diff --git a/app/services/flow/base_step.rb b/app/services/flow/base_step.rb index 5cec19ac634..f138d0d15df 100644 --- a/app/services/flow/base_step.rb +++ b/app/services/flow/base_step.rb @@ -24,6 +24,7 @@ def mark_step_complete(step = nil) def mark_step_incomplete(step = nil) klass = step.nil? ? self.class : steps[step] flow_session.delete(klass.to_s) + nil end def self.acceptable_response_object?(obj) diff --git a/app/services/idv/steps/ssn_step.rb b/app/services/idv/steps/ssn_step.rb index 540320e671d..1d189857fca 100644 --- a/app/services/idv/steps/ssn_step.rb +++ b/app/services/idv/steps/ssn_step.rb @@ -4,6 +4,8 @@ class SsnStep < DocAuthBaseStep STEP_INDICATOR_STEP = :verify_info def call + return mark_step_incomplete(:document_capture) if flow_session[:pii_from_doc].nil? + flow_session[:pii_from_doc][:ssn] = flow_params[:ssn] end diff --git a/app/services/idv/steps/verify_step.rb b/app/services/idv/steps/verify_step.rb index 6527c34efe9..18eeb770194 100644 --- a/app/services/idv/steps/verify_step.rb +++ b/app/services/idv/steps/verify_step.rb @@ -11,6 +11,7 @@ def call def enqueue_job return if flow_session[verify_step_document_capture_session_uuid_key] + return mark_step_incomplete(:ssn) if pii_from_doc.nil? pii_from_doc[:uuid_prefix] = ServiceProvider.find_by(issuer: sp_session[:issuer])&.app_id diff --git a/spec/services/idv/steps/ssn_step_spec.rb b/spec/services/idv/steps/ssn_step_spec.rb new file mode 100644 index 00000000000..813bce50ec3 --- /dev/null +++ b/spec/services/idv/steps/ssn_step_spec.rb @@ -0,0 +1,63 @@ +require 'rails_helper' + +describe Idv::Steps::SsnStep do + include Rails.application.routes.url_helpers + + let(:user) { build(:user) } + let(:service_provider) do + create( + :service_provider, + issuer: 'http://sp.example.com', + app_id: '123', + ) + end + let(:controller) do + instance_double( + 'controller', + session: { sp: { issuer: service_provider.issuer } }, + current_user: user, + params: {}, + analytics: FakeAnalytics.new, + url_options: {}, + request: double( + 'request', + headers: { + 'X-Amzn-Trace-Id' => amzn_trace_id, + }, + ), + ) + end + let(:amzn_trace_id) { SecureRandom.uuid } + + let(:pii_from_doc) do + { + first_name: Faker::Name.first_name, + } + end + + let(:flow) do + Idv::Flows::DocAuthFlow.new(controller, {}, 'idv/doc_auth').tap do |flow| + flow.flow_session = { pii_from_doc: pii_from_doc } + end + end + + subject(:step) do + Idv::Steps::SsnStep.new(flow) + end + + describe '#call' do + context 'when pii_from_doc is not present' do + let(:flow) do + Idv::Flows::DocAuthFlow.new(controller, {}, 'idv/doc_auth').tap do |flow| + flow.flow_session = { 'Idv::Steps::DocumentCaptureStep' => true } + end + end + + it 'marks previous step as incomplete' do + expect(flow.flow_session['Idv::Steps::DocumentCaptureStep']).to eq true + expect(step.call).to eq nil + expect(flow.flow_session['Idv::Steps::DocumentCaptureStep']).to eq nil + end + end + end +end diff --git a/spec/services/idv/steps/verify_step_spec.rb b/spec/services/idv/steps/verify_step_spec.rb index 67904b0854b..2986880c705 100644 --- a/spec/services/idv/steps/verify_step_spec.rb +++ b/spec/services/idv/steps/verify_step_spec.rb @@ -65,6 +65,20 @@ step.call end + context 'when pii_from_doc is not present' do + let(:flow) do + Idv::Flows::DocAuthFlow.new(controller, {}, 'idv/doc_auth').tap do |flow| + flow.flow_session = { 'Idv::Steps::SsnStep' => true } + end + end + + it 'marks step as incomplete' do + expect(flow.flow_session['Idv::Steps::SsnStep']).to eq true + expect(step.call).to eq nil + expect(flow.flow_session['Idv::Steps::SsnStep']).to eq nil + end + end + context 'when different users use the same SSN within the same timeframe' do let(:user2) { create(:user) } let(:flow2) do