darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
5c4de3d13df6d65580405b8e40070a5e1bf7f873
notifications-admin/app/main/forms.py

305 lines
9.1 KiB
Python
Raw Normal View History

108536490: Initial effort to implement log in Add endpoint for post to /sign-in Initialise role data
2015-11-27 09:47:29 +00:00
from flask_wtf import Form
Update the service name validation in the ServiceNameForm and AddServiceForm to check the email_safe version of the name against a list of all service email_from fields. Update find_all_service_names to find_all_service_email_from, which returns the email_from of all services.
2016-03-31 15:17:05 +01:00
from utils.recipients import (
validate_phone_number,
InvalidPhoneError
)
resolve merge conflicts
2016-01-12 10:43:23 +00:00
from wtforms import (
StringField,
PasswordField,
ValidationError,
TextAreaField,
Mapped template actions to the api and mocked tests.
2016-01-19 15:54:12 +00:00
FileField,
[WIP] New user can now accept invite and will be made to register. On succesful register and verfication they will be added to service and forwarded to dashboard. Nothing is done yet with the permissions requested in the invite to the user.
2016-03-02 15:25:04 +00:00
BooleanField,
HiddenField
resolve merge conflicts
2016-01-12 10:43:23 +00:00
)
Use correct HTML 5 input types These give devices a hint (although don’t mandate them) to use a numeric keypad, or a keypad with the `@` symbol visible when entering phone numbers or email addresses.
2016-02-15 13:13:57 +00:00
from wtforms.fields.html5 import EmailField, TelField
Valid email domains added and tests passing.
2016-03-18 12:05:50 +00:00
from wtforms.validators import (DataRequired, Email, Length, Regexp)
First slice of csv upload of phone numbers for sending messages. At the moment the file contents are not persisted by checked in memory. The first and last three records are show if all are valid. If there are invalid rows, they are reported and the user is prompted to go back and sort out upload file. The storing of upload result (i.e. validation of file) in session will be removed in next story which is about persisting of file for later processing.
2016-01-11 15:00:51 +00:00
Valid email domains added and tests passing.
2016-03-18 12:05:50 +00:00
from app.main.validators import (Blacklist, CsvFileValidator, ValidEmailDomainRegex)
Moved mobile validation to utils module for use in csv upload as well. This could be moved to shared utils code base at some point.
2016-02-01 16:57:40 +00:00
108536490: Initial effort to implement log in Add endpoint for post to /sign-in Initialise role data
2015-11-27 09:47:29 +00:00
Add pages to invite, edit, and delete users This takes the original prototype version of this page, and, using the same fake data (ie nothing is wired up): - adds an invite users page - adds an edit (and delete) user page Both these pages allow the user to set another user’s permissions. This commit adds images for the ticks and crosses, so we have control over their appearance.
2016-02-19 15:02:13 +00:00
def email_address(label='Email address'):
return EmailField(label, validators=[
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Length(min=5, max=255),
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
DataRequired(message='Cant be empty'),
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Email(message='Enter a valid email address'),
Valid email domains added and tests passing.
2016-03-18 12:05:50 +00:00
ValidEmailDomainRegex()])
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Use correct HTML 5 input types These give devices a hint (although don’t mandate them) to use a numeric keypad, or a keypad with the `@` symbol visible when entering phone numbers or email addresses.
2016-02-15 13:13:57 +00:00
class UKMobileNumber(TelField):
Add form field for a UK mobile phone number This field does two things: - validates the format of the phone number - outputs a consistent representation of the phone number Because of this I think it’s better represented as a new field type, rather than individual validators. I also think that it’s better to do this without regular expression(s), because it makes returning the specific error easier. This commit also adds basic pass/fail test for a series of valid/invalid phone numbers.
2016-01-12 18:10:16 +00:00
def pre_validate(self, form):
Moved mobile validation to utils module for use in csv upload as well. This could be moved to shared utils code base at some point.
