LG-14587 | Updates to 'You successfully verified your identity' email (…

…#11295) changelog: User-Facing Improvements, Account verified email, Prompt user to return to SP
18F · Oct 23, 2024 · a2dbea2 · a2dbea2
1 parent d6add6f
commit a2dbea2
Show file tree

Hide file tree

Showing 12 changed files with 296 additions and 46 deletions.
diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb
@@ -242,13 +242,16 @@ def add_email_associated_with_another_account
     end
   end
 
-  def account_verified(date_time:, sp_name:)
+  def account_verified(profile:)
+    attachments.inline['verified.png'] =
+      Rails.root.join('app/assets/images/email/user-signup-ial2.png').read
     with_user_locale(user) do
-      @date = I18n.l(date_time, format: :event_date)
-      @sp_name = sp_name
+      @presenter = Idv::AccountVerifiedEmailPresenter.new(profile:)
+      @hide_title = true
+      @date = I18n.l(profile.verified_at, format: :event_date)
       mail(
         to: email_address.email,
-        subject: t('user_mailer.account_verified.subject', sp_name: @sp_name),
+        subject: t('user_mailer.account_verified.subject', app_name: APP_NAME),
       )
     end
   end

diff --git a/app/presenters/idv/account_verified_email_presenter.rb b/app/presenters/idv/account_verified_email_presenter.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module Idv
+  class AccountVerifiedEmailPresenter
+    include Rails.application.routes.url_helpers
+
+    attr_reader :profile
+
+    def initialize(profile:)
+      @profile = profile
+    end
+
+    def service_provider
+      profile.initiating_service_provider
+    end
+
+    def show_cta?
+      !service_provider || service_provider_homepage_url.present?
+    end
+
+    def sign_in_url
+      service_provider_homepage_url || root_url
+    end
+
+    def service_provider_homepage_url
+      sp_return_url_resolver.homepage_url if service_provider
+    end
+
+    def sp_name
+      service_provider&.friendly_name || APP_NAME
+    end
+
+    def url_options
+      {}
+    end
+
+    private
+
+    def sp_return_url_resolver
+      SpReturnUrlResolver.new(service_provider: service_provider)
+    end
+  end
+end
diff --git a/app/services/user_alerts/alert_user_about_account_verified.rb b/app/services/user_alerts/alert_user_about_account_verified.rb
@@ -4,11 +4,9 @@ module UserAlerts
   class AlertUserAboutAccountVerified
     def self.call(profile:)
       user = profile.user
-      sp_name = profile.initiating_service_provider&.friendly_name || APP_NAME
       user.confirmed_email_addresses.each do |email_address|
         UserMailer.with(user: user, email_address: email_address).account_verified(
-          date_time: profile.verified_at,
-          sp_name: sp_name,
+          profile: profile,
         ).deliver_now_or_later
       end
     end

diff --git a/app/views/user_mailer/account_verified.html.erb b/app/views/user_mailer/account_verified.html.erb
@@ -1,15 +1,67 @@
-<p class="lead">
+<%= image_tag(
+      attachments['verified.png'].url,
+      width: 140,
+      height: 177,
+      alt: '',
+      role: 'img',
+      class: 'float-center padding-bottom-4',
+    ) %>
+
+<h1><%= message.subject %></h1>
+
+<p>
+  <%= t('user_mailer.account_verified.greeting') %>
+</p>
+<p>
+  <%= t('user_mailer.account_verified.intro', date: @date) %>
+</p>
+
+<p>
+<% if @presenter.service_provider.present? %>
+  <% if @presenter.show_cta? %>
+    <%= t('user_mailer.account_verified.next_sign_in.with_sp.with_cta', sp_name: @presenter.service_provider.friendly_name) %>
+  <% else %>
+    <%= t('user_mailer.account_verified.next_sign_in.with_sp.without_cta', sp_name: @presenter.service_provider.friendly_name) %>
+  <% end %>
+<% else %>
+  <%= t('user_mailer.account_verified.next_sign_in.without_sp', app_name: APP_NAME) %>
+<% end %>
+</p>
+
+<% if @presenter.show_cta? %>
+  <table class="button expanded large radius">
+    <tbody>
+    <tr>
+      <td>
+        <table>
+          <tbody>
+          <tr>
+            <td>
+              <%= link_to t('user_mailer.account_verified.sign_in'), @presenter.sign_in_url,
+                          target: '_blank', class: 'btn-warn', rel: 'noopener' %>
+            </td>
+          </tr>
+          </tbody>
+        </table>
+      </td>
+    </tr>
+    </tbody>
+  </table>
+  <p>
+    <%= link_to(@presenter.sign_in_url, @presenter.sign_in_url, target: '_blank', rel: 'noopener') %>
+  </p>
+<% end %>
+
+<p>
   <%= t(
-        'user_mailer.account_verified.intro_html',
-        sp_name: @sp_name,
-        app_name: APP_NAME,
-        date: @date,
+        'user_mailer.account_verified.warning_contact_us_html',
         change_password_link_html: link_to(
           t('user_mailer.account_verified.change_password_link'),
           new_user_password_url,
         ),
-        contact_link_html: link_to(t('user_mailer.account_verified.contact_link'), MarketingSite.contact_url),
-      ) %>
+        contact_link_html: link_to(t('user_mailer.account_verified.contact_link', app_name: APP_NAME), MarketingSite.contact_url),
+      )
+  %>
 </p>
 
