Expensify / App

Welcome to New Expensify: a complete re-imagination of financial collaboration, centered around chat. Help us build the next generation of Expensify by sharing feedback and contributing to the code.
https://new.expensify.com
MIT License
4.03k stars 3.03k forks source link

Prevent self approvals #55740

Closed lakchote closed 1 week ago

lakchote commented 3 weeks ago

Explanation of Change

Implement the "Prevent Self-Approvals" mechanism in NewDot.

Video test

https://github.com/user-attachments/assets/b59b49c7-9685-421b-a9f3-ac0ffc3d95d7

Fixed Issues

$ https://github.com/Expensify/App/issues/53799

Tests

Prerequisites:

1. Basic Flow (No self approvers)

  1. Sign in as User A (the workspace owner).
  2. Go to Settings > Workspaces > Workflows > Rules.
  3. Enable approvals if not already enabled (so that “Prevent Self Approvals” can be toggled).
  4. In the Rules section, toggle Prevent Self Approvals.

Expected result: The toggle should turn on without any modal or warnings (because no one is self-approving in this scenario).

2. Verify Modal Trigger When a Member is Their Own Approver

  1. Sign in as User A (workspace owner).
  2. Under Workflows > Create a Rule so that User B is set as their own approver.
  3. Attempt to toggle Prevent Self Approvals ON.

Expected result: a modal appears because User B is self-approving. This modal says “Any members currently approving their own expenses will be removed and replaced with the default approver for this workspace ({defaultWorkspaceOwnerEmail}).". {defaultWorkspaceOwnerEmail} should be replaced by the default workspace approver/owner.

  1. Confirm the modal, the toggle should be ON.
  2. Go to Workflows.

Expected results: The workflow where user B was self approving should have been removed. The workflow that remains should be the default one where all workspace members submits to the workspace approver.

3. Workspace with several members become a workspace with only one member

Prerequisite: having a workspace with Prevent self approvals enabled

  1. Go to the Workspace's Members page
  2. Remove several members so that ONLY one member remain (the workspace owner)
  3. Go to the Rules section
  4. Verify Prevent self approvals got disabled
  5. Verify you see a system message in the #admins room of that workspace, that says Prevent self approvals got disabled

4. Check we can't enable the feature if there's only one user (the workspace owner)

  1. As an admin (user A), create a Control policy where there are no other members
  2. Go to Rules
  3. Verify you can't toggle on the feature and you see the following message: image

5. Check Spanish Translations

  1. Switch the app's language to Spanish.
  2. Repeat scenario 2 and ensure that this message is translated in Spanish:

“Any members currently approving their own expenses will be removed and replaced with the default approver for this workspace ({defaultWorkspaceOwnerEmail})."

Offline tests

  1. Go to Settings > Troubleshoot > Force offline
  2. Perform the same steps as in the video test above
  3. You should have the same expected results
  4. Go back online
  5. The results should stay the same

QA Steps

Same as in tests

PR Author Checklist

Screenshots/Videos

Android: Native
Android: mWeb Chrome
iOS: Native
iOS: mWeb Safari
MacOS: Chrome / Safari https://github.com/user-attachments/assets/b59b49c7-9685-421b-a9f3-ac0ffc3d95d7
MacOS: Desktop
lakchote commented 2 weeks ago

Spanish translation review requested here.

github-actions[bot] commented 2 weeks ago

🚧 @lakchote has triggered a test build. You can view the workflow run here.

melvin-bot[bot] commented 2 weeks ago

@dannymcclain @alitoshmatov One of you needs to copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

github-actions[bot] commented 2 weeks ago
:test_tube::test_tube: Use the links below to test this adhoc build on Android, iOS, Desktop, and Web. Happy testing! :test_tube::test_tube: Android :robot: iOS :apple:
https://ad-hoc-expensify-cash.s3.amazonaws.com/android/55740/index.html https://ad-hoc-expensify-cash.s3.amazonaws.com/ios/55740/index.html
Android iOS
Desktop :computer: Web :spider_web:
https://ad-hoc-expensify-cash.s3.amazonaws.com/desktop/55740/NewExpensify.dmg https://55740.pr-testing.expensify.com
Desktop Web

:eyes: View the workflow run that generated this build :eyes:

lakchote commented 2 weeks ago

🧪🧪 Use the links below to test this adhoc build on Android, iOS, Desktop, and Web. Happy testing! 🧪🧪

@trjExpensify @JmillsExpensify @dannymcclain you can test it out here 👆

trjExpensify commented 2 weeks ago

Do we need to add a test to the QA steps to cover the existing submitted report case? I take it we want to handle this like any other approval workflow change after a report has already been submitted?

