Merge branch 'master' into mhv-54372-remove-556-transition-feature-flag

department-of-veterans-affairs · Mar 25, 2024 · af57b3a · af57b3a
2 parents 8217ee8 + 2e24c78
commit af57b3a
Show file tree

Hide file tree

Showing 182 changed files with 4,246 additions and 1,395 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -661,6 +661,7 @@ config/form_profile_mappings/20-0995.yml @department-of-veterans-affairs/Benefit
 config/form_profile_mappings/20-0996.yml @department-of-veterans-affairs/Benefits-Team-1 @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 config/form_profile_mappings/21-526EZ.yml @department-of-veterans-affairs/Disability-Experience @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 config/form_profile_mappings/21-686C.yml @department-of-veterans-affairs/Disability-Experience @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
+config/form_profile_mappings/21P-527EZ.yml @department-of-veterans-affairs/pensions @department-of-veterans-affairs/backend-review-group
 config/form_profile_mappings/21P-530.yml @department-of-veterans-affairs/Benefits-Team-1 @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 config/form_profile_mappings/22-0993.yml @department-of-veterans-affairs/govcio-vfep-codereviewers @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 config/form_profile_mappings/22-0994.yml @department-of-veterans-affairs/my-education-benefits @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group

diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
@@ -183,7 +183,7 @@ Lint/ConstantDefinitionInBlock:
   Exclude:
     - 'app/policies/mhv_health_records_policy.rb'
     - 'app/policies/mhv_medical_records_policy.rb'
-    - 'app/policies/mhv_messaging_policy.rb'
+    - 'app/policies/legacy_mhv_messaging_policy.rb'
     - 'app/policies/mhv_prescriptions_policy.rb'
     - 'config/initializers/flipper.rb'
     - 'config/initializers/zcta.rb'

diff --git a/Dangerfile b/Dangerfile
@@ -191,11 +191,11 @@ module VSPDanger
   end
 
   class MigrationIsolator
+    DB_PATHS = ['db/migrate/', 'db/schema.rb'].freeze
+    SEEDS_PATHS = ['db/seeds/', 'db/seeds.rb'].freeze
+
     def run
-      if files.any? { |file| file.include? 'db/' } && !files.all? { |file| file.include? 'db/' }
-        # one of the changed files was in 'db/' but not all of them
-        return Result.error(error_message)
-      end
+      return Result.error(error_message) if db_files.any? && app_files.any?
 
       Result.success('All set.')
     end
@@ -204,7 +204,7 @@ module VSPDanger
 
     def error_message
       <<~EMSG
-        Modified files in `db/` should be the only files checked into this PR.
+        Modified files in `db/migrate` or `db/schema.rb` changes should be the only files checked into this PR.
 
         <details>
           <summary>File Summary</summary>
@@ -227,11 +227,15 @@ module VSPDanger
     end
 
     def app_files
-      files - db_files
+      files - db_files - seed_files
     end
 
     def db_files
-      files.select { |file| file.include? 'db/' }
+      files.select { |file| DB_PATHS.any? { |db_path| file.include?(db_path) } }
+    end
+
+    def seed_files
+      files.select { |file| SEEDS_PATHS.any? { |seed_path| file.include?(seed_path) } }
     end
 
     def files

diff --git a/Gemfile b/Gemfile
@@ -112,7 +112,6 @@ gem 'okcomputer'
 gem 'olive_branch'
 gem 'operating_hours'
 gem 'ox'
-gem 'paper_trail'
 gem 'parallel'
 gem 'pdf-forms'
 gem 'pdf-reader'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -73,10 +73,10 @@ GIT
 
 GIT
   remote: https://github.com/department-of-veterans-affairs/vets-json-schema
-  revision: eca6b94ff130705ef960549b236892d00601f1da
+  revision: d6918c7e0dce104ae9b06382a44df5deb56e2adf
   branch: master
   specs:
-    vets_json_schema (21.1.2)
+    vets_json_schema (21.5.2)
       multi_json (~> 1.0)
       script_utils (= 0.0.4)
 
