Merge pull request #6602 from mozilla/MNTOR-5264

MNTOR-5264: add active user filter to subscriber queries

Author: EMMLynch

package-lock.json

@@ -10,7 +10,11 @@ import { getBreachNotificationSubscribersByHashes } from "./BreachNotificationSu
 import type { SubscriberRow } from "knex/types/tables";
 
 describe("BreachNotificationSubscriber", () => {
-  const subscriber = seeds.subscribers({ primary_verified: true });
+  const recentSession = new Date();
+  const subscriber = seeds.subscribers({
+    primary_verified: true,
+    fxa_session_expiry: recentSession,
+  });
   const chaffSubs = Array.from(Array(10).keys()).map((_) =>
     seeds.subscribers(),
   );
@@ -111,6 +115,7 @@ describe("BreachNotificationSubscriber", () => {
           seeds.subscribers({
             primary_verified: true,
             all_emails_to_primary: true,
+            fxa_session_expiry: recentSession,
           }),
         )
         .returning("*")
@@ -142,6 +147,7 @@ describe("BreachNotificationSubscriber", () => {
           seeds.subscribers({
             primary_verified: true,
             all_emails_to_primary: false,
+            fxa_session_expiry: recentSession,
           }),
         )
         .returning("*")
@@ -166,4 +172,113 @@ describe("BreachNotificationSubscriber", () => {
       ]),
     );
   });
+
+  it("excludes subscribers with null fxa_session_expiry", async () => {
+    const inactiveSub = (
+      await conn("subscribers")
+        .insert(
+          seeds.subscribers({
+            primary_verified: true,
+            fxa_session_expiry: null,
+          }),
+        )
+        .returning("*")
+    )[0];
+    const hashes = [inactiveSub.primary_sha1];
+    const actual = await getBreachNotificationSubscribersByHashes(hashes);
+    expect(actual.length).toEqual(0);
+  });
+
+  it("excludes subscribers with fxa_session_expiry older than 1 year", async () => {
+    const twoYearsAgo = new Date(Date.now() - 2 * 365.25 * 24 * 60 * 60 * 1000);
+    const expiredSub = (
+      await conn("subscribers")
+        .insert(
+          seeds.subscribers({
+            primary_verified: true,
+            fxa_session_expiry: twoYearsAgo,
+          }),
+        )
+        .returning("*")
+    )[0];
+    const hashes = [expiredSub.primary_sha1];
+    const actual = await getBreachNotificationSubscribersByHashes(hashes);
+    expect(actual.length).toEqual(0);
+  });
+
+  it("includes subscribers with fxa_session_expiry within the last year", async () => {
+    const sixMonthsAgo = new Date(
+      Date.now() - 0.5 * 365.25 * 24 * 60 * 60 * 1000,
+    );
+    const activeSub = (
+      await conn("subscribers")
+        .insert(
+          seeds.subscribers({
+            primary_verified: true,
+            fxa_session_expiry: sixMonthsAgo,
+          }),
+        )
+        .returning("*")
+    )[0];
+    const hashes = [activeSub.primary_sha1];
+    const actual = await getBreachNotificationSubscribersByHashes(hashes);
+    expect(actual.length).toEqual(1);
+    expect(actual[0]).toEqual(
+      expect.objectContaining({
+        subscriber_id: activeSub.id,
+        breached_email: activeSub.primary_email,
+      }),
+    );
+  });
+
+  it("excludes inactive subscribers via secondary email path", async () => {
+    const inactiveSub = (
+      await conn("subscribers")
+        .insert(
+          seeds.subscribers({
+            primary_verified: true,
+            fxa_session_expiry: null,
+          }),
+        )
+        .returning("*")
+    )[0];
+    const insertedEmails = await conn("email_addresses")
+      .insert([seeds.emails(inactiveSub.id, { verified: true })])
+      .returning("*");
+    const hashes = [insertedEmails[0].sha1];
+    const actual = await getBreachNotificationSubscribersByHashes(hashes);
+    expect(actual.length).toEqual(0);
+  });
+
+  it("returns only active subscribers when mixed with inactive ones", async () => {
+    const activeSub = (
+      await conn("subscribers")
+        .insert(
+          seeds.subscribers({
+            primary_verified: true,
+            fxa_session_expiry: recentSession,
+          }),
+        )
+        .returning("*")
+    )[0];
+    const inactiveSub = (
+      await conn("subscribers")
+        .insert(
+          seeds.subscribers({
+            primary_verified: true,
+            fxa_session_expiry: null,
+          }),
+        )
+        .returning("*")
+    )[0];
+    const hashes = [activeSub.primary_sha1, inactiveSub.primary_sha1];
+    const actual = await getBreachNotificationSubscribersByHashes(hashes);
+    expect(actual.length).toEqual(1);
+    expect(actual[0]).toEqual(
+      expect.objectContaining({
+        subscriber_id: activeSub.id,
+        breached_email: activeSub.primary_email,
+      }),
+    );
+  });
 });

src/db/models/BreachNotificationSubscriber.integration.ts

@@ -6,6 +6,8 @@ import { EmailAddressRow, SubscriberRow } from "knex/types/tables";
 import { getEmailAddressesByHashes } from "../tables/emailAddresses";
 import { getSubscribersByHashes } from "../tables/subscribers";
 
