Sprint 15 #459
Merged
Sprint 15 #459
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Requirements List - Python 3.12+ - A working sandbox account, once you have access you can get it set up by: 0) Create AWS CLI profile that has access to your sandbox and login as that 1) Follow the modified readme in compact-connect 2) Run the create_staff_user.py script 3) Validate emails to your ia account in ses so that you can get your temp passwords for your licensee user. 4) Manually create a licensee user in the relevant user pool and associated db records (licensee and license). I can help with this when needed. 5) You may need to do your initial deploy twice as there is a race condition that fails the first time but is met the second time ### Description List - Added mock login support - Added route guarding based on role - Modified logout flow to hit both hosted logout pages by hopping to and from logout page that will handle logout cases - Fixed 401 interceptor handler to actually fully logout ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - For API configuration changes: CDK tests back/bin/run_tests.sh - Code review - Try logging in as a licensee, staff, both and logout and verify logging out logs out all users - Try the mockAPI flow in the same way - Produce a 401 error by modifying your access or id token (staff and licensee respectively) and refreshing and confirm the 401 causes the user to totally logout - Try going to routes that should not be available to a logged in user (both staff and licensee) and confirm they are redirected to their part of the site Closes #321 --------- Co-authored-by: Dana Stiefel <[email protected]> Co-authored-by: Joshua Kravitz <[email protected]>
### Requirements List - _None_ ### Description List - Swapped out the existing lo-fi app style for the hi-fi design version - https://www.figma.com/design/SYM0uWszsu8Sf0YfxAhIMY/JCC?node-id=1-12&p=f&t=etxgVUar50LKNAGL-0 - Also updated the green text color to be WCAG AA - The designs as-of 12/20 aren't crystal clear on the nav menu on phone size; but the design team and I discussed and concluded the following: - On tablet & desktop the nav menu will always be partially expanded (icons only) - On tablet & desktop the nav menu will expand fully when hovered / focused - On phone the nav menu will not be present, but instead a fixed header with a hamburger toggle - On phone the nav menu will expand fully when toggled, similar to tablet & desktop - Note that these updates were only to layout & style - not new screen features / updates; with the few exceptions below - Licensee credit card payment screen: - Re-arranged the first / last name form fields to match the current designs billing address section, - Added a mock populate for local environments - Note that the overhaul of the Staff Licensing Data Detail page is covered in a separate ticket #361 ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - Code review - Smoke test all app screens; feel free to reach out on Slack w/ initial questions if it's easier than piling up this PR with a lot of small threads. - Depending on how nit any findings are, they _may_ be separate tickets since we were just squeezing this update in between feature enhancements. Closes #313 Closes #405
…#420) This PR adds a new workflow for processing transaction history and sending email notifications when batch settlement failures occur. The workflow consists of two main components: 1. Transaction History Processing Lambda 2. Email Notification Service Lambda ### Transaction History Processing Lambda The transaction history processor runs daily at noon UTC-4 and performs the following: 1. Retrieves settled transactions from the payment processor for the last 24 hours 2. Processes transactions in batches (max 500 per iteration) to avoid timeouts 3. Stores transaction records in DynamoDB with the following schema: - `pk`: `COMPACT#{compact}#TRANSACTIONS#MONTH#{YYYY-MM}` - `sk`: `COMPACT#{compact}#TIME#{epoch}#BATCH#{batchId}#TX#{transactionId}` 4. Returns one of three statuses: - `COMPLETE`: All transactions processed successfully - `IN_PROGRESS`: More transactions to process (triggers another iteration) - `BATCH_FAILURE`: Settlement error detected in batch (triggers email notification) ### Email Notification Service Lambda A new general-purpose email notification service that: 1. Takes a template name and recipient configuration 2. Loads recipient email addresses from the compact configuration table 3. Supports multiple recipient types: - Compact Operations Team - Compact Adverse Actions - Compact Summary Report - Specific email addresses 4. Renders emails using EmailBuilderJS for consistent formatting 5. Sends emails via SES with proper branding and formatting ### Requirements List - This change requires that all compacts listed in the cdk.json have valid credentials to an authorize.net account. Without this, when the workflow attempts to run it will fail and an alert will be fired once per compact every day (very noisy by design). This means we either need to remove all compacts from the cdk.json file that we do not want to have this workflow for, or we disable alerting for this particular workflow infrastructure until we are ready to go live. ### Description List - Added new Transaction History DynamoDB table - Added Step function workflow to process settled transactions daily - Added python lambda that uses Authorize.net's SDK to fetch settled transaction history - Added Email Notification Service for sending email notifications anywhere in system. ### Testing List - Unit and functional tests for both lambdas and supporting classes - Manual testing in development environment Closes #286 --------- Co-authored-by: Justin Frahm <[email protected]>
This is part two of the mock resource cleanup. Now that the API ands Ingest stacks are no longer referencing the mock data resources, we can safely delete them from the persistent stack. ### Requirements List - As part of the deployment to the production environment, after the stacks have finished deploying this update, a developer with the proper permissions will need to delete the following tables/buckets manually: - MockLicenseTable - LicenseTable - MockBulkUploadsBucket ### Description List - Removed mock and deprecated license table resources - Removed mock uploads bucket references ### Testing List - local deployment to sandbox environment to ensure stack updates deploy successfully - Code review Closes #110
