Change DUA signing from full name to initials

Author: lukepayyapilli

physionet-django/project/forms.py

@@ -1111,27 +1111,28 @@ class Meta:
 
 class DUASignatureForm(forms.Form):
     """
-    Form for signing Data Use Agreement by typing full name.
+    Form for signing Data Use Agreement by typing initials.
     """
-    full_name = forms.CharField(
+    initials = forms.CharField(
         widget=forms.TextInput(attrs={
             'class': 'form-control',
-            'placeholder': 'Type your full name',
+            'placeholder': 'Type your initials',
         }),
-        label='Please sign your full name to indicate your consent',
+        label='Please type your initials to indicate your consent',
     )
 
     def __init__(self, user, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.user = user
-        self.fields['full_name'].help_text = (
-            f'Please type your full name exactly as: {user.get_full_name()}'
+        expected_initials = DUASignature.get_user_initials(user)
+        self.fields['initials'].help_text = (
+            f'Please type your initials exactly as: {expected_initials}'
         )
 
-    def clean_full_name(self):
-        full_name = self.cleaned_data.get('full_name', '').strip()
-        DUASignature.validate_signature_name(self.user, full_name)
-        return full_name
+    def clean_initials(self):
+        initials = self.cleaned_data.get('initials', '').strip()
+        DUASignature.validate_signature_initials(self.user, initials)
+        return initials
 
 
 class DataAccessRequestForm(forms.ModelForm):

physionet-django/project/modelcomponents/access.py

@@ -1,3 +1,4 @@
+import unicodedata
 from datetime import timedelta
 from enum import IntEnum
 
@@ -44,13 +45,31 @@ class Meta:
         default_permissions = ()
 
     @staticmethod
-    def validate_signature_name(user, full_name):
-        if not full_name or not full_name.strip():
-            raise ValidationError('You must enter your full name to sign the agreement.')
-        expected_name = user.get_full_name()
-        if full_name.strip().lower() != expected_name.lower():
+    def get_user_initials(user):
+        """Get initials from user's profile name."""
+        initials = ''
+        if user.profile.first_names:
+            for name in user.profile.first_names.split():
+                if name:
+                    initials += name[0].upper()
+        if user.profile.last_name:
+            initials += user.profile.last_name[0].upper()
+        return initials
+
+    @staticmethod
+    def normalize_for_comparison(text):
+        """Normalize text for Unicode-aware case-insensitive comparison."""
+        return unicodedata.normalize('NFKD', text.casefold())
+
+    @staticmethod
+    def validate_signature_initials(user, initials):
+        if not initials or not initials.strip():
+            raise ValidationError('You must enter your initials to sign the agreement.')
+        expected_initials = DUASignature.get_user_initials(user)
+        if DUASignature.normalize_for_comparison(initials.strip()) != \
+                DUASignature.normalize_for_comparison(expected_initials):
             raise ValidationError(
-                f'The name entered does not match your profile name: {expected_name}'
+                f'The initials entered do not match. Please enter: {expected_initials}'
             )
 
 

physionet-django/project/templates/project/sign_dua.html

@@ -19,13 +19,13 @@ <h2>{{ project.dua.name }}</h2>
   <form method="POST">
     {% csrf_token %}
     <div class="form-group">
-      <label for="id_full_name">{{ form.full_name.label }}</label>
-      {{ form.full_name }}
-      {% if form.full_name.help_text %}
-        <small class="form-text text-muted">{{ form.full_name.help_text }}</small>
+      <label for="id_initials">{{ form.initials.label }}</label>
+      {{ form.initials }}
+      {% if form.initials.help_text %}
+        <small class="form-text text-muted">{{ form.initials.help_text }}</small>
       {% endif %}
-      {% if form.full_name.errors %}
-        <div class="text-danger">{{ form.full_name.errors.0 }}</div>
+      {% if form.initials.errors %}
+        <div class="text-danger">{{ form.initials.errors.0 }}</div>
       {% endif %}
     </div>
     <p class="text-center">

physionet-django/project/test_s3.py

@@ -23,6 +23,7 @@
 )
 from project.models import (
     AWS,
+    DUASignature,
     PublishedProject,
 )
 from user.models import (
@@ -280,9 +281,10 @@ def test_controlled_access_points(self):
 
         for user in add_aws_users + add_nonaws_users:
             self.client.force_login(user)
+            initials = DUASignature.get_user_initials(user)
             self.client.post(
                 reverse('sign_dua', args=(project.slug, project.version)),
-                data={'agree': '', 'full_name': user.get_full_name()},
+                data={'agree': '', 'initials': initials},
             )
             self.assertTrue(can_view_project_files(project, user))
 

