darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-05-14 13:19:26 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
python_manual_unwind
notifications-admin/app/main/views/user_profile.py

291 lines
8.7 KiB
Python
Raw Permalink Normal View History

Send an email to the user when they change email address This PR changes the flow to change an email address. Once the user enter their password, they are told "Check your email". An email has been sent to them containing a link to notify which contains an encrypted token. The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address. They are redirected to the /user-profile page. Also in this commit is an update from flask.ext.login to flask_login.
2016-10-13 17:05:37 +01:00
import json
change wording of platform admin toggle to positive rather than negative CHS Approved Wording :+1: also rename suppress_platform_admin -> disable_platform_admin_view in the backend, as suppress is a kinda weird word.
2019-06-14 12:32:47 +01:00
from flask import (
abort,
current_app,
Let admin user delete their security key Show confiem delete dialogue first to confirm if key should be deleted.
2021-05-14 18:42:57 +01:00
flash,
change wording of platform admin toggle to positive rather than negative CHS Approved Wording :+1: also rename suppress_platform_admin -> disable_platform_admin_view in the backend, as suppress is a kinda weird word.
2019-06-14 12:32:47 +01:00
redirect,
render_template,
Let admin user delete their security key Show confiem delete dialogue first to confirm if key should be deleted.
2021-05-14 18:42:57 +01:00
request,
change wording of platform admin toggle to positive rather than negative CHS Approved Wording :+1: also rename suppress_platform_admin -> disable_platform_admin_view in the backend, as suppress is a kinda weird word.
2019-06-14 12:32:47 +01:00
session,
url_for,
)
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
from flask_login import current_user
Changed registration flow to first send email verification link that when visited sends sms code for second step of account verification. At that second step user enters just sms code sent to users mobile number. Also moved dao calls that simply proxied calls to client to calling client directly. There is still a place where a user will be a sent a code for verification to their email namely if they update email address.
2016-03-17 13:07:52 +00:00
Enforce order and style of imports Done using isort[1], with the following command: ``` isort -rc ./app ./tests ``` Adds linting to the `run_tests.sh` script to stop badly-sorted imports getting re-introduced. Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because I think it gives the cleanest diffs, eg: ``` from third_party import ( lib1, lib2, lib3, lib4, ) ``` 1. https://pypi.python.org/pypi/isort
2018-02-20 11:22:17 +00:00
from app import user_api_client
Add logging around auth{entication,orization} calls
2023-04-26 11:14:25 -04:00
from app.event_handlers import (
create_email_change_event,
create_mobile_number_change_event,
)
Extract user profile route into its own file
2016-01-12 09:52:00 +00:00
from app.main import main
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
from app.main.forms import (
Changed registration flow to first send email verification link that when visited sends sms code for second step of account verification. At that second step user enters just sms code sent to users mobile number. Also moved dao calls that simply proxied calls to client to calling client directly. There is still a place where a user will be a sent a code for verification to their email namely if they update email address.
2016-03-17 13:07:52 +00:00
ChangeEmailForm,
ChangeMobileNumberForm,
Enforce order and style of imports Done using isort[1], with the following command: ``` isort -rc ./app ./tests ``` Adds linting to the `run_tests.sh` script to stop badly-sorted imports getting re-introduced. Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because I think it gives the cleanest diffs, eg: ``` from third_party import ( lib1, lib2, lib3, lib4, ) ``` 1. https://pypi.python.org/pypi/isort
2018-02-20 11:22:17 +00:00
ChangeNameForm,
ChangePasswordForm,
notify-admin-931
2023-12-04 14:52:48 -08:00
ChangePreferredTimezoneForm,
Enforce order and style of imports Done using isort[1], with the following command: ``` isort -rc ./app ./tests ``` Adds linting to the `run_tests.sh` script to stop badly-sorted imports getting re-introduced. Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because I think it gives the cleanest diffs, eg: ``` from third_party import ( lib1, lib2, lib3, lib4, ) ``` 1. https://pypi.python.org/pypi/isort
2018-02-20 11:22:17 +00:00
ConfirmPasswordForm,
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
ServiceOnOffSettingForm,
Remove `ConfirmMobileNumberForm` It’s exactly the same code as `TwoFactorForm` was.
