search

communitybridge / easycla

The Contributor License Agreement (CLA) service of the Linux Foundation lets project contributors read, sign, and submit contributor license agreements easily.
https://easycla.lfx.linuxfoundation.org
MIT License
64 stars 45 forks source link

GitLab user signature appears Authorized at corporate cla console while user terminated ecla process at docu-singed stage #3937

Open thakurveerendras opened 1 year ago

thakurveerendras commented 1 year ago

Summary

GitLab user signature appears Authorized at corporate cla console while user terminated ecla process at docu-singed stage

Background

  1. Login CD & PCC
  2. Add GitLab user under approval list
  3. Create GitLab MR
  4. Click on Please click here to be authorized. options
  5. Chose process as Corporate Contributor
  6. Search company say Infosys Limited
  7. See-ICLA required appears
  8. Process next & terminate process at docusigned page

MR : https://gitlab.com/childearthgroup/project1/-/merge_requests/1

Actual behavior

GitLab user signature appears Authorized at corporate cla console while user terminated ecla process at docu-singed stage

Expected behavior

User should not Authorized on above case, working fine at PCC signature table

Screenshots

image image

umeshlumbhani247 commented 1 year ago

@thakurveerendras Is it still reproducible ? Please confirm it. On our call, we could not get the similar issue.

thakurveerendras commented 1 year ago

MR : https://gitlab.com/gitlabcommenttest/repo/-/merge_requests/7 Issue : https://github.com/communitybridge/easycla/issues/3937 Current behavior : Contributor records not created when user performed ECLA process image

umeshlumbhani247 commented 1 year ago

@thakurveerendras According to our call, I could generate duplicate case and working on it.

umeshlumbhani247 commented 1 year ago

@thakurveerendras I found another issue, While going to sign CLA, getting below error: problem initiating sign request for :{HTTPRequest:0xc001d13100 XREQUESTID:0xc00070d880 GitlabRepositoryID:44953039 MergeRequestID:9 OrganizationID:bf020d98-b195-450b-9750-ee3f88523e8d}

Please find below ss: https-api-gw-dev-platform-linuxfoundation-org-cla-service-v4-repository-provider-gitlab-sign-bf020d98-b195-450b-9750-ee3f88523e8d-44953039-9-

umeshlumbhani247 commented 1 year ago

@thakurveerendras I have investigated in both, gitlab as well as github too. In both side, I could observed same behaviour in both. On backend side, it's giving proper response. No any issue is there, we need to handle this from front end side. In Current implementation we have handled last-signature API response only, if it's null then it shows prompt box and proceed for ICLA signature which is expected, but while getting response from last-signature API, then also need to validate flag : "requires_resigning" Please find below screenshot for more information.

Screenshot-from-2023-06-22-17-10-09

@amolsontakke3576 Can you look at this issue ?

amolsontakke3576 commented 1 year ago

@umeshlumbhani247 I have tested the flow and when user declined ICLA docusign (by hitting back button from docusign page without completing the submission) and tried again to signing, I got requires_resigning flag false but ideally it should be true

image

thakurveerendras commented 1 year ago

Confirmed requires_resigning: false & signature_approved: true on API response, @umeshlumbhani247 kindly review it

