Skip to content

Commit

Permalink
Merge pull request #11171 from 18F/stages/rc-2024-08-29-patch-1
Browse files Browse the repository at this point in the history
Deploy RC 410.1 to production
  • Loading branch information
jmhooper authored Aug 29, 2024
2 parents d4c042a + 1d53896 commit aca59a5
Show file tree
Hide file tree
Showing 63 changed files with 1,075 additions and 337 deletions.
1 change: 1 addition & 0 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ gem 'dotiw', '>= 4.0.1'
gem 'faraday', '~> 2'
gem 'faker'
gem 'faraday-retry'
gem 'fugit'
gem 'foundation_emails'
gem 'good_job', '~> 3.0'
gem 'http_accept_language'
Expand Down
1 change: 1 addition & 0 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -788,6 +788,7 @@ DEPENDENCIES
faraday (~> 2)
faraday-retry
foundation_emails
fugit
good_job (~> 3.0)
http_accept_language
i18n-tasks (~> 1.0)
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/application_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -261,7 +261,7 @@ def user_needs_to_reactivate_account?
end

def user_recommended_for_piv_cac?
current_user.piv_cac_recommended_dismissed_at.nil? && current_user.has_gov_or_mil_email? &&
current_user.piv_cac_recommended_dismissed_at.nil? && current_user.has_fed_or_mil_email? &&
!user_already_has_piv?
end

Expand Down
2 changes: 1 addition & 1 deletion app/controllers/concerns/mfa_setup_concern.rb
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ def show_skip_additional_mfa_link?
end

def check_if_possible_piv_user
if current_user.has_gov_or_mil_email? && current_user.piv_cac_recommended_dismissed_at.nil?
if current_user.has_fed_or_mil_email? && current_user.piv_cac_recommended_dismissed_at.nil?
redirect_to login_piv_cac_recommended_path
end
end
Expand Down
1 change: 1 addition & 0 deletions app/controllers/idv/agreement_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ def update

if result.success?
idv_session.idv_consent_given = true
idv_session.idv_consent_given_at = Time.zone.now

if IdentityConfig.store.in_person_proofing_opt_in_enabled &&
IdentityConfig.store.in_person_proofing_enabled
Expand Down
4 changes: 4 additions & 0 deletions app/controllers/socure_webhook_controller.rb
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
# frozen_string_literal: true

class SocureWebhookController < ApplicationController
include RenderConditionConcern

skip_before_action :verify_authenticity_token

check_or_render_not_found -> { IdentityConfig.store.socure_webhook_enabled }

def create
if token_valid?
render json: { message: 'Secret token is valid.' }
Expand Down
6 changes: 3 additions & 3 deletions app/controllers/users/piv_cac_recommended_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ class PivCacRecommendedController < ApplicationController

before_action :confirm_user_authenticated_for_2fa_setup
before_action :apply_secure_headers_override
before_action :redirect_unless_user_email_is_gov_or_mil
before_action :redirect_unless_user_email_is_fed_or_mil

def show
@recommended_presenter = PivCacRecommendedPresenter.new(current_user)
Expand All @@ -30,8 +30,8 @@ def skip

private

def redirect_unless_user_email_is_gov_or_mil
redirect_to after_sign_in_path_for(current_user) unless current_user.has_gov_or_mil_email?
def redirect_unless_user_email_is_fed_or_mil
redirect_to after_sign_in_path_for(current_user) unless current_user.has_fed_or_mil_email?
end
end
end
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def index
@presenter = two_factor_options_presenter
analytics.user_registration_2fa_setup_visit(
enabled_mfa_methods_count:,
gov_or_mil_email: has_gov_or_mil_email?,
gov_or_mil_email: fed_or_mil_email?,
)
end

