Conversation
jmhooper
requested review from
davemcorwin,
jgsmith-usds,
monfresh,
mryenq and
stevegsa
config/routes.rb
Outdated
| get '/jurisdiction' => 'jurisdiction#new' | ||
| post '/jurisdiction' => 'jurisdiction#create' | ||
| get '/jurisdiction/failure/:reason' => 'jurisdiction#failure', as: :jurisdiction_failure | ||
| get '/cancel/:step' => 'cancellations#new', as: :cancel_step |
There was a problem hiding this comment.
This is one of the things I'm unsure about. We are putting the step in the path so we can know which step to route the user back to. The other option is to put the go back step in the session. I'm 50/50 on which is better so hoping to get some thoughts from reviewers.
There was a problem hiding this comment.
Per our Slack conversation, can't we just use <%= link_to 'Back', :back %>? It looks like the Referer header is available in the request and it will only try to use javascript IF the Referer is missing.
The Referer header won't be present if a user goes directly to the cancel page (or refreshes it) so it won't happen normally, but its definitely possible. So in the case where: Javascript is not enabled AND the user refreshes or navigates to the cancel page via the url, the link could send them to /verify since this is supposed to automatically take them to the correct step, but currently doesn't handle the jursidiction step correctly.
There was a problem hiding this comment.
We could also back the entire 'back' url as a query parameter, but we'll lose the 'friendly url' goal.
There was a problem hiding this comment.
I'm always uncomfortable putting information in the user session that is tied to the page they're on. In general, it's bad practice because it prevents people from having multiple tabs open on the same site with the same login session (e.g., consider how something like Google Docs might behave if its state was stored in the user session and not scoped to the document). It can also break the back button.
One way I've done this before is to store state in a secure fashion in the page as a hidden variable. This ties it to where they are in the process (the page) so the back button is not broken. It lets them do multiple things at once on the site (unlikely for login.gov). It makes the state information tamper-proof (encryption). Not relying on the URL to tell us their state prevents someone from jumping into the middle of a process if we want to control the flow through that process.
Generally, the user session should hold data that applies to all pages they access regardless of what they are trying to do (it's global data). Contextual or local data should be managed outside of the global data store/user session.
|
Could you describe the changes more thoroughly, or link to a ticket or doc where they are? |
config/routes.rb
Outdated
| get '/jurisdiction' => 'jurisdiction#new' | ||
| post '/jurisdiction' => 'jurisdiction#create' | ||
| get '/jurisdiction/failure/:reason' => 'jurisdiction#failure', as: :jurisdiction_failure | ||
| get '/cancel/:step' => 'cancellations#new', as: :cancel_step |
There was a problem hiding this comment.
Per our Slack conversation, can't we just use <%= link_to 'Back', :back %>? It looks like the Referer header is available in the request and it will only try to use javascript IF the Referer is missing.
The Referer header won't be present if a user goes directly to the cancel page (or refreshes it) so it won't happen normally, but its definitely possible. So in the case where: Javascript is not enabled AND the user refreshes or navigates to the cancel page via the url, the link could send them to /verify since this is supposed to automatically take them to the correct step, but currently doesn't handle the jursidiction step correctly.
config/routes.rb
Outdated
| get '/jurisdiction' => 'jurisdiction#new' | ||
| post '/jurisdiction' => 'jurisdiction#create' | ||
| get '/jurisdiction/failure/:reason' => 'jurisdiction#failure', as: :jurisdiction_failure | ||
| get '/cancel/:step' => 'cancellations#new', as: :cancel_step |
There was a problem hiding this comment.
We could also back the entire 'back' url as a query parameter, but we'll lose the 'friendly url' goal.
| - @presenter.cancellation_effects.each do |effect| | ||
| li = effect | ||
|
|
||
| .mt2 = link_to t('idv.cancel.return_to_account'), account_path |
There was a problem hiding this comment.
