diff --git a/.erb-lint.yml b/.erb-lint.yml
index efe20705430..aae60fce722 100644
--- a/.erb-lint.yml
+++ b/.erb-lint.yml
@@ -11,10 +11,6 @@ linters:
- '*/app/views/accounts/_connected_app.html.erb'
- '*/app/views/accounts/_emails.html.erb'
- '*/app/views/accounts/_identity_item.html.erb'
- - '*/app/views/accounts/_password_reset.html.erb'
- - '*/app/views/accounts/_pending_profile_bounced_gpo.html.erb'
- - '*/app/views/accounts/_pending_profile_gpo.html.erb'
- - '*/app/views/accounts/_personal_key.html.erb'
- '*/app/views/accounts/_phone.html.erb'
- '*/app/views/accounts/_piv_cac.html.erb'
- '*/app/views/accounts/_webauthn.html.erb'
diff --git a/app/controllers/accounts/connected_accounts_controller.rb b/app/controllers/accounts/connected_accounts_controller.rb
index 6c2a5db033f..4a60e70ccbd 100644
--- a/app/controllers/accounts/connected_accounts_controller.rb
+++ b/app/controllers/accounts/connected_accounts_controller.rb
@@ -9,6 +9,8 @@ def show
@view_model = AccountShow.new(
decrypted_pii: nil,
personal_key: flash[:personal_key],
+ sp_session_request_url: sp_session_request_url_without_prompt_login,
+ sp_name: decorated_session.sp_name,
decorated_user: current_user.decorate,
locked_for_session: pii_locked_for_session?(current_user),
)
diff --git a/app/controllers/accounts/history_controller.rb b/app/controllers/accounts/history_controller.rb
index ff60ea139bf..5919aadb0d1 100644
--- a/app/controllers/accounts/history_controller.rb
+++ b/app/controllers/accounts/history_controller.rb
@@ -9,6 +9,8 @@ def show
@view_model = AccountShow.new(
decrypted_pii: nil,
personal_key: flash[:personal_key],
+ sp_session_request_url: sp_session_request_url_without_prompt_login,
+ sp_name: decorated_session.sp_name,
decorated_user: current_user.decorate,
locked_for_session: pii_locked_for_session?(current_user),
)
diff --git a/app/controllers/accounts/two_factor_authentication_controller.rb b/app/controllers/accounts/two_factor_authentication_controller.rb
index ba93183a373..94119e693ef 100644
--- a/app/controllers/accounts/two_factor_authentication_controller.rb
+++ b/app/controllers/accounts/two_factor_authentication_controller.rb
@@ -10,6 +10,8 @@ def show
@view_model = AccountShow.new(
decrypted_pii: nil,
personal_key: flash[:personal_key],
+ sp_session_request_url: sp_session_request_url_without_prompt_login,
+ sp_name: decorated_session.sp_name,
decorated_user: current_user.decorate,
locked_for_session: pii_locked_for_session?(current_user),
)
diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index e327e8dbf43..7d5394d58c3 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -11,6 +11,8 @@ def show
@view_model = AccountShow.new(
decrypted_pii: cacher.fetch,
personal_key: flash[:personal_key],
+ sp_session_request_url: sp_session_request_url_without_prompt_login,
+ sp_name: decorated_session.sp_name,
decorated_user: current_user.decorate,
locked_for_session: pii_locked_for_session?(current_user),
)
diff --git a/app/controllers/events_controller.rb b/app/controllers/events_controller.rb
index c7b6e6f885f..8686b1e62ec 100644
--- a/app/controllers/events_controller.rb
+++ b/app/controllers/events_controller.rb
@@ -10,6 +10,8 @@ def show
@view_model = AccountShow.new(
decrypted_pii: nil,
personal_key: nil,
+ sp_session_request_url: sp_session_request_url_without_prompt_login,
+ sp_name: decorated_session.sp_name,
decorated_user: current_user.decorate,
locked_for_session: pii_locked_for_session?(current_user),
)
diff --git a/app/view_models/account_show.rb b/app/view_models/account_show.rb
index da0bfdd61bf..855df2b7414 100644
--- a/app/view_models/account_show.rb
+++ b/app/view_models/account_show.rb
@@ -1,10 +1,14 @@
class AccountShow
- attr_reader :decorated_user, :decrypted_pii, :personal_key, :locked_for_session, :pii
+ attr_reader :decorated_user, :decrypted_pii, :personal_key, :locked_for_session, :pii,
+ :sp_session_request_url, :sp_name
- def initialize(decrypted_pii:, personal_key:, decorated_user:, locked_for_session:)
+ def initialize(decrypted_pii:, personal_key:, sp_session_request_url:, sp_name:, decorated_user:,
+ locked_for_session:)
@decrypted_pii = decrypted_pii
@personal_key = personal_key
@decorated_user = decorated_user
+ @sp_name = sp_name
+ @sp_session_request_url = sp_session_request_url
@locked_for_session = locked_for_session
@pii = determine_pii
end
@@ -30,6 +34,20 @@ def show_manage_personal_key_partial?
end
end
+ def show_service_provider_continue_partial?
