From d964d3bd01b01a6f11eba28734b6f2d56aab04a6 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 7 Mar 2023 11:54:14 -0800 Subject: [PATCH 01/33] Route + controller for outage page --- app/controllers/idv/outage_controller.rb | 16 ++++++++++ app/views/idv/outage/show.html.erb | 0 config/routes.rb | 1 + .../controllers/idv/outage_controller_spec.rb | 29 +++++++++++++++++++ 4 files changed, 46 insertions(+) create mode 100644 app/controllers/idv/outage_controller.rb create mode 100644 app/views/idv/outage/show.html.erb create mode 100644 spec/controllers/idv/outage_controller_spec.rb diff --git a/app/controllers/idv/outage_controller.rb b/app/controllers/idv/outage_controller.rb new file mode 100644 index 00000000000..c857c1f865f --- /dev/null +++ b/app/controllers/idv/outage_controller.rb @@ -0,0 +1,16 @@ +module Idv + class OutageController < ApplicationController + def show + analytics.vendor_outage( + vendor_status: { + acuant: IdentityConfig.store.vendor_status_acuant, + lexisnexis_instant_verify: IdentityConfig.store.vendor_status_lexisnexis_instant_verify, + lexisnexis_trueid: IdentityConfig.store.vendor_status_lexisnexis_trueid, + sms: IdentityConfig.store.vendor_status_sms, + voice: IdentityConfig.store.vendor_status_voice, + }, + redirect_from: nil, + ) + end + end +end \ No newline at end of file diff --git a/app/views/idv/outage/show.html.erb b/app/views/idv/outage/show.html.erb new file mode 100644 index 00000000000..e69de29bb2d diff --git a/config/routes.rb b/config/routes.rb index b4d4e9db409..db6dafa1d0e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -301,6 +301,7 @@ get '/activated' => 'idv#activated' end scope '/verify', module: 'idv', as: 'idv' do + get '/unavailable' => 'outage#show' get '/come_back_later' => 'come_back_later#show' get '/personal_key' => 'personal_key#show' post '/personal_key' => 'personal_key#update' diff --git a/spec/controllers/idv/outage_controller_spec.rb b/spec/controllers/idv/outage_controller_spec.rb new file mode 100644 index 00000000000..55270b55870 --- /dev/null +++ b/spec/controllers/idv/outage_controller_spec.rb @@ -0,0 +1,29 @@ +require 'rails_helper' + +describe Idv::OutageController do + before do + stub_analytics + end + + describe '#show' do + before do + get :show + end + it 'logs an analytics event' do + expect(@analytics).to have_logged_event( + 'Vendor Outage', + redirect_from: nil, + vendor_status: { + acuant: :operational, + lexisnexis_instant_verify: :operational, + lexisnexis_trueid: :operational, + sms: :operational, + voice: :operational, + }, + ) + end + it 'renders the view' do + expect(response).to render_template('idv/outage/show') + end + end +end From ec70d3c63ab5cca1e189b627d95e144dcc8e6fd0 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 7 Mar 2023 13:57:24 -0800 Subject: [PATCH 02/33] View for outage page --- app/controllers/idv/outage_controller.rb | 2 +- app/views/idv/outage/show.html.erb | 32 ++++++++++++++++++ config/locales/idv/en.yml | 12 +++++++ spec/views/idv/outage/show.html.erb_spec.rb | 37 +++++++++++++++++++++ 4 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 spec/views/idv/outage/show.html.erb_spec.rb diff --git a/app/controllers/idv/outage_controller.rb b/app/controllers/idv/outage_controller.rb index c857c1f865f..34bcf5fd337 100644 --- a/app/controllers/idv/outage_controller.rb +++ b/app/controllers/idv/outage_controller.rb @@ -13,4 +13,4 @@ def show ) end end -end \ No newline at end of file +end diff --git a/app/views/idv/outage/show.html.erb b/app/views/idv/outage/show.html.erb index e69de29bb2d..0d365729daf 100644 --- a/app/views/idv/outage/show.html.erb +++ b/app/views/idv/outage/show.html.erb @@ -0,0 +1,32 @@ +<% title t('idv.titles.outage') %> + +<%= render AlertIconComponent.new(icon_name: :error, class: 'display-block margin-bottom-4') %> + +<%= render PageHeadingComponent.new.with_content(t('idv.titles.outage')) %> + +

+ <%= t( + @sp ? + 'idv.outage.idv_explanation.with_sp' : + 'idv.outage.idv_explanation.without_sp', + sp: @sp, + ) %> +

+ +

+ <%= t( + 'idv.outage.next_steps_html', + status_page_link: new_window_link_to( + t('idv.outage.status_page_link'), + StatusPage.base_url, + ), + ) %> +

+ +<%= render ButtonComponent.new( + action: ->(**tag_options, &block) do + link_to(@exit_url, **tag_options, &block) + end, + big: true, + wide: true, + ).with_content(t('idv.outage.exit_button', app_name: APP_NAME)) %> diff --git a/config/locales/idv/en.yml b/config/locales/idv/en.yml index bf02a3e1993..ad5576bf4ac 100644 --- a/config/locales/idv/en.yml +++ b/config/locales/idv/en.yml @@ -183,6 +183,17 @@ en: review_message: When you re-enter your password, %{app_name} will protect the information you’ve given us, so that only you can access it. verifying: Verifying… + outage: + exit_button: 'Exit %{app_name}' + idv_explanation: + with_sp: '%{sp} needs to make sure you are you — not someone pretending to be + you.' + without_sp: 'The agency that you are trying to access needs to make sure you are + you — not someone pretending to be you.' + next_steps_html: 'Unfortunately, we are having technical difficulties and cannot + verify your identity at this time. %{status_page_link} or exit Login.gov + and try again later.' + status_page_link: 'Get updates on our status page' review: dob: Date of birth full_name: Full name @@ -195,6 +206,7 @@ en: resend: Want another letter? verify: Want a letter? otp_delivery_method: How should we send a code? + outage: 'We are working to resolve an error' review: Review and submit session: phone: Enter your phone number diff --git a/spec/views/idv/outage/show.html.erb_spec.rb b/spec/views/idv/outage/show.html.erb_spec.rb new file mode 100644 index 00000000000..86a23137344 --- /dev/null +++ b/spec/views/idv/outage/show.html.erb_spec.rb @@ -0,0 +1,37 @@ +require 'rails_helper' + +describe 'idv/outage/show.html.erb' do + let(:exit_url) { '/exit' } + let(:sp) { nil } + + subject(:rendered) { render } + + before do + assign(:exit_url, exit_url) + assign(:sp, sp) + end + + it 'sets a title' do + expect(view).to receive(:title).with(t('idv.titles.outage')) + render + end + it 'has an h1' do + expect(rendered).to have_selector('h1', text: t('idv.titles.outage')) + end + it 'links to the status page in a new window' do + expect(rendered).to have_selector('a[target=_blank]', text: t('idv.outage.status_page_link')) + end + it 'renders an exit button' do + expect(rendered).to have_selector('a', text: t('idv.outage.exit_button', app_name: APP_NAME)) + end + it 'does not render any l13n markers' do + expect(rendered).not_to include('%{') + end + + context 'with sp' do + let(:sp) { 'Department of Ice Cream' } + it 'renders the explanation with the sp name' do + expect(rendered).to include(sp) + end + end +end From 2b68a8bf0b18002378b4ca7a228f27e7c85af76a Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 8 Mar 2023 11:58:52 -0800 Subject: [PATCH 03/33] Wire up exit button --- app/views/idv/outage/show.html.erb | 10 +++++--- spec/views/idv/outage/show.html.erb_spec.rb | 27 ++++++++++++++------- 2 files changed, 25 insertions(+), 12 deletions(-) diff --git a/app/views/idv/outage/show.html.erb b/app/views/idv/outage/show.html.erb index 0d365729daf..592ceeb2e4f 100644 --- a/app/views/idv/outage/show.html.erb +++ b/app/views/idv/outage/show.html.erb @@ -6,10 +6,10 @@

<%= t( - @sp ? + decorated_session.sp_name ? 'idv.outage.idv_explanation.with_sp' : 'idv.outage.idv_explanation.without_sp', - sp: @sp, + sp: decorated_session.sp_name, ) %>

