils.js
   • In Onyx.connect callback - change access from [currentUserEmail to [currentUserAccountId]
   • The session object - remove session.email value ([currentUserEmail]) and use session.accountId value to access personalDetails keys
   • In getPersonalDetailsForLogin function
     • Change input parameter from login to accountId
     • Change its name to getPersonalDetailsForAccountId
     • Change access from [login] to [accountId] (input parameter)
     • Remove login from default object
   • In buildOptimisticAddCommentReportAction function
     • Change access from [currentUserEmail] to [currentUserAccountId]
   • In buildOptimisticClosedReportAction function
     • Change access from [currentUserEmail] to [currentUserAccountId]
   • In getIcons function
     • Change access from [actorEmail] to [actorAccountId]
     • The reportAction object - change reportAction.actorEmail to reportAction.actorAccountId (backend change)
   • In getDisplayNamesWithTooltips function
     • The login property of single personalDetail object, should be removed or replaced by accountId (backend change)
   • In getDisplayNameForParticipant function
     • Change input parameter from login to accountId
     • Change helper method getPersianDetailsForLogin
   • In getAvatar function
     • Change input parameter from login to accountId
     • Change helper method getDefaultAvatar
   • In getDefaultAvatar function
     • Change input parameter from login to accountId
     • Change the way how we determine if the current user is a “Concierge”, so the comparison login === CONST.EMAIL.CONCIERGE should be changed to, e.g. accountId === CONST.ACCOUNT_ID.CONCIERGE
     • Change helper method hashLogin
   • In hashLogin function
     • Change input parameter from login to accountId
   • In canShowReportRecipientLocalTime function
     • The report object - change report.participants array to store accountId values instead of login values (backend change)
     • Change access from [login] (participant from report object) to [accountId]
9. /src/libs/SidebarUtils.js
   • In Onyx.connect callback - no changes needed
10. /src/libs/SidebarUtils.js
    • In the getOptionData function
      • Update helper method OptionsListUtils.getPersonalDetailsForLogins
      • The report object - change [report.lastActorEmail] to [report.lastActorAccountId] (backend change)
      • Update helper method ReportUtils.getIcons
11. /src/libs/actions/App.js
    • In the Onyx.connect callback - change access from [currentUserEmail] to [currentAccountId]
    • The session object - remove session.email value ([currentUserEmail]) and use session.accountId value to access personalDetails keys
12. /src/libs/actions/PersonalDetails.js
    • In the Onyx.connect callback - no changes needed
    • The session object - remove session.email value ([currentUserEmail]) and use session.accountId value to access personalDetails keys
    • In getDisplayName method
      • Change its input parameter login by accountId
      • Remove call of LocalePhoneNumber.formatPhoneNumber(login) since login won’t be passed anymore
      • Change access from [login] to [accountId] (input param)
13. /src/libs/actions/User.js
    • In the Onyx.connect callback - change access from [currentEmail] to [currentUserAccountId]
    • The session object - remove session.email value ([currentEmail]) and use session.accountId value to access personalDetails keys
14. /src/pages/DetailsPage.js
    • Change access from [login] to [accountId]
    • The login value is taken from route parameters, so we need to pass an accountId instead
      • When opened from ReportWelcomeText and ReportUtils the login route param is taken from report.participants array
      • When opened from ReportActionItemSingle component the login route param is taken from reportAction.actorEmail value
      • When opened from MentionUserRenderer the login route param is taken from (this code I don’t understand…)
15. /src/pages/NewChatPage.js
    • Update helper method OptionsListUtils.getNewChatOptions
    • The login property of single personalDetail object, should be removed or replaced by accountId (backend change)
    • Update helper method OptionsListUtils.isPersonalDetailsReady
16. /src/pages/ReportDetailsPage.js
    • Update helper method OptionsListUtils.getPersonalDetailsForLogis
    • The report object - change report.participants array to store accountId values instead of login values (backend change)
    • Update helper method ReportUtils.getDisplayNamesWithTooltips
    • Update helper method ReportUtils.getIcons
17. /src/pages/ReportParticipantsPage.js
    • In getAllParticipants function
      • The report object - change report.participants array to store accountId values instead of login values (backend change)
      • The login property of single personalDetail object, should be removed or replaced by accountId (backend change)
      • Change access from [login] to [accountId]
18. /src/pages/SearchPage.js
    • Change helper method OptionsListUtils.getSearchOptions
    • Change helper method OptionsListUtils.isPersonalDetailsReady
19. /src/components/MoneyRequestHeader.js