+ sp_name.present? && sp_session_request_url.present?
+ end
+
+ def show_gpo_partial?
+ decorated_user.pending_profile_requires_verification?
+ end
+
+ def showing_any_partials?
+ show_service_provider_continue_partial? || show_manage_personal_key_partial? ||
+ show_pii_partial? || show_password_reset_partial? || show_personal_key_partial? ||
+ show_gpo_partial?
+ end
+
def backup_codes_generated_at
decorated_user.user.backup_code_configurations.order(created_at: :asc).first&.created_at
end
diff --git a/app/views/accounts/_password_reset.html.erb b/app/views/accounts/_password_reset.html.erb
index 5c248d45449..219ee48c5bf 100644
--- a/app/views/accounts/_password_reset.html.erb
+++ b/app/views/accounts/_password_reset.html.erb
@@ -1,8 +1,4 @@
-<%= render 'shared/alert', {
- type: 'warning',
- class: 'margin-bottom-8',
- text_tag: 'div',
-} do %>
+<%= render 'shared/alert', { type: 'warning', text_tag: 'div' } do %>
<%= t('account.index.reactivation.instructions') %>
diff --git a/app/views/accounts/_pending_profile_bounced_gpo.html.erb b/app/views/accounts/_pending_profile_bounced_gpo.html.erb
index 2bb4f0f6ce6..6291582f886 100644
--- a/app/views/accounts/_pending_profile_bounced_gpo.html.erb
+++ b/app/views/accounts/_pending_profile_bounced_gpo.html.erb
@@ -1,8 +1,4 @@
-<%= render 'shared/alert', {
- type: 'warning',
- class: 'margin-bottom-8',
- text_tag: 'div',
-} do %>
+<%= render 'shared/alert', { type: 'warning', text_tag: 'div' } do %>
<%= t('account.index.verification.bounced') %>
diff --git a/app/views/accounts/_pending_profile_gpo.html.erb b/app/views/accounts/_pending_profile_gpo.html.erb
index 38ad9b713ad..413e069eda1 100644
--- a/app/views/accounts/_pending_profile_gpo.html.erb
+++ b/app/views/accounts/_pending_profile_gpo.html.erb
@@ -1,8 +1,4 @@
-<%= render 'shared/alert', {
- type: 'warning',
- class: 'margin-bottom-8',
- text_tag: 'div',
-} do %>
+<%= render 'shared/alert', { type: 'warning', text_tag: 'div' } do %>
<%= t('account.index.verification.instructions') %>
diff --git a/app/views/accounts/_personal_key.html.erb b/app/views/accounts/_personal_key.html.erb
index a757ac96739..09c6adb4de2 100644
--- a/app/views/accounts/_personal_key.html.erb
+++ b/app/views/accounts/_personal_key.html.erb
@@ -1,8 +1,4 @@
-<%= render 'shared/alert', {
- type: 'warning',
- class: 'margin-bottom-8',
- text_tag: 'div',
-} do %>
+<%= render 'shared/alert', { type: 'warning', class: 'margin-bottom-2', text_tag: 'div' } do %>
<%= t('idv.messages.personal_key') %>
diff --git a/app/views/accounts/_service_provider_continue.html.erb b/app/views/accounts/_service_provider_continue.html.erb
new file mode 100644
index 00000000000..2b0e9d8f120
--- /dev/null
+++ b/app/views/accounts/_service_provider_continue.html.erb
@@ -0,0 +1,3 @@
+<%= render 'shared/alert', { type: 'info', text_tag: 'div' } do %>
+ <%= link_to(t('account.index.continue_to_service_provider', service_provider: view_model.sp_name), view_model.sp_session_request_url) %>
+<% end %>
diff --git a/app/views/accounts/show.html.erb b/app/views/accounts/show.html.erb
index 4c4837219ee..a0e8707b8a9 100644
--- a/app/views/accounts/show.html.erb
+++ b/app/views/accounts/show.html.erb
@@ -1,18 +1,27 @@
<% title t('titles.account') %>
-<% if @view_model.show_personal_key_partial? %>
- <%= render 'accounts/personal_key', view_model: @view_model %>
-<% end %>
-<% if @view_model.show_password_reset_partial? %>
- <%= render 'accounts/password_reset', view_model: @view_model %>
-<% end %>
+<% if @view_model.showing_any_partials? %>
+
+ <% if @view_model.show_personal_key_partial? %>
+ <%= render 'accounts/personal_key', view_model: @view_model %>