@@ -25,7 +25,11 @@ <%= render ButtonComponent.new( action: ->(**tag_options, &block) do - link_to(@exit_url, **tag_options, &block) + link_to( + return_to_sp_failure_to_proof_path(location: :unavailable), + **tag_options, + &block + ) end, big: true, wide: true, diff --git a/spec/views/idv/outage/show.html.erb_spec.rb b/spec/views/idv/outage/show.html.erb_spec.rb index 86a23137344..c7226728f96 100644 --- a/spec/views/idv/outage/show.html.erb_spec.rb +++ b/spec/views/idv/outage/show.html.erb_spec.rb @@ -1,14 +1,13 @@ require 'rails_helper' describe 'idv/outage/show.html.erb' do - let(:exit_url) { '/exit' } - let(:sp) { nil } - + let(:sp_name) { nil } subject(:rendered) { render } before do - assign(:exit_url, exit_url) - assign(:sp, sp) + allow(view).to receive(:decorated_session).and_return( + instance_double(ServiceProviderSessionDecorator, sp_name: sp_name), + ) end it 'sets a title' do @@ -21,17 +20,27 @@ it 'links to the status page in a new window' do expect(rendered).to have_selector('a[target=_blank]', text: t('idv.outage.status_page_link')) end - it 'renders an exit button' do - expect(rendered).to have_selector('a', text: t('idv.outage.exit_button', app_name: APP_NAME)) + + describe('exit button') do + it 'is rendered' do + expect(rendered).to have_selector('a', text: t('idv.outage.exit_button', app_name: APP_NAME)) + end + it 'links to the right place' do + expect(rendered).to have_link( + t('idv.outage.exit_button', app_name: APP_NAME), + href: return_to_sp_failure_to_proof_path(location: 'unavailable'), + ) + end end + it 'does not render any l13n markers' do expect(rendered).not_to include('%{') end context 'with sp' do - let(:sp) { 'Department of Ice Cream' } + let(:sp_name) { 'Department of Ice Cream' } it 'renders the explanation with the sp name' do - expect(rendered).to include(sp) + expect(rendered).to include(sp_name) end end end From 569f314c4ce7d8aa0f8516d24dd5b6d50bfae84e Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 8 Mar 2023 14:24:19 -0800 Subject: [PATCH 04/33] Add idv_available config && feature Tie feature to vendor availability as well as config. --- config/application.yml.default | 1 + lib/feature_management.rb | 5 ++++ lib/identity_config.rb | 1 + spec/lib/feature_management_spec.rb | 42 +++++++++++++++++++++++++++++ 4 files changed, 49 insertions(+) diff --git a/config/application.yml.default b/config/application.yml.default index c421f959f4a..2c35d5a3e82 100644 --- a/config/application.yml.default +++ b/config/application.yml.default @@ -120,6 +120,7 @@ hide_phone_mfa_signup: false identity_pki_disabled: false identity_pki_local_dev: false idv_attempt_window_in_hours: 6 +idv_available: true idv_contact_url: https://www.example.com idv_contact_phone_number: (844) 555-5555 idv_max_attempts: 5 diff --git a/lib/feature_management.rb b/lib/feature_management.rb index 7763cc92c32..353ec46316b 100644 --- a/lib/feature_management.rb +++ b/lib/feature_management.rb @@ -15,6 +15,11 @@ def self.identity_pki_disabled? !IdentityConfig.store.piv_cac_verify_token_url end + def self.idv_available? + return false if !IdentityConfig.store.idv_available + !VendorStatus.new.any_ial2_vendor_outage? + end + def self.development_and_identity_pki_disabled? # This controls if we try to hop over to identity-pki or just throw up # a screen asking for a Subject or one of a list of error conditions. diff --git a/lib/identity_config.rb b/lib/identity_config.rb index 3b100b9cb70..74325515d9c 100644 --- a/lib/identity_config.rb +++ b/lib/identity_config.rb @@ -199,6 +199,7 @@ def self.build_store(config_map) config.add(:identity_pki_disabled, type: :boolean) config.add(:identity_pki_local_dev, type: :boolean) config.add(:idv_attempt_window_in_hours, type: :integer) + config.add(:idv_available, type: :boolean) config.add(:idv_contact_url, type: :string) config.add(:idv_contact_phone_number, type: :string) config.add(:idv_max_attempts, type: :integer) diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index 2af24ac3a32..fa6ac652c99 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -461,4 +461,46 @@ end end end + + describe '#idv_available?' do + let(:idv_available) { true } + let(:vendor_status_acuant) { :operational } + let(:vendor_status_lexisnexis_instant_verify) { :operational } + let(:vendor_status_lexisnexis_trueid) { :operational } + + before do + allow(IdentityConfig.store).to receive(:idv_available).and_return(idv_available) + allow(IdentityConfig.store).to receive(:vendor_status_acuant).and_return(vendor_status_acuant) + allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_instant_verify). + and_return(vendor_status_lexisnexis_instant_verify) + allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_trueid). + and_return(vendor_status_lexisnexis_trueid) + end + + it 'returns true by default' do + expect(FeatureManagement.idv_available?).to eql(true) + end + + context 'idv has been disabled using config flag' do + let(:idv_available) { false } + it 'returns false' do + expect(FeatureManagement.idv_available?).to eql(false) + end + end + + %w[acuant lexisnexis_instant_verify lexisnexis_trueid].each do |service| + context "#{service} is in :full_outage" do + let("vendor_status_#{service}".to_sym) { :full_outage } + it 'returns false' do + expect(FeatureManagement.idv_available?).to eql(false) + end + end + context "#{service} is in :partial_outage" do + let("vendor_status_#{service}".to_sym) { :partial_outage } + it 'returns false' do + expect(FeatureManagement.idv_available?).to eql(false) + end + end + end + end end From c6e8dd9f39aaa3f4b1c886cce1f89cff7f49dfe0 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Thu, 9 Mar 2023 11:32:44 -0800 Subject: [PATCH 05/33] Return error when IDV is unavailable Return a 503 service unavailable whenever IdV is unavailable. --- app/controllers/application_controller.rb | 1 + .../idv/unavailable_concern.rb} | 14 +++- app/controllers/idv/doc_auth_controller.rb | 12 ---- app/controllers/idv_controller.rb | 6 ++ .../sign_up/registrations_controller.rb | 7 +- app/services/vendor_status.rb | 4 ++ .../show.html.erb => unavailable.html.erb} | 14 ++-- config/locales/idv/en.yml | 24 +++---- config/routes.rb | 20 ++++-- .../concerns/idv/unavailable_concern_spec.rb | 65 +++++++++++++++++++ .../controllers/idv/outage_controller_spec.rb | 29 --------- spec/controllers/idv_controller_spec.rb | 6 ++ spec/features/idv/vendor_outage_spec.rb | 17 +++-- spec/requests/idv_outage_spec.rb | 13 ++++ ....erb_spec.rb => unavailable.html_spec.erb} | 2 +- 15 files changed, 152 insertions(+), 82 deletions(-) rename app/controllers/{idv/outage_controller.rb => concerns/idv/unavailable_concern.rb} (62%) rename app/views/idv/{outage/show.html.erb => unavailable.html.erb} (60%) create mode 100644 spec/controllers/concerns/idv/unavailable_concern_spec.rb delete mode 100644 spec/controllers/idv/outage_controller_spec.rb create mode 100644 spec/requests/idv_outage_spec.rb rename spec/views/idv/{outage/show.html.erb_spec.rb => unavailable.html_spec.erb} (97%) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ec78024eaef..edd57520eac 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,6 +5,7 @@ class ApplicationController < ActionController::Base include LocaleHelper include VerifySpAttributesConcern include EffectiveUser + include Idv::UnavailableConcern # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. diff --git a/app/controllers/idv/outage_controller.rb b/app/controllers/concerns/idv/unavailable_concern.rb similarity index 62% rename from app/controllers/idv/outage_controller.rb rename to app/controllers/concerns/idv/unavailable_concern.rb index 34bcf5fd337..80ed11635a5 100644 --- a/app/controllers/idv/outage_controller.rb +++ b/app/controllers/concerns/idv/unavailable_concern.rb @@ -1,6 +1,14 @@ module Idv - class OutageController < ApplicationController - def show + class UnavailableError < StandardError; end + + module UnavailableConcern + extend ActiveSupport::Concern + + included do + rescue_from Idv::UnavailableError, with: :render_idv_unavailable + end + + def render_idv_unavailable analytics.vendor_outage( vendor_status: { acuant: IdentityConfig.store.vendor_status_acuant, @@ -11,6 +19,8 @@ def show }, redirect_from: nil, ) + + render 'idv/unavailable', status: :service_unavailable end end end diff --git a/app/controllers/idv/doc_auth_controller.rb b/app/controllers/idv/doc_auth_controller.rb index 2861a53eb7f..b7e96c996a2 100644 --- a/app/controllers/idv/doc_auth_controller.rb +++ b/app/controllers/idv/doc_auth_controller.rb @@ -15,10 +15,6 @@ class DocAuthController < ApplicationController before_action :redirect_if_flow_completed before_action :override_document_capture_step_csp before_action :update_if_skipping_upload - # rubocop:disable Rails/LexicallyScopedActionFilter - before_action :check_for_outage, only: :show - # rubocop:enable Rails/LexicallyScopedActionFilter - before_action :override_csp_for_threat_metrix FLOW_STATE_MACHINE_SETTINGS = { @@ -68,13 +64,5 @@ def do_meta_refresh(meta_refresh_count) def flow_session user_session['idv/doc_auth'] end - - def check_for_outage - if VendorStatus.new.any_ial2_vendor_outage? - session[:vendor_outage_redirect] = current_step - session[:vendor_outage_redirect_from_idv] = true - redirect_to vendor_outage_url - end - end end end diff --git a/app/controllers/idv_controller.rb b/app/controllers/idv_controller.rb index 905043cbd51..8be9b61af4e 100644 --- a/app/controllers/idv_controller.rb +++ b/app/controllers/idv_controller.rb @@ -29,6 +29,12 @@ def activated idv_session.clear end + def unavailable + # This action is provided to have a place to route /verify/* paths to when idv is unavailable. + # Actual rendering / logging is handled by Idv::UnavailableConcern. + raise Idv::UnavailableError + end + private def verify_identity diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb index 19204b5c997..69b8692429a 100644 --- a/app/controllers/sign_up/registrations_controller.rb +++ b/app/controllers/sign_up/registrations_controller.rb @@ -7,8 +7,6 @@ class RegistrationsController < ApplicationController before_action :require_no_authentication before_action :redirect_if_ial2_and_vendor_outage - CREATE_ACCOUNT = 'create_account' - def new @register_user_email_form = RegisterUserEmailForm.new( analytics: analytics, @@ -72,10 +70,7 @@ def sp_request_id end def redirect_if_ial2_and_vendor_outage - return unless ial2_requested? && VendorStatus.new.any_ial2_vendor_outage? - - session[:vendor_outage_redirect] = CREATE_ACCOUNT - return redirect_to vendor_outage_url + raise Idv::UnavailableError if ial2_requested? && !FeatureManagement.idv_available? end end end diff --git a/app/services/vendor_status.rb b/app/services/vendor_status.rb index 32af74b2370..b454a26f190 100644 --- a/app/services/vendor_status.rb +++ b/app/services/vendor_status.rb @@ -77,6 +77,10 @@ def outage_message end end + def to_h + {} + end + def track_event(analytics) raise ArgumentError, 'analytics instance required' if analytics.nil? diff --git a/app/views/idv/outage/show.html.erb b/app/views/idv/unavailable.html.erb similarity index 60% rename from app/views/idv/outage/show.html.erb rename to app/views/idv/unavailable.html.erb index 592ceeb2e4f..2b15c96d82a 100644 --- a/app/views/idv/outage/show.html.erb +++ b/app/views/idv/unavailable.html.erb @@ -1,23 +1,23 @@ -<% title t('idv.titles.outage') %> +<% title t('idv.titles.unavailable') %> <%= render AlertIconComponent.new(icon_name: :error, class: 'display-block margin-bottom-4') %> -<%= render PageHeadingComponent.new.with_content(t('idv.titles.outage')) %> +<%= render PageHeadingComponent.new.with_content(t('idv.titles.unavailable')) %>

<%= t( decorated_session.sp_name ? - 'idv.outage.idv_explanation.with_sp' : - 'idv.outage.idv_explanation.without_sp', + 'idv.unavailable.idv_explanation.with_sp' : + 'idv.unavailable.idv_explanation.without_sp', sp: decorated_session.sp_name, ) %>

