LG-11461 LG-11462 LG-11467 Allow the browser Back button from Welcome to VerifyInfo#9589
Merged
soniaconnolly merged 27 commits intomainfrom Nov 27, 2023
Merged
LG-11461 LG-11462 LG-11467 Allow the browser Back button from Welcome to VerifyInfo#9589soniaconnolly merged 27 commits intomainfrom
soniaconnolly merged 27 commits intomainfrom
Conversation
Co-authored-by: Doug Price <douglas.price@gsa.gov>
The individual page validations could affect the back button history, so simplify by splitting the specs.
Add StepInfo in VerifyInfo controller. Remove :confirm_document_capture_not_complete before_action from early steps and replace with :confirm_verify_info_step_needed to make the next barrier. Update specs.
It is no longer used from other controllers since it is removed from remote VerifyInfo Co-authored-by: Alex Bradley <alexander.bradley@gsa.gov>
5 tasks
The whole redo_document_capture mechanism can be removed - in a separate PR
…s_from_controller! Co-authored-by: Jessica Dembe <jessica.dembe@gsa.gov>
soniaconnolly
changed the title
soniaconnolly
requested review from
a team and
eileen-nava
and removed request for
a team
12 tasks
jmhooper
added a commit
that referenced
this pull request
Aug 15, 2024
The SSN show page includes Javascript for device profiling. To identify a device profiling transaction we set `threatmetrix_session_id` and render that alongside the Javascript that performs the device profiling. This UUID is used downstream to fetch device profiling results. We observed that some users did not have a `threatmetrix_session_id` value in downstream steps. This appears to be because they submitted the "link sent" step which calls `undo_step` on the SSN step. Then, either due to network issues or an unusual path through the process they were able to submit the SSN form without re-rendering the SSN show page. Investigating this we questioned why the `threatmetrix_session_id` needs to be deleted when the user submits earlier steps. It appears it was added in #9589 which configured the back button functionality from the SSN step back to other steps. It appears that the `threatmetrix_session_id` was set to `nil` there in order to return to the state that existed before the step was submitted and not because of a specific concern about stale IDs or anything like that. In order to prevent the issue where users have a nil ID after viewing the SSN step but submitting later steps and proceeding without re-viewing the SSN step, this commit removes the code to reset the threatmetrix session ID. This should be fine since the old ID will represent a device profiling transaction for the current session which is ultimately the goal. [skip changelog]
jmhooper
added a commit
that referenced
this pull request
Aug 21, 2024
The SSN show page includes Javascript for device profiling. To identify a device profiling transaction we set `threatmetrix_session_id` and render that alongside the Javascript that performs the device profiling. This UUID is used downstream to fetch device profiling results. We observed that some users did not have a `threatmetrix_session_id` value in downstream steps. This appears to be because they submitted the "link sent" step which calls `undo_step` on the SSN step. Then, either due to network issues or an unusual path through the process they were able to submit the SSN form without re-rendering the SSN show page. Investigating this we questioned why the `threatmetrix_session_id` needs to be deleted when the user submits earlier steps. It appears it was added in #9589 which configured the back button functionality from the SSN step back to other steps. It appears that the `threatmetrix_session_id` was set to `nil` there in order to return to the state that existed before the step was submitted and not because of a specific concern about stale IDs or anything like that. In order to prevent the issue where users have a nil ID after viewing the SSN step but submitting later steps and proceeding without re-viewing the SSN step, this commit removes the code to reset the threatmetrix session ID. This should be fine since the old ID will represent a device profiling transaction for the current session which is ultimately the goal. [skip changelog]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎫 Ticket
LG-11461
LG-11462
LG-11467
🛠 Summary of changes
The Back button was previously allowed up to visiting DocumentCapture. Add functionality to allow the Back button after submitting DocumentCapture, up to visiting VerifyInfo. This includes changes to the DocumentCapture page, LinkSent page, Ssn page, Address page, and VerifyInfo page, primarily in the before_actions to use FlowPolicy.
idv_session.redo_document_capture should be unnecessary now. We are leaving that cleanup to a separate ticket.
📜 Testing Plan
Provide a checklist of steps to confirm the changes.