+ <% end %>
-<% if @view_model.decorated_user.pending_profile_requires_verification? %>
- <% if @view_model.decorated_user.gpo_mail_bounced? %>
- <%= render 'accounts/pending_profile_bounced_gpo' %>
- <% else %>
- <%= render 'accounts/pending_profile_gpo' %>
- <% end %>
+ <% if @view_model.show_password_reset_partial? %>
+ <%= render 'accounts/password_reset', view_model: @view_model %>
+ <% end %>
+
+ <% if @view_model.show_gpo_partial? %>
+ <% if @view_model.decorated_user.gpo_mail_bounced? %>
+ <%= render 'accounts/pending_profile_bounced_gpo' %>
+ <% else %>
+ <%= render 'accounts/pending_profile_gpo' %>
+ <% end %>
+ <% end %>
+
+ <% if @view_model.show_service_provider_continue_partial? %>
+ <%= render 'accounts/service_provider_continue', view_model: @view_model %>
+ <% end %>
+
<% end %>
<%= render 'accounts/header', view_model: @view_model %>
diff --git a/config/locales/account/en.yml b/config/locales/account/en.yml
index 3880f507710..e8f9193574a 100644
--- a/config/locales/account/en.yml
+++ b/config/locales/account/en.yml
@@ -32,6 +32,7 @@ en:
backup_code_confirm_regenerate: Yes, regenerate codes
backup_codes_exist: Generated
backup_codes_no_exist: Not generated
+ continue_to_service_provider: Continue to %{service_provider}
default: default
device: '%{browser} on %{os}'
dob: Date of birth
diff --git a/config/locales/account/es.yml b/config/locales/account/es.yml
index 065aa4e4af2..cd8e05f037a 100644
--- a/config/locales/account/es.yml
+++ b/config/locales/account/es.yml
@@ -33,6 +33,7 @@ es:
backup_code_confirm_regenerate: Sí, regenerar códigos.
backup_codes_exist: Generado
backup_codes_no_exist: No generado
+ continue_to_service_provider: Continuar con %{service_provider}
default: defecto
device: '%{browser} en %{os}'
dob: Fecha de nacimiento
diff --git a/config/locales/account/fr.yml b/config/locales/account/fr.yml
index 56e33d63eb0..4692b6634a8 100644
--- a/config/locales/account/fr.yml
+++ b/config/locales/account/fr.yml
@@ -34,6 +34,7 @@ fr:
backup_code_confirm_regenerate: Oui, régénérer les codes
backup_codes_exist: Généré
backup_codes_no_exist: Non généré
+ continue_to_service_provider: Continuer à %{service_provider}
default: défaut
device: '%{browser} sur %{os}'
dob: Date de naissance
diff --git a/spec/controllers/accounts_controller_spec.rb b/spec/controllers/accounts_controller_spec.rb
index aba60a92fd3..da9c64691a7 100644
--- a/spec/controllers/accounts_controller_spec.rb
+++ b/spec/controllers/accounts_controller_spec.rb
@@ -44,6 +44,8 @@
view_model = AccountShow.new(
decrypted_pii: nil,
personal_key: nil,
+ sp_session_request_url: nil,
+ sp_name: nil,
decorated_user: user.decorate,
locked_for_session: false,
)
@@ -86,6 +88,8 @@
view_model = AccountShow.new(
decrypted_pii: nil,
personal_key: nil,
+ sp_session_request_url: nil,
+ sp_name: nil,
decorated_user: user.decorate,
locked_for_session: false,
)
diff --git a/spec/view_models/account_show_spec.rb b/spec/view_models/account_show_spec.rb
index d940bbbf356..8551ba73c99 100644
--- a/spec/view_models/account_show_spec.rb
+++ b/spec/view_models/account_show_spec.rb
@@ -14,6 +14,7 @@
)
profile_index = AccountShow.new(
decrypted_pii: decrypted_pii, personal_key: '', decorated_user: user.decorate,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
)
@@ -28,6 +29,7 @@
email_address.update!(last_sign_in_at: 1.minute.from_now)
profile_index = AccountShow.new(
decrypted_pii: {}, personal_key: '', decorated_user: decorated_user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
)
@@ -46,6 +48,7 @@
profile_index = AccountShow.new(