@@ -119,7 +119,6 @@ PATH
     va_forms (0.0.1)
       faraday
       nokogiri
-      paper_trail
       sidekiq
     va_notify (0.1.0)
     vaos (0.1.0)
@@ -283,7 +282,7 @@ GEM
       bundler (>= 1.2.0, < 3)
       thor (~> 1.0)
     byebug (11.1.3)
-    carrierwave (3.0.6)
+    carrierwave (3.0.7)
       activemodel (>= 6.0.0)
       activesupport (>= 6.0.0)
       addressable (~> 2.6)
@@ -604,7 +603,7 @@ GEM
       ffi (~> 1.0)
     libddwaf (1.14.0.0.0-x86_64-linux)
       ffi (~> 1.0)
-    liquid (5.4.0)
+    liquid (5.5.0)
     listen (3.8.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
@@ -690,10 +689,7 @@ GEM
     operating_hours (0.1.0)
     optimist (3.1.0)
     os (1.1.4)
-    ox (2.14.17)
-    paper_trail (15.1.0)
-      activerecord (>= 6.1)
-      request_store (~> 1.4)
+    ox (2.14.18)
     parallel (1.24.0)
     parallel_tests (4.5.2)
       parallel
@@ -1185,7 +1181,6 @@ DEPENDENCIES
   olive_branch
   operating_hours
   ox
-  paper_trail
   parallel
   parallel_tests
   pdf-forms

diff --git a/app/controllers/concerns/sentry_controller_logging.rb b/app/controllers/concerns/sentry_controller_logging.rb
@@ -32,9 +32,10 @@ def user_context
   def tags_context
     { controller_name: }.tap do |tags|
       if current_user.present?
-        tags[:sign_in_method] = current_user.identity.sign_in[:service_name]
+        sign_in = current_user.respond_to?(:identity) ? current_user.identity.sign_in : current_user.sign_in
+        tags[:sign_in_method] = sign_in[:service_name]
         # account_type is filtered by sentry, becasue in other contexts it refers to a bank account type
-        tags[:sign_in_acct_type] = current_user.identity.sign_in[:account_type]
+        tags[:sign_in_acct_type] = sign_in[:account_type]
       else
         tags[:sign_in_method] = 'not-signed-in'
       end

diff --git a/app/controllers/sm_controller.rb b/app/controllers/sm_controller.rb
@@ -14,7 +14,7 @@ def client
   end
 
   def authorize
-    raise_access_denied unless current_user.authorize(:mhv_messaging, :access?)
+    raise_access_denied unless current_user.authorize(:legacy_mhv_messaging, :access?)
   end
 
   def raise_access_denied

diff --git a/app/controllers/v0/financial_status_reports_controller.rb b/app/controllers/v0/financial_status_reports_controller.rb
@@ -146,6 +146,8 @@ def fsr_form
           :debt_type,
           :deduction_code,
           :p_h_amt_due,
+          :p_h_dfn_number,
+          :p_h_cerner_patient_id,
           :resolution_comment,
           :resolution_option,
           { station: [:facilit_y_num] }

diff --git a/app/controllers/v0/ppiu_controller.rb b/app/controllers/v0/ppiu_controller.rb
@@ -5,11 +5,22 @@
 module V0
   class PPIUController < ApplicationController
     service_tag 'direct-deposit'
+    before_action :controller_enabled?
     before_action { authorize :evss, :access? }
     before_action { authorize :ppiu, :access? }
     before_action :validate_pay_info, only: :update
     before_action(only: :update) { authorize(:ppiu, :access_update?) }
 
