LG-11463 LG-11722 Allow browser Back button from Enter Password step#9662
Merged
soniaconnolly merged 52 commits intomainfrom Nov 29, 2023
Merged
LG-11463 LG-11722 Allow browser Back button from Enter Password step#9662soniaconnolly merged 52 commits intomainfrom
soniaconnolly merged 52 commits intomainfrom
Conversation
solipet
force-pushed
the
doug-lg-11463-back-from-phone-step-cherrypicked
branch
from
a15461c to
5b7167b
Compare
soniaconnolly
commented
Nov 28, 2023
soniaconnolly
commented
Nov 28, 2023
soniaconnolly
force-pushed
the
doug-lg-11463-back-from-phone-step-cherrypicked
branch
from
33336e6 to
86c18f6
Compare
soniaconnolly
changed the title
changelog: User-facing Improvements, Identity Verification back button, Allow back button for Phone step
Added Idv::Session#ssn_step_complete? which checks whether verify_info step is complete. Also add action: :new to PhoneController.step_info
Co-authored-by: Doug Price <douglas.price@gsa.gov>
The default of /idv was working until we got to /idv/by_mail/request_letter, so make the default /idv and allow specifying a different module for RequestLetterController.step_info. Use the module to build an absolute controller path in url_for.
Add ssn_or_applicant_ssn and pii_from_doc_or_applicant and pii_from_user_or_applicant to idv_session to make Ssn and VerifyInfo pages work after pii is moved to idv_session.applicant Remove :confirm_verify_info_step_needed before actions
adds restore_pii_from_doc and restore_pii_from_user Co-authored-by: Alex Bradley <alexander.bradley@gsa.gov>
StepInfo now takes the controller class as a parameter in the initializer, then converts the controller to the full string name, including modules, for use in url_for. This disambiguates between remote idv and in person for ssn and verify_info controllers. Removed controller_module from StepInfo since the above make it unneeded. Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov> Co-authored-by: Alex Bradley <alexander.bradley@gsa.gov>
Deleted clear_current_step! in favor of explicitly restoring the pii from the applicant.
This is necessary to make a enter_password_controller_spec in person retry spec pass when touching subject.idv_session. We suspect that when the code is running, it is using the cached profile, which is fortunately identical to the newly-created retry profile.
And stop stubbing idv_session and applicant in enter_password_controller_spec
Enhance end_to_end_idv_spec to detect failure to go back to phone & otp_verification
clear_applicant! is handled by clear_future_steps! remote_document_capture_complete? is the same as pii_from_doc
soniaconnolly
force-pushed
the
doug-lg-11463-back-from-phone-step-cherrypicked
branch
from
f5aea13 to
fbf66f9
Compare
matthinz
reviewed
Nov 28, 2023
…capture_complete?
Superseded by confirm_step_allowed Last use of method, so method removed
This was the backstop for the previous back button PR, and is no longer needed
And move confirm_step_allowed under rate limit before action to match other controllers
Insurance for future changes even though there's nothing to clear now.
In flow_policy_spec, test undo_future_steps_from_controller! starting from enter_password and resubmitting ssn.
…troller_name Add a spec for full_controller_name
soniaconnolly
commented
Nov 29, 2023
matthinz
reviewed
Nov 29, 2023
matthinz
approved these changes
Nov 29, 2023
Contributor
|
This looks good to me, thank you @soniaconnolly and @solipet for your hard work here. |
soniaconnolly
deleted the
doug-lg-11463-back-from-phone-step-cherrypicked
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎫 Ticket
LG-11463
LG-11722
🛠 Summary of changes
Allow the browser back button from Welcome up to visiting Enter Password. This includes RequestLetter from Verify by Mail, and the in-person Ssn and VerifyInfo controllers. If the user re-submits an earlier step, all future steps are cleared from the session.
Note: In-person VerifyInfo still prevents going back, and we'll address that in a separate PR.
Do not merge until #9645 is deployed, since we need all sessions to have pii_from_user/pii_from_doc available after VerifyInfo is submitted.
📜 Testing Plan
in_person_proofing_opt_in_enabled: trueto include the new HowToVerify controller in testing