 <table class="spacer">

diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -1804,9 +1804,15 @@ user_mailer.account_reset_request.header: Your account will be deleted in %{inte
 user_mailer.account_reset_request.intro_html: 'As a security measure, %{app_name} requires a two-step process to delete your account:<br><br> Step One: There is a waiting period of %{waiting_period} if you have lost access to your authentication methods and need to delete your account. If you locate your authentication methods, you can sign in to your %{app_name} account to cancel this request.<br><br> Step Two: After the waiting period of %{waiting_period}, you will receive an email that will ask you to confirm the deletion of your %{app_name} account. Your account will not be deleted until you confirm.'
 user_mailer.account_reset_request.subject: How to delete your %{app_name} account
 user_mailer.account_verified.change_password_link: change your password
-user_mailer.account_verified.contact_link: contact us
-user_mailer.account_verified.intro_html: You successfully verified your identity with %{sp_name} on %{date} using %{app_name}. If you did not perform this action, please %{contact_link_html} and sign in to %{change_password_link_html}.
-user_mailer.account_verified.subject: You verified your identity with %{sp_name}.
+user_mailer.account_verified.contact_link: contact %{app_name} support
+user_mailer.account_verified.greeting: Hello,
+user_mailer.account_verified.intro: You successfully verified your identity on %{date}.
+user_mailer.account_verified.next_sign_in.with_sp.with_cta: Next, click the button or copy the link below to access %{sp_name} and sign in.
+user_mailer.account_verified.next_sign_in.with_sp.without_cta: You can now sign in from %{sp_name}’s website.
+user_mailer.account_verified.next_sign_in.without_sp: Next, click the button or copy the link below to sign in to %{app_name}.
+user_mailer.account_verified.sign_in: Sign in
+user_mailer.account_verified.subject: You successfully verified your identity with %{app_name}
+user_mailer.account_verified.warning_contact_us_html: If you did not attempt to verify your identity, please sign in to %{change_password_link_html}. To report this, %{contact_link_html}.
 user_mailer.add_email_associated_with_another_account.help_html: If you did not request a new email or suspect an error, please visit the %{app_name_html} %{help_link_html} or %{contact_link_html}.
 user_mailer.add_email_associated_with_another_account.intro_html: This email address is already associated with a %{app_name_html} account, so we can’t add it to another account. You must first delete or remove it from the account it is associated with. To do this, follow the link below and sign in with this email address. If you are not trying to add this email address to an account, you can ignore this message.
 user_mailer.add_email_associated_with_another_account.link_text: Go to %{app_name}

