app/main/forms.py

import weakref
from datetime import datetime, timedelta
from itertools import chain
from numbers import Number

import pytz
from flask import Markup, render_template, request
from flask_login import current_user
from flask_wtf import FlaskForm as Form
from flask_wtf.file import FileAllowed
from flask_wtf.file import FileField as FileField_wtf
from flask_wtf.file import FileSize
from notifications_utils.formatters import strip_all_whitespace
from notifications_utils.insensitive_dict import InsensitiveDict
from notifications_utils.recipients import InvalidPhoneError, validate_phone_number
from werkzeug.utils import cached_property
from wtforms import (
    BooleanField,
    DateField,
    EmailField,
    FieldList,
    FileField,
    HiddenField,
    IntegerField,
    PasswordField,
)
from wtforms import RadioField as WTFormsRadioField
from wtforms import (
    SearchField,
    SelectMultipleField,
    StringField,
    TelField,
    TextAreaField,
    ValidationError,
    validators,
)
from wtforms.validators import (
    URL,
    DataRequired,
    InputRequired,
    Length,
    Optional,
    Regexp,
)

from app.formatters import (
    format_auth_type,
    format_thousands,
    guess_name_from_email_address,
)
from app.main.validators import (
    CommonlyUsedPassword,
    CsvFileValidator,
    DoesNotStartWithDoubleZero,
    LettersNumbersSingleQuotesFullStopsAndUnderscoresOnly,
    MustContainAlphanumericCharacters,
    NoCommasInPlaceHolders,
    NoEmbeddedImagesInSVG,
    NoTextInSVG,
    OnlySMSCharacters,
    ValidEmail,
    ValidGovEmail,
)
from app.models.organization import Organization
from app.utils import merge_jsonlike
from app.utils.csv import get_user_preferred_timezone
from app.utils.user_permissions import all_ui_permissions, permission_options


def get_time_value_and_label(future_time):
    preferred_tz = pytz.timezone(get_user_preferred_timezone())
    return (
        future_time.astimezone(preferred_tz).isoformat(),
        "{} at {} {}".format(
            get_human_day(future_time.astimezone(preferred_tz)),
            get_human_time(future_time.astimezone(preferred_tz)),
            get_user_preferred_timezone(),
        ),
    )


def get_human_time(time):
    return {"0": "midnight", "12": "noon"}.get(
        time.strftime("%-H"), time.strftime("%-I%p").lower()
    )


def get_human_day(time, prefix_today_with="T"):
    #  Add 1 hour to get ‘midnight today’ instead of ‘midnight tomorrow’

    preferred_tz = pytz.timezone(get_user_preferred_timezone())
    time = (time - timedelta(hours=1)).strftime("%A")
    if time == datetime.now(preferred_tz).strftime("%A"):
        return "{}oday".format(prefix_today_with)
    if time == (datetime.now(preferred_tz) + timedelta(days=1)).strftime("%A"):
        return "Tomorrow"
    return time


def get_furthest_possible_scheduled_time():
    # We want local time to find date boundaries
    preferred_tz = pytz.timezone(get_user_preferred_timezone())
    return (datetime.now(preferred_tz) + timedelta(days=4)).replace(hour=0)


def get_next_hours_until(until):
    preferred_tz = pytz.timezone(get_user_preferred_timezone())
    now = datetime.now(preferred_tz)
    hours = int((until - now).total_seconds() / (60 * 60))
    return [
        (now + timedelta(hours=i)).replace(minute=0, second=0, microsecond=0)
        for i in range(1, hours + 1)
    ]


def get_next_days_until(until):
    preferred_tz = pytz.timezone(get_user_preferred_timezone())
    now = datetime.now(preferred_tz)
    days = int((until - now).total_seconds() / (60 * 60 * 24))
    return [
        get_human_day((now + timedelta(days=i)), prefix_today_with="Later t")
        for i in range(0, days + 1)
    ]


class RadioField(WTFormsRadioField):
    def __init__(self, *args, thing="an option", **kwargs):
        super().__init__(*args, **kwargs)
        self.thing = thing
        self.validate_choice = False

    def pre_validate(self, form):
        super().pre_validate(form)
        if self.data not in dict(self.choices).keys():
            raise ValidationError(f"Select {self.thing}")


def email_address(label="Email address", gov_user=True, required=True):
    validators = [
        ValidEmail(),
    ]

    if gov_user:
        validators.append(ValidGovEmail())

    if required:
        validators.append(DataRequired(message="Cannot be empty"))

    return GovukEmailField(label, validators)


class UKMobileNumber(TelField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(UKMobileNumber, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_text_input_field_widget(
            self, field, type="tel", param_extensions=param_extensions, **kwargs
        )

    def pre_validate(self, form):
        try:
            validate_phone_number(self.data)
        except InvalidPhoneError as e:
            raise ValidationError(str(e))


class InternationalPhoneNumber(TelField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(InternationalPhoneNumber, self).__init__(
            label, validators=validators, **kwargs
        )
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_text_input_field_widget(
            self, field, type="tel", param_extensions=param_extensions, **kwargs
        )

    def pre_validate(self, form):
        try:
            if self.data:
                validate_phone_number(self.data, international=True)
        except InvalidPhoneError as e:
            raise ValidationError(str(e))


def uk_mobile_number(label="Mobile number"):
    return UKMobileNumber(label, validators=[DataRequired(message="Cannot be empty")])


def international_phone_number(label="Mobile number"):
    return InternationalPhoneNumber(
        label, validators=[DataRequired(message="Cannot be empty")]
    )


def password(label="Password"):
    return GovukPasswordField(
        label,
        validators=[
            DataRequired(message="Cannot be empty"),
            Length(8, 255, message="Must be at least 8 characters"),
            CommonlyUsedPassword(message="Choose a password that’s harder to guess"),
        ],
    )


def govuk_text_input_field_widget(
    self, field, type=None, param_extensions=None, **kwargs
):
    value = kwargs["value"] if "value" in kwargs else field.data
    value = str(value) if isinstance(value, Number) else value

