[mds-compliance][mds-db] Fix/compliance handles timestamp

[janedotx]

Update compliance /count/ endpoint to return relevant policy and to accept a timestamp parameter. Update compliance /snapshot endpoint to search only for policies active at exactly the time specified by the timestamp parameter.

PR Checklist

• simple searchable title - [mds-db] Add PG env var, [config] Fix eslint config
• briefly describe the changes in this PR
• mark as draft if should not be merged
• write tests for all new functionality

Impacts

• Provider
• Agency
• Audit
• Policy
• Compliance
• Daily
• Native
• Policy Author

[avatarneil]

Proposal: Breaking change (but we have nothing querying for historical compliance and the spec is still in PR so should be okay

We should just change the query_end_date to a query param of timestamp, then we can just do a one-liner and assign a default value on line 81

[janedotx]

I support renaming, but I'd rather not assign a default value. Easier to condition on timestamp being null when determining whether to get historical events or read from the cache that way.

[avatarneil]

Totally unnecessary to do this, just don't rename to query_end_date when destructuring on line 163 and instead supply a default value of now()

[avatarneil]

Unsure what these comments are for

[macsj200]

It renders like normal code in github, I can't tell if the block is commented out or not

[avatarneil]

I don't see why we can't just reuse the readPolicies method here, but if there's a need to create a new method then the naming seems a little off -- when I think of active policies I think of start_date <= now && end_date >= now && published roughly (with the requirement for some null checking as well). It seems that the start/end restrictions are being met, but it's not considering if the policies are published or not

[janedotx]

It is checking for a non-null publish_date on line 79.

[janedotx]

but publish_date should take into account the timestamp

[avatarneil]

I think that was not the case when I made this comment ;) I think the fundamental issue I have with this is that we're using a different method for determining "active policies" between Policy and Compliance. They really ought to be using the same methodology, which is tricky because Policy enables the user to get non-active policies depending on their permissions.

As much as I'd like to do all of the filtering in the DB query, I think what may make sense is to just use the same logic that we have for Policy

const policies = await db.readPolicies({ get_published, get_unpublished })
      const prev_policies: UUID[] = policies.reduce((prev_policies_acc: UUID[], policy: Policy) => {
        if (policy.prev_policies) {
          prev_policies_acc.push(...policy.prev_policies)
        }
        return prev_policies_acc
      }, [])
      const active = policies.filter(p => {
        // overlapping segment logic
        const p_start_date = p.start_date
        const p_end_date = p.end_date || Number.MAX_SAFE_INTEGER
        return end_date >= p_start_date && p_end_date >= start_date && !prev_policies.includes(p.policy_id)
      })

[avatarneil]

(Indentation got substantially borked, but you get the idea)

[avatarneil]

Seems super strange to me that we do the start_date check as part of the query, but then do a filter on the result for end_date

[janedotx]

Noted. I'm keeping readActivePolicies though, since readPolicies is a more generalized method that allows you to set get_unpublished to true, and it feels weird to have that available as an option when active policies must be published.

[avatarneil]

I don't think we should do these reads unless we're operating in a 'historical' context

[avatarneil]

I think we should try to avoid adding more things into this error handling pattern if possible

[macsj200]

+1, if we need to do this sort of error handling branching I'd rather be comparing status codes, string enums, or doing instanceof checks.

[janedotx]

Fixing the error handling feels out of scope. I'd rather keep this PR focused on handling the timestampparam.

[macsj200]

Sounds reasonable, maybe a good candidate for a follow up PR

[janedotx]

I was going to split that out into a different PR so it'd be easier to read, but I think it's faster to just stick it all in this one.

[avatarneil]

Should just get rid of the db.readRule method and extract the rule from whatever policy is returned

[avatarneil]

We should make this only return a single policy instead of an array, especially if you're throwing an error upon the length != 1. That being said, I still think we could just use readPolicies and just add an extra param for rule_id and the conditional statement

[janedotx]

The error is only thrown if zero policies are returned. It doesn't say in the spec that rules must have unique UUIDs and there's nothing preventing multiple policies from sharing a rule at the moment.

[avatarneil]

The error is thrown when res.rowCount !== 1 not res.rowCount === 0. The count endpoint is really only valid under the assumption that rule_ids are unique, even though it's not explicit in the spec (or enforced in the implementation)

[macsj200]

I'd like to learn a little bit more about what this is doing before I +1, maybe we can do a quick screenshare.

[macsj200]

+1, if we need to do this sort of error handling branching I'd rather be comparing status codes, string enums, or doing instanceof checks.

[janedotx]

change to cache.readAllEvents

[janedotx]

get rid of timestamp < now() in both endpoints

[avatarneil]

Instead of doing this filtering in TS, we could adapt the SQL query to look for a matching rule_id in the policy json.

[avatarneil]

Ought to also just be destructuring to pull off the head like const [policy] = db.readActivePolicies(...), I see that on line 209 the policy that we send in the response is not necessarily the policy we considered when computing compliance

[janedotx]

Ought to also just be destructuring to pull off the head like const [policy] = db.readActivePolicies(...), I see that on line 209 the policy that we send in the response is not necessarily the policy we considered when computing compliance

I don't see how that's possible, now that rule uniqueness is actually enforced.

[avatarneil]

Because filteredPolicies !== policies. We consider the head of the filteredPolicies for the evaluation, but in the response body we are returning policies[0].

[avatarneil]

So the policy that we return in the payload may not be a policy that even has the rule_id in question

[avatarneil]

We typically use camelCase as opposed to snake_case for variables, unless they're based off of DB columns or query parameters.