Merge remote-tracking branch 'origin/main' into td/ffs-2110-update-fl…

…ow-use-new-database * origin/main: FFS-2408: Rename site_id to client_agency_id (#446) FFS-2351: Change calculation of account_count to be correct in filed events (#445) Patching vulnerabilities | esbuild, net-imap (#450) Address vulnerability (#443) fix: upgrade postcss from 8.5.0 to 8.5.1 (#441) fix: upgrade sass from 1.83.2 to 1.83.4 (#440) 2401: Use different syntax (#437) updated tests for clarity fixed typo cleaned up based on PR comments removed trailing whitespace/rubocop fixes wrapped token creation for users.rake in a transaction, added test assertion to assure that the user api_access_tokens.count only changes by a factor of 1 updated vitest to v 3.0.5 address failed security scan rename vitest add github action fixed postcss build error added .vitest to git ignore updated package.json to use module setup project to work with vitest and debugging remove employer_search.spec comment out test write test scripts for pinwheel.js update apiservice to fetchInternalApiService for clarity refactored fetch into its own file refactored code to be a little more self evident remove outdated snapshots comment refactored api calls with tests added tests for trackUserAction api call move trackUserAction out of pinwheel into analytics file minor changes stub for employersearch test installed vitest
DSACMS · Feb 12, 2025 · 8d7b98f · 8d7b98f
2 parents 436a2a1 + 20b6545
commit 8d7b98f
Show file tree

Hide file tree

Showing 106 changed files with 2,412 additions and 717 deletions.
diff --git a/.github/workflows/js-vitest.yml b/.github/workflows/js-vitest.yml
@@ -0,0 +1,17 @@
+name: Vitest Javascript Unit Tests 
+
+on:
+  pull_request:
+    paths: ['app/**']
+
+jobs:
+  vitest:
+    name: Vitest 
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby & Javascript
+        uses: ./.github/actions/setup-languages
+      - name: Run Vitest 
+        working-directory: app
+        run: npm run test 
diff --git a/README.md b/README.md
@@ -26,7 +26,7 @@ guide for an introduction to the framework.
      * Chromedriver must be allowed to run. You can either do that by:
        * The command line: `xattr -d com.apple.quarantine $(which chromedriver)` (this is the only option if you are on Big Sur)
        * Manually: clicking "allow" when you run the integration tests for the first time and a dialogue opens up
-   * [Ngrok](https://ngrok.com/download): brew install ngrok/ngrok/ngrok
+   * [Ngrok](https://ngrok.com/downloads): brew install ngrok/ngrok/ngrok
      * Sign up for an account: https://dashboard.ngrok.com/signup
      * run `ngrok config add-authtoken {token goes here}`
 1. Set up rbenv and nodenv:
@@ -109,21 +109,21 @@ $ i18n-tasks remove-unused # removes unused keys across locale files
 
 For more information on usage and helpful rake tasks to manage locale files, see [the documentation](https://github.com/glebm/i18n-tasks#usage).
 
-## "Site-specific" translations
+## "Client Agency-specific" translations
 
 The CBV pilot project is architected to be multi-tenant across jurisdictions we
 are actively piloting with. Each jurisdiction's agency is configured as a
-"site" in app/config/site-config.yml and has a short "id", e.g. "nyc", "ma",
+"client agency" in app/config/client-agency-config.yml and has a short "id", e.g. "nyc", "ma",
 and "sandbox".
 
-We often need to adjust copy specific to each site. The preferred way to do it
-is by using the `site_translation` helper, which wraps Rails's `t` view helper
-and looks for the current site's "id" as a sub-key of the given prefix.
+We often need to adjust copy specific to each client agency. The preferred way to do it
+is by using the `client_agency_translation` helper, which wraps Rails's `t` view helper
+and looks for the current client agency's "id" as a sub-key of the given prefix.
 
