Revert "[VI-920] updates to MPI add_person_proxy & orchestrated sea…

…rch meth…" (#20503)

This reverts commit a847542.

app/models/mpi_data.rb

@@ -172,10 +172,15 @@ def mpi_response_is_cached?(user_key: get_user_key)
     cached?(key: user_key)
   end
 
-  # The status of the MPI Add Person Proxy Add call. An MPI search needs to be made first to obtain a search token.
+  # The status of the MPI Add Person Proxy Add call. An Orchestrated MVI Search needs to be made before an
+  # MPI add person proxy addcall is made. The response is recached afterwards so the new ids can be accessed
+  # on the next call.
   def add_person_proxy
-    search_response = mpi_service.find_profile_by_identifier(identifier: user_icn,
-                                                             identifier_type: MPI::Constants::ICN)
+    search_response = mpi_service.find_profile_by_attributes_with_orch_search(first_name: user_first_name,
+                                                                              last_name: user_last_name,
+                                                                              birth_date: user_birth_date,
+                                                                              ssn: user_ssn,
+                                                                              edipi: user_edipi)
     if search_response.ok?
       @mvi_response = search_response
       add_response = mpi_service.add_person_proxy(last_name: search_response.profile.family_name,
@@ -227,11 +232,11 @@ def find_profile
   end
 
   def add_ids(response)
-    # set new ids in the profile and delete the cached response
+    # set new ids in the profile and recache the response
     profile.birls_id = response.parsed_codes[:birls_id].presence
     profile.participant_id = response.parsed_codes[:participant_id].presence
 
-    delete_cached_response if mvi_response.cache?
+    cache(user_uuid, mvi_response) if mvi_response.cache?
   end
 
   def response_from_redis_or_service(user_key:)
@@ -243,11 +248,6 @@ def response_from_redis_or_service(user_key:)
     end
   end
 
-  def delete_cached_response
-    self.class.delete(get_user_key)
-    @mvi_response = nil
-  end
-
   def mpi_service
     @service ||= MPI::Service.new
   end

app/policies/mpi_policy.rb

@@ -2,7 +2,7 @@
 
 MPIPolicy = Struct.new(:user, :mvi) do
   def access_add_person_proxy?
-    user.icn.present? && user.edipi.present? && (user.birls_id.blank? || user.participant_id.blank?)
+    user.edipi.present? && user.ssn.present? && (user.birls_id.blank? || user.participant_id.blank?)
   end
 
   def queryable?

lib/mpi/constants.rb

@@ -40,6 +40,7 @@ module Constants
     FIND_PROFILE_BY_IDENTIFIER_TYPE = 'find_profile_by_identifier'
     FIND_PROFILE_BY_EDIPI_TYPE = 'find_profile_by_edipi'
     FIND_PROFILE_BY_ATTRIBUTES_TYPE = 'find_profile_by_attributes'
+    FIND_PROFILE_BY_ATTRIBUTES_ORCH_SEARCH_TYPE = 'find_profile_by_attributes_orch_search'
     FIND_PROFILE_BY_FACILITY_TYPE = 'find_profile_by_facility'
 
     QUERY_IDENTIFIERS = [ICN = 'ICN', IDME_UUID = 'idme', LOGINGOV_UUID = 'logingov', MHV_UUID = 'mhv'].freeze

lib/mpi/messages/find_profile_by_attributes.rb

@@ -7,7 +7,7 @@
 module MPI
   module Messages
     class FindProfileByAttributes
-      attr_reader :first_name, :middle_name, :last_name, :birth_date, :gender, :ssn, :search_type, :edipi
+      attr_reader :first_name, :middle_name, :last_name, :birth_date, :gender, :ssn, :search_type, :orch_search, :edipi
 
       # rubocop:disable Metrics/ParameterLists
       def initialize(first_name:,
@@ -16,6 +16,7 @@ def initialize(first_name:,
                      ssn:,
                      middle_name: nil,
                      gender: nil,
+                     orch_search: false,
                      edipi: nil,
                      search_type: MPI::Constants::CORRELATION_WITH_RELATIONSHIP_DATA)
         @first_name = first_name
@@ -24,6 +25,7 @@ def initialize(first_name:,
         @birth_date = birth_date
         @gender = gender
         @ssn = ssn
+        @orch_search = orch_search
         @edipi = edipi
         @search_type = search_type
       end
@@ -55,6 +57,7 @@ def validate_required_fields
         missing_values << :last_name if last_name.blank?
         missing_values << :birth_date if birth_date.blank?
         missing_values << :ssn if ssn.blank?
+        missing_values << :edipi if edipi.blank? && orch_search
         raise Errors::ArgumentError, "Required values missing: #{missing_values}" if missing_values.present?
       end
 