diff --git a/config/locales/es.yml b/config/locales/es.yml
@@ -1815,10 +1815,16 @@ user_mailer.account_reset_request.cancel: '¿No desea eliminar su cuenta? Inicie
 user_mailer.account_reset_request.header: Su cuenta será eliminada en %{interval}
 user_mailer.account_reset_request.intro_html: 'Como medida de seguridad, %{app_name} requiere un proceso de dos pasos para eliminar su cuenta:<br><br> Paso uno: Hay un período de espera de %{waiting_period} si perdió el acceso a sus métodos de autenticación y necesita eliminar su cuenta. Si encuentra sus métodos de autenticación, puede iniciar sesión en su cuenta %{app_name} para cancelar esta solicitud.<br><br> Paso dos: Tras el período de espera de %{waiting_period}, recibirás un correo electrónico en el que te pediremos que confirmes la eliminación de tu cuenta %{app_name}. Tu cuenta no se eliminará hasta que lo confirmes.'
 user_mailer.account_reset_request.subject: Cómo eliminar su cuenta de %{app_name}
-user_mailer.account_verified.change_password_link: cambie su contraseña
-user_mailer.account_verified.contact_link: contáctenos
-user_mailer.account_verified.intro_html: El %{date}, verificó correctamente su identidad con %{sp_name} usando %{app_name}. Si usted no efectuó esta acción, vaya a %{contact_link_html} e inicie sesión para %{change_password_link_html}.
-user_mailer.account_verified.subject: Verificó su identidad con %{sp_name}
+user_mailer.account_verified.change_password_link: restablecer su contraseña
+user_mailer.account_verified.contact_link: contacte con el servicio de asistencia de %{app_name}
+user_mailer.account_verified.greeting: 'Hola:'
+user_mailer.account_verified.intro: Verificó correctamente su identidad el %{date}.
+user_mailer.account_verified.next_sign_in.with_sp.with_cta: A continuación, haga clic en el botón o copie el vínculo siguiente para acceder a %{sp_name} e iniciar sesión.
+user_mailer.account_verified.next_sign_in.with_sp.without_cta: Ya puede iniciar la sesión en el sitio web de %{sp_name}.
+user_mailer.account_verified.next_sign_in.without_sp: Luego, haga clic en el botón o copie el vínculo siguiente para iniciar sesión en %{app_name}.
+user_mailer.account_verified.sign_in: Iniciar sesión
+user_mailer.account_verified.subject: Logró verificar su identidad con %{app_name}
+user_mailer.account_verified.warning_contact_us_html: Si usted no intentó verificar su identidad, inicie sesión para %{change_password_link_html}. Para informar de esto, %{contact_link_html}.
 user_mailer.add_email_associated_with_another_account.help_html: Si no solicitó un nuevo correo electrónico o sospecha que hubo un error, visite %{help_link_html} de %{app_name_html} o %{contact_link_html}.
 user_mailer.add_email_associated_with_another_account.intro_html: Esta dirección de correo electrónico ya está asociada con una cuenta de %{app_name_html}, por lo que no podemos agregarla a otra cuenta. Primero, debe eliminarla o quitarla de la cuenta con la que está asociada. Para hacerlo, siga este vínculo e inicie sesión con esta dirección de correo electrónico. Si no está intentando agregar esta dirección de correo electrónico a una cuenta, puede ignorar este mensaje.
 user_mailer.add_email_associated_with_another_account.link_text: Ir a %{app_name}

diff --git a/config/locales/fr.yml b/config/locales/fr.yml
@@ -1803,10 +1803,16 @@ user_mailer.account_reset_request.cancel: Vous ne voulez pas supprimer votre com
 user_mailer.account_reset_request.header: Votre compte sera supprimé dans %{interval}
 user_mailer.account_reset_request.intro_html: 'Par mesure de sécurité, %{app_name} nécessite un processus en deux étapes pour supprimer votre compte: <br> <br> Étape 1: Il y a un delai d’attente de %{waiting_period} si vous avez perdu l’accès à vos méthodes d’authentification et devez supprimer votre compte. Si vous trouvez vos méthodes d’authentification, vous pouvez vous connecter à votre compte %{app_name} pour annuler cette demande. <br> <br> Deuxième étape: après la période d’attente de %{waiting_period}, vous recevrez un e-mail qui vous demandera de confirmer la suppression de votre compte %{app_name}. Votre compte ne sera pas supprimé tant que vous n’aurez pas confirmé.'
 user_mailer.account_reset_request.subject: Comment supprimer votre compte %{app_name}
-user_mailer.account_verified.change_password_link: changer votre mot de passe
-user_mailer.account_verified.contact_link: nous contacter
-user_mailer.account_verified.intro_html: Le %{date}, vous avez réussi à confirmer votre identité auprès de %{sp_name} à l’aide de %{app_name}. Si vous n’avez pas effectué cette action, veuillez %{contact_link_html} et vous connecter pour %{change_password_link_html}.
-user_mailer.account_verified.subject: Vous avez confirmé votre identité avec %{sp_name}.
+user_mailer.account_verified.change_password_link: réinitialiser votre mot de passe
+user_mailer.account_verified.contact_link: contactez le service d’assistance de %{app_name}
+user_mailer.account_verified.greeting: Bonjour,
+user_mailer.account_verified.intro: Vous avez réussi à confirmer votre identité le %{date}.
+user_mailer.account_verified.next_sign_in.with_sp.with_cta: Maintenant, cliquez sur le bouton ou copiez le lien ci-dessous pour accéder à %{sp_name} et vous connecter.
+user_mailer.account_verified.next_sign_in.with_sp.without_cta: Vous pouvez désormais vous connecter depuis le site Web de %{sp_name}.
+user_mailer.account_verified.next_sign_in.without_sp: Maintenant, cliquez sur le bouton ou copiez le lien ci-dessous pour vous connecter à %{app_name}.
+user_mailer.account_verified.sign_in: Se connecter
+user_mailer.account_verified.subject: Vous avez réussi à vérifier votre identité avec %{app_name}
+user_mailer.account_verified.warning_contact_us_html: Si vous n’avez pas essayé de confirmer votre identité, veuillez vous connecter pour %{change_password_link_html}. Pour signaler ce problème, %{contact_link_html}.
 user_mailer.add_email_associated_with_another_account.help_html: Si vous n’avez pas demandé de nouvel e-mail ou suspectez une erreur, veuillez visiter le %{help_link_html} de %{app_name_html} ou %{contact_link_html}.
 user_mailer.add_email_associated_with_another_account.intro_html: Cette adresse e-mail est déjà associée à un compte %{app_name_html}, nous ne pouvons donc pas l’ajouter à un autre compte. Vous devez d’abord la supprimer ou la retirer du compte auquel elle est associée. Pour ce faire, suivez le lien ci-dessous et connectez-vous avec cette adresse e-mail. Si vous n’essayez pas d’ajouter cette adresse e-mail à un compte, vous pouvez ignorer ce message.
 user_mailer.add_email_associated_with_another_account.link_text: Allez sur %{app_name}

