department-of-veterans-affairs · rockwellwindsor-va · Dec 12, 2024 · Dec 9, 2024 · Dec 9, 2024 · Dec 9, 2024
@@ -25,7 +25,7 @@ def perform(power_of_attorney_id, rep = nil)
 
         ClaimsApi::VANotifyAcceptedJob.perform_async(poa_form.id, rep) if vanotify?(poa_form.auth_headers, rep)
 
-        ClaimsApi::PoaVBMSUpdater.perform_async(poa_form.id) if enable_vbms_access?(poa_form:)
+        ClaimsApi::PoaVBMSUpdater.perform_async(poa_form.id)
       else
         poa_form.status = ClaimsApi::PowerOfAttorney::ERRORED
         poa_form.vbms_error_message = "BGS Error: update_birls_record failed with code #{response[:return_code]}"

@@ -15,11 +15,13 @@ def perform(power_of_attorney_id) # rubocop:disable Metrics/MethodLength
         'poa_vbms_updater',
         poa_id: power_of_attorney_id,
         detail: 'Updating Access',
-        poa_code:
+        poa_code:,
+        allow_poa_access: enable_vbms_access?(poa_form:),
+        allow_poa_c_add: allow_address_change?(poa_form)
       )
 
       response = update_poa_access(poa_form:, participant_id: poa_form.auth_headers['va_eauth_pid'],
-                                   poa_code:, allow_poa_access: 'y')
+                                   poa_code:, allow_poa_access: enable_vbms_access?(poa_form:))
 
       if response[:return_code] == 'GUIE50000'
         poa_form.status = ClaimsApi::PowerOfAttorney::UPDATED
@@ -54,15 +56,15 @@ def update_poa_access(poa_form:, participant_id:, poa_code:, allow_poa_access:)
         response = service.update_poa_access(
           participant_id:,
           poa_code:,
-          allow_poa_access:,
+          allow_poa_access: allow_poa_access ? 'Y' : 'N',
           allow_poa_c_add: allow_address_change?(poa_form) ? 'Y' : 'N'
         )
       else
         service = bgs_ext_service
         response = service.corporate_update.update_poa_access(
           participant_id:,
           poa_code:,
-          allow_poa_access:,
+          allow_poa_access: allow_poa_access ? 'Y' : 'N',
           allow_poa_c_add: allow_address_change?(poa_form) ? 'Y' : 'N'
         )
       end

@@ -119,7 +119,8 @@ def set_evss_response(auto_claim, error)
     end
 
     def enable_vbms_access?(poa_form:)
-      poa_form.form_data['recordConsent'] && poa_form.form_data['consentLimits'].blank?
+      record_consent = poa_form.form_data['recordConsent']
+      record_consent.present? && record_consent && poa_form.form_data['consentLimits'].blank?
     end
 
     def set_vbms_error_message(poa, error)

@@ -65,38 +65,6 @@
         expect(poa.status).to eq('updated')
       end
     end
-
-    context 'and record consent is not granted' do
-      context "because 'recordConsent' is false" do
-        it "updates the form's status but does not create a 'ClaimsApi::PoaVBMSUpdater' job" do
-          create_mock_lighthouse_service
-          expect(ClaimsApi::PoaVBMSUpdater).not_to receive(:perform_async)
-
-          poa = create_poa
-          poa.form_data.merge!({ recordConsent: false, consentLimits: [] })
-          poa.save!
-
-          subject.new.perform(poa.id)
-          poa.reload
-          expect(poa.status).to eq('updated')
-        end
-      end
-
-      context "because a limitation exists in 'consentLimits'" do
-        it "updates the form's status but does not create a 'ClaimsApi::PoaVBMSUpdater' job" do
-          create_mock_lighthouse_service
-          expect(ClaimsApi::PoaVBMSUpdater).not_to receive(:perform_async)
-
-          poa = create_poa
-          poa.form_data.merge!({ recordConsent: true, consentLimits: %w[ALCOHOLISM] })
-          poa.save!
-
-          subject.new.perform(poa.id)
-          poa.reload
-          expect(poa.status).to eq('updated')
-        end
-      end
-    end
   end
 
   context "when call to BGS 'update_birls_record' fails" do

@@ -9,15 +9,12 @@
   [true, false].each do |flipped|
     before do
       Sidekiq::Job.clear_all
-
-      if flipped
-        Flipper.enable(:claims_api_poa_vbms_updater_uses_local_bgs)
-        @clazz = ClaimsApi::CorporateUpdateWebService
-
-      else
-        Flipper.disable(:claims_api_poa_vbms_updater_uses_local_bgs)
-        @clazz = BGS::Services
-      end
+      allow(Flipper).to receive(:enabled?).with(:claims_api_poa_vbms_updater_uses_local_bgs).and_return(flipped)
+      @clazz = if flipped
+                 ClaimsApi::CorporateUpdateWebService
+               else
+                 BGS::Services
+               end
     end
 
     let(:user) { FactoryBot.create(:user, :loa3) }
@@ -32,7 +29,7 @@
       let(:consent_address_change) { true }
 
       it 'updates a the BIRLS record for a qualifying POA submittal' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service
         subject.new.perform(poa.id)
       end
@@ -43,7 +40,7 @@
       let(:consent_address_change) { false }
 
       it 'updates a the BIRLS record for a qualifying POA submittal' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service
         subject.new.perform(poa.id)
       end
@@ -54,18 +51,29 @@
       let(:consent_address_change) { nil }
 
       it 'updates a the BIRLS record for a qualifying POA submittal' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service
         subject.new.perform(poa.id)
       end
     end
 
