diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS
index 0b21628174116374456ddef4e780a3dda9b1ec28..e014ba4390c250a5f20fded8a7a9c8738ea013d6 100644
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@@ -1181,7 +1181,7 @@ lib/gitlab/checks/**
/ee/app/controllers/groups/scim_oauth_controller.rb
/ee/app/controllers/oauth/
/ee/app/controllers/omniauth_kerberos_controller.rb
-/ee/app/controllers/users/identity_verification_controller.rb
+/ee/app/controllers/users/registrations_identity_verification_controller.rb
/ee/app/finders/auth/
/ee/app/helpers/ee/access_tokens_helper.rb
/ee/app/helpers/ee/auth_helper.rb
@@ -1499,7 +1499,7 @@ ee/lib/ee/api/entities/project.rb
/ee/spec/frontend/**/remote_development/
^[Govern::Anti-abuse] @gitlab-org/modelops/anti-abuse
-/ee/app/controllers/users/identity_verification_controller.rb
+/ee/app/controllers/users/registrations_identity_verification_controller.rb
/ee/app/models/concerns/identity_verifiable.rb
/ee/config/routes/identity_verification.rb
diff --git a/.rubocop_todo/layout/line_continuation_spacing.yml b/.rubocop_todo/layout/line_continuation_spacing.yml
index 200dde0ea0bcdb515c3837ba65db776e2bb9b555..5e3aa8b89928c64b41022f2c83632c726d735c13 100644
--- a/.rubocop_todo/layout/line_continuation_spacing.yml
+++ b/.rubocop_todo/layout/line_continuation_spacing.yml
@@ -87,7 +87,6 @@ Layout/LineContinuationSpacing:
- 'ee/spec/requests/api/graphql/mutations/users/abuse/namespace_bans/destroy_spec.rb'
- 'ee/spec/requests/api/graphql/mutations/vulnerabilities/create_external_issue_link_spec.rb'
- 'ee/spec/requests/api/graphql/mutations/vulnerabilities/destroy_external_issue_link_spec.rb'
- - 'ee/spec/requests/users/identity_verification_controller_spec.rb'
- 'ee/spec/services/boards/epic_lists/destroy_service_spec.rb'
- 'ee/spec/services/epic_issues/create_service_spec.rb'
- 'ee/spec/services/epics/epic_links/create_service_spec.rb'
diff --git a/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml b/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
index 1cb814ac69160470bc69be12a66e3c56bf0e217a..505de78b4353c9404c9ec0a250c423e331b81d02 100644
--- a/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
+++ b/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
@@ -124,7 +124,6 @@ Layout/LineEndStringConcatenationIndentation:
- 'ee/spec/requests/api/graphql/mutations/iterations/cadences/update_spec.rb'
- 'ee/spec/requests/api/graphql/mutations/iterations/create_spec.rb'
- 'ee/spec/requests/api/graphql/mutations/security/finding/create_issue_spec.rb'
- - 'ee/spec/requests/users/identity_verification_controller_spec.rb'
- 'ee/spec/services/boards/epic_lists/destroy_service_spec.rb'
- 'ee/spec/services/ee/auth/container_registry_authentication_service_spec.rb'
- 'ee/spec/services/ee/resource_events/merge_into_notes_service_spec.rb'
diff --git a/.rubocop_todo/lint/assignment_in_condition.yml b/.rubocop_todo/lint/assignment_in_condition.yml
index c348be70c91968a2e38f076de65e7f72aed64826..282fd8b705ddbe93236c78d49fb0652589963f75 100644
--- a/.rubocop_todo/lint/assignment_in_condition.yml
+++ b/.rubocop_todo/lint/assignment_in_condition.yml
@@ -96,7 +96,6 @@ Lint/AssignmentInCondition:
- 'config/initializers/zz_metrics.rb'
- 'ee/app/controllers/concerns/gitlab_subscriptions/seat_count_alert.rb'
- 'ee/app/controllers/omniauth_kerberos_controller.rb'
- - 'ee/app/controllers/users/identity_verification_controller.rb'
- 'ee/app/finders/ee/projects_finder.rb'
- 'ee/app/finders/incident_management/oncall_users_finder.rb'
- 'ee/app/graphql/mutations/boards/update_epic_user_preferences.rb'
diff --git a/doc/development/identity_verification.md b/doc/development/identity_verification.md
index caf1a8ba34ff9a8a2c03085f88bae7e339a3a8d5..decbb2daa6f2738ee72230a16f810bf73b238839 100644
--- a/doc/development/identity_verification.md
+++ b/doc/development/identity_verification.md
@@ -31,7 +31,7 @@ To view logs associated to the [email stage](../security/identity_verification.m
- Query the GitLab production logs with the following KQL:
```plaintext
- KQL: json.controller:"IdentityVerificationController" AND json.username:replace_username_here
+ KQL: json.controller:"RegistrationsIdentityVerificationController" AND json.username:replace_username_here
```
Valuable debugging information can be found in the `json.action` and `json.location` columns.
