diff --git a/app/controllers/concerns/idv_session.rb b/app/controllers/concerns/idv_session.rb index c0d8abd1074..883f2c840bd 100644 --- a/app/controllers/concerns/idv_session.rb +++ b/app/controllers/concerns/idv_session.rb @@ -2,7 +2,7 @@ module IdvSession extend ActiveSupport::Concern def confirm_idv_session_started - return if current_user.decorate.needs_profile_usps_verification? + return if current_user.decorate.pending_profile_requires_verification? redirect_to idv_session_url if idv_session.params.blank? end diff --git a/app/controllers/concerns/verify_profile_concern.rb b/app/controllers/concerns/verify_profile_concern.rb index 3b827929f97..709cf7603a7 100644 --- a/app/controllers/concerns/verify_profile_concern.rb +++ b/app/controllers/concerns/verify_profile_concern.rb @@ -11,17 +11,8 @@ def account_or_verify_profile_url def account_or_verify_profile_route return 'account' if idv_context? || profile_context? - return 'account' unless current_user.decorate.pending_profile_requires_verification? - verify_profile_route - end - - def verify_profile_route - decorated_user = current_user.decorate - if decorated_user.needs_profile_phone_verification? - flash[:notice] = t('account.index.verification.instructions') - return 'verify_profile_phone' - end - return 'verify_account' if decorated_user.needs_profile_usps_verification? + return 'account' unless profile_needs_verification? + 'verify_account' end def profile_needs_verification? diff --git a/app/controllers/idv/come_back_later_controller.rb b/app/controllers/idv/come_back_later_controller.rb index eee0d92e1cb..eed99414149 100644 --- a/app/controllers/idv/come_back_later_controller.rb +++ b/app/controllers/idv/come_back_later_controller.rb @@ -9,7 +9,7 @@ def show; end private def confirm_user_needs_usps_confirmation - redirect_to account_url unless current_user.decorate.needs_profile_usps_verification? + redirect_to account_url unless current_user.decorate.pending_profile_requires_verification? end end end diff --git a/app/controllers/idv/usps_controller.rb b/app/controllers/idv/usps_controller.rb index f42b4fbbeea..362d474e45f 100644 --- a/app/controllers/idv/usps_controller.rb +++ b/app/controllers/idv/usps_controller.rb @@ -12,7 +12,7 @@ def create create_user_event(:usps_mail_sent, current_user) idv_session.address_verification_mechanism = :usps - if current_user.decorate.needs_profile_usps_verification? + if current_user.decorate.pending_profile_requires_verification? resend_letter redirect_to idv_come_back_later_url else diff --git a/app/controllers/users/verify_profile_phone_controller.rb b/app/controllers/users/verify_profile_phone_controller.rb deleted file mode 100644 index 050c703b655..00000000000 --- a/app/controllers/users/verify_profile_phone_controller.rb +++ /dev/null @@ -1,44 +0,0 @@ -module Users - class VerifyProfilePhoneController < ApplicationController - include PhoneConfirmation - - before_action :confirm_two_factor_authenticated - before_action :confirm_phone_verification_needed - - def index - prompt_to_confirm_phone(phone: profile_phone, context: 'profile') - end - - private - - def confirm_phone_verification_needed - return if unverified_phone? - redirect_to account_url - end - - def pending_profile_requires_verification? - current_user.decorate.pending_profile_requires_verification? - end - - def unverified_phone? - pending_profile_requires_verification? && - pending_profile.phone_confirmed? && - current_user.phone != profile_phone - end - - def profile_phone - @_profile_phone ||= decrypted_pii.phone.to_s - end - - def pending_profile - @_pending_profile ||= current_user.decorate.pending_profile - end - - def decrypted_pii - @_decrypted_pii ||= begin - cacher = Pii::Cacher.new(current_user, user_session) - cacher.fetch - end - end - end -end diff --git a/app/decorators/user_decorator.rb