 Usage:
 
 ```erb
-<%= site_translation(".learn_more_html") %>
+<%= client_agency_translation(".learn_more_html") %>
 ```
 
 And the corresponding locale file:
@@ -214,7 +214,7 @@ If you're new to CBV, here's a summary of how to get started navigating the app.
 1. Search for your employer. When you select one, the local page will show you some fake credentials at the very bottom of the screen. Use these to sign in.
 1. Finally, you should be able to complete the applicant flow, including looking at the PDF.
 1. To complete the caseworker flow, add `?is_caseworker=true` to the /cbv/summary.pdf path to see the PDF that gets sent (it's different from the one we send the applicant!)
-1. Note: You can switch to a different pilot partner (state) by going to the irb prompt and running `CbvFlow.last.update(site_id: 'ma')`. Right now you can only pass it `ma` or `nyc`.
+1. Note: You can switch to a different pilot partner (state) by going to the irb prompt and running `CbvFlow.last.update(client_agency_id: 'ma')`. Right now you can only pass it `ma` or `nyc`.
 
 ## Pa11y Scan
 

diff --git a/app/.gitignore b/app/.gitignore
@@ -61,4 +61,7 @@ terraform.tfstate.backup
 /config/credentials/production.key
 
 #Profiler
-/profiler
+/profiler
+
+# Vitest
+.vitest
diff --git a/app/Dockerfile b/app/Dockerfile
@@ -115,12 +115,13 @@ RUN apt-get update -qq && \
         curl=7.88.1-10+deb12u8 \
         libgpgme11=1.18.0-3+b1 \
         libvips42=8.14.1-3+deb12u1 \
-        linux-libc-dev=6.1.123-1 \
+        linux-libc-dev=6.1.128-1 \
         openssl=3.0.15-1~deb12u1 \
         postgresql-client=15+248 \
         python-is-python3=3.11.2-1+deb12u1 \
         python3-venv=3.11.2-1+b1 \
-        unzip=6.0-28 && \
+        unzip=6.0-28 \
+        libtasn1-6=4.19.0-2+deb12u1 && \
     rm -rf /var/lib/apt/lists /var/cache/apt/archives && \
     curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip" && \
     unzip awscli-bundle.zip && \
@@ -130,7 +131,8 @@ RUN apt-get update -qq && \
 # Remove base rexml for GHSA-4xqq-m2hx-25v8
 RUN gem uninstall -i /usr/local/lib/ruby/gems/3.3.0 debug && \
     gem uninstall -i /usr/local/lib/ruby/gems/3.3.0 rss && \
-    gem uninstall -i /usr/local/lib/ruby/gems/3.3.0 rexml
+    gem uninstall -i /usr/local/lib/ruby/gems/3.3.0 rexml && \
+    gem uninstall -i /usr/local/lib/ruby/gems/3.3.0 net-imap || true
 
 # Install custom db migrate script
 COPY bin/db-migrate /usr/bin/
@@ -139,6 +141,10 @@ COPY bin/db-migrate /usr/bin/
 COPY --from=release-build /usr/local/bundle /usr/local/bundle
 COPY --from=release-build /rails /rails
 
+# Clean up any unused gems and ensure we have the correct versions
+RUN bundle clean --force && \
+    bundle install --no-cache
+
 # Ensure all necessary directories exist
 RUN mkdir -p /rails/tmp/pids /rails/log /rails/db
 

diff --git a/app/Gemfile b/app/Gemfile
@@ -72,6 +72,7 @@ gem "stackprof"
 gem "rexml", "~> 3.3.9"
 gem "gpgme", "~> 2.0", ">= 2.0.12"
 gem "pdf-reader", "~> 2.12.0"
+gem "net-imap", "0.4.19"  # Fixing CVE-2025-25186
 
 gem "maybe_later"
 gem "activeresource"

