Create accurate error code for users who are applying a code twice to their account

[eleanorreem]

Overview

We want to provide a more accurate error message for users who try and apply a code to their account twice. To do this, we need a better error message than ALREADY_IN_USE. We want a new error code ALREADY_APPLIED

Action Items

• Pull develop branch to ensure your repo is up to date
• Create your own branch
• See resource and tips below before starting.
• Create the change to service methods.
• Add a new service test to test the scenario where a user is applying a code again.
• Create PR and tag @eleanorreem to the PR

Resources/Instructions

• The endpoint users hit is POST /partner-access/assign see /bloom-backend/src/partner-access/partner-access.controller.ts.
• The endpoint uses the assignPartnerAccess service method which checks the validity of the code with the getValidPartnerAccessCode service method.
• Initial suggestion is to pass an optional userId into getValidPartnerAccessCode. You can then compare the users userId with the access codes userId.
• Please note this is a suggestion after having a quick look at the code and might not be the best way. Feel free to improve the implementation

[mayank-sahai]

@eleanorreem would like to work on this. but I have few questions -

1. can the access code be applied multiple times by different users? (but once per user?)
2. I can see getValidPartnerAccessCode is being used in user.service.ts > createPartnerUserWithCode so what should be the expectation there? allow creating different partner user with same code?

[github-actions]

Thank you for your interest in contributing to Chayn! Please carefully read the CONTRIBUTING.md file and the README.md file for guidance. Let us know if you have any questions. Good luck!

[kyleecodes]

@mayank-sahai thank you for looking into this!

I've assigned you the issue and pinged the devs to answer your question ASAP.

[eleanorreem]

Hey @mayank-sahai, super sorry for the slow response. Thanks so much for picking this up. I didn't see the notification for some reason! And I can see my issue was not clear enough. I will clarify.

We have partners who have custom bloom experiences. In some case, this includes enhanced features such as therapy. A user can get the custom experience in multiple ways.

1. A user is given a code by a Partner Admin user (i.e. an administrator working for one of our partners). The user is given an access code when they sign up and this is assigned to them when they sign up.
2. The user is given a link to a page i.e. /welcome/[partnerName] where they can sign up without an access code. When they sign up, they are assigned an access code behind the scenes which has partnerAdminId set to null. I.e. they have been given permissions for the partner experience but this isn't related to a particular administrator.
3. When a user has already signed up, they can apply a code on the frontend endpoint /account/apply-a-code. This is the instance where a user is most likely to come across this error. They have applied the code to their account and they try and do it again.

Hope that context is helpful.

To respond to your exact questions:

1. can the access code be applied multiple times by different users? (but once per user?) - No. An access code is individual per user. It cannot be assigned to multiple users.
2. I can see getValidPartnerAccessCode is being used in user.service.ts > createPartnerUserWithCode so what should be the expectation there? allow creating different partner user with same code? I think looking at this question, i've realised that the suggestion that I put forward in the ticket isn't quite right. I am making getValidPartnerAccessCode do too much. I think that function should just be retrieving access codes based on the code supplied.

My new suggestion would be to just put the check in PartnerAccessService.assignPartnerAccess. That should be the only place that that is relevant. Let me know if that makes sense and sorry for the long ramble. ⭐

[mayank-sahai]

No worries and thanks for the explanation. @eleanorreem

So just to confirm my understanding we have the following cases -

1. Access code userId is not null and not equal to user userId
   Response message - ALREADY_IN_USE
   Frontend Message - The code has already been used. If you think there's been a mistake, get in touch with the partner team.

2. Access codes userId is not null and equal to user userId
   Response message - ALREADY_APPLIED
   Frontend Message - This code has already been applied to your account.

3. Access codes userId is null - Apply the code like it is happening currently.

If this is correct then I would say that your first suggestion was right and we should keep the condition in the getValidPartnerAccessCode only and pass userId as optional for ALREADY_APPLIED scenario. This will keep all the condition check at one place and make the getValidPartnerAccessCode complete.

let me know what you think.
cheers.

[eleanorreem]

@mayank-sahai That all sounds correct to me! Thanks so much ⭐