GSA-TTS · jadudm · Jun 18, 2024 · Jun 17, 2024 · Jun 17, 2024
diff --git a/backend/report_submission/test_views.py b/backend/report_submission/test_views.py
@@ -110,9 +110,9 @@ class TestPreliminaryViews(TestCase):
     }
 
     step2_data = {
-        "auditee_uei": "Lw4MXE7SKMV1",
-        "auditee_fiscal_period_start": "01/01/2021",
-        "auditee_fiscal_period_end": "12/31/2021",
+        "auditee_uei": "D7A4J33FUMJ1",
+        "auditee_fiscal_period_start": "2021-01-01",
+        "auditee_fiscal_period_end": "2021-12-31",
     }
 
     step3_data = {
@@ -260,6 +260,8 @@ def test_step_two_auditeeinfo_submission_empty(self, mock_get_uei_info):
         }
 
         user = baker.make(User)
+        user.profile.entry_form_data = self.step1_data
+        user.profile.save()
         self.client.force_login(user)
         url = reverse("report_submission:auditeeinfo")
 
@@ -295,6 +297,8 @@ def test_step_two_auditeeinfo_invalid_dates(self, mock_get_uei_info):
         mock_get_uei_info.return_value = {"valid": True}
 
         user = baker.make(User)
+        user.profile.entry_form_data = self.step1_data
+        user.profile.save()
         self.client.force_login(user)
         url = reverse("report_submission:auditeeinfo")
 
@@ -328,6 +332,12 @@ def test_step_three_accessandsubmission_submission_fail(self):
         Check that the POST succeeds with appropriate data.
         """
         user = baker.make(User)
+        user.profile.entry_form_data = {
+            **self.step1_data,
+            **self.step2_data,
+            **self.step3_data,
+        }
+        user.profile.save()
         self.client.force_login(user)
         url = reverse("report_submission:accessandsubmission")
 
@@ -378,6 +388,35 @@ def test_accessandsubmissionformview_get_requires_login(self):
         self.assertIsInstance(response, HttpResponseRedirect)
         self.assertTrue("openid/login" in response.url)
 
+    def test_auditeeinfo_no_eligibility(self):
+        user = baker.make(User)
+        user.profile.entry_form_data = {
+            **self.step1_data,
+            "is_usa_based": False,  # Ineligible
+        }
+        user.profile.save()
+        self.client.force_login(user)
+
+        url = reverse("report_submission:auditeeinfo")
+        response = self.client.get(url)
+
+        # Should redirect to step 1 page due to no eligibility
+        self.assertIsInstance(response, HttpResponseRedirect)
+        self.assertTrue("report_submission/eligibility" in response.url)
+
+    def test_accessandsubmission_no_auditee_info(self):
+        user = baker.make(User)
+        user.profile.entry_form_data = self.step1_data
+        user.profile.save()
+        self.client.force_login(user)
+
+        url = reverse("report_submission:accessandsubmission")
+        response = self.client.get(url)
+
+        # Should redirect to step 2 page since auditee info isn't present
+        self.assertIsInstance(response, HttpResponseRedirect)
+        self.assertTrue("report_submission/auditeeinfo" in response.url)
+
 
 class GeneralInformationFormViewTests(TestCase):
     def test_get_requires_login(self):

diff --git a/backend/report_submission/views.py b/backend/report_submission/views.py
@@ -53,10 +53,17 @@ def post(self, post_request):
 # Step 2
 class AuditeeInfoFormView(LoginRequiredMixin, View):
     def get(self, request):
-        args = {}
-        args["step"] = 2
-        args["form"] = AuditeeInfoForm()
-        return render(request, "report_submission/step-2.html", args)
+        entry_form_data = request.user.profile.entry_form_data
+        eligible = api.views.eligibility_check(request.user, entry_form_data)
+
+        # Prevent users from skipping the eligibility form
+        if not eligible.get("eligible"):
+            return redirect(reverse("report_submission:eligibility"))
+        else:
+            args = {}
+            args["step"] = 2
+            args["form"] = AuditeeInfoForm()
+            return render(request, "report_submission/step-2.html", args)
 
     # render auditee info form
 
@@ -95,9 +102,17 @@ def post(self, request):
 # Step 3
 class AccessAndSubmissionFormView(LoginRequiredMixin, View):
     def get(self, request):
-        args = {}
-        args["step"] = 3
-        return render(request, "report_submission/step-3.html", args)
+        info_check = api.views.auditee_info_check(
+            request.user, request.user.profile.entry_form_data
+        )
+
+        # Prevent users from skipping the auditee info form
+        if info_check.get("errors"):
+            return redirect(reverse("report_submission:auditeeinfo"))
+        else:
+            args = {}
+            args["step"] = 3
+            return render(request, "report_submission/step-3.html", args)
 
     # render access-submission form
 

diff --git a/backend/templates/401.html b/backend/templates/401.html
@@ -5,7 +5,7 @@
             <h1 class="font-sans-2xl">401 Error: Unauthorized</h1>
             <div class="font-sans-lg">
                 <p>
-                    Pleasse <a href="/openid/login/" class="usa-link">sign in</a> to view this page
+                    Please <a href="/openid/login/" class="usa-link">sign in</a> to view this page
                 </p>
                 <a href="/openid/login/" class="usa-button">Sign in</a>
             </div>

diff --git a/backend/templates/includes/nav_primary.html b/backend/templates/includes/nav_primary.html
@@ -117,7 +117,7 @@
                     </li>
                     {% comment %}
                         OMB_NUMBER and OMB_EXP_DATE are global.
-                        Added in /config/settings, passed in /config/context_processors.py 
+                        Added in /config/settings, passed in /config/context_processors.py
                     {% endcomment %}
                     <li class="usa-nav__primary-item flex-align-self-center margin-left-2 width-card desktop:width-15 padding-top-2 desktop:padding-top-0">
                         <span class="text-primary-darker"><strong>OMB#</strong> {{ OMB_NUMBER }} <strong>EXP:</strong> {{ OMB_EXP_DATE }}</span>
@@ -185,7 +185,7 @@ <h2 class="usa-modal__heading" id="login-modal-heading">You must log in to conti
                                     <div class="usa-modal__footer">
                                         <ul class="usa-button-group">
                                             <li class="usa-button-group__item">
-                                                <a href="/openid/login/">
+                                                <a href="{% url 'login' %}?next={{ request.path }}">
                                                     <button type="button"
                                                             class="usa-button sign-in-button"
                                                             id="sign-in"
@@ -214,4 +214,4 @@ <h2 class="usa-modal__heading" id="login-modal-heading">You must log in to conti
             </div>
         </div>
     </nav>
-</header>
+</header>