Fyst -520 archived intake pdf download screen

app/controllers/state_file/archived_intakes/mailing_address_validation_controller.rb

@@ -19,9 +19,8 @@ def update
         if @form.valid?
           create_state_file_access_log("correct_mailing_address")
           session[:mailing_verified] = true
-          # TODO: https://codeforamerica.atlassian.net/browse/FYST-1520
-          # need to change to download path
-          redirect_to root_path
+
+          redirect_to state_file_archived_intakes_pdfs_path
         elsif params["state_file_archived_intakes_mailing_address_validation_form"].present?
           create_state_file_access_log("incorrect_mailing_address")
           current_request.lock_access!

app/controllers/state_file/archived_intakes/pdfs_controller.rb

@@ -0,0 +1,57 @@
+module StateFile
+  module ArchivedIntakes
+    class PdfsController < ArchivedIntakeController
+      before_action :check_feature_flag
+      before_action :is_request_locked
+      before_action :require_archived_intake_email
+      before_action :require_archived_intake_email_code_verified
+      before_action :require_archived_intake_ssn_verified
+      before_action :require_mailing_address_verified
+      before_action do
+        if Rails.env.development? || Rails.env.test?
+          ActiveStorage::Current.url_options = { protocol: request.protocol, host: request.host, port: request.port }
+        end
+      end
+
+      def index
+        @prior_year_intake = StateFileArchivedIntake.find_by!(email_address: current_request.email_address)
+        @pdf_url = @prior_year_intake.submission_pdf.url(expires_in: pdf_expiration_time, disposition: "inline")
+        create_state_file_access_log("issued_pdf_download_link")
+      end
+
+      private
+
+      def pdf_expiration_time
+        if Rails.env.production?
+          24.hours
+        else
+          10.minutes
+        end
+      end
+
+      def require_archived_intake_email
+        return if session[:email_address].present?
+
+        redirect_to state_file_archived_intakes_verification_error_path
+      end
+
+      def require_archived_intake_email_code_verified
+        return if session[:code_verified].present?
+
+        redirect_to state_file_archived_intakes_verification_error_path
+      end
+
+      def require_archived_intake_ssn_verified
+        return if session[:ssn_verified].present?
+
+        redirect_to state_file_archived_intakes_verification_error_path
+      end
+
+      def require_mailing_address_verified
+        return if session[:mailing_verified].present?
+
+        redirect_to state_file_archived_intakes_verification_error_path
+      end
+    end
+  end
+end

app/views/state_file/archived_intakes/pdfs/index.html.erb

@@ -0,0 +1,17 @@
+<% @title = t('.title') %>
+
+<% content_for :page_title, @title %>
+
+<section class="slab question-layout <%= controller_name.gsub("_", "-") %>-outer">
+  <div class="grid">
+    <div class="grid__item question-wrapper">
+      <h1 class="h2" id="main-question"><%= @title %></h1>
+      <p><%= t('.subtitle', state: @prior_year_intake.state_code) %></p>
+
+      <%= link_to @pdf_url, class: "button button--primary button--wide spacing-below-15 button--icon button--icon--centered" do %>
+        <%= image_tag("icons/download.svg", alt: "", style: "filter: invert(1); vertical-align: middle;") %><%= t(".download") %>
+      <% end %>
+    </div>
+  </div>
+</section>
+

config/initializers/flipper.rb

@@ -11,6 +11,7 @@
   Flipper.disable :show_retirement_ui unless Flipper.exist?(:show_retirement_ui)
   Flipper.disable :sms_notifications unless Flipper.exist?(:sms_notifications)
   Flipper.disable :hub_dashboard unless Flipper.exist?(:hub_dashboard)
+  Flipper.disable :get_your_pdf unless Flipper.exist?(:get_your_pdf)
   if Rails.env.heroku? || Rails.env.demo?
     Flipper.disable :prevent_duplicate_accepted_statefile_submissions unless Flipper.exist?(:prevent_duplicate_accepted_statefile_submissions)
   else

config/locales/en.yml

@@ -2057,6 +2057,11 @@ en:
           identity_safe: To keep your identity safe, we need to confirm the address on your 2023 tax return.
           radio_button_title: Select the mailing address for your 2023 tax return.
           title: Confirm your address to access your tax return
+      pdfs:
+        index:
+          download: Download 2023 Tax Return
+          subtitle: To access your 2023 %{state} tax return, click the link below.
+          title: Your account has been successfully verified!
       verification_code:
         edit:
           error_message: Incorrect verification code. After 2 failed attempts, accounts are locked.

