Class: Privacy::DeletionRequest

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• Privacy::DeletionRequest

Defined in:

app/models/privacy/deletion_request.rb

Overview

AR model: durable audit row for a data-deletion request.

Constant Summary

SOURCES =

Where the request originated. New sources are added here as we wire up
additional providers (Google, Apple, LinkedIn) or intake channels.

%w[facebook_callback manual_email manual_postal crm].freeze

Constants included from Schedulable

Schedulable::SIMPLE_FORM_OPTIONS

Instance Attribute Summary

• #account_lookup ⇒ Object

  Virtual attributes used only by the admin manual-entry form.

• #confirmation_code ⇒ Object readonly
• #contact_email ⇒ Object

  Virtual attributes used only by the admin manual-entry form.

• #intake_notes ⇒ Object

  Virtual attributes used only by the admin manual-entry form.

• #requested_at ⇒ Object readonly
• #require_account ⇒ Object

  Virtual attributes used only by the admin manual-entry form.

• #source ⇒ Object readonly

Belongs to

• #account ⇒ Account
• #party ⇒ Party
• #reviewed_by ⇒ Account

Class Method Summary

• .awaiting_processing ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

  A relation of Privacy::DeletionRequests that are awaiting processing.

• .needs_review ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

  A relation of Privacy::DeletionRequests that are needs review.

• .ransackable_associations(_auth_object = nil) ⇒ Object
• .ransackable_attributes(_auth_object = nil) ⇒ Object

  Ransack — admin search by these attributes only.

• .recent ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

  A relation of Privacy::DeletionRequests that are recent.

• .terminal ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

  A relation of Privacy::DeletionRequests that are terminal.

Instance Method Summary

• #resolve_facebook_account! ⇒ Authentication^?

  Facebook UID → existing Authentication row, or nil.

Methods inherited from ApplicationRecord

ransackable_scopes, ransortable_attributes, #to_relation

Methods included from Schedulable

config

Methods included from Models::AfterCommittable

#after_commit

Methods included from Models::EventPublishable

#publish_event

Instance Attribute Details

#account_lookup ⇒ Object

Virtual attributes used only by the admin manual-entry form. None of
them are persisted directly — account_lookup resolves to
account_id/party_id, contact_email + intake_notes are folded
into the data jsonb, and require_account is a UX guard.

# File 'app/models/privacy/deletion_request.rb', line 55

def account_lookup
  @account_lookup
end

#confirmation_code ⇒ Object (readonly)

# File 'app/models/privacy/deletion_request.rb', line 67

validates :confirmation_code, presence: true, uniqueness: true

#contact_email ⇒ Object

Virtual attributes used only by the admin manual-entry form. None of
them are persisted directly — account_lookup resolves to
account_id/party_id, contact_email + intake_notes are folded
into the data jsonb, and require_account is a UX guard.

# File 'app/models/privacy/deletion_request.rb', line 55

def contact_email
  @contact_email
end

#intake_notes ⇒ Object

Virtual attributes used only by the admin manual-entry form. None of
them are persisted directly — account_lookup resolves to
account_id/party_id, contact_email + intake_notes are folded
into the data jsonb, and require_account is a UX guard.

# File 'app/models/privacy/deletion_request.rb', line 55

def intake_notes
  @intake_notes
end

#requested_at ⇒ Object (readonly)

# File 'app/models/privacy/deletion_request.rb', line 68

validates :requested_at,      presence: true

#require_account ⇒ Object

Virtual attributes used only by the admin manual-entry form. None of
them are persisted directly — account_lookup resolves to
account_id/party_id, contact_email + intake_notes are folded
into the data jsonb, and require_account is a UX guard.

# File 'app/models/privacy/deletion_request.rb', line 55

def require_account
  @require_account
end

#source ⇒ Object (readonly)

# File 'app/models/privacy/deletion_request.rb', line 66

validates :source,            presence: true, inclusion: { in: SOURCES }

Class Method Details

.awaiting_processing ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

A relation of Privacy::DeletionRequests that are awaiting processing. Active Record Scope

Returns:

• (ActiveRecord::Relation<Privacy::DeletionRequest>)

See Also:

• ActiveRecord::Scoping

# File 'app/models/privacy/deletion_request.rb', line 132

scope :awaiting_processing, -> { where(state: 'pending') }

.needs_review ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

A relation of Privacy::DeletionRequests that are needs review. Active Record Scope

Returns:

• (ActiveRecord::Relation<Privacy::DeletionRequest>)

See Also:

• ActiveRecord::Scoping

# File 'app/models/privacy/deletion_request.rb', line 133

scope :needs_review,        -> { where(state: %w[held_for_review failed]) }

.ransackable_associations(_auth_object = nil) ⇒ Object

# File 'app/models/privacy/deletion_request.rb', line 155

def self.ransackable_associations(_auth_object = nil)
  %w[account party reviewed_by]
end

.ransackable_attributes(_auth_object = nil) ⇒ Object

Ransack — admin search by these attributes only.

# File 'app/models/privacy/deletion_request.rb', line 151

def self.ransackable_attributes(_auth_object = nil)
  %w[id source state external_user_id confirmation_code account_id party_id requested_at processed_at created_at updated_at]
end

.recent ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

A relation of Privacy::DeletionRequests that are recent. Active Record Scope

Returns:

• (ActiveRecord::Relation<Privacy::DeletionRequest>)

See Also:

• ActiveRecord::Scoping

# File 'app/models/privacy/deletion_request.rb', line 135

scope :recent,              ->(window = 30.days) { where(requested_at: window.ago..).order(requested_at: :desc) }

.terminal ⇒ ActiveRecord::Relation<Privacy::DeletionRequest>

A relation of Privacy::DeletionRequests that are terminal. Active Record Scope

Returns:

• (ActiveRecord::Relation<Privacy::DeletionRequest>)

See Also:

• ActiveRecord::Scoping

# File 'app/models/privacy/deletion_request.rb', line 134

scope :terminal,            -> { where(state: %w[completed declined no_account_found]) }

Instance Method Details

#account ⇒ Account

Returns:

• (Account)

See Also:

• ActiveRecord::Associations

# File 'app/models/privacy/deletion_request.rb', line 57

belongs_to :account,     optional: true

#party ⇒ Party

Returns:

• (Party)

See Also:

• ActiveRecord::Associations

# File 'app/models/privacy/deletion_request.rb', line 58

belongs_to :party,       optional: true

#resolve_facebook_account! ⇒ Authentication^?

Facebook UID → existing Authentication row, or nil.
Resolves the Account + Party association columns when there's a match.

Returns:

• (Authentication, nil)

# File 'app/models/privacy/deletion_request.rb', line 140

def resolve_facebook_account!
  return nil unless source == 'facebook_callback' && external_user_id.present?

  auth = Authentication.find_by(provider: 'facebook', uid: external_user_id)
  return nil unless auth

  update!(account_id: auth.account_id, party_id: auth.account&.party_id)
  auth
end

#reviewed_by ⇒ Account

Returns:

• (Account)

See Also:

• ActiveRecord::Associations

# File 'app/models/privacy/deletion_request.rb', line 59

belongs_to :reviewed_by, class_name: 'Account', optional: true