guardrails

Author: Shahroz16

datapipelines/src/main/kotlin/io/customer/datapipelines/location/LocationTracker.kt

@@ -1,129 +1,167 @@
 package io.customer.datapipelines.location
 
+import android.location.Location
 import io.customer.datapipelines.plugins.LocationPlugin
 import io.customer.datapipelines.store.LocationPreferenceStore
 import io.customer.sdk.communication.Event
 import io.customer.sdk.core.util.Logger
 
 /**
  * Coordinates all location state management: persistence, restoration,
- * staleness detection, and tracking whether an identify was sent without
- * location context.
+ * and filter-based sync decisions.
+ *
+ * Maintains two location references via [LocationPreferenceStore]:
+ * - **Cached**: the latest received location, used for identify enrichment.
+ * - **Synced**: the last location actually sent to the server, used by
+ *   [shouldSync] to decide whether a new "Location Update" track should be sent.
+ *
+ * A "Location Update" track is sent only when both conditions are met:
+ * 1. >= 24 hours since the last sync, AND
+ * 2. >= 1 km distance from the last synced location.
+ *
+ * If no synced location exists yet (first time), the filter passes automatically.
  */
 internal class LocationTracker(
     private val locationPlugin: LocationPlugin,
     private val locationPreferenceStore: LocationPreferenceStore,
-    private val logger: Logger
+    private val logger: Logger,
+    private val userIdProvider: () -> String?
 ) {
     /**
-     * Set when an identify is sent while no location context is available.
-     * Cleared when a location update arrives, so the caller can react
-     * (e.g. send a "Location Update" track for the newly-identified user).
-     */
-    @Volatile
-    internal var identifySentWithoutLocation: Boolean = false
-
-    /**
-     * Reads persisted location from the preference store and sets it on the
-     * [LocationPlugin] so that identify events have location context immediately
-     * after SDK restart.
+     * Reads persisted cached location from the preference store and sets it on
+     * the [LocationPlugin] so that identify events have location context
+     * immediately after SDK restart.
      */
     fun restorePersistedLocation() {
-        val lat = locationPreferenceStore.getLatitude() ?: return
-        val lng = locationPreferenceStore.getLongitude() ?: return
+        val lat = locationPreferenceStore.getCachedLatitude() ?: return
+        val lng = locationPreferenceStore.getCachedLongitude() ?: return
         locationPlugin.lastLocation = Event.LocationData(latitude = lat, longitude = lng)
         logger.debug("Restored persisted location: lat=$lat, lng=$lng")
     }
 
     /**
      * Processes an incoming location event: always caches in the plugin and
      * persists coordinates for identify enrichment. Only returns non-null
-     * (signalling the caller to send a "Location Update" track) when:
-     *
-     * 1. An identify was previously sent without location context, OR
-     * 2. >=24 hours have elapsed since the last "Location Update" track.
+     * (signalling the caller to send a "Location Update" track) when the
+     * [shouldSync] filter passes.
      *
      * @return the [Event.LocationData] to send as a track, or null if suppressed.
      */
     fun onLocationReceived(event: Event.TrackLocationEvent): Event.LocationData? {
         val location = event.location
-        logger.debug("location update received: lat=${location.latitude}, lng=${location.longitude}")
+        logger.debug("Location update received: lat=${location.latitude}, lng=${location.longitude}")
 
         // Always cache and persist so identifies have context and location
         // survives app restarts — regardless of whether we send a track
         locationPlugin.lastLocation = location
-        locationPreferenceStore.saveLocation(location.latitude, location.longitude)
-
-        val shouldSendTrack = when {
-            identifySentWithoutLocation -> {
-                logger.debug("Sending location track: identify was previously sent without location context")
-                identifySentWithoutLocation = false
-                true
-            }
-            isStale() -> {
-                logger.debug("Sending location track: >=24h since last send")
-                true
-            }
-            else -> {
-                logger.debug("Location cached but track suppressed: last sent <24h ago")
-                false
-            }
+        locationPreferenceStore.saveCachedLocation(location.latitude, location.longitude)
+
+        // Only send location tracks for identified users
+        if (userIdProvider().isNullOrEmpty()) {
+            logger.debug("Location cached but track skipped: no identified user")
+            return null
         }
 
-        if (shouldSendTrack) {
-            locationPreferenceStore.saveLastSentTimestamp(System.currentTimeMillis())
-            return location
+        if (!shouldSync(location.latitude, location.longitude)) {
+            logger.debug("Location cached but track suppressed: filter not met")
+            return null
         }
-        return null
+
+        logger.debug("Location filter passed, sending Location Update track")
+        return location
     }
 
