Detailed Error Messaging: Encrypted/Password Protected PDF

[cholly75]

As petitioner or practitioner, so that I know how to correct problems when uploading files , I need more detailed responses when I upload an encrypted or password protected PDF.

Currently when a user uploads a file in DAWSON, if the file does not meet certain criteria we display an error in the UI and ask them to try again. Even though there are a few commonly seen specific causes for the error, we do not give the user any indication of what the problem might be to help them successfully upload the file on subsequent retries.

We would like to display custom error messaging in these cases to help our external users understand what problems they need to address in their file before attempting to re-upload it. We have been able to connect several root causes for upload problems with specific logfile messages in Kibana, and we should display helpful information to the user based on the error seen in those messages.

Pre-Conditions

Acceptance Criteria

• When a petitioner attempts to upload a file, if the uploaded PDF is encrypted or password protected, the UI explains in some way to the user that the PDF they are trying to upload may be encrypted or password protected, and asks them to check/remedy this before trying to upload again.
• When a practitioner attempts to upload a file, if the uploaded PDF is encrypted or password protected, the UI explains in some way to the user that the PDF they are trying to upload may be encrypted or password protected, and asks them to check/remedy this before trying to upload again.
• Occurrences of these errors manifest in the back end Kibana log files for tracking

Notes

• We will probably want to adjust the wording in the current error message that is at the end of the workflow when this story is implemented. Once this story is in place, the current error message will no longer be valid:

  

• Here is the current error we see in the logs:

• Here is the snippet that we reply with when a user reports the error message. Most people have no idea that Adobe encrypted their document when they signed it. These instructions help them fix it.

Tasks

• [x] Write an integration test to cover this scenario with an encrypted PDF
• [x] Move submit validation of PDF upload (submitExternalDocumentSequence) into validation of file upload (validateExternalDocumentInformationSequence) for external users
• [x] Validate file upload on submit to prevent submit when file is encrypted (primaryDocument) - Rosie
• [X] Create PDF entity for validating PDFs across DAWSON (Rachel) (https://github.com/ustaxcourt/ef-cms/pull/3510)
• [ ] Implement UI for validation errors
• [ ] Mobile UI design
• [X] Switch all new File() to new Blob() for browser/node compatibility
• [ ] DOD: Figure out formatting of error objects in FormGroup.tsx + PrimaryDocumentForm.tsx

Test Cases

Story Definition of Ready (updated on 12/23/22)

The following criteria must be met in order for the user story to be picked up by the Flexion development team. The user story must:

• [ ] Is framed in business/user need, the value has been addressed.
• [ ] Includes acceptance criteria
• [ ] Has been refined
• [ ] Pre conditions have been satisfied. Process: Flexion developers and designers will test if the story meets acceptance criteria and test cases in Flexion dev and staging environments (“standard testing”). If additional acceptance criteria or testing scenarios are discovered while the story is in progress, a new story should be created, added to the backlog and prioritized by the product owner.

Definition of Done (Updated 5-19-22)

Product Owner

• [ ] Acceptance criteria have been met and validated on the Court's migration environment
• [ ] Add scenario to testing document, if applicable (https://docs.google.com/spreadsheets/d/1FUHKC_YrT-PosaWD5gRVmsDzI1HS_U-8CyMIb-qX9EA/edit?usp=sharing)

UX

• [ ] Business test scenarios have been refined to meet all acceptance criteria
• [ ] Usability has been validated
• [ ] Wiki has been updated (if applicable)
• [ ] Story has been tested on a mobile device (for external users only)