b/app/decorators/user_decorator.rb index edda951c676..322d685ccd7 100644 --- a/app/decorators/user_decorator.rb +++ b/app/decorators/user_decorator.rb @@ -74,14 +74,6 @@ def active_profile_newer_than_pending_profile? user.active_profile.activated_at >= pending_profile.created_at end - def needs_profile_phone_verification? - pending_profile_requires_verification? && pending_profile.phone_confirmed? - end - - def needs_profile_usps_verification? - pending_profile_requires_verification? && !pending_profile.phone_confirmed? - end - # This user's most recently activated profile that has also been deactivated # due to a password reset, or nil if there is no such profile def password_reset_profile diff --git a/app/models/profile.rb b/app/models/profile.rb index 98aeff5be39..5551d5c8eb4 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -1,4 +1,6 @@ class Profile < ApplicationRecord + self.ignored_columns = %w[phone_confirmed] + belongs_to :user has_many :usps_confirmation_codes, dependent: :destroy diff --git a/app/services/idv/profile_maker.rb b/app/services/idv/profile_maker.rb index 6a9a51362bf..a5f0fd0f16f 100644 --- a/app/services/idv/profile_maker.rb +++ b/app/services/idv/profile_maker.rb @@ -2,17 +2,15 @@ module Idv class ProfileMaker attr_reader :pii_attributes - def initialize(applicant:, user:, phone_confirmed:, user_password:) + def initialize(applicant:, user:, user_password:) self.pii_attributes = Pii::Attributes.new_from_hash(applicant) self.user = user self.user_password = user_password - self.phone_confirmed = phone_confirmed end def save_profile profile = Profile.new( deactivation_reason: :verification_pending, - phone_confirmed: phone_confirmed, user: user ) profile.encrypt_pii(pii_attributes, user_password) diff --git a/app/services/idv/session.rb b/app/services/idv/session.rb index b8182f9f20f..bdc4c12ecf9 100644 --- a/app/services/idv/session.rb +++ b/app/services/idv/session.rb @@ -129,7 +129,6 @@ def applicant_params def build_profile_maker(user_password) Idv::ProfileMaker.new( applicant: applicant_params, - phone_confirmed: vendor_phone_confirmation || false, user: current_user, user_password: user_password ) diff --git a/app/view_models/account_show.rb b/app/view_models/account_show.rb index 2a4c3b4ee98..45fb06b4db7 100644 --- a/app/view_models/account_show.rb +++ b/app/view_models/account_show.rb @@ -33,10 +33,8 @@ def password_reset_partial end def pending_profile_partial - if decorated_user.needs_profile_usps_verification? + if decorated_user.pending_profile_requires_verification? 'accounts/pending_profile_usps' - elsif decorated_user.needs_profile_phone_verification? - 'accounts/pending_profile_phone' else 'shared/null' end diff --git a/app/views/accounts/_pending_profile_phone.html.slim b/app/views/accounts/_pending_profile_phone.html.slim deleted file mode 100644 index 14dc02731c8..00000000000 --- a/app/views/accounts/_pending_profile_phone.html.slim +++ /dev/null @@ -1,3 +0,0 @@ -.mb4.alert.alert-warning - p = t('account.index.verification.instructions') - p.mb0 = link_to t('account.index.verification.with_phone_button'), verify_profile_phone_path diff --git a/config/locales/account/en.yml b/config/locales/account/en.yml index 813ff2cce61..96ddbee1cbb 100644 --- a/config/locales/account/en.yml +++ b/config/locales/account/en.yml @@ -25,7 +25,6 @@ en: instructions: Your account requires a secret code to be verified. reactivate_button: Enter the code you received via US mail success: Your account has been verified. - with_phone_button: Verify with your phone items: delete_your_account: Delete your account personal_key: Personal key diff --git a/config/locales/account/es.yml b/config/locales/account/es.yml index 430d6eef899..239124a01dc 100644 --- a/config/locales/account/es.yml +++ b/config/locales/account/es.yml @@ -25,7 +25,6 @@ es: