diff --git a/app/controllers/idv/inherited_proofing_controller.rb b/app/controllers/idv/inherited_proofing_controller.rb index 398553acba4..90e9e79c9b4 100644 --- a/app/controllers/idv/inherited_proofing_controller.rb +++ b/app/controllers/idv/inherited_proofing_controller.rb @@ -1,6 +1,8 @@ module Idv class InheritedProofingController < ApplicationController include Flow::FlowStateMachine + include IdvSession + include InheritedProofingConcern before_action :render_404_if_disabled diff --git a/app/services/idv/flows/inherited_proofing_flow.rb b/app/services/idv/flows/inherited_proofing_flow.rb index b44b417fcac..b24858a9913 100644 --- a/app/services/idv/flows/inherited_proofing_flow.rb +++ b/app/services/idv/flows/inherited_proofing_flow.rb @@ -22,6 +22,11 @@ class InheritedProofingFlow < Flow::BaseFlow def initialize(controller, session, name) @idv_session = self.class.session_idv(session) super(controller, STEPS, ACTIONS, session[name]) + + @flow_session ||= {} + @flow_session[:pii_from_user] ||= { uuid: current_user.uuid } + applicant = @idv_session['applicant'] || {} + @flow_session[:pii_from_user] = @flow_session[:pii_from_user].to_h.merge(applicant) end def self.session_idv(session) diff --git a/app/services/idv/steps/inherited_proofing/agreement_step.rb b/app/services/idv/steps/inherited_proofing/agreement_step.rb index 052476b8e29..baef3e74130 100644 --- a/app/services/idv/steps/inherited_proofing/agreement_step.rb +++ b/app/services/idv/steps/inherited_proofing/agreement_step.rb @@ -2,9 +2,13 @@ module Idv module Steps module InheritedProofing class AgreementStep < InheritedProofingBaseStep + include UserPiiManagable + STEP_INDICATOR_STEP = :getting_started def call + inherited_proofing_save_user_pii_to_session! + inherited_proofing_form_response end def form_submit diff --git a/app/services/idv/steps/inherited_proofing/user_pii_managable.rb b/app/services/idv/steps/inherited_proofing/user_pii_managable.rb new file mode 100644 index 00000000000..544d92525c9 --- /dev/null +++ b/app/services/idv/steps/inherited_proofing/user_pii_managable.rb @@ -0,0 +1,37 @@ +module Idv + module Steps + module InheritedProofing + module UserPiiManagable + include UserPiiRetrievable + + def inherited_proofing_save_user_pii_to_session! + inherited_proofing_save_session! + inherited_proofing_skip_steps! + end + + private + + def inherited_proofing_save_session! + return unless inherited_proofing_form_response.success? + + flow_session[:pii_from_user] = + flow_session[:pii_from_user].to_h.merge(inherited_proofing_user_pii) + # This is unnecessary, but added for completeness. Any subsequent FLOWS we + # might splice into will pull from idv_session['applicant'] and merge into + # flow_session[:pii_from_user] anyhow in their #initialize(r); any subsequent + # STEP FLOWS we might splice into will populate idv_session['applicant'] and + # ultimately get merged in to flow_session[:pii_from_user] as well. + idv_session['applicant'] = flow_session[:pii_from_user] + end + + def inherited_proofing_skip_steps! + idv_session['profile_confirmation'] = true + idv_session['vendor_phone_confirmation'] = false + idv_session['user_phone_confirmation'] = false + idv_session['address_verification_mechanism'] = 'phone' + idv_session['resolution_successful'] = 'phone' + end + end + end + end +end diff --git a/app/services/idv/steps/inherited_proofing/user_pii_retrievable.rb b/app/services/idv/steps/inherited_proofing/user_pii_retrievable.rb new file mode 100644 index 00000000000..36323660088 --- /dev/null +++ b/app/services/idv/steps/inherited_proofing/user_pii_retrievable.rb @@ -0,0 +1,39 @@ +module Idv + module Steps + module InheritedProofing + module UserPiiRetrievable + def inherited_proofing_user_pii + inherited_proofing_info[0] + end + + def inherited_proofing_form_response + inherited_proofing_info[1] + end + + private + + # This needs error handling. + def inherited_proofing_info + return @inherited_proofing_info if defined? @inherited_proofing_info + + payload_hash = inherited_proofing_service.execute.dup + form = inherited_proofing_form(payload_hash) + form_response = form.submit + + user_pii = {} + user_pii = form.user_pii if form_response.success? + + @inherited_proofing_info = [user_pii, form_response] + end + + def inherited_proofing_service + controller.inherited_proofing_service + end + + def inherited_proofing_form(payload_hash) + controller.inherited_proofing_form payload_hash + end + end + end + end +end diff --git a/app/services/idv/steps/inherited_proofing_base_step.rb b/app/services/idv/steps/inherited_proofing_base_step.rb index 0611e901306..43c18f90889 100644 --- a/app/services/idv/steps/inherited_proofing_base_step.rb +++ b/app/services/idv/steps/inherited_proofing_base_step.rb @@ -1,6 +1,8 @@ module Idv module Steps class InheritedProofingBaseStep < Flow::BaseStep + delegate :controller, :idv_session, to: :@flow + def initialize(flow) super(flow, :inherited_proofing) end diff --git a/lib/session_encryptor.rb b/lib/session_encryptor.rb index 397b7e46a09..4ef683508b9 100644 --- a/lib/session_encryptor.rb +++ b/lib/session_encryptor.rb @@ -14,6 +14,7 @@ class SensitiveValueError < StandardError; end # personal keys are generated and stored in the session between requests, but are used # to decrypt PII bundles, so we treat them similarly to the PII itself. SENSITIVE_PATHS = [ + ['warden.user.user.session', 'idv/inherited_proofing'], ['warden.user.user.session', 'idv/doc_auth'], ['warden.user.user.session', 'idv/in_person'], ['warden.user.user.session', 'idv'], diff --git a/spec/controllers/idv/inherited_proofing_controller_spec.rb b/spec/controllers/idv/inherited_proofing_controller_spec.rb index d70a234c336..2fc7541ff39 100644 --- a/spec/controllers/idv/inherited_proofing_controller_spec.rb +++ b/spec/controllers/idv/inherited_proofing_controller_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -describe Idv::InheritedProofingController do +shared_examples 'the flow steps work correctly' do describe '#index' do it 'redirects to the first step' do get :index @@ -50,8 +50,34 @@ expect(response).to redirect_to idv_inherited_proofing_step_url(step: :get_started) end end +end + +def mock_next_step(step) + allow_any_instance_of(Idv::Flows::InheritedProofingFlow).to receive(:next_step).and_return(step) +end + +describe Idv::InheritedProofingController do + let(:sp) { nil } + let(:user) { build(:user) } + + before do + allow(controller).to receive(:current_sp).and_return(sp) + stub_sign_in(user) + end + + context 'when VA inherited proofing mock is enabled' do + before do + allow(IdentityConfig.store).to receive(:va_inherited_proofing_mock_enabled).and_return(true) + end + + it_behaves_like 'the flow steps work correctly' + end + + context 'when VA inherited proofing mock is not enabled' do + before do + allow(IdentityConfig.store).to receive(:va_inherited_proofing_mock_enabled).and_return(false) + end - def mock_next_step(step) - allow_any_instance_of(Idv::Flows::InheritedProofingFlow).to receive(:next_step).and_return(step) + it_behaves_like 'the flow steps work correctly' end end diff --git a/spec/features/idv/inherited_proofing/agreement_step_spec.rb b/spec/features/idv/inherited_proofing/agreement_step_spec.rb index d98193f9730..d9aabf73d6c 100644 --- a/spec/features/idv/inherited_proofing/agreement_step_spec.rb +++ b/spec/features/idv/inherited_proofing/agreement_step_spec.rb @@ -4,6 +4,16 @@ include IdvHelper include DocAuthHelper + before do + allow(IdentityConfig.store).to receive(:va_inherited_proofing_mock_enabled).and_return true + allow_any_instance_of(Idv::InheritedProofingController).to \ + receive(:va_inherited_proofing?).and_return true + allow_any_instance_of(Idv::InheritedProofingController).to \ + receive(:va_inherited_proofing_auth_code).and_return auth_code + end + + let(:auth_code) { Idv::InheritedProofing::Va::Mocks::Service::VALID_AUTH_CODE } + def expect_ip_verify_info_step expect(page).to have_current_path(idv_ip_verify_info_step) end