2018-05-07 22:53:36 +01:00
TwoFactorForm,
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
)
Make user API client return JSON, not a model The data flow of other bits of our application looks like this: ``` API (returns JSON) ⬇ API client (returns a built in type, usually `dict`) ⬇ Model (returns an instance, eg of type `Service`) ⬇ View (returns HTML) ``` The user API client was architected weirdly, in that it returned a model directly, like this: ``` API (returns JSON) ⬇ API client (returns a model, of type `User`, `InvitedUser`, etc) ⬇ View (returns HTML) ``` This mixing of different layers of the application is bad because it makes it hard to write model code that doesn’t have circular dependencies. As our application gets more complicated we will be relying more on models to manage this complexity, so we should make it easy, not hard to write them. It also means that most of our mocking was of the User model, not just the underlying JSON. So it would have been easy to introduce subtle bugs to the user model, because it wasn’t being comprehensively tested. A lot of the changed lines of code in this commit mean changing the tests to mock only the JSON, which means that the model layer gets implicitly tested. For those reasons this commit changes the user API client to return JSON, not an instance of `User` or other models.
2019-05-23 15:27:35 +01:00
from app.models.user import User
fix sort ugh
2024-08-26 11:11:59 -07:00
from app.utils import hilite
Use API flag to give users access to WebAuthn This allows us to roll out the feature to other users. Note that the flag is also "True" if the user has "webauthn_auth" as their auth type, so this is compatible with the more fine-grained check we have on the authentication parts of the feature. We could do a more explicit "can_use_webauthn or webauthn_auth" check here, but the idea is that we'll be able to get rid of this flag eventually, so I've optimised for brevity instead. I've modified a couple of the unhappy-path tests to make it more explicit that the flag is false, since it can be true for Platform Admins and "normal users" alike.
2021-06-30 15:30:29 +01:00
from app.utils.user import user_is_gov_user, user_is_logged_in
Localize notification_utils to the admin This changeset pulls in all of the notification_utils code directly into the admin and removes it as an external dependency. We are doing this to cut down on operational maintenance of the project and will begin removing parts of it no longer needed for the admin. Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
2024-05-16 10:37:37 -04:00
from notifications_utils.url_safe_token import check_token
Stop non-gov user seeing/changing email and add test
2016-10-28 11:45:05 +01:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
NEW_EMAIL = "new-email"
NEW_MOBILE = "new-mob"
NEW_MOBILE_PASSWORD_CONFIRMED = (
"new-mob-password-confirmed" # nosec B105 - this is not a password
)
Work in progress.
2016-01-25 10:47:27 +00:00
Extract user profile route into its own file
2016-01-12 09:52:00 +00:00
@main.route("/user-profile")
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile():
Stop non-gov user seeing/changing email and add test
2016-10-28 11:45:05 +01:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile.html",
Refactor government user check onto model
2018-12-12 12:29:08 +00:00
can_see_edit=current_user.is_gov_user,
Stop non-gov user seeing/changing email and add test
2016-10-28 11:45:05 +01:00
)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/name", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_name():
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
form = ChangeNameForm(new_name=current_user.name)
if form.validate_on_submit():
Make user API client return JSON, not a model The data flow of other bits of our application looks like this: ``` API (returns JSON) ⬇ API client (returns a built in type, usually `dict`) ⬇ Model (returns an instance, eg of type `Service`) ⬇ View (returns HTML) ``` The user API client was architected weirdly, in that it returned a model directly, like this: ``` API (returns JSON) ⬇ API client (returns a model, of type `User`, `InvitedUser`, etc) ⬇ View (returns HTML) ``` This mixing of different layers of the application is bad because it makes it hard to write model code that doesn’t have circular dependencies. As our application gets more complicated we will be relying more on models to manage this complexity, so we should make it easy, not hard to write them. It also means that most of our mocking was of the User model, not just the underlying JSON. So it would have been easy to introduce subtle bugs to the user model, because it wasn’t being comprehensively tested. A lot of the changed lines of code in this commit mean changing the tests to mock only the JSON, which means that the model layer gets implicitly tested. For those reasons this commit changes the user API client to return JSON, not an instance of `User` or other models.