+    context "when allow_poa_access is set to 'n'" do
+      let(:allow_poa_c_add) { 'N' }
+      let(:consent_address_change) { nil }
+
+      it 'does not allow folder access' do
+        poa = create_poa(allow_poa_access: false)
+        create_mock_lighthouse_service_no_access
+        subject.new.perform(poa.id)
+      end
+    end
+
     context 'when BGS fails the error is handled' do
       let(:allow_poa_c_add) { 'Y' }
       let(:consent_address_change) { true }
 
       it 'marks the form as errored' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         create_mock_lighthouse_service_bgs_failure # API-31645 real life example
         subject.new.perform(poa.id)
 
@@ -80,7 +88,7 @@
       let(:consent_address_change) { true }
 
       it 'logs to the ClaimsApi Logger' do
-        poa = create_poa
+        poa = create_poa(allow_poa_access: true)
         error_msg = 'An error occurred for the POA VBMS Updater Job'
         msg = { 'args' => [poa.id],
                 'class' => subject,
@@ -100,22 +108,36 @@
 
   private
 
-  def create_poa
+  def create_poa(allow_poa_access: true)
     poa = create(:power_of_attorney)
     poa.auth_headers = auth_headers
     if consent_address_change.present?
       poa.form_data = poa.form_data.merge('consentAddressChange' => consent_address_change)
     end
+    poa.form_data = poa.form_data.merge('recordConsent' => allow_poa_access)
     poa.save
     poa
   end
 
+  def create_mock_lighthouse_service_no_access
+    corporate_update_stub = @clazz.new(external_uid: 'uid', external_key: 'key').corporate_update
+    expect(corporate_update_stub).to receive(:update_poa_access).with(
+      participant_id: user.participant_id,
+      poa_code: '074',
+      allow_poa_access: 'N',
+      allow_poa_c_add:
+    ).and_return({ return_code: 'GUIE50000' })
+    service_double = instance_double('BGS::Services')
+    expect(service_double).to receive(:corporate_update).and_return(corporate_update_stub)
+    expect(BGS::Services).to receive(:new).and_return(service_double)
+  end
+
   def create_mock_lighthouse_service
     corporate_update_stub = @clazz.new(external_uid: 'uid', external_key: 'key').corporate_update
     expect(corporate_update_stub).to receive(:update_poa_access).with(
       participant_id: user.participant_id,
       poa_code: '074',
-      allow_poa_access: 'y',
+      allow_poa_access: 'Y',
       allow_poa_c_add:
     ).and_return({ return_code: 'GUIE50000' })
     service_double = instance_double('BGS::Services')
@@ -130,7 +152,7 @@ def create_mock_lighthouse_service_bgs_failure
         .with(
           participant_id: user.participant_id,
           poa_code: '074',
-          allow_poa_access: 'y',
+          allow_poa_access: 'Y',
           allow_poa_c_add:
         ).and_return({ return_code: 'GUIE50000' })
       corporate_update_stub

@@ -34,6 +34,13 @@
     claim
   end
 
+  let(:poa) do
+    poa = create(:power_of_attorney)
+    poa.auth_headers = auth_headers
+    poa.save
+    poa
+  end
+
   before do
     @service = described_class.new
   end
@@ -98,6 +105,44 @@
     end
   end
 
+  describe '#enable_vbms_access?' do
+    context 'denies eFolder access' do
+      it 'if recordConsent is set to false' do
+        poa.form_data = poa.form_data.merge('recordConsent' => false)
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(false)
+      end
+
+      it 'if recordConsent is not present' do
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(false)
+      end
+
+      it 'if consentLimits are present' do
+        poa.form_data = poa.form_data.merge('recordConsent' => true)
+        poa.form_data = poa.form_data.merge('consentLimits' => ['HIV'])
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(false)
+      end
+    end
+
+    context 'allows eFolder access' do
+      it 'if recordConsent is set to true' do
+        poa.form_data = poa.form_data.merge('recordConsent' => true)
+        poa.save
+
+        res = @service.send(:enable_vbms_access?, poa_form: poa)
+        expect(res).to eq(true)
+      end
+    end
+  end
+
   describe '#will_retry?' do
     it 'retries for a header.va_eauth_birlsfilenumber error' do
       body = [{ key: 'header.va_eauth_birlsfilenumber', severity: 'ERROR', text: 'Size must be between 8 and 9' }]