Existing submitted report

  1. As the approver (userB) submit a report on the workspace
  2. As the admin (userA), enable prevent self-approvals
  3. As userB, verify you still see an Approve button on the submitted report
  4. as userB, approve the report
  5. Verify the report is approved and forwarded to userA for approval (because the workflow has now changed).
  6. As userA, approve the report.
  7. Verify the report is final approved.
lakchote commented 2 weeks ago

Do we need to add a test to the QA steps to cover the existing submitted report case? I take it we want to handle this like any other approval workflow change after a report has already been submitted?

Yes, good idea. I've added it to the QA steps.

github-actions[bot] commented 2 weeks ago

🚧 @lakchote has triggered a test build. You can view the workflow run here.

github-actions[bot] commented 2 weeks ago
:test_tube::test_tube: Use the links below to test this adhoc build on Android, iOS, Desktop, and Web. Happy testing! :test_tube::test_tube: Android :robot: iOS :apple:
https://ad-hoc-expensify-cash.s3.amazonaws.com/android/55740/index.html ❌ FAILED ❌
Android The QR code can't be generated, because the iOS build failed
Desktop :computer: Web :spider_web:
https://ad-hoc-expensify-cash.s3.amazonaws.com/desktop/55740/NewExpensify.dmg https://55740.pr-testing.expensify.com
Desktop Web

:eyes: View the workflow run that generated this build :eyes:

github-actions[bot] commented 2 weeks ago

🚧 @lakchote has triggered a test build. You can view the workflow run here.

github-actions[bot] commented 2 weeks ago
:test_tube::test_tube: Use the links below to test this adhoc build on Android, iOS, Desktop, and Web. Happy testing! :test_tube::test_tube: Android :robot: iOS :apple:
https://ad-hoc-expensify-cash.s3.amazonaws.com/android/55740/index.html https://ad-hoc-expensify-cash.s3.amazonaws.com/ios/55740/index.html
Android iOS
Desktop :computer: Web :spider_web:
https://ad-hoc-expensify-cash.s3.amazonaws.com/desktop/55740/NewExpensify.dmg https://55740.pr-testing.expensify.com
Desktop Web

:eyes: View the workflow run that generated this build :eyes:

lakchote commented 2 weeks ago

Added a QA step for the case where there is only the workspace owner in the workspace.

@trjExpensify @JmillsExpensify @dannymcclain feel free to test out the feature with the links just above

dannymcclain commented 2 weeks ago

cc @Expensify/design as well ☝️

shawnborton commented 2 weeks ago

What happens if you have this enabled, but then you try to set up a new approval workflow where someone approves to themselves? Is that possible, and if so, do we throw an error?

lakchote commented 2 weeks ago

What happens if you have this enabled, but then you try to set up a new approval workflow where someone approves to themselves? Is that possible, and if so, do we throw an error?

It's not a possible option. Self approvers are not shown anymore once the feature is enabled:

https://github.com/user-attachments/assets/c7774b76-aaa3-4c8d-b8c1-69d3a4fbb2c1

shawnborton commented 2 weeks ago

Awesome, that answers my question!

dannymcclain commented 2 weeks ago

I feel like this is looking good! @Expensify/design any other thoughts?

shawnborton commented 2 weeks ago

All good on my end 👍

dubielzyk-expensify commented 2 weeks ago

No notes from me 👍

lakchote commented 2 weeks ago

Great! Thank you Design team 😄

@alitoshmatov can you review the PR Please?

lakchote commented 2 weeks ago

Also @dannymcclain could you please approve the PR?

alitoshmatov commented 2 weeks ago

@lakchote When all members are removed from workspace while prevent self approval is enabled what should be expected result? Right now it is still enabled.

alitoshmatov commented 2 weeks ago

Also when testing 3rd case from QA Tests following is happening:

  1. User B has self approval workflow where it approves their own requests
  2. Make request as user B
  3. Approve button is visible
  4. As user A(owner) enable Prevent self approval which warns about removing current workflow with self approval
  5. User A Confirms and Prevent self approval is enabled

Now user B can see Approve button but it is disabled User A has no Approve button, and sees Waiting for User B to approve expense(s).. Now this particular request is stuck in this status until Prevent self approval is disabled

edit: This is also happening when default approver submits a request and then owner enabled Prevent self-approval see 2nd video

1-video

https://github.com/user-attachments/assets/ef9258ae-4651-479b-b960-ee3b2fd0d311

2-video

https://github.com/user-attachments/assets/fead6c6f-98b5-414f-9dc6-f8f2aae4fe7d

lakchote commented 2 weeks ago

@lakchote When all members are removed from workspace while prevent self approval is enabled what should be expected result? Right now it is still enabled.