@@ -75,6 +78,7 @@ def build_assigned_person
         element = RequestHelper.build_assigned_person_element
         element << RequestHelper.build_assigned_person_ssn(ssn:)
         element << RequestHelper.build_assigned_person_instance(given_names:, family_name: last_name)
+        element << RequestHelper.build_represented_organization(edipi:) if orch_search
         element
       end
 

lib/mpi/service.rb

@@ -126,6 +126,28 @@ def find_profile_by_facility(facility_id:, vista_id:, search_type: Constants::CO
       MPI::Services::FindProfileResponseCreator.new(type: Constants::FIND_PROFILE_BY_FACILITY_TYPE, error: e).perform
     end
 
+    def find_profile_by_attributes_with_orch_search(first_name:,
+                                                    last_name:,
+                                                    birth_date:,
+                                                    ssn:,
+                                                    edipi:)
+      with_monitoring do
+        raw_response = perform(:post, '',
+                               MPI::Messages::FindProfileByAttributes.new(first_name:,
+                                                                          last_name:,
+                                                                          birth_date:,
+                                                                          ssn:,
+                                                                          orch_search: true,
+                                                                          edipi:).perform,
+                               soapaction: Constants::FIND_PROFILE)
+        MPI::Services::FindProfileResponseCreator.new(type: Constants::FIND_PROFILE_BY_ATTRIBUTES_ORCH_SEARCH_TYPE,
+                                                      response: raw_response).perform
+      end
+    rescue *CONNECTION_ERRORS => e
+      MPI::Services::FindProfileResponseCreator.new(type: Constants::FIND_PROFILE_BY_ATTRIBUTES_ORCH_SEARCH_TYPE,
+                                                    error: e).perform
+    end
+
     def find_profile_by_attributes(first_name:,
                                    last_name:,
                                    birth_date:,

modules/claims_api/spec/requests/v1/forms/2122_spec.rb

@@ -283,11 +283,11 @@
       context 'validate_veteran_identifiers' do
         context 'when Veteran identifiers are missing in MPI lookups' do
           before do
-            stub_mpi(build(:mpi_profile, icn: nil))
+            stub_mpi(build(:mpi_profile, birth_date: nil, participant_id: nil))
           end
 
           it 'returns an unprocessible entity status' do
-            allow_any_instance_of(MPI::Service).to receive(:find_profile_by_identifier)
+            allow_any_instance_of(MPI::Service).to receive(:find_profile_by_attributes)
               .and_raise(ArgumentError)
             mock_acg(scopes) do |auth_header|
               post path, params: data, headers: headers.merge(auth_header)

modules/claims_api/spec/requests/v1/forms/526_spec.rb

@@ -1317,12 +1317,18 @@ def obj.class
             VCR.use_cassette('claims_api/bgs/claims/claims') do
               VCR.use_cassette('claims_api/brd/countries') do
                 VCR.use_cassette('claims_api/mpi/add_person/add_person_success') do
-                  allow_any_instance_of(MPIData)
-                    .to receive(:mvi_response).and_return(multi_profile)
+                  VCR.use_cassette('claims_api/mpi/find_candidate/orch_search_with_attributes') do
+                    allow_any_instance_of(MPIData)
+                      .to receive(:mvi_response).and_return(multi_profile)
+                    allow_any_instance_of(MPI::Service).to receive(:find_profile_by_identifier)
+                      .and_return(mpi_profile_response)
+                    allow_any_instance_of(MPI::Service).to receive(:find_profile_by_attributes_with_orch_search)
+                      .and_return(mpi_profile_response)
 
-                  post path, params: data, headers: auth_header
+                    post path, params: data, headers: auth_header
 