instructions: Su cuenta requiere que un código secreto sea verificado. reactivate_button: Ingrese el código que recibió por correo postal. success: Su cuenta ha sido verificada. - with_phone_button: Verifique con su teléfono. items: delete_your_account: Eliminar su cuenta personal_key: Clave personal diff --git a/config/locales/account/fr.yml b/config/locales/account/fr.yml index ba5b9de01bd..5df241818f7 100644 --- a/config/locales/account/fr.yml +++ b/config/locales/account/fr.yml @@ -27,7 +27,6 @@ fr: instructions: Votre compte requiert la vérification d'un code secret. reactivate_button: Entrez le code que vous avez reçu par la poste success: Votre compte a été vérifié. - with_phone_button: Verifiez avec votre téléphone items: delete_your_account: Supprimer votre compte personal_key: Clé personnelle diff --git a/config/routes.rb b/config/routes.rb index de8be2635cd..84f0a064fbc 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -115,8 +115,6 @@ as: :verify_personal_key post '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#create', as: :create_verify_personal_key - get '/account/verify_phone' => 'users/verify_profile_phone#index', as: :verify_profile_phone - post '/account/verify_phone' => 'users/verify_profile_phone#create' get '/account_recovery_setup' => 'account_recovery_setup#index' if FeatureManagement.piv_cac_enabled? diff --git a/spec/controllers/idv/come_back_later_controller_spec.rb b/spec/controllers/idv/come_back_later_controller_spec.rb index c689378560d..3a343197eaf 100644 --- a/spec/controllers/idv/come_back_later_controller_spec.rb +++ b/spec/controllers/idv/come_back_later_controller_spec.rb @@ -2,12 +2,12 @@ describe Idv::ComeBackLaterController do let(:user) { build_stubbed(:user, :signed_up) } - let(:needs_profile_usps_verification) { true } + let(:pending_profile_requires_verification) { true } before do user_decorator = instance_double(UserDecorator) - allow(user_decorator).to receive(:needs_profile_usps_verification?). - and_return(needs_profile_usps_verification) + allow(user_decorator).to receive(:pending_profile_requires_verification?). + and_return(pending_profile_requires_verification) allow(user).to receive(:decorate).and_return(user_decorator) allow(subject).to receive(:current_user).and_return(user) end @@ -21,7 +21,7 @@ end context 'user does not need USPS address verification' do - let(:needs_profile_usps_verification) { false } + let(:pending_profile_requires_verification) { false } it 'redirects to the account path' do get :show diff --git a/spec/controllers/idv/confirmations_controller_spec.rb b/spec/controllers/idv/confirmations_controller_spec.rb index adb891e083c..f7c79a2a046 100644 --- a/spec/controllers/idv/confirmations_controller_spec.rb +++ b/spec/controllers/idv/confirmations_controller_spec.rb @@ -15,7 +15,6 @@ def stub_idv_session profile_maker = Idv::ProfileMaker.new( applicant: applicant, user: user, - phone_confirmed: true, user_password: password ) profile = profile_maker.save_profile diff --git a/spec/controllers/idv/usps_controller_spec.rb b/spec/controllers/idv/usps_controller_spec.rb index 0214d4be532..69e6b954bd2 100644 --- a/spec/controllers/idv/usps_controller_spec.rb +++ b/spec/controllers/idv/usps_controller_spec.rb @@ -60,12 +60,12 @@ context 'resending a letter' do let(:has_pending_profile) { true } - let(:pending_profile) { create(:profile, phone_confirmed: false) } + let(:pending_profile) { create(:profile) } before do stub_sign_in(user) stub_decorated_user_with_pending_profile(user) - allow(user.decorate).to receive(:needs_profile_usps_verification?).and_return(true) + allow(user.decorate).to receive(:pending_profile_requires_verification?).and_return(true) end it 'calls the UspsConfirmationMaker to send another letter and redirects' do diff --git a/spec/controllers/users/sessions_controller_spec.rb