From eb2a54354947b6010dc92154c675829bdeb0aa01 Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Fri, 21 Mar 2025 16:37:03 -0400 Subject: [PATCH 1/7] Allow approving pending IPP enrollments in int Currently, when testing the IPP flow in the sandbox (int), one must wait 1 to 2 hours before the verification is complete. The sandbox is the environment that all our partners use to test their apps, and that the Partnerships team uses to test, and for live demos for partners. Having to wait 1 to 2 hours is a huge blocker. A few months ago, a feature was built that allows approving pending IPP enrollments immediately via the /test/ipp route. This feature was originally built for local development only. This PR seeks to make this feature available in our `int` host as well. In the process, I made some improvements to the existing feature, such as: - Add controller and feature tests - Move the logic that determines whether or not this feature is available to `FeatureManagement` - Make sure the user is fully authenticated - In `int`, only display pending enrollments that belong to the current user - Make queries more robust and performant with `find_by` and avoiding N+1 queries - In the view, use `size` instead of `count`, since `count` can lead to some issues in some cases (although unlikely in this situation). See this true story: https://www.moncefbelyamani.com/the-6-characters-that-could-bring-down-your-rails-app/ --- app/controllers/test/ipp_controller.rb | 29 ++++++-- app/views/test/ipp/index.html.erb | 8 +- lib/feature_management.rb | 9 +++ spec/controllers/test/ipp_controller_spec.rb | 74 +++++++++++++++++++ .../approving_pending_ipp_enrollments_spec.rb | 41 ++++++++++ spec/lib/feature_management_spec.rb | 47 ++++++++++++ 6 files changed, 197 insertions(+), 11 deletions(-) create mode 100644 spec/controllers/test/ipp_controller_spec.rb create mode 100644 spec/features/test/approving_pending_ipp_enrollments_spec.rb diff --git a/app/controllers/test/ipp_controller.rb b/app/controllers/test/ipp_controller.rb index d7b5552eada..88dc40b9284 100644 --- a/app/controllers/test/ipp_controller.rb +++ b/app/controllers/test/ipp_controller.rb @@ -4,12 +4,11 @@ module Test class IppController < ApplicationController layout 'no_card' - before_action :render_not_found_in_production + before_action :authorize + before_action :confirm_two_factor_authenticated def index - @enrollments = InPersonEnrollment - .order(created_at: :desc) - .limit(10) + @enrollments = Rails.env.development? ? all_enrollments : enrollments_for_current_user @enrollments_with_actions = @enrollments.map do |e| case e.status @@ -21,10 +20,12 @@ def index def update enrollment_id = params['enrollment'].to_i - enrollment = InPersonEnrollment.find(enrollment_id) + enrollment = InPersonEnrollment.find_by(id: enrollment_id) if enrollment.present? approve_enrollment(enrollment) + else + flash[:error] = "Could not find pending IPP enrollment with ID #{enrollment_id}" end redirect_to test_ipp_url @@ -32,6 +33,19 @@ def update private + def enrollments_for_current_user + InPersonEnrollment + .order(created_at: :desc) + .where(user_id: current_user&.id) + end + + def all_enrollments + InPersonEnrollment + .includes(:user) + .order(created_at: :desc) + .limit(10) + end + def approve_enrollment(enrollment) return if !enrollment.pending? @@ -52,8 +66,9 @@ def approve_enrollment(enrollment) job.send(:process_enrollment_response, enrollment, res) end - def render_not_found_in_production - return unless Rails.env.production? + def authorize + return if FeatureManagement.allow_ipp_enrollment_approval? + render_not_found end end diff --git a/app/views/test/ipp/index.html.erb b/app/views/test/ipp/index.html.erb index b9bef3a6e14..535a27eacc9 100644 --- a/app/views/test/ipp/index.html.erb +++ b/app/views/test/ipp/index.html.erb @@ -6,16 +6,16 @@
- <% if @enrollments.count == 0 %> + <% if @enrollments.size == 0 %>

There are no recent in-person enrollments.

<% else %>

Listed below - <%= @enrollments.count == 1 ? 'is' : 'are' %> - the <%= @enrollments.count %> most recent - in-person enrollment<%= @enrollments.count == 1 ? '' : 's' %>. + <%= @enrollments.size == 1 ? 'is' : 'are' %> + the <%= @enrollments.size %> most recent + in-person enrollment<%= @enrollments.size == 1 ? '' : 's' %>.