Expand Down Expand Up @@ -44,8 +44,8 @@ def two_factor_options_form

private

def has_gov_or_mil_email?
current_user.confirmed_email_addresses.any?(&:gov_or_mil?)
def fed_or_mil_email?
current_user.confirmed_email_addresses.any?(&:fed_or_mil_email?)
end

def mfa_context
Expand Down
13 changes: 8 additions & 5 deletions app/jobs/get_usps_proofing_results_job.rb
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@ def handle_unsupported_id_type(enrollment, response)
proofed_at: proofed_at,
status_check_completed_at: Time.zone.now,
)

enrollment.profile.deactivate_due_to_in_person_verification_cancelled
# send SMS and email
send_enrollment_status_sms_notification(enrollment: enrollment)
send_failed_email(enrollment.user, enrollment)
Expand Down Expand Up @@ -271,7 +271,7 @@ def handle_expired_status_update(enrollment, response, response_message)
status: :expired,
status_check_completed_at: Time.zone.now,
)
enrollment.profile.deactivate_due_to_ipp_expiration
enrollment.profile.deactivate_due_to_in_person_verification_cancelled

if fraud_result_pending?(enrollment)
analytics(user: enrollment.user).idv_ipp_deactivated_for_never_visiting_post_office(
Expand Down Expand Up @@ -325,8 +325,10 @@ def handle_fraud_review_pending(enrollment)
end

def handle_unexpected_response(enrollment, response_message, reason:, cancel: true)
enrollment.cancelled! if cancel

if cancel
enrollment.cancelled!
enrollment.profile.deactivate_due_to_in_person_verification_cancelled
end
analytics(user: enrollment.user).
idv_in_person_usps_proofing_results_job_unexpected_response(
**enrollment_analytics_attributes(enrollment, complete: cancel),
Expand All @@ -352,7 +354,7 @@ def handle_failed_status(enrollment, response)
proofed_at: proofed_at,
status_check_completed_at: Time.zone.now,
)

enrollment.profile.deactivate_due_to_in_person_verification_cancelled
# send SMS and email
send_enrollment_status_sms_notification(enrollment: enrollment)
if response['fraudSuspected']
Expand Down Expand Up @@ -442,6 +444,7 @@ def handle_unsupported_secondary_id(enrollment, response)
proofed_at: proofed_at,
status_check_completed_at: Time.zone.now,
)
enrollment.profile.deactivate_due_to_in_person_verification_cancelled
# send SMS and email
send_enrollment_status_sms_notification(enrollment: enrollment)
send_failed_email(enrollment.user, enrollment)
Expand Down
21 changes: 19 additions & 2 deletions app/models/email_address.rb
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,25 @@ def confirmation_period_expired?
Time.zone.now > expiration_time
end

def gov_or_mil?
email.end_with?('.gov', '.mil')
def domain
Mail::Address.new(email).domain
end

def fed_or_mil_email?
fed_email? || mil_email?
end

def fed_email?
if IdentityConfig.store.use_fed_domain_class
return false unless domain
FederalEmailDomain.fed_domain?(domain)
else
email.end_with?('.gov')
end
end

def mil_email?
email.end_with?('.mil')
end

class << self
Expand Down
7 changes: 7 additions & 0 deletions app/models/federal_email_domain.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# frozen_string_literal: true

class FederalEmailDomain < ApplicationRecord
def self.fed_domain?(domain)
exists?(name: domain)
end
end
2 changes: 1 addition & 1 deletion app/models/profile.rb
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ def deactivate_due_to_gpo_expiration
)
end

def deactivate_due_to_ipp_expiration
def deactivate_due_to_in_person_verification_cancelled
update!(
active: false,
deactivation_reason: :verification_cancelled,
Expand Down
4 changes: 2 additions & 2 deletions app/models/user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@ def confirmed?
email_addresses.where.not(confirmed_at: nil).any?
end

def has_gov_or_mil_email?
confirmed_email_addresses.any?(&:gov_or_mil?)
def has_fed_or_mil_email?
confirmed_email_addresses.any?(&:fed_or_mil_email?)
end

def accepted_rules_of_use_still_valid?
Expand Down
44 changes: 19 additions & 25 deletions app/presenters/completions_presenter.rb
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
# frozen_string_literal: true

class CompletionsPresenter
include ActionView::Helpers::TranslationHelper
include ActionView::Helpers::TagHelper

attr_reader :current_user, :current_sp, :decrypted_pii, :requested_attributes, :completion_context

