Merge pull request #10975 from 18F/stages/rc-2024-07-23

Deploy RC 399 to Production

Makefile

@@ -228,6 +228,7 @@ run-https: tmp/$(HOST)-$(PORT).key tmp/$(HOST)-$(PORT).crt ## Runs the developme
 normalize_yaml: ## Normalizes YAML files (alphabetizes keys, fixes line length, smart quotes)
 	yarn normalize-yaml .rubocop.yml --disable-sort-keys --disable-smart-punctuation
 	find ./config/locales/transliterate -type f -name '*.yml' -exec yarn normalize-yaml --disable-sort-keys --disable-smart-punctuation {} \;
+	yarn normalize-yaml --disable-sort-keys --disable-smart-punctuation config/application.yml.default
 	find ./config/locales/telephony -type f -name '*.yml' | xargs yarn normalize-yaml --disable-smart-punctuation
 	find ./config/locales -not \( -path "./config/locales/telephony*" -o -path "./config/locales/transliterate/*" \) -type f -name '*.yml' | \
 	xargs yarn normalize-yaml \

app/controllers/idv/hybrid_handoff_controller.rb

@@ -197,7 +197,7 @@ def rate_limited_failure
         limiter_type: :idv_send_link,
       )
       message = I18n.t(
-        'errors.doc_auth.send_link_limited',
+        'doc_auth.errors.send_link_limited',
         timeout: distance_of_time_in_words(
           Time.zone.now,
           [rate_limiter.expires_at, Time.zone.now].compact.max,

app/controllers/idv/in_person/public/usps_locations_controller.rb

@@ -18,19 +18,26 @@ def index
           )
           locations = proofer.request_facilities(candidate, false)
 
-          render json: locations.to_json
+          render json: localized_locations(locations).to_json
         end
 
         def options
           head :ok
         end
 
-        protected
+        private
 
         def proofer
           @proofer ||= UspsInPersonProofing::EnrollmentHelper.usps_proofer
         end
 
+        def localized_locations(locations)
+          return nil if locations.nil?
+          locations.map do |location|
+            UspsInPersonProofing::EnrollmentHelper.localized_location(location)
+          end
+        end
+
         def enabled?
           IdentityConfig.store.in_person_public_address_search_enabled
         end

app/controllers/idv/in_person/usps_locations_controller.rb

@@ -27,18 +27,18 @@ def index
           zip_code: search_params['zip_code']
         )
         is_enhanced_ipp = resolved_authn_context_result.enhanced_ipp?
-        response = proofer.request_facilities(candidate, is_enhanced_ipp)
-        if response.length > 0
+        locations = proofer.request_facilities(candidate, is_enhanced_ipp)
+        if locations.length > 0
           analytics.idv_in_person_locations_searched(
             success: true,
-            result_total: response.length,
+            result_total: locations.length,
           )
         else
           analytics.idv_in_person_locations_searched(
             success: false, errors: 'No USPS locations found',
           )
         end
-        render json: response.to_json
+        render json: localized_locations(locations).to_json
       end
 
       # save the Post Office location the user selected to an enrollment
@@ -64,6 +64,13 @@ def add_proofing_component
           update(document_check: Idp::Constants::Vendors::USPS)
       end
 
+      def localized_locations(locations)
+        return nil if locations.nil?
+        locations.map do |location|
+          EnrollmentHelper.localized_location(location)
+        end
+      end
+
       def handle_error(err)
         remapped_error = case err
                          when ActionController::InvalidAuthenticityToken,

app/controllers/idv/link_sent_controller.rb

@@ -73,11 +73,11 @@ def handle_document_verification_success
     def render_document_capture_cancelled
       redirect_to idv_hybrid_handoff_url
       idv_session.flow_path = nil
-      failure(I18n.t('errors.doc_auth.document_capture_canceled'))
+      failure(I18n.t('doc_auth.errors.document_capture_canceled'))
     end
 
     def render_step_incomplete_error
-      failure(I18n.t('errors.doc_auth.phone_step_incomplete'))
+      failure(I18n.t('doc_auth.errors.phone_step_incomplete'))
     end
 
     def take_photo_with_phone_successful?

