During build job, each step can not retrieve project level variables $USER_DEFINED_VARIABLE

Report from accounting. From the user records in May, June, there are two types of user records with vague send_receipt options.

1. NULL cardholder_name with yearly option of send_receipt
2. invalid or empty string cardholder_name with yearly option of send_receipt

Bullet 1 results from directly close the receipt form page after transaction
Bullet 2 might result from filling with incorrect information (possibly options misunderstanding from users)

After discussion with @taylrj , mark the default of send_receipt to no to reduce the vague records for accounting to deal with.

As of the context update of bookmark is removed in the commit, address the inconsistency in another approach. Possible solution might be retrieve the title and desc from the original post.

Need a way (e.g, script) to probe the Mysql service availability.

According to this line, the frontendRedirectUrl is

"https://" + envToDonationHost[globals.Conf.Environment] + "/contribute/" + f + "/" + orderNumber

To meet front-end's design, frontendRedirectUrl needs to be updated like (for reference only) :

"envToDonationProtocol[globals.Conf.Environment]://" + envToDonationHost[globals.Conf.Environment] + "/contribute/line/" + f + "/" + orderNumber

This is an example of frontendRedirectUrl in localhost:

http://localhost:3000/contribute/line/one_time/twreporter-156713555982111400001

Current Situation

/periodic-donations/:id
/donations/prime/:id
/donations/others/:id
are using user_id query param.
For example, the client would send the GET method request like following

Headers:
  Cookie: id_token=<id_token>
  Authorization: Bearer <access_token>

Endpoint:
  `https://go-api.twreporter.org/v1/periodic-dontaions/10?user_id=1`

Even though we uses middlewares/jwt.go ValidateAuthentication and ValidateAuthorization to valid the request. However, we are only checking donation.userID == c.Query('user_id'), not checking donation.userID == user_id in the access_token.payload.
Therefore, hackers can send malicious requests to get others' donation data.

Solution

Drop user_id query param.
Use user_id in the access_token.payload to validate the authorization.

According to the accounting staff, the send_receipt of periodic donation will not have value monthly.

In Narwhale, we cannot see the whole transaction information if the transaction has fail status.
Current code logic is in these lines for periodic donations, and these lines for one-time donations
We only record tapPayResp.Status and tapPayResp.Msg, lacks of other important information, such as rec_trade_id, bank_result_code , bank_result_msg ...etc.

Role Feature Deployment

Schedule

• 8/22 Feature toggle implementation (default false)
  • Feature toggle off test on staging
  • Feature toggle on test on staging
  • Migration test on staging
• 8/25 go-api production release
• 8/25 migration production release
• 8/31 cronjob production release
• 9/01 enable Feature toggle in production

go-api Release

• Create a PR to merge the staging branch into the release branch

Migration Release

1. Backup the database (or check the scheduled backup is up-to-date)
2. Connect to the database

gcloud sql connect twreporter-sql-db --user=membership_user --quiet

3. Run the migration script according to the README

Cronjob Release

mailchimp-sync cronjob is used for syncing DB mailing preferences to Mailchimp by API. Deployment is documented in
README.

Feature Toggle

edit configs/config.go

features:
    enable_rolemail: false

The role email feature is controlled by the enable_rolemail flag in the configs/config.go file. It will be set to false by default. To enable the role email feature, set the enable_rolemail flag to true.

• if enable_rolemail is false (default), then the role email feature is disabled.
• if enable_rolemail is true, then the role email feature is enabled.

When the feature is enabled, the role change email will be sent to the user's email address. When the feature is disabled, the role change email will not be sent out. Only log messages will be generated.

Production Release

To enable the role email feature in production, set the GOAPI_FEATURES_ENABLE_ROLEMAIL to true in the kubernetes-config

Trigger CircleCI pipeline (kubernetes kustomize)

In current situation, users receive success email when they are redirected to LINE payment page. However, they have not donated yet at this moment. The appropriate time that users receive the success email is when their donation get paid.

This PR includes fields required by line-pay that our go-api might need to support. Please have a see, @babygoat . Thanks.

Problem Description

According to the donation policy, we are going to add options for users to select whether their name would be publicized. There are two options, partially disclosed （例：王Ｏ明） or just show anonymous（例：無名氏）.

Therefore, we need to add a new field is_anonymous whose value is in type boolean for showing the anonymity of donation records. Note that true is for people who wish to remain anonymous, and false stands for people who agree to partially publicize their names.

References

• donation fields list