LG-10610 Editing URL Always Directs to FSM SSN URL

[gina-yamada]

🎫 Ticket

LG-10610 FSM/SSN Editing URL always directs to FSM SSN URL

🛠 Summary of changes

• Upon hitting the non-FSM SSN controller, marking the FSM SSN step complete to prevent a user from changing the URL to a completed step in the FSM and being redirected to the FSN SSN step /verify/in_person/ssn.
• Previously we were marking the step complete only after submission on Verify- so we could revisit the SSN step if the URL was changed even tho visited (just not submitted)
• Added before action override_csp_for_threat_metrix_no_fsm

📜 Testing Plan

1. Set the in_person_ssn_info_controller_enabled flag to true
2. Create an account, go to /verify, upload state-issued ID (front + back) to fail ID verification, Go to in person proofing
3. Fill in State-Id information and Residential Address
4. Once on the Social Security Number- look at the URL. Confirm that the url is /verify/in_person_proofing/ssn. This is the non-FSM SSN view and is expected because the flag is set to true.
5. Change the URL to /verify/address
6. Because the address step is complete and the feature flag is enabled, you should be redirected in the non-FSM SSN view. The url should be /verify/in_person_proofing/ssn

📹 Videos

Before:

lg-10610-before.mov

After:

lg-10620-after.mov

[svalexander]

LGTM. Testing worked well!

[soniaconnolly]

LGTM.

Just to clarify, the threatmetrix csp override is a separate fix, just something else that needs to be added to the controller (since threatmetrix is used in your fsm ssn step).