Simplify session with trust check to only consider user

app/helpers/application_helper.rb

@@ -40,15 +40,6 @@ def user_signing_up?
     )
   end
 
-  def session_with_trust?
-    current_user || page_with_trust?
-  end
-
-  def page_with_trust?
-    return false if current_page?(controller: '/users/sessions', action: 'new')
-    return true
-  end
-
   def ial2_requested?
     resolved_authn_context_result.identity_proofing?
   end

app/views/devise/sessions/new.html.erb

@@ -87,3 +87,11 @@
 <% end %>
 
 <%= javascript_packs_tag_once('platform-authenticator-available') %>
+<% if IdentityConfig.store.participate_in_dap %>
+  <!-- <%= t('notices.dap_participation') %> -->
+  <%= javascript_packs_tag_once(
+        'https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA&subagency=TTS',
+        async: true,
+        id: '_fed_an_ua_tag',
+      ) %>
+<% end %>

app/views/layouts/base.html.erb

@@ -70,8 +70,6 @@
       ) %>
   <%= javascript_packs_tag_once('track-errors', async: true) if BrowserSupport.supported?(request.user_agent) %>
   <%= render_javascript_pack_once_tags %>
-
-  <%= render 'shared/dap_analytics' if IdentityConfig.store.participate_in_dap && !session_with_trust? %>
 <% end %>
 
 </html>

lib/asset_sources.rb

@@ -22,7 +22,9 @@ def get_sources(*names)
     load_manifest_if_needed
 
     locale_sources, sources = names.flat_map do |name|
-      manifest&.dig('entrypoints', name, 'assets', 'js')
+      manifest&.dig('entrypoints', name, 'assets', 'js').presence || begin
+        [name] if name.match?(URI::DEFAULT_PARSER.regexp[:ABS_URI])
+      end
     end.uniq.compact.partition { |source| @regexp_locale_suffix.match?(source) }
 
     [

spec/features/visitors/email_confirmation_spec.rb

@@ -2,14 +2,12 @@
 
 RSpec.feature 'Email confirmation during sign up', allowed_extra_analytics: [:*] do
   scenario 'confirms valid email and sets valid password' do
-    allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
     reset_email
     email = 'test@example.com'
     sign_up_with(email)
     open_email(email)
     visit_in_email(t('user_mailer.email_confirmation_instructions.link_text'))
 
-    expect(page.html).not_to include(t('notices.dap_participation'))
     expect(page).to have_content t('devise.confirmations.confirmed_but_must_set_password')
     expect(page).to have_title t('titles.confirmations.show')
     expect(page).to have_content t('forms.confirmation.show_hdr')
@@ -70,16 +68,13 @@
 
   context 'confirmed user is signed out and tries to confirm again' do
     it 'redirects to sign in page with message that user is already confirmed' do
-      allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
       sign_up_and_set_password
       logout(:user)
 
       visit sign_up_create_email_confirmation_url(confirmation_token: @raw_confirmation_token)
 
-      expect(page.html).to include(t('notices.dap_participation'))
       action = t('devise.confirmations.sign_in')
-      expect(page).
-        to have_content t('devise.confirmations.already_confirmed', action: action)
+      expect(page).to have_content t('devise.confirmations.already_confirmed', action:)
       expect(current_url).to eq new_user_session_url
     end
   end

spec/features/visitors/password_recovery_spec.rb

@@ -8,7 +8,6 @@
 
   context 'user enters valid email in forgot password form', email: true do
     it 'redirects to forgot_password path and sends an email to the user' do
-      allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
       user = create(:user, :fully_registered)
 
       visit root_path
@@ -34,7 +33,6 @@
       open_last_email
       click_email_link_matching(/reset_password_token/)
 