diff --git a/ee/app/assets/javascripts/pages/users/identity_verification/show/index.js b/ee/app/assets/javascripts/pages/users/identity_verification/show/index.js
deleted file mode 100644
index 1b22113c17569d00bbe1eb39c7f5d456808c16ed..0000000000000000000000000000000000000000
--- a/ee/app/assets/javascripts/pages/users/identity_verification/show/index.js
+++ /dev/null
@@ -1,3 +0,0 @@
-import { initIdentityVerification } from 'ee/users/identity_verification';
-
-initIdentityVerification();
diff --git a/ee/app/assets/javascripts/pages/users/identity_verification/arkose_labs_challenge/index.js b/ee/app/assets/javascripts/pages/users/registrations_identity_verification/arkose_labs_challenge/index.js
similarity index 100%
rename from ee/app/assets/javascripts/pages/users/identity_verification/arkose_labs_challenge/index.js
rename to ee/app/assets/javascripts/pages/users/registrations_identity_verification/arkose_labs_challenge/index.js
diff --git a/ee/app/assets/javascripts/pages/users/identity_verification/index.js b/ee/app/assets/javascripts/pages/users/registrations_identity_verification/show/index.js
similarity index 100%
rename from ee/app/assets/javascripts/pages/users/identity_verification/index.js
rename to ee/app/assets/javascripts/pages/users/registrations_identity_verification/show/index.js
diff --git a/ee/app/controllers/ee/omniauth_callbacks_controller.rb b/ee/app/controllers/ee/omniauth_callbacks_controller.rb
index 3c93a443deee936efbbc6ef7f87464d024b730d7..dae225ea6ebe6f821d64dd9b3d374fc038d1857b 100644
--- a/ee/app/controllers/ee/omniauth_callbacks_controller.rb
+++ b/ee/app/controllers/ee/omniauth_callbacks_controller.rb
@@ -43,8 +43,8 @@ def log_failed_login(author, provider)
def perform_registration_tasks(user, provider)
# We need to do this here since the subscription flow relies on what was set in the stored_location_for(:user)
# that was set on initial redirect from the SubscriptionsController#new and super will wipe that out.
- # Then the IdentityVerificationController#success will get whatever is set in super instead of the subscription
- # path we desire.
+ # Then the RegistrationsIdentityVerificationController#success will get
+ # whatever is set in super instead of the subscription path we desire.
super unless onboarding_status.subscription?
# This also protects the sub classes group saml and ldap from staring onboarding
diff --git a/ee/app/controllers/users/identity_verification_controller.rb b/ee/app/controllers/users/base_identity_verification_controller.rb
similarity index 65%
rename from ee/app/controllers/users/identity_verification_controller.rb
rename to ee/app/controllers/users/base_identity_verification_controller.rb
index 0304c0a48f0c79a47ca465a98ff631df4a7ff9f8..f41e07bfb5fe1d3cb80e88ee72dc7374f386d439 100644
--- a/ee/app/controllers/users/identity_verification_controller.rb
+++ b/ee/app/controllers/users/base_identity_verification_controller.rb
@@ -1,29 +1,20 @@
# frozen_string_literal: true
module Users
- class IdentityVerificationController < ApplicationController
- include AcceptsPendingInvitations
- include ActionView::Helpers::DateHelper
+ class BaseIdentityVerificationController < ApplicationController
include Arkose::ContentSecurityPolicy
include Arkose::TokenVerifiable
+ include ActionView::Helpers::DateHelper
include IdentityVerificationHelper
include ::Gitlab::RackLoadBalancingHelpers
include Recaptcha::Adapters::ControllerMethods
- include ::Gitlab::Utils::StrongMemoize
-
- helper_method :onboarding_status
EVENT_CATEGORIES = %i[email phone credit_card error toggle_phone_exemption].freeze
PHONE_VERIFICATION_ACTIONS = %i[send_phone_verification_code verify_phone_verification_code].freeze
CREDIT_CARD_VERIFICATION_ACTIONS = %i[verify_credit_card].freeze
- skip_before_action :authenticate_user!
