Redact names everywhere on the client dashboard and some other locati…

…ons as well

app/controllers/clients/anomalies_controller.rb

@@ -66,7 +66,7 @@ def flash_interpolation_options
     end
 
     protected def title_for_show
-      "#{@client.name} - Anomalies"
+      "#{@client.pii_provider(user: current_user).full_name} - Anomalies"
     end
 
     private def anomaly_params

app/controllers/clients/audits_controller.rb

@@ -28,6 +28,6 @@ def set_client
   end
 
   def title_for_show
-    "#{@client.name} - Audit"
+    "#{@client.pii_provider(user: current_user).full_name} - Audit"
   end
 end

app/controllers/clients/cas_readiness_controller.rb

@@ -65,7 +65,7 @@ def cas_readiness_params
     end
 
     def title_for_show
-      "#{@client.name} - CAS Readiness"
+      "#{@client.pii_provider(user: current_user).full_name} - CAS Readiness"
     end
   end
 end

app/controllers/clients/chronic_controller.rb

@@ -47,7 +47,7 @@ def cas_readiness_params
     end
 
     def title_for_show
-      "#{@client.name} - Chronic"
+      "#{@client.pii_provider(user: current_user).full_name} - Chronic"
     end
   end
 end

app/controllers/clients/coordinated_entry_assessments_controller.rb

@@ -96,7 +96,7 @@ def update
     end
 
     private def title_for_show
-      "#{@client.name} - #{Translation.translate('Coordinated Entry Assessment')}"
+      "#{@client.pii_provider(user: current_user).full_name} - #{Translation.translate('Coordinated Entry Assessment')}"
     end
 
     def flash_interpolation_options

app/controllers/clients/enrollment_history_controller.rb

@@ -40,7 +40,7 @@ def history_scope
     end
 
     def title_for_show
-      "#{@client.name} - Historical Enrollments"
+      "#{@client.pii_provider(user: current_user).full_name} - Historical Enrollments"
     end
   end
 end

app/controllers/clients/files_controller.rb

@@ -268,7 +268,7 @@ def file_source
     end
 
     protected def title_for_show
-      "#{@client.name} - Files"
+      "#{@client.pii_provider(user: current_user).full_name} - Files"
     end
 
     def window_visible?(visibility)

app/controllers/clients/hud_lots_controller.rb

@@ -29,7 +29,7 @@ def index
   end
 
   private def title_for_show
-    "#{@client.name} - Client-Level System Use & Length of Time Homeless Report"
+    "#{@client.pii_provider(user: current_user).full_name} - Client-Level System Use & Length of Time Homeless Report"
   end
   helper_method :title_for_show
 

app/controllers/clients/notes_controller.rb

@@ -112,7 +112,7 @@ def destroy
     end
 
     private def title_for_show
-      "#{@client.name} - Notes"
+      "#{@client.pii_provider(user: current_user).full_name} - Notes"
     end
   end
 end

app/controllers/clients/releases_controller.rb

@@ -139,7 +139,7 @@ def pre_populated
 
     private def render_pdf!
       @pdf = true
-      file_name = "Release of Information for #{@client.name}"
+      file_name = "Release of Information for #{@client.pii_provider(user: current_user).full_name}"
       send_data roi_pdf(file_name), filename: "#{file_name}.pdf", type: 'application/pdf'
     end
 
@@ -175,7 +175,7 @@ def file_source
     end
 
     protected def title_for_show
-      "#{@client.name} - Release of Information"
+      "#{@client.pii_provider(user: current_user).full_name} - Release of Information"
     end
 
     def window_visible?(_visibility)

app/controllers/clients/users_controller.rb

@@ -76,7 +76,7 @@ def set_user
     end
 
     protected def title_for_show
-      "#{@client.name} - Relationships"
+      "#{@client.pii_provider(user: current_user).full_name} - Relationships"
     end
   end
 end

app/controllers/clients/vispdats_controller.rb

@@ -164,7 +164,7 @@ def destroy_file
     end
 
     private def title_for_show
-      "#{@client.name} - VI-SPDATs"
+      "#{@client.pii_provider(user: current_user).full_name} - VI-SPDATs"
     end
   end
 end

app/controllers/clients/youth/intakes_controller.rb

@@ -88,7 +88,7 @@ def remove_all_youth_data
         @client.youth_follow_ups.destroy_all
         # TODO: This does not remove the client from the Youth DataSource
 