physionet-django/project/test_views.py

@@ -735,7 +735,7 @@ def test_credentialed(self):
         # Sign the dua and get file again
         response = self.client.post(reverse('sign_dua',
             args=(project.slug, project.version,)),
-            data={'agree': '', 'full_name': 'Roger Greenwood Mark'})
+            data={'agree': '', 'initials': 'RGM'})
         response = self.client.get(reverse(
             'serve_published_project_file',
             args=(project.slug, project.version, 'SHA256SUMS.txt')))
@@ -952,7 +952,7 @@ def test_serve_file(self):
             self.client.login(username='rgmark@mit.edu', password='Tester11!')
             response = self.client.post(
                 reverse('sign_dua', args=(project.slug, project.version,)),
-                data={'agree': '', 'full_name': 'Roger Greenwood Mark'})
+                data={'agree': '', 'initials': 'RGM'})
 
             response = self.client.get(url + 'foo/')
             self.assertEqual(response.status_code, 200)
@@ -967,46 +967,46 @@ def test_serve_file(self):
 
 class TestDUASignatureValidation(TestMixin):
     """
-    Test DUA signing with full name validation.
+    Test DUA signing with initials validation.
     """
 
-    def test_sign_dua_with_correct_name(self):
-        """User can sign DUA when typing their correct full name."""
+    def test_sign_dua_with_correct_initials(self):
+        """User can sign DUA when typing their correct initials."""
         project = PublishedProject.objects.get(slug='demoeicu', version='2.0.0')
         self.client.login(username='rgmark@mit.edu', password='Tester11!')
 
         response = self.client.post(
             reverse('sign_dua', args=(project.slug, project.version)),
-            data={'agree': '', 'full_name': 'Roger Greenwood Mark'}
+            data={'agree': '', 'initials': 'RGM'}
         )
         self.assertEqual(response.status_code, 200)
         self.assertTrue(DUASignature.objects.filter(
             user__email='rgmark@mit.edu', project=project
         ).exists())
 
-    def test_sign_dua_with_wrong_name(self):
-        """User cannot sign DUA when typing wrong name."""
+    def test_sign_dua_with_wrong_initials(self):
+        """User cannot sign DUA when typing wrong initials."""
         project = PublishedProject.objects.get(slug='demoeicu', version='2.0.0')
         self.client.login(username='rgmark@mit.edu', password='Tester11!')
 
         response = self.client.post(
             reverse('sign_dua', args=(project.slug, project.version)),
-            data={'agree': '', 'full_name': 'Wrong Name'}
+            data={'agree': '', 'initials': 'XYZ'}
         )
         self.assertEqual(response.status_code, 200)
         self.assertFalse(DUASignature.objects.filter(
             user__email='rgmark@mit.edu', project=project
         ).exists())
-        self.assertContains(response, 'does not match your profile name')
+        self.assertContains(response, 'do not match')
 
-    def test_sign_dua_with_empty_name(self):
-        """User cannot sign DUA without entering their name."""
+    def test_sign_dua_with_empty_initials(self):
+        """User cannot sign DUA without entering their initials."""
         project = PublishedProject.objects.get(slug='demoeicu', version='2.0.0')
         self.client.login(username='rgmark@mit.edu', password='Tester11!')
 
         response = self.client.post(
             reverse('sign_dua', args=(project.slug, project.version)),
-            data={'agree': '', 'full_name': ''}
+            data={'agree': '', 'initials': ''}
         )
         self.assertEqual(response.status_code, 200)
         self.assertFalse(DUASignature.objects.filter(
@@ -1015,20 +1015,40 @@ def test_sign_dua_with_empty_name(self):
         self.assertContains(response, 'This field is required')
 
     def test_sign_dua_case_insensitive(self):
-        """Name validation is case-insensitive."""
+        """Initials validation is case-insensitive."""
         project = PublishedProject.objects.get(slug='demoeicu', version='2.0.0')
         self.client.login(username='rgmark@mit.edu', password='Tester11!')
 
         response = self.client.post(
             reverse('sign_dua', args=(project.slug, project.version)),
-            data={'agree': '', 'full_name': 'roger greenwood mark'}
+            data={'agree': '', 'initials': 'rgm'}
         )
         self.assertEqual(response.status_code, 200)
         self.assertTrue(DUASignature.objects.filter(
             user__email='rgmark@mit.edu', project=project
         ).exists())
 
 
+class TestDUASignatureNormalization(TestCase):
+    """
+    Test Unicode normalization for initials comparison.
+    """
+
+    def test_normalize_for_comparison(self):
+        """Test that normalize_for_comparison handles Unicode properly."""
+        normalize = DUASignature.normalize_for_comparison
+
+        # Case insensitivity
+        self.assertEqual(normalize('ABC'), normalize('abc'))
+
+        # German sharp S (ß) casefolds to 'ss'
+        self.assertEqual(normalize('ß'), normalize('ss'))
+
+        # Different Unicode representations of same character
+        # é as single character vs e + combining acute accent
+        self.assertEqual(normalize('é'), normalize('é'))
+
+
 class TestState(TestMixin):
     """
     Test that all objects are in their intended states, during and