18F · jmhooper · Aug 29, 2017 · Aug 17, 2017 · jmhooper · Aug 17, 2017
diff --git a/app/controllers/verify/confirmations_controller.rb b/app/controllers/verify/confirmations_controller.rb
@@ -42,7 +42,6 @@ def track_final_idv_event
 
     def finish_idv_session
       @code = personal_key
-      idv_session.complete_session
       idv_session.personal_key = nil
       flash.now[:success] = t('idv.messages.confirm')
       flash[:allow_confirmations_continue] = true

diff --git a/app/controllers/verify/review_controller.rb b/app/controllers/verify/review_controller.rb
@@ -77,6 +77,7 @@ def idv_address_complete?
     def init_profile
       idv_session.cache_applicant_profile_id
       idv_session.cache_encrypted_pii(current_user.user_access_key)
+      idv_session.complete_session
     end
 
     def idv_params

diff --git a/app/services/idv/session.rb b/app/services/idv/session.rb
@@ -65,7 +65,7 @@ def vendor_params
     end
 
     def profile
-      @_profile ||= Profile.find(profile_id)
+      @_profile ||= Profile.find_by(id: profile_id)
     end
 
     def clear

diff --git a/spec/controllers/verify/confirmations_controller_spec.rb b/spec/controllers/verify/confirmations_controller_spec.rb
@@ -57,47 +57,70 @@ def stub_idv_session
         :confirm_idv_vendor_session_started
       )
     end
-  end
-
-  context 'session started' do
-    before do
-      stub_idv_session
-    end
 
-    context 'user used 2FA phone as phone of record' do
+    describe '#confirm_profile_has_been_created' do
       before do
-        subject.idv_session.params['phone'] = user.phone
-        subject.idv_session.params['phone_confirmed_at'] = Time.zone.now
-        subject.idv_session.vendor_phone_confirmation = true
-        subject.idv_session.user_phone_confirmation = true
+        stub_idv_session
       end
 
-      it 'activates profile' do
-        get :show
-        profile.reload
+      controller do
+        before_action :confirm_profile_has_been_created
 
-        expect(profile).to be_active
-        expect(profile.verified_at).to_not be_nil
+        def index
+          render plain: 'Hello'
+        end
       end
 
-      it 'sets code instance variable' do
-        subject.idv_session.cache_applicant_profile_id
-        code = subject.idv_session.personal_key
+      context 'profile has been created' do
+        it 'does not redirect' do
+          get :index
 
-        get :show
-
-        expect(assigns(:code)).to eq(code)
+          expect(response).to_not be_redirect
+        end
       end
 
-      it 'sets flash[:allow_confirmations_continue] to true' do
-        get :show
+      context 'profile has not been created' do
+        before do
+          subject.idv_session.profile_id = nil
+        end
 
-        expect(flash[:allow_confirmations_continue]).to eq true
+        it 'redirects to the account path' do
+          get :index
+
+          expect(response).to redirect_to account_path
+        end
       end
+    end
+  end
 
-      it 'sets flash.now[:success]' do
-        get :show
-        expect(flash[:success]).to eq t('idv.messages.confirm')
+  describe '#show' do
+    before do
+      stub_idv_session
+    end
+
+    it 'sets code instance variable' do
+      subject.idv_session.cache_applicant_profile_id
+      code = subject.idv_session.personal_key
+
+      get :show
+
+      expect(assigns(:code)).to eq(code)
+    end
+
+    it 'sets flash[:allow_confirmations_continue] to true' do
+      get :show
+
+      expect(flash[:allow_confirmations_continue]).to eq true
+    end
+
+    it 'sets flash.now[:success]' do
+      get :show
+      expect(flash[:success]).to eq t('idv.messages.confirm')
+    end
+
+    context 'user used 2FA phone as phone of record' do
+      before do
+        subject.idv_session.params['phone'] = user.phone
       end
 
       it 'tracks final IdV event' do
@@ -113,46 +136,15 @@ def stub_idv_session
 
         get :show
       end
-
-      it 'creates an `account_verified` event once per confirmation' do
-        event_creator = instance_double(CreateVerifiedAccountEvent)
-        expect(CreateVerifiedAccountEvent).to receive(:new).and_return(event_creator)
-        expect(event_creator).to receive(:call)
-
-        get :show
-      end
     end
 