### Requirements List - `yarn install --ignore-engines` ### Description List - Address https://github.com/csg-org/CompactConnect/security/dependabot/63 ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - Code review Closes #431
### Requirements List
- _None_
### Description List
- Move message augmentation to after message evaluation
- Update frontend to match latest backend pw requirements (length only)
- Add tests
### Testing List
- `yarn test:unit:all` should run without errors or warnings
- `yarn serve` should run without errors or warnings
- `yarn build` should run without errors or warnings
- Code review
- Fill out the change-password section of the account page to ensure
correct validation behavior
- No need to actually submit the change
Closes #410
### Requirements List
- _None_
### Description List
- Change compact-level `read` permission to `readPrivate`
- Add state-level `readPrivate` permission
- Omit compact permission in server payload if current user isn't
compact admin (rather than sending `false`)
- Don't re-send permissions as `false`
- Updated licensee model tests for slightly improved coverage
### Testing List
- `yarn test:unit:all` should run without errors or warnings
- `yarn serve` should run without errors or warnings
- `yarn build` should run without errors or warnings
- Code review
- Make sure to have 3 users created for yourself (this will be helpful
with testing many PRs; should be able to use UI if needed):
- A compact admin
- A state admin (same compact)
- A non-state admin (same compact)
- Ensure compact admin can set / update all types of permissions for
users
- Ensure state admin can set / update all types of permissions for users
in their state(s)
- Ensure non-state admin can't perform user management
Closes #325
### Requirements List - A working LicenseeUser account ### Description List - Added in Military Status page - Added in Update Military Status page - Added in store + network modules needed to facilitate pages' functionality - Updated Licensee model and serializer to capture military affiliations api implementation - Added military affiliations model and serializer - Edited `FinalizePrivilegePurchase` page and `SelectedStatePurchaseInformation` component to refer to both the state and user's military status to make a military discount determination - Fixed bug in `InputRadioGroup` component causing multi-line labels to break layout - Added / updated tests as needed ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - Code review - On both mock and real api and in all screen sizes: 1) click on the view military status button to view your status page 2) Click edit info to go the doc upload page 3) Fill out the form, confirm it does not allow submission with no select choice and no / invalid document selection 4) Submit 5) View your updated military status (real api only) 6) Go through the privilege purchase flow and notice military affiliation discount is being applied 7) Return to the military status screen; try ending your military status 8) Status should now be inactive 9) Go back through privilege purchase flow, confirm military affiliation is no longer being applied Closes #281 Notes: - The real API system only saves one document upload submission per day. It will replace a prior submission in the day with your most recent one - The document upload is eventually consistent so your status may not immediately update. I've found it to take ~1 second but theoretically it could be longer. --------- Co-authored-by: Dana Stiefel <[email protected]>
### Description List - Added `licenseUpdate` and `privilegeUpdate` record types - Added change detection and update record creation on license ingest and privilege purchase processes - Updated provider detail response to present change history in license and privilege objects Closes # #186
jlkravitz
commented
Jan 21, 2025
There was a problem hiding this comment.
@jsandoval81 @jusdino Apologies for the delay on this one. Per last sprint review discussion, I'm going to try to meet with @isabeleliassen to prioritize and demonstrate the kinds of things that come up in sprint reviews. I'll create tickets for the relevant items after this discussion.
Regardless, I wanted to share these comments with you now.
I've tentatively tagged each item as either a #hotfix or #ticket item in each individual comment. Feel free to let me know if you agree/disagree with any of these designations. I also made my best guess as to whether each item will require changes on the frontend, backend, or both.
File extension matching should not fail if extension is a valid type by uses different casing
This was referenced Jan 22, 2025
### Requirements List - _None_ ### Description List - Add aria-label to mobile nav logo ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - Code review Sprint PR hotfix.
### Requirements List - _None_ ### Description List - Joi password plugin was not string matching all cases as expected, so we just removed that constraint since it wasn't server enforced anyway. ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - Code review - New password should now just enforce character length only, which aligns exactly with the backend currently. Hotfix for sprint merge.
### Requirements List - ### Description List - Fixed military modal focus for accessibility - Fixed military page text contrast ### Testing List - `yarn test:unit:all` should run without errors or warnings - `yarn serve` should run without errors or warnings - `yarn build` should run without errors or warnings - Smoke test focus change and capture on open military modal - Confirm contrast issues are fixed - Code review Co-authored-by: Dana Stiefel <[email protected]>
isabeleliassen
approved these changes
Jan 22, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
npm auditandpip audit) to ensure that there are no vulnerabilities that will be deployed to production (as opposed to vulnerabilities that only have an impact on the development environment)