Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[$500] Bank account - Able to save phone number starting from = not + via WS Bank account connection #34766

Closed
3 of 6 tasks
lanitochka17 opened this issue Jan 18, 2024 · 16 comments
Assignees
Labels
Bug Something is broken. Auto assigns a BugZero manager. External Added to denote the issue can be worked on by a contributor Reviewing Has a PR in review Weekly KSv2

Comments

@lanitochka17
Copy link

lanitochka17 commented Jan 18, 2024

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!


Version Number: 1.4.27-1
Reproducible in staging?: Y
Reproducible in production?: Y
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Expensify/Expensify Issue URL:
Issue reported by: Applause - Internal Team
Slack conversation:

Action Performed:

  1. Go to https://staging.new.expensify.com/
  2. Navigate to the add bank account modal in Workspace settings
  3. Click on the Connect online with Plaid
  4. Select Chase bank
  5. Enter the test credentials
  6. Choose the savings account "Plaid Saving11122XXXXXX111"
  7. Save Chase bank account and go to the Company information
  8. In a Company find phone number and enter number starting not from + but from = (=15123456789)
  9. Fill out the fields with the required test credentials
  10. Click Save and continue button.

Expected Result:

User is able to save phone number starting from + via WS Bank account connection

Actual Result:

User is able to save phone number starting from = not + via WS Bank account connection

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

  • Android: Native
  • Android: mWeb Chrome
  • iOS: Native
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
  • MacOS: Desktop

Screenshots/Videos

Add any screenshot/video evidence

Bug6346953_1705607179949.Able_to_save_a_phone_number_starting_from.mp4

View all open jobs on GitHub

Upwork Automation - Do Not Edit
  • Upwork Job URL: https://www.upwork.com/jobs/~012299eb9b4898ac21
  • Upwork Job ID: 1748071347542683648
  • Last Price Increase: 2024-01-18
  • Automatic offers:
    • FitseTLT | Contributor | 28116411
@lanitochka17 lanitochka17 added External Added to denote the issue can be worked on by a contributor Daily KSv2 Bug Something is broken. Auto assigns a BugZero manager. labels Jan 18, 2024
@melvin-bot melvin-bot bot changed the title Bank account - Able to save phone number starting from = not + via WS Bank account connection [$500] Bank account - Able to save phone number starting from = not + via WS Bank account connection Jan 18, 2024
Copy link

melvin-bot bot commented Jan 18, 2024

Job added to Upwork: https://www.upwork.com/jobs/~012299eb9b4898ac21

Copy link

melvin-bot bot commented Jan 18, 2024

Triggered auto assignment to @sonialiap (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

@melvin-bot melvin-bot bot added the Help Wanted Apply this label when an issue is open to proposals by contributors label Jan 18, 2024
Copy link

melvin-bot bot commented Jan 18, 2024

Triggered auto assignment to Contributor-plus team member for initial proposal review - @mananjadhav (External)

@FitseTLT
Copy link
Contributor

FitseTLT commented Jan 18, 2024

Proposal

Please re-state the problem that we are trying to solve in this issue.

Bank account - Able to save phone number starting from = not + via WS Bank account connection

What is the root cause of that problem?

We are checking if it is valid US phone number here

if (values.companyPhone && !ValidationUtils.isValidUSPhone(values.companyPhone, true)) {
errors.companyPhone = 'bankAccount.error.phoneNumber';

But here
const parsedPhoneNumber = parsePhoneNumber(phone, {regionCode});
return parsedPhoneNumber.possible && parsedPhoneNumber.regionCode === CONST.COUNTRY.US;

b/c we pass it regionCode parsePhoneNumber returns valid (possible as true) although it starts with # (it will return invalid if you pass the same string without region code ) can be considered a bug from parsePhoneNumber and hence it not indicating the error message

What changes do you think we should make in order to solve the problem?

We should validate the number with Str.isValidPhone before we pass it to isValidUSPhone change it to

            if (values.companyPhone && (!Str.isValidPhone(values.companyPhone) || !ValidationUtils.isValidUSPhone(values.companyPhone, true))) {
            errors.companyPhone = 'bankAccount.error.phoneNumber';

or We can move the validating code inside ValidationUtils.isValidUSPhone as we use it in different places

What alternative solutions did you explore? (Optional)

the validation we can even implement it in our parsePhoneNumber

@ghost
Copy link

ghost commented Jan 18, 2024

Proposal

Please re-state the problem that we are trying to solve in this issue.

Bank account - Able to save phone number starting from = not + via WS Bank account connection

What is the root cause of that problem?

I think the root cause is :
We are checking if it is valid US phone number here

if (values.companyPhone && !ValidationUtils.isValidUSPhone(values.companyPhone, true)) {
errors.companyPhone = 'bankAccount.error.phoneNumber';
}

What changes do you think we should make in order to solve the problem?