-
before_action :require_verification_user!, except: [:restricted]
- before_action :require_unverified_user!, except: [:verification_state, :success, :restricted]
before_action :load_captcha, :redirect_banned_user, only: [:show]
- before_action :require_arkose_verification!, except: [:arkose_labs_challenge, :verify_arkose_labs_session,
- :restricted]
before_action :ensure_verification_method_attempt_allowed!,
only: PHONE_VERIFICATION_ACTIONS + CREDIT_CARD_VERIFICATION_ACTIONS
@@ -51,34 +42,7 @@ def verification_state
# if the back button is pressed, don't cache the user's identity verification state
no_cache_headers if params['no_cache']
- render json: {
- verification_methods: @user.required_identity_verification_methods,
- verification_state: @user.identity_verification_state
- }
- end
-
- def verify_email_code
- result = verify_token
-
- if result[:status] == :success
- confirm_user
-
- render json: { status: :success }
- else
- log_event(:email, :failed_attempt, result[:reason])
-
- render json: result
- end
- end
-
- def resend_email_code
- if send_rate_limited?
- render json: { status: :failure, message: rate_limited_error_message(:email_verification_code_send) }
- else
- reset_confirmation_token
-
- render json: { status: :success }
- end
+ render json: verification_state_json
end
def send_phone_verification_code
@@ -121,34 +85,6 @@ def verify_phone_verification_code
render json: { status: :success }
end
- def arkose_labs_challenge; end
-
- def verify_arkose_labs_session
- unless verify_arkose_labs_token(user: @user)
- flash[:alert] = s_('IdentityVerification|Complete verification to sign up.')
- return render action: :arkose_labs_challenge
- end
-
- service = PhoneVerification::Users::RateLimitService
- service.assume_user_high_risk_if_daily_limit_exceeded!(@user)
-
- redirect_to action: :show
- end
-
- def success
- return redirect_to identity_verification_path unless @user.identity_verified?
-
- accept_pending_invitations(user: @user)
- sign_in(@user)
- session.delete(:verification_user_id)
-
- # order matters here because set_redirect_url removes our ability to detect trial in the tracking label
- @tracking_label = onboarding_status.tracking_label
-
- set_redirect_url
- experiment(:phone_verification_for_low_risk_users, user: @user).track(:registration_completed)
- end
-
def verify_credit_card
return render_404 unless json_request? && @user.credit_card_validation.present?
@@ -182,13 +118,11 @@ def verify_credit_card_captcha
def toggle_phone_exemption
if @user.offer_phone_number_exemption?
+
@user.toggle_phone_number_verification
log_event(:toggle_phone_exemption, :success)
- render json: {
- verification_methods: @user.required_identity_verification_methods,
- verification_state: @user.identity_verification_state
- }
+ render json: verification_state_json
else
log_event(:toggle_phone_exemption, :failed)
render status: :bad_request, json: {}
@@ -197,21 +131,6 @@ def toggle_phone_exemption
private
- def onboarding_status
- Onboarding::Status.new(params.to_unsafe_h.deep_symbolize_keys, session, @user)
- end
- strong_memoize_attr :onboarding_status
-
- def set_redirect_url
- @redirect_url = if onboarding_status.subscription?
- # Since we need this value to stay in the stored_location_for(user) in order for
- # us to be properly redirected for subscription signups.
- onboarding_status.stored_user_location
- else
- after_sign_in_path_for(@user)
- end
- end
-
def require_verification_user!
@user = find_verification_user || current_user
@@ -228,8 +147,11 @@ def find_verification_user
User.find_by_id(verification_user_id)
end
- def require_unverified_user!