decrypted_pii: {}, personal_key: '', decorated_user: user.decorate,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
)
@@ -61,6 +64,7 @@
).to receive(:enabled?).and_return(false)
profile_index = AccountShow.new(
decrypted_pii: {}, personal_key: '', decorated_user: user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
)
@@ -78,6 +82,8 @@
account_show = AccountShow.new(
decrypted_pii: {},
personal_key: '',
+ sp_session_request_url: nil,
+ sp_name: nil,
decorated_user: user.reload.decorate,
locked_for_session: false,
)
@@ -95,6 +101,8 @@
account_show = AccountShow.new(
decrypted_pii: {},
personal_key: '',
+ sp_session_request_url: nil,
+ sp_name: nil,
decorated_user: user.reload.decorate,
locked_for_session: false,
)
@@ -113,6 +121,8 @@
AccountShow.new(
decrypted_pii: decrypted_pii,
personal_key: '',
+ sp_session_request_url: nil,
+ sp_name: nil,
decorated_user: user.decorate,
locked_for_session: false,
)
diff --git a/spec/views/accounts/connected_accounts/show.html.erb_spec.rb b/spec/views/accounts/connected_accounts/show.html.erb_spec.rb
index 601117eceb9..123de533c63 100644
--- a/spec/views/accounts/connected_accounts/show.html.erb_spec.rb
+++ b/spec/views/accounts/connected_accounts/show.html.erb_spec.rb
@@ -10,6 +10,7 @@
:view_model,
AccountShow.new(
decrypted_pii: nil, personal_key: nil, decorated_user: decorated_user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
),
)
diff --git a/spec/views/accounts/history/show.html.erb_spec.rb b/spec/views/accounts/history/show.html.erb_spec.rb
index a0ae03f63b8..b537e95feee 100644
--- a/spec/views/accounts/history/show.html.erb_spec.rb
+++ b/spec/views/accounts/history/show.html.erb_spec.rb
@@ -11,6 +11,7 @@
:view_model,
AccountShow.new(
decrypted_pii: nil, personal_key: nil, decorated_user: decorated_user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
),
)
diff --git a/spec/views/accounts/show.html.erb_spec.rb b/spec/views/accounts/show.html.erb_spec.rb
index 4010a697d83..d9cb2be9302 100644
--- a/spec/views/accounts/show.html.erb_spec.rb
+++ b/spec/views/accounts/show.html.erb_spec.rb
@@ -11,6 +11,7 @@
:view_model,
AccountShow.new(
decrypted_pii: nil, personal_key: nil, decorated_user: decorated_user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
),
)
@@ -149,4 +150,27 @@
expect(user.email_addresses.size).to eq(5)
end
end
+
+ context 'when a profile has just been re-activated with personal key during SP auth' do
+ let(:sp) { build(:service_provider, return_to_sp_url: 'https://www.example.com/auth') }
+ before do
+ assign(
+ :view_model,
+ AccountShow.new(
+ decrypted_pii: nil, personal_key: 'abc123', decorated_user: decorated_user,
+ sp_session_request_url: sp.return_to_sp_url, sp_name: sp.friendly_name,
+ locked_for_session: false
+ ),
+ )
+ end
+
+ it 'renders the link to continue to the SP' do
+ render
+
+ expect(rendered).to have_link(
+ t('account.index.continue_to_service_provider', service_provider: sp.friendly_name),
+ href: sp.return_to_sp_url,
+ )
+ end
+ end
end
diff --git a/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb b/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb
index 58b129bf98c..bc2073e4d39 100644
--- a/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb
+++ b/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb
@@ -11,6 +11,7 @@
:view_model,
AccountShow.new(
decrypted_pii: nil, personal_key: nil, decorated_user: decorated_user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
),
)
@@ -33,6 +34,7 @@
:view_model,
AccountShow.new(
decrypted_pii: nil, personal_key: nil, decorated_user: decorated_user,
+ sp_session_request_url: nil, sp_name: nil,
locked_for_session: false
),
)