2016-02-01 16:57:40 +00:00
try:
Store phone number as the user entered it It’s confusing to the user to have their phone number played back to them in a format that they didn’t enter it. We’ve seen multiple times that people enter 0781… and then don’t recognise their own phone number when it’s played back as +44781… The API can handle phone numbers in any format as of https://github.com/alphagov/notifications-api/pull/134 So there is no need to reformat the user’s phone number before storing it now.
2016-03-08 07:17:39 +00:00
validate_phone_number(self.data)
Moved mobile validation to utils module for use in csv upload as well. This could be moved to shared utils code base at some point.
2016-02-01 16:57:40 +00:00
except InvalidPhoneError as e:
raise ValidationError(e.message)
Add form field for a UK mobile phone number This field does two things: - validates the format of the phone number - outputs a consistent representation of the phone number Because of this I think it’s better represented as a new field type, rather than individual validators. I also think that it’s better to do this without regular expression(s), because it makes returning the specific error easier. This commit also adds basic pass/fail test for a series of valid/invalid phone numbers.
2016-01-12 18:10:16 +00:00
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
def mobile_number():
Add the new field to the application This commit replaces the previous `StringField` used for collecting mobile phone numbers with the `UKMobileNumber` field. This means changing a few of the preexisting tests to have more realistic mobile numbers so that they still pass.
2016-01-13 09:26:38 +00:00
return UKMobileNumber('Mobile phone number',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message='Cant be empty')])
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
def password(label='Create a password'):
return PasswordField(label,
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message='Cant be empty'),
Length(10, 255, message='Must be at least 10 characters'),
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Blacklist(message='That password is blacklisted, too common')])
def sms_code():
verify_code = '^\d{5}$'
Fix wording
2016-02-02 15:41:54 +00:00
return StringField('Text message code',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message='Cant be empty'),
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Regexp(regex=verify_code,
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
message='Must be 5 digits')])
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
def email_code():
verify_code = '^\d{5}$'
Fix wording
2016-02-02 15:41:54 +00:00
return StringField("Email code",
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message='Cant be empty'),
Regexp(regex=verify_code, message='Must be 5 digits')])
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
108536490: Initial effort to implement log in Add endpoint for post to /sign-in Initialise role data
2015-11-27 09:47:29 +00:00
class LoginForm(Form):
email_address = StringField('Email address', validators=[
108536490: Adding the login manager and csrf token. Still need to figure out how to override the load_user method, currently it is not working.
2015-11-27 16:25:56 +00:00
Length(min=5, max=255),
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
DataRequired(message='Cant be empty'),
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
Email(message='Enter a valid email address')
108536490: Initial effort to implement log in Add endpoint for post to /sign-in Initialise role data
2015-11-27 09:47:29 +00:00
])
Amend name & password labels
2015-12-02 15:23:03 +00:00
password = PasswordField('Password', validators=[
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
DataRequired(message='Enter your password')
108536490: Initial effort to implement log in Add endpoint for post to /sign-in Initialise role data
2015-11-27 09:47:29 +00:00
])
108536366: Implement register flow Includes validation for gov.uk email address, mobile number with +44, password at least 10 char. Form validation errors will be added to template in a later story. User is created when form validates.
2015-12-01 13:23:54 +00:00
class RegisterUserForm(Form):
Update register view form and template.
2016-01-05 12:41:20 +00:00
Amend name & password labels
2015-12-02 15:23:03 +00:00
name = StringField('Full name',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message='Cant be empty')])
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
email_address = email_address()
mobile_number = mobile_number()
password = password()
109526520: render verify template with VerifyForm
2015-12-04 16:21:01 +00:00
[WIP] New user can now accept invite and will be made to register. On succesful register and verfication they will be added to service and forwarded to dashboard. Nothing is done yet with the permissions requested in the invite to the user.
2016-03-02 15:25:04 +00:00
class RegisterUserFromInviteForm(Form):
name = StringField('Full name',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message='Cant be empty')])
[WIP] New user can now accept invite and will be made to register. On succesful register and verfication they will be added to service and forwarded to dashboard. Nothing is done yet with the permissions requested in the invite to the user.