-        flash[:notice] = "All Youth information for #{@client.name} has been removed."
+        flash[:notice] = "All Youth information for #{@client.pii_provider(user: current_user).full_name} has been removed."
         redirect_to client_youth_intakes_path(@client)
       else
         not_authorized!

app/controllers/cohorts/client_notes_controller.rb

@@ -83,7 +83,7 @@ def cohort_id
     end
 
     def flash_interpolation_options
-      { resource_name: "Note for #{@note.client.name}" }
+      { resource_name: "Note for #{@note.client.pii_provider(user: current_user).full_name}" }
     end
   end
 end

app/controllers/cohorts/clients_controller.rb

@@ -485,7 +485,7 @@ def destroy
       else
         log_removal(@client.cohort_id, @client.id, params.dig(:grda_warehouse_cohort_client, :reason))
         if @client.destroy
-          flash[:notice] = "Removed #{@client.name}"
+          flash[:notice] = "Removed #{@client.pii_provider(user: current_user).full_name}"
           redirect_to cohort_path(@cohort)
         else
           render :pre_destroy

app/controllers/cohorts/notes_controller.rb

@@ -88,7 +88,7 @@ def cohort_id
     end
 
     def flash_interpolation_options
-      { resource_name: "Note for #{@note.client.name}" }
+      { resource_name: "Note for #{@note.client.pii_provider(user: current_user).full_name}" }
     end
   end
 end

app/controllers/concerns/activity_logger.rb

@@ -58,7 +58,7 @@ def log_activity
 
     # override as necessary in the controller
     protected def title_for_show
-      return @client.name if @client.present?
+      return @client.pii_provider(user: current_user).full_name if @client.present?
       return @user.name if @user.present?
     end
 

app/models/grda_warehouse/pii_provider.rb

@@ -17,6 +17,12 @@ def self.viewable_name(value, policy:, replacement: REDACTED)
     value.presence
   end
 
+  def self.viewable_ssn(value, policy:, replacement: REDACTED)
+    return replacement unless policy.can_view_full_ssn?
+
+    value.presence
+  end
+
   def self.viewable_dob(value, policy:, replacement: REDACTED)
     return replacement unless policy.can_view_full_dob?
 
@@ -46,32 +52,44 @@ def self.from_attributes(policy: nil, first_name: nil, last_name: nil, middle_na
     new(record, policy: policy)
   end
 
+  def redact_name?
+    ! policy.can_view_name?
+  end
+
+  def redact_ssn?
+    ! policy.can_view_full_ssn?
+  end
+
+  def redact_dob?
+    ! policy.can_view_full_dob?
+  end
+
   def first_name
-    return name_redacted unless policy.can_view_name?
+    return name_redacted if redact_name?
 
     record.first_name.presence
   end
 
   def last_name
-    return name_redacted unless policy.can_view_name?
+    return name_redacted if redact_name?
 
     record.last_name.presence
   end
 
   def middle_name
-    return name_redacted unless policy.can_view_name?
+    return name_redacted if redact_name?
 
     record.middle_name.presence
   end
 
   def full_name
-    return name_redacted unless policy.can_view_name?
+    return name_redacted if redact_name?
 
     [record.first_name, record.middle_name, record.last_name].compact.join(' ').presence
   end
 
   def brief_name
-    return name_redacted unless policy.can_view_name?
+    return name_redacted if redact_name?
 
     [record.first_name, record.last_name].compact.join(' ').presence
   end
@@ -84,7 +102,7 @@ def dob_and_age(force_year_only: false)
     return nil unless record.dob
 
     display_dob = record.dob
-    display_dob = display_dob&.year if force_year_only || !policy.can_view_full_dob?
+    display_dob = display_dob&.year if force_year_only || redact_dob?
 
     "#{display_dob} (#{age})"
   end
@@ -101,7 +119,7 @@ def age
 
   def ssn(force_mask: false)
     value = record.ssn.presence
-    mask = force_mask || !policy.can_view_full_ssn?
+    mask = force_mask || redact_ssn?
     format_ssn(value, mask: mask) if value
   end
 

app/views/clients/_assessment_form.html.haml

@@ -1,13 +1,13 @@
 - if @form[:answers].present?
   - form_name = (@form.assessment_type == @form.name) ? @form.name : "#{@form.assessment_type} < #{@form.name}"
   - content_for :modal_title, form_name
-  
+
   .d-flex
     .w-100
       .ssm__summary.d-flex.flex-column
         .mb-2
           %dt.inline Name:
-          %dd.inline= @client.name
+          %dd.inline= @client.pii_provider(user: current_user).full_name
         .mb-2
           %dt.inline Date Completed:
           %dd.inline= @form.collected_at&.to_date
@@ -29,9 +29,3 @@
           .client__assessment-answer= question[:answer]
 - else
   - content_for :modal_title, "Assessment Form Not Found"
-
-
-
-
-
-

