Description
When a device registers their apnsDeviceToken with QPS, QPS/QSS will know what community they are signed into on that websocket connection. We should leverage that as a source of truth for what community the generated UCAN should be associated with. Add a new fact to the UCAN with the communityId that the connection is associated with (do not add a field to the PUSH_REGISTRATION message, use the CommunitiesManagerService to get the community that they are signed into).
This will allow us to establish that any UCAN used to send a push notification is only sending a push notification to devices also within the community that the initiating user is signed into validly.
Acceptance Criteria
Description
When a device registers their apnsDeviceToken with QPS, QPS/QSS will know what community they are signed into on that websocket connection. We should leverage that as a source of truth for what community the generated UCAN should be associated with. Add a new fact to the UCAN with the communityId that the connection is associated with (do not add a field to the
PUSH_REGISTRATIONmessage, use theCommunitiesManagerServiceto get the community that they are signed into).This will allow us to establish that any UCAN used to send a push notification is only sending a push notification to devices also within the community that the initiating user is signed into validly.
Acceptance Criteria
CommunitiesManagerServiceSEND_PUSHall are equivalent to the community that the user sending the push is signed into