LG-16288: Guard against nil enrollment

app/controllers/idv/hybrid_handoff_controller.rb

@@ -69,12 +69,12 @@ def self.step_info
         key: :hybrid_handoff,
         controller: self,
         next_steps: [:choose_id_type, :link_sent, :document_capture, :socure_document_capture],
-        preconditions: ->(idv_session:, user:) {
-                         idv_session.idv_consent_given? &&
-                         (self.selected_remote(idv_session: idv_session) || # from opt-in screen
-                             # back from ipp doc capture screen
-                             idv_session.skip_doc_auth_from_handoff)
-                       },
+        preconditions: ->(idv_session:, user:) do
+          idv_session.idv_consent_given? &&
+          (self.selected_remote(idv_session: idv_session) || # from opt-in screen
+            # back from ipp doc capture screen
+            idv_session.skip_doc_auth_from_handoff)
+        end,
         undo_step: ->(idv_session:, user:) do
           idv_session.flow_path = nil
           idv_session.phone_for_mobile_flow = nil

app/controllers/idv/in_person/address_controller.rb

@@ -49,11 +49,12 @@ def self.step_info
           key: :ipp_address,
           controller: self,
           next_steps: [:ipp_ssn],
-          preconditions: ->(idv_session:, user:) {
+          preconditions: ->(idv_session:, user:) do
             # Handling passport navigation with checking in_person_passports_allowed? since passport
             # form is not setup yet. This should be updated during LG-15985 implmentation.
-            idv_session.ipp_state_id_complete? || idv_session.in_person_passports_allowed?
-          },
+            (idv_session.ipp_state_id_complete? || idv_session.in_person_passports_allowed?) &&
+              user.has_establishing_in_person_enrollment?
+          end,
           undo_step: ->(idv_session:, user:) do
             idv_session.invalidate_in_person_address_step!
           end,

app/controllers/idv/in_person/ssn_controller.rb

@@ -71,9 +71,10 @@ def self.step_info
           key: :ipp_ssn,
           controller: self,
           next_steps: [:ipp_verify_info],
-          preconditions: ->(idv_session:, user:) {
-            idv_session.ipp_document_capture_complete?
-          },
+          preconditions: ->(idv_session:, user:) do
+            idv_session.ipp_document_capture_complete? &&
+              user.has_establishing_in_person_enrollment?
+          end,
           undo_step: ->(idv_session:, user:) {
             idv_session.invalidate_ssn_step!
           },

app/controllers/idv/in_person/state_id_controller.rb

@@ -79,7 +79,10 @@ def self.step_info
           key: :ipp_state_id,
           controller: self,
           next_steps: [:ipp_address, :ipp_ssn],
-          preconditions: ->(idv_session:, user:) { user.has_establishing_in_person_enrollment? },
+          preconditions: ->(idv_session:, user:) do
+            user.has_establishing_in_person_enrollment? &&
+              !idv_session.opted_in_to_in_person_proofing.nil?
+          end,
           undo_step: ->(idv_session:, user:) do
             idv_session.invalidate_in_person_pii_from_user!
           end,

app/controllers/idv/in_person/verify_info_controller.rb

@@ -40,7 +40,8 @@ def self.step_info
           next_steps: [:phone],
           preconditions: ->(idv_session:, user:) do
             idv_session.ssn && idv_session.ipp_document_capture_complete? &&
-              threatmetrix_session_id_present_or_not_required?(idv_session:)
+              threatmetrix_session_id_present_or_not_required?(idv_session:) &&
+              user.has_establishing_in_person_enrollment?
           end,
           undo_step: ->(idv_session:, user:) do
             idv_session.residential_resolution_vendor = nil

spec/controllers/idv/in_person/address_controller_spec.rb

@@ -14,6 +14,7 @@
     stub_sign_in(user)
     stub_up_to(:ipp_state_id, idv_session: subject.idv_session)
     allow(user).to receive(:establishing_in_person_enrollment).and_return(enrollment)
+    subject.idv_session.opted_in_to_in_person_proofing = true
     subject.user_session['idv/in_person'] = {
       pii_from_user: pii_from_user,
     }

spec/controllers/idv/in_person/ssn_controller_spec.rb

@@ -19,6 +19,8 @@
     stub_analytics
     stub_attempts_tracker
     controller.idv_session.flow_path = 'standard'
+    controller.idv_session.opted_in_to_in_person_proofing = true
+    allow(user).to receive(:has_establishing_in_person_enrollment?).and_return(true)
   end
 
   describe '#step_info' do
@@ -31,7 +33,6 @@
     before do
       stub_up_to(:ipp_state_id, idv_session: subject.idv_session)
       subject.user_session['idv/in_person'][:pii_from_user].delete(:address1)
-      allow(user).to receive(:has_establishing_in_person_enrollment?).and_return(true)
     end
     it 'redirects if address page not completed' do
       get :show

spec/controllers/idv/in_person/state_id_controller_spec.rb

@@ -13,6 +13,7 @@
     allow(user).to receive(:establishing_in_person_enrollment).and_return(enrollment)
     subject.user_session['idv/in_person'] = { pii_from_user: {} }
     subject.idv_session.ssn = nil # This made specs pass. Might need more investigation.
+    subject.idv_session.opted_in_to_in_person_proofing = true
     stub_analytics
   end
 

spec/controllers/idv/in_person/verify_info_controller_spec.rb

@@ -23,6 +23,7 @@
     subject.user_session['idv/in_person'] = flow_session
     stub_up_to(:ipp_ssn, idv_session: subject.idv_session)
     reload_ab_tests
+    allow(user).to receive(:has_establishing_in_person_enrollment?).and_return(true)
   end
 
   describe '#step_info' do
@@ -243,8 +244,8 @@
     context 'when idv/in_person data is missing' do
       before do
         stub_up_to(:ipp_verify_info, idv_session: subject.idv_session)
-        allow(user).to receive(:has_establishing_in_person_enrollment?).and_return(true)
         subject.user_session['idv/in_person'] = {}
+        subject.idv_session.opted_in_to_in_person_proofing = true
       end
 
       it 'redirects to the in person state id page' do
@@ -542,6 +543,7 @@
     before do
       allow(user).to receive(:establishing_in_person_enrollment).and_return(enrollment)
       allow(IdentityConfig.store).to receive(:proofing_device_profiling).and_return(:enabled)
+      subject.idv_session.opted_in_to_in_person_proofing = true
     end
 
     context 'when idv_session is missing threatmetrix_session_id' do

spec/policies/idv/flow_policy_spec.rb

@@ -225,6 +225,7 @@
       before do
         stub_up_to(:ipp_address, idv_session: idv_session)
         allow(user).to receive(:has_establishing_in_person_enrollment?).and_return(true)
+        idv_session.opted_in_to_in_person_proofing = true
         idv_session.send(:user_session)['idv/in_person'] = {
           pii_from_user: Idp::Constants::MOCK_IDV_APPLICANT_SAME_ADDRESS_AS_ID.dup,
         }
@@ -263,6 +264,10 @@
     end
 
     context 'preconditions for in_person verify_info are present' do
+      before do
+        idv_session.opted_in_to_in_person_proofing = true
+      end
+
       it 'returns ipp_verify_info' do
         stub_up_to(:ipp_ssn, idv_session: idv_session)
         allow(user).to receive(:has_establishing_in_person_enrollment?).and_return(true)