- redirect_to success_identity_verification_path if @user.identity_verified?
+ def redirect_banned_user
+ return unless @user.banned?
+
+ session.delete(:verification_user_id)
+ redirect_to new_user_session_path, alert: user_banned_error_message
end
def ensure_verification_method_attempt_allowed!
@@ -246,19 +168,11 @@ def ensure_verification_method_attempt_allowed!
render status: :bad_request, json: {}
end
- def redirect_banned_user
- return unless @user.banned?
-
- session.delete(:verification_user_id)
- redirect_to new_user_session_path, alert: user_banned_error_message
- end
-
- def require_arkose_verification!
- return unless arkose_labs_enabled?(user: @user)
- return unless @user.identities.any?
- return if @user.arkose_verified?
-
- redirect_to action: :arkose_labs_challenge
+ def verification_state_json
+ {
+ verification_methods: @user.required_identity_verification_methods,
+ verification_state: @user.identity_verification_state
+ }
end
def log_event(category, event, reason = nil)
@@ -279,41 +193,16 @@ def log_event(category, event, reason = nil)
::Gitlab::Tracking.event(category, event.to_s, property: reason.to_s, user: user)
end
- def verify_token
- ::Users::EmailVerification::ValidateTokenService.new(
- attr: :confirmation_token,
- user: @user,
- token: params.require(:identity_verification).permit(:code)[:code]
- ).execute
- end
-
- def confirm_user
- @user.confirm
- log_event(:email, :success)
- end
-
- def reset_confirmation_token
- service = ::Users::EmailVerification::GenerateTokenService.new(attr: :confirmation_token, user: @user)
- token, encrypted_token = service.execute
- @user.update!(confirmation_token: encrypted_token, confirmation_sent_at: Time.current)
- Notify.confirmation_instructions_email(@user.email, token: token).deliver_later
- log_event(:email, :sent_instructions)
- end
-
- def send_rate_limited?
- ::Gitlab::ApplicationRateLimiter.throttled?(:email_verification_code_send, scope: @user)
- end
-
def check_for_reuse_rate_limited?
check_rate_limit!(:credit_card_verification_check_for_reuse, scope: request.ip) { true }
end
def phone_verification_params
- params.require(:identity_verification).permit(:country, :international_dial_code, :phone_number)
+ required_params.permit(:country, :international_dial_code, :phone_number)
end
def verify_phone_verification_code_params
- params.require(:identity_verification).permit(:verification_code)
+ required_params.permit(:verification_code)
end
def load_captcha
diff --git a/ee/app/controllers/users/registrations_identity_verification_controller.rb b/ee/app/controllers/users/registrations_identity_verification_controller.rb
new file mode 100644
index 0000000000000000000000000000000000000000..dc71840d5d4ea617c3c37454a82f8b0ca49af1fa
--- /dev/null
+++ b/ee/app/controllers/users/registrations_identity_verification_controller.rb
@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+module Users
+ class RegistrationsIdentityVerificationController < BaseIdentityVerificationController
+ include AcceptsPendingInvitations
+ include ::Gitlab::Utils::StrongMemoize
+
+ helper_method :onboarding_status
+
+ skip_before_action :authenticate_user!
+
+ before_action :require_unverified_user!, except: [:verification_state, :success, :restricted]
+ before_action :require_arkose_verification!, except: [:arkose_labs_challenge, :verify_arkose_labs_session,
+ :restricted]
+
+ def arkose_labs_challenge; end
+
+ def verify_arkose_labs_session
+ unless verify_arkose_labs_token(user: @user)
+ flash[:alert] = s_('IdentityVerification|Complete verification to sign up.')
+ return render action: :arkose_labs_challenge
+ end
+
+ service = PhoneVerification::Users::RateLimitService
+ service.assume_user_high_risk_if_daily_limit_exceeded!(@user)
+
+ redirect_to action: :show
+ end
+
+ def verify_email_code
+ result = verify_token
+
+ if result[:status] == :success
+ confirm_user
+
+ render json: { status: :success }
+ else
+ log_event(:email, :failed_attempt, result[:reason])
+
+ render json: result
+ end
+ end
+
+ def resend_email_code
+ if send_rate_limited?