2016-03-02 15:25:04 +00:00
mobile_number = mobile_number()
password = password()
service = HiddenField('service')
Revert the disabled email field on the register-invited-user page, the email address is not being submitted on the form when registering
2016-03-08 16:29:05 +00:00
email_address = HiddenField('email_address')
[WIP] New user can now accept invite and will be made to register. On succesful register and verfication they will be added to service and forwarded to dashboard. Nothing is done yet with the permissions requested in the invite to the user.
2016-03-02 15:25:04 +00:00
Set permissions with checkboxes, not yes/no inputs The yes/no pattern didn’t work too well, because: - it didn’t read naturally as a question and answer - often users left them completely unclicked if they didn’t want to set the permission (rather than clicking no) This commit changes both the invite and edit user pages to use checkboxes to set permissions. If also rewords these pages to read more naturally, and explain what the permissions mean. This meant changing some of the view logic around invites and persmissions, and I ended up refactoring a bunch of it because I found it hard to understand what was going on.
2016-03-22 13:18:06 +00:00
class PermissionsForm(Form):
Added error message on template for failing to choose permissions. For error message over ride from WTF forms radio field created custom field.
2016-03-09 17:42:47 +00:00
Set permissions with checkboxes, not yes/no inputs The yes/no pattern didn’t work too well, because: - it didn’t read naturally as a question and answer - often users left them completely unclicked if they didn’t want to set the permission (rather than clicking no) This commit changes both the invite and edit user pages to use checkboxes to set permissions. If also rewords these pages to read more naturally, and explain what the permissions mean. This meant changing some of the view logic around invites and persmissions, and I ended up refactoring a bunch of it because I found it hard to understand what was going on.
2016-03-22 13:18:06 +00:00
send_messages = BooleanField("Send messages from existing templates")
manage_service = BooleanField("Modify this service, its team, and its templates")
manage_api_keys = BooleanField("Create and revoke API keys")
Updated form and fixed existing tests.
2016-03-03 13:00:12 +00:00
Add pages to invite, edit, and delete users This takes the original prototype version of this page, and, using the same fake data (ie nothing is wired up): - adds an invite users page - adds an edit (and delete) user page Both these pages allow the user to set another user’s permissions. This commit adds images for the ticks and crosses, so we have control over their appearance.
2016-02-19 15:02:13 +00:00
Set permissions with checkboxes, not yes/no inputs The yes/no pattern didn’t work too well, because: - it didn’t read naturally as a question and answer - often users left them completely unclicked if they didn’t want to set the permission (rather than clicking no) This commit changes both the invite and edit user pages to use checkboxes to set permissions. If also rewords these pages to read more naturally, and explain what the permissions mean. This meant changing some of the view logic around invites and persmissions, and I ended up refactoring a bunch of it because I found it hard to understand what was going on.
2016-03-22 13:18:06 +00:00
class InviteUserForm(PermissionsForm):
Added validation to ensure user can't invite themselves. Refactored Invited user form into permissions and invite forms for use in invite and edit permissions. Added template for edit permissions.
2016-03-09 13:00:52 +00:00
Set permissions with checkboxes, not yes/no inputs The yes/no pattern didn’t work too well, because: - it didn’t read naturally as a question and answer - often users left them completely unclicked if they didn’t want to set the permission (rather than clicking no) This commit changes both the invite and edit user pages to use checkboxes to set permissions. If also rewords these pages to read more naturally, and explain what the permissions mean. This meant changing some of the view logic around invites and persmissions, and I ended up refactoring a bunch of it because I found it hard to understand what was going on.
2016-03-22 13:18:06 +00:00
email_address = email_address('Email address')
Added validation to ensure user can't invite themselves. Refactored Invited user form into permissions and invite forms for use in invite and edit permissions. Added template for edit permissions.
2016-03-09 13:00:52 +00:00
def __init__(self, invalid_email_address, *args, **kwargs):
super(InviteUserForm, self).__init__(*args, **kwargs)
self.invalid_email_address = invalid_email_address.lower()
def validate_email_address(self, field):
if field.data.lower() == self.invalid_email_address:
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
raise ValidationError("You cant send an invitation to yourself")
Added validation to ensure user can't invite themselves. Refactored Invited user form into permissions and invite forms for use in invite and edit permissions. Added template for edit permissions.