    • The report object - change report.managerEmail value to report.managerAccountId (backend change may be needed)
20. /src/components/AvatarWithDisplayName.js
    • Change helper method ReportUtils.getIcons
    • Change helper method OptionsListUtils.getPersonalDetailsForLogins
21. /src/pages/home/HeaderView.js
    • Change helper method OptionsListUtils.getPersonalDetailsForLogins
    • Change helper method ReportUtils.getIcons
22. /src/components/TaskHeader.js
    • Change helper method ReportUtils.getAvatar
23. /src/pages/home/report/ReportActionCompose.js
    • Change helper method OptionsListUtils.getNewChatOptions
    • The report object - change report.participants array to store accountId values instead of login values (backend change)
    • Change helper method ReportUtils.canShowReportRecipientLocalTime
24. /scr/pages/home/report/ReportActionItemCreated.js
    • Change helper method ReportUtils.getIcons
25. /src/pages/home/sidebar/SidebarLinks.js
    • In personalDetailsSelector function
      • Change access from [login] to [accountId]
26. /src/pages/iou/MoneyRequestModal.js
    • Change helper method OptionsListUtils.getParticipantsOptions
27. /src/pages/iou/steps/MoneyRequestParticipantsPage/MoneyRequestParticipantsSelector.js
    • Change helper method OptionsListUtils.getNewChatOptions
    • Change helper method OptionsListUtils.isPersonalDetailsReady
28. /src/pages/iou/steps/MoneyRequestParticipantsPage/MoneyRequestParticipantsSplitSelector.js
    • Change helper method OptionsListUtils.getNewChatOptons
    • Change helper method OptionsListUtils.isPersonalDetailsReady
29. /src/pages/tasks/NewTaskPage.js
    • The task object - change task.assignee to contain accountId instead login value (backend change)
    • Change helper method TaskUtils.getAssignee
    • Change helper method TaskUtils.getShareDestination
30. /src/pages/tasks/TaskAssigneeSelectorModal.js
    • Change helper method OptionsListUtils.getNewChatOptions
31. /src/pages/tasks/TaskShareDestinationSelectorModal.js
    • Change helper method OptionsListUtils.getShareDestinationOptions
32. /src/pages/workspace/WorkspaceInviteMessagePage.js
    • In getAvatarTooltips function
      • Change access from login to accountId - the Personal Details keys are filtered by the values taken from props.invitedMembersDraft (ONYXKEYS.COLLECTION.WORKSPACE_INVITE_MEMBERS_DRAFT) list that contains logins - it should contains accountId's
33. /src/pages/workspace/WorkspaceInvitePage.js
    • Change helper method OptionsListUtils.getMemberInviteOptions
    • Change helper method OptionsListUtils.isPersonalDetailsReady
34. /src/pages/workspace/WorkspaceMembersPage.js
    • Change access from email to accountId
35. /src/libs/OptionsListUtils.js
    • In getNewChatOptions function
      • Change helper method getOptions
    • In getShareDestinationOptions function
      • Change helper method getOptions
    • In getMemberInviteOptions function
      • Change helper method getOptions
    • In getOptions function
      • The login property of single personalDetail object, should probably by removed or replaced by accountId
    • In createOption function
      • Change helper method getPersonalDetailsForLogins
      • The report object - change access from report.lastActorEmail to report.lastActorAccountId
      • The login property of single personalDetail object, should probably by removed or replaced by accountId
      • Change helper method getSearchText
      • Change helper method ReportUtils.getIcons
    • In getPersonalDetailsForLogins function
      • Its input parameter logins should be changed to accountIds
      • Its name should be changed to getPersonalDetailsForAccountIds
      • Change access from using login input parameter to an accountId
    • In isPersonalDetailsReady function
      • It tries to access the login property of the personalDetails object - it should be removed or replaced by accountId
    • In getSearchText function
      • The login property of single personalDetail object, should be removed or replaced by accountId (backend change)
    • In getAvatarsForLogins function
      • Its input parameter logins should be changed to accountIds
      • Its name should be changed to getAvatarsForAccountIds
      • Change access from using login input parameter to an accountId
      • The login property of single personalDetail object, should be removed or replaced by accountId (backend change)
    • In getParticipantsOptions function
      • The report object - change report.participants array to store accountId values instead of login values (backend change)
      • Change helper method getPersonalDetailsForLogins
      • The login property of single personalDetail object, should be removed or replaced by accountId (backend change)
      • The phoneNumber property of single personalDetail object, should be removed or replaced by accountId (backend change)
36. /src/libs/actions/Task.js
    • In getAssignee function
      • Change helper method ReportUtils.getAvatar
      • Change access from [login] to [accountId]
    • In getShareDestination function
      • Change helper method RepotUtils.getIcons

