• Get new app configuration
• Authentication that differentiates between login and forgot password
• Forgot password HTML form
• GraphQL mutation for forgot password
• Non-JS support for forgot password

After an applicant successfully submits an application, we need to send an email to [email protected] notifying them of the new application.

The subject should be:

New City Clerk Boards and Commissions Application

The body text should read:

Hello,

A new application was received for the following Boards and Commissions:

• Zoning Board of Appeals
• <additional boards/commissions applied to>

View the application details.

"View the application details" should be hyper linked to the application in the boards/commissions database. Example link: http://zpappweb01/cityclerk/commissions/account/Login?ReturnUrl=%2Fcityclerk%2Fcommissions%2Fapplications%2Fview.aspx%3Faid%3D1158

Since removing the generic loopbackGraphql cache, the 311 webapp is making more calls to get the details for a service.

We should cache those results on the client to reduce traffic.

• Request has been received
• Request processed / invoice
• Addt'l information request
• Information request reminder
• Request cancelled

• Quantity dropdown on review page
• Date input field mask / validation
• Remove "X" on review page, add "cancel and start over" link

From @joshuagee on January 24, 2018 22:24

Birth certificates will have requesters who need to ship internationally.

Currently, the fields in our shipping address only handle domestic shipping. This is a potential 2.0 feature (when we handle births).

Copied from original issue: CityOfBoston/registry-certs#287

Need a flow in Access Boston to change passwords for logged-in users.

When user selects “client” for the question ”how are you related?”, this information is displayed and the request flow ends.

Logout is not working.

• Update UI to redirect the user to https://sso-dev.boston.gov/idp/startSLO.ping rather than creating a SAML logout request
• Figure out why the logout success URL is 404ing

When no fields are filled out, the forgot password page still has an active submit button.

From @finneganh on March 12, 2018 13:25

Clicking the "X" for removing from the cart is instantaneous. If someone double-clicks they may remove more than one thing, and there's no way to undo.

We should change the UI so that if you remove an item it shows a "removed" line while you're still on the cart page, so things don't bounce around and you can easily add it back in.

Copied from original issue: CityOfBoston/registry-certs#356

When CityOfBoston/creative-team-workflow#931 is done, implement the new UI changes in registry-certs.

Got confirmation that we can change the "From" email when emailing applicants to [email protected].

After an applicant successfully submits an application, we should show a success page with the following language:

Thank you for applying to serve on a Board or Commission. We appreciate your willingness to make a difference in the City of Boston. If you have any questions about your application, contact [email protected].

When users search a term and press enter, the search results should update, but in testing the app on staging it seems like that functionality isn't working.

The commissions search app is designed to ingest settings that are created by Drupal. In Drupal 7, those settings lived at window.Drupal.settings.bos_commissions_search.bos_commissions_search_graphql_endpoint
window.Drupal.settings.bos_commissions_search.bos_commissions_search_graphql_api_key

That path is different in D8. It is now: window.drupalSettings.bos_commissions.bos_commissions_search.graphql_endpoint
window.drupalSettings.bos_commissions.bos_commissions_search.api_key

Ideally we could push an update to this app that would allow it to function in both D7 + D8.

I assigned @jessicamarcus and @mmcgowanBOS as I think you're best suited to take this over.

Put source for commissions search page in its own folder here: https://github.com/CityOfBoston/digital/tree/develop/services-js

We should use the following text for the required field on the boards and commissions application form:

• First Name: "The first name field is required."
• Last Name: "The last name field is required."
• Street Address : "The street address field is required."
• Unit: helper text should just read "Unit" instead of "Unit or Apartment #"
• City: "The city field is required."
• State: "The state field is required."
• Zip Code: "The ZIP code field is required."
• Email: "The email field is required."
• Confirm email: "Email confirmation is required."

Also update "Order Details" on the Review page to not just say "1 copie(s)"

We need a specific plan on how to put the responses to the birth certificate request questions into the orders database.

• add a little more space between filter options so the separation between "Policy Area" and "Open Seats" sections on mobile and desktop is clearer
• make filter drawer automatically close when "Apply" is hit on mobile
• pressing enter on search doesn't do anything. This was fixed last week on the testing instance (https://boston-gov-commissions-search.digital-staging.boston.gov/commissions-search) but seems to be broken again
• it looks like the search page is pulling from the dev database on the testing instance since its not using updated URLs. This was also fixed/working last week

Change last sentence in email to applicant to:
If you have any questions about your application, please contact [email protected].

The last sentence currently says:
If you have any questions in the meantime, please contact [email protected].

We have a small typo on the boards and commissions application page. Where we tell people what boards they've selected to apply for we have "You're" instead of "You've".

IAM would like to encourage users to use Phone MFA over Email. Let's make the Email option less obvious to users visually.

Here's what we're currently doing:

Here's a visual option they liked (as seen on the RegisterMfaPage > DeviceVerificaitonModal > incorrect code preview):

From @finneganh on April 2, 2018 15:6

Now that Stencil is updated we can remove the find polyfill for IE11 in _document.js.

Copied from original issue: CityOfBoston/registry-certs#370

The parentalInformation step includes the question ”were your/their parents married at the time of your/their birth?”. Any answer other than yes should take the user to an id verification step, otherwise the question flow ends and the user proceeds to /birth/review.

