Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LG-882 Invalid physical mail address #2775

Merged
merged 17 commits into from
Feb 25, 2019
Merged

LG-882 Invalid physical mail address #2775

merged 17 commits into from
Feb 25, 2019

Conversation

stevegsa
Copy link
Contributor

Why: So users can still be verified even after their US postal address is found to be undeliverable.

How: Introduce a new state to the usps screen for sending a letter. This state will be the condition where the letter sent was undeliverable. Add a method to the user decorater which digs into the usps_confirmation_codes for the user's profiles to see if the code was marked by the async undeliverable address notifier process. In that condition the user will receive an email notifying them to sign in to login.gov. When they sign in to login.gov rather than seeing a notification that tells them to enter their code they will see a message telling them their mail was undeliverable and to send a new letter they will need to update their address on file.

Hi! Before submitting your PR for review, and/or before merging it, please
go through the checklists below. These represent the more critical elements
of our code quality guidelines. The rest of the list can be found in
CONTRIBUTING.md

Controllers

  • When adding a new controller that requires the user to be fully
    authenticated, make sure to add before_action :confirm_two_factor_authenticated
    as the first callback.

Database

  • Unsafe migrations are implemented over several PRs and over several
    deploys to avoid production errors. The strong_migrations gem
    will warn you about unsafe migrations and has great step-by-step instructions
    for various scenarios.

  • Indexes were added if necessary. This article provides a good overview
    of indexes in Rails.

  • Verified that the changes don't affect other apps (such as the dashboard)

  • When relevant, a rake task is created to populate the necessary DB columns
    in the various environments right before deploying, taking into account the users
    who might not have interacted with this column yet (such as users who have not
    set a password yet)

  • Migrations against existing tables have been tested against a copy of the
    production database. See LG-228 Make migrations safer and more resilient #2127 for an example when a migration caused deployment
    issues. In that case, all the migration did was add a new column and an index to
    the Users table, which might seem innocuous.

Encryption

  • The changes are compatible with data that was encrypted with the old code.

Routes

  • GET requests are not vulnerable to CSRF attacks (i.e. they don't change
    state or result in destructive behavior).

Session

  • When adding user data to the session, use the user_session helper
    instead of the session helper so the data does not persist beyond the user's
    session.

Testing

  • Tests added for this feature/bug
  • Prefer feature/integration specs over controller specs
  • When adding code that reads data, write tests for nil values, empty strings,
    and invalid inputs.

@stevegsa
Copy link
Contributor Author

stevegsa commented Feb 21, 2019
edited
Loading

Screenshots:

screen shot 2019-02-20 at 11 17 12 pm

screen shot 2019-02-20 at 11 17 46 pm

screen shot 2019-02-20 at 11 18 13 pm

screen shot 2019-02-20 at 11 18 55 pm

screen shot 2019-02-20 at 11 19 21 pm

screen shot 2019-02-21 at 1 36 49 pm

screen shot 2019-02-21 at 1 38 47 pm

screen shot 2019-02-21 at 1 38 02 pm

screen shot 2019-02-20 at 11 23 29 pm

screen shot 2019-02-20 at 11 18 13 pm

screen shot 2019-02-20 at 11 18 55 pm

screen shot 2019-02-20 at 11 19 21 pm

@stevegsa stevegsa force-pushed the stevegsa-bad-mailing-address branch from 36bd021 to c593040 Compare February 21, 2019 16:26
@nickttng
Copy link
Member

nickttng commented Feb 21, 2019
edited
Loading

@stevegsa Two screens for copy updates (see screen images below) for consistency. Let me know if it's not clear

  • When stating "letter," it is the default phrasing referring to the object itself
  • When stating "mail," use as a verb/action only in this case, i.g. "It will be mailed", "They will mail", not as an object, e.g. "Your mail is on its way"

Note: I'm looking at any inconsistency between 'deliver' vs. 'mail'

lg-882-01
lg-882-02

cpbgsa
cpbgsa previously approved these changes Feb 21, 2019
View reviewed changes
Copy link
Contributor

@cpbgsa cpbgsa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to add proper translations for the French and Spanish messages.

