[Due for payment 2025-04-02] [$250] iOS - Security - The copilot switcher still displays after logging in back to the main account

[jponikarchuk]

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!

---

Version Number: v9.1.11-3
Reproducible in staging?: Yes
Reproducible in production?: Yes
If this was caught on HybridApp, is this reproducible on New Expensify Standalone?: No, reproducible on hybrid only
If this was caught during regression testing, add the test name, ID and link from TestRail: https://expensify.testrail.io/index.php?/tests/view/5724066
Email or phone of affected tester (no customers): N/A
Issue reported by: Applause Internal Team
Device used: iPhone 12 / iOS 17.7.2
App Component: User Settings

Action Performed:

Precondition:
Full Copilot access:

1. Navigate to Settings > Security
2. Verify there's a section to add a copilot
3. Click on Add Copilot
4. Verify a search list is displayed to search and select a user
5. Select an account you have access to
6. Click Full
7. Confirm
8. Enter the magic code
9. Log out of the main account.

Steps:

1. Log in as the full-access copilot
2. Switch to the main account
3. Send a message to a 1:1 DM
4. Log out the copilot account

Main account:
5. Login back to the main account
6. Navigate to Settings > Security
7. Remove Copilot access from the account

Expected Result:

The main account can remove the copilot normally

Actual Result:

After log out the copilot and log in back the main account the copilot switcher still display in the settings and when trying to remove the copilot display the "not so fast ..." modal

Workaround:

Unknown

Platforms:

• Android: Standalone
• Android: HybridApp
• Android: mWeb Chrome
• iOS: Standalone
• iOS: HybridApp
• iOS: mWeb Safari
• MacOS: Chrome / Safari
• MacOS: Desktop

Screenshots/Videos

View all open jobs on GitHub

Bug6767187_1741684890679.Copilot.mp4

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~021899644539670492309
• Upwork Job ID: 1899644539670492309
• Last Price Increase: 2025-03-26

Issue Owner

Current Issue Owner: @kadiealexander

[melvin-bot]

Triggered auto assignment to @jliexpensify (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details. Please add this bug to a GH project, as outlined in the SO.

[jliexpensify]

iOS <> Android bug swap

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~021899644539670492309

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @hoangzinh (External)

[VickyStash]

Hi, I'm Viktoryia from Callstack - expert contributor group - and I would like to work on this issue.

[VickyStash]

UPD: I've reproduced the issue, investigating it!

[VickyStash]

Proposal

Please re-state the problem that we are trying to solve in this issue.

App considers the main account as copilot if you log into it after login out from copilot switched to main.

What is the root cause of that problem?

The app defines if the account is acting as delegated (copilot), by checking through the app the account?.delegatedAccess?.delegate param (example).

When I log in as a copilot account and switch to the main account, the OpenApp command is called which adds
account.delegatedAccess.delegate param to account onyx data.

Account data returned by OpenApp when switching to delegate app.

{
    "onyxMethod": "merge",
    "key": "account",
    "value": {
        "requiresTwoFactorAuth": false,
        "guideCalendarLink": null,
        "delegatedAccess": {
            "delegates": [
                {
                    "email": "[email protected]",
                    "role": "all"
                }
            ],
            "delegators": [],
            "delegate": "[email protected]" // <-- delegate field is added
        }
    }
}

When I log out and then log in to the main account, the signInAfterTransitionFromOldDot is called. It clears out the onyx data, but ONYXKEYS.ACCOUNT is in the list of KEYS_TO_PRESERVE, so this key is not cleared out.

App/src/libs/actions/Session/index.ts

Line 569 in cda61b1

return Onyx.clear(KEYS_TO_PRESERVE);

During the main account launch, the OpenApp command is called. It returns the main ONYXKEYS.ACCOUNT data to merge, but it doesn't have a delegate field, so this field is left from the previous account and continues to be stored in Onyx.

Account data returned by OpenApp when login to main account

{
    "onyxMethod": "merge",
    "key": "account",
    "value": {
        "requiresTwoFactorAuth": false,
        "guideCalendarLink": null,
        "delegatedAccess": {
            "delegates": [
                {
                    "email": "[email protected]",
                    "role": "all"
                }
            ],
            "delegators": []
        }
    }
}

The app checks that the delegate field exists and shows the functionality for the delegated account.

What changes do you think we should make in order to solve the problem?