     /**
-     * Returns the persisted location if more than 24 hours have elapsed since
-     * the last "Location Update" track was sent, or null otherwise.
-     * Updates the sent timestamp so the next cold start won't re-send.
+     * Re-evaluates whether the cached location should be synced. Called on
+     * identify and on cold start to handle cases where:
+     * - An identify was sent without location context in a previous session,
+     *   and location has since arrived.
+     * - The app was restarted after >24h and the cached location should be
+     *   re-sent.
+     *
+     * @return the [Event.LocationData] to send as a track, or null if
+     *   the filter does not pass or no cached location exists.
      */
-    fun getStaleLocationForResend(): Event.LocationData? {
-        val lat = locationPreferenceStore.getLatitude() ?: return null
-        val lng = locationPreferenceStore.getLongitude() ?: return null
+    fun syncCachedLocationIfNeeded(): Event.LocationData? {
+        if (userIdProvider().isNullOrEmpty()) return null
 
-        if (!isStale()) return null
+        val lat = locationPreferenceStore.getCachedLatitude() ?: return null
+        val lng = locationPreferenceStore.getCachedLongitude() ?: return null
 
-        logger.debug("Location update stale on cold start, re-sending")
-        locationPreferenceStore.saveLastSentTimestamp(System.currentTimeMillis())
+        if (!shouldSync(lat, lng)) return null
+
+        logger.debug("Syncing cached location: lat=$lat, lng=$lng")
         return Event.LocationData(latitude = lat, longitude = lng)
     }
 
-    private fun isStale(): Boolean {
-        val lastSent = locationPreferenceStore.getLastSentTimestamp() ?: return true
-        return (System.currentTimeMillis() - lastSent) >= LOCATION_RESEND_INTERVAL_MS
+    /**
+     * Returns true if the [LocationPlugin] has a cached location.
+     */
+    fun hasLocationContext(): Boolean = locationPlugin.lastLocation != null
+
+    /**
+     * Resets user-level location state on logout. Clears synced data
+     * (timestamp and synced coordinates) so the next user gets their own
+     * location track — not gated by the previous user's 24h window.
+     * Cached coordinates are kept as they are device-level, not user-level.
+     */
+    fun onUserReset() {
+        locationPreferenceStore.clearSyncedData()
+        logger.debug("User reset: cleared synced location data")
     }
 
     /**
-     * Records that an identify call was made without location context.
+     * Determines whether a location should be synced to the server based on
+     * two criteria:
+     * 1. **Time**: >= [LOCATION_RESEND_INTERVAL_MS] since the last sync.
+     * 2. **Distance**: >= [MINIMUM_DISTANCE_METERS] from the last synced location.
+     *
+     * If no synced location exists yet, the filter passes automatically.
      */
-    fun onIdentifySentWithoutLocation() {
-        identifySentWithoutLocation = true
-        logger.debug("Identify sent without location context; will send location track when location arrives")
+    private fun shouldSync(latitude: Double, longitude: Double): Boolean {
+        val lastTimestamp = locationPreferenceStore.getSyncedTimestamp()
+        // Never synced before — always pass
+        if (lastTimestamp == null) return true
+
+        val timeSinceLastSync = System.currentTimeMillis() - lastTimestamp
+        if (timeSinceLastSync < LOCATION_RESEND_INTERVAL_MS) return false
+
+        val syncedLat = locationPreferenceStore.getSyncedLatitude() ?: return true
+        val syncedLng = locationPreferenceStore.getSyncedLongitude() ?: return true
+
+        val distance = distanceBetween(syncedLat, syncedLng, latitude, longitude)
+        return distance >= MINIMUM_DISTANCE_METERS
     }
 
     /**
-     * Clears the [identifySentWithoutLocation] flag. Called when the user
-     * logs out — the debt belongs to the identified user, and once they're
-     * gone the follow-up location track is no longer owed.
+     * Records that a location was successfully queued for delivery.
+     * Must be called AFTER the "Location Update" track has been enqueued
+     * via [analytics.track], so that if the process is killed between
+     * the track and the record, the worst case is a harmless duplicate
+     * rather than a missed send.
      */
-    fun onUserReset() {
-        if (identifySentWithoutLocation) {
-            logger.debug("User reset; clearing pending identify-without-location flag")
-            identifySentWithoutLocation = false
-        }
+    fun confirmSync(latitude: Double, longitude: Double) {
+        locationPreferenceStore.saveSyncedLocation(latitude, longitude, System.currentTimeMillis())
     }
 