2019-05-23 15:27:35 +01:00
current_user.update(name=form.new_name.data)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile"))
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile/change.html", thing="name", form_field=form.new_name
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
notify-admin-931
2023-12-04 14:52:48 -08:00
@main.route("/user-profile/preferred_timezone", methods=["GET", "POST"])
@user_is_logged_in
def user_profile_preferred_timezone():
form = ChangePreferredTimezoneForm(new_name=current_user.preferred_timezone)
if form.validate_on_submit():
current_user.update(preferred_timezone=form.new_preferred_timezone.data)
current_user.preferred_timezone = form.new_preferred_timezone.data
return redirect(url_for(".user_profile"))
return render_template(
"views/user-profile/change.html",
thing="preferred timezone",
form_field=form.new_preferred_timezone,
)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/email", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Refactor gov user check into a decorator We quite often use it in the same way as `@user_has_permissions`.
2018-12-12 13:10:46 +00:00
@user_is_gov_user
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_email():
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
form = ChangeEmailForm(
User.already_registered, email_address=current_user.email_address
)
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
if form.validate_on_submit():
Work in progress.
2016-01-25 10:47:27 +00:00
session[NEW_EMAIL] = form.email_address.data
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile_email_authenticate"))
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile/change.html",
thing="email address",
form_field=form.email_address,
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
)
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/email/authenticate", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_email_authenticate():
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
# Validate password for form
def _check_password(pwd):
Merging conflict with two_factor.py Fixed merge mistake with two_factor.py.
2016-03-30 09:58:10 +01:00
return user_api_client.verify_password(current_user.id, pwd)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
form = ConfirmPasswordForm(_check_password)
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
Work in progress.
2016-01-25 10:47:27 +00:00
if NEW_EMAIL not in session:
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect("main.user_profile_email")
Work in progress.
2016-01-25 10:47:27 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
if form.validate_on_submit():
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
user_api_client.send_change_email_verification(
current_user.id, session[NEW_EMAIL]
)
Create events logging for updating email and phone number for yourself
2023-04-25 19:36:38 -04:00
create_email_change_event(
user_id=current_user.id,
updated_by_id=current_user.id,
Add logging around auth{entication,orization} calls
2023-04-26 11:14:25 -04:00
original_email_address=current_user.email_address,
Create events logging for updating email and phone number for yourself
2023-04-25 19:36:38 -04:00
new_email_address=session[NEW_EMAIL],
)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return render_template(
"views/change-email-continue.html", new_email=session[NEW_EMAIL]
)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile/authenticate.html",
thing="email address",
Fixed bug where there was an error when try and change email. - it tried to send a verify code which no longer is applicable - one stage of process removed and tests update properly Flow is: - Change email - Confirm with password - Done
2016-09-28 09:34:16 +01:00
form=form,
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
back_link=url_for(".user_profile_email"),
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/email/confirm/<token>", methods=["GET"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Send an email to the user when they change email address This PR changes the flow to change an email address. Once the user enter their password, they are told "Check your email". An email has been sent to them containing a link to notify which contains an encrypted token. The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address. They are redirected to the /user-profile page. Also in this commit is an update from flask.ext.login to flask_login.
2016-10-13 17:05:37 +01:00
def user_profile_email_confirm(token):
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
token_data = check_token(
token,
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
current_app.config["EMAIL_EXPIRY_SECONDS"],
)
Send an email to the user when they change email address This PR changes the flow to change an email address. Once the user enter their password, they are told "Check your email". An email has been sent to them containing a link to notify which contains an encrypted token. The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address. They are redirected to the /user-profile page. Also in this commit is an update from flask.ext.login to flask_login.
2016-10-13 17:05:37 +01:00
token_data = json.loads(token_data)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
user = User.from_id(token_data["user_id"])
user.update(email_address=token_data["email"])
Removed unused form. And used session.pop to remove NEW_EMAIL from the session. Also removed variable not being used in user_profile.
2016-10-14 14:46:31 +01:00
session.pop(NEW_EMAIL, None)
Send an email to the user when they change email address This PR changes the flow to change an email address. Once the user enter their password, they are told "Check your email". An email has been sent to them containing a link to notify which contains an encrypted token. The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address. They are redirected to the /user-profile page. Also in this commit is an update from flask.ext.login to flask_login.
2016-10-13 17:05:37 +01:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile"))
Send an email to the user when they change email address This PR changes the flow to change an email address. Once the user enter their password, they are told "Check your email". An email has been sent to them containing a link to notify which contains an encrypted token. The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address. They are redirected to the /user-profile page. Also in this commit is an update from flask.ext.login to flask_login.
