From ddaf10e1d869d97b6985f2a789f8ec78ee98bd15 Mon Sep 17 00:00:00 2001
From: Jack Cody <jack.cody@gsa.gov>
Date: Wed, 17 Aug 2022 15:07:12 -0700
Subject: [PATCH 1/5] Add tracking for event
 forgot_password_new_password_submitted

changelog: Internal, Attempts API, Track forgot_password_new_password_submitted
---
 .../users/reset_passwords_controller.rb       |  8 ++++
 .../irs_attempts_api/tracker_events.rb        | 10 ++++
 .../users/reset_passwords_controller_spec.rb  | 48 ++++++++++++++++++-
 3 files changed, 65 insertions(+), 1 deletion(-)

diff --git a/app/controllers/users/reset_passwords_controller.rb b/app/controllers/users/reset_passwords_controller.rb
index 943ef7e6cdf..e82353029aa 100644
--- a/app/controllers/users/reset_passwords_controller.rb
+++ b/app/controllers/users/reset_passwords_controller.rb
@@ -39,6 +39,7 @@ def update
       result = @reset_password_form.submit(user_params)
 
       analytics.password_reset_password(**result.to_h)
+      irs_tracker_forgot_new_password_submitted(result)
 
       if result.success?
         handle_successful_password_reset
@@ -152,5 +153,12 @@ def user_params
     def assert_reset_token_passed
       # remove devise's default behavior
     end
+
+    def irs_tracker_forgot_new_password_submitted(result)
+      irs_attempts_api_tracker.forgot_password_new_password_submitted(
+        success: result.success?,
+        failure_reason: result.errors,
+      )
+    end
   end
 end
diff --git a/app/services/irs_attempts_api/tracker_events.rb b/app/services/irs_attempts_api/tracker_events.rb
index e6b06115cd0..6e76b25f4aa 100644
--- a/app/services/irs_attempts_api/tracker_events.rb
+++ b/app/services/irs_attempts_api/tracker_events.rb
@@ -20,6 +20,16 @@ def logout_initiated(success:)
       )
     end
 
+    # @param [Boolean] success True if the email and password matched
+    # @param [Hash<Symbol,Array<Symbol>>] failure_reason
+    def forgot_password_new_password_submitted(success:, failure_reason: nil)
+      track_event(
+        :forgot_password_new_password_submitted,
+        success: success,
+        failure_reason: failure_reason,
+      )
+    end
+
     # Tracks when the user has attempted to enroll the Backup Codes MFA method to their account
     # @param [Boolean] success
     def mfa_enroll_backup_code(success:)
diff --git a/spec/controllers/users/reset_passwords_controller_spec.rb b/spec/controllers/users/reset_passwords_controller_spec.rb
index 467d5e4ae30..d7eb52049fb 100644
--- a/spec/controllers/users/reset_passwords_controller_spec.rb
+++ b/spec/controllers/users/reset_passwords_controller_spec.rb
@@ -81,9 +81,18 @@
 
   describe '#update' do
     context 'user submits new password after token expires' do
+      let(:irs_tracker_failure_reason) do
+        {
+          password: ['This password is too short (minimum is 12 characters)'],
+          reset_password_token: ['token_expired'],
+        }
+      end
+
       it 'redirects to page where user enters email for password reset token' do
         stub_analytics
+        stub_attempts_tracker
         allow(@analytics).to receive(:track_event)
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         raw_reset_token, db_confirmation_token =
           Devise.token_generator.generate(User, :reset_password_token)
@@ -116,14 +125,26 @@
         expect(@analytics).to have_received(:track_event).
           with('Password Reset: Password Submitted', analytics_hash)
 
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_new_password_submitted,
+          success: false,
+          failure_reason: irs_tracker_failure_reason,
+        )
+
         expect(response).to redirect_to new_user_password_path
         expect(flash[:error]).to eq t('devise.passwords.token_expired')
       end
     end
 
     context 'user submits invalid new password' do
+      let(:irs_tracker_failure_reason) do
+        { password: ['This password is too short (minimum is 12 characters)'] }
+      end
+
       it 'renders edit' do
         stub_analytics
+        stub_attempts_tracker
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         raw_reset_token, db_confirmation_token =
           Devise.token_generator.generate(User, :reset_password_token)
@@ -153,6 +174,11 @@
 
         expect(assigns(:forbidden_passwords)).to all(be_a(String))
         expect(response).to render_template(:edit)
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_new_password_submitted,
+          success: false,
+          failure_reason: irs_tracker_failure_reason,
+        )
       end
     end
 
@@ -179,7 +205,9 @@
     context 'IAL1 user submits valid new password' do
       it 'redirects to sign in page' do
         stub_analytics
+        stub_attempts_tracker
         allow(@analytics).to receive(:track_event)
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         raw_reset_token, db_confirmation_token =
           Devise.token_generator.generate(User, :reset_password_token)
@@ -214,7 +242,11 @@
 
           expect(@analytics).to have_received(:track_event).
             with('Password Reset: Password Submitted', analytics_hash)
-
+          expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+            :forgot_password_new_password_submitted,
+            success: true,
+            failure_reason: {},
+          )
           expect(user.events.password_changed.size).to be 1
 
           expect(response).to redirect_to new_user_session_path
@@ -227,7 +259,9 @@
     context 'ial2 user submits valid new password' do
       it 'deactivates the active profile and redirects' do
         stub_analytics
+        stub_attempts_tracker
         allow(@analytics).to receive(:track_event)
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         raw_reset_token, db_confirmation_token =
           Devise.token_generator.generate(User, :reset_password_token)
@@ -258,6 +292,11 @@
 
         expect(@analytics).to have_received(:track_event).
           with('Password Reset: Password Submitted', analytics_hash)
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_new_password_submitted,
+          success: true,
+          failure_reason: {},
+        )
 
