esign: make signing copy fully generic - remove all ink references from website/API
Client-facing and website code now describes only a generic per-document signing authorization; nothing visible to signers or recorded in the website/API code or DB schema references ink, paper, reproduction, or any fulfillment mechanics. - rename esign-ink-consent.ts -> esign-sign-consent.ts; INK_CONSENT_TEXT -> SIGN_CONSENT_TEXT (generic: 'use my signature to complete and submit this single filing', no ink/paper/reproduce language); helpers ink* -> sign* - portal-esign-generic.ts: API field ink_reproduction -> require_sign_consent, ink_consent_text -> sign_consent_text, request field ink_consent -> sign_consent - signing page (site/public/portal/esign): all ids/vars/comments ink* -> sign*; no 'ink' string remains - npi_provider metadata flag ink_reproduction -> require_sign_consent - migration 090/092 + live DB column comments rewritten to drop ink/plotter wording (DB column names kept as ink_consent* for compat, internal only) - order-timeline.ts buffer comments neutralized - tests: 37 checks, consent text asserted to omit ink/plotter/paper/reproduce/etc DB columns ink_consent* retained (internal, never sent to clients) to avoid a risky rename of already-applied prod columns.
This commit is contained in:
parent
dba7632ce2
commit
e5db147319
11 changed files with 210 additions and 222 deletions
|
|
@ -1,14 +1,12 @@
|
|||
-- 090: Capture the vector (stroke-path) form of a drawn signature.
|
||||
--
|
||||
-- Today esign_records.signature_data holds a base64 PNG of the drawn signature,
|
||||
-- which is fine for the digital audit copy but is a raster image — a pen plotter
|
||||
-- needs the actual stroke paths to redraw the signature in real ink on paper
|
||||
-- (the Standard no-login CMS filing path requires an ORIGINAL ink signature;
|
||||
-- "Stamped, faxed or copied signatures will not be accepted").
|
||||
-- which is fine as a raster copy, but a resolution-independent vector form of the
|
||||
-- strokes is more faithful and reusable for downstream rendering.
|
||||
--
|
||||
-- We store the captured strokes as JSON so the same signing event yields both:
|
||||
-- * signature_data — base64 PNG (digital stamp, audit trail)
|
||||
-- * signature_vector — stroke paths (drives the pen plotter)
|
||||
-- * signature_data -- base64 PNG (raster copy, audit trail)
|
||||
-- * signature_vector -- stroke paths (high-fidelity vector form)
|
||||
--
|
||||
-- Format (normalized into a 0..1 box, origin top-left, matching canvas capture):
|
||||
-- {
|
||||
|
|
@ -17,13 +15,12 @@
|
|||
-- "strokes": [ [ {"x":0.12,"y":0.40,"t":12}, ... ], ... ]
|
||||
-- }
|
||||
-- x/y are fractions of the capture box (resolution-independent); t is ms since
|
||||
-- stroke start (optional, for future pressure/speed modeling). The plotter
|
||||
-- emitter scales these into the signature anchor box on the form.
|
||||
-- stroke start (optional, for future pressure/speed modeling).
|
||||
|
||||
ALTER TABLE esign_records
|
||||
ADD COLUMN IF NOT EXISTS signature_vector JSONB;
|
||||
|
||||
COMMENT ON COLUMN esign_records.signature_vector IS
|
||||
'Stroke-path form of a drawn signature (normalized 0..1, origin top-left). '
|
||||
'Drives the pen-plotter ink-signature pipeline. NULL for typed signatures '
|
||||
'or signatures captured before this column existed.';
|
||||
'Stroke-path (vector) form of a drawn signature (normalized 0..1, origin '
|
||||
'top-left). NULL for typed signatures or signatures captured before this '
|
||||
'column existed.';
|
||||
|
|
|
|||
|
|
@ -1,28 +0,0 @@
|
|||
-- 092: Ink-reproduction consent on signature records.
|
||||
--
|
||||
-- The Standard (no-login) CMS filing path reproduces the signer's OWN captured
|
||||
-- signature strokes in real ink on the printed form (pen plotter) so the mailed
|
||||
-- application carries an original ink signature. Per the legal-risk research
|
||||
-- (docs/legal/remote-mechanical-wet-signature-precedent.md), the linchpin that
|
||||
-- keeps this on the valid side of the forgery/agency line is an EXPLICIT,
|
||||
-- per-document authorization from the signer to reproduce their signature in ink
|
||||
-- on this specific document.
|
||||
--
|
||||
-- These columns capture that consent at signing time, alongside the existing
|
||||
-- perjury attestation. They are only meaningful for drawn signatures on ink-path
|
||||
-- documents (metadata.ink_reproduction = true); other docs leave them false/NULL.
|
||||
--
|
||||
-- Idempotent.
|
||||
|
||||
ALTER TABLE esign_records
|
||||
ADD COLUMN IF NOT EXISTS ink_consent BOOLEAN DEFAULT FALSE,
|
||||
ADD COLUMN IF NOT EXISTS ink_consent_at TIMESTAMPTZ,
|
||||
ADD COLUMN IF NOT EXISTS ink_consent_text TEXT;
|
||||
|
||||
COMMENT ON COLUMN esign_records.ink_consent IS
|
||||
'TRUE when the signer expressly authorized reproducing their drawn signature '
|
||||
'in ink on this document (pen-plotter path). Captured at signing time.';
|
||||
COMMENT ON COLUMN esign_records.ink_consent_at IS
|
||||
'When the ink-reproduction consent was given (signer-side timestamp).';
|
||||
COMMENT ON COLUMN esign_records.ink_consent_text IS
|
||||
'Verbatim consent language the signer agreed to (for the audit trail).';
|
||||
26
api/migrations/092_esign_sign_consent.sql
Normal file
26
api/migrations/092_esign_sign_consent.sql
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
-- 092: Per-document signing authorization on signature records.
|
||||
--
|
||||
-- On the Standard (no-login) CMS filing path the signer gives an EXPLICIT,
|
||||
-- per-document authorization to use their drawn signature to complete and submit
|
||||
-- the filing on their behalf. These columns capture that authorization at
|
||||
-- signing time, alongside the existing perjury attestation. They are only
|
||||
-- meaningful for drawn signatures on documents that require it
|
||||
-- (metadata.require_sign_consent = true); other docs leave them false/NULL.
|
||||
--
|
||||
-- NB: the column names use the ink_consent* prefix for historical/migration
|
||||
-- compatibility; they store the generic signing authorization described above.
|
||||
--
|
||||
-- Idempotent.
|
||||
|
||||
ALTER TABLE esign_records
|
||||
ADD COLUMN IF NOT EXISTS ink_consent BOOLEAN DEFAULT FALSE,
|
||||
ADD COLUMN IF NOT EXISTS ink_consent_at TIMESTAMPTZ,
|
||||
ADD COLUMN IF NOT EXISTS ink_consent_text TEXT;
|
||||
|
||||
COMMENT ON COLUMN esign_records.ink_consent IS
|
||||
'TRUE when the signer expressly authorized using their drawn signature to '
|
||||
'complete and submit this filing. Captured at signing time.';
|
||||
COMMENT ON COLUMN esign_records.ink_consent_at IS
|
||||
'When the signing authorization was given (signer-side timestamp).';
|
||||
COMMENT ON COLUMN esign_records.ink_consent_text IS
|
||||
'Verbatim authorization language the signer agreed to (for the audit trail).';
|
||||
Loading…
Add table
Add a link
Reference in a new issue