diff --git a/lib/feature_management.rb b/lib/feature_management.rb index a34a2ec6ef7..b9f452cbc8a 100644 --- a/lib/feature_management.rb +++ b/lib/feature_management.rb @@ -174,4 +174,13 @@ def self.idv_by_mail_only? outage_status.any_phone_vendor_outage? || outage_status.phone_finder_outage? end + + # int is our sandbox environment that all partners use to test their apps, + # and that the Partnerships team uses for testing and live demos for our partners. + # This feature allows pending IPP enrollments to be approved immediately in int, + # as opposed to having to wait more than 1 hour, which is not acceptable for + # testing purposes. See test/ipp_controller.rb + def self.allow_ipp_enrollment_approval? + Identity::Hostdata.env == 'int' || Rails.env.development? + end end diff --git a/spec/controllers/test/ipp_controller_spec.rb b/spec/controllers/test/ipp_controller_spec.rb new file mode 100644 index 00000000000..f5993c67453 --- /dev/null +++ b/spec/controllers/test/ipp_controller_spec.rb @@ -0,0 +1,74 @@ +require 'rails_helper' + +RSpec.describe Test::IppController do + describe 'GET index' do + context 'when allow_ipp_enrollment_approval? is true' do + it 'renders enrollments' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + + stub_sign_in + get :index + + expect(response.status).to eq 200 + expect(response).to_not be_redirect + expect(subject).to render_template(:index) + end + end + + context 'when allow_ipp_enrollment_approval? is false' do + it 'renders 404' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(false) + + stub_sign_in + get :index + + expect(response.status).to eq 404 + expect(response).to render_template('pages/page_not_found') + end + end + end + + describe 'PUT update' do + context 'when allow_ipp_enrollment_approval? is true and pending enrollment is found' do + it 'updates the enrollment via a background job' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + job = instance_double(GetUspsProofingResultsJob) + allow(GetUspsProofingResultsJob).to receive(:new).and_return(job) + allow(job).to receive(:send).and_return(true) + + stub_sign_in + put :update, params: { enrollment: InPersonEnrollment.last.id.to_s } + + expect(response).to redirect_to test_ipp_url + expect(job).to have_received(:send) + end + end + + context 'when allow_ipp_enrollment_approval? is true but enrollment is not found' do + it 'redirects to ipp_test_url with flash error' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + + stub_sign_in + put :update, params: { enrollment: "1" } + + expect(response).to redirect_to test_ipp_url + expect(flash[:error]).to eq "Could not find pending IPP enrollment with ID 1" + end + end + + context 'when allow_ipp_enrollment_approval? is false' do + it 'renders 404' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(false) + + stub_sign_in + put :update + + expect(response.status).to eq 404 + expect(response).to render_template('pages/page_not_found') + end + end + end +end diff --git a/spec/features/test/approving_pending_ipp_enrollments_spec.rb b/spec/features/test/approving_pending_ipp_enrollments_spec.rb new file mode 100644 index 00000000000..eecbc2b6393 --- /dev/null +++ b/spec/features/test/approving_pending_ipp_enrollments_spec.rb @@ -0,0 +1,41 @@ +require "rails_helper" + +RSpec.describe "Approving Pending IPP Enrollments" do + context "when host is int" do + it "only shows pending enrollments for the current user", allow_browser_log: true do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + + first_user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + second_user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + + sign_in_and_2fa_user(first_user) + visit test_ipp_path + + expect(page).to have_content(first_user.uuid) + expect(page).not_to have_content(second_user.uuid) + end + end + + context "when Rails env is development" do + it "shows all pending enrollments", allow_browser_log: true do + allow(Rails.env).to receive(:development?).and_return(true) + + first_user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + second_user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + + sign_in_and_2fa_user(second_user) + visit test_ipp_path + + expect(page).to have_content(first_user.uuid) + expect(page).to have_content(second_user.uuid) + end + end +end diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index f5c88b2fe6c..7489c3bb82a 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -537,4 +537,51 @@ end end end + + describe "allow_ipp_enrollment_approval?" do + context "when host is int and Rails env is production" do + it "returns true" do + allow(Identity::Hostdata).to receive(:env).and_return("int") + allow(Rails.env).to receive(:production?).and_return(true) + + expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq true + end + end + + context "when host is dev and Rails env is production" do + it "returns false" do + allow(Identity::Hostdata).to receive(:env).and_return("dev") + allow(Rails.env).to receive(:production?).and_return(true) + + expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false + end + end + + context "when host is staging and Rails env is production" do + it "returns false" do + allow(Identity::Hostdata).to receive(:env).and_return("staging") + allow(Rails.env).to receive(:production?).and_return(true) + + expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false + end + end + + context "when host is prod and Rails env is production" do + it "returns false" do + allow(Identity::Hostdata).to receive(:env).and_return("prod") + allow(Rails.env).to receive(:production?).and_return(true) + + expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false + end + end + + context "when host is local and Rails env is development" do + it "returns true" do + allow(Identity::Hostdata).to receive(:env).and_return(nil) + allow(Rails.env).to receive(:development?).and_return(true) + + expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq true + end + end + end end From fdbe78c2120ce335ac3ca24d900aae8433407fb8 Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Wed, 26 Mar 2025 10:36:04 -0400 Subject: [PATCH 2/7] Allow enabling the feature via IdentityConfig This makes it more flexible to enable it on different hosts, without having to make code changes in FeatureManagement. --- config/application.yml.default | 2 ++ lib/feature_management.rb | 2 +- lib/identity_config.rb | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/config/application.yml.default b/config/application.yml.default index 95e0b75806d..a5b26f065f1 100644 --- a/config/application.yml.default +++ b/config/application.yml.default @@ -188,6 +188,7 @@ in_person_email_reminder_early_benchmark_in_days: 11 in_person_email_reminder_final_benchmark_in_days: 1 in_person_email_reminder_late_benchmark_in_days: 4 in_person_enrollment_validity_in_days: 30 +in_person_enrollments_immediate_approval_enabled: false in_person_enrollments_ready_job_cron: '0/10 * * * *' in_person_enrollments_ready_job_email_body_pattern: '\A\s*(?\d{16})\s*\Z' in_person_enrollments_ready_job_enabled: false @@ -484,6 +485,7 @@ development: hmac_fingerprinter_key: a2c813d4dca919340866ba58063e4072adc459b767a74cf2666d5c1eef3861db26708e7437abde1755eb24f4034386b0fea1850a1cb7e56bff8fae3cc6ade96c hmac_fingerprinter_key_queue: '["11111111111111111111111111111111", "22222222222222222222222222222222"]' identity_pki_local_dev: true + in_person_enrollments_immediate_approval_enabled: true in_person_proofing_enabled: true in_person_proofing_enforce_tmx: true in_person_proofing_opt_in_enabled: true diff --git a/lib/feature_management.rb b/lib/feature_management.rb index b9f452cbc8a..43e6ffd0023 100644 --- a/lib/feature_management.rb +++ b/lib/feature_management.rb @@ -181,6 +181,6 @@ def self.idv_by_mail_only? # as opposed to having to wait more than 1 hour, which is not acceptable for # testing purposes. See test/ipp_controller.rb def self.allow_ipp_enrollment_approval? - Identity::Hostdata.env == 'int' || Rails.env.development? + IdentityConfig.store.in_person_enrollments_immediate_approval_enabled end end diff --git a/lib/identity_config.rb b/lib/identity_config.rb index 48a1033d3bf..40dd60d35f0 100644 --- a/lib/identity_config.rb +++ b/lib/identity_config.rb @@ -214,6 +214,7 @@ def self.store config.add(:in_person_email_reminder_final_benchmark_in_days, type: :integer) config.add(:in_person_email_reminder_late_benchmark_in_days, type: :integer) config.add(:in_person_enrollment_validity_in_days, type: :integer) + config.add(:in_person_enrollments_immediate_approval_enabled, type: :boolean) config.add(:in_person_enrollments_ready_job_cron, type: :string) config.add(:in_person_enrollments_ready_job_email_body_pattern, type: :string) config.add(:in_person_enrollments_ready_job_enabled, type: :boolean) From 365765ec77be8cb013bc61d76dea4546a28ef6b8 Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Thu, 27 Mar 2025 16:30:06 -0400 Subject: [PATCH 3/7] Fix spec and Rubocop offenses --- app/controllers/test/ipp_controller.rb | 2 +- spec/controllers/test/ipp_controller_spec.rb | 4 +-- .../approving_pending_ipp_enrollments_spec.rb | 15 +++++----- spec/lib/feature_management_spec.rb | 30 +++++++++---------- 4 files changed, 26 insertions(+), 25 deletions(-) diff --git a/app/controllers/test/ipp_controller.rb b/app/controllers/test/ipp_controller.rb index 88dc40b9284..2b2153e8373 100644 --- a/app/controllers/test/ipp_controller.rb +++ b/app/controllers/test/ipp_controller.rb @@ -25,7 +25,7 @@ def update if enrollment.present? approve_enrollment(enrollment) else - flash[:error] = "Could not find pending IPP enrollment with ID #{enrollment_id}" + flash[:error] = "Could not find pending IPP enrollment with ID #{enrollment_id}" end redirect_to test_ipp_url diff --git a/spec/controllers/test/ipp_controller_spec.rb b/spec/controllers/test/ipp_controller_spec.rb index f5993c67453..1511c940d4d 100644 --- a/spec/controllers/test/ipp_controller_spec.rb +++ b/spec/controllers/test/ipp_controller_spec.rb @@ -52,10 +52,10 @@ allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) stub_sign_in - put :update, params: { enrollment: "1" } + put :update, params: { enrollment: '1' } expect(response).to redirect_to test_ipp_url - expect(flash[:error]).to eq "Could not find pending IPP enrollment with ID 1" + expect(flash[:error]).to eq 'Could not find pending IPP enrollment with ID 1' end end diff --git a/spec/features/test/approving_pending_ipp_enrollments_spec.rb b/spec/features/test/approving_pending_ipp_enrollments_spec.rb index eecbc2b6393..22a08f853b9 100644 --- a/spec/features/test/approving_pending_ipp_enrollments_spec.rb +++ b/spec/features/test/approving_pending_ipp_enrollments_spec.rb @@ -1,10 +1,10 @@ -require "rails_helper" +require 'rails_helper' +require 'axe-rspec' -RSpec.describe "Approving Pending IPP Enrollments" do - context "when host is int" do - it "only shows pending enrollments for the current user", allow_browser_log: true do +RSpec.describe 'Approving Pending IPP Enrollments' do + context 'when Rails env is not development and allow_ipp_enrollment_approval? is true' do + it 'only shows pending enrollments for the current user', allow_browser_log: true do allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) - first_user = create( :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' ) @@ -20,8 +20,9 @@ end end - context "when Rails env is development" do - it "shows all pending enrollments", allow_browser_log: true do + context 'when Rails env is development and allow_ipp_enrollment_approval? is true' do + it 'shows all pending enrollments', allow_browser_log: true do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) allow(Rails.env).to receive(:development?).and_return(true) first_user = create( diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index 7489c3bb82a..d31270c1981 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -538,45 +538,45 @@ end end - describe "allow_ipp_enrollment_approval?" do - context "when host is int and Rails env is production" do - it "returns true" do - allow(Identity::Hostdata).to receive(:env).and_return("int") + describe 'allow_ipp_enrollment_approval?' do + context 'when host is int and Rails env is production' do + it 'returns true' do + allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq true end end - context "when host is dev and Rails env is production" do - it "returns false" do - allow(Identity::Hostdata).to receive(:env).and_return("dev") + context 'when host is dev and Rails env is production' do + it 'returns false' do + allow(Identity::Hostdata).to receive(:env).and_return('dev') allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false end end - context "when host is staging and Rails env is production" do - it "returns false" do - allow(Identity::Hostdata).to receive(:env).and_return("staging") + context 'when host is staging and Rails env is production' do + it 'returns false' do + allow(Identity::Hostdata).to receive(:env).and_return('staging') allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false end end - context "when host is prod and Rails env is production" do - it "returns false" do - allow(Identity::Hostdata).to receive(:env).and_return("prod") + context 'when host is prod and Rails env is production' do + it 'returns false' do + allow(Identity::Hostdata).to receive(:env).and_return('prod') allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false end end - context "when host is local and Rails env is development" do - it "returns true" do + context 'when host is local and Rails env is development' do + it 'returns true' do allow(Identity::Hostdata).to receive(:env).and_return(nil) allow(Rails.env).to receive(:development?).and_return(true) From 71d52b3958cd37d9eddfe0f7bb1377f41b73c013 Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Thu, 27 Mar 2025 19:46:41 -0400 Subject: [PATCH 4/7] fix feature management specs --- spec/lib/feature_management_spec.rb | 37 +++++------------------------ 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index d31270c1981..3e7b690d0e0 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -539,49 +539,24 @@ end describe 'allow_ipp_enrollment_approval?' do - context 'when host is int and Rails env is