<%= t( - 'idv.outage.next_steps_html', + 'idv.unavailable.next_steps_html', status_page_link: new_window_link_to( - t('idv.outage.status_page_link'), + t('idv.unavailable.status_page_link'), StatusPage.base_url, ), ) %> @@ -33,4 +33,4 @@ end, big: true, wide: true, - ).with_content(t('idv.outage.exit_button', app_name: APP_NAME)) %> + ).with_content(t('idv.unavailable.exit_button', app_name: APP_NAME)) %> diff --git a/config/locales/idv/en.yml b/config/locales/idv/en.yml index ad5576bf4ac..2ab69d26be6 100644 --- a/config/locales/idv/en.yml +++ b/config/locales/idv/en.yml @@ -183,17 +183,6 @@ en: review_message: When you re-enter your password, %{app_name} will protect the information you’ve given us, so that only you can access it. verifying: Verifying… - outage: - exit_button: 'Exit %{app_name}' - idv_explanation: - with_sp: '%{sp} needs to make sure you are you — not someone pretending to be - you.' - without_sp: 'The agency that you are trying to access needs to make sure you are - you — not someone pretending to be you.' - next_steps_html: 'Unfortunately, we are having technical difficulties and cannot - verify your identity at this time. %{status_page_link} or exit Login.gov - and try again later.' - status_page_link: 'Get updates on our status page' review: dob: Date of birth full_name: Full name @@ -206,11 +195,11 @@ en: resend: Want another letter? verify: Want a letter? otp_delivery_method: How should we send a code? - outage: 'We are working to resolve an error' review: Review and submit session: phone: Enter your phone number review: Re-enter your %{app_name} password to protect your data + unavailable: 'We are working to resolve an error' troubleshooting: headings: missing_required_items: Are you missing one of these items? @@ -227,6 +216,17 @@ en: learn_more_verify_in_person: Learn more about verifying in person supported_documents: See a list of accepted state-issued IDs verify_by_mail: Verify your address by mail instead + unavailable: + exit_button: 'Exit %{app_name}' + idv_explanation: + with_sp: '%{sp} needs to make sure you are you — not someone pretending to be + you.' + without_sp: 'The agency that you are trying to access needs to make sure you are + you — not someone pretending to be you.' + next_steps_html: 'Unfortunately, we are having technical difficulties and cannot + verify your identity at this time. %{status_page_link} or exit Login.gov + and try again later.' + status_page_link: 'Get updates on our status page' welcome: no_js_header: You must enable JavaScript to verify your identity. no_js_intro: '%{sp_name} needs you to verify your identity. You need to enable diff --git a/config/routes.rb b/config/routes.rb index db6dafa1d0e..2627164f2ee 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -62,7 +62,8 @@ put '/users/password' => 'users/reset_passwords#update', as: nil post '/users/password' => 'users/reset_passwords#create', as: nil - get '/account/forget_all_browsers' => 'users/forget_all_browsers#show', as: :forget_all_browsers + get '/account/forget_all_browsers' => 'users/forget_all_browsers#show', + as: :forget_all_browsers delete '/account/forget_all_browsers' => 'users/forget_all_browsers#destroy' get '/account/service_providers/:sp_id/revoke' => 'users/service_provider_revoke#show', @@ -185,7 +186,8 @@ get '/account/reactivate/start' => 'reactivate_account#index', as: :reactivate_account put '/account/reactivate/start' => 'reactivate_account#update' get '/account/reactivate/verify_password' => 'users/verify_password#new', as: :verify_password - put '/account/reactivate/verify_password' => 'users/verify_password#update', as: :update_verify_password + put '/account/reactivate/verify_password' => 'users/verify_password#update', + as: :update_verify_password get '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#new', as: :verify_personal_key post '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#create', @@ -205,7 +207,8 @@ get '/piv_cac' => 'users/piv_cac_authentication_setup#new', as: :setup_piv_cac get '/piv_cac_error' => 'users/piv_cac_authentication_setup#error', as: :setup_piv_cac_error delete '/piv_cac' => 'users/piv_cac_authentication_setup#delete', as: :disable_piv_cac - post '/present_piv_cac' => 'users/piv_cac_authentication_setup#submit_new_piv_cac', as: :submit_new_piv_cac + post '/present_piv_cac' => 'users/piv_cac_authentication_setup#submit_new_piv_cac', + as: :submit_new_piv_cac get '/webauthn_setup' => 'users/webauthn_setup#new', as: :webauthn_setup patch '/webauthn_setup' => 'users/webauthn_setup#confirm' @@ -283,12 +286,14 @@ post '/sign_up/completed' => 'sign_up/completions#update' get '/user_authorization_confirmation' => 'users/authorization_confirmation#new' post '/user_authorization_confirmation' => 'users/authorization_confirmation#create' - match '/user_authorization_confirmation/reset' => 'users/authorization_confirmation#destroy', as: :reset_user_authorization, via: %i[put delete] + match '/user_authorization_confirmation/reset' => 'users/authorization_confirmation#destroy', + as: :reset_user_authorization, via: %i[put delete] get '/sign_up/cancel/' => 'sign_up/cancellations#new', as: :sign_up_cancel delete '/sign_up/cancel' => 'sign_up/cancellations#destroy', as: :sign_up_destroy get '/redirect/return_to_sp/cancel' => 'redirect/return_to_sp#cancel', as: :return_to_sp_cancel - get '/redirect/return_to_sp/failure_to_proof' => 'redirect/return_to_sp#failure_to_proof', as: :return_to_sp_failure_to_proof + get '/redirect/return_to_sp/failure_to_proof' => 'redirect/return_to_sp#failure_to_proof', + as: :return_to_sp_failure_to_proof get '/redirect/help_center' => 'redirect/help_center#show', as: :help_center_redirect get '/redirect/contact/' => 'redirect/contact#show', as: :contact_redirect @@ -299,9 +304,12 @@ scope '/verify', as: 'idv' do get '/' => 'idv#index' get '/activated' => 'idv#activated' + if !FeatureManagement.idv_available? + # IdV has been disabled. + match '/*path' => 'idv#unavailable', via: %i[get post] + end end scope '/verify', module: 'idv', as: 'idv' do - get '/unavailable' => 'outage#show' get '/come_back_later' => 'come_back_later#show' get '/personal_key' => 'personal_key#show' post '/personal_key' => 'personal_key#update' diff --git a/spec/controllers/concerns/idv/unavailable_concern_spec.rb b/spec/controllers/concerns/idv/unavailable_concern_spec.rb new file mode 100644 index 00000000000..03bd7d4b10b --- /dev/null +++ b/spec/controllers/concerns/idv/unavailable_concern_spec.rb @@ -0,0 +1,65 @@ +require 'rails_helper' + +describe Idv::UnavailableConcern, type: :controller do + controller ApplicationController do + include Idv::UnavailableConcern + def index + render_idv_unavailable + end + end + + describe '#check_idv_available' do + let(:idv_available) { true } + let(:required_vendors) { %i[acuant lexisnexis_instant_verify lexisnexis_trueid] } + + before do + allow(IdentityConfig.store).to receive(:idv_available).and_return(idv_available) + end + + it 'does not raise an error by default' do + expect { controller.check_idv_available }.not_to raise_error + end + + context 'IdV has been disabled via config' do + let(:idv_available) { false } + it 'raises an UnavailableError' do + expect { controller.check_idv_available }.to raise_error(Idv::UnavailableError) + end + end + + required_vendors.each do |vendor| + context "#{vendor} has a full outage" do + end + end + end + + describe '#render_idv_unavailable' do + before do + stub_analytics + get :index + end + + it 'returns 503 Service Unavailable status' do + # https://http.cat/503 + expect(response.status).to eql(503) + end + + it 'logs an analytics event' do + expect(@analytics).to have_logged_event( + 'Vendor Outage', + redirect_from: nil, + vendor_status: { + acuant: :operational, + lexisnexis_instant_verify: :operational, + lexisnexis_trueid: :operational, + sms: :operational, + voice: :operational, + }, + ) + end + + it 'renders the view' do + expect(response).to render_template('idv/unavailable') + end + end +end diff --git a/spec/controllers/idv/outage_controller_spec.rb b/spec/controllers/idv/outage_controller_spec.rb deleted file mode 100644 index 55270b55870..00000000000 --- a/spec/controllers/idv/outage_controller_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'rails_helper' - -describe Idv::OutageController do - before do - stub_analytics - end - - describe '#show' do - before do - get :show - end - it 'logs an analytics event' do - expect(@analytics).to have_logged_event( - 'Vendor Outage', - redirect_from: nil, - vendor_status: { - acuant: :operational, - lexisnexis_instant_verify: :operational, - lexisnexis_trueid: :operational, - sms: :operational, - voice: :operational, - }, - ) - end - it 'renders the view' do - expect(response).to render_template('idv/outage/show') - end - end -end diff --git a/spec/controllers/idv_controller_spec.rb b/spec/controllers/idv_controller_spec.rb index d7f379b73a9..22361f50131 100644 --- a/spec/controllers/idv_controller_spec.rb +++ b/spec/controllers/idv_controller_spec.rb @@ -135,4 +135,10 @@ end end end + + describe '#unavailable' do + it 'raises an error' do + expect { get :unavailable }.to raise_error(Idv::UnavailableError) + end + end end diff --git a/spec/features/idv/vendor_outage_spec.rb b/spec/features/idv/vendor_outage_spec.rb index 853fc247011..e38f86e51c7 100644 --- a/spec/features/idv/vendor_outage_spec.rb +++ b/spec/features/idv/vendor_outage_spec.rb @@ -13,6 +13,9 @@ before do allow(IdentityConfig.store).to receive("vendor_status_#{service}".to_sym). and_return(:full_outage) + + # Force route reload to pick up route changes implied by outages + Rails.application.reload_routes! end it 'prevents an existing ial1 user from verifying their identity' do @@ -20,14 +23,14 @@ sign_in_user(user_with_2fa) fill_in_code_with_last_phone_otp click_submit_default - expect(current_path).to eq vendor_outage_path + expect(page).to have_http_status(503) expect(page).to have_content( - t('vendor_outage.blocked.idv.with_sp', service_provider: 'Test SP'), + t('idv.unavailable.idv_explanation.with_sp', sp: 'Test SP'), ) end it 'prevents a user who reset their password from reactivating profile with no personal key', - email: true, js: true do + email: true, js: true, allow_browser_log: true do personal_key_from_pii(user, pii) trigger_reset_password_and_click_email_link(user.email) reset_password(user, new_password) @@ -41,15 +44,15 @@ click_on t('links.account.reactivate.without_key') click_on t('forms.buttons.continue') - expect(current_path).to eq vendor_outage_path - expect(page).to have_content(t('vendor_outage.blocked.idv.without_sp')) + expect(page).to have_content(t('idv.unavailable.idv_explanation.without_sp')) end it 'prevents a user from creating an account' do visit_idp_from_sp_with_ial2(:oidc) click_link t('links.create_account') - expect(current_path).to eq vendor_outage_path - expect(page).to have_content(t('vendor_outage.blocked.idv.generic')) + + expect(page).to have_http_status(503) + expect(page).to have_content(t('idv.unavailable.idv_explanation.with_sp', sp: 'Test SP')) end end end diff --git a/spec/requests/idv_outage_spec.rb b/spec/requests/idv_outage_spec.rb new file mode 100644 index 00000000000..2a69ff2c7dd --- /dev/null +++ b/spec/requests/idv_outage_spec.rb @@ -0,0 +1,13 @@ +require 'rails_helper' + +describe 'IDV Outage', type: :request do + before do + allow(IdentityConfig.store).to receive(:idv_available).and_return(false) + end + describe '/verify' do + it 'redirects to outage notice' do + get '/verify' + expect(response).to redirect_to('/verify/unavailable') + end + end +end diff --git a/spec/views/idv/outage/show.html.erb_spec.rb b/spec/views/idv/unavailable.html_spec.erb similarity index 97% rename from spec/views/idv/outage/show.html.erb_spec.rb rename to spec/views/idv/unavailable.html_spec.erb index c7226728f96..b2017655542 100644 --- a/spec/views/idv/outage/show.html.erb_spec.rb +++ b/spec/views/idv/unavailable.html_spec.erb @@ -1,6 +1,6 @@ require 'rails_helper' -describe 'idv/outage/show.html.erb' do +describe 'idv/unavailable.html.erb' do let(:sp_name) { nil } subject(:rendered) { render } From 2156ac2bfa38b0febee5a9feeef1cb8f8171b681 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Thu, 9 Mar 2023 15:34:38 -0800 Subject: [PATCH 06/33] Update translations --- app/views/idv/unavailable.html.erb | 1 + config/locales/idv/en.yml | 4 ++-- config/locales/idv/es.yml | 13 +++++++++++++ config/locales/idv/fr.yml | 14 ++++++++++++++ 4 files changed, 30 insertions(+), 2 deletions(-) diff --git a/app/views/idv/unavailable.html.erb b/app/views/idv/unavailable.html.erb index 2b15c96d82a..ffa27dfead0 100644 --- a/app/views/idv/unavailable.html.erb +++ b/app/views/idv/unavailable.html.erb @@ -16,6 +16,7 @@