+const ACTIVE_USER_MAX_AGE_MS = 365.25 * 24 * 60 * 60 * 1000; // 1 year
+
 // Covered by integration tests but report is not combined
 // TODO: MNTOR-5117
 /* c8 ignore start */
@@ -23,32 +25,37 @@ export type BreachNotificationSubscriber = {
 export async function getBreachNotificationSubscribersByHashes(
   hashes: string[],
 ): Promise<BreachNotificationSubscriber[]> {
+  const activeFilter = { activeWithinMs: ACTIVE_USER_MAX_AGE_MS };
   // 2 sources of email address - the subscribers table and
   // email address table (containing additional emails)
   // First query if the primary email has been breached
-  const primary = (await getSubscribersByHashes(hashes)).map((row) => ({
-    subscriber_id: row.id,
-    all_emails_to_primary: row.all_emails_to_primary,
-    primary_email: row.primary_email,
-    breached_email: row.primary_email,
-    notification_email: row.primary_email,
-    signup_language: row.signup_language,
-    fxa_profile_json: row.fxa_profile_json,
-    fxa_uid: row.fxa_uid,
-  }));
+  const primary = (await getSubscribersByHashes(hashes, activeFilter)).map(
+    (row) => ({
+      subscriber_id: row.id,
+      all_emails_to_primary: row.all_emails_to_primary,
+      primary_email: row.primary_email,
+      breached_email: row.primary_email,
+      notification_email: row.primary_email,
+      signup_language: row.signup_language,
+      fxa_profile_json: row.fxa_profile_json,
+      fxa_uid: row.fxa_uid,
+    }),
+  );
   // Second for secondary emails (joined to subscriber record)
-  const secondary = (await getEmailAddressesByHashes(hashes)).map((row) => ({
-    subscriber_id: row.subscriber_id,
-    all_emails_to_primary: row.all_emails_to_primary,
-    primary_email: row.primary_email,
-    breached_email: row.email,
-    notification_email: row.all_emails_to_primary
-      ? row.primary_email
-      : row.email,
-    signup_language: row.signup_language,
-    fxa_profile_json: row.fxa_profile_json,
-    fxa_uid: row.fxa_uid,
-  }));
+  const secondary = (await getEmailAddressesByHashes(hashes, activeFilter)).map(
+    (row) => ({
+      subscriber_id: row.subscriber_id,
+      all_emails_to_primary: row.all_emails_to_primary,
+      primary_email: row.primary_email,
+      breached_email: row.email,
+      notification_email: row.all_emails_to_primary
+        ? row.primary_email
+        : row.email,
+      signup_language: row.signup_language,
+      fxa_profile_json: row.fxa_profile_json,
+      fxa_uid: row.fxa_uid,
+    }),
+  );
   return primary.concat(secondary);
 }
 /* c8 ignore stop */

src/db/models/BreachNotificationSubscriber.ts

@@ -328,11 +328,22 @@ async function removeOneSecondaryEmail(emailId: number, subscriberId: number) {
 
 // Not covered by tests; mostly side-effects. See test-coverage.md#mock-heavy
 /* c8 ignore start */
-async function getEmailAddressesByHashes(hashes: string[]) {
-  return await knex("email_addresses")
+async function getEmailAddressesByHashes(
+  hashes: string[],
+  options?: { activeWithinMs?: number },
+) {
+  const query = knex("email_addresses")
     .join("subscribers", "email_addresses.subscriber_id", "=", "subscribers.id")
     .whereIn("email_addresses.sha1", hashes)
     .andWhere("email_addresses.verified", "=", true);
+  if (options?.activeWithinMs !== undefined) {
+    query.andWhere(
+      "subscribers.fxa_session_expiry",
+      ">",
+      new Date(Date.now() - options.activeWithinMs),
+    );
+  }
+  return await query;
 }
 /* c8 ignore stop */
 

src/db/tables/emailAddresses.ts

@@ -16,10 +16,21 @@ const knex = createDbConnection();
 
 // Not covered by tests; mostly side-effects. See test-coverage.md#mock-heavy
 /* c8 ignore start */
-async function getSubscribersByHashes(hashes: string[]) {
-  return await knex("subscribers")
+async function getSubscribersByHashes(
+  hashes: string[],
+  options?: { activeWithinMs?: number },
+) {
+  const query = knex("subscribers")
     .whereIn("primary_sha1", hashes)
     .andWhere("primary_verified", "=", true);
+  if (options?.activeWithinMs !== undefined) {
+    query.andWhere(
+      "fxa_session_expiry",
+      ">",
+      new Date(Date.now() - options.activeWithinMs),
+    );
+  }
+  return await query;
 }
 /* c8 ignore stop */