production' do + context 'when IdentityConfig.store.in_person_enrollments_immediate_approval_enabled is true' do it 'returns true' do - allow(Identity::Hostdata).to receive(:env).and_return('int') + allow(IdentityConfig.store).to receive(:in_person_enrollments_immediate_approval_enabled). + and_return(true) allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq true end end - context 'when host is dev and Rails env is production' do + context 'when IdentityConfig.store.in_person_enrollments_immediate_approval_enabled is false' do it 'returns false' do - allow(Identity::Hostdata).to receive(:env).and_return('dev') + allow(IdentityConfig.store).to receive(:in_person_enrollments_immediate_approval_enabled). + and_return(false) allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false end end - - context 'when host is staging and Rails env is production' do - it 'returns false' do - allow(Identity::Hostdata).to receive(:env).and_return('staging') - allow(Rails.env).to receive(:production?).and_return(true) - - expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false - end - end - - context 'when host is prod and Rails env is production' do - it 'returns false' do - allow(Identity::Hostdata).to receive(:env).and_return('prod') - allow(Rails.env).to receive(:production?).and_return(true) - - expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false - end - end - - context 'when host is local and Rails env is development' do - it 'returns true' do - allow(Identity::Hostdata).to receive(:env).and_return(nil) - allow(Rails.env).to receive(:development?).and_return(true) - - expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq true - end - end end end From d1d4f89574d26aacb0c34fa726d4ff044ffa161e Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Fri, 28 Mar 2025 09:02:44 -0400 Subject: [PATCH 5/7] Only allow current user to update own enrollment --- app/controllers/test/ipp_controller.rb | 15 +++++- spec/controllers/test/ipp_controller_spec.rb | 50 ++++++++++++++++++++ spec/lib/feature_management_spec.rb | 8 ++-- 3 files changed, 67 insertions(+), 6 deletions(-) diff --git a/app/controllers/test/ipp_controller.rb b/app/controllers/test/ipp_controller.rb index 2b2153e8373..4bcc3bbab83 100644 --- a/app/controllers/test/ipp_controller.rb +++ b/app/controllers/test/ipp_controller.rb @@ -19,8 +19,7 @@ def index end def update - enrollment_id = params['enrollment'].to_i - enrollment = InPersonEnrollment.find_by(id: enrollment_id) + enrollment = Rails.env.development? ? enrollment_for_id : enrollment_for_current_user if enrollment.present? approve_enrollment(enrollment) @@ -46,6 +45,18 @@ def all_enrollments .limit(10) end + def enrollment_for_current_user + InPersonEnrollment.find_by(id: enrollment_id, user_id: current_user&.id) + end + + def enrollment_for_id + InPersonEnrollment.find_by(id: enrollment_id) + end + + def enrollment_id + params['enrollment'].to_i + end + def approve_enrollment(enrollment) return if !enrollment.pending? diff --git a/spec/controllers/test/ipp_controller_spec.rb b/spec/controllers/test/ipp_controller_spec.rb index 1511c940d4d..77603324704 100644 --- a/spec/controllers/test/ipp_controller_spec.rb +++ b/spec/controllers/test/ipp_controller_spec.rb @@ -32,6 +32,8 @@ context 'when allow_ipp_enrollment_approval? is true and pending enrollment is found' do it 'updates the enrollment via a background job' do allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + allow(Rails.env).to receive(:development?).and_return(true) + create( :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' ) @@ -50,6 +52,7 @@ context 'when allow_ipp_enrollment_approval? is true but enrollment is not found' do it 'redirects to ipp_test_url with flash error' do allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + allow(Rails.env).to receive(:development?).and_return(true) stub_sign_in put :update, params: { enrollment: '1' } @@ -59,6 +62,53 @@ end end + context 'when Rails env is not development and enrollment id belongs to current user' do + it 'updates the enrollment via a background job' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + allow(Rails.env).to receive(:development?).and_return(false) + + user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + job = instance_double(GetUspsProofingResultsJob) + allow(GetUspsProofingResultsJob).to receive(:new).and_return(job) + allow(job).to receive(:send).and_return(true) + + stub_sign_in(user) + put :update, params: { enrollment: InPersonEnrollment.last.id.to_s } + + expect(response).to redirect_to test_ipp_url + expect(job).to have_received(:send) + end + end + + context 'when Rails env is not development and enrollment id does not belong to current user' do + it 'does not update the