LG-9852: FSM/SSN -GET Route, Template, Controller And 404 Action

[gina-yamada]

🎫 Ticket

LG-9852 FSM/SSN -GET Route, Template, Controller And 404 Action

🛠 Summary of changes

• I created a new route, view, and controller for the SSN in the In Person Flow for the SSN step behind the feature flag in_person_ssn_info_controller_enabled. This is the first step in building a non-FSM controller based SSN step to eventually pull out the SSN step.
• If the feature flag is disabled, you will hit the FSM-SSN route/view/controller as you walk through the IPP flow. The route should be verify/in_person/ssn
• If the feature flag is disabled, if you change the url from verify/in_person/ssn to verify/in_person_proofing/ssn, you will get a 404 page
• If the feature flag is enabled, you will hit the new SSN route/view/controller as you walk through the IPP flow. The route should be verify/in_person_proofing/ssn

🏁 Feature Flag

in_person_ssn_info_controller_enabled - boolean

📜 Testing Plan

When the feature flag is disabled (Check existing behavior is not affected)

• You can move through the IPP flow, once on verify/in_person/ssn- changing the url to verify/in_person_proofing/ssn gives you a 404 error page
• You can move through the IPP flow from /verify/in_person/address to verify/in_person/ssn (double-address verification is enabled and state id is not the same as residential address)
• You can move through the IPP flow from /verify/in_person/state_id to verify/in_person/ssn (double-address verification is enabled and state id is the same as residential address)
• After arriving at /verify/in_person/verify_info, you can go back to edit SSN, and you arrive at verify/in_person/ssn
• Continue button takes you to /verify/in_person/verify_info
• Cancel button display if it is your first time visiting verify/in_person/ssn. Back button is not present.
• Cancel button & No, keep going takes you to /verify/in_person/ssn (EDITED URL) - PLEASE RETEST
• Cancel button & Start over takes you to verify/welcome
• Back button displays only if you visited verify/in_person/ssn more than once. Cancel button is not present.
• Back button (if visited more than once) takes you to /verify/in_person/verify_info
• Learn more about... link should redirect to Privacy & security
• Checkbox Show Social Security number should show/hide number input
• Clicking Continue with nothing in the input will display a validation error (This field is required)
• Clicking 999 (not 9 digits) and then Continue will display a validation error (Enter a nine-digit Social Security number)
• Step Indicator- Find a Post Office has a green check
• Step Indicator- Verify your information has a green circle
• All other steps have a grey circle
• You can hit the /verify/ssn successfully (and hit it again after editing on /verify/verify_info)- Team Ada's flow
• You can hit Team Ada's flow (pass proofing via doc auth) successfully /verify/ssn (and hit it again after editing on /verify/verify_info)

When the feature flag is enabled

• You can move through the IPP flow from /verify/in_person/address to verify/in_person_proofing/ssn (double-address verification is enabled and state id is not the same as residential address)
• You can move through the IPP flow from /verify/in_person/state_id to verify/in_person_proofing/ssn (double-address verification is enabled and state id is the same as residential address)
• After arriving at /verify/in_person/verify_info, you can go back to edit SSN, and you arrive at verify/in_person_proofing/ssn
• Continue button takes you to /verify/in_person_proofing/verify_info
• Cancel button display if it is your first time visiting verify/in_person/ssn. Back button is not present.
• Cancel button & No, keep going takes you to /verify/in_person_proofing/ssn (EDITED URL) - PLEASE RETEST
• Cancel button & Start over takes you to verify/welcome
• Back button displays only if you visited verify/in_person_proofing/ssn more than once. Cancel button is not present.
• Back button (if visited more than once) takes you to /verify/in_person_proofing/verify_info
• Learn more about... link should redirect to Privacy & security
• Checkbox Show Social Security number should show/hide number input
• Clicking Continue with nothing in the input will display a validation error (This field is required)
• Clicking 999 (not 9 digits) and then Continue will display a validation error (Enter a nine-digit Social Security number)
• Step Indicator- Find a Post Office has a green check
• Step Indicator- Verify your information has a green circle
• All other steps have a grey circle
• You can hit Team Ada's flow (pass proofing via doc auth) successfully /verify/ssn (and hit it again after editing on /verify/verify_info)

👀 Screenshots

If relevant, include a screenshot or screen capture of the changes.

in_person_ssn_info_controller_enabled: false

in_person_ssn_info_controller_enabled: true

[svalexander]

@gina-yamada for when the flag is enabled, this step: Back button displays only if you visited verify/in_person/ssn more than once. Cancel button is not present. should have the url as including in_person_proofing rather than in_person right?

