Add user to Snowplow context

For more detailed analysis we need to track user id. As described at https://gitlab.com/gitlab-org/gitlab/-/issues/336779#considered-data-for-pseudonymization user_id should be pseudoanonymized. user_id emitting is disabled by default by a feature flag.

Add user to Snowplow context
For more detailed analysis we need to track user id. As described at https://gitlab.com/gitlab-org/gitlab/-/issues/336779#considered-data-for-pseudonymization user_id should be pseudoanonymized. user_id emitting is disabled by default by a feature flag.
e27b92a0 · Nikolay Belokolodov · Sean McGivern · 86541261 · e27b92a0 · e27b92a0
Commit e27b92a0 authored Oct 06, 2021 by Nikolay Belokolodov Committed by Sean McGivern Oct 06, 2021
6 changed files
--- a/config/feature_flags/development/add_actor_based_user_to_snowplow_tracking.yml
+++ b/config/feature_flags/development/add_actor_based_user_to_snowplow_tracking.yml
+---
+name: add_actor_based_user_to_snowplow_tracking
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71353
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/338150
+milestone: '14.4'
+type: development
+group: group::product intelligence
+default_enabled: false
--- a/ee/app/services/security/track_scan_service.rb
+++ b/ee/app/services/security/track_scan_service.rb
@@ -30,7 +30,7 @@ module Security
                               'scan',
                               context: [context],
                               idempotency_key: Digest::SHA256.hexdigest(idempotency_key),
-                               user: build.user_id,
+                               user: build.user,
                               project: build.project_id,
                               label: analyzer_id(report),
                               property: scan_type(report, report_type))

--- a/ee/spec/services/security/track_scan_service_spec.rb
+++ b/ee/spec/services/security/track_scan_service_spec.rb
@@ -43,7 +43,7 @@ RSpec.describe Security::TrackScanService do
                      }
                    }],
          idempotency_key: '82fc6391e4be61e03e51fa8c5c6bfc32b3d3f0065ad2fe0a01211606952b8d82',
-          user: user.id,
+          user: user,
          project: project.id,
          label: 'gitlab-dast',
          property: 'dast')
@@ -81,7 +81,7 @@ RSpec.describe Security::TrackScanService do
                      }
                    }],
          idempotency_key: '62bc6c62686b327dbf420f8891e1418406b60f49e574b6ff22f4d6a272dbc595',
-          user: user.id,
+          user: user,
          project: project.id,
          label: nil,
          property: 'dast')

--- a/lib/gitlab/tracking/standard_context.rb
+++ b/lib/gitlab/tracking/standard_context.rb
@@ -10,6 +10,7 @@ module Gitlab
        @namespace = namespace
        @plan = namespace&.actual_plan_name
        @project = project
+        @user = user
        @extra = extra
      end
@@ -35,7 +36,7 @@ module Gitlab
      private
-      attr_accessor :namespace, :project, :extra, :plan
+      attr_accessor :namespace, :project, :extra, :plan, :user
      def to_h
        {
@@ -44,6 +45,7 @@ module Gitlab
          plan: plan,
          extra: extra
        }.merge(project_and_namespace)
+         .merge(user_data)
      end
      def project_and_namespace
@@ -58,6 +60,10 @@ module Gitlab
      def project_id
        project.is_a?(Integer) ? project : project&.id
      end
+      def user_data
+        ::Feature.enabled?(:add_actor_based_user_to_snowplow_tracking, user) ? { user_id: user&.id } : {}
+      end
    end
  end
 end
--- a/spec/lib/gitlab/tracking/standard_context_spec.rb
+++ b/spec/lib/gitlab/tracking/standard_context_spec.rb
@@ -5,6 +5,7 @@ require 'spec_helper'
 RSpec.describe Gitlab::Tracking::StandardContext do
  let_it_be(:project) { create(:project) }
  let_it_be(:namespace) { create(:namespace) }
+  let_it_be(:user) { create(:user) }
  let(:snowplow_context) { subject.to_context }
@@ -87,8 +88,8 @@ RSpec.describe Gitlab::Tracking::StandardContext do
      end
    end
-    it 'does not contain user id' do
+    it 'contains user id' do
-      expect(snowplow_context.to_json[:data].keys).not_to include(:user_id)
+      expect(snowplow_context.to_json[:data].keys).to include(:user_id)
    end
    it 'contains namespace and project ids' do
@@ -104,8 +105,18 @@ RSpec.describe Gitlab::Tracking::StandardContext do
        stub_feature_flags(add_namespace_and_project_to_snowplow_tracking: false)
      end
-      it 'does not contain any ids' do
+      it 'does not contain project or namespace ids' do
-        expect(snowplow_context.to_json[:data].keys).not_to include(:user_id, :project_id, :namespace_id)
+        expect(snowplow_context.to_json[:data].keys).not_to include(:project_id, :namespace_id)
+      end
+    end
+    context 'without add_actor_based_user_to_snowplow_tracking feature' do
+      before do
+        stub_feature_flags(add_actor_based_user_to_snowplow_tracking: false)
+      end
+      it 'does not contain user_id' do
+        expect(snowplow_context.to_json[:data].keys).not_to include(:user_id)
      end
    end
  end

--- a/spec/lib/gitlab/tracking_spec.rb
+++ b/spec/lib/gitlab/tracking_spec.rb
@@ -48,7 +48,7 @@ RSpec.describe Gitlab::Tracking do
        other_context = double(:context)
        project = build_stubbed(:project)
-        user = double(:user)
+        user = build_stubbed(:user)
        expect(Gitlab::Tracking::StandardContext)
          .to receive(:new)