List & categorize all changes needed to remove contact information from API calls

---

1. /src/libs/actions/App.js
   • For OpenProfile command, we send the timezone value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
   • (only applies to optimisticData and failureData)
2. /src/libs/actions/PersonalDetails.js
   • For UpdatePronouns command
     • We send the pronouns value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
     • (only applies to Onyx data)
   • For UpdateDisplayName command
     • We send the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
     • (only applies to Onyx data)
   • For UpdateDisplayName command
     • We use the getDisplayName method and passing the currentUserEmail value as a parameter - we should pass the accountId instead
     • (only applies to Onyx data)
   • For UpdateAutomaticTimezone command
     • We send the timezone value in the object assigned to the [currentUserEmail key - the key should be changed to [accountId]
     • (only applies to Onyx data)
   • For UpdateSelectedTimezone command
     • We send the timezone value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountId]
     • (only applies to Onyx data)
   • For UpdateUserAvatar command
     • We send and object assigned to the [currentUserEmail] key - the key should be changed to [accountId] (applies to optimisticData, successData and failureData)
     • (only applies to Onyx data)
   • For UpdateUserAvatar command
     • While creating failureData, we are accessing the personal details object using [currentUserEmail] - it could be replaced by [accountId]
     • (only applies to Onyx data)
   • For DeleteUserAvatar command
     • We send an avatar value in the object assigned to the [currentUserEmail] key - the key should be changed to [accountID] (applies to optimisticData and failureData)
     • (only applies to Onyx data)
   • For DeleteUserAvatar command
     • While creating failureData, we are accessing personal details object using [currentUserEmail] - it could be
     • (only applies to Onyx data)replaced by [accountId]
   • In the clearAvatarErrors method
     • We are creating an object using [currentUserEmail] as a key - the key should be changed to [accountId]
     • (only applies to Onyx data)
3. /src/libs/actions/IOU.js
   • For RequestMoney command
     • We get the payerEmail value from the login value of the report.participant object - it should be replaced by accoundId
     • We pass parameter debtorEmail with payerEmail assigned - we should use accoundId here
   • For SplitBill command
     • In createSplitsAndOnyxData helper method
       • We get the currentUserEmail value from the currentUserLogin value
       • We send email: currentUserEmail parameter for every split
   • For SplitBillAndOpenReport command
     • In createSplitsAndOnyxData helper method
       • We get the currentUserEmail value from the currentUserLogin value
       • We send email: currentUserEmail parameter for every split
   • For SendMoneyElsewhere command
     • In the getSendMoneyParams helper method
       • We get the recipientEmail value from the login value of the recipient object (which is the persondalDetails object in fact)
       • We send newIOUReportDetails.requestorEmail value with the recipientEmail value assigned
   • For sendMoneyWithWallet command
     • In the getSendMoneyParams helper method
       • We get the recipientEmail value from the login value of the recipient object (which is the persondalDetails object in fact)
       • We send newIOUReportDetails.requestorEmail value with the recipientEmail value assigned
   • For SendMoneyViaPaypal command
     • In the getSendMoneyParams helper method
       • We get the recipientEmail value from the login value of the recipient object (which is the persondalDetails object in fact)
       • We send newIOUReportDetails.requestorEmail value with the recipientEmail value assigned
4. /src/libs/actions/Policy.js
   • For DeleteMembersFromWorkspace command
     • We send the emailList property with the members array assigned
   • For AddMembersToWorkspace command
     • We send the employees property with the array of {email: login} objects assigned - we should use accountId's here
   • For CreateWorkspace command
     • We send the ownerEmail property - we should use accountId here
5. /src/libs/actions/Report.js
   • In the addActions method
     • We create an object to be written in Onyx using [currentUserEmail] key - the should be changed to [accountId]
   • For OpenReport command
     • We send the emailList property with the participantsList array assigned
6. /src/libs/actions/Task.js
   • For CreateTask command
     • We send the assignee property which is taken from the task object
   • For EditTask command
     • We send the assignee property which is taken from personaDetails object or from the report object (the assignee property)
7. /src/libs/actions/User.js
   • For RequestContactMethodValidateCode command
     • We pass the parameter email with the contactMethod value assigned
   • For DeleteContactMethod command
     • We pass the parameter partnerUserID with the contactMethod value assigned (contact method may be an email or phone)
   • For AddNewContactMethod command
     • We pass the parameter partnerUserID with the contactMethod value assigned (contact method may be an email or phone)
   • For ValidateSecondaryLogin command
     • We pass the parameter partnerUserID with the contactMethod value assigned (contact method may be an email or phone)
     • The command method name may be also changed to remove its Login part
   • For SetContactMethodAsDefault command
     • We pass the parameter partnerUserID which is contact information because the email (newDefaultContactMethod) is assigned to it
8. /src/libs/actions/Session/index.js
   • For BeginSignIn command
     • We pass the email property with the login value - but it seems to be correct, cause the end user knows his email/login not the accountId
   • For SigninUser command
     • We pass the email property with the login value - but it seems to be correct, cause the end user knows his email/login not the accountId
   • For RequestPasswordReset command
     • We pass the email property with the login value - but it seems to be correct, cause the end user knows his email/login not the accountId
   • For ResendRequestPasswordReset command
     • We pass the email property with the login value - but it seems to be correct, cause the end user knows his email/login not the accountId
   • For RequestUnlinkValidationLink command
     • We pass the email property with the login value - but it seems to be correct, cause the end user knows his email/login not the accountId

