Openfoodnetwork: Private shop bug 1: if I add a customer before he has an OFN account, he can't access the shop after sign up.

ref discussion on community: https://community.openfoodnetwork.org/t/private-shop-issues/866/2

@Em-AK would you like to have a fun and have a look at it, just to start getting your head on the OFN again? ;-)

Yes @myriamboure I'm on it.

Awesome thank you @Em-AK !!!

@Em-AK and @oeoeaio . I came across this bug again while testing Standing Orders. I think it will be important that this bug gets fixed before standing orders launches because when people start to use standing orders they will likely setup accounts and standing orders for their customers, so we need to be sure that those customers will be able to login.

probably tag Danni as well Sally so it’s on her radar for scheduling?

On 10 May 2017, at 11:01 AM, Sally notifications@github.com wrote:

@Em-AK https://github.com/Em-AK and @oeoeaio https://github.com/oeoeaio . I came across this bug again while testing Standing Orders. I think it will be important that this bug gets fixed before standing orders launches because when people start to use standing orders they will likely setup accounts and standing orders for their customers, so we need to be sure that those customers will be able to login.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub https://github.com/openfoodfoundation/openfoodnetwork/issues/1493#issuecomment-300344040, or mute the thread https://github.com/notifications/unsubscribe-auth/ACxryOJa3wE0j0H40xpsEMocjxj5r5Aaks5r4QxSgaJpZM4MiPKP.

@daniellemoorhead can we consider this in scheduling?

Hi @daniellemoorhead and others working on this.
Is there any update? We face this in the UK reasonably often and need it fixed too.
Let me know if we can contribute anything useful :-)

@lin-d-hop see this is part of the epic on email confirmation https://github.com/openfoodfoundation/openfoodnetwork/issues/1588

@myriamboure @sstead do we need to consider this bug as part of the email confirmation work?

Yes sure @daniellemoorhead ! It should be covered by what we will do, but maybe we should wait for the job to be done and check before closing ?

Note to self, and any Aus people in case this gets pushed while I'm away. Kemmy has had to turn her shop from private to public due to this bug, so let her know once the fix is in. She's receiving a few unwanted orders.

@Matt-Yorkley @mkllnk I'm just checking on this - it will be fixed with the changes we're making in the email confirmation work, yes?

@daniellemoorhead I hadn't seen this one before. It almost seems like a separate issue to the email confirmation work, but yes it can be done alongside it.

Thanks @Matt-Yorkley I think it's pretty important. @myriamboure will definitely want this to be done between yourself and @ltrls as part of the work 😄

Yes, definitely ! Please go ahead if you have space @Matt-Yorkley this is a top priority for us! If that makes sense to pair with @ltrls do it, else just go ahead !

@ltrls just a suggestion - maybe set a fixed amount of time for you to understand this problem and what's causing it and what a potential solution is? That way @myriamboure and/or @RachL can chat with you about what you find and understand the amount of time you think you'll need to fix it.

I've pretty much found what's causing it but I'm unsure about the solution:
The customers table has no email field but a user_id foreign key, so when we add a customer, a Customer model's before_create hook looks for a user with the given email and saves it in the user_id field.
We need to save the email somewhere so that we can associate the customer later, when someone registers a user with the same email.
We could add a field in the customers table (awaiting_email or something like that? my bad english makes naming things even harder ><). I guess that would be better than having a table just for this, as having a null field for all other customers wouldn't be significant right?

@mkllnk @Matt-Yorkley any thoughts on how to solve this ☝️

So if I enter an email for someone who has not yet an account in a customer list, there is a bug, he can't access the shop if he creates his account after...

To my understanding and related to https://community.openfoodnetwork.org/t/inviting-hub-members-via-email/989/12 this sort of UX flows are better solved by means of an invitation. IMO any time we add use to the system, be it customer or enterprise user, the user should signup/login through by clicking the link present in the email invitation.

If we leave it up to the user to type in her email there are chances of a bad user experience. She won't type in the email correctly, she'll type in the wrong one, she'll then have to contact the admin, etc.

I think that we need to design the onboarding experience and make sure it's as smooth as possible.

Agree. Looks to me as a bunch of different features that lack cohesion but they are all part of the same onboarding experience.

I'm trying to sum up everything I've read in the different links:

• we have here a bug that happens because a manager adds an unknown customer to a hub. This customer receive's an email with the hub link. To access the hub the customer has to sign up, but we are not able to link this new account to the previously added account, resulting in the customer not having access to the hub
• the potential best solution in that case would be to create an account each time a manager adds an unknown email address to a hub list (the manager see a "pending_invitation" status for the account). The added customer receives a welcome-to-the-hub email but he/she would be asked to confirm their email address to be able to access the hub
• Anyway the workflow chosen should be close to the one currently in discussion here (for managers) : https://github.com/openfoodfoundation/openfoodnetwork/issues/1593

While this is an urgent issue, I understand from #1593 that it would be best to release the current email confirmation work first (PR #1720 & #1768) and then work on these issues.

Is it correct ? / What do you think ? @myriamboure @daniellemoorhead

Yes, that sounds right. We intentionally didn't solve this problem, because we needed the email confirmation first. Otherwise someone could sneak in as customer by using another person's email address.

I summed up a solution here to enable a hub manager not to notify the user if they don't want to : https://community.openfoodnetwork.org/t/inviting-hub-members-via-email/989/17

Oh how lovely it would be to completely redesign the sign up process! So many things on the wishlist... 😀

@RachL all that sounds correct and a good plan. So the sooner we can get the email confirm functionality merged and released the sooner we can get this issue fixed and make a lot of people very happy.

Ping @sstead @lin-d-hop so you're both in the loop.

Just as a note, mostly to myself, we've had another Aus user run into this problem (New Life Farm). They've got an invisible shop for now- let them know when this fix is in.

Yes +1 @sstead, it's kind of urgent for us as well, most users in France use that, we used some workaround (create the users account for themselves and then add then to customer list) but it ended up with so many bugs... trying to accelerate the emai confirmation work, would be great to be able to solve that quickly...

Ran into this on the Scandinavia instance as well. So I put up our stakeholder label :)

Note to self: this was an issue for Food Connect today.

And again for Eat My Farm (Feb 7)

This is waiting to be deployed on staging and checked again.