app/controllers/users/piv_cac_login_controller.rb

@@ -54,7 +54,7 @@ def process_piv_cac_login
       else
         process_invalid_submission
       end
-      analytics.piv_cac_login(**result.to_h)
+      analytics.piv_cac_login(**result.to_h, new_device: @new_device)
     end
 
     def piv_cac_login_form
@@ -75,7 +75,7 @@ def process_valid_submission(result)
         presented: true,
       )
 
-      set_new_device_session(nil)
+      @new_device = set_new_device_session(nil)
       handle_verification_for_authentication_context(
         result:,
         auth_method: TwoFactorAuthenticatable::AuthMethod::PIV_CAC,

app/forms/idv/api_image_upload_form.rb

@@ -298,7 +298,7 @@ def validate_duplicate_images
     def limit_if_rate_limited
       return unless rate_limited?
 
-      errors.add(:limit, t('errors.doc_auth.rate_limited_heading'), type: :rate_limited)
+      errors.add(:limit, t('doc_auth.errors.rate_limited_heading'), type: :rate_limited)
     end
 
     def track_rate_limited

app/forms/idv/consent_form.rb

@@ -7,7 +7,7 @@ class ConsentForm
     attr_reader :idv_consent_given
 
     validates :idv_consent_given,
-              acceptance: { message: proc { I18n.t('errors.doc_auth.consent_form') } }
+              acceptance: { message: proc { I18n.t('doc_auth.errors.consent_form') } }
 
     def initialize(idv_consent_given: false)
       @idv_consent_given = idv_consent_given

app/forms/idv/how_to_verify_form.rb

@@ -10,11 +10,11 @@ class HowToVerifyForm
     attr_reader :selection
 
     validates :selection, presence: {
-      message: proc { I18n.t('errors.doc_auth.how_to_verify_form') },
+      message: proc { I18n.t('doc_auth.errors.how_to_verify_form') },
     }
     validates :selection, inclusion: {
       in: [REMOTE, IPP],
-      message: proc { I18n.t('errors.doc_auth.how_to_verify_form') },
+      message: proc { I18n.t('doc_auth.errors.how_to_verify_form') },
     }
 
     def initialize(selection: nil)

app/javascript/packages/document-capture/components/document-capture-warning.tsx

@@ -37,25 +37,25 @@ function getHeading({
   t,
 }: GetHeadingArguments) {
   if (isFailedDocType) {
-    return t('errors.doc_auth.doc_type_not_supported_heading');
+    return t('doc_auth.errors.doc_type_not_supported_heading');
   }
   if (isResultCodeInvalid) {
-    return t('errors.doc_auth.rate_limited_heading');
+    return t('doc_auth.errors.rate_limited_heading');
   }
   if (isFailedSelfieLivenessOrQuality) {
-    return t('errors.doc_auth.selfie_not_live_or_poor_quality_heading');
+    return t('doc_auth.errors.selfie_not_live_or_poor_quality_heading');
   }
   if (isFailedSelfie) {
-    return t('errors.doc_auth.selfie_fail_heading');
+    return t('doc_auth.errors.selfie_fail_heading');
   }
-  return t('errors.doc_auth.rate_limited_heading');
+  return t('doc_auth.errors.rate_limited_heading');
 }
 
 function getSubheading({ nonIppOrFailedResult, t }) {
   const showSubheading = !nonIppOrFailedResult;
 
   if (showSubheading) {
-    return <h2>{t('errors.doc_auth.rate_limited_subheading')}</h2>;
+    return <h2>{t('doc_auth.errors.rate_limited_subheading')}</h2>;
   }
   return undefined;
 }