We need to clear out account.delegatedAccess data when a user logs in from OD.

To do that, we need to update clearOnyxForNewAccount function accordingly:

return Onyx.clear(KEYS_TO_PRESERVE).then(() => Onyx.merge(ONYXKEYS.ACCOUNT, {delegatedAccess: null}))

What specific scenarios should we cover in automated tests to prevent reintroducing this issue in the future?

N/A

What alternative solutions did you explore? (Optional)

N/A

Reminder: Please use plain English, be brief and avoid jargon. Feel free to use images, charts or pseudo-code if necessary. Do not post large multi-line diffs or write walls of text. Do not create PRs unless you have been hired for this job.

[melvin-bot]

@hoangzinh Huh... This is 4 days overdue. Who can take care of this?

[VickyStash]

@hoangzinh any ETA on reviewing the proposal?

[hoangzinh]

I will try to review your proposal today or tomorrow.

[hoangzinh]

When I log out and then log in to the main account, the signInAfterTransitionFromOldDot is called. It clears out the onyx data, but ONYXKEYS.ACCOUNT is in the list of KEYS_TO_PRESERVE, so this key is not cleared out.

Hi @VickyStash, I thought we already clear out all Onyx data when an account is logged out, don't we?

[VickyStash]

Hi @VickyStash, I thought we already clear out all Onyx data when an account is logged out, don't we?

In case of Hybrid App, the log out is handled there:

App/src/libs/actions/Session/index.ts

Lines 246 to 250 in 7cbbb55

	// In the HybridApp, we want the Old Dot to handle the sign out process
	if (CONFIG.IS_HYBRID_APP && killHybridApp) {
	HybridAppModule.closeReactNativeApp({shouldSignOut: true, shouldSetNVP: false});
	return;
	}

So it returns before clearing the data on the new app side.

As an option, we can try to clear the Onyx data right before HybridAppModule.closeReactNativeApp call, using the keysToPreserve list from the clearStorageAndRedirect function.

[hoangzinh]

I see, let me review it carefully. Thanks @VickyStash

[hoangzinh]

@VickyStash because Onyx.merge is an async action, are you going to wrap it with current Onyx.clear here to clear Onyx data?

[VickyStash]

@VickyStash because Onyx.merge is an async action, are you going to wrap it with current Onyx.clear here to clear Onyx data?

I think to be safe we can:

• create clearDelegatedAccessData function which will return Onyx.merge(ONYXKEYS.ACCOUNT, {delegatedAccess: null});. This way we can keep the code clear.
• then update clearOnyxForNewAccount to return:

return clearDelegatedAccessData().then(() => Onyx.clear(KEYS_TO_PRESERVE));

@hoangzinh What do you think?

[hoangzinh]

probably return Onyx.clear(KEYS_TO_PRESERVE).then(() => Onyx.merge(ONYXKEYS.ACCOUNT, {delegatedAccess: null})) is better (same as we did here). I'm not in favor of the new function, because it's kind of clearOnyxForNewAccount so it should be included in that function to centralize purpose.

[VickyStash]

@hoangzinh Sounds good to me! Do you want me to update the proposal accordingly?

[hoangzinh]

Yes please. It helps internal engineer review everything

[VickyStash]

@hoangzinh Done!

[hoangzinh]

@VickyStash's proposal looks good to me

Link to proposal #58218 (comment)

🎀👀🎀 C+ reviewed

[melvin-bot]

Triggered auto assignment to @stitesExpensify, see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[VickyStash]

I'll prepare the PR tomorrow!

[VickyStash]

The PR is ready for the review.

[hoangzinh]

Thank you @VickyStash.

@stitesExpensify do you agree with Viktoryia proposal here #58218 (comment)

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 9.1.18-4 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Fix the copilot switcher display after logging in back to the main account #58698

If no regressions arise, payment will be issued on 2025-04-02. 🎊

For reference, here are some details about the assignees on this issue:

• @hoangzinh requires payment through NewDot Manual Requests

[melvin-bot]

@hoangzinh @kadiealexander @hoangzinh The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed. Please copy/paste the BugZero Checklist from here into a new comment on this GH and complete it. If you have the K2 extension, you can simply click: [this button]

[melvin-bot]

📣 It's been a week! Do we have any satisfactory proposals yet? Do we need to adjust the bounty for this issue? 💸