18F · jc-gsa · Jun 5, 2023 · May 30, 2023 · May 31, 2023 · Jun 2, 2023
diff --git a/app/components/password_confirmation_component.html.erb b/app/components/password_confirmation_component.html.erb
@@ -43,6 +43,4 @@
   >
     <%= t('components.password_confirmation.toggle_label') %>
   </label>
-
-  <%= form.hidden_field :confirmation_enabled, value: true %>
 <% end %>
diff --git a/app/controllers/sign_up/passwords_controller.rb b/app/controllers/sign_up/passwords_controller.rb
@@ -50,8 +50,7 @@ def track_analytics(result)
 
     def permitted_params
       params.require(:password_form).permit(
-        :confirmation_token, :password, :password_confirmation,
-        :confirmation_enabled
+        :confirmation_token, :password, :password_confirmation
       )
     end
 

diff --git a/app/forms/password_form.rb b/app/forms/password_form.rb
@@ -11,7 +11,6 @@ def submit(params)
     @password = params[:password]
     @password_confirmation = params[:password_confirmation]
     @request_id = params.fetch(:request_id, '')
-    @confirmation_enabled = params[:confirmation_enabled].presence
 
     FormResponse.new(success: valid?, errors: errors, extra: extra_analytics_attributes)
   end

diff --git a/app/validators/form_password_validator.rb b/app/validators/form_password_validator.rb
@@ -2,7 +2,7 @@ module FormPasswordValidator
   extend ActiveSupport::Concern
 
   included do
-    attr_accessor :password, :password_confirmation, :validate_confirmation, :confirmation_enabled
+    attr_accessor :password, :password_confirmation, :validate_confirmation
     attr_reader :user
 
     validates :password,
@@ -11,7 +11,7 @@ module FormPasswordValidator
     validates :password_confirmation,
               presence: true,
               length: { in: Devise.password_length },
-              if: -> { confirmation_enabled && validate_confirmation }
+              if: -> { validate_confirmation }
 
     validate :password_graphemes_length, :strong_password, :not_pwned, :passwords_match
   end
@@ -54,7 +54,7 @@ def not_pwned
   end
 
   def passwords_match
-    return unless confirmation_enabled && validate_confirmation
+    return unless validate_confirmation
 
     if password != password_confirmation
       errors.add(

diff --git a/spec/controllers/sign_up/passwords_controller_spec.rb b/spec/controllers/sign_up/passwords_controller_spec.rb
@@ -10,7 +10,6 @@
         password_form: {
           password: password,
           password_confirmation: password_confirmation,
-          confirmation_enabled: true,
         },
         confirmation_token: token,
       }
@@ -77,80 +76,73 @@
         stub_attempts_tracker
       end
 
-      context 'with temporary param confirmation_enabled' do
-        before do
-          params.merge(confirmation_enabled: true)
+      context 'with a password that is too short' do
+        let(:password) { 'NewVal' }
+        let(:password_confirmation) { 'NewVal' }
+        let(:errors) do
+          {
+            password:
+              [t(
+                'errors.attributes.password.too_short.other',
+                count: Devise.password_length.first,
+              )],
+            password_confirmation:
+              ["is too short (minimum is #{Devise.password_length.first} characters)"],
+          }
         end
+        let(:error_details) do
+          {
+            password: [:too_short],
+            password_confirmation: [:too_short],
+          }
+        end
+
+        it 'tracks an invalid password event' do
+          expect(@analytics).to receive(:track_event).
+            with(
+              'User Registration: Email Confirmation',
+              { errors: {}, error_details: nil, success: true, user_id: user.uuid },
+            )
+          expect(@analytics).to receive(:track_event).
+            with('Password Creation', analytics_hash)
+
+          expect(@irs_attempts_api_tracker).to receive(:user_registration_password_submitted).
+            with(
+              success: false,
+              failure_reason: error_details,
+            )
+          expect(@irs_attempts_api_tracker).not_to receive(:user_registration_email_confirmation)
+
+          subject
+        end
+      end
 
-        # modify this test
-        context 'with a password that is too short' do
-          let(:password) { 'NewVal' }
-          let(:password_confirmation) { 'NewVal' }
-          let(:errors) do
-            {
-              password:
-                [t(
-                  'errors.attributes.password.too_short.other',
-                  count: Devise.password_length.first,
-                )],
-              password_confirmation:
-                ["is too short (minimum is #{Devise.password_length.first} characters)"],
-            }
-          end
-          let(:error_details) do
-            {
-              password: [:too_short],
-              password_confirmation: [:too_short],
-            }
-          end
-
-          it 'tracks an invalid password event' do
-            expect(@analytics).to receive(:track_event).
-              with(
-                'User Registration: Email Confirmation',
-                { errors: {}, error_details: nil, success: true, user_id: user.uuid },
-              )
-            expect(@analytics).to receive(:track_event).
-              with('Password Creation', analytics_hash)
-
-            expect(@irs_attempts_api_tracker).to receive(:user_registration_password_submitted).
-              with(
-                success: false,
-                failure_reason: error_details,
-              )
-            expect(@irs_attempts_api_tracker).not_to receive(:user_registration_email_confirmation)
-
-            subject
-          end
+      context 'when password confirmation does not match' do
+        let(:password) { 'NewVal!dPassw0rd' }
+        let(:password_confirmation) { 'bad match password' }
+        let(:errors) do
+          {
+            password_confirmation:
+              [t('errors.messages.password_mismatch')],
+          }
         end
+        let(:error_details) do
+          {
+            password_confirmation: [t('errors.messages.password_mismatch')],
+          }
+        end
+
+        it 'tracks invalid password_confirmation error' do
+          expect(@analytics).to receive(:track_event).
+            with(
+              'User Registration: Email Confirmation',
+              { errors: {}, error_details: nil, success: true, user_id: user.uuid },
+            )
+
+          expect(@analytics).to receive(:track_event).
+            with('Password Creation', analytics_hash)
 
-        context 'when password confirmation does not match' do
-          let(:password) { 'NewVal!dPassw0rd' }
-          let(:password_confirmation) { 'bad match password' }
-          let(:errors) do
-            {
-              password_confirmation:
-                [t('errors.messages.password_mismatch')],
-            }
-          end
-          let(:error_details) do
-            {
-              password_confirmation: [t('errors.messages.password_mismatch')],
-            }
-          end
-
-          it 'tracks invalid password_confirmation error' do
-            expect(@analytics).to receive(:track_event).
-              with(
-                'User Registration: Email Confirmation',
-                { errors: {}, error_details: nil, success: true, user_id: user.uuid },
-              )
-
-            expect(@analytics).to receive(:track_event).
-              with('Password Creation', analytics_hash)
-
-            subject
-          end
+          subject
         end
       end
     end

diff --git a/spec/forms/password_form_spec.rb b/spec/forms/password_form_spec.rb
@@ -21,7 +21,6 @@
       {
         password: password,
         password_confirmation: password_confirmation,
-        confirmation_enabled: true,
       }
     end
-Original file line number
+Diff line change
@@ Expand Up / @@ -21,7 +21,6 @@ @@
           {
             password: password,
             password_confirmation: password_confirmation,
-            confirmation_enabled: true,
           }
         end
@@ Expand Down @@