b/spec/controllers/users/sessions_controller_spec.rb index e7c3161b716..10e15efad00 100644 --- a/spec/controllers/users/sessions_controller_spec.rb +++ b/spec/controllers/users/sessions_controller_spec.rb @@ -382,7 +382,6 @@ profile = create( :profile, deactivation_reason: :verification_pending, - phone_confirmed: false, pii: { ssn: '6666', dob: '1920-01-01' } ) user = profile.user diff --git a/spec/controllers/users/verify_account_controller_spec.rb b/spec/controllers/users/verify_account_controller_spec.rb index 16fb4af70ee..c982177f313 100644 --- a/spec/controllers/users/verify_account_controller_spec.rb +++ b/spec/controllers/users/verify_account_controller_spec.rb @@ -17,8 +17,7 @@ profile: pending_profile, otp_fingerprint: Pii::Fingerprinter.fingerprint(otp) ) - allow(decorated_user).to receive(:needs_profile_phone_verification?).and_return(false) - allow(decorated_user).to receive(:needs_profile_usps_verification?). + allow(decorated_user).to receive(:pending_profile_requires_verification?). and_return(has_pending_profile) end diff --git a/spec/controllers/users/verify_profile_phone_controller_spec.rb b/spec/controllers/users/verify_profile_phone_controller_spec.rb deleted file mode 100644 index 980d2b084f6..00000000000 --- a/spec/controllers/users/verify_profile_phone_controller_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'rails_helper' - -RSpec.describe Users::VerifyProfilePhoneController do - include Features::LocalizationHelper - - let(:has_pending_profile) { true } - let(:user) { create(:user) } - let(:profile_phone) { user.phone } - let(:phone_confirmed) { false } - let(:pii_attributes) { Pii::Attributes.new_from_hash(phone: profile_phone) } - let(:pending_profile) { build(:profile, phone_confirmed: phone_confirmed) } - - before do - stub_sign_in(user) - decorated_user = stub_decorated_user_with_pending_profile(user) - allow(decorated_user).to receive(:needs_profile_phone_verification?). - and_return(has_pending_profile) - allow(decorated_user).to receive(:needs_profile_usps_verification?).and_return(false) - allow(controller).to receive(:decrypted_pii).and_return(pii_attributes) - end - - describe '#index' do - context 'user has pending profile' do - context 'phone is not confirmed' do - it 'redirects to profile page' do - get :index - - expect(response).to redirect_to(account_url) - end - end - - context 'phone is confirmed and different than 2FA' do - let(:profile_phone) { '703-555-9999' } - let(:phone_confirmed) { true } - - it 'redirects to OTP confirmation flow' do - get :index - - expect(response).to redirect_to( - otp_send_path(otp_delivery_selection_form: { otp_delivery_preference: 'sms' }) - ) - end - end - end - - context 'user does not have pending profile' do - let(:has_pending_profile) { false } - - it 'redirects to profile page' do - get :index - - expect(response).to redirect_to(account_url) - end - end - end -end diff --git a/spec/decorators/user_decorator_spec.rb b/spec/decorators/user_decorator_spec.rb index 937a77e2814..6f5b5e08236 100644 --- a/spec/decorators/user_decorator_spec.rb +++ b/spec/decorators/user_decorator_spec.rb @@ -204,84 +204,6 @@ end end - describe '#needs_profile_phone_verification?' do - context 'pending profile does not require verification' do - it 'returns false' do - user = User.new - user_decorator = UserDecorator.new(user) - allow(user_decorator).to receive(:pending_profile_requires_verification?). - and_return(false) - - expect(user_decorator.needs_profile_phone_verification?).to eq false - end - end - - context 'pending profile requires verification and phone is confirmed' do - it 'returns true' do - user = User.new - user_decorator = UserDecorator.new(user) - allow(user_decorator).to receive(:pending_profile_requires_verification?). - and_return(true) - allow(user_decorator).to