@jmhooper
Copy link
Member

We also definitely need some feature level tests for this.

@stevegsa
Copy link
Contributor Author

Thanks for the feedback. The screenshots have been updated for your review. Working on finishing the code/functionality and specs now.

@stevegsa stevegsa force-pushed the stevegsa-bad-mailing-address branch from ae1d860 to 3b38fa3 Compare February 22, 2019 06:14
@stevegsa stevegsa requested a review from jmhooper February 22, 2019 15:14
@stevegsa
LG-882 Invalid physical mail address
15e2d5e 
**Why**: So users can still be verified even after their US postal address is found to be undeliverable.

**How**: Introduce a new state to the usps screen for sending a letter.  This state will be the condition where the letter sent was undeliverable.  Add a method to the user decorater which digs into the usps_confirmation_codes for the user's profiles to see if the code was marked by the async undeliverable address notifier process.  In that condition the user will receive an email notifying them to sign in to login.gov.  When they sign in to login.gov rather than seeing a notification that tells them to enter their code they will see a message telling them their mail was undeliverable and to send a new letter they will need to update their address on file.
@stevegsa
Fix spec
78eee71
@stevegsa
Fix spec 2
e9ba21a
@stevegsa
Update address
9a1297d
@stevegsa
Update mail w/link; add translations
02a2104
@stevegsa
Controller spec
0581859
@stevegsa
Update pii
6e49a6d
@stevegsa
Added feature spec
3b0f036
@stevegsa
Cover fail state
643145b
@stevegsa
Added throttling and reused fail state screens
76ff3c2
@stevegsa
Typo
504952a
@stevegsa
I18n unused
0cf60cc
@stevegsa
Fix url check
cebbc7a
@stevegsa
Throttling on usps
275bdee
@stevegsa stevegsa force-pushed the stevegsa-bad-mailing-address branch from 8c802a8 to 275bdee Compare February 25, 2019 02:41
jmhooper
jmhooper reviewed Feb 25, 2019
View reviewed changes
app/controllers/idv/usps_controller.rb
@@ -1,11 +1,13 @@
# :reek:TooManyMethods
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This controller has gotten to almost 160 lines, which to me looks like a signal that some of this should be moved into a service

app/services/idv/steps/doc_auth_base_step.rb
@@ -27,7 +27,18 @@ def simulate?
Figaro.env.acuant_simulator == 'true'
end

delegate :idv_session, to: :@context
def attempter
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This diff is pretty heavy. I think including changes like this, which aren't totally necessary for the change on the table in a separate PR would help slim things down and make this easier to review in the future.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You said you would not approve it without the throttling.

@jmhooper jmhooper force-pushed the stevegsa-bad-mailing-address branch from b48562b to bb44bcb Compare February 25, 2019 15:58
@stevegsa stevegsa merged commit a7811dc into master Feb 25, 2019
cpbgsa pushed a commit that referenced this pull request Mar 5, 2019
@stevegsa @clarabridges
LG-882 Invalid physical mail address (#2775)
9377f17 
* LG-882 Invalid physical mail address

**Why**: So users can still be verified even after their US postal address is found to be undeliverable.

**How**: Introduce a new state to the usps screen for sending a letter.  This state will be the condition where the letter sent was undeliverable.  Add a method to the user decorater which digs into the usps_confirmation_codes for the user's profiles to see if the code was marked by the async undeliverable address notifier process.  In that condition the user will receive an email notifying them to sign in to login.gov.  When they sign in to login.gov rather than seeing a notification that tells them to enter their code they will see a message telling them their mail was undeliverable and to send a new letter they will need to update their address on file.
@amathews-fs amathews-fs deleted the stevegsa-bad-mailing-address branch January 7, 2021 18:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmhooper jmhooper jmhooper approved these changes

@cpbgsa cpbgsa cpbgsa left review comments

Assignees
No one assigned
Labels
status - ready for review status - required for release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@stevegsa @nickttng @jmhooper @cpbgsa