SORTED_IAL2_ATTRIBUTE_MAPPING = [
Expand Down Expand Up @@ -72,33 +75,24 @@ def heading
end

def intro
if ial2_requested?
if consent_has_expired?
I18n.t(
'help_text.requested_attributes.ial2_consent_reminder_html',
sp: sp_name,
)
elsif reverified_after_consent?
I18n.t(
'help_text.requested_attributes.ial2_reverified_consent_info',
sp: sp_name,
)
else
I18n.t(
'help_text.requested_attributes.ial2_intro_html',
sp: sp_name,
)
end
elsif consent_has_expired?
I18n.t(
'help_text.requested_attributes.ial1_consent_reminder_html',
sp: sp_name,
if consent_has_expired?
safe_join(
[
t(
'help_text.requested_attributes.consent_reminder_html',
sp_html: content_tag(:strong, sp_name),
),
t('help_text.requested_attributes.intro_html', sp_html: content_tag(:strong, sp_name)),
],
' ',
)
else
I18n.t(
'help_text.requested_attributes.ial1_intro_html',
sp: sp_name,
elsif ial2_requested? && reverified_after_consent?
t(
'help_text.requested_attributes.ial2_reverified_consent_info_html',
sp_html: content_tag(:strong, sp_name),
)
else
t('help_text.requested_attributes.intro_html', sp_html: content_tag(:strong, sp_name))
end
end

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ def phishing_resistant?
end

def recommended?
user.confirmed_email_addresses.any?(&:gov_or_mil?)
user.confirmed_email_addresses.any?(&:fed_or_mil_email?)
end

def desktop_only?
Expand Down
1 change: 0 additions & 1 deletion app/presenters/two_factor_options_presenter.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ class TwoFactorOptionsPresenter
:user_agent

delegate :two_factor_enabled?, to: :mfa_policy

def initialize(
user_agent:,
user: nil,
Expand Down
8 changes: 0 additions & 8 deletions app/services/analytics_events.rb
Original file line number Diff line number Diff line change
Expand Up @@ -1329,14 +1329,6 @@ def idv_doc_auth_link_sent_visited(**extra)
track_event('IdV: doc auth link_sent visited', **extra)
end

def idv_doc_auth_randomizer_defaulted(**extra)
track_event(
'IdV: doc_auth random vendor error',
error: 'document_capture_session_uuid_key missing',
**extra,
)
end

def idv_doc_auth_redo_ssn_submitted(**extra)
track_event('IdV: doc auth redo_ssn submitted', **extra)
end
Expand Down
11 changes: 8 additions & 3 deletions app/services/doc_auth_router.rb
Original file line number Diff line number Diff line change
Expand Up @@ -196,9 +196,14 @@ def self.client(vendor:, warn_notifier: nil)
# rubocop:enable Layout/LineLength

def self.doc_auth_vendor_for_bucket(bucket)
bucket == :alternate_vendor ?
IdentityConfig.store.doc_auth_vendor_randomize_alternate_vendor :
IdentityConfig.store.doc_auth_vendor
case bucket
when :socure
Idp::Constants::Vendors::SOCURE
when :lexis_nexis
Idp::Constants::Vendors::LEXIS_NEXIS
else # e.g., nil
IdentityConfig.store.doc_auth_vendor_default
end
end

def self.doc_auth_vendor(
Expand Down
Loading

0 comments on commit aca59a5

Please sign in to comment.