Ideally we want to send them back to the SP here. The idea is that each SP will configure a 'failure to verify' url (I think RRB has one but its not configured). Until thats added, we should at least send them to the return_to_sp_url (sp_return_url on the decorated session) The generated url may include the access_denied status which we may have to document what the SP can expect. Alternatively, we can use the learn_more links that are hardcoded in the decorated session.
There was a problem hiding this comment.
Yeah, lemme try the link_to :back and see what I can figure out.
Also, on the link to the sp return url, we decided to handle that in a separate follow-on PR since this one is already pretty hefty. There's a separate ticket for it this sprint.
| vertical-align: -3px; | ||
| } | ||
| } | ||
| @include color-list(); |
There was a problem hiding this comment.
@include color-list($yellow);?
There was a problem hiding this comment.
@jgsmith-usds Taking advantage of default parameters for the mixin (but don't need to).
There was a problem hiding this comment.
I'm a lot more comfortable specifying the color here since the goal is yellow dots. If the default ever changed, the color wouldn't match. Now, if we had .default-dots, then I'd probably want to not have an explicit color. :-)
| private | ||
|
|
||
| def current_step | ||
| params.require(:step).to_sym |
There was a problem hiding this comment.
I'm a bit uncomfortable allowing someone to jump into the middle of the steps. How do we know they should be on that step?
There was a problem hiding this comment.
We know they should be on that step because they clicked the cancel link on that step, landing them here. Also, working now on getting rid of the current_step in favor of the referrer.
config/locales/idv/en.yml
Outdated
| warning_1: We won't be able to verify your identity | ||
| warning_2: We won't keep a record of your name, address, birth date, or Social | ||
| Security number | ||
| warning_3: You won't be able to securely access you information using %{app} |
|
@konklone: The ticket is here: https://cm-jira.usa.gov/browse/LG-363 |
|
Okay, I've changed it up to use the referrer header for the back button. If the referrer header either doesn't exist or doesn't look right, it'll default to Also note that I did not use rails's I like the way the code came out with this method much better. PTAL! |
| before_action :confirm_idv_needed | ||
|
|
||
| def new | ||
| analytics.track_event(Analytics::IDV_CANCELLATION) |
There was a problem hiding this comment.
I realized this was not being tracked at all, so new analytics events just for you @monfresh
|
Actually, don't ptal yet. Looks like I messed up one of the views |
|
Okay, we should be ready for another look now 👍 |
|
|
||
| private | ||
|
|
||
| def referer_path |
There was a problem hiding this comment.
Looks reasonable but more complicated than I would have thought, makes me dream of Elixir-esque pattern matching...
Does the scheme matter if we're checking the host?
Also extract_path_and_query_from_uri COULD be
[uri.path, uri.query].compact.join('/')
not sure if thats more understandable to peeps other than me.
5 participants
Why: We've re-designed the cancellation flow for LOA3 to make it a bit more straightforward. This means adding a new page for cancellations and removing the personal key confirmation (assuming the user will care more about when they come back later and reset their account if they don't have it).
Hi! Before submitting your PR for review, and/or before merging it, please
go through the following checklist:
For DB changes, check for missing indexes, check to see if the changes
affect other apps (such as the dashboard), make sure the DB columns in the
various environments are properly populated, coordinate with devops, plan
migrations in separate steps.
For route changes, make sure GET requests don't change state or result in
destructive behavior. GET requests should only result in information being
read, not written.
For encryption changes, make sure it is compatible with data that was
encrypted with the old code.
For secrets changes, make sure to update the S3 secrets bucket with the
new configs in all environments.
Do not disable Rubocop or Reek offenses unless you are absolutely sure
they are false positives. If you're not sure how to fix the offense, please
ask a teammate.
When reading data, write tests for nil values, empty strings,
and invalid formats.
When calling
redirect_toin a controller, use_url, not_path.When adding user data to the session, use the
user_sessionhelperinstead of the
sessionhelper so the data does not persist beyond the user'ssession.
When adding a new controller that requires the user to be fully
authenticated, make sure to add
before_action :confirm_two_factor_authenticated.