Merge branch 'release-62' into ea/qualified-opportunities-fix

.bundler-audit.yml

@@ -0,0 +1,6 @@
+---
+ignore:
+  - CVE-2019-16676
+  - CVE-2017-1002201
+  - CVE-2024-26143
+  - CVE-2024-6531

.github/workflows/asset_compilation.yml

@@ -79,7 +79,7 @@ jobs:
         echo "postgres:5432:*:postgres:postgres" > ~/.pgpass
         chmod 600 ~/.pgpass
 
-        gem install bundler --version=2.4.14
+        gem install bundler --version=2.5.17
 
     # According to https://www.jessesquires.com/blog/2021/08/23/caching-bundler-on-github-actions/
     # this is fragile and failure prone, but the step they recommend using instead (ruby/ruby-setup)

.github/workflows/build_images.yml

@@ -37,7 +37,7 @@ jobs:
             target: prod-build
             build-args: |
               BUILD_TAG=3.1.6-alpine3.20
-              BUNDLER_VERSION=2.4.13
+              BUNDLER_VERSION=2.5.17
               USER_ID=1000
               GROUP_ID=1000
             tags: |

.github/workflows/ci.yml

@@ -77,7 +77,7 @@ jobs:
 
       - name: Run bundle-audit
         run: |
-          bundle exec bundle-audit check --update --ignore CVE-2019-16676 CVE-2017-1002201 CVE-2024-26143
+          bundle exec bundle-audit check --update
       - name: Run brakeman
         run: |
           bundle exec brakeman -q --no-pager --except PermitAttributes,Render

Gemfile.lock

@@ -877,4 +877,4 @@ DEPENDENCIES
   yabeda-rails
 
 BUNDLED WITH
-   2.4.13
+   2.5.17

app/controllers/programs_controller.rb

@@ -100,6 +100,7 @@ def create
           :confidential,
           :eligibility_requirement_notes,
           :weighting_rules_active,
+          :cori_hearing_required,
         ],
         service_ids: [],
         requirements_attributes: [

app/controllers/sub_programs_controller.rb

@@ -15,7 +15,7 @@ class SubProgramsController < ApplicationController
   def new
     program = Program.find(params[:program_id])
     program_type = program.match_route.default_program_type
-    @subprogram = SubProgram.new({program_type: program_type, program: program})
+    @subprogram = SubProgram.new({ program_type: program_type, program: program })
   end
 
   def edit
@@ -26,30 +26,30 @@ def create
     @subprogram = SubProgram.new
     @subprogram.assign_attributes sub_program_params
     @subprogram.program = @program
-    prevent_incorrect_building()
+    prevent_incorrect_building
     if @subprogram.save
       redirect_to action: :index, controller: :programs
       flash[:notice] = "#{@subprogram.program.name} created."
     else
-      flash[:error] = "Please review the form problems below."
+      flash[:error] = 'Please review the form problems below.'
       render :new
     end
   end
 
   def update
     @subprogram.assign_attributes(sub_program_params)
-    prevent_incorrect_building()
+    prevent_incorrect_building
     if @subprogram.save
       @subprogram.file_tags.destroy_all
       if file_tag_params.any? && Warehouse::Base.enabled?
-        tags = Warehouse::Tag.where(id:file_tag_params).map do |tag|
+        Warehouse::Tag.where(id: file_tag_params).map do |tag|
           @subprogram.file_tags.create(tag_id: tag.id, name: tag.name)
         end
       end
       redirect_to action: :edit
       flash[:notice] = "Program \"<a href=\"#{edit_program_sub_program_path(@subprogram.program, @subprogram)}\">#{@subprogram.program.name}</a>\" updated."
     else
-      flash[:error] = "Please review the form problems below."
+      flash[:error] = 'Please review the form problems below.'
       render :new
     end
   end
@@ -68,69 +68,69 @@ def close
   end
 
   private
-    # Only allow a trusted parameter "white list" through.
-    def sub_program_params
-      params.require(:sub_program).
-        permit(
-          :id,
-          :name,
-          :voucher_count,
-          :subgrantee_id, # Service provider
-          :sub_contractor_id,
-          :program_type,
-          :building_id,
-          :hsa_id,
-          :confidential,
-          :event,
-          :eligibility_requirement_notes,
-          :weighting_rules_active,
-        )
-    end
 
-    def file_tag_params
-      params.require(:sub_program)[:file_tag_ids].
-        map(&:presence).compact.map(&:to_i) || []
-    end
+  # Only allow a trusted parameter "white list" through.
+  def sub_program_params
+    params.require(:sub_program).
+      permit(
+        :id,
+        :name,
+        :voucher_count,
+        :subgrantee_id, # Service provider
+        :sub_contractor_id,
+        :program_type,
+        :building_id,
+        :hsa_id,
+        :confidential,
+        :event,
+        :eligibility_requirement_notes,
+        :weighting_rules_active,
+        :cori_hearing_required,
+      )
+  end
 
-    def check_edit_permission!
-      not_authorized! unless can_edit_programs? || (can_edit_assigned_programs? && @subprogram&.editable_by?(current_user))
-    end
+  def file_tag_params
+    params.require(:sub_program)[:file_tag_ids].
+      map(&:presence).compact.map(&:to_i) || []
+  end
 