config/locales/es.yml

@@ -2009,6 +2009,11 @@ es:
           identity_safe: Para proteger su identidad, necesitamos confirmar la dirección en su declaración de impuestos de 2023.
           radio_button_title: Seleccione la dirección postal para su declaración de impuestos de 2023.
           title: Confirme su dirección para acceder a su declaración de impuestos
+      pdfs:
+        index:
+          download: Descargar Declaración de Impuestos 2023
+          subtitle: Para acceder a su declaración de impuestos %{state} de 2023, haga clic en el enlace a continuación.
+          title: "¡Su cuenta ha sido verificada exitosamente!"
       verification_code:
         edit:
           error_message: Después de 2 intentos fallidos, las cuentas serán bloqueadas.

config/routes.rb

@@ -571,6 +571,7 @@ def scoped_navigation_routes(context, navigation)
           get 'verification_error', to: "/state_file/state_file_pages#archived_intakes_verification_error"
           get 'identification_number/edit', to: 'identification_number#edit', as: 'edit_identification_number'
           patch 'identification_number', to: 'identification_number#update'
+          resources :pdfs, only: [:index]
         end
         namespace :questions do
           get "show_xml", to: "confirmation#show_xml"

spec/controllers/state_file/archived_intake/mailing_address_validation_controller_spec.rb

@@ -63,7 +63,7 @@
 
   describe "PATCH #update" do
     context "with a valid chosen address" do
-      it "creates an access log and redirects to the root path" do
+      it "creates an access log and redirects to the download page" do
         post :update, params: {
           state_file_archived_intakes_mailing_address_validation_form: { selected_address: intake.full_address, addresses: current_request.address_challenge_set}
         }
@@ -74,9 +74,7 @@
         expect(access_log.event_type).to eq("correct_mailing_address")
         expect(session[:mailing_verified]).to eq(true)
 
-        # TODO: https://codeforamerica.atlassian.net/browse/FYST-1520
-        # need to change to download path
-        expect(response).to redirect_to(root_path)
+        expect(response).to redirect_to(state_file_archived_intakes_pdfs_path)
       end
     end
 

