Fix PII banner for ops tools

samcoy3 · web-flow · commit 707ec0068324 · 2026-04-15T12:59:46.000+01:00
This fixes a cosmetic issue where a banner which indicates that PII cannot be displayed is not displayed because the show_pii logic short-circuits before setting all member variables.

Jira-Issue: MAV-3019
diff --git a/app/controllers/inspect/graphs_controller.rb b/app/controllers/inspect/graphs_controller.rb
@@ -42,17 +42,24 @@ def show
     private
 
     def show_pii
-      @show_pii ||=
-        user_is_allowed_to_access_pii && !sensitive_patient_in_graph &&
-          pii_access_requested_by_user
+      return @show_pii if defined?(@show_pii)
+      @show_pii =
+        user_is_allowed_to_access_pii && pii_access_requested_by_user &&
+          !sensitive_patient_in_graph
     end
 
     def user_is_allowed_to_access_pii
-      @user_is_allowed_to_access_pii ||= policy(:inspect).show_pii?
+      if defined?(@user_is_allowed_to_access_pii)
+        return @user_is_allowed_to_access_pii
+      end
+      @user_is_allowed_to_access_pii = policy(:inspect).show_pii?
     end
 
     def sensitive_patient_in_graph
-      @sensitive_patient_in_graph ||=
+      if defined?(@sensitive_patient_in_graph)
+        return @sensitive_patient_in_graph
+      end
+      @sensitive_patient_in_graph =
         begin
           graph_with_pii =
             GraphRecords.new(
@@ -67,7 +74,10 @@ def sensitive_patient_in_graph
     end
 
     def pii_access_requested_by_user
-      @pii_access_requested_by_user ||= params[:show_pii] || SHOW_PII_BY_DEFAULT
+      if defined?(@pii_access_requested_by_user)
+        return @pii_access_requested_by_user
+      end
+      @pii_access_requested_by_user = params[:show_pii] || SHOW_PII_BY_DEFAULT
     end
 
     def traversals_config
diff --git a/app/controllers/inspect/timeline/patients_controller.rb b/app/controllers/inspect/timeline/patients_controller.rb
@@ -69,22 +69,32 @@ def show
   private
 
   def show_pii
-    @show_pii ||=
-      user_is_allowed_to_access_pii && !patient_accessed_is_sensitive &&
-        pii_access_requested_by_user
+    return @show_pii if defined?(@show_pii)
+    @show_pii =
+      user_is_allowed_to_access_pii && pii_access_requested_by_user &&
+        !patient_accessed_is_sensitive
   end
 
   def user_is_allowed_to_access_pii
-    @user_is_allowed_to_access_pii ||= policy(:inspect).show_pii?
+    if defined?(@user_is_allowed_to_access_pii)
+      return @user_is_allowed_to_access_pii
+    end
+    @user_is_allowed_to_access_pii = policy(:inspect).show_pii?
   end
 
   def patient_accessed_is_sensitive
-    @patient_accessed_is_sensitive ||=
+    if defined?(@patient_accessed_is_sensitive)
+      return @patient_accessed_is_sensitive
+    end
+    @patient_accessed_is_sensitive =
       @patient.restricted? || @compare_patient&.restricted?
   end
 
   def pii_access_requested_by_user
-    @pii_access_requested_by_user ||= params[:show_pii] || SHOW_PII_BY_DEFAULT
+    if defined?(@pii_access_requested_by_user)
+      return @pii_access_requested_by_user
+    end
+    @pii_access_requested_by_user = params[:show_pii] || SHOW_PII_BY_DEFAULT
   end
 
   def set_patient