-                  expect(response).to have_http_status(:unprocessable_entity)
+                    expect(response).to have_http_status(:unprocessable_entity)
+                  end
                 end
               end
             end
@@ -1334,12 +1340,14 @@ def obj.class
             VCR.use_cassette('claims_api/bgs/claims/claims') do
               VCR.use_cassette('claims_api/brd/countries') do
                 VCR.use_cassette('claims_api/mpi/add_person/add_person_success') do
-                  allow_any_instance_of(ClaimsApi::Veteran).to receive(:mpi_record?).and_return(true)
-                  allow_any_instance_of(MPIData).to receive(:mvi_response)
-                    .and_return(profile_with_edipi)
+                  VCR.use_cassette('claims_api/mpi/find_candidate/orch_search_with_attributes') do
+                    allow_any_instance_of(ClaimsApi::Veteran).to receive(:mpi_record?).and_return(true)
+                    allow_any_instance_of(MPIData).to receive(:mvi_response)
+                      .and_return(profile_with_edipi)
 
-                  post path, params: data, headers: auth_header
-                  expect(response).to have_http_status(:ok)
+                    post path, params: data, headers: auth_header
+                    expect(response).to have_http_status(:ok)
+                  end
                 end
               end
             end

modules/dhp_connected_devices/spec/requests/dhp_connected_devices/fitbit_spec.rb

@@ -3,8 +3,8 @@
 require 'rails_helper'
 
 RSpec.describe 'DhpConnectedDevices::Fitbit', type: :request do
-  let(:current_user) { build(:user, :loa3) }
-  let(:user_without_icn) { build(:user, :loa1) }
+  let(:current_user) { build(:user, :loa1) }
+  let(:user_without_icn) { build(:user, :loa1, icn: '') }
 
   def expected_error_logged(error_class, current_user)
     expect_any_instance_of(SentryLogging).to receive(:log_exception_to_sentry).with(

modules/dhp_connected_devices/spec/requests/dhp_connected_devices/veteran_device_records_spec.rb

@@ -3,8 +3,8 @@
 require 'rails_helper'
 
 Rspec.describe 'DhpConnectedDevices::VeteranDeviceRecords', type: :request do
-  let(:current_user) { build(:user, :loa3) }
-  let(:user_without_icn) { build(:user, :loa1) }
+  let(:current_user) { build(:user, :loa1) }
+  let(:user_without_icn) { build(:user, :loa1, icn: '') }
 
   describe 'veteran_device_record#record' do
     context 'unauthenticated user' do

spec/controllers/v1/sessions_controller_spec.rb

@@ -596,20 +596,65 @@ def expect_logger_msg(level, msg)
     end
 
     context 'when user has level of assurance 1' do
+      let(:loa) { :loa1 }
+
       before { allow(SAML::User).to receive(:new).and_return(saml_user) }
 
-      let(:user) { build(:user, :loa1, uuid:, idme_uuid: uuid) }
+      context 'when user has not accepted the current terms of use' do
+        let(:user) { build(:user, loa, uuid:, idme_uuid: uuid) }
+        let(:application) { 'some-applicaton' }
 
-      it 'redirects to expected auth page' do
-        expect(call_endpoint).to redirect_to(expected_redirect_url)
+        before do
+          SAMLRequestTracker.create(uuid: login_uuid, payload: { type: 'idme', application: })
+        end
+
+        context 'and authentication occurred with a application in Settings.terms_of_use.enabled_clients' do
+          before do
+            allow(Settings.terms_of_use).to receive(:enabled_clients).and_return(application)
+          end
+
+          context 'when the application is not in SKIP_MHV_ACCOUNT_CREATION_CLIENTS' do
+            it 'redirects to terms of use page' do
+              expect(call_endpoint).to redirect_to(
+                'http://127.0.0.1:3001/terms-of-use?redirect_url=http%3A%2F%2F127.0.0.1%3A3001%2Fauth%2Flogin%2Fcallback'
+              )
+            end
+          end
+
+          context 'when the application is in SKIP_MHV_ACCOUNT_CREATION_CLIENTS' do
+            let(:application) { 'mhv' }
+
+            it 'redirects to terms of use page with skip_mhv_account_creation query param' do
+              expect(call_endpoint).to redirect_to(a_string_including('skip_mhv_account_creation=true'))
+            end
+          end
+        end
+
+        context 'and authentication occurred with an application not in Settings.terms_of_use.enabled_clients' do
+          before do
+            allow(Settings.terms_of_use).to receive(:enabled_clients).and_return('')
+          end
+
+          it 'redirects to expected auth page' do
+            expect(call_endpoint).to redirect_to(expected_redirect_url)
+          end
+        end
+      end
+
+      context 'when user has accepted the current terms of use' do
+        it 'redirects to expected auth page' do
+          expect(call_endpoint).to redirect_to(expected_redirect_url)
+        end
       end
     end
 