         expect(user.active_profile.present?).to eq false
 
@@ -268,7 +307,9 @@
     context 'unconfirmed user submits valid new password' do
       it 'confirms the user' do
         stub_analytics
+        stub_attempts_tracker
         allow(@analytics).to receive(:track_event)
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         raw_reset_token, db_confirmation_token =
           Devise.token_generator.generate(User, :reset_password_token)
@@ -300,6 +341,11 @@
 
         expect(@analytics).to have_received(:track_event).
           with('Password Reset: Password Submitted', analytics_hash)
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_new_password_submitted,
+          success: true,
+          failure_reason: {},
+        )
 
         expect(user.reload.confirmed?).to eq true
 

From 15b5e38408e8ff233c8f06c57b7e11c41da883d5 Mon Sep 17 00:00:00 2001
From: Jack Cody <jack.cody@gsa.gov>
Date: Wed, 17 Aug 2022 15:28:34 -0700
Subject: [PATCH 2/5] Change method name

---
 app/controllers/users/reset_passwords_controller.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/users/reset_passwords_controller.rb b/app/controllers/users/reset_passwords_controller.rb
index e82353029aa..d0e9898877e 100644
--- a/app/controllers/users/reset_passwords_controller.rb
+++ b/app/controllers/users/reset_passwords_controller.rb
@@ -39,7 +39,7 @@ def update
       result = @reset_password_form.submit(user_params)
 
       analytics.password_reset_password(**result.to_h)
-      irs_tracker_forgot_new_password_submitted(result)
+      irs_tracker_forgot_password_new_password_submitted(result)
 
       if result.success?
         handle_successful_password_reset
@@ -154,7 +154,7 @@ def assert_reset_token_passed
       # remove devise's default behavior
     end
 
-    def irs_tracker_forgot_new_password_submitted(result)
+    def irs_tracker_forgot_password_new_password_submitted(result)
       irs_attempts_api_tracker.forgot_password_new_password_submitted(
         success: result.success?,
         failure_reason: result.errors,

From c19ca56ca86e389cffd5023dbd16c068f2a4e521 Mon Sep 17 00:00:00 2001
From: Jack Cody <jack.cody@gsa.gov>
Date: Wed, 17 Aug 2022 15:36:22 -0700
Subject: [PATCH 3/5] Change comment

---
 app/services/irs_attempts_api/tracker_events.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/services/irs_attempts_api/tracker_events.rb b/app/services/irs_attempts_api/tracker_events.rb
index 6e76b25f4aa..0f9062258c5 100644
--- a/app/services/irs_attempts_api/tracker_events.rb
+++ b/app/services/irs_attempts_api/tracker_events.rb
@@ -20,7 +20,7 @@ def logout_initiated(success:)
       )
     end
 
-    # @param [Boolean] success True if the email and password matched
+    # @param [Boolean] success
     # @param [Hash<Symbol,Array<Symbol>>] failure_reason
     def forgot_password_new_password_submitted(success:, failure_reason: nil)
       track_event(

From 5a81b7dd7455272e8c0a6181d08eddbc20bfddca Mon Sep 17 00:00:00 2001
From: Jack Cody <jack.cody@gsa.gov>
Date: Fri, 19 Aug 2022 12:06:41 -0700
Subject: [PATCH 4/5] Remove method, inline code

---
 app/controllers/users/reset_passwords_controller.rb | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/app/controllers/users/reset_passwords_controller.rb b/app/controllers/users/reset_passwords_controller.rb
index d0e9898877e..9d54ee07a9a 100644
--- a/app/controllers/users/reset_passwords_controller.rb
+++ b/app/controllers/users/reset_passwords_controller.rb
@@ -39,7 +39,10 @@ def update
       result = @reset_password_form.submit(user_params)
 
       analytics.password_reset_password(**result.to_h)
-      irs_tracker_forgot_password_new_password_submitted(result)
+      irs_attempts_api_tracker.forgot_password_new_password_submitted(
+        success: result.success?,
+        failure_reason: result.errors,
+      )
 
       if result.success?
         handle_successful_password_reset
@@ -153,12 +156,5 @@ def user_params
     def assert_reset_token_passed
       # remove devise's default behavior
     end
-
-    def irs_tracker_forgot_password_new_password_submitted(result)
-      irs_attempts_api_tracker.forgot_password_new_password_submitted(
-        success: result.success?,
-        failure_reason: result.errors,
-      )
-    end
   end
 end

From c1fcebc0822d0bdc85906300cb5f465ff7cd5927 Mon Sep 17 00:00:00 2001
From: Jack Cody <jack.cody@gsa.gov>
Date: Fri, 19 Aug 2022 12:09:39 -0700
Subject: [PATCH 5/5] Add more modular spec

---
 spec/controllers/users/reset_passwords_controller_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/controllers/users/reset_passwords_controller_spec.rb b/spec/controllers/users/reset_passwords_controller_spec.rb
index d7eb52049fb..8033c08147f 100644
--- a/spec/controllers/users/reset_passwords_controller_spec.rb
+++ b/spec/controllers/users/reset_passwords_controller_spec.rb
@@ -83,7 +83,7 @@
     context 'user submits new password after token expires' do
       let(:irs_tracker_failure_reason) do
         {
-          password: ['This password is too short (minimum is 12 characters)'],
+          password: [password_error_message],
           reset_password_token: ['token_expired'],
         }
       end
@@ -138,7 +138,7 @@
 
     context 'user submits invalid new password' do
       let(:irs_tracker_failure_reason) do
-        { password: ['This password is too short (minimum is 12 characters)'] }
+        { password: [password_error_message] }
       end
 
       it 'renders edit' do