+ render json: { status: :failure, message: rate_limited_error_message(:email_verification_code_send) }
+ else
+ reset_confirmation_token
+
+ render json: { status: :success }
+ end
+ end
+
+ def success
+ return redirect_to identity_verification_path unless @user.identity_verified?
+
+ accept_pending_invitations(user: @user)
+ sign_in(@user)
+ session.delete(:verification_user_id)
+
+ # order matters here because set_redirect_url removes our ability to detect trial in the tracking label
+ @tracking_label = onboarding_status.tracking_label
+
+ set_redirect_url
+ experiment(:phone_verification_for_low_risk_users, user: @user).track(:registration_completed)
+ end
+
+ private
+
+ def require_unverified_user!
+ redirect_to success_identity_verification_path if @user.identity_verified?
+ end
+
+ def require_arkose_verification!
+ return unless arkose_labs_enabled?
+ return unless @user.identities.any?
+ return if @user.arkose_verified?
+
+ redirect_to action: :arkose_labs_challenge
+ end
+
+ def verify_token
+ ::Users::EmailVerification::ValidateTokenService.new(
+ attr: :confirmation_token,
+ user: @user,
+ token: params.require(:registrations_identity_verification).permit(:code)[:code]
+ ).execute
+ end
+
+ def confirm_user
+ @user.confirm
+ log_event(:email, :success)
+ end
+
+ def reset_confirmation_token
+ service = ::Users::EmailVerification::GenerateTokenService.new(attr: :confirmation_token, user: @user)
+ token, encrypted_token = service.execute
+ @user.update!(confirmation_token: encrypted_token, confirmation_sent_at: Time.current)
+ Notify.confirmation_instructions_email(@user.email, token: token).deliver_later
+ log_event(:email, :sent_instructions)
+ end
+
+ def send_rate_limited?
+ ::Gitlab::ApplicationRateLimiter.throttled?(:email_verification_code_send, scope: @user)
+ end
+
+ def onboarding_status
+ Onboarding::Status.new(params.to_unsafe_h.deep_symbolize_keys, session, @user)
+ end
+ strong_memoize_attr :onboarding_status
+
+ def set_redirect_url
+ @redirect_url = if onboarding_status.subscription?
+ # Since we need this value to stay in the stored_location_for(user) in order for
+ # us to be properly redirected for subscription signups.
+ onboarding_status.stored_user_location
+ else
+ after_sign_in_path_for(@user)
+ end
+ end
+
+ def required_params
+ params.require(controller_name.to_sym)
+ end
+ end
+end
diff --git a/ee/app/views/users/identity_verification/arkose_labs_challenge.html.haml b/ee/app/views/users/registrations_identity_verification/arkose_labs_challenge.html.haml
similarity index 100%
rename from ee/app/views/users/identity_verification/arkose_labs_challenge.html.haml
rename to ee/app/views/users/registrations_identity_verification/arkose_labs_challenge.html.haml
diff --git a/ee/app/views/users/identity_verification/show.html.haml b/ee/app/views/users/registrations_identity_verification/show.html.haml
similarity index 100%
rename from ee/app/views/users/identity_verification/show.html.haml
rename to ee/app/views/users/registrations_identity_verification/show.html.haml
diff --git a/ee/app/views/users/identity_verification/success.html.haml b/ee/app/views/users/registrations_identity_verification/success.html.haml
similarity index 100%
rename from ee/app/views/users/identity_verification/success.html.haml
rename to ee/app/views/users/registrations_identity_verification/success.html.haml
diff --git a/ee/config/routes/identity_verification.rb b/ee/config/routes/identity_verification.rb
index 6fa3607c88669b9ff22cf0f52d8e425bb33bff07..c2aeef6151b04981f8945dbd0f61931890315102 100644
--- a/ee/config/routes/identity_verification.rb
+++ b/ee/config/routes/identity_verification.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
scope :users, module: :users do
- resource :identity_verification, controller: :identity_verification, only: :show do
+ resource :identity_verification, controller: :registrations_identity_verification, only: :show do