<%= t( 'idv.unavailable.next_steps_html', + app_name: APP_NAME, status_page_link: new_window_link_to( t('idv.unavailable.status_page_link'), StatusPage.base_url, diff --git a/config/locales/idv/en.yml b/config/locales/idv/en.yml index 2ab69d26be6..6c562e1aa5f 100644 --- a/config/locales/idv/en.yml +++ b/config/locales/idv/en.yml @@ -224,8 +224,8 @@ en: without_sp: 'The agency that you are trying to access needs to make sure you are you — not someone pretending to be you.' next_steps_html: 'Unfortunately, we are having technical difficulties and cannot - verify your identity at this time. %{status_page_link} or exit Login.gov - and try again later.' + verify your identity at this time. %{status_page_link} or exit + %{app_name} and try again later.' status_page_link: 'Get updates on our status page' welcome: no_js_header: You must enable JavaScript to verify your identity. diff --git a/config/locales/idv/es.yml b/config/locales/idv/es.yml index 62e927149fa..2b83307873f 100644 --- a/config/locales/idv/es.yml +++ b/config/locales/idv/es.yml @@ -213,6 +213,7 @@ es: session: phone: Introduzca su número de teléfono review: Vuelve a ingresar tu contraseña de %{app_name} para encriptar tus datos + unavailable: Estamos trabajando para resolver un error troubleshooting: headings: missing_required_items: '¿Le falta alguno de estos puntos?' @@ -231,6 +232,18 @@ es: supported_documents: Vea la lista de documentos de identidad emitidos por el estado que son aceptados verify_by_mail: Verifique su dirección por correo + unavailable: + exit_button: 'Salir de %{app_name}' + idv_explanation: + with_sp: '%{sp} necesita asegurarse de que es usted realmente y no alguien que + se hace pasar por usted.' + without_sp: 'La agencia a la que está intentando acceder debe asegurarse de que + usted sea quien dice ser, y no alguien que se hace pasar por usted.' + next_steps_html: 'Lamentablemente, debido a problemas técnicos por nuestra + parte, tal vez no podamos verificar su identidad en estos momentos. + %{status_page_link} o salga de %{app_name} y vuelva a intentarlo más + tarde.' + status_page_link: 'Consulte las actualizaciones en nuestra página de estado' welcome: no_js_header: Debe habilitar JavaScript para verificar su identidad. no_js_intro: '%{sp_name} requiere que usted verifique su identidad. Debe diff --git a/config/locales/idv/fr.yml b/config/locales/idv/fr.yml index a7406a5ff3c..927571b39c8 100644 --- a/config/locales/idv/fr.yml +++ b/config/locales/idv/fr.yml @@ -227,6 +227,7 @@ fr: session: phone: Entrez votre numéro de téléphone review: Entrez à nouveau votre mot de passe %{app_name} pour crypter vos données + unavailable: Nous travaillons à la résolution d’une erreur troubleshooting: headings: missing_required_items: Est-ce qu’il vous manque un de ces éléments? @@ -245,6 +246,19 @@ fr: learn_more_verify_in_person: En savoir plus sur la vérification en personne supported_documents: Voir la liste des pièces d’identité acceptées et délivrées par l’État verify_by_mail: Vérifiez plutôt votre adresse par courrier + unavailable: + exit_button: 'Salir de %{app_name}' + idv_explanation: + with_sp: '%{sp} doit s’assurer que c’est bien vous — et non quelqu’un qui se + fait passer pour vous.' + without_sp: 'L’agence à laquelle vous essayez d’accéder doit s’assurer qu’il + s’agit bien de vous, et non de quelqu’un qui se fait passer pour + vous.' + next_steps_html: 'Malheureusement, nous rencontrons des difficultés techniques + et ne pouvons pas vérifier votre identité pour le moment. + %{status_page_link} ou quittez le site %{app_name} et réessayez plus + tard.' + status_page_link: 'Obtenez des mises à jour sur notre page de statut' welcome: no_js_header: Vous devez activer JavaScript pour vérifier votre identité. no_js_intro: '%{sp_name} a besoin de vous pour vérifier votre identité. Vous From 57b949672f24374ca29665f5d9402e9073040c30 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Thu, 9 Mar 2023 15:40:18 -0800 Subject: [PATCH 07/33] Remove unused spec file --- spec/requests/idv_outage_spec.rb | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 spec/requests/idv_outage_spec.rb diff --git a/spec/requests/idv_outage_spec.rb b/spec/requests/idv_outage_spec.rb deleted file mode 100644 index 2a69ff2c7dd..00000000000 --- a/spec/requests/idv_outage_spec.rb +++ /dev/null @@ -1,13 +0,0 @@ -require 'rails_helper' - -describe 'IDV Outage', type: :request do - before do - allow(IdentityConfig.store).to receive(:idv_available).and_return(false) - end - describe '/verify' do - it 'redirects to outage notice' do - get '/verify' - expect(response).to redirect_to('/verify/unavailable') - end - end -end From a790712fb474a49ef2327cc7411dc84c3c2879fd Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Thu, 9 Mar 2023 15:56:40 -0800 Subject: [PATCH 08/33] Make French be in French:wq --- config/locales/idv/fr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/locales/idv/fr.yml b/config/locales/idv/fr.yml index 927571b39c8..63c75ea465e 100644 --- a/config/locales/idv/fr.yml +++ b/config/locales/idv/fr.yml @@ -247,7 +247,7 @@ fr: supported_documents: Voir la liste des pièces d’identité acceptées et délivrées par l’État verify_by_mail: Vérifiez plutôt votre adresse par courrier unavailable: - exit_button: 'Salir de %{app_name}' + exit_button: 'Quitter %{app_name}' idv_explanation: with_sp: '%{sp} doit s’assurer que c’est bien vous — et non quelqu’un qui se fait passer pour vous.' From 7e8f83d519f4c14abc343c44adcf27bfc5cb59bc Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Thu, 9 Mar 2023 16:17:32 -0800 Subject: [PATCH 09/33] Be less clever in erb The unused i18n detector was getting tripped up by the ternary conditional in here. --- app/views/idv/unavailable.html.erb | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/app/views/idv/unavailable.html.erb b/app/views/idv/unavailable.html.erb index ffa27dfead0..caa259b766f 100644 --- a/app/views/idv/unavailable.html.erb +++ b/app/views/idv/unavailable.html.erb @@ -5,12 +5,11 @@ <%= render PageHeadingComponent.new.with_content(t('idv.titles.unavailable')) %>

- <%= t( - decorated_session.sp_name ? - 'idv.unavailable.idv_explanation.with_sp' : - 'idv.unavailable.idv_explanation.without_sp', - sp: decorated_session.sp_name, - ) %> + <% if decorated_session.sp_name.present? %> + <%= t('idv.unavailable.idv_explanation.with_sp', sp: decorated_session.sp_name) %> + <% else %> + <%= t('idv.unavailable.idv_explanation.without_sp') %> + <% end %>

