Change terminology of 'flag 2sv' to 'mandate 2sv'

This makes the intent clearer - 'flag' is vague and doesn't necessarily make sense when reading the code.

app/mailers/user_mailer.rb

@@ -22,7 +22,7 @@ def two_step_enabled(user)
     view_mail(template_id, to: @user.email, subject: "#{prefix}2-step verification set up")
   end
 
-  def two_step_flagged(user)
+  def two_step_mandated(user)
     @user = user
     view_mail(template_id, to: @user.email, subject: "Make your Signon account more secure")
   end

app/models/user.rb

@@ -49,7 +49,7 @@ class User < ApplicationRecord
   after_initialize :generate_uid
   after_create :update_stats
   before_save :set_2sv_for_admin_roles
-  before_save :mark_two_step_flag_changed
+  before_save :mark_two_step_mandated_changed
   before_save :update_password_changed
 
   scope :web_users, -> { where(api_user: false) }
@@ -293,8 +293,8 @@ def reset_2sv!(initiating_superadmin)
     end
   end
 
-  def send_two_step_flag_notification?
-    require_2sv? && two_step_flag_changed?
+  def send_two_step_mandated_notification?
+    require_2sv? && two_step_mandated_changed?
   end
 
   def belongs_to_gds?
@@ -303,12 +303,12 @@ def belongs_to_gds?
 
 private
 
-  def two_step_flag_changed?
-    @two_step_flag_changed
+  def two_step_mandated_changed?
+    @two_step_mandated_changed
   end
 
-  def mark_two_step_flag_changed
-    @two_step_flag_changed = require_2sv_changed?
+  def mark_two_step_mandated_changed
+    @two_step_mandated_changed = require_2sv_changed?
     true
   end
 

app/policies/user_policy.rb

@@ -40,7 +40,7 @@ def edit_email_or_password?
   end
   alias_method :update_email?, :edit_email_or_password?
   alias_method :update_password?, :edit_email_or_password?
-  alias_method :flag_2sv?, :edit?
+  alias_method :mandate_2sv?, :edit?
   alias_method :reset_2sv?, :edit?
   alias_method :reset_two_step_verification?, :edit?
 

app/services/user_update.rb

@@ -18,7 +18,7 @@ def call
     record_update
     record_permission_changes(old_permissions)
     record_role_change
-    send_two_step_flag_notification
+    send_two_step_mandated_notification
     perform_permissions_update
     record_email_change_and_notify
     true
@@ -89,9 +89,9 @@ def perform_permissions_update
     PermissionUpdater.perform_on(user)
   end
 
-  def send_two_step_flag_notification
-    if user.send_two_step_flag_notification?
-      UserMailer.two_step_flagged(user).deliver_later
+  def send_two_step_mandated_notification
+    if user.send_two_step_mandated_notification?
+      UserMailer.two_step_mandated(user).deliver_later
     end
   end
 

app/views/users/_form_fields.html.erb

@@ -38,7 +38,7 @@
   </p>
 <% end %>
 
-<% if policy(current_user).flag_2sv? %>
+<% if policy(current_user).mandate_2sv? %>
   <dl>
     <dt>Account security</dt>
     <dd>

test/factories/users.rb

@@ -38,7 +38,7 @@
     otp_secret_key { "Sssshh" }
   end
 
-  factory :two_step_flagged_user, parent: :superadmin_user do
+  factory :two_step_mandated_user, parent: :superadmin_user do
     require_2sv { true }
   end
 

test/integration/authorise_application_test.rb

@@ -6,7 +6,7 @@ class AuthoriseApplicationTest < ActionDispatch::IntegrationTest
     @user = create(:user, with_signin_permissions_for: [@app])
   end
 
-  context "when the user is flagged for 2SV" do
+  context "when the user has had 2SV mandated" do
     setup do
       @user.update!(require_2sv: true)
       ignoring_spurious_error do

test/integration/inviting_users_test.rb

@@ -27,7 +27,7 @@ class InvitingUsersTest < ActionDispatch::IntegrationTest
       assert has_no_select?("Role")
     end
 
-    should "displays the 2SV flagging checkbox" do
+    should "displays the 2SV mandating checkbox" do
       visit new_user_invitation_path
       assert has_field?("Ask user to set up 2-step verification")
     end
@@ -124,7 +124,7 @@ class InvitingUsersTest < ActionDispatch::IntegrationTest
       assert has_select?("Role")
     end
 
-    should "display the 2SV flagging checkbox" do
+    should "display the 2SV mandating checkbox" do
       visit new_user_invitation_path
       assert has_field?("Ask user to set up 2-step verification")
     end

test/integration/flagging_two_step_verification_test.rb → test/integration/mandating_two_step_verification_test.rb

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class FlaggingTwoStepVerificationTest < ActionDispatch::IntegrationTest
+class MandatingTwoStepVerificationTest < ActionDispatch::IntegrationTest
   include EmailHelpers
   include ActiveJob::TestHelper
 

test/integration/two_step_verification_prompt_test.rb

@@ -1,9 +1,9 @@
 require "test_helper"
 
 class TwoStepVerificationPromptTest < ActionDispatch::IntegrationTest
-  context "when the user has been flagged for 2-step verification" do
+  context "when the user has had 2-step verification mandated" do
     setup do
-      @user = create(:two_step_flagged_user)
+      @user = create(:two_step_mandated_user)
       visit users_path
       signin_with(@user, set_up_2sv: false)
     end

test/models/user_test.rb

@@ -59,34 +59,34 @@ def setup
     end
   end
 
-  context "#send_two_step_flag_notification?" do
-    context "when not flagged" do
+  context "#send_two_step_mandated_notification?" do
+    context "when not mandated" do
       should "return false" do
-        assert_not @user.send_two_step_flag_notification?
+        assert_not @user.send_two_step_mandated_notification?
       end
 
-      context "when flagging" do
+      context "when mandating" do
         should "maintain after persisting" do
           @user.update!(require_2sv: true)
 
-          assert @user.send_two_step_flag_notification?
+          assert @user.send_two_step_mandated_notification?
         end
       end
 
       context "when promoting a user" do
         should "be true" do
           @user.update!(role: "admin")
 
-          assert @user.send_two_step_flag_notification?
+          assert @user.send_two_step_mandated_notification?
         end
       end
     end
 
-    context "when already flagged" do
+    context "when already mandated" do
       should "return false" do
         @user.toggle(:require_2sv)
 
-        assert_not @user.reload.send_two_step_flag_notification?
+        assert_not @user.reload.send_two_step_mandated_notification?
       end
     end
   end
@@ -118,7 +118,7 @@ def setup
   context "#prompt_for_2sv?" do
     context "when the user has already enrolled" do
       should "always be false" do
-        assert_not build(:two_step_flagged_user, otp_secret_key: "welp").prompt_for_2sv?
+        assert_not build(:two_step_mandated_user, otp_secret_key: "welp").prompt_for_2sv?
       end
     end
   end

test/policies/user_policy_test.rb

@@ -12,7 +12,7 @@ class UserPolicyTest < ActiveSupport::TestCase
   end
 
   primary_management_actions = %i[new assign_organisations]
-  user_management_actions = %i[edit create update unlock suspension cancel_email_change resend_email_change event_logs reset_2sv flag_2sv]
+  user_management_actions = %i[edit create update unlock suspension cancel_email_change resend_email_change event_logs reset_2sv mandate_2sv]
   self_management_actions = %i[edit_email_or_password update_email update_password cancel_email_change resend_email_change]
   superadmin_actions = %i[assign_role]