2016-10-13 17:05:37 +01:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/mobile-number", methods=["GET", "POST"])
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
@main.route(
"/user-profile/mobile-number/delete",
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
methods=["GET"],
endpoint="user_profile_confirm_delete_mobile_number",
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
)
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_mobile_number():
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
user = User.from_id(current_user.id)
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
form = ChangeMobileNumberForm(mobile_number=current_user.mobile_number)
if form.validate_on_submit():
Work in progress.
2016-01-25 10:47:27 +00:00
session[NEW_MOBILE] = form.mobile_number.data
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile_mobile_number_authenticate"))
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
if request.endpoint == "main.user_profile_confirm_delete_mobile_number":
flash(
"Are you sure you want to delete your mobile number from Notify?", "delete"
)
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile/change.html",
thing="mobile number",
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
form_field=form.mobile_number,
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
user_auth=user.auth_type,
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
)
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/mobile-number/delete", methods=["POST"])
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
@user_is_logged_in
def user_profile_mobile_number_delete():
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
if current_user.auth_type != "email_auth":
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
abort(403)
current_user.update(mobile_number=None)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile"))
Let users on email auth delete their mobile numbers Sometimes users ask us to delete their mobile numbers for them. If those users are on email auth, they should be able to delete their number themselves. This will save them writing a support ticket and save us going into the database.
2022-02-23 18:31:00 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/mobile-number/authenticate", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_mobile_number_authenticate():
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
Work in progress.
2016-01-25 10:47:27 +00:00
if NEW_MOBILE not in session:
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile_mobile_number"))
Work in progress.
2016-01-25 10:47:27 +00:00
initial
2024-08-19 10:57:08 -07:00
session[NEW_MOBILE_PASSWORD_CONFIRMED] = True
current_user.send_verify_code(to=session[NEW_MOBILE])
create_mobile_number_change_event(
user_id=current_user.id,
updated_by_id=current_user.id,
original_mobile_number=current_user.mobile_number,
new_mobile_number=session[NEW_MOBILE],
)
return redirect(url_for(".user_profile_mobile_number_confirm"))
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/mobile-number/confirm", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_mobile_number_confirm():
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
# Validate verify code for form
def _check_code(cde):
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return user_api_client.check_verify_code(current_user.id, cde, "sms")
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
if NEW_MOBILE_PASSWORD_CONFIRMED not in session:
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile_mobile_number"))
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
Remove `ConfirmMobileNumberForm` It’s exactly the same code as `TwoFactorForm` was.
2018-05-07 22:53:36 +01:00
form = TwoFactorForm(_check_code)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
if form.validate_on_submit():
Make user API client return JSON, not a model The data flow of other bits of our application looks like this: ``` API (returns JSON) ⬇ API client (returns a built in type, usually `dict`) ⬇ Model (returns an instance, eg of type `Service`) ⬇ View (returns HTML) ``` The user API client was architected weirdly, in that it returned a model directly, like this: ``` API (returns JSON) ⬇ API client (returns a model, of type `User`, `InvitedUser`, etc) ⬇ View (returns HTML) ``` This mixing of different layers of the application is bad because it makes it hard to write model code that doesn’t have circular dependencies. As our application gets more complicated we will be relying more on models to manage this complexity, so we should make it easy, not hard to write them. It also means that most of our mocking was of the User model, not just the underlying JSON. So it would have been easy to introduce subtle bugs to the user model, because it wasn’t being comprehensively tested. A lot of the changed lines of code in this commit mean changing the tests to mock only the JSON, which means that the model layer gets implicitly tested. For those reasons this commit changes the user API client to return JSON, not an instance of `User` or other models.
2019-05-23 15:27:35 +01:00
current_user.refresh_session_id()
Stop passing the 'whole' user object when making changes to profile
2016-11-03 11:20:24 +00:00
mobile_number = session[NEW_MOBILE]
Work in progress.