-    context 'user picked USPS confirmation' do
+    context 'user confirmed a new phone' do
       before do
-        subject.idv_session.address_verification_mechanism = 'usps'
-      end
-
-      it 'leaves profile deactivated' do
-        expect(UspsConfirmation.count).to eq 0
-
-        get :show
-        profile.reload
-
-        expect(profile).to_not be_active
-        expect(profile.verified_at).to be_nil
-        expect(profile.deactivation_reason).to eq 'verification_pending'
-        expect(UspsConfirmation.count).to eq 1
-      end
-
-      it 'redirects to come back later page' do
-        subject.session[:sp] = { loa3: true }
-        patch :update
-
-        expect(response).to redirect_to verify_come_back_later_path
+        subject.idv_session.params['phone'] = '+1 (202) 555-9876'
       end
-    end
 
-    context 'user confirmed a new phone' do
-      it 'tracks that event' do
+      it 'tracks final IdV event' do
         stub_analytics
-        subject.idv_session.params['phone'] = '+1 (202) 555-9876'
-        subject.idv_session.params['phone_confirmed_at'] = Time.zone.now
 
         result = {
           success: true,
@@ -167,37 +159,43 @@ def stub_idv_session
     end
   end
 
-  context 'IdV session not yet started' do
-    it 'redirects to /idv/sessions' do
-      stub_sign_in(user)
-
-      get :show
-
-      expect(response).to redirect_to(verify_session_path)
+  describe '#update' do
+    before do
+      stub_idv_session
     end
-  end
 
-  describe '#update' do
-    context 'sp present' do
-      it 'redirects to the sign up completed url' do
-        stub_idv_session
-        subject.session[:sp] = 'true'
-        stub_sign_in
+    context 'user selected phone verification' do
+      before do
+        subject.idv_session.address_verification_mechanism = 'phone'
+        subject.idv_session.vendor_phone_confirmation = true
+        subject.idv_session.user_phone_confirmation = true
+        subject.idv_session.complete_session
+      end
 
+      it 'redirects to sign up completed for an sp' do
+        subject.session[:sp] = { loa3: true }
         patch :update
 
         expect(response).to redirect_to sign_up_completed_url
       end
+
+      it 'redirects to the account path when no sp present' do
+        patch :update
+
+        expect(response).to redirect_to account_path
+      end
     end
 
-    context 'no sp present' do
-      it 'redirects to the account page' do
-        stub_idv_session
-        stub_sign_in
+    context 'user selected usps verification' do
+      before do
+        subject.idv_session.address_verification_mechanism = 'usps'
+        subject.idv_session.complete_session
+      end
 
+      it 'redirects to come back later path' do
         patch :update
 
-        expect(response).to redirect_to account_path
+        expect(response).to redirect_to verify_come_back_later_path
       end
     end
   end

diff --git a/spec/controllers/verify/review_controller_spec.rb b/spec/controllers/verify/review_controller_spec.rb
@@ -328,6 +328,46 @@ def show
         expect(pii.first_name.raw).to eq 'José'
         expect(pii.first_name.norm).to eq 'JOSE'
       end
+
+      context 'user picked phone confirmation' do
+        before do
+          idv_session.address_verification_mechanism = 'phone'
+          idv_session.vendor_phone_confirmation = true
+          idv_session.user_phone_confirmation = true
+        end
+
+        it 'activates profile' do
+          put :create, params: { user: { password: ControllerHelper::VALID_PASSWORD } }
+
+          profile = idv_session.profile
+          profile.reload
+
+          expect(profile).to be_active
+        end
+
+        it 'creates an `account_verified` event once per confirmation' do
+          event_creator = instance_double(CreateVerifiedAccountEvent)
+          expect(CreateVerifiedAccountEvent).to receive(:new).and_return(event_creator)
+          expect(event_creator).to receive(:call)
+
+          put :create, params: { user: { password: ControllerHelper::VALID_PASSWORD } }
+        end
+      end
+
+      context 'user picked USPS confirmation' do
+        before do
+          idv_session.address_verification_mechanism = 'usps'
+        end
+
+        it 'leaves profile deactivated' do
+          put :create, params: { user: { password: ControllerHelper::VALID_PASSWORD } }
+
+          profile = idv_session.profile
+          profile.reload
+
+          expect(profile).to_not be_active
+        end
+      end
     end
   end
 end