app/javascript/packages/document-capture/components/document-capture.tsx

@@ -125,7 +125,7 @@ function DocumentCapture({ onStepChange = () => {} }: DocumentCaptureProps) {
                     failedImageFingerprints: submissionError.failed_image_fingerprints,
                   })(ReviewIssuesStep)
                 : ReviewIssuesStep,
-            title: t('errors.doc_auth.rate_limited_heading'),
+            title: t('doc_auth.errors.rate_limited_heading'),
           },
         ] as FormStep[]
       ).concat(inPersonSteps)

app/jobs/reports/drop_off_report.rb

@@ -8,6 +8,8 @@ class DropOffReport < BaseReport
 
     attr_accessor :report_date
 
+    # Generate a drop off report for the week including the passed timestamp
+    # @param [DateTime]
     def perform(report_date)
       self.report_date = report_date
 

app/jobs/reports/protocols_report.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+require 'reporting/protocols_report'
+
+module Reports
+  class ProtocolsReport < BaseReport
+    REPORT_NAME = 'protocols-report'
+
+    attr_accessor :report_date
+
+    def perform(report_date)
+      return unless IdentityConfig.store.s3_reports_enabled
+
+      self.report_date = report_date
+      message = "Report: #{REPORT_NAME} #{report_date}"
+      subject = "Weekly Protocols Report - #{report_date}"
+
+      report_configs.each do |report_hash|
+        reports = weekly_protocols_emailable_reports
+
+        report_hash['emails'].each do |email|
+          ReportMailer.tables_report(
+            email:,
+            subject:,
+            message:,
+            reports:,
+            attachment_format: :csv,
+          ).deliver_now
+        end
+      end
+    end
+
+    private
+
+    def weekly_protocols_emailable_reports
+      Reporting::ProtocolsReport.new(
+        issuers: nil,
+        time_range: report_date.all_week,
+      ).as_emailable_reports
+    end
+
+    def report_configs
+      IdentityConfig.store.protocols_report_config
+    end
+  end
+end

app/presenters/idv/in_person/ready_to_verify_presenter.rb

@@ -31,7 +31,7 @@ def formatted_due_date
       def selected_location_hours(prefix)
         return unless selected_location_details
         hours = selected_location_details["#{prefix}_hours"]
-        localized_hours(hours)
+        UspsInPersonProofing::EnrollmentHelper.localized_hours(hours)
       end
 
       def service_provider
@@ -107,26 +107,6 @@ def format_outage_date(date)
         I18n.l(date.to_date, format: :short)
       end
 
-      def localized_hours(hours)
-        return nil if hours.nil?
-
-        if hours == 'Closed'
-          I18n.t('in_person_proofing.body.barcode.retail_hours_closed')
-        elsif hours.include?(' - ') # Hyphen
-          hours.
-            split(' - '). # Hyphen
-            map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) }.
-            join(' – ') # Endash
-        elsif hours.include?(' – ') # Endash
-          hours.
-            split(' – '). # Endash
-            map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) }.
-            join(' – ') # Endash
-        else
-          hours
-        end
-      end
-
       def sp_return_url_resolver
         SpReturnUrlResolver.new(service_provider: service_provider)
       end

app/services/analytics_events.rb

@@ -4987,14 +4987,16 @@ def piv_cac_delete_submitted(
   # @identity.idp.previous_event_name PIV/CAC login
   # @param [Boolean] success Whether form validation was successful
   # @param [Hash] errors Errors resulting from form validation
-  # @param [String,nil] key_id
+  # @param [String,nil] key_id PIV/CAC key_id from PKI service
+  # @param [Boolean] new_device Whether the user is authenticating from a new device
   # tracks piv cac login event
-  def piv_cac_login(success:, errors:, key_id:, **extra)
+  def piv_cac_login(success:, errors:, key_id:, new_device:, **extra)
     track_event(
       :piv_cac_login,
       success:,
       errors:,
       key_id:,
+      new_device:,
       **extra,
     )
   end

