LG-12067 TMX Integration Specs

[JackRyan1989]

🎫 Ticket

Link to the relevant ticket:
LG-12067

🛠 Summary of changes

Lots of specs written.

To do:

1. Confirm that all testing conditions outlined in this document are met (I think they are but they need to be double checked)
2. Add a changelog
3. Integrate @n1zyy's changes from Bugfix: Clear in_person_verification_pending_at on fraud deactivation #10222 and get the specs all green again.
4. Re Set up Code Climate #4 - two specs are failing for me when I add in this change: the cancellation spec starting on line 252 of in_person_threatmetrix_spec and the IPP fail and TMX fail spec starting on line 234. See if you can replicate these failures and then fix. There's a third test that's failing as well but I think that one is chromedriver based. Not sure though.

📜 Testing Plan

Get the specs to pass

[JackRyan1989]

So in thinking about this a bit more, this maybe isn't the best idea. I'm obscuring some important things that happen in the flow, and are basically stand-ins for the get_usps_proofing_job. Not sure what the best approach here is. I suppose this can be unwound so that the deactivation and updates are more explicit in the spec, or this thing can be moved to the in_person_helper if that is a more appropriate place for this sort of method.

[svalexander]

i do like the idea of moving this function out of the file...maybe to a threatmetrix_helper file? though the in_person_helper is also a good place

[n1zyy]

I keep going back and forth on the best approach here. I have two somewhat contradictory opinions:

1. Too many of our tests are really redundant, repeating with just a few changes like 20 lines of setup for each case, that could really be factored out. Beyond some ideas about cleanliness, I think this would make it easier to reason about what was happening.
2. Some of our tests take shortcuts with setup that aren't consistent with what happens "in the real world," and occasionally this masks issues.

So I like this approach for helping with #1. For #2, I wonder if you could actually call GetUspsProofingResultsJob live here?

But, I also think this is an improvement as-is and am on board with your improved, expanded test coverage and potentially coming back later to polish it a bit more.

[svalexander]

those are great points. as for using that job I believe we could do that here. I'll try to update it

[svalexander]

I'm encountering an error related to usermailer when I try to include GetUspsProofingResultsJob. I wonder if that's why we're updating the enrollment as we are here, to get around the mailer issue?

[JackRyan1989]

@svalexander that's exactly why I went with directly updating the enrollment.

[JackRyan1989]

added this arg to help toggle the tmx_status. However, we don't always toggle the value, hence the default nil.

[svalexander]

this is a great addition

[JackRyan1989]

Decided to make a helper method for the entire flow from sign in to personal key acknowledgement. I don't think I'm duplicating work here?

[svalexander]

from what i can see that seems accurate. good addition to have

[n1zyy]

I'm biased, but I like this approach. It DRYs up a lot.

[JackRyan1989]

The proofed_at and status_check_completed_at values are never checked. So I suppose we could remove them, but I wanted to more closely emulate how the enrollment gets updated.

[JackRyan1989]

Moved the TMX related specs to in_person_threatmetrix_spec.rb

[svalexander]

this now fails after the merge of the recent bug fix. The before action confirm_fraud_pending in the please_call_controller is not redirecting as fraud_review_pending? is true. (though that method would redirect us to the account page and not the welcome page)

[svalexander]

Ticket added to address these 2 commented out specs

[n1zyy]

Nice work here, both @JackRyan1989 for laying an excellent foundation that exposed some bugs, and @svalexander for picking it up and running with it (and also catching bugs 🥲).

Please remove WIP from the PR title before merging, but I'm really happy with where this ended up. All that remains is rubocop yelling that a commented-out line is now one character too long.

[n1zyy]

I keep going back and forth on the best approach here. I have two somewhat contradictory opinions:

1. Too many of our tests are really redundant, repeating with just a few changes like 20 lines of setup for each case, that could really be factored out. Beyond some ideas about cleanliness, I think this would make it easier to reason about what was happening.
2. Some of our tests take shortcuts with setup that aren't consistent with what happens "in the real world," and occasionally this masks issues.

So I like this approach for helping with #1. For #2, I wonder if you could actually call GetUspsProofingResultsJob live here?

But, I also think this is an improvement as-is and am on board with your improved, expanded test coverage and potentially coming back later to polish it a bit more.

[n1zyy]

Not for this PR, especially because this was just moved around (and I think I may have written the original line I'm now objecting to 😆), but I wonder if we can move the .tr(' ', ' ')) pattern into a helper method explaining what the heck it's doing later on. It's not at all intuitive that these are two different strings (replacing a non-breaking space with a regular space, or vice versa).

But again, not for now. I'll file a ticket.

[n1zyy]

LG-12736 created for this.