     /**
-     * Returns true if the [LocationPlugin] has a cached location.
+     * Computes the distance in meters between two lat/lng points using
+     * [android.location.Location.distanceBetween]. This is a static math
+     * utility — no location permissions required.
      */
-    fun hasLocationContext(): Boolean = locationPlugin.lastLocation != null
+    private fun distanceBetween(
+        lat1: Double,
+        lng1: Double,
+        lat2: Double,
+        lng2: Double
+    ): Float {
+        val results = FloatArray(1)
+        Location.distanceBetween(lat1, lng1, lat2, lng2, results)
+        return results[0]
+    }
 
     companion object {
         private const val LOCATION_RESEND_INTERVAL_MS = 24 * 60 * 60 * 1000L // 24 hours
+        private const val MINIMUM_DISTANCE_METERS = 1000f // 1 km
     }
 }

datapipelines/src/main/kotlin/io/customer/datapipelines/store/LocationPreferenceStore.kt

@@ -8,15 +8,23 @@ import io.customer.sdk.data.store.read
 
 /**
  * Store for persisting location data across app restarts.
- * Ensures identify events always have location context and supports
- * 24-hour re-send of stale location updates on SDK startup.
+ *
+ * Maintains two location references:
+ * - **Cached**: the latest received location, used for identify enrichment.
+ * - **Synced**: the last location actually sent to the server, used by
+ *   the filter to decide whether a new location should be sent.
  */
 internal interface LocationPreferenceStore {
-    fun saveLocation(latitude: Double, longitude: Double)
-    fun saveLastSentTimestamp(timestamp: Long)
-    fun getLatitude(): Double?
-    fun getLongitude(): Double?
-    fun getLastSentTimestamp(): Long?
+    fun saveCachedLocation(latitude: Double, longitude: Double)
+    fun getCachedLatitude(): Double?
+    fun getCachedLongitude(): Double?
+
+    fun saveSyncedLocation(latitude: Double, longitude: Double, timestamp: Long)
+    fun getSyncedLatitude(): Double?
+    fun getSyncedLongitude(): Double?
+    fun getSyncedTimestamp(): Long?
+    fun clearSyncedData()
+
     fun clearAll()
 }
 
@@ -31,31 +39,53 @@ internal class LocationPreferenceStoreImpl(
         "io.customer.sdk.location.${context.packageName}"
     }
 
-    override fun saveLocation(latitude: Double, longitude: Double) = prefs.edit {
-        putString(KEY_LATITUDE, crypto.encrypt(latitude.toString()))
-        putString(KEY_LONGITUDE, crypto.encrypt(longitude.toString()))
+    // -- Cached location (latest received, for identify enrichment) --
+
+    override fun saveCachedLocation(latitude: Double, longitude: Double) = prefs.edit {
+        putString(KEY_CACHED_LATITUDE, crypto.encrypt(latitude.toString()))
+        putString(KEY_CACHED_LONGITUDE, crypto.encrypt(longitude.toString()))
+    }
+
+    override fun getCachedLatitude(): Double? = prefs.read {
+        getString(KEY_CACHED_LATITUDE, null)?.let { crypto.decrypt(it).toDoubleOrNull() }
+    }
+
+    override fun getCachedLongitude(): Double? = prefs.read {
+        getString(KEY_CACHED_LONGITUDE, null)?.let { crypto.decrypt(it).toDoubleOrNull() }
+    }
+
+    // -- Synced location (last sent to server, for filter comparison) --
+
+    override fun saveSyncedLocation(latitude: Double, longitude: Double, timestamp: Long) = prefs.edit {
+        putString(KEY_SYNCED_LATITUDE, crypto.encrypt(latitude.toString()))
+        putString(KEY_SYNCED_LONGITUDE, crypto.encrypt(longitude.toString()))
+        putLong(KEY_SYNCED_TIMESTAMP, timestamp)
     }
 
-    override fun saveLastSentTimestamp(timestamp: Long) = prefs.edit {
-        putLong(KEY_LAST_SENT_TIMESTAMP, timestamp)
+    override fun getSyncedLatitude(): Double? = prefs.read {
+        getString(KEY_SYNCED_LATITUDE, null)?.let { crypto.decrypt(it).toDoubleOrNull() }
     }
 