{ "auto_create_ecla": false, "date_created": "2023-06-23T11:27:59.256137+0000", "date_modified": "2023-06-23T11:28:39.410237+0000", "domain_whitelist": null, "email_whitelist": null, "github_org_whitelist": null, "github_whitelist": null, "gitlab_org_approval_list": null, "gitlab_username_approval_list": null, "note": null, "signatory_name": null, "signature_acl": [ "gitlab:9810034" ], "signature_approved": true, "signature_callback_url": "https://api.lfcla.dev.platform.linuxfoundation.org/v2/signed/gitlab/individual/b76d0cb3-d1da-11ed-8d48-7e99d773176c/d9680751-31ac-444c-aba6-39f0dadd2aca/44684682/7", "signature_company_initial_manager_email": null, "signature_company_initial_manager_id": null, "signature_company_initial_manager_name": null, "signature_company_secondary_manager_list": null, "signature_company_signatory_email": null, "signature_company_signatory_id": null, "signature_company_signatory_name": null, "signature_document_major_version": "2", "signature_document_minor_version": "1", "signature_envelope_id": "cdcee42e-dc19-4dc5-80a0-a076fcb18675", "signature_external_id": null, "signature_id": "a9d8dcba-b3be-4a30-ac2f-f7c368c21238", "signature_project_external_id": null, "signature_project_id": "01af041c-fa69-4052-a23c-fb8c1d3bef24", "signature_reference_id": "b76d0cb3-d1da-11ed-8d48-7e99d773176c", "signature_reference_name": "vthakur singh", "signature_reference_name_lower": "vthakur singh", "signature_reference_type": "user", "signature_return_url": "https://gitlab.com/gitlabcommenttest/repo/-/merge_requests/7", "signature_return_url_type": "Gitlab", "signature_sign_url": "https://demo.docusign.net/Signing/MTRedeem/v1/ad5ddfde-6163-463f-8ad8-0d91832d7055?slt=eyJ0eXAiOiJNVCIsImFsZyI6IlJTMjU2Iiwia2lkIjoiNjgxODVmZjEtNGU1MS00Y2U5LWFmMWMtNjg5ODEyMjAzMzE3In0.AQYAAAABAAMABwCAzbv93HPbSAgAgG3NhP5z20gYAAEAAAAAAAAAIQC9AgAAeyJUb2tlbklkIjoiYzMyZjkwZDAtOGYyMy00MzZhLWFlNTctN2Q1MDgxZGRkZjAxIiwiRXhwaXJhdGlvbiI6IjIwMjMtMDYtMjNUMTE6MzM6MzkrMDA6MDAiLCJJc3N1ZWRBdCI6IjIwMjMtMDYtMjNUMTE6Mjg6MzkuMzI3ODc4NyswMDowMCIsIlJlc291cmNlSWQiOiJjZGNlZTQyZS1kYzE5LTRkYzUtODBhMC1hMDc2ZmNiMTg2NzUiLCJSZXNvdXJjZXMiOiJ7XCJFbnZlbG9wZUlkXCI6XCJjZGNlZTQyZS1kYzE5LTRkYzUtODBhMC1hMDc2ZmNiMTg2NzVcIixcIkFjdG9yVXNlcklkXCI6XCJhMjYyZWRiMy1mN2YzLTQ5ZTUtYmVkNy00YTNkZjYzNTc2MGRcIixcIlJlY2lwaWVudElkXCI6XCI5NWExY2UzOS05ODFhLTRlYTMtOGM0Zi04N2Q0ODUxODFhZDRcIixcIkZha2VRdWVyeVN0cmluZ1wiOlwidD0wZmU5Y2YwZi05ODRhLTRiNmUtYjM5Mi1kZjJhYTg2ZjMzNTJcIixcIkludGVncmF0b3JLZXlcIjpcIjZlODQwMmNjLTg5ZGEtNGMwMi04NzY0LWU1MjE2N2JjNmRhMFwifSIsIlRva2VuVHlwZSI6MSwiQXVkaWVuY2UiOiIyNWUwOTM5OC0wMzQ0LTQ5MGMtOGU1My0zYWIyY2E1NjI3YmYiLCJSZWRpcmVjdFVyaSI6Imh0dHBzOi8vZGVtby5kb2N1c2lnbi5uZXQvU2lnbmluZy9TdGFydEluU2Vzc2lvbi5hc3B4IiwiSGFzaEFsZ29yaXRobSI6MCwiSGFzaFJvdW5kcyI6MCwiVG9rZW5TdGF0dXMiOjAsIklzU2luZ2xlVXNlIjpmYWxzZX0_AACV86_dc9tI.aZhXqCAuW7Prj7SGfqaXqyOizkf3pIJiq--9XOW3FiXGJgxZaWgj1Z-SvBeWZh10622ouQd-bqEpuk75EJoxNfYnFCykXGggofac1mLTWvCDcwlYrUghfAkD2P6H7kxIK61e-LBEWKTOIOT5sxCH_YJ43h04QfaBJGk5dKS98_rrjEwjkXcT6gmCOaIZrlxtEOKGoW0vbMNyLW5j9QWvlYkJDy2Tc9Wg7eAEaT4mVwW-AzwMDc3TPnfR_9sQLGfEKetIPu-cPfFcC-5NapYiBo9-f_xmubX80Lpl11StIcsBMvqETRVViYATCKo7n3zRyHH_mLijyZxgsXKxLeawlA", "signature_signed": false, "signature_type": "cla", "signature_user_ccla_company_id": null, "signed_on": null, "signing_entity_name": null, "sigtype_signed_approved_id": "icla#false#true#b76d0cb3-d1da-11ed-8d48-7e99d773176c", "user_docusign_date_signed": null, "user_docusign_name": null, "user_email": "vthakur@contractor.linuxfoundation.org", "user_github_username": null, "user_lf_username": null, "user_name": "vthakur singh", "version": "v1", "latest_document_major_version": "2", "latest_document_minor_version": "1", "requires_resigning": false }

thakurveerendras commented 1 year ago

Hi @umeshlumbhani247 Now Authorized appears when user close docu-signed prompt , Refer video clip :

https://github.com/communitybridge/easycla/assets/75417507/a3eec830-70c6-4900-b14e-3dd77ea44bd4

umeshlumbhani247 commented 1 year ago

@thakurveerendras You are looking at ECLA contributor acknowledgement , which is authorised because ECLA is signed and approved by default as you have added gitlab username in a approved contributor list. But here your CLA group required ECLA as well as ICLA so your PR seems blocked. While in CD , It is showing authorised because it's ECLA record only. CC: @nickmango

thakurveerendras commented 1 year ago

Hello @dealako , @jarias-lfx Requesting you to review issue #3937 & let us know the desired behavior CC: @mlehotskylf