2016-01-25 10:47:27 +00:00
del session[NEW_MOBILE]
del session[NEW_MOBILE_PASSWORD_CONFIRMED]
Make user API client return JSON, not a model The data flow of other bits of our application looks like this: ``` API (returns JSON) ⬇ API client (returns a built in type, usually `dict`) ⬇ Model (returns an instance, eg of type `Service`) ⬇ View (returns HTML) ``` The user API client was architected weirdly, in that it returned a model directly, like this: ``` API (returns JSON) ⬇ API client (returns a model, of type `User`, `InvitedUser`, etc) ⬇ View (returns HTML) ``` This mixing of different layers of the application is bad because it makes it hard to write model code that doesn’t have circular dependencies. As our application gets more complicated we will be relying more on models to manage this complexity, so we should make it easy, not hard to write them. It also means that most of our mocking was of the User model, not just the underlying JSON. So it would have been easy to introduce subtle bugs to the user model, because it wasn’t being comprehensively tested. A lot of the changed lines of code in this commit mean changing the tests to mock only the JSON, which means that the model layer gets implicitly tested. For those reasons this commit changes the user API client to return JSON, not an instance of `User` or other models.
2019-05-23 15:27:35 +01:00
current_user.update(mobile_number=mobile_number)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return redirect(url_for(".user_profile"))
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile/confirm.html",
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
form_field=form.sms_code,
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
thing="mobile number",
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/password", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
Work in progress, all tests passing and implemented mocks for services_dao.
2016-01-15 17:46:09 +00:00
def user_profile_password():
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
# Validate password for form
def _check_password(pwd):
Merging conflict with two_factor.py Fixed merge mistake with two_factor.py.
2016-03-30 09:58:10 +01:00
return user_api_client.verify_password(current_user.id, pwd)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
form = ChangePasswordForm(_check_password)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
if form.validate_on_submit():
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
user_api_client.update_password(
current_user.id, password=form.new_password.data
)
return redirect(url_for(".user_profile"))
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
return render_template("views/user-profile/change-password.html", form=form)
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
@main.route("/user-profile/disable-platform-admin-view", methods=["GET", "POST"])
Have permissions decorators check user signed in Rather than force us to write the decorators in a specific order let’s just have one decorator call the other. This should make fewer lines of code, and fewer annoying test failures. It also means that the same way of raising a `401` (through the `current_app` method) is used everywhere.
2019-07-01 15:22:08 +01:00
@user_is_logged_in
change wording of platform admin toggle to positive rather than negative CHS Approved Wording :+1: also rename suppress_platform_admin -> disable_platform_admin_view in the backend, as suppress is a kinda weird word.
2019-06-14 12:32:47 +01:00
def user_profile_disable_platform_admin_view():
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
if not current_user.platform_admin and not session.get(
"disable_platform_admin_view"
):
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
abort(403)
form = ServiceOnOffSettingForm(
Stop legend duplication on disable-platform-admin
2021-01-15 11:10:00 +00:00
name="Use platform admin view",
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
enabled=not session.get("disable_platform_admin_view"),
truthy="Yes",
falsey="No",
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
)
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
form.enabled.param_extensions = {
"hint": {"text": "Signing in again clears this setting"}
}
Stop legend duplication on disable-platform-admin
2021-01-15 11:10:00 +00:00
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
if form.validate_on_submit():
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
session["disable_platform_admin_view"] = not form.enabled.data
return redirect(url_for(".user_profile"))
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
return render_template(
notify-api-412 use black to enforce python coding style
2023-08-25 09:12:23 -07:00
"views/user-profile/disable-platform-admin-view.html", form=form
add option to suppress platform admin temporarily so that platform admins (us) can view pages as regular users do easily. Simply adds a flag in the session cookie that overrides the actual platform admin flag on the user model if set. This way it's safe, since this only downgrades existing functionality, so if someone managed to alter it they could only get less permissions, not more. You can change this value from the user profile page if either: * you're a platform admin * the flag is set (to any value) on the cookie. This slightly weird check means that we don't check the underlying `user._platform_admin` flag anywhere in the code, even when toggling the suppression.
2019-06-13 19:00:17 +01:00
)
add a call on the send page as well
2024-08-26 09:02:39 -07:00
def set_timezone():
# Cookie is set in dashboard.html on page load
try:
timezone = request.cookies.get("timezone", "US/Eastern")
code review feedback
2024-08-27 12:47:15 -07:00
current_app.logger.debug(hilite(f"User's timezone is {timezone}"))
add a call on the send page as well
2024-08-26 09:02:39 -07:00
serialized_user = current_user.serialize()
if serialized_user["preferred_timezone"] is not timezone:
current_user.update(preferred_timezone=timezone)
except Exception:
current_app.logger.exception(hilite("Can't get timezone"))
Reference in New Issue Copy Permalink