receive(:pending_profile). - and_return(Profile.new(phone_confirmed: true)) - - expect(user_decorator.needs_profile_phone_verification?).to eq true - end - end - - context 'pending profile requires verification and phone is not confirmed' do - it 'returns false' do - user = User.new - user_decorator = UserDecorator.new(user) - allow(user_decorator).to receive(:pending_profile_requires_verification?). - and_return(true) - allow(user_decorator).to receive(:pending_profile). - and_return(Profile.new(phone_confirmed: false)) - - expect(user_decorator.needs_profile_phone_verification?).to eq false - end - end - end - - describe '#needs_profile_usps_verification?' do - context 'pending profile does not require verification' do - it 'returns false' do - user = User.new - user_decorator = UserDecorator.new(user) - allow(user_decorator).to receive(:pending_profile_requires_verification?). - and_return(false) - - expect(user_decorator.needs_profile_usps_verification?).to eq false - end - end - - context 'pending profile requires verification and phone is not confirmed' do - it 'returns true' do - user = User.new - user_decorator = UserDecorator.new(user) - allow(user_decorator).to receive(:pending_profile_requires_verification?). - and_return(true) - allow(user_decorator).to receive(:pending_profile). - and_return(Profile.new(phone_confirmed: false)) - - expect(user_decorator.needs_profile_usps_verification?).to eq true - end - end - - context 'pending profile requires verification and phone is confirmed' do - it 'returns false' do - user = User.new - user_decorator = UserDecorator.new(user) - allow(user_decorator).to receive(:pending_profile_requires_verification?). - and_return(true) - allow(user_decorator).to receive(:pending_profile). - and_return(Profile.new(phone_confirmed: true)) - - expect(user_decorator.needs_profile_usps_verification?).to eq false - end - end - end - describe '#should_acknowledge_personal_key?' do context 'user has no personal key' do context 'service provider with loa1' do diff --git a/spec/features/idv/steps/review_step_spec.rb b/spec/features/idv/steps/review_step_spec.rb index 76926e73023..cb42d043f6c 100644 --- a/spec/features/idv/steps/review_step_spec.rb +++ b/spec/features/idv/steps/review_step_spec.rb @@ -46,7 +46,6 @@ profile = user.profiles.first expect(profile.active?).to eq true - expect(profile.phone_confirmed).to eq true expect(UspsConfirmation.count).to eq(0) end end @@ -72,7 +71,6 @@ profile = user.profiles.first expect(profile.active?).to eq false - expect(profile.phone_confirmed).to eq false end context 'with an sp' do diff --git a/spec/features/idv/steps/usps_step_spec.rb b/spec/features/idv/steps/usps_step_spec.rb index f0f6b82d810..e8e1686fa0a 100644 --- a/spec/features/idv/steps/usps_step_spec.rb +++ b/spec/features/idv/steps/usps_step_spec.rb @@ -56,7 +56,6 @@ def expect_user_to_be_unverified(user) expect(profile.active?).to eq false expect(profile.deactivation_reason).to eq 'verification_pending' - expect(profile.phone_confirmed).to eq false end end diff --git a/spec/features/users/verify_profile_spec.rb b/spec/features/users/verify_profile_spec.rb index f02f6149ca2..8cf3734df4d 100644 --- a/spec/features/users/verify_profile_spec.rb +++ b/spec/features/users/verify_profile_spec.rb @@ -9,7 +9,6 @@ :profile, deactivation_reason: :verification_pending, pii: { ssn: '666-66-1234', dob: '1920-01-01', phone: '703-555-9999' }, - phone_confirmed: phone_confirmed, user: user ) otp_fingerprint = Pii::Fingerprinter.fingerprint(otp) @@ -17,11 +16,13 @@ end context 'USPS letter' do - let(:phone_confirmed) { false } - - scenario 'profile phone not confirmed' do + scenario 'valid OTP' do sign_in_live_with_2fa(user) - expect(page).to have_link(t('idv.buttons.cancel'), href: account_path) + fill_in t('forms.verify_profile.name'), with: otp + click_button