Fixed in https://github.com/Expensify/App/pull/55740/commits/0c2e7e02b8bdddbb97b6a16a66aefa6756380613

lakchote commented 2 weeks ago

Also when testing 3rd case from QA Tests following is happening:

  1. User B has self approval workflow where it approves their own requests
  2. Make request as user B
  3. Approve button is visible
  4. As user A(owner) enable Prevent self approval which warns about removing current workflow with self approval
  5. User A Confirms and Prevent self approval is enabled

Now user B can see Approve button but it is disabled User A has no Approve button, and sees Waiting for User B to approve expense(s).. Now this particular request is stuck in this status until Prevent self approval is disabled

Speaking of what @alitoshmatov reported, the workflow mentioned here @trjExpensify is not what is currently happening now with the "Prevent Self Approvals" feature. However, this is preexisting from this PR - this PR aimed to introduce the modal logic that is.

Here is what it'll look like for user A (policy owner) after enabling "Prevent self approvals":

Screenshot 2025-01-29 at 16 24 35

As you can see the next steps are wrong...

Here is what it'll look like for user B (admin that was previously self-approving): Screenshot 2025-01-29 at 16 24 30

As you can see it has not the correct behavior you did expect (he can't approve the report to be automatically forwarded to policy's owner)?

It seems like there's a business logic/implementation problem, next steps aren't handled properly.

cc @BrtqKr since you've authored the Rules migration logic in this PR

trjExpensify commented 2 weeks ago

Speaking of what @alitoshmatov reported, the workflow mentioned https://github.com/Expensify/App/pull/55740#issuecomment-2615642023 @trjExpensify is not what is currently happening now with the "Prevent Self Approvals" feature

Is that not how OldDot handles the same scenario for submitted reports when the prevent self approval setting is enabled?

lakchote commented 1 week ago

Speaking of what @alitoshmatov reported, the workflow mentioned #55740 (comment) @trjExpensify is not what is currently happening now with the "Prevent Self Approvals" feature

Is that not how OldDot handles the same scenario for submitted reports when the prevent self approval setting is enabled?

Next steps will be solved in Auth as per Jason's comment here. The scope of this issue should limit itself to the modal that shows whenever trigger conditions for "Prevent Self Approvals" are there.

alitoshmatov commented 1 week ago

@lakchote Can you resolve the conflicts

alitoshmatov commented 1 week ago

The changes look good.

alitoshmatov commented 1 week ago

Reviewer Checklist

Screenshots/Videos

Android: Native https://github.com/user-attachments/assets/623480d2-21f1-424b-bd20-354bfc1b12ef
Android: mWeb Chrome https://github.com/user-attachments/assets/fad7f97b-f852-41ca-990d-d22253e5bd11
iOS: Native https://github.com/user-attachments/assets/3364a3d6-daff-4e00-86cf-a8c74a5a0876
iOS: mWeb Safari https://github.com/user-attachments/assets/9dd5c98e-4a32-4b31-8d5a-8da7b2cc7faa
MacOS: Chrome / Safari https://github.com/user-attachments/assets/f491e480-0a34-4a87-973b-ad237232bc4f
MacOS: Desktop https://github.com/user-attachments/assets/c2ae230a-fa3b-42a6-86ee-d5458372b00c
melvin-bot[bot] commented 1 week ago

@marioexpensify Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

MarioExpensify commented 1 week ago

Nice!! I'll review this later today / early tomorrow. Thank you 😄

lakchote commented 1 week ago

@MarioExpensify if you could review this today that'd be great!

MarioExpensify commented 1 week ago

@lakchote Yep, I'm on it right now. Can you please merge main? It seems there are conflicts 😞

lakchote commented 1 week ago

The conflicts are going to be fun to handle. I'll report back when you can merge 😅

lakchote commented 1 week ago

@MarioExpensify ready for review again!

OSBotify commented 1 week ago

:hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.

github-actions[bot] commented 6 days ago

🚀 Deployed to staging by https://github.com/MarioExpensify in version: 9.0.96-0 🚀

platform result
🤖 android 🤖 success ✅
🖥 desktop 🖥 success ✅
🍎 iOS 🍎 success ✅
🕸 web 🕸 success ✅
🤖🔄 android HybridApp 🤖🔄 success ✅
🍎🔄 iOS HybridApp 🍎🔄 success ✅
IuliiaHerets commented 5 days ago

This PR is failing because of issue #56644, https://github.com/Expensify/App/issues/56645

lakchote commented 5 days ago

This PR is failing because of issue #56644, #56645

I'll be handling these two issues.

github-actions[bot] commented 5 days ago

🚀 Deployed to production by https://github.com/Julesssss in version: 9.0.96-1 🚀

platform result
🤖 android 🤖 true ❌
🖥 desktop 🖥 success ✅
🍎 iOS 🍎 success ✅
🕸 web 🕸 success ✅
🤖🔄 android HybridApp 🤖🔄 failure ❌
🍎🔄 iOS HybridApp 🍎🔄 failure ❌