From 6607faa96c04bcf44e78b29e9c9aec6e8a730498 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 10 Mar 2023 09:35:17 -0800 Subject: [PATCH 10/33] Fix borked rename --- ...tml_spec.erb => unavailable.html.erb_spec.rb} | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) rename spec/views/idv/{unavailable.html_spec.erb => unavailable.html.erb_spec.rb} (70%) diff --git a/spec/views/idv/unavailable.html_spec.erb b/spec/views/idv/unavailable.html.erb_spec.rb similarity index 70% rename from spec/views/idv/unavailable.html_spec.erb rename to spec/views/idv/unavailable.html.erb_spec.rb index b2017655542..b02afcbe5f8 100644 --- a/spec/views/idv/unavailable.html_spec.erb +++ b/spec/views/idv/unavailable.html.erb_spec.rb @@ -11,23 +11,29 @@ end it 'sets a title' do - expect(view).to receive(:title).with(t('idv.titles.outage')) + expect(view).to receive(:title).with(t('idv.titles.unavailable')) render end it 'has an h1' do - expect(rendered).to have_selector('h1', text: t('idv.titles.outage')) + expect(rendered).to have_selector('h1', text: t('idv.titles.unavailable')) end it 'links to the status page in a new window' do - expect(rendered).to have_selector('a[target=_blank]', text: t('idv.outage.status_page_link')) + expect(rendered).to have_selector( + 'a[target=_blank]', + text: t('idv.unavailable.status_page_link'), + ) end describe('exit button') do it 'is rendered' do - expect(rendered).to have_selector('a', text: t('idv.outage.exit_button', app_name: APP_NAME)) + expect(rendered).to have_selector( + 'a', + text: t('idv.unavailable.exit_button', app_name: APP_NAME), + ) end it 'links to the right place' do expect(rendered).to have_link( - t('idv.outage.exit_button', app_name: APP_NAME), + t('idv.unavailable.exit_button', app_name: APP_NAME), href: return_to_sp_failure_to_proof_path(location: 'unavailable'), ) end From 66cbfb05c4e7af270e98ab5e30985429eb26cc19 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 10 Mar 2023 09:37:40 -0800 Subject: [PATCH 11/33] Remove unused tests --- .../concerns/idv/unavailable_concern_spec.rb | 25 ------------------- 1 file changed, 25 deletions(-) diff --git a/spec/controllers/concerns/idv/unavailable_concern_spec.rb b/spec/controllers/concerns/idv/unavailable_concern_spec.rb index 03bd7d4b10b..c1fca049c94 100644 --- a/spec/controllers/concerns/idv/unavailable_concern_spec.rb +++ b/spec/controllers/concerns/idv/unavailable_concern_spec.rb @@ -8,31 +8,6 @@ def index end end - describe '#check_idv_available' do - let(:idv_available) { true } - let(:required_vendors) { %i[acuant lexisnexis_instant_verify lexisnexis_trueid] } - - before do - allow(IdentityConfig.store).to receive(:idv_available).and_return(idv_available) - end - - it 'does not raise an error by default' do - expect { controller.check_idv_available }.not_to raise_error - end - - context 'IdV has been disabled via config' do - let(:idv_available) { false } - it 'raises an UnavailableError' do - expect { controller.check_idv_available }.to raise_error(Idv::UnavailableError) - end - end - - required_vendors.each do |vendor| - context "#{vendor} has a full outage" do - end - end - end - describe '#render_idv_unavailable' do before do stub_analytics From 5dd2ac21c53f71e228160e38fd56c1530d6e19cd Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 10 Mar 2023 09:54:32 -0800 Subject: [PATCH 12/33] Don't rely on route to test IdvController::unavailable There's not really a route to this action by default. --- spec/controllers/idv_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/controllers/idv_controller_spec.rb b/spec/controllers/idv_controller_spec.rb index 22361f50131..9b31e397c56 100644 --- a/spec/controllers/idv_controller_spec.rb +++ b/spec/controllers/idv_controller_spec.rb @@ -138,7 +138,7 @@ describe '#unavailable' do it 'raises an error' do - expect { get :unavailable }.to raise_error(Idv::UnavailableError) + expect { controller.unavailable }.to raise_error(Idv::UnavailableError) end end end From 2bba983de69719bc2d5b6f524242b15704c774b0 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 10 Mar 2023 12:04:16 -0800 Subject: [PATCH 13/33] Revert formatting changes to routes.rb --- config/routes.rb | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/config/routes.rb b/config/routes.rb index 2627164f2ee..f179811bfee 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -62,8 +62,7 @@ put '/users/password' => 'users/reset_passwords#update', as: nil post '/users/password' => 'users/reset_passwords#create', as: nil - get '/account/forget_all_browsers' => 'users/forget_all_browsers#show', - as: :forget_all_browsers + get '/account/forget_all_browsers' => 'users/forget_all_browsers#show', as: :forget_all_browsers delete '/account/forget_all_browsers' => 'users/forget_all_browsers#destroy' get '/account/service_providers/:sp_id/revoke' => 'users/service_provider_revoke#show', @@ -186,8 +185,7 @@ get '/account/reactivate/start' => 'reactivate_account#index', as: :reactivate_account put '/account/reactivate/start' => 'reactivate_account#update' get '/account/reactivate/verify_password' => 'users/verify_password#new', as: :verify_password - put '/account/reactivate/verify_password' => 'users/verify_password#update', - as: :update_verify_password + put '/account/reactivate/verify_password' => 'users/verify_password#update', as: :update_verify_password get '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#new', as: :verify_personal_key post '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#create', @@ -207,8 +205,7 @@ get '/piv_cac' => 'users/piv_cac_authentication_setup#new', as: :setup_piv_cac get '/piv_cac_error' => 'users/piv_cac_authentication_setup#error', as: :setup_piv_cac_error delete '/piv_cac' => 'users/piv_cac_authentication_setup#delete', as: :disable_piv_cac - post '/present_piv_cac' => 'users/piv_cac_authentication_setup#submit_new_piv_cac', - as: :submit_new_piv_cac + post '/present_piv_cac' => 'users/piv_cac_authentication_setup#submit_new_piv_cac', as: :submit_new_piv_cac get '/webauthn_setup' => 'users/webauthn_setup#new', as: :webauthn_setup patch '/webauthn_setup' => 'users/webauthn_setup#confirm' @@ -286,14 +283,12 @@ post '/sign_up/completed' => 'sign_up/completions#update' get '/user_authorization_confirmation' => 'users/authorization_confirmation#new' post '/user_authorization_confirmation' => 'users/authorization_confirmation#create' - match '/user_authorization_confirmation/reset' => 'users/authorization_confirmation#destroy', - as: :reset_user_authorization, via: %i[put delete] + match '/user_authorization_confirmation/reset' => 'users/authorization_confirmation#destroy', as: :reset_user_authorization, via: %i[put delete] get '/sign_up/cancel/' => 'sign_up/cancellations#new', as: :sign_up_cancel delete '/sign_up/cancel' => 'sign_up/cancellations#destroy', as: :sign_up_destroy get '/redirect/return_to_sp/cancel' => 'redirect/return_to_sp#cancel', as: :return_to_sp_cancel - get '/redirect/return_to_sp/failure_to_proof' => 'redirect/return_to_sp#failure_to_proof', - as: :return_to_sp_failure_to_proof + get '/redirect/return_to_sp/failure_to_proof' => 'redirect/return_to_sp#failure_to_proof', as: :return_to_sp_failure_to_proof get '/redirect/help_center' => 'redirect/help_center#show', as: :help_center_redirect get '/redirect/contact/' => 'redirect/contact#show', as: :contact_redirect From f0ecbf4c6bbebec2af494034421c1487c3cadc7f Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 10 Mar 2023 12:15:01 -0800 Subject: [PATCH 14/33] Superstition: reload routes on cleanup to avoid poisoning other tests --- spec/features/idv/vendor_outage_spec.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/spec/features/idv/vendor_outage_spec.rb b/spec/features/idv/vendor_outage_spec.rb index e38f86e51c7..fa7efb1377a 100644 --- a/spec/features/idv/vendor_outage_spec.rb +++ b/spec/features/idv/vendor_outage_spec.rb @@ -8,13 +8,18 @@ let(:new_password) { 'some really awesome new password' } let(:pii) { { ssn: '666-66-1234', dob: '1920-01-01', first_name: 'alice' } } + after(:all) do + # Reload routes now that config changes made in various contexts have been torn down + Rails.application.reload_routes! + end + %w[acuant lexisnexis_instant_verify lexisnexis_trueid].each do |service| context "full outage on #{service}" do before do allow(IdentityConfig.store).to receive("vendor_status_#{service}".to_sym). and_return(:full_outage) - # Force route reload to pick up route changes implied by outages + # Force route reload to pick up route changes implied by above config change Rails.application.reload_routes! end From db215cab6b5ba0b057c2839d69ca6aa40b8f5bea Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 10 Mar 2023 12:16:38 -0800 Subject: [PATCH 15/33] Remove stray to_h method Did not end up implementing this --- app/services/vendor_status.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/app/services/vendor_status.rb b/app/services/vendor_status.rb index b454a26f190..32af74b2370 100644 --- a/app/services/vendor_status.rb +++ b/app/services/vendor_status.rb @@ -77,10 +77,6 @@ def outage_message end end - def to_h - {} - end - def track_event(analytics) raise ArgumentError, 'analytics instance required' if analytics.nil? From 434bf496989c06842bc98982f33d2f8d10c56d92 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Mon, 13 Mar 2023 15:22:47 -0700 Subject: [PATCH 16/33] Don't use `raise` + concern for unavailable error Rather than bolting more functionality onto ApplicationController: - Add a new route at `/errors/idv_unavailable` for non-IdV parts of the app to redirect to - Take over `/verify/*` and show the unavailable message when it is. --- app/controllers/application_controller.rb | 1 - .../unavailable_controller.rb} | 12 ++-------- .../sign_up/registrations_controller.rb | 2 +- config/routes.rb | 23 ++++++++++++------- .../unavailable_controller_spec.rb} | 11 ++------- spec/controllers/idv_controller_spec.rb | 6 ----- .../sign_up/registrations_controller_spec.rb | 11 +++++++++ spec/features/idv/vendor_outage_spec.rb | 1 - 8 files changed, 31 insertions(+), 36 deletions(-) rename app/controllers/{concerns/idv/unavailable_concern.rb => idv/unavailable_controller.rb} (69%) rename spec/controllers/{concerns/idv/unavailable_concern_spec.rb => idv/unavailable_controller_spec.rb} (75%) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index edd57520eac..ec78024eaef 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,7 +5,6 @@ class ApplicationController < ActionController::Base include LocaleHelper include VerifySpAttributesConcern include EffectiveUser - include Idv::UnavailableConcern # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. diff --git a/app/controllers/concerns/idv/unavailable_concern.rb b/app/controllers/idv/unavailable_controller.rb similarity index 69% rename from app/controllers/concerns/idv/unavailable_concern.rb rename to app/controllers/idv/unavailable_controller.rb index 80ed11635a5..8850c99ec6b 100644 --- a/app/controllers/concerns/idv/unavailable_concern.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -1,14 +1,6 @@ module Idv - class UnavailableError < StandardError; end - - module UnavailableConcern - extend ActiveSupport::Concern - - included do - rescue_from Idv::UnavailableError, with: :render_idv_unavailable - end - - def render_idv_unavailable + class UnavailableController < ApplicationController + def index analytics.vendor_outage( vendor_status: { acuant: IdentityConfig.store.vendor_status_acuant, diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb index 69b8692429a..1ae4b55f003 100644 --- a/app/controllers/sign_up/registrations_controller.rb +++ b/app/controllers/sign_up/registrations_controller.rb @@ -70,7 +70,7 @@ def sp_request_id end def redirect_if_ial2_and_vendor_outage - raise Idv::UnavailableError if ial2_requested? && !FeatureManagement.idv_available? + redirect_to idv_unavailable_path if ial2_requested? && !FeatureManagement.idv_available? end end end diff --git a/config/routes.rb b/config/routes.rb index f179811bfee..95662a5274e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -62,7 +62,8 @@ put '/users/password' => 'users/reset_passwords#update', as: nil post '/users/password' => 'users/reset_passwords#create', as: nil - get '/account/forget_all_browsers' => 'users/forget_all_browsers#show', as: :forget_all_browsers + get '/account/forget_all_browsers' => 'users/forget_all_browsers#show', + as: :forget_all_browsers delete '/account/forget_all_browsers' => 'users/forget_all_browsers#destroy' get '/account/service_providers/:sp_id/revoke' => 'users/service_provider_revoke#show', @@ -185,7 +186,8 @@ get '/account/reactivate/start' => 'reactivate_account#index', as: :reactivate_account put '/account/reactivate/start' => 'reactivate_account#update' get '/account/reactivate/verify_password' => 'users/verify_password#new', as: :verify_password - put '/account/reactivate/verify_password' => 'users/verify_password#update', as: :update_verify_password + put '/account/reactivate/verify_password' => 'users/verify_password#update', + as: :update_verify_password get '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#new', as: :verify_personal_key post '/account/reactivate/verify_personal_key' => 'users/verify_personal_key#create', @@ -205,7 +207,8 @@ get '/piv_cac' => 'users/piv_cac_authentication_setup#new', as: :setup_piv_cac get '/piv_cac_error' => 'users/piv_cac_authentication_setup#error', as: :setup_piv_cac_error delete '/piv_cac' => 'users/piv_cac_authentication_setup#delete', as: :disable_piv_cac - post '/present_piv_cac' => 'users/piv_cac_authentication_setup#submit_new_piv_cac', as: :submit_new_piv_cac + post '/present_piv_cac' => 'users/piv_cac_authentication_setup#submit_new_piv_cac', + as: :submit_new_piv_cac get '/webauthn_setup' => 'users/webauthn_setup#new', as: :webauthn_setup patch '/webauthn_setup' => 'users/webauthn_setup#confirm' @@ -283,12 +286,14 @@ post '/sign_up/completed' => 'sign_up/completions#update' get '/user_authorization_confirmation' => 'users/authorization_confirmation#new' post '/user_authorization_confirmation' => 'users/authorization_confirmation#create' - match '/user_authorization_confirmation/reset' => 'users/authorization_confirmation#destroy', as: :reset_user_authorization, via: %i[put delete] + match '/user_authorization_confirmation/reset' => 'users/authorization_confirmation#destroy', + as: :reset_user_authorization, via: %i[put delete] get '/sign_up/cancel/' => 'sign_up/cancellations#new', as: :sign_up_cancel delete '/sign_up/cancel' => 'sign_up/cancellations#destroy', as: :sign_up_destroy get '/redirect/return_to_sp/cancel' => 'redirect/return_to_sp#cancel', as: :return_to_sp_cancel - get '/redirect/return_to_sp/failure_to_proof' => 'redirect/return_to_sp#failure_to_proof', as: :return_to_sp_failure_to_proof + get '/redirect/return_to_sp/failure_to_proof' => 'redirect/return_to_sp#failure_to_proof', + as: :return_to_sp_failure_to_proof get '/redirect/help_center' => 'redirect/help_center#show', as: :help_center_redirect get '/redirect/contact/' => 'redirect/contact#show', as: :contact_redirect @@ -296,15 +301,17 @@ get '/restricted' => 'banned_user#show', as: :banned_user + get '/errors/idv_unavilable' => 'idv/unavailable#index', as: :idv_unavailable + scope '/verify', as: 'idv' do get '/' => 'idv#index' get '/activated' => 'idv#activated' + end + scope '/verify', module: 'idv', as: 'idv' do if !FeatureManagement.idv_available? # IdV has been disabled. - match '/*path' => 'idv#unavailable', via: %i[get post] + match '/*path' => 'unavailable#index', via: %i[get post] end - end - scope '/verify', module: 'idv', as: 'idv' do get '/come_back_later' => 'come_back_later#show' get '/personal_key' => 'personal_key#show' post '/personal_key' => 