diff --git a/app/Gemfile.lock b/app/Gemfile.lock
@@ -262,7 +262,7 @@ GEM
     mutex_m (0.3.0)
     net-http (0.4.1)
       uri
-    net-imap (0.4.17)
+    net-imap (0.4.19)
       date
       net-protocol
     net-pop (0.1.2)
@@ -478,7 +478,7 @@ GEM
       unicode-display_width (>= 1.1.1, < 3)
     thor (1.3.2)
     timecop (0.9.10)
-    timeout (0.4.1)
+    timeout (0.4.3)
     ttfunk (1.8.0)
       bigdecimal (~> 3.1)
     turbo-rails (2.0.11)
@@ -551,6 +551,7 @@ DEPENDENCIES
   jsbundling-rails
   maybe_later
   mixpanel-ruby
+  net-imap (= 0.4.19)
   newrelic_rpm
   omniauth-azure-activedirectory-v2
   omniauth-rails_csrf_protection (~> 1.0)

diff --git a/app/app/controllers/api/invitations_controller.rb b/app/app/controllers/api/invitations_controller.rb
@@ -22,20 +22,20 @@ def create
   # can these be inferred from the model?
   def cbv_flow_invitation_params
     if (applicant_attributes = params.delete(:agency_partner_metadata))
-      params[:cbv_applicant_attributes] = applicant_attributes.merge(site_id: params[:site_id])
+      params[:cbv_applicant_attributes] = applicant_attributes.merge(client_agency_id: params[:client_agency_id])
     end
     params[:email_address] = @current_user.email
 
     params.permit(
       :language,
       :email_address,
-      :site_id,
+      :client_agency_id,
       :user_id,
       cbv_applicant_attributes: [
         :first_name,
         :middle_name,
         :last_name,
-        :site_id,
+        :client_agency_id,
         :client_id_number,
         :case_number,
         :snap_application_date,

diff --git a/app/app/controllers/application_controller.rb b/app/app/controllers/application_controller.rb
@@ -1,6 +1,6 @@
 class ApplicationController < ActionController::Base
   helper :view
-  helper_method :current_site, :show_translate_button?, :show_menu?
+  helper_method :current_agency, :show_translate_button?, :show_menu?
   around_action :switch_locale
   before_action :add_newrelic_metadata
   before_action :redirect_if_maintenance_mode
@@ -12,11 +12,11 @@ class ApplicationController < ActionController::Base
   end
 
   def after_sign_in_path_for(user)
-    caseworker_dashboard_path(site_id: user.site_id)
+    caseworker_dashboard_path(client_agency_id: user.client_agency_id)
   end
 
   def after_sign_out_path_for(resource_or_scope)
-    new_user_session_path(site_id: params[:site_id])
+    new_user_session_path(client_agency_id: params[:client_agency_id])
   end
 
   def switch_locale(&action)
@@ -25,8 +25,8 @@ def switch_locale(&action)
     I18n.with_locale(locale, &action)
   end
 
-  def site_config
-    Rails.application.config.sites
+  def agency_config
+    Rails.application.config.client_agencies
   end
 
   private
@@ -45,8 +45,8 @@ def home_page?
     request.path == root_path
   end
 
-  def current_site
-    @current_site ||= site_config[params[:site_id]]
+  def current_agency
+    @current_agency ||= agency_config[params[:client_agency_id]]
   end
 
   def enable_mini_profiler_in_demo
@@ -62,7 +62,7 @@ def demo_mode?
   protected
 
   def pinwheel_for(cbv_flow)
-    environment = site_config[cbv_flow.site_id].pinwheel_environment
+    environment = agency_config[cbv_flow.client_agency_id].pinwheel_environment
 