get :verification_state
post :verify_email_code
post :resend_email_code
diff --git a/ee/lib/ee/gitlab/etag_caching/router/rails.rb b/ee/lib/ee/gitlab/etag_caching/router/rails.rb
index e3965f28182d4b27434097f28aca9072107000b4..4c4e1953ef6eb3cd76d8b45e4840f9fcc2628e63 100644
--- a/ee/lib/ee/gitlab/etag_caching/router/rails.rb
+++ b/ee/lib/ee/gitlab/etag_caching/router/rails.rb
@@ -17,7 +17,7 @@ module Rails
[
%r{^/users/identity_verification/verification_state\z},
'user_identity_verification_state',
- ::Users::IdentityVerificationController,
+ ::Users::RegistrationsIdentityVerificationController,
:verification_state
]
].freeze
diff --git a/ee/spec/features/users/arkose_content_security_policy_spec.rb b/ee/spec/features/users/arkose_content_security_policy_spec.rb
index a852d0cfa196586a42458ab90072ec2962316f76..1dc1f324ba5e0d6955561e22d4feb92f3174a4c6 100644
--- a/ee/spec/features/users/arkose_content_security_policy_spec.rb
+++ b/ee/spec/features/users/arkose_content_security_policy_spec.rb
@@ -41,6 +41,7 @@
end
end
- it_behaves_like 'configures Content Security Policy headers correctly', Users::IdentityVerificationController
+ it_behaves_like 'configures Content Security Policy headers correctly',
+ Users::RegistrationsIdentityVerificationController
end
end
diff --git a/ee/spec/requests/users/identity_verification_controller_spec.rb b/ee/spec/requests/users/registrations_identity_verification_controller_spec.rb
similarity index 97%
rename from ee/spec/requests/users/identity_verification_controller_spec.rb
rename to ee/spec/requests/users/registrations_identity_verification_controller_spec.rb
index 599eb816d47cbb38f1805c7990756be934c61653..94aa8e651ee82969f6fabe8ff4c9e803c0224c5f 100644
--- a/ee/spec/requests/users/identity_verification_controller_spec.rb
+++ b/ee/spec/requests/users/registrations_identity_verification_controller_spec.rb
@@ -2,8 +2,8 @@
require 'spec_helper'
-RSpec.describe Users::IdentityVerificationController, :clean_gitlab_redis_sessions, :clean_gitlab_redis_rate_limiting,
- feature_category: :system_access do
+RSpec.describe Users::RegistrationsIdentityVerificationController, :clean_gitlab_redis_sessions,
+ :clean_gitlab_redis_rate_limiting, feature_category: :system_access do
include SessionHelpers
using RSpec::Parameterized::TableSyntax
@@ -41,6 +41,10 @@
allow_next_instance_of(::Arkose::StatusService) do |instance|
allow(instance).to receive(:execute).and_return(status_service_response)
end
+
+ allow_next_found_instance_of(User) do |instance|
+ allow(instance).to receive(:verification_method_allowed?).and_return(true)
+ end
end
shared_examples 'it requires a valid verification_user_id' do |expected_response_code|
@@ -253,7 +257,7 @@
context 'when phone verification challenge rate-limit has been reached' do
let(:params) do
- { arkose_labs_token: 'verification-token', identity_verification: { phone_number: '555' } }
+ { arkose_labs_token: 'verification-token', registrations_identity_verification: { phone_number: '555' } }
end
before do
@@ -563,7 +567,7 @@
describe 'POST verify_email_code' do
let_it_be(:user) { unconfirmed_user }
- let_it_be(:params) { { identity_verification: { code: '123456' } } }
+ let_it_be(:params) { { registrations_identity_verification: { code: '123456' } } }
let_it_be(:service_response) { { status: :success } }
subject(:do_request) { post verify_email_code_identity_verification_path(params) }
@@ -632,8 +636,8 @@
it 'renders the result as json' do
expect(response.body).to eq({
status: :failure,
- message: format(s_("IdentityVerification|You've reached the maximum amount of resends. Wait %{interval} "\
- 'and try again.'), interval: 'about 1 hour')
+ message: format(s_("IdentityVerification|You've reached the maximum amount of resends. Wait %{interval} " \
+ "and try again."), interval: 'about 1 hour')
}.to_json)
end
end
@@ -679,7 +683,7 @@
let_it_be(:user) { unconfirmed_user }
