From 96ae69fe93b2f4bd922fe139c309aa2a732e8227 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Wed, 24 Apr 2024 03:38:49 +0200
Subject: [PATCH] Use a GDPR-compliant configuration for Ahoy

As mentioned in Ahoy's README [1]:

> Ahoy provides a number of options to help with GDPR compliance.
> Update config/initializers/ahoy.rb with:
>
> class Ahoy::Store < Ahoy::DatabaseStore
>   def authenticate(data)
>     # disables automatic linking of visits and users
>   end
> end
>
> Ahoy.mask_ips = true
> Ahoy.cookies = :none

As also mentioned in the README:

> If Ahoy was installed before v5, add an index before making this
> change.
> (...)
> For Active Record, create a migration with:
> add_index :ahoy_visits, [:visitor_token, :started_at]

However, the `visitor_token` doesn't exist in our table, since we
generated the `visits` table when Ahoy used the `visitor_id` column. So
we're using this column for the index.

Note we also need to change the `visit` method, since otherwise we get
an exception [2]. As mentioned on the issue reporting the exception:

> you'll need to copy the latest version of that method and adapt it to
> your model. I believe you'll want to replace:
>
> where(visit_token: ahoy.visit_token) with
> where(id: ensure_uuid(ahoy.visit_token))
>
> where(visitor_token: ahoy.visitor_token) with
> where(visitor_id: ensure_uuid(ahoy.visitor_token))

So we're copying the latest version of that method and changing it
accordingly.

[1] https://github.com/ankane/ahoy/blob/v5.0.2/README.md
[2] Issue 549 in https://github.com/ankane/ahoy
---
 .rubocop.yml                                  |  2 ++
 config/initializers/ahoy.rb                   | 20 ++++++++++++++++++-
 ...sitor_id_and_started_at_index_to_visits.rb |  5 +++++
 db/schema.rb                                  |  3 ++-
 4 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 db/migrate/20240424013913_add_visitor_id_and_started_at_index_to_visits.rb

diff --git a/.rubocop.yml b/.rubocop.yml
index c0d760493..eef2eaac0 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -396,6 +396,8 @@ Rails/FindBy:
   Enabled: true
   Include:
     - "**/*.rb"
+  Exclude:
+    - "config/initializers/ahoy.rb"
 
 Rails/FindEach:
   Enabled: true
diff --git a/config/initializers/ahoy.rb b/config/initializers/ahoy.rb
index f1871beaa..b4e8817ec 100644
--- a/config/initializers/ahoy.rb
+++ b/config/initializers/ahoy.rb
@@ -1,9 +1,14 @@
 Ahoy.api = true
 Ahoy.server_side_visits = :when_needed
+Ahoy.mask_ips = true
+Ahoy.cookies = :none
 
 # Most code comes from:
 # https://github.com/ankane/ahoy/blob/3661b7f9a/docs/Ahoy-2-Upgrade.md
 class Ahoy::Store < Ahoy::DatabaseStore
+  def authenticate(...)
+  end
+
   def track_visit(data)
     data[:id] = ensure_uuid(data.delete(:visit_token))
     data[:visitor_id] = ensure_uuid(data.delete(:visitor_token))
@@ -17,7 +22,20 @@ class Ahoy::Store < Ahoy::DatabaseStore
   end
 
   def visit
-    @visit ||= visit_model.find_by(id: ensure_uuid(ahoy.visit_token)) if ahoy.visit_token
+    unless defined?(@visit)
+      if ahoy.send(:existing_visit_token) || ahoy.instance_variable_get(:@visit_token)
+        @visit = visit_model.where(id: ensure_uuid(ahoy.visit_token)).take if ahoy.visit_token
+      elsif !Ahoy.cookies? && ahoy.visitor_token
+        @visit = visit_model.where(visitor_id: ensure_uuid(ahoy.visitor_token))
+                            .where(started_at: Ahoy.visit_duration.ago..)
+                            .order(started_at: :desc)
+                            .first
+      else
+        @visit = nil
+      end
+    end
+
+    @visit
   end
 
   def visit_model
diff --git a/db/migrate/20240424013913_add_visitor_id_and_started_at_index_to_visits.rb b/db/migrate/20240424013913_add_visitor_id_and_started_at_index_to_visits.rb
new file mode 100644
index 000000000..b61bafaf2
--- /dev/null
+++ b/db/migrate/20240424013913_add_visitor_id_and_started_at_index_to_visits.rb
@@ -0,0 +1,5 @@
+class AddVisitorIdAndStartedAtIndexToVisits < ActiveRecord::Migration[7.0]
+  def change
+    add_index :visits, [:visitor_id, :started_at]
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index ea5f2cd6c..0b5dfa0d5 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.0].define(version: 2024_04_24_002959) do
+ActiveRecord::Schema[7.0].define(version: 2024_04_24_013913) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
   enable_extension "plpgsql"
@@ -1712,6 +1712,7 @@ ActiveRecord::Schema[7.0].define(version: 2024_04_24_002959) do
     t.datetime "started_at", precision: nil
     t.index ["started_at"], name: "index_visits_on_started_at"
     t.index ["user_id"], name: "index_visits_on_user_id"
+    t.index ["visitor_id", "started_at"], name: "index_visits_on_visitor_id_and_started_at"
   end
 
   create_table "votation_types", force: :cascade do |t|