-    override fun getLatitude(): Double? = prefs.read {
-        getString(KEY_LATITUDE, null)?.let { crypto.decrypt(it).toDoubleOrNull() }
+    override fun getSyncedLongitude(): Double? = prefs.read {
+        getString(KEY_SYNCED_LONGITUDE, null)?.let { crypto.decrypt(it).toDoubleOrNull() }
     }
 
-    override fun getLongitude(): Double? = prefs.read {
-        getString(KEY_LONGITUDE, null)?.let { crypto.decrypt(it).toDoubleOrNull() }
+    override fun getSyncedTimestamp(): Long? = prefs.read {
+        if (contains(KEY_SYNCED_TIMESTAMP)) getLong(KEY_SYNCED_TIMESTAMP, 0L) else null
     }
 
-    override fun getLastSentTimestamp(): Long? = prefs.read {
-        if (contains(KEY_LAST_SENT_TIMESTAMP)) getLong(KEY_LAST_SENT_TIMESTAMP, 0L) else null
+    override fun clearSyncedData() = prefs.edit {
+        remove(KEY_SYNCED_LATITUDE)
+        remove(KEY_SYNCED_LONGITUDE)
+        remove(KEY_SYNCED_TIMESTAMP)
     }
 
     companion object {
         private const val KEY_ALIAS = "cio_location_key"
-        private const val KEY_LATITUDE = "latitude"
-        private const val KEY_LONGITUDE = "longitude"
-        private const val KEY_LAST_SENT_TIMESTAMP = "last_sent_timestamp"
+        private const val KEY_CACHED_LATITUDE = "cio_location_cached_latitude"
+        private const val KEY_CACHED_LONGITUDE = "cio_location_cached_longitude"
+        private const val KEY_SYNCED_LATITUDE = "cio_location_synced_latitude"
+        private const val KEY_SYNCED_LONGITUDE = "cio_location_synced_longitude"
+        private const val KEY_SYNCED_TIMESTAMP = "cio_location_synced_timestamp"
     }
 }

datapipelines/src/main/kotlin/io/customer/sdk/CustomerIO.kt

@@ -111,7 +111,7 @@ class CustomerIO private constructor(
 
     private val contextPlugin: ContextPlugin = ContextPlugin(deviceStore)
     private val locationPlugin: LocationPlugin = LocationPlugin(logger)
-    private val locationTracker: LocationTracker = LocationTracker(locationPlugin, SDKComponent.locationPreferenceStore, logger)
+    private val locationTracker: LocationTracker = LocationTracker(locationPlugin, SDKComponent.locationPreferenceStore, logger) { analytics.userId() }
 
     init {
         // Set analytics logger and debug logs based on SDK logger configuration
@@ -163,6 +163,7 @@ class CustomerIO private constructor(
         eventBus.subscribe<Event.TrackLocationEvent> {
             locationTracker.onLocationReceived(it)?.let { location ->
                 sendLocationTrack(location)
+                locationTracker.confirmSync(location.latitude, location.longitude)
             }
         }
     }
@@ -213,9 +214,10 @@ class CustomerIO private constructor(
             analytics.add(AutomaticApplicationLifecycleTrackingPlugin())
         }
 
-        // Re-send location if >24h since last "Location Update" track
-        locationTracker.getStaleLocationForResend()?.let { location ->
+        // Re-evaluate cached location on cold start (e.g. >24h + >1km since last sync)
+        locationTracker.syncCachedLocationIfNeeded()?.let { location ->
             sendLocationTrack(location)
+            locationTracker.confirmSync(location.latitude, location.longitude)
         }
     }
 
@@ -272,10 +274,6 @@ class CustomerIO private constructor(
 
         logger.info("identify profile with identifier $userId and traits $traits")
 
-        if (!locationTracker.hasLocationContext()) {
-            locationTracker.onIdentifySentWithoutLocation()
-        }
-
         // publish event to EventBus for other modules to consume
         eventBus.publish(Event.UserChangedEvent(userId = userId, anonymousId = analytics.anonymousId()))
         analytics.identify(
@@ -284,6 +282,13 @@ class CustomerIO private constructor(
             serializationStrategy = serializationStrategy
         )
 
+        // Re-evaluate cached location now that the user is identified.
+        // Must come after analytics.identify() so userIdProvider returns the correct userId.
+        locationTracker.syncCachedLocationIfNeeded()?.let { location ->
+            sendLocationTrack(location)
+            locationTracker.confirmSync(location.latitude, location.longitude)
+        }
+
         if (isFirstTimeIdentifying || isChangingIdentifiedProfile) {
             logger.debug("first time identified or changing identified profile")
             val existingDeviceToken = registeredDeviceToken