t('forms.verify_profile.submit') + + expect(page).to have_content(t('account.index.verification.success')) + expect(page).to have_current_path(account_path) end scenario 'OTP has expired' do @@ -45,20 +46,4 @@ expect(page.body).to_not match('the wrong code') end end - - context 'profile phone confirmed' do - let(:phone_confirmed) { true } - - before do - allow(FeatureManagement).to receive(:prefill_otp_codes?).and_return(true) - end - - scenario 'not yet verified with user' do - sign_in_live_with_2fa(user) - click_submit_default - - expect(current_path).to eq account_path - expect(page).to_not have_content(t('account.index.verification.with_phone_button')) - end - end end diff --git a/spec/services/idv/profile_maker_spec.rb b/spec/services/idv/profile_maker_spec.rb index 8c40bfd19d9..af800348125 100644 --- a/spec/services/idv/profile_maker_spec.rb +++ b/spec/services/idv/profile_maker_spec.rb @@ -5,14 +5,12 @@ let(:applicant) { { first_name: 'Some', last_name: 'One' } } let(:user) { create(:user, :signed_up) } let(:user_password) { user.password } - let(:phone_confirmed) { false } subject do described_class.new( applicant: applicant, user: user, - user_password: user_password, - phone_confirmed: phone_confirmed + user_password: user_password ) end @@ -28,15 +26,5 @@ expect(pii).to be_a Pii::Attributes expect(pii.first_name).to eq 'Some' end - - context 'when phone_confirmed is true' do - let(:phone_confirmed) { true } - it { expect(subject.save_profile.phone_confirmed).to eq(true) } - end - - context 'when phone_confirmed is false' do - let(:phone_confirmed) { false } - it { expect(subject.save_profile.phone_confirmed).to eq(false) } - end end end diff --git a/spec/support/idv_examples/usps_otp_verification_step.rb b/spec/support/idv_examples/usps_otp_verification_step.rb index a59e498948b..0b48d6affcb 100644 --- a/spec/support/idv_examples/usps_otp_verification_step.rb +++ b/spec/support/idv_examples/usps_otp_verification_step.rb @@ -4,7 +4,6 @@ create( :profile, deactivation_reason: :verification_pending, - phone_confirmed: false, pii: { ssn: '123-45-6789', dob: '1970-01-01' } ) end diff --git a/spec/view_models/account_show_spec.rb b/spec/view_models/account_show_spec.rb index 9c2ac0e388a..cca373d355a 100644 --- a/spec/view_models/account_show_spec.rb +++ b/spec/view_models/account_show_spec.rb @@ -77,8 +77,7 @@ context 'user needs profile usps verification' do it 'returns the accounts/pending_profile_usps partial' do user = User.new - allow(user).to receive(:needs_profile_usps_verification?).and_return(true) - allow(user).to receive(:needs_profile_phone_verification?).and_return(false) + allow(user).to receive(:pending_profile_requires_verification?).and_return(true) profile_index = AccountShow.new( decrypted_pii: {}, personal_key: 'foo', decorated_user: user ) @@ -87,22 +86,10 @@ end end - context 'user needs profile phone verification' do - it 'returns the accounts/pending_profile_phone partial' do - user = User.new - allow(user).to receive(:needs_profile_usps_verification?).and_return(false) - allow(user).to receive(:needs_profile_phone_verification?).and_return(true) - profile_index = AccountShow.new(decrypted_pii: {}, personal_key: '', decorated_user: user) - - expect(profile_index.pending_profile_partial).to eq 'accounts/pending_profile_phone' - end - end - context 'user does not need profile verification' do it 'returns the shared/null partial' do user = User.new - allow(user).to receive(:needs_profile_phone_verification?).and_return(false) - allow(user).to receive(:needs_profile_usps_verification?).and_return(false) + allow(user).to receive(:pending_profile_requires_verification?).and_return(false) profile_index = AccountShow.new(decrypted_pii: {}, personal_key: '', decorated_user: user) expect(profile_index.pending_profile_partial).to eq 'shared/null'