Engineering

• [ ] Automated test scripts have been written, including visual tests for newly added PDFs
• [ ] Field level and page level validation errors (front-end and server-side) integrated and functioning
• [ ] Verify that language for docket record for internal users and external users is identical
• [ ] New screens have been added to pa11y scripts
• [ ] All new functionality verified to work with keyboard and macOS voiceover https://www.apple.com/voiceover/info/guide/_1124.html
• [ ] READMEs, other appropriate docs, JSDocs and swagger/APIs fully updated
• [ ] UI should be touch optimized and responsive for external only (functions on supported mobile devices and optimized for screen sizes as required)
• [ ] Interactors should validate entities before calling persistence methods
• [ ] Code refactored for clarity and to remove any known technical debt
• [ ] Acceptance criteria for the story has been met
• [ ] If there are special instructions in order to deploy into the next environment, add them as a comment in the story
• [ ] Reviewed by UX on a deployed environment.
• [ ] Reviewed by PO on a deployed environment. Can be deployed to the Court's test environment if prod-like data is required. Otherwise deployed to any experimental environment.
• [ ] Deployed to the Court's staging environment.

[ttlenard]

Test Cases

1) Petitioner uploads an encrypted or password protected PDF for their STIN; Petitioner receives error message immediately after upload; Petitioner is unable to proceed to the next step.

• Log in as a Petitioner
• Create a case
• At the step to upload a STIN, Click on the Choose File button
• Choose a PDF file from your computer that is encrypted or password protected.

Expected Results:

• [ ] User receives the red error message banner with the text from the mockup at the top of the screen.
• [ ] User receives error message text in red text underneath the file name.
• [ ] User is unable to proceed to the next screen when they click "Continue to Step 2 of 5" button; Error message persists until user uploads a non-encrypted/password protected PDF.
• [ ] Upon uploading a non-encrypted/password protected document, user is able to click on the "Continue to Step 2 of 5" button to get to the next step without the error message.

*Repeat this test as a Private Practitioner

• [ ] Test passes as Private Practitioner

2) Kibana logs display the error message that the user experienced when they uploaded the encrypted/Password Protected STIN.

• Log into Kibana
• Filter by the User that you were logged in as for Test Case 1

Expected Results:

• [ ] Error message that the user experienced is present in the Kibana logs

3) Petitioner uploads an encrypted or password protected PDF for their Petition; Petitioner receives error message immediately after upload; Petitioner is unable to proceed to the next step.

• Continuing from Test Case 1
• At the step to upload a Petition, Click on the Choose File button
• Choose a PDF file from your computer that is encrypted or password protected.

Expected Results:

• [ ] User receives the red error message banner with the text from the mockup at the top of the screen.
• [ ] User receives error message text in red text underneath the file name.
• [ ] User is unable to proceed to the next screen when they click "Continue to Step 3 of 5" button; Error message persists until user uploads a non-encrypted/password protected PDF.
• [ ] Upon uploading a non-encrypted/password protected document, user is able to click on the "Continue to Step 3 of 5" button to get to the next step without the error message.

*Repeat this test as a Private Practitioner

• [ ] Test passes as Private Practitioner

4) Kibana logs display the error message that the user experienced when they uploaded the encrypted/Password Protected Petition.

• Log into Kibana
• Filter by the User that you were logged in as for Test Case 1 & 3

Expected Results:

• [ ] Error message that the user experienced is present in the Kibana logs

5) Petitioner uploads an encrypted or password protected PDF for their CDS; Petitioner receives error message immediately after upload; Petitioner is unable to proceed to the next step.

• Continuing from Test Case 3
• Be sure that you select that you are filing the Petition on behalf of a Business
• Select Corporation (You'll need to repeat this test by selecting all of the business types)
• Fill out the business information
• Click on the Choose File button
• Choose a PDF file from your computer that is encrypted or password protected.

Expected Results:

• [ ] User receives the red error message banner with the text from the mockup at the top of the screen.
• [ ] User receives error message text in red text underneath the file name.
• [ ] User is unable to proceed to the next screen when they click "Continue to Step 4 of 5" button; Error message persists until user uploads a non-encrypted/password protected PDF.
• [ ] Upon uploading a non-encrypted/password protected document, user is able to click on the "Continue to Step 4 of 5" button to get to the next step without the error message.
• [ ] User is able to complete the Create a Case workflow and submit their Petition Successfully.