-      expect(page.html).not_to include(t('notices.dap_participation'))
       expect(current_path).to eq edit_user_password_path
     end
   end

spec/helpers/application_helper_spec.rb

@@ -60,40 +60,4 @@
       expect(helper.view_flow.get(:title)).to eq(title)
     end
   end
-
-  describe '#session_with_trust?' do
-    context 'no user present' do
-      before do
-        allow(controller).to receive(:current_user).and_return(nil)
-      end
-
-      context 'current path is new session path' do
-        it 'returns false' do
-          allow(helper).to receive(:current_page?).with(
-            controller: '/users/sessions', action: 'new',
-          ).and_return(true)
-
-          expect(helper.session_with_trust?).to eq false
-        end
-      end
-
-      context 'current path is not new session path' do
-        it 'returns true' do
-          allow(helper).to receive(:current_page?).with(
-            controller: '/users/sessions', action: 'new',
-          ).and_return(false)
-
-          expect(helper.session_with_trust?).to eq true
-        end
-      end
-    end
-
-    context 'curent user is present' do
-      it 'returns true' do
-        allow(controller).to receive(:current_user).and_return(true)
-
-        expect(helper.session_with_trust?).to eq true
-      end
-    end
-  end
 end

spec/lib/asset_sources_spec.rb

@@ -77,6 +77,15 @@
       ]
     end
 
+    it 'returns identity for any missing, url-like names' do
+      expect(asset_sources.get_sources('application', 'https://example.com/main.js')).to eq [
+        'application.en.js',
+        'vendor.js',
+        'application.js',
+        'https://example.com/main.js',
+      ]
+    end
+
     context 'unset manifest' do
       let(:manifest_content) { nil }
 

spec/support/features/session_helper.rb

@@ -680,7 +680,6 @@ def click_reset_password_link_from_email
       open_last_email
       click_email_link_matching(/reset_password_token/)
 
-      expect(page.html).not_to include(t('notices.dap_participation'))
       expect(current_path).to eq edit_user_password_path
     end
 

spec/views/devise/sessions/new.html.erb_spec.rb

@@ -168,4 +168,36 @@
       expect(rendered).to_not have_link t('account.login.piv_cac')
     end
   end
+
+  describe 'DAP analytics' do
+    let(:participate_in_dap) { false }
+
+    before do
+      allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(participate_in_dap)
+    end
+
+    context 'when configured to not participate in dap' do
+      let(:participate_in_dap) { false }
+
+      it 'does not render DAP analytics' do
+        allow(view).to receive(:javascript_packs_tag_once)
+        expect(view).not_to receive(:javascript_packs_tag_once).
+          with(a_string_matching('https://dap.digitalgov.gov/'), async: true, id: '_fed_an_ua_tag')
+
+        render
+      end
+    end
+
+    context 'when configured to participate in dap' do
+      let(:participate_in_dap) { true }
+
+      it 'renders DAP analytics' do
+        allow(view).to receive(:javascript_packs_tag_once)
+        expect(view).to receive(:javascript_packs_tag_once).
+          with(a_string_matching('https://dap.digitalgov.gov/'), async: true, id: '_fed_an_ua_tag')
+
+        render
+      end
+    end
+  end
 end

spec/views/layouts/application.html.erb_spec.rb

@@ -6,7 +6,6 @@
   let(:title_content) { 'Example' }
 
   before do
-    allow(view).to receive(:user_fully_authenticated?).and_return(true)
     allow(view).to receive(:decorated_sp_session).and_return(
       ServiceProviderSessionCreator.new(
         sp: nil,
@@ -16,9 +15,6 @@
       ).create_session,
     )
     allow(view.request).to receive(:original_fullpath).and_return('/foobar')
-    allow(view).to receive(:current_user).and_return(User.new)
-    controller.request.path_parameters[:controller] = 'users/sessions'
-    controller.request.path_parameters[:action] = 'new'
     view.title = title_content if title_content
   end
 