     PinwheelService.new(environment)
   end
@@ -71,7 +71,7 @@ def add_newrelic_metadata
     attributes = {
       cbv_flow_id: session[:cbv_flow_id],
       session_id: session.id.to_s,
-      site_id: params[:site_id],
+      client_agency_id: params[:client_agency_id],
       locale: params[:locale],
       user_id: current_user.try(:id)
     }

diff --git a/app/app/controllers/caseworker/base_controller.rb b/app/app/controllers/caseworker/base_controller.rb
@@ -4,15 +4,15 @@ class Caseworker::BaseController < ApplicationController
   def authenticate_user!
     super
 
-    unless current_user.site_id == params[:site_id]
+    unless current_user.client_agency_id == params[:client_agency_id]
       redirect_to root_url, flash: {
         slim_alert: { message: t("shared.error_unauthorized"), type: "error" }
       }
     end
   end
 
   def redirect_if_disabled
-    unless current_site.staff_portal_enabled
+    unless current_agency.staff_portal_enabled
       redirect_to root_url, flash: {
         slim_alert: { message: I18n.t("caseworker.entries.disabled"), type: "error" }
       }

diff --git a/app/app/controllers/caseworker/cbv_flow_invitations_controller.rb b/app/app/controllers/caseworker/cbv_flow_invitations_controller.rb
@@ -5,10 +5,10 @@ class Caseworker::CbvFlowInvitationsController < Caseworker::BaseController
   helper_method :language_options
 
   def new
-    @site_id = site_id
-    @cbv_flow_invitation = CbvFlowInvitation.new(site_id: site_id)
+    @client_agency_id = client_agency_id
+    @cbv_flow_invitation = CbvFlowInvitation.new(client_agency_id: client_agency_id)
 
-    if @site_id == "ma"
+    if @client_agency_id == "ma"
       @cbv_flow_invitation.snap_application_date ||= Date.today
     end
   end
@@ -17,7 +17,7 @@ def create
     # handle errors from the mail service
     begin
       @cbv_flow_invitation = CbvInvitationService.new(event_logger).invite(
-        invitation_params.deep_merge(site_id: site_id, cbv_applicant_attributes: { site_id: site_id }),
+        invitation_params.deep_merge(client_agency_id: client_agency_id, cbv_applicant_attributes: { client_agency_id: client_agency_id }),
         current_user,
         delivery_method: :email
       )
@@ -26,7 +26,7 @@ def create
       flash[:alert] = t(".invite_failed",
                         email_address: invitation_params[:email_address],
                         error_message: e.message)
-      return redirect_to caseworker_dashboard_path(site_id: params[:site_id])
+      return redirect_to caseworker_dashboard_path(client_agency_id: params[:client_agency_id])
     end
 
     if @cbv_flow_invitation.errors.any?
@@ -49,7 +49,7 @@ def create
       message: t(".invite_success", email_address: invitation_params[:email_address]),
       type: "success"
     }
-    redirect_to caseworker_dashboard_path(site_id: params[:site_id])
+    redirect_to caseworker_dashboard_path(client_agency_id: params[:client_agency_id])
   end
 
   private
@@ -61,8 +61,8 @@ def language_options
   end
 
   def ensure_valid_params!
-    if site_config.site_ids.exclude?(site_id)
-      flash[:alert] = t("caseworker.cbv_flow_invitations.incorrect_site_id")
+    if agency_config.client_agency_ids.exclude?(client_agency_id)
+      flash[:alert] = t("caseworker.cbv_flow_invitations.incorrect_client_agency_id")
       redirect_to root_url
     end
   end
@@ -84,7 +84,7 @@ def invitation_params
     )
   end
 
