department-of-veterans-affairs · rockwellwindsor-va · Dec 12, 2024 · Dec 9, 2024 · Dec 9, 2024 · Dec 9, 2024
@@ -25,7 +25,7 @@ def perform(power_of_attorney_id, rep = nil)
 
         ClaimsApi::VANotifyAcceptedJob.perform_async(poa_form.id, rep) if vanotify?(poa_form.auth_headers, rep)
 
-        ClaimsApi::PoaVBMSUpdater.perform_async(poa_form.id) if enable_vbms_access?(poa_form:)
+        ClaimsApi::PoaVBMSUpdater.perform_async(poa_form.id)
       else
         poa_form.status = ClaimsApi::PowerOfAttorney::ERRORED
         poa_form.vbms_error_message = "BGS Error: update_birls_record failed with code #{response[:return_code]}"

@@ -15,11 +15,13 @@ def perform(power_of_attorney_id) # rubocop:disable Metrics/MethodLength
         'poa_vbms_updater',
         poa_id: power_of_attorney_id,
         detail: 'Updating Access',
-        poa_code:
+        poa_code:,
+        allow_poa_access: enable_vbms_access?(poa_form:),
+        allow_poa_c_add: allow_address_change?(poa_form)
       )
 
       response = update_poa_access(poa_form:, participant_id: poa_form.auth_headers['va_eauth_pid'],
-                                   poa_code:, allow_poa_access: 'y')
+                                   poa_code:)
 
       if response[:return_code] == 'GUIE50000'
         poa_form.status = ClaimsApi::PowerOfAttorney::UPDATED
@@ -47,26 +49,19 @@ def allow_address_change?(poa_form)
       poa_form.form_data['consentAddressChange']
     end
 
-    def update_poa_access(poa_form:, participant_id:, poa_code:, allow_poa_access:)
+    def update_poa_access(poa_form:, participant_id:, poa_code:)
       # allow_poa_c_add reports 'No Data' if sent lowercase
-      if Flipper.enabled? :claims_api_poa_vbms_updater_uses_local_bgs
-        service = corporate_update_service
-        response = service.update_poa_access(
-          participant_id:,
-          poa_code:,
-          allow_poa_access:,
-          allow_poa_c_add: allow_address_change?(poa_form) ? 'Y' : 'N'
-        )
-      else
-        service = bgs_ext_service
-        response = service.corporate_update.update_poa_access(
-          participant_id:,
-          poa_code:,
-          allow_poa_access:,
-          allow_poa_c_add: allow_address_change?(poa_form) ? 'Y' : 'N'
-        )
-      end
-      response
+      service = if Flipper.enabled? :claims_api_poa_vbms_updater_uses_local_bgs
+                  corporate_update_service
+                else
+                  bgs_ext_service.corporate_update
+                end
+      service.update_poa_access(
+        participant_id:,
+        poa_code:,
+        allow_poa_access: enable_vbms_access?(poa_form:) ? 'Y' : 'N',
+        allow_poa_c_add: allow_address_change?(poa_form) ? 'Y' : 'N'
+      )
     end
 
     def corporate_update_service

@@ -119,7 +119,8 @@ def set_evss_response(auto_claim, error)
     end
 
     def enable_vbms_access?(poa_form:)
-      poa_form.form_data['recordConsent'] && poa_form.form_data['consentLimits'].blank?
+      record_consent = poa_form.form_data['recordConsent']
+      record_consent.present? && record_consent && poa_form.form_data['consentLimits'].blank?
     end
 
     def set_vbms_error_message(poa, error)

@@ -6,7 +6,7 @@ def bean_name
       'CorporateUpdateServiceBean/CorporateUpdateWebService'
     end
 
-    def update_poa_access(participant_id:, poa_code:, allow_poa_access: 'y', allow_poa_c_add: 'Y')
+    def update_poa_access(participant_id:, poa_code:, allow_poa_access: 'Y', allow_poa_c_add: 'Y')
       body = Nokogiri::XML::DocumentFragment.parse <<~EOXML
         <ptcpntId>#{participant_id}</ptcpntId>
         <poa>#{poa_code}</poa>

@@ -65,38 +65,6 @@
         expect(poa.status).to eq('updated')
       end
     end
-
-    context 'and record consent is not granted' do
-      context "because 'recordConsent' is false" do
-        it "updates the form's status but does not create a 'ClaimsApi::PoaVBMSUpdater' job" do
-          create_mock_lighthouse_service
-          expect(ClaimsApi::PoaVBMSUpdater).not_to receive(:perform_async)
-
-          poa = create_poa
-          poa.form_data.merge!({ recordConsent: false, consentLimits: [] })
-          poa.save!
-
-          subject.new.perform(poa.id)
-          poa.reload
-          expect(poa.status).to eq('updated')
-        end
-      end
-
-      context "because a limitation exists in 'consentLimits'" do
-        it "updates the form's status but does not create a 'ClaimsApi::PoaVBMSUpdater' job" do
-          create_mock_lighthouse_service
-          expect(ClaimsApi::PoaVBMSUpdater).not_to receive(:perform_async)
-
-          poa = create_poa
-          poa.form_data.merge!({ recordConsent: true, consentLimits: %w[ALCOHOLISM] })
-          poa.save!
-
-          subject.new.perform(poa.id)
-          poa.reload
-          expect(poa.status).to eq('updated')
-        end
-      end
-    end
   end
 