enrollment' do + allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + allow(Rails.env).to receive(:development?).and_return(false) + + first_user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + second_user = create( + :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' + ) + job = instance_double(GetUspsProofingResultsJob) + allow(GetUspsProofingResultsJob).to receive(:new).and_return(job) + allow(job).to receive(:send).and_return(true) + + enrollment_id_for_first_user = InPersonEnrollment.find_by(user_id: first_user.id).id + + stub_sign_in(second_user) + put :update, params: { enrollment: enrollment_id_for_first_user } + + expect(response).to redirect_to test_ipp_url + expect(job).not_to have_received(:send) + expect(flash[:error]) + .to eq "Could not find pending IPP enrollment with ID #{enrollment_id_for_first_user}" + end + end + context 'when allow_ipp_enrollment_approval? is false' do it 'renders 404' do allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(false) diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index 3e7b690d0e0..e1482a2a31e 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -541,8 +541,8 @@ describe 'allow_ipp_enrollment_approval?' do context 'when IdentityConfig.store.in_person_enrollments_immediate_approval_enabled is true' do it 'returns true' do - allow(IdentityConfig.store).to receive(:in_person_enrollments_immediate_approval_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:in_person_enrollments_immediate_approval_enabled) + .and_return(true) allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq true @@ -551,8 +551,8 @@ context 'when IdentityConfig.store.in_person_enrollments_immediate_approval_enabled is false' do it 'returns false' do - allow(IdentityConfig.store).to receive(:in_person_enrollments_immediate_approval_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:in_person_enrollments_immediate_approval_enabled) + .and_return(false) allow(Rails.env).to receive(:production?).and_return(true) expect(FeatureManagement.allow_ipp_enrollment_approval?).to eq false From 824b16ff040c0b0d17727449a24404093b8e6d02 Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Fri, 28 Mar 2025 17:08:25 -0400 Subject: [PATCH 6/7] Simplify feature spec --- .../test/approving_pending_ipp_enrollments_spec.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/features/test/approving_pending_ipp_enrollments_spec.rb b/spec/features/test/approving_pending_ipp_enrollments_spec.rb index 22a08f853b9..fb0c44a09c3 100644 --- a/spec/features/test/approving_pending_ipp_enrollments_spec.rb +++ b/spec/features/test/approving_pending_ipp_enrollments_spec.rb @@ -1,10 +1,10 @@ require 'rails_helper' -require 'axe-rspec' RSpec.describe 'Approving Pending IPP Enrollments' do - context 'when Rails env is not development and allow_ipp_enrollment_approval? is true' do - it 'only shows pending enrollments for the current user', allow_browser_log: true do + context 'when Rails env is not development' do + it 'only shows pending enrollments for the current user' do allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) + first_user = create( :user, :with_phone, :with_pending_in_person_enrollment, password: 'p@assword!' ) @@ -20,7 +20,7 @@ end end - context 'when Rails env is development and allow_ipp_enrollment_approval? is true' do + context 'when Rails env is development' do it 'shows all pending enrollments', allow_browser_log: true do allow(FeatureManagement).to receive(:allow_ipp_enrollment_approval?).and_return(true) allow(Rails.env).to receive(:development?).and_return(true) From ec83ddd1d564e066054fc6b33707abf14ee22ef3 Mon Sep 17 00:00:00 2001 From: Moncef Belyamani Date: Fri, 28 Mar 2025 17:23:32 -0400 Subject: [PATCH 7/7] shorten comment --- lib/feature_management.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/lib/feature_management.rb b/lib/feature_management.rb index 43e6ffd0023..797b1ef47e3 100644 --- a/lib/feature_management.rb +++ b/lib/feature_management.rb @@ -175,11 +175,9 @@ def self.idv_by_mail_only? outage_status.phone_finder_outage? end - # int is our sandbox environment that all partners use to test their apps, - # and that the Partnerships team uses for testing and live demos for our partners. - # This feature allows pending IPP enrollments to be approved immediately in int, - # as opposed to having to wait more than 1 hour, which is not acceptable for - # testing purposes. See test/ipp_controller.rb + # This feature allows pending IPP enrollments to be approved immediately, as + # opposed to having to wait close to 2 hours, which is not ideal when testing. + # See test/ipp_controller.rb def self.allow_ipp_enrollment_approval? IdentityConfig.store.in_person_enrollments_immediate_approval_enabled end