[Beamanator]

@burczu thanks so much for the amazing updates to List & categorize all changes needed to remove contact info from Onyx! I'm going to update our doc with those details you've provided so far 👍 👍

[burczu]

Hey @Beamanator! I've just updated my last comment by changing the List & categorize all changes needed to remove contact information from API calls part.

It now contains what we had before, so the details about what we need to change in the Onyx data, as well as the information about the API calls parameters that may contain logins/emails.

Now, I'll try to address this part form your comment:

Where is that contact info updated in NewDot? (it definitely could also be updated on the server & sent from the server, but we don't document that in NewDot anywhere 😅 )

But, because tomorrow we had internal workshop at Callstack, I'll probably be able to finish it on Monday...

[burczu]

Daily update: still working on detecting places where contact info is updated in the NewDot app, a will continue tomorrow.

[Beamanator]

Hey @burczu thanks for pushing forward!

Just so you know, @puneetlath and I have been working hard on getting backend changes live so you SHOULD soon be able to start a PR for these changes! 🙏 We're starting with making sure OpenApp & ReconnectApp fetch additional personal details (via the new onyx key personalDetailsList) that are keyed by accountID - and we'll hopefully be getting more and more live later this week.

You probably won't see any updates till late today or tomorrow, but we'll keep you posted!

[burczu]

Hi @Beamanator, thanks for the update. I had to switch to another issue that is important for @puneetlath for a while, but will get back to this one probably today.

[puneetlath]

Ok @burczu we are ready to start updating components. If you use NewDot with the staging server, you should see the new personalDetailsList object in Onyx, which uses accountIDs instead of email addresses as keys.

Now, we need to migrate every component that is currently using ONYXKEYS.PERSONAL_DETAILS to use the new ONYXKEYS.PERSONAL_DETAILS_LIST.