We can do to fix it is in ValidationUtils, we can enhance the isValidUSPhone function to include a stricter validation for the phone number format before it gets parsed and checked by parsePhoneNumber. Specifically, you can add a regex check to ensure that the phone number starts with "+" when it includes a country code, or adheres to a valid US phone number format.

something like this in parsePhoneNumber

const regex = isCountryCodeOptional ? /^(\+\d{1,2})?\d{10}$/ : /^\+\d{1,2}\d{10}$/;

    if (!regex.test(phone)) {
        return false;
    }

What alternative solutions did you explore? (Optional)

Another solution would be in CompanyStep file:

  • Update the validation functions to allow "+" only, not "=".
  • Preprocess input to convert any "=" to "+" before validating.
if (values.companyPhone) {

  // Preprocess phone number
  values.companyPhone = values.companyPhone.replace(/^=/, '+');

  // Validate
  if (!Str.isValidPhone(values.companyPhone) || !ValidationUtils.isValidUSPhone(values.companyPhone, true)) {
    errors.companyPhone = 'bankAccount.error.phoneNumber'; 
  }

}

@ghost
Copy link

ghost commented Jan 18, 2024

Updated Proposal

@dukenv0307
Copy link
Contributor

Proposal

Please re-state the problem that we are trying to solve in this issue.

User is able to save phone number starting from = not + via WS Bank account connection

What is the root cause of that problem?

We validate phoneNumber using isValidUSPhone

if (values.companyPhone && !ValidationUtils.isValidUSPhone(values.companyPhone, true)) {

In this function, parsePhoneNumberreturn possible as true because it will remove the special character and check the number. So the US phone number starting with = still pass the validate function.

const parsedPhoneNumber = parsePhoneNumber(phone, {regionCode});
return parsedPhoneNumber.possible && parsedPhoneNumber.regionCode === CONST.COUNTRY.US;

What changes do you think we should make in order to solve the problem?

In isValidUSPhone function, we should add a check using Str.isValidPhone function to make sure it starts with + and possibly is the phone number. It's the same way as we check here and some other places when we check for the valid phone number

return parsedPhoneNumber.possible && parsedPhoneNumber.regionCode === CONST.COUNTRY.US && Str.isValidPhone(phoneNumber);

const parsedPhoneNumber = parsePhoneNumber(phone, {regionCode});
return parsedPhoneNumber.possible && parsedPhoneNumber.regionCode === CONST.COUNTRY.US;

*Note: I saw that we're using isValidUSPhone so we should check this function so all places in the app using it can work correctly.

What alternative solutions did you explore? (Optional)

We can create a util to check for valid phoneNumber and use it in all related places of the app to make the app consistent as well

@mananjadhav
Copy link
Collaborator

I think it's best we call the isValidPhone inside isValidUSPhone. Hence @FitseTLT's proposal looks good to me.

🎀 👀 🎀 C+ reviewed.

Copy link

melvin-bot bot commented Jan 20, 2024

Triggered auto assignment to @AndrewGable, see https://stackoverflow.com/c/expensify/questions/7972 for more details.

@melvin-bot melvin-bot bot added Overdue and removed Help Wanted Apply this label when an issue is open to proposals by contributors labels Jan 22, 2024
Copy link

melvin-bot bot commented Jan 22, 2024

📣 @FitseTLT 🎉 An offer has been automatically sent to your Upwork account for the Contributor role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job
Please accept the offer and leave a comment on the Github issue letting us know when we can expect a PR to be ready for review 🧑‍💻
Keep in mind: Code of Conduct | Contributing 📖

@sonialiap
Copy link
Contributor

Not overdue, a proposal was just accepted and contributor assigned

@mananjadhav
Copy link
Collaborator

PR was just raised few hours ago. Will review this PR today.

@mananjadhav
Copy link
Collaborator

@sonialiap This was deployed to production yesterday but the payout date wasn't updated.

@mananjadhav
Copy link
Collaborator

@sonialiap this should be ready for the payout today. I don't have any offending PR, we fixed this in the isValidUSPhone, we could've added when the method was added, not sure?

But I think it makes sense to add a regression test for this one. Here's the regression test steps:

  1. Open the App
  2. Navigate to the add bank account modal in Workspace settings
  3. Add a bank account.
  4. Go to the company information
  5. In a Company find phone number and enter number starting not from + but from = (=15123456789)
  6. And focus on the next input and Verify that Please enter a valid phone validation message is displayed.

@mallenexpensify
Copy link
Contributor

mallenexpensify commented Feb 13, 2024

Contributor: @FitseTLT paid $500 via Upwork
Contributor+: @mananjadhav due $500 via NewDot

TR GH - https://github.com/Expensify/Expensify/issues/369254

Thanks!!

@JmillsExpensify
Copy link

$500 approved for @mananjadhav based on summary above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug Something is broken. Auto assigns a BugZero manager. External Added to denote the issue can be worked on by a contributor Reviewing Has a PR in review Weekly KSv2
Projects
None yet
Development

No branches or pull requests

8 participants