18F · solipet · Mar 26, 2021 · Mar 26, 2021 · Mar 26, 2021 · zachmargolis
diff --git a/app/views/devise/passwords/new.html.erb b/app/views/devise/passwords/new.html.erb
@@ -14,7 +14,10 @@
 <%= validated_form_for(@password_reset_email_form,
                        url: user_password_path,
                        html: { autocomplete: 'off', method: :post, role: 'form' }) do |f| %>
-  <%= f.input :email, required: true, input_html: { aria: { invalid: false, describedby: 'email-description' } } %>
+  <%= f.input :email,
+              required: true,
+              input_html: { autocorrect: 'off',
+                            aria: { invalid: false, describedby: 'email-description' } } %>
   <%= f.input :request_id, as: :hidden, input_html: { value: request_id } %>
   <%= render 'shared/recaptcha' %>
   <%= f.button :submit, t('forms.buttons.continue'), class: 'margin-top-2' %>

diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
@@ -24,7 +24,9 @@
   <%= f.input :email,
               label: t('account.index.email'),
               required: true,
-              input_html: { class: 'margin-bottom-6', aria: { invalid: false } } %>
+              input_html: { class: 'margin-bottom-6',
+                            autocorrect: 'off',
+                            aria: { invalid: false } } %>
   <%= f.input :password,
               label: t('account.index.password'),
               required: true,

diff --git a/app/views/sign_up/registrations/new.html.erb b/app/views/sign_up/registrations/new.html.erb
@@ -14,7 +14,10 @@
   <%= validated_form_for(@register_user_email_form,
       html: { autocomplete: 'off', role: 'form' },
       url: sign_up_register_path) do |f| %>
-    <%= f.input :email, label: t('forms.registration.labels.email'), required: true, input_html: { aria: { invalid: false } } %>
+    <%= f.input :email,
+                label: t('forms.registration.labels.email'),
+                required: true,
+                input_html: { autocorrect: "off", aria: { invalid: false } } %>
 
     <span class='email-invalid-alert-inline usa-error-message margin-top-neg-3 margin-bottom-3 display-none' role='alert'>
       <%= t('sign_up.email.invalid_email_alert_inline') %>

diff --git a/spec/views/devise/passwords/new.html.erb_spec.rb b/spec/views/devise/passwords/new.html.erb_spec.rb
@@ -45,6 +45,12 @@
     expect(rendered).to have_xpath("//form[@autocomplete='off']")
   end
 
+  it 'sets input autocorrect to off' do
+    render
+
+    expect(rendered).to have_xpath("//input[@autocorrect='off']")
+  end
+
   it 'has a cancel link that points to the decorated_session cancel_link_url' do
     render
 

diff --git a/spec/views/devise/sessions/new.html.erb_spec.rb b/spec/views/devise/sessions/new.html.erb_spec.rb
@@ -18,6 +18,12 @@
     expect(rendered).to match(/<form[^>]*autocomplete="off"/)
   end
 
+  it 'sets input autocorrect to off' do
+    render
+
+    expect(rendered).to have_xpath("//input[@autocorrect='off']")
+  end
+
   it 'has a localized title' do
     expect(view).to receive(:title).with(t('titles.visitors.index'))
 

diff --git a/spec/views/sign_up/registrations/new.html.erb_spec.rb b/spec/views/sign_up/registrations/new.html.erb_spec.rb
@@ -0,0 +1,91 @@
+require 'rails_helper'
+
+describe 'sign_up/registrations/new.html.erb' do
+  let(:sp) do
+    build_stubbed(
+      :service_provider,
+      friendly_name: 'Awesome Application!',
+      return_to_sp_url: 'www.awesomeness.com',
+    )
+  end
+  before do
+    allow(view).to receive(:current_user).and_return(nil)
+    @register_user_email_form = RegisterUserEmailForm.new()
+    view_context = ActionController::Base.new.view_context
+    allow(view_context).to receive(:new_user_session_url).
+      and_return('https://www.example.com/')
+    allow(view_context).to receive(:sign_up_email_path).
+      and_return('/sign_up/enter_email')
+    allow_any_instance_of(ActionView::Base).to receive(:request_id).
+      and_return(nil)
+
+    @decorated_session = DecoratedSession.new(
+      sp: sp,
+      view_context: view_context,
+      sp_session: {},
+      service_provider_request: ServiceProviderRequestProxy.new,
+    ).call
+    allow(view).to receive(:decorated_session).and_return(@decorated_session)
+  end
+
+  it 'has a localized title' do
+    expect(view).to receive(:title).with(t('titles.registrations.new'))
+
+    render
+  end
+
+  it 'has a localized header' do
+    render
+
+    expect(rendered).to have_selector('h1', text: t('headings.registrations.enter_email'))
+  end
+
+  it 'sets form autocomplete to off' do
+    render
+
+    expect(rendered).to have_xpath("//form[@autocomplete='off']")
+  end
+
+  it 'sets input autocorrect to off' do
+    render
+
+    expect(rendered).to have_xpath("//input[@autocorrect='off']")
+  end
+
+  it 'has a cancel link that points to the decorated_session cancel_link_url' do
+    render
+
+    expect(rendered).to have_link(t('links.cancel'), href: @decorated_session.cancel_link_url)
+  end
+
+  it 'does not render a recaptcha with recaptcha disabled' do
+    allow(FeatureManagement).to receive(:recaptcha_enabled?).and_return(false)
+    render
+
+    expect(rendered).to_not have_selector('#recaptcha')
+  end
+
+  it 'renders a recaptcha with recaptcha enabled' do
+    allow(FeatureManagement).to receive(:recaptcha_enabled?).and_return(true)
+    render
+
+    expect(rendered).to have_selector('#recaptcha')
+  end
+
+  it 'includes a link to security / privacy page and privacy statement act' do
+    render
+
+    expect(rendered).
+      to have_link(t('notices.privacy.security_and_privacy_practices'),
+                   href: MarketingSite.security_and_privacy_practices_url)
+    expect(rendered).
+      to have_selector("a[href='#{MarketingSite.security_and_privacy_practices_url}']\
+[target='_blank'][rel='noopener noreferrer']")
+
+    expect(rendered).
+      to have_link(t('notices.privacy.privacy_act_statement'),
+                   href: MarketingSite.privacy_act_statement_url)
+    expect(rendered).to have_selector("a[href='#{MarketingSite.privacy_act_statement_url}']\
+[target='_blank'][rel='noopener noreferrer']")
+  end
+end