Merge branch 'master' into 78699_block_csp_acr

department-of-veterans-affairs · Apr 11, 2024 · dd7ecaf · dd7ecaf
2 parents 38c5545 + 4b09ce3
commit dd7ecaf
Show file tree

Hide file tree

Showing 7 changed files with 33 additions and 24 deletions.
diff --git a/config/settings.yml b/config/settings.yml
@@ -85,6 +85,7 @@ sign_in:
 terms_of_use:
   current_version: v1
   provisioner_cookie_domain: localhost
+  enabled_clients: vaweb, mhv, myvahealth
 
 lockbox:
   master_key: "0d78eaf0e90d4e7b8910c9112e16e66d8b00ec4054a89aa426e32712a13371e9"

diff --git a/lib/pdf_fill/forms/va21p530v2.rb b/lib/pdf_fill/forms/va21p530v2.rb
@@ -270,10 +270,10 @@ class Va21p530v2 < FormBase
           'executor' => {
             key: 'form1[0].#subform[82].CheckboxExecutor[0]'
           },
-          'funeralHome' => {
+          'funeralDirector' => {
             key: 'form1[0].#subform[82].CheckboxFuneralHome[0]'
           },
-          'other' => {
+          'otherFamily' => {
             key: 'form1[0].#subform[82].CheckboxOther[0]'
           }
         },
@@ -702,8 +702,8 @@ def merge_fields(_options = {})
           'child' => select_checkbox(relationship_to_veteran == 'child'),
           'executor' => select_checkbox(relationship_to_veteran == 'executor'),
           'parent' => select_checkbox(relationship_to_veteran == 'parent'),
-          'funeralHome' => select_checkbox(relationship_to_veteran == 'funeralHome'),
-          'other' => select_checkbox(relationship_to_veteran == 'other')
+          'funeralDirector' => select_checkbox(relationship_to_veteran == 'funeralDirector'),
+          'otherFamily' => select_checkbox(relationship_to_veteran == 'otherFamily')
         }
 
         # special case for transportation being the only option selected.

diff --git a/lib/saml/post_url_service.rb b/lib/saml/post_url_service.rb
@@ -114,11 +114,7 @@ def build_sso_url(link_authn_context, authn_con_compare = 'exact')
     end
 
     def enabled_tou_clients
-      if Settings.vsp_environment == 'production'
-        TERMS_OF_USE_ENABLED_CLIENTS
-      else
-        TERMS_OF_USE_ENABLED_CLIENTS_LOWERS
-      end
+      Settings.terms_of_use.enabled_clients.split(',').collect(&:strip)
     end
   end
 end
diff --git a/lib/saml/url_service.rb b/lib/saml/url_service.rb
@@ -25,8 +25,6 @@ class URLService
     WEB_CLIENT_ID = 'web'
     MOBILE_CLIENT_ID = 'mobile'
     UNIFIED_SIGN_IN_CLIENTS = %w[vaweb mhv myvahealth ebenefits vamobile vaoccmobile].freeze
-    TERMS_OF_USE_ENABLED_CLIENTS = %w[].freeze
-    TERMS_OF_USE_ENABLED_CLIENTS_LOWERS = %w[vaweb mhv myvahealth].freeze
     TERMS_OF_USE_DECLINED_PATH = '/terms-of-use/declined'
 
     attr_reader :saml_settings, :session, :user, :authn_context, :type, :query_params, :tracker

diff --git a/spec/controllers/v1/sessions_controller_spec.rb b/spec/controllers/v1/sessions_controller_spec.rb
@@ -502,13 +502,16 @@ def expect_logger_msg(level, msg)
 
       context 'when user has not accepted the current terms of use' do
         let(:user) { build(:user, loa, uuid:, idme_uuid: uuid) }
+        let(:application) { 'some-applicaton' }
 
         before do
           SAMLRequestTracker.create(uuid: login_uuid, payload: { type: 'idme', application: })
         end
 
-        context 'and authentication occurred with a application in TERMS_OF_USE_ENABLED_CLIENTS' do
-          let(:application) { SAML::URLService::TERMS_OF_USE_ENABLED_CLIENTS.first }
+        context 'and authentication occurred with a application in Settings.terms_of_use.enabled_clients' do
+          before do
+            allow(Settings.terms_of_use).to receive(:enabled_clients).and_return(application)
+          end
 
           it 'redirects to terms of use page' do
             expect(call_endpoint).to redirect_to(
@@ -517,8 +520,10 @@ def expect_logger_msg(level, msg)
           end
         end
 