spec/controllers/state_file/archived_intake/pdfs_controller_spec.rb

@@ -0,0 +1,161 @@
+require "rails_helper"
+
+RSpec.describe StateFile::ArchivedIntakes::PdfsController, type: :controller do
+  let(:email_address) { "test@example.com" }
+  let!(:intake) { create(:state_file_archived_intake, mailing_state: "NY", email_address: email_address) }
+  let(:current_request) { create(:state_file_archived_intake_request, email_address: email_address, failed_attempts: 0, state_file_archived_intake: intake) }
+  let(:controller_instance) { described_class.new }
+  let(:valid_verification_code) { "123456" }
+  let(:invalid_verification_code) { "654321" }
+
+  before do
+    Flipper.enable(:get_your_pdf)
+    allow(controller).to receive(:current_request).and_return(current_request)
+    allow(I18n).to receive(:locale).and_return(:en)
+    session[:email_address] = true
+    session[:code_verified] = true
+    session[:ssn_verified] = true
+    session[:mailing_verified] = true
+  end
+
+  describe "GET #index" do
+    context "request is locked" do
+      before do
+        allow(current_request).to receive(:access_locked?).and_return(true)
+      end
+
+      it "redirects to error page" do
+        get :index
+
+        expect(response).to redirect_to(state_file_archived_intakes_verification_error_path)
+      end
+    end
+
+    context "email address is not verified" do
+      before do
+        session[:code_verified] = nil
+      end
+
+      it "redirects to the email verification page" do
+        get :index
+
+        expect(response).to redirect_to(state_file_archived_intakes_verification_error_path)
+      end
+    end
+
+    context "ssn is not verified" do
+      before do
+        session[:ssn_verified] = nil
+      end
+
+      it "redirects to the ssn verification page" do
+        get :index
+
+        expect(response).to redirect_to(state_file_archived_intakes_verification_error_path)
+      end
+    end
+
+    context "mailing address is not verified" do
+      before do
+        session[:mailing_verified] = nil
+      end
+
+      it "redirects to the ssn verification page" do
+        get :index
+
+        expect(response).to redirect_to(state_file_archived_intakes_verification_error_path)
+      end
+    end
+
+    context "by default" do
+      it "renders" do
+        get :index
+
+        expect(assigns(:prior_year_intake)).to eq(intake)
+        expect(response).to render_template(:index)
+      end
+    end
+  end
+end
+
+=begin
+
+RSpec.describe StateFile::ArchivedIntakes::MailingAddressValidationController, type: :controller do
+  describe "GET #edit" do
+    context "when the request is not locked" do
+      before do
+        allow(current_request).to receive(:access_locked?).and_return(false)
+      end
+
+      it "renders the edit template with a new MailingAddressValidationForm" do
+        get :edit
+
+        expect(assigns(:form)).to be_a(StateFile::ArchivedIntakes::MailingAddressValidationForm)
+        expect(response).to render_template(:edit)
+      end
+    end
+
+    it "redirect to root if code verification was not completed" do
+      session[:code_verified] = nil
+      session[:ssn_verified] = true
+      get :edit
+
+      expect(response).to redirect_to(root_path)
+      expect(StateFileArchivedIntakeAccessLog.last.event_type).to eq("unauthorized_mailing_attempt")
+    end
+
+    it "redirect to root if ssn verification was not completed" do
+      session[:code_verified] = true
+      session[:ssn_verified] = nil
+      get :edit
+
+      expect(response).to redirect_to(root_path)
+      expect(StateFileArchivedIntakeAccessLog.last.event_type).to eq("unauthorized_mailing_attempt")
+    end
+  end
+
+  describe "PATCH #update" do
+    context "with a valid chosen address" do
+      it "creates an access log and redirects to the download page" do
+        post :update, params: {
+          state_file_archived_intakes_mailing_address_validation_form: { selected_address: intake.full_address, addresses: current_request.address_challenge_set}
+        }
+        expect(assigns(:form)).to be_valid
+
+        access_log = StateFileArchivedIntakeAccessLog.last
+        expect(access_log.state_file_archived_intake_request).to eq(current_request)
+        expect(access_log.event_type).to eq("correct_mailing_address")
+        expect(session[:mailing_verified]).to eq(true)
+
+        expect(response).to redirect_to(state_file_archived_intakes_pdfs_path)
+      end
+    end
+
+    context "with an invalid chosen address" do
+      it "creates an access log and redirects to the root path and locks the request" do
+        post :update, params: {
+          state_file_archived_intakes_mailing_address_validation_form: { selected_address: current_request.fake_address_1, addresses: current_request.address_challenge_set}
+        }
+        expect(assigns(:form)).not_to be_valid
+
+        access_log = StateFileArchivedIntakeAccessLog.last
+        expect(access_log.state_file_archived_intake_request).to eq(current_request)
+        expect(access_log.event_type).to eq("incorrect_mailing_address")
+        expect(session[:mailing_verified]).to eq(nil)
+        expect(current_request.access_locked?).to eq(true)
+        expect(response).to redirect_to(state_file_archived_intakes_verification_error_path)
+      end
+    end
+
+    context "without a chosen address" do
+      it "creates an access log and redirects to the root path" do
+        post :update, params: {
+        }
+        expect(assigns(:form)).not_to be_valid
+
+        expect(response).to render_template(:edit)
+      end
+    end
+  end
+end
+=end

spec/factories/state_file_archived_intakes.rb

@@ -28,6 +28,12 @@
     tax_year { 2023 }
     submission_pdf { nil }
 
+    trait :with_pdf do
+      after(:create) do |archived_intake|
+        archived_intake.submission_pdf.attach(io: File.open("public/pdfs/ID-VP.pdf"), filename: "ID-VP.pdf")
+      end
+    end
+
     transient do
       intake { nil }
       archiver { nil }

spec/features/state_file/prior_year_access_spec.rb

@@ -36,9 +36,7 @@
       choose(correct_address)
       click_on I18n.t("general.continue")
 
-      # TODO: https://codeforamerica.atlassian.net/browse/FYST-1520
-      # need to change to download path
-      expect(current_path).to eq(root_path)
+      expect(current_path).to eq(state_file_archived_intakes_pdfs_path)
     end
   end