'personal_key#update' diff --git a/spec/controllers/concerns/idv/unavailable_concern_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb similarity index 75% rename from spec/controllers/concerns/idv/unavailable_concern_spec.rb rename to spec/controllers/idv/unavailable_controller_spec.rb index c1fca049c94..1dc5c53ceee 100644 --- a/spec/controllers/concerns/idv/unavailable_concern_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -1,14 +1,7 @@ require 'rails_helper' -describe Idv::UnavailableConcern, type: :controller do - controller ApplicationController do - include Idv::UnavailableConcern - def index - render_idv_unavailable - end - end - - describe '#render_idv_unavailable' do +describe Idv::UnavailableController, type: :controller do + describe '#index' do before do stub_analytics get :index diff --git a/spec/controllers/idv_controller_spec.rb b/spec/controllers/idv_controller_spec.rb index 9b31e397c56..d7f379b73a9 100644 --- a/spec/controllers/idv_controller_spec.rb +++ b/spec/controllers/idv_controller_spec.rb @@ -135,10 +135,4 @@ end end end - - describe '#unavailable' do - it 'raises an error' do - expect { controller.unavailable }.to raise_error(Idv::UnavailableError) - end - end end diff --git a/spec/controllers/sign_up/registrations_controller_spec.rb b/spec/controllers/sign_up/registrations_controller_spec.rb index 4d9964e8bdc..6abc9bf06a2 100644 --- a/spec/controllers/sign_up/registrations_controller_spec.rb +++ b/spec/controllers/sign_up/registrations_controller_spec.rb @@ -25,6 +25,17 @@ expect { get :new }. to raise_error(Mime::Type::InvalidMimeType) end + + context 'IdV unavailable' do + before do + allow(IdentityConfig.store).to receive(:idv_available).and_return(false) + end + it 'redirects to idv vendor outage page when ial2 requested' do + allow(controller).to receive(:ial2_requested?).and_return(true) + get :new + expect(response).to redirect_to(idv_unavailable_path) + end + end end describe '#create' do diff --git a/spec/features/idv/vendor_outage_spec.rb b/spec/features/idv/vendor_outage_spec.rb index fa7efb1377a..1aa678a1419 100644 --- a/spec/features/idv/vendor_outage_spec.rb +++ b/spec/features/idv/vendor_outage_spec.rb @@ -56,7 +56,6 @@ visit_idp_from_sp_with_ial2(:oidc) click_link t('links.create_account') - expect(page).to have_http_status(503) expect(page).to have_content(t('idv.unavailable.idv_explanation.with_sp', sp: 'Test SP')) end end From 081451eeac0d8c1739d6098f020428672769e943 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 12:16:44 -0700 Subject: [PATCH 17/33] Attempt to redirect user back from outage page When IdV becomes available again, try and send the user back where they were. --- app/controllers/idv/unavailable_controller.rb | 21 +++++++++++++-- config/routes.rb | 4 +-- .../idv/unavailable_controller_spec.rb | 26 +++++++++++++++++-- 3 files changed, 45 insertions(+), 6 deletions(-) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index 8850c99ec6b..bb915dd0960 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -1,6 +1,18 @@ module Idv class UnavailableController < ApplicationController - def index + def show + if FeatureManagement.idv_available? + if from_registration? + return redirect_to sign_up_email_url + else + return redirect_to account_url + end + end + + show_without_redirect + end + + def show_without_redirect analytics.vendor_outage( vendor_status: { acuant: IdentityConfig.store.vendor_status_acuant, @@ -11,8 +23,13 @@ def index }, redirect_from: nil, ) - render 'idv/unavailable', status: :service_unavailable end + + private + + def from_registration? + params[:from] == 'registration' + end end end diff --git a/config/routes.rb b/config/routes.rb index 95662a5274e..89e5738c797 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -301,7 +301,7 @@ get '/restricted' => 'banned_user#show', as: :banned_user - get '/errors/idv_unavilable' => 'idv/unavailable#index', as: :idv_unavailable + get '/errors/idv_unavilable' => 'idv/unavailable#show', as: :idv_unavailable scope '/verify', as: 'idv' do get '/' => 'idv#index' @@ -310,7 +310,7 @@ scope '/verify', module: 'idv', as: 'idv' do if !FeatureManagement.idv_available? # IdV has been disabled. - match '/*path' => 'unavailable#index', via: %i[get post] + match '/*path' => 'unavailable#show_without_redirect', via: %i[get post] end get '/come_back_later' => 'come_back_later#show' get '/personal_key' => 'personal_key#show' diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb index 1dc5c53ceee..7950b72de5d 100644 --- a/spec/controllers/idv/unavailable_controller_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -1,10 +1,16 @@ require 'rails_helper' describe Idv::UnavailableController, type: :controller do - describe '#index' do + let(:idv_available) { false } + + before do + allow(IdentityConfig.store).to receive(:idv_available).and_return(idv_available) + end + + describe '#show' do before do stub_analytics - get :index + get :show end it 'returns 503 Service Unavailable status' do @@ -29,5 +35,21 @@ it 'renders the view' do expect(response).to render_template('idv/unavailable') end + + context 'IdV is enabled' do + let(:idv_available) { true } + + it 'redirects back to account page' do + get :show + expect(response).to redirect_to(account_path) + end + + context 'coming from registration page' do + it 'redirects back to registration' do + get :show, params: { from: 'registration' } + expect(response).to redirect_to(sign_up_email_path) + end + end + end end end From 17974263861106e455c95cb47fb171aa413ba350 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 12:50:51 -0700 Subject: [PATCH 18/33] changelog: User-Facing Improvements, Identity verification, Provide a more helpful and detailed error message when identity verification is unavailable. From bfc19342125dc7c4071489dcf750b50529970e5f Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 14:12:41 -0700 Subject: [PATCH 19/33] Remove from, from_idv from VendorStatus We're not longer using this bit of VendorStatus. --- app/controllers/vendor_outage_controller.rb | 2 -- app/services/analytics_events.rb | 2 -- app/services/vendor_status.rb | 27 +++----------- spec/services/vendor_status_spec.rb | 39 +-------------------- 4 files changed, 5 insertions(+), 65 deletions(-) diff --git a/app/controllers/vendor_outage_controller.rb b/app/controllers/vendor_outage_controller.rb index ab47989c85e..e81874099e3 100644 --- a/app/controllers/vendor_outage_controller.rb +++ b/app/controllers/vendor_outage_controller.rb @@ -2,8 +2,6 @@ class VendorOutageController < ApplicationController def show vendor_status = VendorStatus.new( sp: current_sp, - from: session.delete(:vendor_outage_redirect), - from_idv: session.delete(:vendor_outage_redirect_from_idv), ) @specific_message = vendor_status.outage_message @show_gpo_option = from_idv_phone? && gpo_letter_available? diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index 445d71961fd..39f48246413 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -2905,13 +2905,11 @@ def user_registration_2fa_setup_visit # @param [Hash] vendor_status # Tracks when vendor has outage def vendor_outage( - redirect_from:, vendor_status:, **extra ) track_event( 'Vendor Outage', - redirect_from: redirect_from, vendor_status: vendor_status, **extra, ) diff --git a/app/services/vendor_status.rb b/app/services/vendor_status.rb index 32af74b2370..7fb3bb906b4 100644 --- a/app/services/vendor_status.rb +++ b/app/services/vendor_status.rb @@ -1,9 +1,7 @@ class VendorStatus include ActionView::Helpers::TranslationHelper - def initialize(from: nil, from_idv: nil, sp: nil) - @from = from - @from_idv = from_idv + def initialize(sp: nil) @sp = sp end @@ -49,31 +47,15 @@ def all_phone_vendor_outage? all_vendor_outage?(PHONE_VENDORS) end - def from_idv? - from_idv - end - # Returns an appropriate error message based upon the type of outage or what the user was doing # when they encountered the outage. # # @return [String, nil] the localized message. def outage_message if any_ial2_vendor_outage? - if from_idv? - if sp - t('vendor_outage.blocked.idv.with_sp', service_provider: sp.friendly_name) - else - t('vendor_outage.blocked.idv.without_sp') - end - else - t('vendor_outage.blocked.idv.generic') - end + t('vendor_outage.blocked.idv.generic') elsif any_phone_vendor_outage? - if from_idv? - t('vendor_outage.blocked.phone.idv') - else - t('vendor_outage.blocked.phone.default') - end + t('vendor_outage.blocked.phone.default') end end @@ -88,11 +70,10 @@ def track_event(analytics) sms: IdentityConfig.store.vendor_status_sms, voice: IdentityConfig.store.vendor_status_voice, }, - redirect_from: from, ) end private - attr_reader :from, :from_idv, :sp + attr_reader :sp end diff --git a/spec/services/vendor_status_spec.rb b/spec/services/vendor_status_spec.rb index bd59e003aff..620382a271a 100644 --- a/spec/services/vendor_status_spec.rb +++ b/spec/services/vendor_status_spec.rb @@ -1,11 +1,9 @@ require 'rails_helper' describe VendorStatus do - let(:from) { nil } - let(:from_idv) { nil } let(:sp) { nil } subject(:vendor_status) do - VendorStatus.new(from: from, from_idv: from_idv, sp: sp) + VendorStatus.new(sp: sp) end it 'raises an error if passed an unknown vendor' do @@ -59,32 +57,6 @@ expect(subject.outage_message).to eq I18n.t('vendor_outage.blocked.idv.generic') end end - - context 'user coming from idv flow' do - let(:from) { :welcome } - let(:from_idv) { true } - - context 'no service_provider in session' do - it 'returns the correct message' do - expect(subject.outage_message).to eq( - I18n.t('vendor_outage.blocked.idv.without_sp'), - ) - end - end - - context 'with service_provider in session' do - let(:sp) { create(:service_provider) } - - it 'returns the correct message tailored to the service provider' do - expect(subject.outage_message).to eq( - I18n.t( - 'vendor_outage.blocked.idv.with_sp', - service_provider: sp.friendly_name, - ), - ) - end - end - end end context 'when a non-ial2 vendor has an outage' do @@ -171,14 +143,6 @@ it 'returns default phone outage message' do expect(outage_message).to eq(t('vendor_outage.blocked.phone.default')) end - - context 'from idv' do - let(:from_idv) { true } - - it 'returns idv phone outage message' do - expect(outage_message).to eq(t('vendor_outage.blocked.phone.idv')) - end - end end end @@ -187,7 +151,6 @@ analytics = FakeAnalytics.new expect(analytics).to receive(:track_event).with( 'Vendor Outage', - redirect_from: from, vendor_status: VendorStatus::ALL_VENDORS.index_with do |_vendor| satisfy { |status| IdentityConfig::VENDOR_STATUS_OPTIONS.include?(status) } end, From f0825fe5bb1fcad7083270a382412c1fa3d25b4c Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 14:29:23 -0700 Subject: [PATCH 20/33] Log when we hit IDV unavailable screen from the create account page Keep `redirect_from` analytics param for this case. (503 responses will log with the event `path` set to the currnet location) --- app/controllers/idv/unavailable_controller.rb | 13 +++++--- .../sign_up/registrations_controller.rb | 6 +++- app/services/analytics_events.rb | 4 ++- .../idv/unavailable_controller_spec.rb | 31 ++++++++++++++++--- 4 files changed, 44 insertions(+), 10 deletions(-) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index bb915dd0960..397339e0a2e 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -2,7 +2,7 @@ module Idv class UnavailableController < ApplicationController def show if FeatureManagement.idv_available? - if from_registration? + if from_create_account? return redirect_to sign_up_email_url else return redirect_to account_url @@ -21,15 +21,20 @@ def show_without_redirect sms: IdentityConfig.store.vendor_status_sms, voice: IdentityConfig.store.vendor_status_voice, }, - redirect_from: nil, + redirect_from: from, ) render 'idv/unavailable', status: :service_unavailable end private - def from_registration? - params[:from] == 'registration' + def from + allowed = [SignUp::RegistrationsController::CREATE_ACCOUNT] + params[:from] if params[:from].present? && allowed.include?(params[:from]) + end + + def from_create_account? + from == SignUp::RegistrationsController::CREATE_ACCOUNT end end end diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb index 1ae4b55f003..8104421b7f4 100644 --- a/app/controllers/sign_up/registrations_controller.rb +++ b/app/controllers/sign_up/registrations_controller.rb @@ -7,6 +7,8 @@ class RegistrationsController < ApplicationController before_action :require_no_authentication before_action :redirect_if_ial2_and_vendor_outage + CREATE_ACCOUNT = 'create_account' + def new @register_user_email_form = RegisterUserEmailForm.new( analytics: analytics, @@ -70,7 +72,9 @@ def sp_request_id end def redirect_if_ial2_and_vendor_outage - redirect_to idv_unavailable_path if ial2_requested? && !FeatureManagement.idv_available? + if ial2_requested? && !FeatureManagement.idv_available? + redirect_to idv_unavailable_path(from: CREATE_ACCOUNT) + end end end end diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index 39f48246413..810df9e3f0e 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -2901,15 +2901,17 @@ def user_registration_2fa_setup_visit track_event('User Registration: 2FA Setup visited') end - # @param [String] redirect_from + # @param [String,nil] redirect_from # @param [Hash] vendor_status # Tracks when vendor has outage def vendor_outage( vendor_status:, + redirect_from: nil, **extra ) track_event( 'Vendor Outage', + redirect_from: redirect_from, vendor_status: vendor_status, **extra, ) diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb index 7950b72de5d..cb47ed4eeb2 100644 --- a/spec/controllers/idv/unavailable_controller_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -8,9 +8,10 @@ end describe '#show' do + let(:params) { nil } before do stub_analytics - get :show + get :show, params: params end it 'returns 503 Service Unavailable status' do @@ -36,6 +37,28 @@ expect(response).to render_template('idv/unavailable') end + context 'coming from the create account page' do + let(:params) do + { from: SignUp::RegistrationsController::CREATE_ACCOUNT } + end + it 'logs an analytics event' do + expect(@analytics).to have_logged_event( + 'Vendor Outage', + redirect_from: SignUp::RegistrationsController::CREATE_ACCOUNT, + vendor_status: { + acuant: :operational, + lexisnexis_instant_verify: :operational, + lexisnexis_trueid: :operational, + sms: :operational, + voice: :operational, + }, + ) + end + it 'renders the view' do + expect(response).to render_template('idv/unavailable') + end + end + context 'IdV is enabled' do let(:idv_available) { true } @@ -44,9 +67,9 @@ expect(response).to redirect_to(account_path) end - context 'coming from registration page' do - it 'redirects back to registration' do - get :show, params: { from: 'registration' } + context 'coming from the create account page' do + it 'redirects back to create account' do + get :show, params: { from: SignUp::RegistrationsController::CREATE_ACCOUNT } expect(response).to redirect_to(sign_up_email_path) end end From 5e1a0730c32afad78cc050ff279e3f87404b2433 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 15:59:02 -0700 Subject: [PATCH 21/33] Remove unneeded VendorStatus test --- spec/services/vendor_status_spec.rb | 8 -------- 1 file changed, 8 deletions(-) diff --git a/spec/services/vendor_status_spec.rb b/spec/services/vendor_status_spec.rb index 620382a271a..169684b10a9 100644 --- a/spec/services/vendor_status_spec.rb +++ b/spec/services/vendor_status_spec.rb @@ -49,14 +49,6 @@ it 'correctly reports an ial2 vendor outage' do expect(subject.any_ial2_vendor_outage?).to be end - - context 'user coming from create_account' do - let(:from) { SignUp::RegistrationsController::CREATE_ACCOUNT } - - it 'returns the correct message' do - expect(subject.outage_message).to eq I18n.t('vendor_outage.blocked.idv.generic') - end - end end context 'when a non-ial2 vendor has an outage' do From 0137f4cc2b65d77c1d65e0cc8bd10a5409a727a1 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 15:59:19 -0700 Subject: [PATCH 22/33] Fix #track_event test --- spec/services/vendor_status_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/services/vendor_status_spec.rb b/spec/services/vendor_status_spec.rb index 169684b10a9..681b0847726 100644 --- a/spec/services/vendor_status_spec.rb +++ b/spec/services/vendor_status_spec.rb @@ -143,6 +143,7 @@ analytics = FakeAnalytics.new expect(analytics).to receive(:track_event).with( 'Vendor Outage', + redirect_from: nil, vendor_status: VendorStatus::ALL_VENDORS.index_with do |_vendor| satisfy { |status| IdentityConfig::VENDOR_STATUS_OPTIONS.include?