app/services/idv/steps/doc_auth_base_step.rb

@@ -39,7 +39,7 @@ def rate_limited_response
         redirect_to rate_limited_url
         DocAuth::Response.new(
           success: false,
-          errors: { limit: I18n.t('errors.doc_auth.rate_limited_heading') },
+          errors: { limit: I18n.t('doc_auth.errors.rate_limited_heading') },
         )
       end
 

app/services/usps_in_person_proofing/enrollment_helper.rb

@@ -102,6 +102,42 @@ def usps_proofer
         end
       end
 
+      def localized_location(location)
+        {
+          address: location.address,
+          city: location.city,
+          distance: location.distance,
+          name: location.name,
+          saturday_hours: EnrollmentHelper.localized_hours(location.saturday_hours),
+          state: location.state,
+          sunday_hours: EnrollmentHelper.localized_hours(location.sunday_hours),
+          weekday_hours: EnrollmentHelper.localized_hours(location.weekday_hours),
+          zip_code_4: location.zip_code_4,
+          zip_code_5: location.zip_code_5,
+          is_pilot: location.is_pilot,
+        }
+      end
+
+      def localized_hours(hours)
+        return nil if hours.nil?
+
+        if hours == 'Closed'
+          I18n.t('in_person_proofing.body.barcode.retail_hours_closed')
+        elsif hours.include?(' - ') # Hyphen
+          hours.
+            split(' - '). # Hyphen
+            map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) }.
+            join(' – ') # Endash
+        elsif hours.include?(' – ') # Endash
+          hours.
+            split(' – '). # Endash
+            map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) }.
+            join(' – ') # Endash
+        else
+          hours
+        end
+      end
+
       private
 
       SECONDARY_ID_ADDRESS_MAP = {

app/views/idv/session_errors/rate_limited.html.erb

@@ -1,6 +1,6 @@
 <%= render(
       'idv/shared/error',
-      heading: t('errors.doc_auth.rate_limited_heading'),
+      heading: t('doc_auth.errors.rate_limited_heading'),
       options: [
         {
           url: MarketingSite.contact_url,
@@ -11,7 +11,7 @@
     ) do %>
       <p>
         <%= t(
-              'errors.doc_auth.rate_limited_text_html',
+              'doc_auth.errors.rate_limited_text_html',
               timeout: distance_of_time_in_words(
                 Time.zone.now,
                 [@expires_at, Time.zone.now].compact.max,

config/application.yml.default

@@ -219,6 +219,7 @@ participate_in_dap: false
 password_max_attempts: 3
 personal_key_retired: true
 phone_carrier_registration_blocklist_array: '[]'
+protocols_report_config: '[]'
 short_term_phone_otp_max_attempt_window_in_seconds: 10
 short_term_phone_otp_max_attempts: 2
 phone_confirmation_max_attempts: 20
@@ -422,7 +423,7 @@ development:
   usps_eipp_sponsor_id: '222222222222222'
   usps_ipp_sponsor_id: '111111111111111'
   usps_ipp_transliteration_enabled: true
-  usps_upload_sftp_directory: "/gsa_order"
+  usps_upload_sftp_directory: '/gsa_order'
   usps_upload_sftp_host: localhost
   usps_upload_sftp_password: test
   usps_upload_sftp_username: brady
@@ -591,8 +592,7 @@ test:
   usps_eipp_sponsor_id: '222222222222222'
   usps_ipp_root_url: 'http://localhost:1000'
   usps_ipp_sponsor_id: '111111111111111'
-  usps_upload_sftp_directory: "/directory"
+  usps_upload_sftp_directory: '/directory'
   usps_upload_sftp_host: example.com
   usps_upload_sftp_password: pass
   usps_upload_sftp_username: user
-