+    def controller_enabled?
+      if Flipper.enabled?(:profile_ppiu_reject_requests, @current_user)
+        message = 'EVSS PPIU endpoint is being deprecated. Please contact the ' \
+                  'Authenticated Experience team with any questions or use the ' \
+                  "'/v0/profile/direct_deposits/disability_compensations' endpoint instead."
+
+        raise Common::Exceptions::Forbidden, detail: message
+      end
+    end
+
     def index
       response = service.get_payment_information
       render json: response,

diff --git a/app/controllers/v0/sign_in_controller.rb b/app/controllers/v0/sign_in_controller.rb
@@ -318,10 +318,8 @@ def create_login_code(state_payload, user_info, credential_level) # rubocop:disa
       user_attributes = auth_service(state_payload.type,
                                      state_payload.client_id).normalized_attributes(user_info, credential_level)
       verified_icn = SignIn::AttributeValidator.new(user_attributes:).perform
-      user_code_map = SignIn::UserCreator.new(user_attributes:,
-                                              state_payload:,
-                                              verified_icn:,
-                                              request_ip: request.ip).perform
+      user_code_map = create_user_code_map(user_attributes, state_payload, verified_icn, request.remote_ip)
+
       context = {
         type: state_payload.type,
         client_id: state_payload.client_id,
@@ -347,6 +345,16 @@ def create_login_code(state_payload, user_info, credential_level) # rubocop:disa
              content_type: 'text/html'
     end
 
+    def create_user_code_map(user_attributes, state_payload, verified_icn, request_ip)
+      klass = if state_payload.client_id == Settings.sign_in.arp_client_id
+                AccreditedRepresentativePortal::RepresentativeUserCreator
+              else
+                SignIn::UserCreator
+              end
+
+      klass.new(user_attributes:, state_payload:, verified_icn:, request_ip:).perform
+    end
+
     def refresh_token_param
       params[:refresh_token] || token_cookies[SignIn::Constants::Auth::REFRESH_TOKEN_COOKIE_NAME]
     end

diff --git a/app/models/form526_submission.rb b/app/models/form526_submission.rb
@@ -6,10 +6,80 @@
 
 class Form526Submission < ApplicationRecord
   extend Logging::ThirdPartyTransaction::MethodWrapper
-
+  include AASM
   include SentryLogging
   include Form526ClaimFastTrackingConcern
 
+  # Documentation:
+  # https://github.com/department-of-veterans-affairs/va.gov-team/blob/master/products/disability/526ez/implementation/form_526_state_machine.md
+  aasm do
+    after_all_transitions :log_status_change
+
+    state :unprocessed, initial: true
+    state :delivered_to_primary, :failed_primary_delivery, :rejected_by_primary,
+          :delivered_to_backup, :failed_backup_delivery, :rejected_by_backup,
+          :in_remediation, :finalized_as_successful, :unprocessable
+
+    # - a submission has been delivered to our happy path
+    # - requires polling to finalize
+    event :deliver_to_primary do
+      transitions to: :delivered_to_primary
+    end
+
+    # - submission failed delivery to primary path for any reason
+    # - requires backup submission or remediation
+    event :fail_primary_delivery do
+      transitions to: :failed_primary_delivery
+    end
+
+    # - a successfully delivered submission has failed 3rd party validations on primary path
+    # - requires backup submission or remediation
+    event :reject_from_primary do
+      transitions to: :rejected_by_primary
+    end
+
+    # - a submission has been delivered to our backup path
+    # - requires polling to finalize
+    event :deliver_to_backup do
+      transitions to: :delivered_to_backup
+    end
+
+    # - a submission has failed to be delivered to our backup path
+    # - requires remediation
+    event :fail_backup_delivery do
+      transitions to: :failed_backup_delivery
+    end
+
+    # - a successfully delivered submission has failed 3rd party validations on backup path
+    # - requires remediation
+    event :reject_from_backup do
+      transitions to: :failed_backup_delivery
+    end
+
+    # - Submission has entered a manual remediation flow, e.g. failsafe, paper submission
+    # - requires confirmation of success, e.g. polling or manual confirmation via audit
+    event :begin_remediation do
+      transitions to: :in_remediation
+    end
+
+    # TODO: add this transition when we add 526 completion polling
+    # - The only state that means we no longer own completion of this submission
+    # - There is nothing more to do.  E.G.
+    #   - VBMS has accepted and returned the applicable status to us via
+    #     lighthouse benefits intack API
+    #   - Manual remediation has been confirmed successful
+    #   - EVSS has received this submission and now owns it
+    event :finalize_success do
+      transitions to: :finalized_as_successful
+    end
+
+    # - a submission should be ignored
+    # - we probably want to avoid using this state
+    event :mark_as_unprocessable do
+      transitions to: :unprocessable
+    end
+  end
+
   wrap_with_logging(:start_evss_submission_job,
                     :enqueue_backup_submission,
                     :submit_form_4142,
@@ -47,7 +117,6 @@ class Form526Submission < ApplicationRecord
   #   @return [Timestamp] created at date.
   # @!attribute updated_at
   #   @return [Timestamp] updated at date.
-  #
   has_kms_key
   has_encrypted :auth_headers_json, :birls_ids_tried, :form_json, key: :kms_key, **lockbox_options
 
