mozilla / blurts-server / #11912

  const emailCount = 1 + (req.user.email_addresses?.length || 0) // +1 because user.email_addresses does not include primary

  const breachesData = await getAllEmailsAndBreaches(req.user, req.app.locals.breaches)

  appendBreachResolutionChecklist(breachesData)

  const data = {

  res.send(mainLayout(data))

  const allBreaches = req.app.locals.breaches

  const sessionUser = req.user

  const resp = await getAllEmailsAndBreaches(sessionUser, allBreaches)

  return res.json(resp)

  const sessionUser = req.user

  const { affectedEmail, recencyIndex, resolutionsChecked } = req.body

  const recencyIndexNumber = Number(recencyIndex)

  const affectedEmailIsSubscriberRecord = sessionUser.primary_email === affectedEmail

  const affectedEmailInEmailAddresses = sessionUser.email_addresses.filter(ea => ea.email === affectedEmail)

  if (!affectedEmailIsSubscriberRecord && !affectedEmailInEmailAddresses) {

    return res.json('Error: affectedEmail is not valid for this subscriber')

  const allBreaches = req.app.locals.breaches

  const { verifiedEmails } = await getAllEmailsAndBreaches(req.session.user, allBreaches)

  const currentEmail = verifiedEmails.find(ve => ve.email === affectedEmailInEmailAddresses[0].email)

  const currentBreaches = currentEmail.breaches?.filter(b => b.recencyIndex === recencyIndexNumber)

  if (!currentBreaches) {

    return res.json('Error: the recencyIndex provided does not exist')

  const isSubset = resolutionsChecked.every(val => currentBreaches[0].DataClasses.includes(val))

  if (!isSubset) {

    return res.json(`Error: the resolutionChecked param contains more than allowed data types: ${resolutionsChecked}`)

  const currentBreachDataTypes = currentBreaches[0].DataClasses // get this from existing breaches

  const currentBreachResolution = req.user.breach_resolution || {} // get this from existing breach resolution if available

  const isResolved = resolutionsChecked.length === currentBreachDataTypes.length

  currentBreachResolution[affectedEmail] = {

    ...(currentBreachResolution[affectedEmail] || {}),

  const updatedSubscriber = await setBreachResolution(sessionUser, currentBreachResolution)

  req.session.user = updatedSubscriber

  const userBreachStats = breachStatsV1(verifiedEmails)

  await updateBreachStats(sessionUser.id, userBreachStats)

  res.json(updatedSubscriber.breach_resolution)

  const breachStats = {

  let foundBreaches = []

  verifiedEmails.forEach(email => {

    email.breaches.forEach(breach => {

      if (breach.IsResolved) {

        breachStats.numBreaches.numResolved++

      const dataClasses = breach.DataClasses

      if (dataClasses.includes('passwords')) {

        breachStats.passwords.count++

        if (breach.IsResolved) {

          breachStats.passwords.numResolved++

    foundBreaches = [...foundBreaches, ...email.breaches]

  breachStats.monitoredEmails.count = verifiedEmails.length

  breachStats.numBreaches.count = foundBreaches.length

  breachStats.numBreaches.numUnresolved = breachStats.numBreaches.count - breachStats.numBreaches.numResolved

  return breachStats