     context 'when user has level of assurance 3' do
+      let(:loa) { :loa3 }
+
       before { allow(SAML::User).to receive(:new).and_return(saml_user) }
 
       context 'when user has not accepted the current terms of use' do
-        let(:user) { build(:user, :loa3, uuid:, idme_uuid: uuid) }
+        let(:user) { build(:user, loa, uuid:, idme_uuid: uuid) }
         let(:application) { 'some-applicaton' }
 
         before do

spec/factories/users.rb

@@ -225,7 +225,6 @@
 
     trait :loa1 do
       stub_mpi { false }
-      icn { nil }
       authn_context { LOA::IDME_LOA1_VETS }
       sign_in do
         {

spec/lib/mpi/messages/find_profile_by_attributes_spec.rb

@@ -12,6 +12,7 @@
                           birth_date:,
                           ssn:,
                           gender:,
+                          orch_search:,
                           edipi:,
                           search_type:).perform
     end
@@ -22,6 +23,7 @@
     let(:birth_date) { '10-1-2020' }
     let(:gender) { 'some-gender' }
     let(:ssn) { 'some-ssn' }
+    let(:orch_search) { 'some-orch_search' }
     let(:edipi) { 'some-edipi' }
     let(:search_type) { 'some-search-type' }
 
@@ -66,12 +68,40 @@
 
         it_behaves_like 'missing required fields response'
       end
+
+      context 'when edipi is not present' do
+        let(:edipi) { nil }
+        let(:missing_value) { :edipi }
+
+        context 'and orch_search is set to true' do
+          let(:orch_search) { true }
+
+          it_behaves_like 'missing required fields response'
+        end
+
+        context 'and orch_search is set to false' do
+          let(:orch_search) { false }
+
+          it 'does not raise an error' do
+            expect { subject }.not_to raise_error
+          end
+        end
+      end
     end
 
     context 'with a valid set of parameters' do
       let(:idm_path) { 'env:Envelope/env:Body/idm:PRPA_IN201305UV02' }
       let(:parameter_list_path) { "#{idm_path}/controlActProcess/queryByParameter/parameterList" }
 
+      context 'when orch_search is set to true' do
+        it 'has orchestration related params' do
+          expect(subject).to eq_text_at_path(
+            "#{parameter_list_path}/otherIDsScopingOrganization/semanticsText",
+            'MVI.ORCHESTRATION'
+          )
+        end
+      end
+
       it 'has a USDSVA extension with a uuid' do
         expect(subject).to match_at_path("#{idm_path}/id/@extension", /200VGOV-\w{8}-\w{4}-\w{4}-\w{4}-\w{12}/)
       end

spec/lib/mpi/service_spec.rb

@@ -840,6 +840,42 @@
     end
   end
 
+  describe '#find_profile_by_attributes_with_orch_search' do
+    subject do
+      mpi_service.find_profile_by_attributes_with_orch_search(first_name:,
+                                                              last_name:,
+                                                              birth_date:,
+                                                              ssn:,
+                                                              edipi:)
+    end
+
+    let(:statsd_caller) { 'find_profile_by_attributes_with_orch_search' }
+    let(:first_name) { 'some-first-name' }
+    let(:last_name) { 'some-last-name' }
+    let(:birth_date) { '19700101' }
+    let(:ssn) { 'some-ssn' }
+    let(:edipi) { 'some-edipi' }
+
+    context 'malformed request' do
+      let(:edipi) { nil }
+      let(:missing_keys) { [:edipi] }
+      let(:expected_error) { MPI::Errors::ArgumentError }
+      let(:expected_error_message) { "Required values missing: #{missing_keys}" }
+
+      it 'raises a required values missing error' do
+        expect { subject }.to raise_error(expected_error, expected_error_message)
+      end
+    end
+
+    context 'valid request' do
+      it_behaves_like 'find profile success response'
+    end
+
+    context 'invalid requests' do
+      it_behaves_like 'find profile invalid requests'
+    end
+  end
+
   describe '#find_profile_by_attributes' do
     subject do
       mpi_service.find_profile_by_attributes(first_name:,