diff --git a/config/locales/zh.yml b/config/locales/zh.yml
@@ -1817,9 +1817,15 @@ user_mailer.account_reset_request.header: 你的账户会在%{interval}后删除
 user_mailer.account_reset_request.intro_html: 作为一项安全措施，%{app_name} 要求一个两步流程来删除你的帐户：<br><br> 第一步：如果你丢失了身份证实方法但需删除账户，有一个%{waiting_period} 的等待期。如果你找到了身份证实方法，可以登录你的 %{app_name} 帐户来取消这个请求。<br><br> 第二步：%{waiting_period}等待期之后，你会收到一封电邮，请你确认要删除 %{app_name} 账户。只有经你确认后，你的账户才会被删除。
 user_mailer.account_reset_request.subject: 如何删除你的 %{app_name} 账户
 user_mailer.account_verified.change_password_link: 更改密码
-user_mailer.account_verified.contact_link: 联系我们
-user_mailer.account_verified.intro_html: 你于 %{date} 使用 %{app_name} 在 %{sp_name}成功验证了身份。如果你没有采取这一行动，请 %{contact_link_html} 并登录 %{change_password_link_html}。
-user_mailer.account_verified.subject: 你在 %{sp_name} 验证了身份。
+user_mailer.account_verified.contact_link: 请联系 %{app_name}支持
+user_mailer.account_verified.greeting: 你好，
+user_mailer.account_verified.intro: 你在 %{date} 成功地验证了身份。
+user_mailer.account_verified.next_sign_in.with_sp.with_cta: 接下来请点击按钮或复制下面的连接来访问 %{sp_name} 并登录。
+user_mailer.account_verified.next_sign_in.with_sp.without_cta: 你现在可以从 %{sp_name} 的网站登录。
+user_mailer.account_verified.next_sign_in.without_sp: 接下来请点击按钮或复制下面的连接来登录 %{app_name}。
+user_mailer.account_verified.sign_in: 登录
+user_mailer.account_verified.subject: 你在 %{app_name} 成功地验证了身份
+user_mailer.account_verified.warning_contact_us_html: 如果你没有试图验证过身份，请登录来%{change_password_link_html}。要报告这件事，%{contact_link_html}。
 user_mailer.add_email_associated_with_another_account.help_html: 如果你没有要求一封新电邮或怀疑有错， 请访问 %{app_name_html}的 %{help_link_html} 或者 %{contact_link_html}。
 user_mailer.add_email_associated_with_another_account.intro_html: 该电邮地址已与一个 %{app_name_html}账户相关联，所以我们不能把它加到另外一个账户上。你必须首先将其从与之相关的账户中删除或去掉。要做到这一点，点击以下链接并用该电邮地址登录。如果你没有试图将此电邮地址加到一个账户，可忽略这一信息。
 user_mailer.add_email_associated_with_another_account.link_text: 请到 %{app_name}