@@ -147,52 +143,6 @@
     end
   end
 
-  context 'user is not authenticated and is not on page with trust' do
-    it 'displays the DAP analytics' do
-      allow(view).to receive(:current_user).and_return(nil)
-      allow(view).to receive(:page_with_trust?).and_return(false)
-      allow(view).to receive(:user_fully_authenticated?).and_return(false)
-      allow(view).to receive(:decorated_sp_session).and_return(
-        ServiceProviderSessionCreator.new(
-          sp: nil,
-          view_context: nil,
-          sp_session: {},
-          service_provider_request: nil,
-        ).create_session,
-      )
-      allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
-
-      render
-
-      expect(view).to render_template(partial: 'shared/_dap_analytics')
-    end
-  end
-
-  context 'user is fully authenticated' do
-    it 'does not render the DAP analytics' do
-      allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
-
-      render
-
-      expect(view).not_to render_template(partial: 'shared/_dap_analytics')
-    end
-  end
-
-  context 'current_user is present but is not fully authenticated' do
-    before do
-      allow(view).to receive(:user_fully_authenticated?).and_return(false)
-      allow(view).to receive(:decorated_sp_session).and_return(NullServiceProviderSession.new)
-    end
-
-    it 'does not render the DAP analytics' do
-      allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
-
-      render
-
-      expect(view).not_to render_template(partial: 'shared/_dap_analytics')
-    end
-  end
-
   describe 'javascript error tracking' do
     context 'when browser is unsupported' do
       before do

spec/views/shared/_footer_lite.html.erb_spec.rb

@@ -1,44 +1,35 @@
 require 'rails_helper'
 
 RSpec.describe 'shared/_footer_lite.html.erb' do
-  context 'user is signed out' do
-    before do
-      controller.request.path_parameters[:controller] = 'users/sessions'
-      controller.request.path_parameters[:action] = 'new'
-    end
-
-    it 'contains link to help page' do
-      render
-
-      expect(rendered).to have_link(t('links.help'), href: MarketingSite.help_url)
-      expect(rendered).to have_selector("a[href='#{MarketingSite.help_url}'][target='_blank']")
-    end
-
-    it 'contains link to contact page' do
-      render
-
-      expect(rendered).to have_link(t('links.contact'), href: MarketingSite.contact_url)
-      expect(rendered).to have_selector("a[href='#{MarketingSite.contact_url}'][target='_blank']")
-    end
-
-    it 'contains link to privacy page' do
-      render
-
-      expect(rendered).to have_link(
-        t('links.privacy_policy'),
-        href: MarketingSite.security_and_privacy_practices_url,
-      )
-      expect(rendered).
-        to have_selector(
-          "a[href='#{MarketingSite.security_and_privacy_practices_url}']\
-[target='_blank']",
-        )
-    end
-
-    it 'contains GSA text' do
-      render
-
-      expect(rendered).to have_content(t('shared.footer_lite.gsa'))
-    end
+  it 'contains link to help page' do
+    render
+
+    expect(rendered).to have_link(t('links.help'), href: MarketingSite.help_url)
+    expect(rendered).to have_selector("a[href='#{MarketingSite.help_url}'][target='_blank']")
+  end
+
+  it 'contains link to contact page' do
+    render
+
+    expect(rendered).to have_link(t('links.contact'), href: MarketingSite.contact_url)
+    expect(rendered).to have_selector("a[href='#{MarketingSite.contact_url}'][target='_blank']")
+  end
+
+  it 'contains link to privacy page' do
+    render
+
+    expect(rendered).to have_link(
+      t('links.privacy_policy'),
+      href: MarketingSite.security_and_privacy_practices_url,
+    )
+    expect(rendered).to have_selector(
+      "a[href='#{MarketingSite.security_and_privacy_practices_url}'][target='_blank']",
+    )
+  end
+
+  it 'contains GSA text' do
+    render
+
+    expect(rendered).to have_content(t('shared.footer_lite.gsa'))
   end
 end