app/views/clients/_enrollment_table.haml

@@ -120,7 +120,10 @@
                   - tooltip += "Exit: #{c['last_date_in_program']}<br />"
                 .mb-2.mt-2{ data: { toggle: :tooltip, title: tooltip, html: 'true', boundary: :window } }
                   = link_to client_path(c['client_id']), class: 'd-block' do
-                    #{c['FirstName']} #{c['LastName']}
+                    - if @client.pii_provider(user: current_user).redact_name?
+                      = @client.pii_provider(user: current_user).first_name
+                    - else
+                      #{c['FirstName']} #{c['LastName']}
                     - if c['head_of_household']
                       %i.icon-user
                     %br

app/views/clients/_match_results.html.haml

@@ -5,12 +5,12 @@
     %thead
       %tr
         %th{colspan: 2} Client
-        %th DOB
+        %th DOB/Age
         %th SSN
     %tbody
       - clients.each do |c|
         %tr.client__potential-match
-          - client_name = "#{c.full_name}"
+          - client_name = "#{c.pii_provider(user: current_user).full_name}"
           - sc_count = c.source_clients.count
           - colspan = if sc_count == 1 then 2 else 4 end
           - if sc_count == 1
@@ -23,16 +23,8 @@
                 %label{for:c.id, tabindex:'1' }
               = link_to(client_name, client_path(c), target: "_blank")
           - if sc_count == 1
-            %td
-              - if can_view_full_dob?
-                = c.DOB
-              - else
-                = c.age
-            %td
-              - if can_view_full_ssn?
-                = ssn(c.SSN)
-              - else
-                = masked_ssn(c.SSN)
+            %td= c.pii_provider(user: current_user).dob_or_age
+            %td= c.pii_provider(user: current_user).ssn
           - else
             - c.source_clients.each do |sc|
               %tr
@@ -42,11 +34,6 @@
                     .c-checkbox.c-checkbox.mr-4
                       = check_box_tag input_id, sc.id, nil, id: sc.id
                       %label{for:sc.id, tabindex:'1' }
-                    %span= "#{sc.full_name} in #{sc.data_source&.short_name} <br /> #{sc.uuid}".html_safe
-                %td
-                  = sc.DOB
-                %td
-                  - if can_view_full_ssn?
-                    = ssn(sc.SSN)
-                  - else
-                    = masked_ssn(sc.SSN)
+                    %span= "#{sc.pii_provider(user: current_user).full_name} in #{sc.data_source&.short_name} <br /> #{sc.uuid}".html_safe
+                %td= sc.pii_provider(user: current_user).dob_or_age
+                %td= sc.pii_provider(user: current_user).ssn

app/views/clients/_new_client_form.haml

@@ -18,6 +18,7 @@
           %th SSN
       %tbody
         - @existing_matches.each do |client|
+          - pii = client.pii_provider(user: current_user)
           %tr
             %td
               - ds_id = client.data_source.id
@@ -30,11 +31,9 @@
               - else
                 - link = client.destination_client.appropriate_path_for?(current_user)
               = link_to link do
-                = client.full_name
-            %td
-              = client.DOB
-            %td
-              = client.SSN
+                = pii.full_name
+            %td= pii.dob_or_age
+            %td= pii.ssn
   %h2 New Client
   %p
     If none of the above match the client you are attempting to add, click

app/views/clients/_potential_matches.html.haml

@@ -1,7 +1,7 @@
 %h3 Potential Matches
-%p 
-  This section allows you to merge a client into 
-  = "#{@client.name}."
+%p
+  This section allows you to merge a client into
+  = "#{@client.pii_provider(user: current_user).full_name}."
   If a potential client is the combination of merged clients, you can choose to merge with the client set, or with an individual client.
 - if @potential_matches.any?
   .row
@@ -12,7 +12,6 @@
           = k.to_s.humanize.titlecase
         = render 'match_results', f: f, clients: clients
       .form-actions
-        = f.button :submit, "Merge into #{@client.FirstName} #{@client.LastName}"
+        = f.button :submit, "Merge into #{@client.pii_provider(user: current_user).full_name}"
 - else
   %p No potential matches found
-