@@ -60,6 +129,16 @@ class Form526Submission < ApplicationRecord
 
   validates(:auth_headers_json, presence: true)
 
+  def log_status_change
+    log_hash = {
+      form_submission_id: id,
+      from_state: aasm.from_state,
+      to_state: aasm.to_state,
+      event: aasm.current_event
+    }
+    Rails.logger.info(log_hash)
+  end
+
   FORM_526 = 'form526'
   FORM_526_UPLOADS = 'form526_uploads'
   FORM_4142 = 'form4142'

diff --git a/app/models/messaging_preference.rb b/app/models/messaging_preference.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require 'common/models/base'
-require 'evss/pciu/email_address'
+require 'va_profile/models/email'
 
 # Secure Messaging Notification Preference Model
 class MessagingPreference < Common::Base
@@ -25,7 +25,7 @@ class MessagingPreference < Common::Base
   validates(
     :email_address,
     presence: true,
-    format: { with: EVSS::PCIU::EmailAddress::VALID_EMAIL_REGEX },
+    format: { with: VAProfile::Models::Email::VALID_EMAIL_REGEX },
     length: { maximum: 255, minimum: 6 }
   )
 

diff --git a/app/models/prescription_preference.rb b/app/models/prescription_preference.rb
@@ -1,8 +1,7 @@
 # frozen_string_literal: true
 
 require 'common/models/base'
-require 'evss/pciu/email_address'
-
+require 'va_profile/models/email'
 ##
 # Models Prescription notification preference
 #
@@ -21,7 +20,7 @@ class PrescriptionPreference < Common::Base
   validates(
     :email_address,
     presence: true,
-    format: { with: EVSS::PCIU::EmailAddress::VALID_EMAIL_REGEX },
+    format: { with: VAProfile::Models::Email::VALID_EMAIL_REGEX },
     length: { maximum: 255, minimum: 6 }
   )
 

diff --git a/app/models/saved_claim.rb b/app/models/saved_claim.rb
@@ -102,6 +102,10 @@ def update_form(key, value)
     self.form = JSON.generate(application)
   end
 
+  def business_line
+    ''
+  end
+
   private
 
   def attachment_keys

diff --git a/app/models/saved_claim/burial.rb b/app/models/saved_claim/burial.rb
@@ -24,4 +24,8 @@ def attachment_keys
   def email
     parsed_form['claimantEmail']
   end
+
+  def business_line
+    'NCA'
+  end
 end
diff --git a/app/models/saved_claim/education_career_counseling_claim.rb b/app/models/saved_claim/education_career_counseling_claim.rb
@@ -29,4 +29,8 @@ def process_attachments!
 
     CentralMail::SubmitSavedClaimJob.new.perform(id)
   end
+
+  def business_line
+    'EDU'
+  end
 end
-Original file line number
+Diff line change
@@ Expand Up / @@ -102,6 +102,10 @@ def update_form(key, value) @@
         self.form = JSON.generate(application)
       end
+      def business_line
+        ''
+      end
       private
       def attachment_keys
@@ Expand Down @@