I think we would ideally break this up into many small PRs so that it is easy to review/test/catch regressions. I would imagine that we could have multiple devs work on this simultaneously. What do you think?

[Beamanator]

FYI we're also planning to migrate ONYXKEYS.COLLECTION_POLICY_MEMBERS_LIST key to ONYXKEYS.COLLECTION_POLICY_MEMBERS, which will now also be keyed by accountID. This is necessary so that we can access the members' personal details from the new ONYXKEYS.PERSONAL_DETAILS_LIST data which will be keyed by accountID.

Here's my investigation of the changes needed for this migration so far:

1. WorkspaceMembersPage
   • Used to map emails / accountIDs to personal details
2. AvatarWithIndicator, InitialSettingsPage, WorkspaceListPage, WorkspaceInitialPage, PolicyUtils
   • Basically only use this key for checking if there’s errors associated with any member
3. Policy.js
   • removeMember - API command DeleteMembersFromWorkspace
   • addMembersToWorkspace - API command AddMembersToWorkspace
   • createWorkspace - API command CreateWorkspace
   • Other places just clear errors associated with adding / removing members
4. WorkspaceInvitePage
   • Will need to update CONST with an array of expensify email address accountIDs (see CONST.EXPENSIFY_EMAILS)

@burczu there may not be any additional migration to do for ^, but it would be helpful if you could validate my findings and let me know if you think I missed anything

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.36-5 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Report actions personal details cleanup #21822

If no regressions arise, payment will be issued on 2023-07-12. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

As a reminder, here are the bonuses/penalties that should be applied for any External issue:

• Merged PR within 3 business days of assignment - 50% bonus
• Merged PR more than 9 business days after assignment - 50% penalty

[puneetlath]

Ok, I believe the last thing we need to do here is pay out all the C+ that helped out with this project. I will post in C+ to figure out who that is.

Posted here: https://expensify.slack.com/archives/C02NK2DQWUX/p1690300828906829

[allroundexperts]

I was the C+ for #22008 @puneetlath!

[Santhosh-Sellavel]

@puneetlath
I was C+ for #20036
Help with some testing on this.

[fedirjh]

I was C+ for #20035

[0xmiros]

I reviewed these PRs: #20034 #20474 #20547 #21781 #21877 #22081 #22327 #22639

[puneetlath]

Payment for four C+ for internal PR review:

• - @allroundexperts for 1 PR - $1000 (via NewDot)
• - @Santhosh-Sellavel for 1.5 PRs - $1500 (via NewDot)
• - @fedirjh for 1 PR - $1000 (via Upwork)
• - @0xmiroslav for 7 PRs (6 full, two half) - $7000 (via Upwork)

I considered a half PR anything for which the full reviewer checklist wasn't done. Let me know if I missed anything or made any mistakes.

@fedirjh @0xmiroslav I've sent you Upwork contract offers.
https://www.upwork.com/nx/wm/pre-hire/c/8577561/offer/25866200
https://www.upwork.com/nx/wm/pre-hire/c/8577561/offer/25866194

@allroundexperts @Santhosh-Sellavel please request via NewDot.

[0xmiros]

@puneetlath Sorry, can you please hold my payment until further notice? I am working on some stuff due to recent measurements in my region. And update issue to Monthly or create separate GH for me. Thanks

[puneetlath]

Sounds good. @allroundexperts @Santhosh-Sellavel let me know when you've requested payments.

[allroundexperts]

I've requested the payment @puneetlath!

[JmillsExpensify]

Reviewed details for @allroundexperts. These details are accurate based on summary from Business Reviewer and are now approved for payment in NewDot.

[Santhosh-Sellavel]

Requested on ND

[puneetlath]

@JmillsExpensify assigning you for @Santhosh-Sellavel's payment as well.

[JmillsExpensify]

Reviewed details for @Santhosh-Sellavel. These details are accurate based on summary from Business Reviewer and are now approved for payment in NewDot.

[0xmiros]

@puneetlath I am ready to get paid as discussed

[puneetlath]

All payments made. Closing this out. Thanks again everyone for your help on this one!