2016-03-09 13:00:52 +00:00
109638656: Initial implementation for two-factor
2015-12-07 16:56:11 +00:00
class TwoFactorForm(Form):
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def __init__(self, validate_code_func, *args, **kwargs):
Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised.
2016-01-07 12:43:10 +00:00
'''
Keyword arguments:
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
validate_code_func -- Validates the code with the API.
Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised.
2016-01-07 12:43:10 +00:00
'''
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
self.validate_code_func = validate_code_func
Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised.
2016-01-07 12:43:10 +00:00
super(TwoFactorForm, self).__init__(*args, **kwargs)
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
sms_code = sms_code()
109638656: Implement two factor verify flow When user enters valid sms code they are redirected to the dashboard. Otherwise, form errors are present.
2015-12-08 12:36:54 +00:00
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def validate_sms_code(self, field):
is_valid, reason = self.validate_code_func(field.data)
if not is_valid:
raise ValidationError(reason)
109638656: Initial implementation for two-factor
2015-12-07 16:56:11 +00:00
109898688: Implementation of text-not-received and email-not-received
2015-12-15 15:35:30 +00:00
class EmailNotReceivedForm(Form):
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
email_address = email_address()
109898688: Implementation of text-not-received and email-not-received
2015-12-15 15:35:30 +00:00
class TextNotReceivedForm(Form):
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
mobile_number = mobile_number()
109898688: Implementation of text-not-received and email-not-received
2015-12-15 15:35:30 +00:00
110067722: Added endpoints for add-service Post is not complete as of yet.
2015-12-14 17:12:28 +00:00
class AddServiceForm(Form):
Test add service completed.
2016-01-15 16:10:24 +00:00
def __init__(self, names_func, *args, **kwargs):
"""
Keyword arguments:
names_func -- Returns a list of unique service_names already registered
on the system.
"""
self._names_func = names_func
Refactor add-service form such that the dao is not exposed in the forms.
2016-01-04 15:31:50 +00:00
super(AddServiceForm, self).__init__(*args, **kwargs)
Merge with master.
2016-01-19 09:49:01 +00:00
name = StringField(
Page for adding a new service This page is exactly the same as the page for adding your first service, save the heading text. So all this commit does is: - set up two routes (`/add-service`, `/add-service/first`) for each of the two journeys and change the existing journeys to use the `/add-service/first` route - add logic to show different heading text depending on the journey - add a link to the new (`/add-service`) route in the service chooser dropdown
2016-01-18 10:47:53 +00:00
'Service name',
validators=[
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
DataRequired(message='Cant be empty')
Page for adding a new service This page is exactly the same as the page for adding your first service, save the heading text. So all this commit does is: - set up two routes (`/add-service`, `/add-service/first`) for each of the two journeys and change the existing journeys to use the `/add-service/first` route - add logic to show different heading text depending on the journey - add a link to the new (`/add-service`) route in the service chooser dropdown
2016-01-18 10:47:53 +00:00
]
)
110067722: Add form validation for duplicate service name.
2015-12-15 10:17:43 +00:00
Working service integration.
2016-01-18 17:35:28 +00:00
def validate_name(self, a):
Update the service name validation in the ServiceNameForm and AddServiceForm to check the email_safe version of the name against a list of all service email_from fields. Update find_all_service_names to find_all_service_email_from, which returns the email_from of all services.
2016-03-31 15:17:05 +01:00
from app.utils import email_safe
# make sure the email_from will be unique to all services
if email_safe(a.data) in self._names_func():
Reword the add service page Without the preview service name we probably have to go back to communicating a bit more on the add service page. This commit brings back the two bullet points about where the service name will appear, and tries to tie it into the nice words that Matt Sheret wrote for us.
2016-02-26 10:46:49 +00:00
raise ValidationError('This service name is already in use')
Add endpoints for forgot-password.
2016-01-04 14:00:39 +00:00
Add a WTForms-compatible textbox macro This macro: - accepts a WTForm form field as a parameter - renders a form field which follows the GOV.UK Elements patterns, both visually and in markup terms It then changes any page which uses either: - the old, non-WTForms macro or - the old, WTFforms `render_field` macro …to use this new macro and removes both of the old ones. It also adds the option to display hint text above the textbox.