-        context 'and authentication occurred with an application not in TERMS_OF_USE_ENABLED_CLIENTS' do
-          let(:application) { 'foobar' }
+        context 'and authentication occurred with an application not in Settings.terms_of_use.enabled_clients' do
+          before do
+            allow(Settings.terms_of_use).to receive(:enabled_clients).and_return('')
+          end
 
           it 'redirects to expected auth page' do
             expect(call_endpoint).to redirect_to(expected_redirect_url)
@@ -540,13 +545,16 @@ def expect_logger_msg(level, msg)
 
       context 'when user has not accepted the current terms of use' do
         let(:user) { build(:user, loa, uuid:, idme_uuid: uuid) }
+        let(:application) { 'some-applicaton' }
 
         before do
           SAMLRequestTracker.create(uuid: login_uuid, payload: { type: 'idme', application: })
         end
 
-        context 'and authentication occurred with a application in TERMS_OF_USE_ENABLED_CLIENTS' do
-          let(:application) { SAML::URLService::TERMS_OF_USE_ENABLED_CLIENTS.first }
+        context 'and authentication occurred with a application in Settings.terms_of_use.enabled_clients' do
+          before do
+            allow(Settings.terms_of_use).to receive(:enabled_clients).and_return(application)
+          end
 
           it 'redirects to terms of use page' do
             expect(call_endpoint).to redirect_to(
@@ -555,8 +563,10 @@ def expect_logger_msg(level, msg)
           end
         end
 
-        context 'and authentication occurred with an application not in TERMS_OF_USE_ENABLED_CLIENTS' do
-          let(:application) { 'foobar' }
+        context 'and authentication occurred with an application not in Settings.terms_of_use.enabled_clients' do
+          before do
+            allow(Settings.terms_of_use).to receive(:enabled_clients).and_return('')
+          end
 
           it 'redirects to expected auth page' do
             expect(call_endpoint).to redirect_to(expected_redirect_url)

diff --git a/spec/fixtures/pdf_fill/21P-530V2/merge_fields.json b/spec/fixtures/pdf_fill/21P-530V2/merge_fields.json
@@ -68,7 +68,7 @@
     "claimantSocialSecurityNumber":{"first":"987", "second":"65", "third":"4321"},
     "claimantDateOfBirth":{"month":"01", "day":"01", "year":"1960"},
     "formV2":true,
-    "relationshipToVeteran":{"spouse":"On", "child":"Off", "executor":"Off", "parent":"Off", "funeralHome":"Off", "other":"Off"},
+    "relationshipToVeteran":{"spouse":"On", "child":"Off", "executor":"Off", "parent":"Off", "funeralDirector":"Off", "otherFamily":"Off"},
     "privacyAgreementAccepted":true,
     "signature":"test spouse",
     "signatureDate":"2024-03-21",

diff --git a/spec/lib/saml/post_url_service_spec.rb b/spec/lib/saml/post_url_service_spec.rb
@@ -613,8 +613,10 @@
             let(:expected_log_message) { 'Redirecting to /terms-of-use' }
             let(:expected_log_payload) { { type: :ssoe } }
 
-            context 'when tracker application is within TERMS_OF_USE_ENABLED_CLIENTS' do
-              let(:application) { SAML::URLService::TERMS_OF_USE_ENABLED_CLIENTS_LOWERS.first }
+            context 'when tracker application is within Settings.terms_of_use.enabled_clients' do
+              before do
+                allow(Settings.terms_of_use).to receive(:enabled_clients).and_return(application)
+              end
 
               context 'and authentication is occuring on a review instance' do
                 let(:review_instance_slug) { 'some-review-instance-slug' }
@@ -660,8 +662,10 @@
               end
             end
 
-            context 'when tracker application is not within TERMS_OF_USE_ENABLED_CLIENTS' do
-              let(:application) { 'some-application' }
+            context 'when tracker application is not within Settings.terms_of_use.enabled_clients' do
+              before do
+                allow(Settings.terms_of_use).to receive(:enabled_clients).and_return('')
+              end
 
               it 'has a login redirect url with success not embedded in a terms of use page' do
                 expect(subject.terms_of_use_redirect_url)