-    def program_scope
-      if can_view_programs?
-        return Program.all
-      elsif can_view_assigned_programs?
-        return Program.visible_by(current_user)
-      else
-        Program.none
-      end
+  def check_edit_permission!
+    not_authorized! unless can_edit_programs? || (can_edit_assigned_programs? && @subprogram&.editable_by?(current_user))
+  end
+
+  def program_scope
+    if can_view_programs?
+      return Program.all
+    elsif can_view_assigned_programs?
+      return Program.visible_by(current_user)
+    else
+      Program.none
     end
+  end
 
-    def sub_program_scope
-      if can_view_programs?
-        return SubProgram.all
-      elsif can_view_assigned_programs?
-        return SubProgram.visible_by(current_user)
-      else
-        SubProgram.none
-      end
+  def sub_program_scope
+    if can_view_programs?
+      return SubProgram.all
+    elsif can_view_assigned_programs?
+      return SubProgram.visible_by(current_user)
+    else
+      SubProgram.none
     end
+  end
 
-    # Use callbacks to share common setup or constraints between actions.
+  # Use callbacks to share common setup or constraints between actions.
 
-    def set_program
-      @program = program_scope.find_by(id: params[:program_id])
-    end
+  def set_program
+    @program = program_scope.find_by(id: params[:program_id])
+  end
 
-    def set_sub_program
-      @subprogram = sub_program_scope.find_by(id: params[:id])
-      check_edit_permission!
-    end
+  def set_sub_program
+    @subprogram = sub_program_scope.find_by(id: params[:id])
+    check_edit_permission!
+  end
 
-    def prevent_incorrect_building
-      # make sure we unset the building if we shouldn't have one.
-      unless @subprogram.has_buildings?
-        @subprogram.building_id = nil
-      end
-    end
+  def prevent_incorrect_building
+    # make sure we unset the building if we shouldn't have one.
+    @subprogram.building_id = nil unless @subprogram.has_buildings?
+  end
 end

app/mailers/notifications_mailer.rb

@@ -21,6 +21,7 @@ class NotificationsMailer < DatabaseMailer
   include RouteTenMailerMethods
   include RouteElevenMailerMethods
   include RouteTwelveMailerMethods
+  include RouteThirteenMailerMethods
 
   def match_recommendation_dnd_staff(notification = nil)
     setup_instance_variables(notification)

app/mailers/route_thirteen_mailer_methods.rb

@@ -0,0 +1,145 @@
+###
+# Copyright 2016 - 2024 Green River Data Analysis, LLC
+#
+# License detail: https://github.com/greenriver/boston-cas/blob/production/LICENSE.md
+###
+
+module RouteThirteenMailerMethods
+  extend ActiveSupport::Concern
+  included do
+    def thirteen_client_match(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'New Housing Recommendation - Requires Your Action')
+    end
+
+    def thirteen_match_acknowledgement_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'New Housing Recommendation - Requires Your Action')
+    end
+
+    def thirteen_match_acknowledgement_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'New Housing Recommendation')
+    end
+
+    def thirteen_client_review_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'Match Acknowledged - Requires Your Action')
+    end
+
+    def thirteen_client_review_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'Match Acknowledged')
+    end
+
+    def thirteen_client_review_dnd_staff(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'Match Acknowledged')
+    end
+
+    def thirteen_client_review_decline(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Declined by #{Translation.translate('Shelter Agency Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_hearing_scheduled_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Accepted by #{Translation.translate('Shelter Agency Thirteen')}")
+    end
+
+    def thirteen_hearing_scheduled_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Accepted by #{Translation.translate('Shelter Agency Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_hearing_scheduled_dnd_staff(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Accepted by #{Translation.translate('Shelter Agency Thirteen')}")
+    end
+
+    def thirteen_hearing_scheduled_decline(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Declined by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_hearing_outcome_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Review Scheduled by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_hearing_outcome_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Review Scheduled by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_hearing_outcome_dnd_staff(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Review Scheduled by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_hearing_outcome_decline(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Declined by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_hsa_review_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_hsa_review_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_hsa_review_dnd_staff(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_hsa_review_decline(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Declined by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_accept_referral_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_accept_referral_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_accept_referral_ssp(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_accept_referral_hsp(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Ready for Review by #{Translation.translate('HSA Thirteen')}")
+    end
+
+    def thirteen_accept_referral_decline(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: "Match Declined by #{Translation.translate('HSA Thirteen')} - Requires Your Action")
+    end
+
+    def thirteen_confirm_match_success_shelter_agency(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'Match Success Confirmed')
+    end
+
+    def thirteen_confirm_match_success_hsa(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'Match Success Confirmed')
+    end
+
+    def thirteen_confirm_match_success_dnd_staff(notification = nil)
+      setup_instance_variables(notification)
+      mail(to: @contact.email, subject: 'Match Success Confirmed')
+    end
+  end
+end

app/models/client_opportunity_match.rb

@@ -89,6 +89,9 @@ def self.model_name
   # Match Route 12
   include RouteTwelveDecisions
 
+  # Match Route 13
+  include RouteThirteenDecisions
+
   has_many :referral_events, class_name: 'Warehouse::ReferralEvent', foreign_key: 'client_opportunity_match_id'
   has_one :active_referral_event, -> { where(referral_result: nil) }, class_name: 'Warehouse::ReferralEvent', foreign_key: 'client_opportunity_match_id'