2016-01-11 13:15:10 +00:00
class ServiceNameForm(Form):
Service name uniqueness handled in all cases and tests passing.
2016-03-10 14:29:31 +00:00
def __init__(self, names_func, *args, **kwargs):
"""
Keyword arguments:
names_func -- Returns a list of unique service_names already registered
on the system.
"""
self._names_func = names_func
super(ServiceNameForm, self).__init__(*args, **kwargs)
name = StringField(
u'New name',
validators=[
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
DataRequired(message='Cant be empty')
Service name uniqueness handled in all cases and tests passing.
2016-03-10 14:29:31 +00:00
])
def validate_name(self, a):
Update the service name validation in the ServiceNameForm and AddServiceForm to check the email_safe version of the name against a list of all service email_from fields. Update find_all_service_names to find_all_service_email_from, which returns the email_from of all services.
2016-03-31 15:17:05 +01:00
from app.utils import email_safe
# make sure the email_from will be unique to all services
if email_safe(a.data) in self._names_func():
Service name uniqueness handled in all cases and tests passing.
2016-03-10 14:29:31 +00:00
raise ValidationError('This service name is already in use')
Add a WTForms-compatible textbox macro This macro: - accepts a WTForm form field as a parameter - renders a form field which follows the GOV.UK Elements patterns, both visually and in markup terms It then changes any page which uses either: - the old, non-WTForms macro or - the old, WTFforms `render_field` macro …to use this new macro and removes both of the old ones. It also adds the option to display hint text above the textbox.
2016-01-11 13:15:10 +00:00
class ConfirmPasswordForm(Form):
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
def __init__(self, validate_password_func, *args, **kwargs):
self.validate_password_func = validate_password_func
super(ConfirmPasswordForm, self).__init__(*args, **kwargs)
Add a WTForms-compatible textbox macro This macro: - accepts a WTForm form field as a parameter - renders a form field which follows the GOV.UK Elements patterns, both visually and in markup terms It then changes any page which uses either: - the old, non-WTForms macro or - the old, WTFforms `render_field` macro …to use this new macro and removes both of the old ones. It also adds the option to display hint text above the textbox.
2016-01-11 13:15:10 +00:00
password = PasswordField(u'Enter password')
Added check for password on service change page, work in progress.
2016-01-22 16:34:36 +00:00
def validate_password(self, field):
if not self.validate_password_func(field.data):
raise ValidationError('Invalid password')
Add a WTForms-compatible textbox macro This macro: - accepts a WTForm form field as a parameter - renders a form field which follows the GOV.UK Elements patterns, both visually and in markup terms It then changes any page which uses either: - the old, non-WTForms macro or - the old, WTFforms `render_field` macro …to use this new macro and removes both of the old ones. It also adds the option to display hint text above the textbox.
2016-01-11 13:15:10 +00:00
Add basic flow for adding email _or_ sms templates Templates now have: - a type (email or sms) - a subject (if they are email templates) We don’t want two completely separate view files for email and SMS, because they would have an enormous amount of repetition. So this commit adds - different templates for SMS and email templates - different form objects for SMS and email templates …and wires them up.
2016-02-22 14:45:13 +00:00
class SMSTemplateForm(Form):
Mapped template actions to the api and mocked tests.
2016-01-19 15:54:12 +00:00
name = StringField(
u'Template name',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message="Cant be empty")])
Make ‘template type’ radio buttons not `<select>` Because burn your select tags[1] This commit hard codes the markup for the time being until I can work out how to get WTForms outputting the markup I want. 1. https://www.youtube.com/watch?v=CUkMCQR4TpY
2016-01-22 12:19:15 +00:00
Rename `content` to `template` content WTForms sets the `id` of a `textarea` element to the variable name to which the form control is assigned. This conflicts with the page container, which is styled by targeting `#content`.
