-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
LG-10275 Integrate personal key features specs into end_to_end_idv feature specs #9336
LG-10275 Integrate personal key features specs into end_to_end_idv feature specs #9336
Conversation
Since feature specs run slowly, it's better to check assertions as part of a single longer spec rather than restart identity verification over and over. This removes several long-running feature specs from the test suite. [skip changelog]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 馃憤
) | ||
expect(page).not_to have_content(t('step_indicator.flows.idv.get_a_letter')) | ||
|
||
# Refreshing shows same page (BUT with new personal key, we should warn the user) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this suggesting that the personal key is being regenerated each time? That would be surprising to me.
Is it not pulling from the idv_session
here then?
identity-idp/app/controllers/idv/personal_key_controller.rb
Lines 72 to 74 in ee5275c
def personal_key | |
idv_session.personal_key || generate_personal_key | |
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Huh, I didn't realize idv_session
had a personal_key
property. It's never set (except in specs). That would be an easy fix, if it's legit for security reasons to save a personal key in session. I made the comment because I've seen the behavior - it does regenerate a new key each time currently.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have LG-11221 to fix this, and I just added a comment with what you pointed out, thanks.
* LG-11082 Add Conditional Text To FullAddressSearch Component (#9331) * Add conditional text to view * add new tests * Add period to display text * package version increase from 3.1.0 to 3.1.1 * fix linter errors * changelog: Upcoming feature, USPS Full Address Search, Added conditional logic to display/hide text on the Find a participating Post Office view that will display in Help Center only * Integrate personal key feature specs into end_to_end_idv feature specs (#9336) Since feature specs run slowly, it's better to check assertions as part of a single longer spec rather than restart identity verification over and over. This removes several long-running feature specs from the test suite. [skip changelog] * Update specs to initialize session as HashWithIndifferentAccess (#9347) changelog: Internal, Automated Testing, Improve accuracy of session stubbing in tests * Change `<b>` tags to `<strong>` for better accessibility and code consistency (#9349) * Change `<b>` tags to `<strong>` for better accessibility and code consistency changelog: User-facing Improvements, Accessibility, Use strong html tag instead of b for emphasis * Enable RSpec/LeakyConstantDeclaration rubocop (#9348) * Enable RSpec/LeakyConstantDeclaration rubocop changelog: Internal, Source code, Enable RSpec rubocop * Use let instead of defining new class --------- Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov> * Sync TypeScript-ESLint versions (#9352) changelog: Internal, Dependencies, Update dependencies to their latest versions * LG-10037: display warning banner on gpo welcome back page if number of gpo letter requests exceeded (#9303) * display warning banner on gpo welcome back page if gpo letter requests are spammed changelog: User-Facing Improvements, Identity Verification, display warning banner if user has sent max letter requests within a time window * handle if user has no gpo confirmatio codes * Update app/views/idv/by_mail/enter_code/index.html.erb Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> * tests for alert banner for spammed gpo requesets * happy linting * fix extra space in alert_spam_warning_html i18n * happy linting * lintfix i18n * lint line too long * js tag removal from alert gpo spam banner spec * integrate warning alert banner for spammed gpo letter requests into existing tests * refactor test for gpo spam warning banner * happy linting * create before action to remove test order dependency * happy linting * define gpo_verification_enabled in review app * define gpo_verification_enabled in review app --------- Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> * Upgrade to Rails 7.1 (#9333) * fix otp missing translations * rails 7.1 changelog: Internal, Dependencies, Upgrade to Rails 7.1 * fix untranslated webauthn verification * LG-10837: Add New Piv Cac Logging for login visited (#9294) * changelog: Internal Fixes, Authentication LG-10837: Piv Cac Logging fixes * changelog: Internal, Authentication, Add Login visited for pivcac/change logging names to be uniform * uniform spec test * fix naming convention for piv cac * update rspec * add previous name * Add lint check for reasonable asset bundle sizes (#9353) * Add lint check for reasonable asset bundle sizes changelog: Internal, Automated Testing, Add test for reasonable asset bundle size * TEMPORARY: Revert "Fix JavaScript dead code elimination (#9217)" This reverts commit 0fcc3a7. * Revert "TEMPORARY: Revert "Fix JavaScript dead code elimination (#9217)"" This reverts commit af166f2. * Update changelog script to reflect non-security Dependabot usage (#9354) changelog: Internal, Changelog, Update changelog script to reflect non-security Dependabot usage * Revert "Upgrade to Rails 7.1 (#9333)" (#9356) This reverts commit f9a0cd0. * LG-10812 | Report on all-time user count (#9350) changelog: Internal, Reporting, Monthly report includes all-time user count * Reorganize combined invoice report for easier manual runs (#9358) changelog: Internal, Reporting, Reorganize combined-invoice-supplement-report * Exclude 'IRS Attempt API: Event metadata' events from log results (#9360) changelog: Internal, Data Requests, Exclude 'IRS Attempt API: Event metadata' events from log results * Remove Guardfile, guard dependencies (#9364) changelog: Internal, Dependencies, Remove unused testing dependencies * LG-11066 Do not redirect users at the phone step unless they are phone and address rate limited (#9345) Users are being rate limited and encounting the phone error screen even if they can still verify by mail. This commit changes the rate limit logic to allow users to proceed to the phone step if they can still verify their phone or complete verification by mail. A side-effect of this change is a bug is fixed where the following situation would exist: 1. A user proofed by mail after exhausting phone attempts 2. The user goes to GPO entry and chooses to cancel and start over 3. The user is redirected to the welcome step to start over 4. The welcome step before action observes the user is phone rate limited and sends the user to the phone errors controller 5. The phone errors controller has a before action to confirm the user has completed the phone errors step; the user has not since in this session so they are redirected to the welcome step 6. Steps 4 and 5 complete until there are too many redirects [skip changelog] Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov> --------- Co-authored-by: gina-yamada <125507397+gina-yamada@users.noreply.github.com> Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov> Co-authored-by: Amir Reavis-Bey <amir.reavis-bey@gsa.gov> Co-authored-by: Malick Diarra <malick.diarra@gsa.gov> Co-authored-by: Matt Wagner <mattwagner@navapbc.com> Co-authored-by: Jonathan Hooper <jonathan.hooper@gsa.gov>
馃帿 Ticket
LG-10275
馃洜 Summary of changes
confirmation_step_spec tests the Personal Key page. These assertions can be tested as part of the two specs in end_to_end_idv_spec.
Since feature specs run slowly, it's better to check assertions as part of a single longer spec rather than restart identity verification over and over. This removes six long-running feature specs from the test suite.
馃摐 Testing Plan
Let CI run specs