   context "when call to BGS 'update_birls_record' fails" do

@@ -9,15 +9,17 @@
   [true, false].each do |flipped|
     before do
       Sidekiq::Job.clear_all
-
-      if flipped
-        Flipper.enable(:claims_api_poa_vbms_updater_uses_local_bgs)
-        @clazz = ClaimsApi::CorporateUpdateWebService
-
-      else
-        Flipper.disable(:claims_api_poa_vbms_updater_uses_local_bgs)
-        @clazz = BGS::Services
-      end
+      allow(Flipper).to receive(:enabled?).with(:claims_api_poa_vbms_updater_uses_local_bgs).and_return(flipped)
+      @clazz = if flipped
+                 ClaimsApi::CorporateUpdateWebService
+               else
+                 BGS::Services
+               end
+      @corporate_update_stub = if flipped
+                                 @clazz.new(external_uid: 'uid', external_key: 'key')
+                               else
+                                 @clazz.new(external_uid: 'uid', external_key: 'key').corporate_update
+                               end
     end
 
     let(:user) { FactoryBot.create(:user, :loa3) }
@@ -32,7 +34,7 @@
       let(:consent_address_change) { true }
 
       it 'updates a the BIRLS record for a qualifying POA submittal' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service
         subject.new.perform(poa.id)
       end
@@ -43,7 +45,7 @@
       let(:consent_address_change) { false }
 
       it 'updates a the BIRLS record for a qualifying POA submittal' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service
         subject.new.perform(poa.id)
       end
@@ -54,7 +56,7 @@
       let(:consent_address_change) { nil }
 
       it 'updates a the BIRLS record for a qualifying POA submittal' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service
         subject.new.perform(poa.id)
       end
@@ -65,7 +67,7 @@
       let(:consent_address_change) { true }
 
       it 'marks the form as errored' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service_bgs_failure # API-31645 real life example
         subject.new.perform(poa.id)
 
@@ -80,7 +82,7 @@
       let(:consent_address_change) { true }
 
       it 'logs to the ClaimsApi Logger' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         error_msg = 'An error occurred for the POA VBMS Updater Job'
         msg = { 'args' => [poa.id],
                 'class' => subject,
@@ -100,26 +102,26 @@
 
   private
 
-  def create_poa
+  def create_poa(allow_poa_access: true)
     poa = create(:power_of_attorney)
     poa.auth_headers = auth_headers
     if consent_address_change.present?
       poa.form_data = poa.form_data.merge('consentAddressChange' => consent_address_change)
     end
+    poa.form_data = poa.form_data.merge('recordConsent' => allow_poa_access)
     poa.save
     poa
   end
 
   def create_mock_lighthouse_service
-    corporate_update_stub = @clazz.new(external_uid: 'uid', external_key: 'key').corporate_update
-    expect(corporate_update_stub).to receive(:update_poa_access).with(
+    expect(@corporate_update_stub).to receive(:update_poa_access).with(
       participant_id: user.participant_id,
       poa_code: '074',
-      allow_poa_access: 'y',
+      allow_poa_access: 'Y',
       allow_poa_c_add:
     ).and_return({ return_code: 'GUIE50000' })
     service_double = instance_double('BGS::Services')
-    expect(service_double).to receive(:corporate_update).and_return(corporate_update_stub)
+    expect(service_double).to receive(:corporate_update).and_return(@corporate_update_stub)
     expect(BGS::Services).to receive(:new).and_return(service_double)
   end
 
@@ -130,7 +132,7 @@ def create_mock_lighthouse_service_bgs_failure
         .with(
           participant_id: user.participant_id,
           poa_code: '074',
-          allow_poa_access: 'y',
+          allow_poa_access: 'Y',
           allow_poa_c_add:
         ).and_return({ return_code: 'GUIE50000' })
       corporate_update_stub

@@ -34,6 +34,13 @@
     claim
   end
 
+  let(:poa) do
+    poa = create(:power_of_attorney)
+    poa.auth_headers = auth_headers
+    poa.save
+    poa
+  end
+
   before do
     @service = described_class.new
   end
@@ -98,6 +105,44 @@
     end
   end
 
+  describe '#enable_vbms_access?' do
+    context 'denies eFolder access' do
+      it 'if recordConsent is set to false' do
+        poa.form_data = poa.form_data.merge('recordConsent' => false)
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(false)
+      end
+
+      it 'if recordConsent is not present' do
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(false)
+      end
+
+      it 'if consentLimits are present' do
+        poa.form_data = poa.form_data.merge('recordConsent' => true)
+        poa.form_data = poa.form_data.merge('consentLimits' => ['HIV'])
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(false)
+      end
+    end
+
+    context 'allows eFolder access' do
+      it 'if recordConsent is set to true' do
+        poa.form_data = poa.form_data.merge('recordConsent' => true)
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(true)
+      end
+    end
+  end
+
   describe '#will_retry?' do
     it 'retries for a header.va_eauth_birlsfilenumber error' do
       body = [{ key: 'header.va_eauth_birlsfilenumber', severity: 'ERROR', text: 'Size must be between 8 and 9' }]