2016-01-22 12:15:47 +00:00
template_content = TextAreaField(
Enhance the ‘how to do placeholders’ hint This commit makes the ‘how to do placeholders’ box part of the tour, with the same blue background. It also adds some Javascript enhancement so that: - it responds to the contents of the message template - has a ‘show me’ link which inserts ‘Dear ((name))’ into the template contents textbox We’ve found that this has helped people understnad what placeholders are, and how to do them.
2016-03-30 11:39:16 +01:00
u'Message content',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message="Cant be empty")])
Add a WTForms-compatible textbox macro This macro: - accepts a WTForm form field as a parameter - renders a form field which follows the GOV.UK Elements patterns, both visually and in markup terms It then changes any page which uses either: - the old, non-WTForms macro or - the old, WTFforms `render_field` macro …to use this new macro and removes both of the old ones. It also adds the option to display hint text above the textbox.
2016-01-11 13:15:10 +00:00
Add basic flow for adding email _or_ sms templates Templates now have: - a type (email or sms) - a subject (if they are email templates) We don’t want two completely separate view files for email and SMS, because they would have an enormous amount of repetition. So this commit adds - different templates for SMS and email templates - different form objects for SMS and email templates …and wires them up.
2016-02-22 14:45:13 +00:00
class EmailTemplateForm(SMSTemplateForm):
subject = StringField(
u'Subject',
Make form error messages consistent We were using a bunch of different styles for form error messages, including: - having the name of the field in the error, or not - can not/cannot/can’t (GDS content styleguide recommends using contractions)
2016-04-04 10:42:04 +01:00
validators=[DataRequired(message="Cant be empty")])
Add basic flow for adding email _or_ sms templates Templates now have: - a type (email or sms) - a subject (if they are email templates) We don’t want two completely separate view files for email and SMS, because they would have an enormous amount of repetition. So this commit adds - different templates for SMS and email templates - different form objects for SMS and email templates …and wires them up.
2016-02-22 14:45:13 +00:00
Completion of forgot-password endpoints. Start implementation for new-password endpoints. Created PasswordResetToken model ToDo: create and save token, send valid url to user, check validity of token, update user's password, redirect to /two-factor.
2016-01-05 17:52:09 +00:00
class ForgotPasswordForm(Form):
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
email_address = email_address()
Add endpoints for forgot-password.
2016-01-04 14:00:39 +00:00
New-password endpoints are implemented. There should be a better way to validate the token.
2016-01-06 17:37:07 +00:00
class NewPasswordForm(Form):
Take out the Canadian politeness. Make the error message more consistent. Extracted common fields for the forms.
2016-01-08 12:00:52 +00:00
new_password = password()
First slice of csv upload of phone numbers for sending messages. At the moment the file contents are not persisted by checked in memory. The first and last three records are show if all are valid. If there are invalid rows, they are reported and the user is prompted to go back and sort out upload file. The storing of upload result (i.e. validation of file) in session will be removed in next story which is about persisting of file for later processing.
2016-01-11 15:00:51 +00:00
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
class ChangePasswordForm(Form):
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def __init__(self, validate_password_func, *args, **kwargs):
self.validate_password_func = validate_password_func
super(ChangePasswordForm, self).__init__(*args, **kwargs)
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
old_password = password('Current password')
new_password = password('New password')
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def validate_old_password(self, field):
if not self.validate_password_func(field.data):
raise ValidationError('Invalid password')
Add confirmation of password for important changes This commit adds an extra page or field for confirming your current password when making important changes Name | Email address | Mobile number | Password ---------------------|-------------------|-------------------|------------ No password required | As second page | As second page | On same page as new password
2016-01-12 11:25:46 +00:00
First slice of csv upload of phone numbers for sending messages. At the moment the file contents are not persisted by checked in memory. The first and last three records are show if all are valid. If there are invalid rows, they are reported and the user is prompted to go back and sort out upload file. The storing of upload result (i.e. validation of file) in session will be removed in next story which is about persisting of file for later processing.
2016-01-11 15:00:51 +00:00
class CsvUploadForm(Form):
Updates to ‘send SMS’ page Based on discussion with Pete. Make the blue banner an ‘important’ banner (copied from Register to Vote, used because it’s not as boxy and fits on the page better). Remove the back button because you haven’t changed any data yet. If you need to go back you can just press back or start again. Make the filename stand out more. Remove the ‘download example’ link. Will need to revist the best way of doing this. Make text messages consistently 2/3rd width.