Repeat this test by selecting all of the business types available Repeat this test as a Private Practitioner

• [ ] Test passes as Private Practitioner

6) Kibana logs display the error message that the user experienced when they uploaded the encrypted/Password Protected CDS.

• Log into Kibana
• Filter by the User that you were logged in as for Test Case 1, 3, and 5

Expected Results:

• [ ] Error message that the user experienced is present in the Kibana logs

7) Petitioner files a document on their case; uploads an encrypted or password protected PDF; Petitioner receives error message immediately after upload; Petitioner is unable to proceed to the next step.

• Log in as a Petitioner
• Click on the docket number of one of your existing cases
• Click on the File a Document button
• Click on the Ok, I'm Ready to File button
• Select a document type, click continue
• Click on the Choose File button
• Choose a PDF file from your computer that is encrypted or password protected.

Expected Results:

• [ ] User receives the red error message banner with the text from the mockup at the top of the screen.
• [ ] User receives error message text in red text underneath the file name.
• [ ] User is unable to proceed to the next screen when they click the Review Filing button; Error message persists until user uploads a non-encrypted/password protected PDF.
• [ ] User is able to complete the File a document workflow and Submit their filing successfully

*Repeat this test with a Private Practitioner and an IRS Practitioner.

• [ ] Test passes as Private Practitioner
• [ ] Test Passes as an IRS Practitioner

8) Kibana logs display the error message that the user experienced when they uploaded the encrypted/Password Protected document.

• Log into Kibana
• Filter by the User that you were logged in as for Test Case 7

Expected Results:

• [ ] Error message that the user experienced is present in the Kibana logs

9) Petitioner files a supporting document with their filing on their case; uploads an encrypted or password protected PDF for the supporting document; Petitioner receives error message immediately after upload; Petitioner is unable to proceed to the next step.

• Log in as a Petitioner
• Click on the docket number of one of your existing cases
• Click on the File a Document button
• Click on the Ok, I'm Ready to File button
• Select a document type, click continue
• Click on the Choose File button
• Upload a non-encrypted/non-password protected file
• Click on Add supporting document
• Select a supporting document type from the dropdown
• Click on the Choose File button
• Choose a PDF file from your computer that is encrypted or password protected.

Expected Results:

• [ ] User receives the red error message banner with the text from the mockup at the top of the screen.
• [ ] User receives error message text in red text underneath the file name.
• [ ] User is unable to proceed to the next screen when they click the Review Filing button; Error message persists until user uploads a non-encrypted/password protected PDF.
• [ ] User is able to complete the File a document workflow and Submit their filing successfully

Repeat this test by adding multiple supporting documents, ensuring that for each supporting document, you receive the error message (can add up to 5 supporting documents for each filing) Repeat this test with a Private Practitioner and an IRS Practitioner.

• [ ] Test passes as Private Practitioner
• [ ] Test Passes as an IRS Practitioner

10) Kibana logs display the error message that the user experienced when they uploaded the encrypted/Password Protected document.

• Log into Kibana
• Filter by the User that you were logged in as for Test Case 9

Expected Results:

• [ ] Error message that the user experienced is present in the Kibana logs

11) Repeat test cases 1-10 using a mobile device; error messages received on Mobile device screens match mockups.

• [ ] Test cases 1-10 pass on mobile device

[jhansen-flexion]

Note: 02 and 03 blocked because this code is the same as those stories. We want to use this story to inform how the other two stories will move forward.

