18F · soniaconnolly · Mar 31, 2023 · Mar 28, 2023 · Mar 28, 2023 · Mar 28, 2023
diff --git a/app/controllers/concerns/idv_step_concern.rb b/app/controllers/concerns/idv_step_concern.rb
@@ -12,8 +12,15 @@ def confirm_document_capture_complete
     @pii = flow_session&.[]('pii_from_doc') # hash with indifferent access
     return if @pii.present?
 
-    flow_session&.delete('Idv::Steps::DocumentCaptureStep')
-    redirect_to idv_doc_auth_url
+    flow_path = flow_session&.[](:flow_path)
+
+    if IdentityConfig.store.doc_auth_document_capture_controller_enabled &&
+       flow_path == 'standard'
+      redirect_to idv_document_capture_url
+    else
+      flow_session&.delete('Idv::Steps::DocumentCaptureStep')
+      redirect_to idv_doc_auth_url
+    end
   end
 
   def confirm_verify_info_step_complete

diff --git a/app/controllers/idv/address_controller.rb b/app/controllers/idv/address_controller.rb
@@ -27,7 +27,15 @@ def update
     def confirm_document_capture_complete
       @pii = user_session.dig('idv/doc_auth', 'pii_from_doc')
       return if @pii.present?
-      redirect_to idv_doc_auth_url
+
+      flow_path = user_session.dig('idv/doc_auth', :flow_path)
+
+      if IdentityConfig.store.doc_auth_document_capture_controller_enabled &&
+         flow_path == 'standard'
+        redirect_to idv_document_capture_url
+      else
+        redirect_to idv_doc_auth_url
+      end
     end
 
     def idv_form

diff --git a/app/controllers/idv/document_capture_controller.rb b/app/controllers/idv/document_capture_controller.rb
@@ -7,7 +7,8 @@ class DocumentCaptureController < ApplicationController
 
     before_action :render_404_if_document_capture_controller_disabled
     before_action :confirm_two_factor_authenticated
-    before_action :confirm_agreement_step_complete
+    before_action :confirm_upload_step_complete
+    before_action :confirm_document_capture_needed
     before_action :override_document_capture_step_csp
 
     def show
@@ -61,16 +62,23 @@ def render_404_if_document_capture_controller_disabled
       render_not_found unless IdentityConfig.store.doc_auth_document_capture_controller_enabled
     end
 
-    def confirm_agreement_step_complete
-      return if flow_session['Idv::Steps::AgreementStep']
+    def confirm_upload_step_complete
+      return if flow_session['Idv::Steps::UploadStep']
 
       redirect_to idv_doc_auth_url
     end
 
+    def confirm_document_capture_needed
+      pii = flow_session&.[]('pii_from_doc') # hash with indifferent access
+      return if pii.blank? && !idv_session.verify_info_step_complete?
+
+      redirect_to idv_ssn_url
+    end
+
     def analytics_arguments
       {
         flow_path: flow_path,
-        step: 'document capture',
+        step: 'document_capture',
         step_count: current_flow_step_counts['Idv::Steps::DocumentCaptureStep'],
         analytics_id: 'Doc Auth',
         irs_reproofing: irs_reproofing?,

diff --git a/app/services/idv/steps/upload_step.rb b/app/services/idv/steps/upload_step.rb
@@ -100,6 +100,10 @@ def send_user_to_email_sent_step
       def bypass_send_link_steps
         mark_step_complete(:link_sent)
         mark_step_complete(:email_sent)
+        if IdentityConfig.store.doc_auth_document_capture_controller_enabled
+          flow_session[:flow_path] = @flow.flow_path
+          redirect_to idv_document_capture_url
+        end
         form_response(destination: :document_capture)
       end
 

diff --git a/spec/controllers/idv/document_capture_controller_spec.rb b/spec/controllers/idv/document_capture_controller_spec.rb
@@ -5,10 +5,9 @@
 