2016-02-04 12:20:24 +00:00
file = FileField('Add recipients', validators=[DataRequired(
resolve merge conflicts
2016-01-12 10:43:23 +00:00
message='Please pick a file'), CsvFileValidator()])
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
class ChangeNameForm(Form):
new_name = StringField(u'Your name')
class ChangeEmailForm(Form):
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def __init__(self, validate_email_func, *args, **kwargs):
self.validate_email_func = validate_email_func
super(ChangeEmailForm, self).__init__(*args, **kwargs)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
email_address = email_address()
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def validate_email_address(self, field):
is_valid = self.validate_email_func(field.data)
if not is_valid:
raise ValidationError("The email address is already in use")
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
class ConfirmEmailForm(Form):
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def __init__(self, validate_code_func, *args, **kwargs):
self.validate_code_func = validate_code_func
super(ConfirmEmailForm, self).__init__(*args, **kwargs)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
email_code = email_code()
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def validate_email_code(self, field):
is_valid, msg = self.validate_code_func(field.data)
if not is_valid:
raise ValidationError(msg)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
class ChangeMobileNumberForm(Form):
mobile_number = mobile_number()
class ConfirmMobileNumberForm(Form):
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def __init__(self, validate_code_func, *args, **kwargs):
self.validate_code_func = validate_code_func
super(ConfirmMobileNumberForm, self).__init__(*args, **kwargs)
Add loops for changing each part of your profile This commit adds a page or series of pages for changing your: Name | Email address | Mobile number | Password ------------------|-------------------|-------------------|------------ Enter new value | Enter new value | Enter new value | Enter new value | Enter 2fa code | Enter 2fa code | Return to profile | Return to profile | Return to profile | Return to profile (each row is a page)
2016-01-12 10:28:14 +00:00
sms_code = sms_code()
Add pages for create/view/revoke API keys Copying what they’ve done on GOV.UK Pay, we should let users: - generate as many keys as they want - only see the key at time of creation - give keys a name - revoke any key at any time (this should be a one way operation) And based on discussions with @minglis and @servingUpAces, the keys should be used in conjunction with some kind of service ID, which gets encrypted with the key. In other words the secret itself never gets sent over the wire. This commit adds the UI (but not the underlying API integration) for doing the above.
2016-01-19 09:55:13 +00:00
Working tests, hopefully all code changes done.
2016-01-27 12:22:32 +00:00
def validate_sms_code(self, field):
is_valid, msg = self.validate_code_func(field.data)
if not is_valid:
raise ValidationError(msg)
Add pages for create/view/revoke API keys Copying what they’ve done on GOV.UK Pay, we should let users: - generate as many keys as they want - only see the key at time of creation - give keys a name - revoke any key at any time (this should be a one way operation) And based on discussions with @minglis and @servingUpAces, the keys should be used in conjunction with some kind of service ID, which gets encrypted with the key. In other words the secret itself never gets sent over the wire. This commit adds the UI (but not the underlying API integration) for doing the above.
2016-01-19 09:55:13 +00:00
class CreateKeyForm(Form):
Added a validator so that the key name is unique per service.
2016-01-21 14:15:36 +00:00
def __init__(self, existing_key_names=[], *args, **kwargs):
Validation on key name is case insenstive
2016-01-21 16:52:01 +00:00
self.existing_key_names = [x.lower() for x in existing_key_names]
Added a validator so that the key name is unique per service.
2016-01-21 14:15:36 +00:00
super(CreateKeyForm, self).__init__(*args, **kwargs)
key_name = StringField(u'Description of key', validators=[
DataRequired(message='You need to give the key a name')
])
def validate_key_name(self, key_name):
Validation on key name is case insenstive
2016-01-21 16:52:01 +00:00
if key_name.data.lower() in self.existing_key_names:
Added a validator so that the key name is unique per service.
2016-01-21 14:15:36 +00:00
raise ValidationError('A key with this name already exists')
Reference in New Issue Copy Permalink