let_it_be(:service_response) { ServiceResponse.success(payload: { container: 'contents' }) }
let_it_be(:params) do
- { identity_verification: { country: 'US', international_dial_code: '1', phone_number: '555' } }
+ { registrations_identity_verification: { country: 'US', international_dial_code: '1', phone_number: '555' } }
end
subject(:do_request) { post send_phone_verification_code_identity_verification_path(params) }
@@ -738,7 +742,7 @@
let_it_be(:user) { unconfirmed_user }
let_it_be(:service_response) { ServiceResponse.success }
let_it_be(:params) do
- { identity_verification: { verification_code: '999' } }
+ { registrations_identity_verification: { verification_code: '999' } }
end
subject(:do_request) { post verify_phone_verification_code_identity_verification_path(params) }
@@ -976,10 +980,6 @@
before do
stub_session(verification_user_id: user.id)
-
- allow_next_found_instance_of(User) do |instance|
- allow(instance).to receive(:verification_method_allowed?).and_return(true)
- end
end
subject(:do_request) { get verify_credit_card_identity_verification_path(params) }
@@ -1115,18 +1115,13 @@
end
describe 'PATCH toggle_phone_exemption' do
+ let_it_be(:unconfirmed_user) { create(:user, :unconfirmed, :medium_risk) }
let_it_be(:user) { unconfirmed_user }
- let(:offer_phone_number_exemption) { true }
-
subject(:do_request) { patch toggle_phone_exemption_identity_verification_path(format: :json) }
before do
stub_session(verification_user_id: user.id)
-
- allow_next_found_instance_of(User) do |user|
- allow(user).to receive(:offer_phone_number_exemption?).and_return(offer_phone_number_exemption)
- end
end
it_behaves_like 'it requires an unconfirmed user'
@@ -1150,7 +1145,7 @@
end
context 'when not offering phone exemption' do
- let(:offer_phone_number_exemption) { false }
+ let_it_be(:user) { create(:user, :unconfirmed, :low_risk) }
it_behaves_like 'logs and tracks the event', :toggle_phone_exemption, :failed
diff --git a/ee/spec/views/users/identity_verification/show.html.haml_spec.rb b/ee/spec/views/users/registrations_identity_verification/show.html.haml_spec.rb
similarity index 55%
rename from ee/spec/views/users/identity_verification/show.html.haml_spec.rb
rename to ee/spec/views/users/registrations_identity_verification/show.html.haml_spec.rb
index 9b1b7701ea8fc7b41c25c813ee1f8186b483e203..7986374a84df4064ecef50498c916f14990e7000 100644
--- a/ee/spec/views/users/identity_verification/show.html.haml_spec.rb
+++ b/ee/spec/views/users/registrations_identity_verification/show.html.haml_spec.rb
@@ -2,8 +2,8 @@
require 'spec_helper'
-RSpec.describe 'user/identity_verification/show', feature_category: :onboarding do
- let_it_be(:template) { 'users/identity_verification/show' }
+RSpec.describe 'user/registrations_identity_verification/show', feature_category: :onboarding do
+ let_it_be(:template) { 'users/registrations_identity_verification/show' }
let_it_be(:user) { create_default(:user) }
before do
diff --git a/ee/spec/views/users/identity_verification/success.html.haml_spec.rb b/ee/spec/views/users/registrations_identity_verification/success.html.haml_spec.rb
similarity index 83%
rename from ee/spec/views/users/identity_verification/success.html.haml_spec.rb
rename to ee/spec/views/users/registrations_identity_verification/success.html.haml_spec.rb
index 5fbb404e070d1816198d4ec110cc5bd05fcdf0f3..284f43427620c453dd8ab173f2364033de24b7bc 100644
--- a/ee/spec/views/users/identity_verification/success.html.haml_spec.rb
+++ b/ee/spec/views/users/registrations_identity_verification/success.html.haml_spec.rb
@@ -2,7 +2,7 @@
require 'spec_helper'
-RSpec.describe 'users/identity_verification/success.html.haml', feature_category: :onboarding do
+RSpec.describe 'users/registrations_identity_verification/success.html.haml', feature_category: :onboarding do
context 'when tracking_label is set' do
before do
assign(:tracking_label, '_tracking_label_')