Cosmetology - Return privileges that have aa or investigations

[landonshumway-ia]

Currently, if the home state license is not eligible in the system, the API does not return any privilege records for the cosmetology compact. We have identified a case where a state can place an encumbrance/investigation on a privilege record in the system, and then if the home state becomes inactive, the privilege record with an encumbrance/investigation will not be returned and the admin of that state will have no way to end the encumbrance/investigation.

To address this, we this adds a check on the backend to see if a privilege has any encumbrance/investigation placed on it, we will always return that record even if the home state license is not eligible for privileges in the system.

Closes #1226

Summary by CodeRabbit

• Bug Fixes

  • Refined provider privilege generation so jurisdictions still produce privilege rows when there are adverse actions or open investigations, even if the home license is not compact-eligible; improved logging for suppressed-per-jurisdiction cases.

• Tests

  • Added unit tests covering ineligible home-license scenarios with matching adverse actions and active investigations.

• Chores

  • Updated development dependency constraints.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2b40f0ae-779e-41c8-a895-0bb16651dfc1

📥 Commits

Reviewing files that changed from the base of the PR and between c1804ba and d1199f0.

📒 Files selected for processing (1)

• backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py

🚧 Files skipped from review as they are similar to previous changes (1)

• backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py

---

📝 Walkthrough

Walkthrough

Updated privilege generation logic to conditionally suppress privilege rows per jurisdiction when the home license is not compact-eligible, instead of skipping the entire license type. Privileges are still generated when adverse actions or investigations exist. Added corresponding unit tests and a dependency update.

Changes

Cohort / File(s)	Summary
Core Logic Refinement backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py	Modified generate_privileges_for_provider to gate privilege suppression at the jurisdiction/license-type level rather than skipping whole license types when the home license is ineligible. Ineligible home licenses still produce privilege rows if matching adverse actions or open investigations exist. Added a debug log and clarified an inactive-via-encumbrance comment.
Unit Tests backend/cosmetology-app/lambdas/python/common/tests/unit/test_provider_record_util.py	Added two tests verifying that compact privileges for a target jurisdiction are still generated when the home license is INELIGIBLE if there are adverse actions or open investigations for that jurisdiction.
Dependencies backend/cosmetology-app/lambdas/python/common/requirements-dev.in	Added an attrs>=25, <26 line (coexists with an existing attrs>=25.4,<26 entry).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Only generate cosmetology privilege records at runtime #1299: Modifies ProviderUserRecords.generate_privileges_for_provider and runtime privilege-generation logic; closely related change set.

Suggested reviewers

• jlkravitz
• isabeleliassen

Poem

🐰 I nibble through rows with a curious hop,
Per-jurisdiction rules now skip or stop,
If AAs or probes knock at a door,
Even ineligible homes won't ignore.
Tests and logs cheer — the rabbit hops more!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	The addition of a duplicate attrs requirement line in requirements-dev.in appears to be out of scope; the functional changes align with the linked issue requirements.	Remove the duplicate attrs>=25, <26 line from requirements-dev.in as it conflicts with the existing attrs>=25.4,<26 constraint and is unrelated to the feature.
Description check	❓ Inconclusive	The description explains the problem, solution, and references the closing issue, but does not follow the provided template structure with Requirements, Description, and Testing sections.	Restructure the description to follow the template format, including explicit Requirements List, Description List, and Testing List sections with checkboxes where applicable.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly describes the main change: returning privilege records that have adverse actions or investigations even when the home license is ineligible.
Linked Issues check	✅ Passed	The code changes implement the core requirement to return privileges with adverse actions or investigations despite ineligible home licenses, with new unit tests validating both scenarios.
Docstring Coverage	✅ Passed	Docstring coverage is 80.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py`:
- Around line 477-480: The current inclusion check uses inv_records (populated
by get_investigation_records_for_privilege(jurisdiction,...)) which only returns
investigations from the same jurisdiction, so change the logic to detect
investigations that target the specific privilege instead of relying on
inv_records scoped to privilege_jurisdiction: either update
get_investigation_records_for_privilege to accept and return cross-jurisdiction
investigations for the given privilege identifier(s) or replace the boolean
check with a filter over the investigation list that matches on the
privilege-identifying fields (e.g., privilege id/license number/provider id and
any privilege-specific keys) before using it in the if-condition that references
most_recent_license, CompactEligibilityStatus, and privilege_aa. Ensure you
reference the same symbols (most_recent_license,
CompactEligibilityStatus.ELIGIBLE, privilege_aa, inv_records,
get_investigation_records_for_privilege, privilege_jurisdiction) when making the
change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 69691227-1595-4c7f-b1dc-cd1ac4051997

📥 Commits

Reviewing files that changed from the base of the PR and between 7d1196c and a59109c.

📒 Files selected for processing (2)

• backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py
• backend/cosmetology-app/lambdas/python/common/tests/unit/test_provider_record_util.py

[coderabbitai]

🧹 Nitpick comments (1)

backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py (1)

485-498: Implementation looks correct; minor style suggestion.

The logic correctly ensures privileges are generated when there's a matching adverse action or open investigation, even for ineligible home licenses. This addresses the core requirement from issue #1226.

One minor observation: line 486 re-checks most_recent_license.compactEligibility != CompactEligibilityStatus.ELIGIBLE when is_eligible (line 473) already captures this. Consider using not is_eligible for consistency:

♻️ Optional simplification

                 if (
-                        most_recent_license.compactEligibility != CompactEligibilityStatus.ELIGIBLE
+                    not is_eligible
                     and not include_inactive_privileges
                     and not privilege_aa
                     and not inv_records
                 ):

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py`
around lines 485 - 498, The conditional re-checks
most_recent_license.compactEligibility when is_eligible (set earlier) already
represents that value; update the if condition to use not is_eligible instead of
most_recent_license.compactEligibility != CompactEligibilityStatus.ELIGIBLE and
keep the rest of the checks (not include_inactive_privileges, not privilege_aa,
not inv_records) unchanged, and preserve the logger.debug call and its context
keys (jurisdiction, home_jurisdiction, license_type_abbr) so behavior is
identical but uses the existing is_eligible flag for consistency.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In
`@backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py`:
- Around line 485-498: The conditional re-checks
most_recent_license.compactEligibility when is_eligible (set earlier) already
represents that value; update the if condition to use not is_eligible instead of
most_recent_license.compactEligibility != CompactEligibilityStatus.ELIGIBLE and
keep the rest of the checks (not include_inactive_privileges, not privilege_aa,
not inv_records) unchanged, and preserve the logger.debug call and its context
keys (jurisdiction, home_jurisdiction, license_type_abbr) so behavior is
identical but uses the existing is_eligible flag for consistency.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 82f674a0-31e0-4a52-b507-18195a101d63

📥 Commits

Reviewing files that changed from the base of the PR and between 814aaab and c1804ba.

📒 Files selected for processing (3)

• backend/cosmetology-app/lambdas/python/common/cc_common/data_model/provider_record_util.py
• backend/cosmetology-app/lambdas/python/common/requirements-dev.in
• backend/cosmetology-app/lambdas/python/common/tests/unit/test_provider_record_util.py

🚧 Files skipped from review as they are similar to previous changes (1)

• backend/cosmetology-app/lambdas/python/common/requirements-dev.in

[jlkravitz]

Looks good to me! @isabeleliassen Good to merge.