diff --git a/spec/mailers/previews/user_mailer_preview.rb b/spec/mailers/previews/user_mailer_preview.rb
@@ -145,9 +145,15 @@ def add_email_associated_with_another_account
   end
 
   def account_verified
+    service_provider = ServiceProvider.find_by(friendly_name: 'Example Sinatra App')
     UserMailer.with(user: user, email_address: email_address_record).account_verified(
-      date_time: DateTime.now,
-      sp_name: 'Example App',
+      profile: unsaveable(
+        Profile.new(
+          user: user,
+          initiating_service_provider: service_provider,
+          verified_at: Time.zone.now,
+        ),
+      ),
     )
   end
 

diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb
@@ -525,9 +525,10 @@ def expect_email_body_to_have_help_and_contact_links
   describe '#account_verified' do
     let(:sp_name) { '' }
     let(:date_time) { Time.zone.now }
+    let(:profile) { create(:profile, :active) }
     let(:mail) do
       UserMailer.with(user: user, email_address: email_address).
-        account_verified(date_time: date_time, sp_name: sp_name)
+        account_verified(profile: profile)
     end
 
     it_behaves_like 'a system email'
@@ -538,7 +539,7 @@ def expect_email_body_to_have_help_and_contact_links
     end
 
     it 'renders the subject' do
-      expect(mail.subject).to eq t('user_mailer.account_verified.subject', sp_name: sp_name)
+      expect(mail.subject).to eq t('user_mailer.account_verified.subject', app_name: APP_NAME)
     end
 
     it 'links to the forgot password page' do

diff --git a/spec/presenters/idv/account_verified_email_presenter_spec.rb b/spec/presenters/idv/account_verified_email_presenter_spec.rb
@@ -0,0 +1,96 @@
+require 'rails_helper'
+
+RSpec.describe Idv::AccountVerifiedEmailPresenter do
+  include Rails.application.routes.url_helpers
+
+  let(:service_provider) { create(:service_provider) }
+
+  let(:profile) do
+    create(
+      :profile,
+      initiating_service_provider: service_provider,
+    )
+  end
+
+  subject(:presenter) { described_class.new(profile:) }
+
+  context 'when there is no associated service provider' do
+    let(:service_provider) { nil }
+
+    describe '#show_cta?' do
+      it 'is true' do
+        expect(presenter.show_cta?).to eq(true)
+      end
+    end
+
+    describe '#sp_name' do
+      it 'returns our APP_NAME instead' do
+        expect(presenter.sp_name).to eq(APP_NAME)
+      end
+    end
+
+    describe '#sign_in_url' do
+      it 'links to ourselves since there is no SP' do
+        expect(presenter.sign_in_url).to eq(root_url)
+      end
+    end
+  end
+
+  context 'where there is a service provider' do
+    context 'when the service provider has no return URL' do
+      let(:service_provider) do
+        create(
+          :service_provider,
+          return_to_sp_url: nil,
+          friendly_name: 'My Awesome SP',
+        )
+      end
+
+      describe '#show_cta?' do
+        it 'is false' do
+          expect(presenter.show_cta?).to eq(false)
+        end
+      end
+
+      describe '#sp_name' do
+        it 'returns the SP name' do
+          expect(presenter.sp_name).to eq('My Awesome SP')
+        end
+      end
+
+      describe '#sign_in_url' do
+        it 'links to ourselves' do
+          expect(presenter.sign_in_url).to eq(root_url)
+        end
+      end
+    end
+
+    context 'when the service provider does have a return URL' do
+      let(:service_provider) do
+        create(
+          :service_provider,
+          return_to_sp_url: 'https://www.example.com',
+          friendly_name: 'My Awesome SP',
+        )
+      end
+
+      describe '#show_cta?' do
+        it 'is true' do
+          expect(presenter.show_cta?).to eq(true)
+        end
+      end
+
+      describe '#sp_name' do
+        it 'shows the SP name' do
+          expect(presenter.sp_name).to eq('My Awesome SP')
+        end
+      end
+
+      describe '#sign_in_url' do
+        it 'links to the SP' do
+          expect(presenter.sign_in_url).to eq('https://www.example.com')
+        end
+      end
+    end
+  end
+end