(status) } end, From f18d53fe9dd911e664cd67b9e099aabc9699eeec Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Tue, 14 Mar 2023 16:40:44 -0700 Subject: [PATCH 23/33] Remove unused translations --- config/locales/vendor_outage/en.yml | 10 ---------- config/locales/vendor_outage/es.yml | 13 ------------- config/locales/vendor_outage/fr.yml | 11 ----------- 3 files changed, 34 deletions(-) diff --git a/config/locales/vendor_outage/en.yml b/config/locales/vendor_outage/en.yml index 4fa7ff9debc..d0d7febfcb5 100644 --- a/config/locales/vendor_outage/en.yml +++ b/config/locales/vendor_outage/en.yml @@ -22,18 +22,8 @@ en: idv: generic: We are having technical difficulties on our end and cannot verify your identity at this time. Please try again later. - with_sp: '%{service_provider} needs to make sure you are you — not someone - pretending to be you. Unfortunately, we are having technical - difficulties and cannot verify your identity at this time. Please try - again later.' - without_sp: The agency that you are trying to access needs to make sure you are - you — not someone pretending to be you. Unfortunately, we are having - technical difficulties and cannot verify your identity at this time. - Please try again later. phone: default: We cannot verify phones at this time. Please try again later. - idv: We cannot verify phones at this time. Please try again later or verify your - address by mail instead. get_updates: Get updates get_updates_on_status_page: Get updates on our status page working: We are working to resolve an error diff --git a/config/locales/vendor_outage/es.yml b/config/locales/vendor_outage/es.yml index 094859a4cd5..bdd0f6530ab 100644 --- a/config/locales/vendor_outage/es.yml +++ b/config/locales/vendor_outage/es.yml @@ -28,22 +28,9 @@ es: generic: Debido a problemas técnicos por nuestra parte, no podemos verificar su identidad en estos momentos. Por favor, inténtelo nuevamente más tarde. - with_sp: '%{service_provider} necesita asegurarse de que es usted realmente y no - alguien que se hace pasar por usted. Lamentablemente, debido a - problemas técnicos por nuestra parte, tal vez no podamos verificar su - identidad en estos momentos. Por favor, inténtelo nuevamente más - tarde.' - without_sp: La agencia a la que está intentando acceder debe asegurarse de que - usted sea quien dice ser, y no alguien que se hace pasar por usted. - Lamentablemente, debido a problemas técnicos por nuestra parte, tal - vez no podamos verificar su identidad en estos momentos. Por favor, - inténtelo nuevamente más tarde. phone: default: No podemos verificar teléfonos en estos momentos. Por favor, inténtelo nuevamente más tarde. - idv: No podemos verificar teléfonos en estos momentos. Por favor, inténtelo - nuevamente más tarde o, en lugar de ello, verifique su dirección por - correo. get_updates: Obtenga actualizaciones get_updates_on_status_page: Reciba actualizaciones en nuestra página de estado working: Estamos trabajando para corregir un error diff --git a/config/locales/vendor_outage/fr.yml b/config/locales/vendor_outage/fr.yml index 83b80e5cd91..ade32517d24 100644 --- a/config/locales/vendor_outage/fr.yml +++ b/config/locales/vendor_outage/fr.yml @@ -26,20 +26,9 @@ fr: idv: generic: Nous rencontrons des difficultés techniques et ne pouvons pas vérifier votre identité pour le moment. Veuillez réessayer plus tard. - with_sp: '%{service_provider} doit s’assurer que c’est bien vous — et non - quelqu’un qui se fait passer pour vous. Malheureusement, nous - rencontrons des difficultés techniques et ne pouvons pas vérifier - votre identité pour le moment. Veuillez réessayer plus tard.' - without_sp: L’agence à laquelle vous essayez d’accéder doit s’assurer qu’il - s’agit bien de vous, et non de quelqu’un qui se fait passer pour vous. - Malheureusement, nous rencontrons des difficultés techniques et ne - pouvons pas vérifier votre identité pour le moment. Veuillez réessayer - plus tard. phone: default: Nous ne pouvons pas vérifier les téléphones pour le moment. Veuillez réessayer plus tard. - idv: Nous ne pouvons pas vérifier les téléphones pour le moment. Veuillez - réessayer plus tard ou vérifier votre adresse par la poste. get_updates: Obtenir des mises à jour get_updates_on_status_page: Obtenez des mises à jour sur notre page de statut working: Nous travaillons à la résolution d’une erreur From ac1b7c5dfa3ab95cbf2d0ab89f89dd28964b9431 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 10:45:29 -0700 Subject: [PATCH 24/33] Clean up unavailable actions / views / etc. Use `show` for the action that shows the error, and move view to the more conventional `idv/unavailable/show.html.erb`. --- app/controllers/idv/unavailable_controller.rb | 6 +++--- .../idv/{unavailable.html.erb => unavailable/show.html.erb} | 0 config/routes.rb | 4 ++-- .../show.html.erb_spec.rb} | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) rename app/views/idv/{unavailable.html.erb => unavailable/show.html.erb} (100%) rename spec/views/idv/{unavailable.html.erb_spec.rb => unavailable/show.html.erb_spec.rb} (96%) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index 397339e0a2e..0d7b8646441 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -1,6 +1,6 @@ module Idv class UnavailableController < ApplicationController - def show + def attempt_redirect if FeatureManagement.idv_available? if from_create_account? return redirect_to sign_up_email_url @@ -9,10 +9,10 @@ def show end end - show_without_redirect + show end - def show_without_redirect + def show analytics.vendor_outage( vendor_status: { acuant: IdentityConfig.store.vendor_status_acuant, diff --git a/app/views/idv/unavailable.html.erb b/app/views/idv/unavailable/show.html.erb similarity index 100% rename from app/views/idv/unavailable.html.erb rename to app/views/idv/unavailable/show.html.erb diff --git a/config/routes.rb b/config/routes.rb index 89e5738c797..04b6bfa952f 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -301,7 +301,7 @@ get '/restricted' => 'banned_user#show', as: :banned_user - get '/errors/idv_unavilable' => 'idv/unavailable#show', as: :idv_unavailable + get '/errors/idv_unavilable' => 'idv/unavailable#attempt_redirect', as: :idv_unavailable scope '/verify', as: 'idv' do get '/' => 'idv#index' @@ -310,7 +310,7 @@ scope '/verify', module: 'idv', as: 'idv' do if !FeatureManagement.idv_available? # IdV has been disabled. - match '/*path' => 'unavailable#show_without_redirect', via: %i[get post] + match '/*path' => 'unavailable#show', via: %i[get post] end get '/come_back_later' => 'come_back_later#show' get '/personal_key' => 'personal_key#show' diff --git a/spec/views/idv/unavailable.html.erb_spec.rb b/spec/views/idv/unavailable/show.html.erb_spec.rb similarity index 96% rename from spec/views/idv/unavailable.html.erb_spec.rb rename to spec/views/idv/unavailable/show.html.erb_spec.rb index b02afcbe5f8..502a5e2f796 100644 --- a/spec/views/idv/unavailable.html.erb_spec.rb +++ b/spec/views/idv/unavailable/show.html.erb_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -describe 'idv/unavailable.html.erb' do +describe 'idv/unavailable/show.html.erb' do let(:sp_name) { nil } subject(:rendered) { render } From ac4f9fc32271a8ebc095272e783831039538886f Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 10:48:57 -0700 Subject: [PATCH 25/33] Hoist constant up to class level --- app/controllers/idv/unavailable_controller.rb | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index 0d7b8646441..7018cc3d944 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -1,5 +1,7 @@ module Idv class UnavailableController < ApplicationController + ALLOWED_FROM_LOCATIONS = [SignUp::RegistrationsController::CREATE_ACCOUNT] + def attempt_redirect if FeatureManagement.idv_available? if from_create_account? @@ -23,14 +25,14 @@ def show }, redirect_from: from, ) - render 'idv/unavailable', status: :service_unavailable + + render 'idv/unavailable/show', status: :service_unavailable end private def from - allowed = [SignUp::RegistrationsController::CREATE_ACCOUNT] - params[:from] if params[:from].present? && allowed.include?(params[:from]) + params[:from] if ALLOWED_FROM_LOCATIONS.include?(params[:from]) end def from_create_account? From 98f82b6c6f3c8b09c7707e120d4ad1d25a76154c Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 10:50:18 -0700 Subject: [PATCH 26/33] Remove unused action on IdvController --- app/controllers/idv_controller.rb | 6 ------ 1 file changed, 6 deletions(-) diff --git a/app/controllers/idv_controller.rb b/app/controllers/idv_controller.rb index 8be9b61af4e..905043cbd51 100644 --- a/app/controllers/idv_controller.rb +++ b/app/controllers/idv_controller.rb @@ -29,12 +29,6 @@ def activated idv_session.clear end - def unavailable - # This action is provided to have a place to route /verify/* paths to when idv is unavailable. - # Actual rendering / logging is handled by Idv::UnavailableConcern. - raise Idv::UnavailableError - end - private def verify_identity From 4b39a0a85629947aadcbff92151d1c8371aee8b3 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 11:02:12 -0700 Subject: [PATCH 27/33] Fixup: unavailable view --- spec/controllers/idv/unavailable_controller_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb index cb47ed4eeb2..9194ada9a61 100644 --- a/spec/controllers/idv/unavailable_controller_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -34,7 +34,7 @@ end it 'renders the view' do - expect(response).to render_template('idv/unavailable') + expect(response).to render_template('idv/unavailable/show') end context 'coming from the create account page' do @@ -55,7 +55,7 @@ ) end it 'renders the view' do - expect(response).to render_template('idv/unavailable') + expect(response).to render_template('idv/unavailable/show') end end From e116e8ee3b0be67a2a00ad7e1babc883a094da52 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 11:14:48 -0700 Subject: [PATCH 28/33] Don't use separate actions for idv unavailable message For both use cases (fixed path at /errors/idv_unavailable AND catchall for /verify/* when idv is down), just use the "show" action. Also, only return 503 Service Unavailable if idv is actually unavailable. --- app/controllers/idv/unavailable_controller.rb | 15 ++++----------- config/routes.rb | 2 +- .../idv/unavailable_controller_spec.rb | 16 ++++++++++++---- .../sign_up/registrations_controller_spec.rb | 4 +++- 4 files changed, 20 insertions(+), 17 deletions(-) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index 7018cc3d944..443e806d555 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -2,19 +2,12 @@ module Idv class UnavailableController < ApplicationController ALLOWED_FROM_LOCATIONS = [SignUp::RegistrationsController::CREATE_ACCOUNT] - def attempt_redirect + def show if FeatureManagement.idv_available? - if from_create_account? - return redirect_to sign_up_email_url - else - return redirect_to account_url - end + redirect_to sign_up_email_url if from_create_account? + return end - show - end - - def show analytics.vendor_outage( vendor_status: { acuant: IdentityConfig.store.vendor_status_acuant, @@ -26,7 +19,7 @@ def show redirect_from: from, ) - render 'idv/unavailable/show', status: :service_unavailable + render status: :service_unavailable end private diff --git a/config/routes.rb b/config/routes.rb index 04b6bfa952f..fc4973e2625 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -301,7 +301,7 @@ get '/restricted' => 'banned_user#show', as: :banned_user - get '/errors/idv_unavilable' => 'idv/unavailable#attempt_redirect', as: :idv_unavailable + get '/errors/idv_unavilable' => 'idv/unavailable#show', as: :idv_unavailable scope '/verify', as: 'idv' do get '/' => 'idv#index' diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb index 9194ada9a61..2d0c365ea95 100644 --- a/spec/controllers/idv/unavailable_controller_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -9,6 +9,7 @@ describe '#show' do let(:params) { nil } + before do stub_analytics get :show, params: params @@ -62,14 +63,21 @@ context 'IdV is enabled' do let(:idv_available) { true } - it 'redirects back to account page' do - get :show - expect(response).to redirect_to(account_path) + it 'renders the view' do + expect(response).to render_template('idv/unavailable/show') + end + + it 'returns a 200' do + expect(response.status).to eql(200) + end + + it 'does not log an analytics event' do + expect(@analytics).not_to have_logged_event('Vendor Outage') end context 'coming from the create account page' do + let(:params) { { from: SignUp::RegistrationsController::CREATE_ACCOUNT } } it 'redirects back to create account' do - get :show, params: { from: SignUp::RegistrationsController::CREATE_ACCOUNT } expect(response).to redirect_to(sign_up_email_path) end end diff --git a/spec/controllers/sign_up/registrations_controller_spec.rb b/spec/controllers/sign_up/registrations_controller_spec.rb index 6abc9bf06a2..6f3511ad465 100644 --- a/spec/controllers/sign_up/registrations_controller_spec.rb +++ b/spec/controllers/sign_up/registrations_controller_spec.rb @@ -33,7 +33,9 @@ it 'redirects to idv vendor outage page when ial2 requested' do allow(controller).to receive(:ial2_requested?).and_return(true) get :new - expect(response).to redirect_to(idv_unavailable_path) + expect(response).to redirect_to( + idv_unavailable_path(from: SignUp::RegistrationsController::CREATE_ACCOUNT), + ) end end end From 6aa9f06e6a905eb83f5d41b5e50facd114461761 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 11:25:18 -0700 Subject: [PATCH 29/33] Spell "unavailable" correctly --- config/routes.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/routes.rb b/config/routes.rb index fc4973e2625..a1fc84cfbe2 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -301,7 +301,7 @@ get '/restricted' => 'banned_user#show', as: :banned_user - get '/errors/idv_unavilable' => 'idv/unavailable#show', as: :idv_unavailable + get '/errors/idv_unavailable' => 'idv/unavailable#show', as: :idv_unavailable scope '/verify', as: 'idv' do get '/' => 'idv#index' From 7689c7a88ccd939fc51c7c913a10dce46aafc948 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 11:52:19 -0700 Subject: [PATCH 30/33] Use StatusPageComponent for IdV unavailable message --- app/views/idv/unavailable/show.html.erb | 62 +++++++++++++------------ 1 file changed, 32 insertions(+), 30 deletions(-) diff --git a/app/views/idv/unavailable/show.html.erb b/app/views/idv/unavailable/show.html.erb index caa259b766f..a1d2cf21210 100644 --- a/app/views/idv/unavailable/show.html.erb +++ b/app/views/idv/unavailable/show.html.erb @@ -1,36 +1,38 @@ <% title t('idv.titles.unavailable') %> -<%= render AlertIconComponent.new(icon_name: :error, class: 'display-block margin-bottom-4') %> +<%= render StatusPageComponent.new(status: :error) do |c| %> -<%= render PageHeadingComponent.new.with_content(t('idv.titles.unavailable')) %> + <% c.header { t('idv.titles.unavailable') } %> -

