We will want to filter API calls to only allow contact.get, always including contact ID and time-limited hash, and only returning opt in and opt out fields. If that's not possible in configuration, write a little custom API call to wrap contact.get with those filters and configure civiproxy to only allow this custom call.

https://docs.civicrm.org/civiproxy/en/latest/
https://github.com/systopia/CiviProxy
https://github.com/jackgleeson/CiviProxy

Details

	Subject	Repo	Branch	Lines +/-
	Re-add settings_location.php	wikimedia/fundraising/crm/civicrm	master	+8 -0
	Clear out unused files and update Dockerfile	wikimedia/fundraising/crm/civiproxy	master	+2 -1 K

Customize query in gerrit

Related Objects
Search...

Status	Assigned	Task
Open	None	T125272 Epic: Create Preference Center for donors to manage email subscription preferences
Resolved	None	T268495 Add CiviProxy to crm repo, write configuration or code for filtering API calls
Resolved	jgleeson	T270384 Dockerize CiviProxy
		Restricted Task

Event Timeline

Ejegg created this task.Nov 23 2020, 4:00 PM

Ejegg added a project: Wikimedia-Fundraising-CiviCRM.Nov 23 2020, 4:04 PM

Ejegg removed projects: FR-planning-ahead, Fundraising Sprint Princess Mongodb, Epic.Nov 23 2020, 5:35 PM

Ejegg removed subscribers: • CCogdill_WMF, • kaythaney.

• DStrine moved this task from Triage to Current Sprint on the Fundraising-Backlog board.Nov 24 2020, 9:16 PM

• DStrine added a project: Fundraising Sprint Xtreme Lolcats.Nov 24 2020, 9:33 PM

• DStrine triaged this task as Medium priority.Nov 24 2020, 10:01 PM

• DStrine removed a project: Fundraising Sprint Xtreme Lolcats.Dec 4 2020, 6:21 PM

• DStrine moved this task from Current Sprint to Sprint +1 on the Fundraising-Backlog board.Dec 7 2020, 5:55 PM

• DStrine moved this task from Sprint +1 to Current Sprint on the Fundraising-Backlog board.Dec 8 2020, 9:14 PM

• DStrine added a project: Fundraising Sprint Yellow hornets of kindness and healing.Dec 8 2020, 9:18 PM

Ejegg moved this task from Backlog to Doing on the Fundraising Sprint Yellow hornets of kindness and healing board.Dec 14 2020, 9:05 PM

Discussed on IRC:

Write custom CiviCRM API possibly within the existing wmf-civicrm extension to wrap CiviCRM Core API Contact calls. This will allow stricter API param rules.
Add civiproxy scripts to 'wikimedia/fundraising/crm'

jgleeson updated the task description. (Show Details)Dec 14 2020, 10:40 PM

I've forked the main project and pushed up a patch which gets us CiviProxy running locally.

MBeat33 unsubscribed.Dec 15 2020, 11:18 PM

@Eileenmcnaughton to make stepping through the internals easier I added xDebug to the build in the latest commit.

@Eileenmcnaughton @Ejegg we might need to adapt CiviProxy to send a client certificate along with requests right? as the current production frontend requires them.

Update:
The answer to this is no. Instead, we're gonna open allow traffic to production CiviCRM from the IP of the box CiviProxy runs on with no client certificate checks.

What do we do next on civiproxy?

a) I've updated the api such that it now returns the 4 fields for our prototype when fed a contact hash
b) I think we want to switch from hash to checksum - I will investigate that
c) I guess we need to finalise with Jeff and Dallas where civiproxy will sit. It seems it need to be it's own webroot / url that just serves up the contents of one folder - as such it makes sense to me that it is it's own wmf repo (we can rip out the irrelevant stuff) - we need to check with Jeff & Dallas how we would trial
d) we need to confirm / set up a repo for config for civiproxy

So I think with b & c & d done that would be the requirements for https://phabricator.wikimedia.org/T268495 would be met. I don't know how we finalise the civiproxy docker work you have done but it is probably not in the critical path for T268495 & maybe should be it's own phab. The work you've done so far allowed me to test it - which is what I got stuck on last time so it's important to do that finalisation but just looking specifically at that ticket.

jgleeson updated the task description. (Show Details)Dec 17 2020, 12:52 PM

I added a subtask to capture the CiviProxy docker work here T270384

I'll look at upstreaming that too.