[rachelschneiderman]

https://trello.com/c/J4S7ZhKx/1187-convert-validation-messages-for-entities-to-using-joi-syntax https://trello.com/c/KZCJa3fh/1188-convert-all-entities-to-es6-style-classes https://trello.com/c/9XuhSxO8/1189-parent-entities-that-expect-to-display-validation-errors-for-child-entities-need-to-know-child-entitiy-schema-at-or-before-run-t https://trello.com/c/NnW4cAkj/1190-modify-joivalidationentitygetformattederrormessages-to-not-be-recursive-use-standard-joischemavalidate

[swongCO]

Pre refinement

• Refactored entities a year ago - revisit joi validation
• what implications does this have for petition flows? i.e. storage of pdfs

[Mwindo]

I've looked over this and #10002. After some helpful discussion with Zach, here are my thoughts:

Ideally, we want whatever solution we have here to be 1) helpful for the user (this is probably most important), 2) consistent with the app.

RE: 1) What would be most helpful for the user? Immediate feedback upon file selection rather than having to wait on submit (especially if there are multiple files in the form), similar to the alert generated by limitFileSize.ts. This suggests we should use some frontend validation.

RE: 2) How do we currently show errors in the app?

• We generally use inline errors, often with ErrorNotification, on form submission.
• We sometimes use inline errors on blur (e.g., in the new petition flow).
• We rarely use JS alert (e.g., file size too big in limitFileSize.ts)
• We rarely use a modal (e.g., in completeDocketEntryQCAndSendMessageSequence.ts)

Which is the best approach in our case? Probably showing an inline error or an alert. I think showing ErrorNotification accords more with form submission than with file selection, and, as mentioned above, I think validation of basic file constraints should occur on file selection. (So long as we can do these checks quickly!)

Therefore, my recommendation is to use pdfjs-dist to do some basic pdf validation on the frontend. We can have something like ClientPdfValidator, which checks for file size, encryption, and non-pdf .pdfs. We can use this in StateDrivenFileInput so that it is available for every file upload. On errors, I suggest we follow an approach similar to what we do for file size, but show a custom modal alert rather than a JS alert (which doesn't allow links, which we might want for explanations of "Why is my pdf encrypted?"). (I suggest we also use this custom alert for the file size error, too.) If we still want logs for these errors in OpenSearch, we can fire some event to the backend to do so.

Note that this approach would not use entity validation. That said, I think we have at least some conceptual justification here: we validate fields one way, validate file selections in another. In other words, file selection validation would come before modifying the form, similar to an invalid keystroke. This doesn't feel terribly messy.

[Mwindo]

I've worked on this a little more. I think inline, the original suggestion, works too. I'll work on implementing that.

[Mwindo]

I've talked with the team about two options forward for #10001 and #10002. (Tenille also mentioned it might be worth investigating #10003, which I will look into as well.) Option 1 was inline errors with yucky code, option 2 was modal errors with better code. We opted for option 2, the modal errors.

A few important points/open questions that were brought up:

1. Modal errors provide us more space to use links (e.g., "Why is my pdf encrypted?")
2. We need to make sure that the modal errors are mobile-friendly
3. We need to make sure that the modal errors are accessible and screen-reader friendly
4. Do we display all error messages at once (e.g., given a file that is both too big and encrypted), or one at a time?
5. How do we handle errors that still happen at the end of an (maybe multi-step) upload process?
6. Make sure that pdf validation only happens for pdf since files are not always pdfs. (This is already taken care of.)

A few cursory thoughts: RE: 4: I think one at a time is easiest and makes sense. I'm not sure how much more helpful aggregate messages would be, and I think this would be a rare case. RE: 5: I think we can essentially keep the same behavior in place (showing a catch-all modal), maybe modifying the language slightly. The earlier, on-file-select validation should catch most errors before that. Then we can incrementally improve as needed.

[mwestereng1]

UX Notes:

All notes apply to 10001, 10002, and 10003

Figma File showing different messaging examples.