   let(:flow_session) do
     { 'document_capture_session_uuid' => 'fd14e181-6fb1-4cdc-92e0-ef66dad0df4e',
-      'pii_from_doc' => Idp::Constants::MOCK_IDV_APPLICANT.dup,
       :threatmetrix_session_id => 'c90ae7a5-6629-4e77-b97c-f1987c2df7d0',
       :flow_path => 'standard',
-      'Idv::Steps::AgreementStep' => true }
+      'Idv::Steps::UploadStep' => true }
   end
 
   let(:user) { create(:user) }
@@ -43,10 +42,10 @@
       )
     end
 
-    it 'checks that agreement step is complete' do
+    it 'checks that upload step is complete' do
       expect(subject).to have_actions(
         :before,
-        :confirm_agreement_step_complete,
+        :confirm_upload_step_complete,
       )
     end
   end
@@ -67,7 +66,7 @@
           analytics_id: 'Doc Auth',
           flow_path: 'standard',
           irs_reproofing: false,
-          step: 'document capture',
+          step: 'document_capture',
           step_count: 1,
         }
       end
@@ -100,15 +99,24 @@
         )
       end
 
-      context 'agreement step is not complete' do
+      context 'upload step is not complete' do
         it 'redirects to idv_doc_auth_url' do
-          flow_session['Idv::Steps::AgreementStep'] = nil
+          flow_session['Idv::Steps::UploadStep'] = nil
 
           get :show
 
           expect(response).to redirect_to(idv_doc_auth_url)
         end
       end
+
+      context 'with pii in session' do
+        it 'redirects to ssn step' do
+          flow_session['pii_from_doc'] = Idp::Constants::MOCK_IDV_APPLICANT
+          get :show
+
+          expect(response).to redirect_to(idv_ssn_url)
+        end
+      end
     end
 
     describe '#update' do
@@ -118,7 +126,7 @@
           analytics_id: 'Doc Auth',
           flow_path: 'standard',
           irs_reproofing: false,
-          step: 'document capture',
+          step: 'document_capture',
           step_count: 1,
         }
       end

diff --git a/spec/controllers/idv/ssn_controller_spec.rb b/spec/controllers/idv/ssn_controller_spec.rb
@@ -194,7 +194,32 @@
         put :update
         expect(flow_session['Idv::Steps::DocumentCaptureStep']).to eq nil
         expect(response.status).to eq 302
+        expect(response).to redirect_to idv_doc_auth_url
       end
     end
   end
+
+  describe 'doc_auth_document_capture_controller_enabled flag is true' do
+    before do
+      allow(IdentityConfig.store).to receive(:doc_auth_document_capture_controller_enabled).
+        and_return(true)
+    end
+
+    it 'redirects to document_capture_controller when pii_from_doc is not present' do
+      flow_session.delete('pii_from_doc')
+      flow_session['Idv::Steps::DocumentCaptureStep'] = true
+      put :update
+      expect(response.status).to eq 302
+      expect(response).to redirect_to idv_document_capture_url
+    end
+
+    it 'in hybrid flow it does not redirect to document_capture_controller' do
+      flow_session.delete('pii_from_doc')
+      flow_session['Idv::Steps::DocumentCaptureStep'] = true
+      flow_session[:flow_path] = 'hybrid'
+      put :update
+      expect(response.status).to eq 302
+      expect(response).to redirect_to idv_doc_auth_url
+    end
+  end
 end
diff --git a/spec/features/idv/doc_auth/address_step_spec.rb b/spec/features/idv/doc_auth/address_step_spec.rb
@@ -60,4 +60,24 @@
       expect(page).to have_current_path(idv_verify_info_path)
     end
   end
+
+  context 'with document capture controller flag set, no PII in session' do
+    before do
+      allow(IdentityConfig.store).to receive(:doc_auth_document_capture_controller_enabled).
+        and_return(true)
+      sign_in_and_2fa_user
+    end
+
+    it 'goes to new document capture page on standard flow' do
+      complete_doc_auth_steps_before_document_capture_step
+      visit(idv_address_url)
+      expect(page).to have_current_path(idv_document_capture_url)
+    end
+
+    it 'stays in FSM on hybrid flow' do
+      complete_doc_auth_steps_before_link_sent_step
+      visit(idv_address_url)
+      expect(page).to have_current_path(idv_doc_auth_link_sent_step)
+    end
+  end
 end