The actual ID verification functionality will be a discrete component, since there is also a freestanding id verification page to support cases where a user submits a request, and is later asked for ID verification by the Registry.

user-facing:

• explanatory content
• Upload ID => proceed to id scan => success => proceed to /birth/review
• No ID? => provide messaging and “Request help” button, then end request flow

requirements:

• add a step to the overall progress if id verification is required
• addt'l logic for back/next buttons

• Refactor sendReceiptEmail method of Email service to accept subject line and email template data as parameters
• Split out email headers and footers into Partials to be used for any registry-related email template

The "logout" SSO feature on the AccessBoston test instance does not log out of the SSO session.

QA testing revealed some alignment oddities:

1. with the external links when viewing the application form in Chrome on an iPhone 6+ (IOS 11)
2. with the text boxes that are on the same line when the page is viewed in landscape mode

More screenshots can be found in the QA testing doc I've shared.

We need to prevent any City email domains from registering in MFA.

See 2nd tab in Portal Content spreadsheet: https://docs.google.com/spreadsheets/d/1OiH2HBLE55X8MzGaB7H9VC_a2WpQQcjV4-eyNpJGTPY/edit?ts=5bbf4804#gid=0

After an applicant submits an application, we should send an email to them with the following language:

Subject: We’ve received your application
Body text:
Serving on a board or commission is one of the most impactful ways Bostonians can become active in their community - thank you for your application(s) to:

- Board/Commission 1
- Board/Commission 2
- etc.

If you have any questions in the meantime, please contact [email protected].

Thank you,
City of Boston

The prod commissions-search app seems to be able to fetch GraphQL without an API key: https://apps.boston.gov/commissions-search/

It should give a 403.

Ping is now sending a "userAccessToken" during login assertions for the forgot password endpoint.

We need to save that in the session and send it back as "Token" when triggering the forgot password workflow.

We’re getting errors from the Salesforce streaming API every 5–20 minutes about an "unknown client". We're currently restarting so things work, but this indicates there may be a deeper problem that should be resolved.

{
    "clientId": "2st8w3gricczecj1a6kdr718go6m",
    "advice": {
        "interval": 0,
        "reconnect": "none"
    },
    "channel": "/meta/connect",
    "id": "8",
    "error": "403::Unknown client",
    "successful": false
}

Binary files provided by the user will be immediately uploaded to the db server, separate from the other information collected during the questions workflow.

Functionality to delete a file on the server must be present for cases when the user wants to replace or delete a file before proceeding with their request order.

The server will return a unique attachmentKey on success.

The following is no longer applicable:

This page supports the case of a Registry-initiated request for id verification to support an existing order. The user will land on this page and see the order number and name on the requested record, and the functional component.

Page will handle uploading files to the db, and showing errors and/or success confirmation to the user, while the upload/photo functionality is handled by VerifyIdentificationComponent.

Questions:

• should we display name of person who ordered in addition to the name on requested record and order id#?
• need text content for submission success
• should we get already-submitted images/files from server and display those assets as already selected in the “upload front/back of id” and “supporting documents” inputs?

Functional requirements:

• submit files to db
• show error messaging
• show success messaging

Make feeback button work on commissions apply form

It appears that Safari (at least on iOS) throws SecurityException errors when registry-certs attempts to access window.localStorage and the user’s cookie settings are set to deny all.

Since all we need localStorage for is saving address information, we could catch the errors and not show the "Save contact info on this computer" checkbox.

From @joshuagee on January 24, 2018 22:28

For a potential 1.1 release: Allow users to search by year or death date.

Copied from original issue: CityOfBoston/registry-certs#291

• take prefix field off
• change "Other Information" in Education and Experience section" to be "Relevant Work Experience"

Recommendations from design (result of this issue):

• put the two lists of boards/commissions (those with open seats/those with_out_ open seats) into separate drawers
• have the first list (boards and open seats) default to open and the second list (boards without open seats) default to closed
• in each of these lists on larger screen sizes (anything above mobile) put the list of boards/commissions in two columns
• lower the font sizes of the board/commission names a little bit

Get staging and production deploys for commissions search app set up.

Component to enable a user to upload images and documents for identification verification.

This component will be used in the questions flow verifyInformation step, as well as a freestanding page; when the Registry manually requests id verification from a user for an existing order, this page is where that user is directed.

Waiting on:

• detailed instructions for the user
• visual design for interface
• allowed file types for documents

Functional requirements:

• user must submit front and back images of their id
• user can add addt’l supporting documents
• user can review their images before submitting
• user can use their device’s camera to take a photo of documents, if possible

Ideal back button behavior, per @fionawhim and @jessicamarcus:

• Clicking "back" takes you to the previous page
• Data on the previous page should be preserved
• Clicking back then forward should leave you in the same place
• Clicking back, modifying form, then clicking forward w/o submitting should not have the form modifications
• Hacking the URL to bypass steps should show errors on the "review" page w/ missing info (alternate: redirect to first missing place instead?)
• Reloading a page should preserve submitted data (e.g. on "Review" page) but clear out any changes.

Changes to make:

• Change text fields to not write to the Order unless submitted
• Add in URL parameters so Next routes w/ pushState instead of replaceState
• Switch order storage from instance variable on CheckoutPage to session-backed storage
• Add error state on review page for missing shipping / billing / empty cart
• Add tokenized card state to payment page (w/ "clear" link to make CC fields come back)

Have a flow at /birth/checkout that goes through shipping, payment, and review.

(This is likely / definitely based on components already written for death certificate checkout.)

From @finneganh on June 29, 2018 14:59

Web component JS is now at: https://patterns.boston.gov/web-components/fleetcomponents.js

Copied from original issue: CityOfBoston/registry-certs#387

The link to 'FY19 Budget Site' on https://github.com/cityofboston/digital/wiki doesn't go anywhere.