• Christopher's recommendations from story 10003 were incorporated into the messages.
• File(s) should clear when user closes the modal.
• Multiple error modal was created
  • Can we have paragraph formatting when it’s a singular error, and bulleted list when there are multiple reasons for the error?
  • When there are multiple reasons for an upload error, only the applicable reasons should be listed.
• Added modal messaging for instances when other file types are allowed for uploads (ie. practitioner documentation). In most cases, the same error message that applies to a PDF can be applied for these instances, but additional mocks were included when the error message for PDF is not appropriate.
• Help links in modal messaging need to be external anchor links
• The external help pages on the tax court website still need to be created

[Mwindo]

A quick update: after a brief discussion, we have decided to show the file size too big error first (when applicable) to avoid potentially parsing a giant file when validating.

[Mwindo]

Another update: 1) Because the error messages should never overlap (e.g., we cannot read a corrupted PDF to tell if it is encrypted, and vice-versa), we have decided to forego the multiple-error-message modal until needed. 2) After experimenting with big files and throttling my browser, we have decided to show the loading modal overlay while the file is being validated.

[Mwindo]

I've pushed to flexion experimental1 and am doing/have done some tests before polishing the code and preparing to push to test. One of the main things I am testing is that large files (around the maximum of 250 MB) do not take too long to validate on different devices. (Since file uploading is such an essential part of the app, I want to test thoroughly!) All of my results so far have been positive:

• Almost instant on an M3 laptop
• Around 2-3 seconds on a 2nd-gen iPhone SE (specs here)
• Around 2 seconds on a 2014 MacBook Pro (16GB, 2.5 GHz)
• Around 2-3 seconds on a 2017 MacBook Air (8 GB, 1.8 GHz)
• Around 2-3 seconds on an M3 laptop with 20x browser throttling on

[Mwindo]

Ultimately, the new approach in 10001-10003 has been to validate files on file selection, which I think is a great start.

A good follow-up ticket: provide better messaging on failed submissions. This means a couple of different things:

1. Rather than the generic "maybe your firewall is blocking the submission" error, we can check network connectivity and whether the request got through (because, if not, that suggests firewall issues) and update messages accordingly.
2. Some places do not even display a generic file upload error when something goes wrong but instead show a 400 error. For instance, here is what happens if a user uploads a corrupt pdf. (This particular failure will now be caught earlier by file selection validation, but you can imagine something else going wrong instead.)

Private Zenhub Video

[ttlenard]

@Mwindo you can use this URL for the troubleshooting link: https://ustaxcourt.gov/dawson_faqs_case_management.html#FileUpload

[ttlenard]

@Mwindo Some testing feedback:

If you upload a file that was signed using Adobe sign, it will put the document in a Password Protected/secured state. Documents in this state are still being able to be uploaded without error, until the final submission step, where the user is now getting the firewall error since it didn't catch it at the initial upload. See the secured test document that I sent you via slack. This document results in the "Invalid PDF" error in the logs. Thanks!

[Mwindo]

Thanks @ttlenard! My implementation only checked password protection on read, not on edit (which we need since DAWSON modifies PDFs by stamping, adding cover sheets, etc.). I have a fix I will get reviewed that checks for password protection on edit as well.

[ttlenard]

@Mwindo Some testing feedback:

• Let's keep the status quo for when an admissions clerk uploads Practitioner documentation. Please remove the file type validation for now. Currently we aren't doing any document type validation, so let's just keep it that way.

@cholly75 All you will need to test when the adjustment above is made is to test as an admissions clerk and upload various file types (including excel, csv, etc.) into the Practitioner database. You shouldn't receive any pop-up indicating that you can't upload the documents, even if they are in a file type not specifically specified in the instructional text.

[Mwindo]

Thanks @ttlenard! (I misunderstood an earlier comment about not validating files--I was thinking, "Don't do any file-specific validation" instead of "don't do any generic file-type validation at all"). I've updated the code in test.

[Mwindo]

Thanks @ttlenard! (I misunderstood an earlier comment about not validating files--I was thinking, "Don't do any file-specific validation" instead of "don't do any generic file-type validation at all"). I've updated the code in test.