-  def site_id
-    params[:site_id]
+  def client_agency_id
+    params[:client_agency_id]
   end
 end
diff --git a/app/app/controllers/caseworker/entries_controller.rb b/app/app/controllers/caseworker/entries_controller.rb
@@ -1,5 +1,5 @@
 class Caseworker::EntriesController < Caseworker::BaseController
   def index
-    @current_site = current_site
+    @current_agency = current_agency
   end
 end
diff --git a/app/app/controllers/cbv/base_controller.rb b/app/app/controllers/cbv/base_controller.rb
@@ -1,6 +1,6 @@
 class Cbv::BaseController < ApplicationController
   before_action :set_cbv_flow, :ensure_cbv_flow_not_yet_complete, :prevent_back_after_complete, :capture_page_view
-  helper_method :agency_url, :next_path, :get_comment_by_account_id, :current_site
+  helper_method :agency_url, :next_path, :get_comment_by_account_id, :current_agency
 
   private
 
@@ -16,10 +16,10 @@ def set_cbv_flow
       end
       if invitation.expired?
         track_expired_event(invitation)
-        return redirect_to(cbv_flow_expired_invitation_path(site_id: invitation.site_id))
+        return redirect_to(cbv_flow_expired_invitation_path(client_agency_id: invitation.client_agency_id))
       end
       if invitation.complete?
-        return redirect_to(cbv_flow_expired_invitation_path(site_id: invitation.site_id))
+        return redirect_to(cbv_flow_expired_invitation_path(client_agency_id: invitation.client_agency_id))
       end
 
       @cbv_flow = CbvFlow.create_from_invitation(invitation)
@@ -44,10 +44,10 @@ def ensure_cbv_flow_not_yet_complete
     redirect_to(cbv_flow_success_path)
   end
 
-  def current_site
-    return unless @cbv_flow.present? && @cbv_flow.site_id.present?
+  def current_agency
+    return unless @cbv_flow.present? && @cbv_flow.client_agency_id.present?
 
-    @current_site ||= site_config[@cbv_flow.site_id]
+    @current_agency ||= agency_config[@cbv_flow.client_agency_id]
   end
 
   def next_path
@@ -72,7 +72,7 @@ def pinwheel
   end
 
   def agency_url
-    current_site&.agency_contact_website
+    current_agency&.agency_contact_website
   end
 
   def get_comment_by_account_id(account_id)
@@ -90,7 +90,7 @@ def capture_page_view
       event_logger.track("CbvPageView", request, {
         cbv_flow_id: @cbv_flow.id,
         invitation_id: @cbv_flow.cbv_flow_invitation_id,
-        site_id: @cbv_flow.site_id,
+        client_agency_id: @cbv_flow.client_agency_id,
         path: request.path
       })
     rescue => ex
@@ -123,7 +123,7 @@ def track_invitation_clicked_event(invitation, cbv_flow)
       invitation_id: invitation.id,
       cbv_flow_id: cbv_flow.id,
       cbv_applicant_id: cbv_flow.cbv_applicant_id,
-      site_id: cbv_flow.site_id,
+      client_agency_id: cbv_flow.client_agency_id,
       seconds_since_invitation: (Time.now - invitation.created_at).to_i
     })
   rescue => ex

diff --git a/app/app/controllers/cbv/entries_controller.rb b/app/app/controllers/cbv/entries_controller.rb
@@ -2,7 +2,7 @@ class Cbv::EntriesController < Cbv::BaseController
   def show
     event_logger.track("ApplicantViewedAgreement", request, {
       timestamp: Time.now.to_i,
-      site_id: @cbv_flow.site_id,
+      client_agency_id: @cbv_flow.client_agency_id,
       cbv_applicant_id: @cbv_flow.cbv_applicant_id,
       cbv_flow_id: @cbv_flow.id,
       invitation_id: @cbv_flow.cbv_flow_invitation_id
@@ -13,7 +13,7 @@ def create
     if params["agreement"] == "1"
       event_logger.track("ApplicantAgreed", request, {
         timestamp: Time.now.to_i,
-        site_id: @cbv_flow.site_id,
+        client_agency_id: @cbv_flow.client_agency_id,
         cbv_applicant_id: @cbv_flow.cbv_applicant_id,
         cbv_flow_id: @cbv_flow.id,
         invitation_id: @cbv_flow.cbv_flow_invitation_id