[gina-yamada]

@gina-yamada for when the flag is enabled, this step: Back button displays only if you visited verify/in_person/ssn more than once. Cancel button is not present. should have the url as including in_person_proofing rather than in_person right?

@svalexander It shouldn't be. Please poke me if you disagree after this explanation or want to talk about it more.

• After you visit SSN more the once, the back button should always be taking you to Verify your information.

• The route for Verify Info is verify/in_person/verify_info (in the routes.rb file) note: in_person in the url

• Team Ada's route is /verify/verify_info. (As they removed steps in FSM, they removed the doc_auth from the url (so verify/doc_auth/verify_info changed to /verify/verify_info) - see deprecated routes in routes.rb.

• Yes, we have verify/in_person/verify_info and verify/in_person_proofing/ssn being used in this PR - so both in_person and in_person_proofing in our IPP flow 🙈 😳😱 (Great attention to detail! 🌟 ). We go from url verify/in_person/state_id to verify/in_person/address to verify/in_person_proofing/ssn to verify/in_person/verify_info

• Know this is only temporarily

• We can use old route verify/in_person/ssn and new route verify/in_person_proofing/ssn while we develop, test, and prior to flipping feature flag in in prod- because we need 2 routes

• In the SSN delete step (after we have used the new route and proved there are no bugs), we will go back to using the old route name verify/in_person/ssn- so it will match what is currently being used for Verify your information verify/in_person/verify_info when we no longer new 2 routes for ssn.

[gina-yamada]

The plan is to change the url to /verify/in_person_proofing/ssn temporarily so that is why the controller is pointing at file 'in_person'. On the delete PR, we can change /verify/in_person_proofing/ssn back to /verify/in_person/ssn so keeping the controller inside folder in_person will make for less work in the future.

@svalexander I had this comment in the PR in the routes file in the code. It was marked as pending so you never saw it. 😮‍💨 I tried to inform you before so good call out catching this/being concerned. Now I know I can't add comments in the code- else they will remain as pending. Boo github

[night-jellyfish]

I wonder if this should be removed before merging (or if not, how to capture when to remove it in the future).

This commit on your branch seems to imply we won't need it, but I could be mistaken.

[gina-yamada]

@night-jellyfish I left the comment it as a reminder to check/ask during code review, so thanks for mentioning it.

Inside the FSM ssn controller (app/services/idv/steps/in_person/ssn_step.rb) we do not have threatmetrix methods like Team Ada does in their SSN controller (app/controllers/idv/ssn_controller.rb). (That I found- I could have missed it.)

We do have threatmetrix stuff in our FSM SSN template (app/views/idv/in_person/ssn.html.erb) - so I included in my template.

I think we can delete comment and override_csp before action- maybe a question for product owner if we do threat metrix overrides for ipp.

[gina-yamada]

@night-jellyfish I removed the before_action override_csp_for_threat_metrix_no_fsm as I am not seeing it being used in FSM SSN. (I only see it being used in Doc Auth SSN.) The name also has no_fsm in it so don't think I need it. I cleaned up the tests that went with it also, see commit 04fcd86.

The code I mentioned in the template is only for dev and is a drop down so you can decide if you want to pass/fail/etc. To see it add this feature flag to application.yml proofing_device_profiling and set it to enabled. We have this same functionality on FSM IPP SSN step.

[sheldon-b]

Couple of small questions/requests. Looks really good!

[sheldon-b]

LGTM!

[soniaconnolly]

LGTM, one query about a spec helper.

[soniaconnolly]

Is the Ssn page Submit/Update button a spinner button?

[gina-yamada]

@soniaconnolly No. Updated with commit 3372c4d to be...

click_on t('forms.buttons.submit.update')

Thanks for the review!