- <% if decorated_session.sp_name.present? %> - <%= t('idv.unavailable.idv_explanation.with_sp', sp: decorated_session.sp_name) %> - <% else %> - <%= t('idv.unavailable.idv_explanation.without_sp') %> - <% end %> -

+

+ <% if decorated_session.sp_name.present? %> + <%= t('idv.unavailable.idv_explanation.with_sp', sp: decorated_session.sp_name) %> + <% else %> + <%= t('idv.unavailable.idv_explanation.without_sp') %> + <% end %> +

-

- <%= t( - 'idv.unavailable.next_steps_html', - app_name: APP_NAME, - status_page_link: new_window_link_to( - t('idv.unavailable.status_page_link'), - StatusPage.base_url, - ), - ) %> -

+

+ <%= t( + 'idv.unavailable.next_steps_html', + app_name: APP_NAME, + status_page_link: new_window_link_to( + t('idv.unavailable.status_page_link'), + StatusPage.base_url, + ), + ) %> +

-<%= render ButtonComponent.new( - action: ->(**tag_options, &block) do - link_to( - return_to_sp_failure_to_proof_path(location: :unavailable), - **tag_options, - &block - ) - end, - big: true, - wide: true, - ).with_content(t('idv.unavailable.exit_button', app_name: APP_NAME)) %> + <% c.action_button( + action: ->(**tag_options, &block) do + link_to( + return_to_sp_failure_to_proof_path(location: :unavailable), + **tag_options, + &block + ) + end, + big: true, + wide: true, + ).with_content(t('idv.unavailable.exit_button', app_name: APP_NAME)) %> + +<% end %> From 82fb5d5a4e5ab807676cda933e78b50e87abd478 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Wed, 15 Mar 2023 14:04:08 -0700 Subject: [PATCH 31/33] Return 200 OK from unavailable error page 5XX errors will trigger nuisance alerts in monitoring tools. An error message that we have purposefully put in place should be regarded as "OK". --- app/controllers/idv/unavailable_controller.rb | 2 -- spec/controllers/idv/unavailable_controller_spec.rb | 6 +++--- spec/features/idv/vendor_outage_spec.rb | 2 +- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index 443e806d555..5fc4a9c7382 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -18,8 +18,6 @@ def show }, redirect_from: from, ) - - render status: :service_unavailable end private diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb index 2d0c365ea95..7ccee6b2570 100644 --- a/spec/controllers/idv/unavailable_controller_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -15,9 +15,9 @@ get :show, params: params end - it 'returns 503 Service Unavailable status' do - # https://http.cat/503 - expect(response.status).to eql(503) + it 'returns 200 OK' do + # https://http.cat/200 + expect(response.status).to eql(200) end it 'logs an analytics event' do diff --git a/spec/features/idv/vendor_outage_spec.rb b/spec/features/idv/vendor_outage_spec.rb index 1aa678a1419..b8c71edb734 100644 --- a/spec/features/idv/vendor_outage_spec.rb +++ b/spec/features/idv/vendor_outage_spec.rb @@ -28,7 +28,7 @@ sign_in_user(user_with_2fa) fill_in_code_with_last_phone_otp click_submit_default - expect(page).to have_http_status(503) + expect(page).to have_http_status(200) expect(page).to have_content( t('idv.unavailable.idv_explanation.with_sp', sp: 'Test SP'), ) From 3e23672cebbb38c2fcf85b1671b68395fbdd8e09 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Fri, 17 Mar 2023 09:35:18 -0700 Subject: [PATCH 32/33] Refactor redirect in UnavailableController out to before_action --- app/controllers/idv/unavailable_controller.rb | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/app/controllers/idv/unavailable_controller.rb b/app/controllers/idv/unavailable_controller.rb index 5fc4a9c7382..79ffe2bf1e4 100644 --- a/app/controllers/idv/unavailable_controller.rb +++ b/app/controllers/idv/unavailable_controller.rb @@ -2,12 +2,9 @@ module Idv class UnavailableController < ApplicationController ALLOWED_FROM_LOCATIONS = [SignUp::RegistrationsController::CREATE_ACCOUNT] - def show - if FeatureManagement.idv_available? - redirect_to sign_up_email_url if from_create_account? - return - end + before_action :redirect_if_idv_available_and_from_create_account + def show analytics.vendor_outage( vendor_status: { acuant: IdentityConfig.store.vendor_status_acuant, @@ -29,5 +26,9 @@ def from def from_create_account? from == SignUp::RegistrationsController::CREATE_ACCOUNT end + + def redirect_if_idv_available_and_from_create_account + redirect_to sign_up_email_url if FeatureManagement.idv_available? && from_create_account? + end end end From ec9d077f79e3799a72ea16bb961738cf6ce56e01 Mon Sep 17 00:00:00 2001 From: Matt Hinz Date: Mon, 20 Mar 2023 11:23:44 -0700 Subject: [PATCH 33/33] Remove irrelevant test This was leftover from an earlier version of this PR. --- spec/controllers/idv/unavailable_controller_spec.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb index 7ccee6b2570..2fd3442f60b 100644 --- a/spec/controllers/idv/unavailable_controller_spec.rb +++ b/spec/controllers/idv/unavailable_controller_spec.rb @@ -71,10 +71,6 @@ expect(response.status).to eql(200) end - it 'does not log an analytics event' do - expect(@analytics).not_to have_logged_event('Vendor Outage') - end - context 'coming from the create account page' do let(:params) { { from: SignUp::RegistrationsController::CREATE_ACCOUNT } } it 'redirects back to create account' do