Eileenmcnaughton added a subtask: Restricted Task.Dec 21 2020, 2:38 AM

Repo has been requested here https://www.mediawiki.org/wiki/Gerrit/New_repositories/Requests

• DStrine added a project: Fundraising Sprint Zeitgeistbusters.Dec 22 2020, 8:11 PM

Ejegg moved this task from Backlog to Review on the Fundraising Sprint Zeitgeistbusters board.Dec 23 2020, 2:49 PM

• DStrine closed subtask T270384: Dockerize CiviProxy as Resolved.Jan 5 2021, 8:10 PM

• DStrine moved this task from Current Sprint to Sprint +2 on the Fundraising-Backlog board.Jan 5 2021, 8:20 PM

• DStrine added a project: FR-email-preferences.Jan 14 2021, 6:32 PM

• DStrine moved this task from Sprint +2 to Sprint +1 on the Fundraising-Backlog board.Jan 14 2021, 6:38 PM

XenoRyet added a project: Fundraising Sprint Bee Wheel.Jan 25 2021, 9:01 PM

• DStrine moved this task from Sprint +1 to Current Sprint on the Fundraising-Backlog board.Jan 26 2021, 6:27 PM

• DStrine moved this task from Current Sprint to Sprint +2 on the Fundraising-Backlog board.Feb 2 2021, 8:15 PM

• DStrine moved this task from Sprint +2 to Current Sprint on the Fundraising-Backlog board.Feb 16 2021, 8:46 PM

• DStrine added a project: Fundraising Sprint Downed power line jump rope.Feb 16 2021, 9:04 PM

jgleeson moved this task from Backlog to Doing on the Fundraising Sprint Downed power line jump rope board.Feb 17 2021, 12:56 PM

Change 664901 had a related patch set uploaded (by Jgleeson; owner: Jgleeson):
[wikimedia/fundraising/crm/civiproxy@master] Clear out unused files and update Dockerfile

https://gerrit.wikimedia.org/r/664901

gerritbot added a project: Patch-For-Review.Feb 17 2021, 8:14 PM

jgleeson mentioned this in rWFCXff9a7771804e: Clear out unused files and update Dockerfile.Feb 17 2021, 8:25 PM

• DStrine added a project: Fundraising Sprint Esperantoland.Mar 2 2021, 9:03 PM

• DStrine added a project: Fundraising Sprint File Systems Stage Show.Mar 16 2021, 8:02 PM

jgleeson moved this task from Backlog to Done on the Fundraising Sprint File Systems Stage Show board.Mar 18 2021, 2:44 PM

• DStrine closed this task as Resolved.Mar 30 2021, 7:09 PM

Hi! I think we need to update the fields returned:

The country field in the data returned is the country name, but what we actually need is the country's ISO code.
I think we also need to return the donor's name, so that it can also be displayed on the form.

Thanks!!

• DStrine reopened this task as Open.Apr 5 2021, 8:05 PM

• DStrine added a project: Fundraising Sprint Git Rebase Jump.

@AndyRussG I can fix the country field to iso code pretty easily

Regarding name - that is a scope change in terms of our exposure (in terms of what could be retrieved by hammering the url with brute generated or perhaps leaked contact id / hash combos). It's a technically easy change but I think at this stage it is a spec change to the agreed security scope (although I could be out of date)

• DStrine added a project: Fundraising Sprint Humongous bacteria petting zoo.Apr 13 2021, 7:58 PM

• DStrine added a project: Fundraising Sprint Interstitial ads halfway down the coaster hill.Apr 27 2021, 7:46 PM

jgleeson moved this task from Backlog to Done on the Fundraising Sprint Interstitial ads halfway down the coaster hill board.Apr 28 2021, 4:06 PM

• DStrine closed this task as Resolved.May 11 2021, 7:10 PM

Change 664901 merged by Eileen:

[wikimedia/fundraising/crm/civiproxy@master] Clear out unused files and update Dockerfile

https://gerrit.wikimedia.org/r/664901

Maintenance_bot removed a project: Patch-For-Review.Jul 15 2021, 4:10 AM

Change 756023 had a related patch set uploaded (by Jgleeson; author: Jgleeson):

[wikimedia/fundraising/crm/civicrm@master] Re-add settings_location.php

https://gerrit.wikimedia.org/r/756023

gerritbot added a project: Patch-For-Review.Jan 21 2022, 5:01 PM