    # error messages
    error_message = None
    if field.errors:
        error_message_format = (
            "html" if kwargs.get("error_message_with_html") else "text"
        )
        error_message = {
            "attributes": {
                "data-module": "track-error",
                "data-error-type": field.errors[0],
                "data-error-label": field.name,
            },
            error_message_format: field.errors[0],
        }

    # convert to parameters that usa understands
    params = {
        "errorMessage": error_message,
        "id": field.id,
        "label": {"text": field.label.text},
        "name": field.name,
        "value": value,
    }

    if type:
        params["type"] = type

    # extend default params with any sent in
    merge_jsonlike(params, self.param_extensions)
    # add any sent in through use in templates
    merge_jsonlike(params, param_extensions)

    return Markup(
        render_template("components/components/input/template.njk", params=params)
    )


class GovukTextInputField(StringField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukTextInputField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, **kwargs):
        return govuk_text_input_field_widget(self, field, **kwargs)


class GovukPasswordField(PasswordField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukPasswordField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_text_input_field_widget(
            self, field, type="password", param_extensions=param_extensions, **kwargs
        )


class GovukEmailField(EmailField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukEmailField, self).__init__(label, validators=validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        params = {
            "attributes": {"spellcheck": "false"}
        }  # email addresses don't need to be spellchecked
        merge_jsonlike(params, param_extensions)

        return govuk_text_input_field_widget(
            self, field, type="email", param_extensions=params, **kwargs
        )


class GovukSearchField(SearchField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukSearchField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        params = {"classes": ""}  # email addresses don't need to be spellchecked
        merge_jsonlike(params, param_extensions)

        return govuk_text_input_field_widget(
            self, field, type="search", param_extensions=params, **kwargs
        )


class GovukDateField(DateField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukDateField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_text_input_field_widget(
            self, field, param_extensions=param_extensions, **kwargs
        )


class GovukIntegerField(IntegerField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukIntegerField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_text_input_field_widget(
            self, field, param_extensions=param_extensions, **kwargs
        )


class SMSCode(GovukTextInputField):
    validators = [
        DataRequired(message="Cannot be empty"),
        Regexp(regex=r"^\d+$", message="Numbers only"),
        Length(min=6, message="Not enough numbers"),
        Length(max=6, message="Too many numbers"),
    ]

    def __call__(self, **kwargs):
        params = {"attributes": {"pattern": "[0-9]*"}}
        if "param_extensions" in kwargs:
            merge_jsonlike(kwargs["param_extensions"], params)

        return super().__call__(type="tel", **kwargs)

    def process_formdata(self, valuelist):
        if valuelist:
            self.data = InsensitiveDict.make_key(valuelist[0])


class ForgivingIntegerField(GovukTextInputField):
    #  Actual value is 2147483647 but this is a scary looking arbitrary number
    POSTGRES_MAX_INT = 2000000000

    def __init__(self, label=None, things="items", format_error_suffix="", **kwargs):
        self.things = things
        self.format_error_suffix = format_error_suffix
        super().__init__(label, **kwargs)

    def process_formdata(self, valuelist):
        if valuelist:
            value = valuelist[0].replace(",", "").replace(" ", "")

            try:
                value = int(value)
            except ValueError:
                pass

            if value == "":
                value = 0

        return super().process_formdata([value])

    def pre_validate(self, form):
        if self.data:
            error = None
            try:
                if int(self.data) > self.POSTGRES_MAX_INT:
                    error = "Number of {} must be {} or less".format(
                        self.things,
                        format_thousands(self.POSTGRES_MAX_INT),
                    )
            except ValueError:
                error = "Enter the number of {} {}".format(
                    self.things,
                    self.format_error_suffix,
                )

            if error:
                raise ValidationError(error)

        return super().pre_validate(form)

    def __call__(self, **kwargs):
        if self.get_form().is_submitted() and not self.get_form().validate():
            return super().__call__(value=(self.raw_data or [None])[0], **kwargs)

        try:
            value = int(self.data)
            value = format_thousands(value)
        except (ValueError, TypeError):
            value = self.data if self.data is not None else ""

        return super().__call__(value=value, **kwargs)


class FieldWithNoneOption:
    # This is a special value that is specific to our forms. This is
    # more expicit than casting `None` to a string `'None'` which can
    # have unexpected edge cases
    NONE_OPTION_VALUE = "__NONE__"

    # When receiving Python data, eg when instantiating the form object
    # we want to convert that data to our special value, so that it gets
    # recognised as being one of the valid choices
    def process_data(self, value):
        self.data = self.NONE_OPTION_VALUE if value is None else value

    # After validation we want to convert it back to a Python `None` for
    # use elsewhere, eg posting to the API
    def post_validate(self, form, validation_stopped):
        if self.data == self.NONE_OPTION_VALUE and not validation_stopped:
            self.data = None


class RadioFieldWithNoneOption(FieldWithNoneOption, RadioField):
    pass


class NestedFieldMixin:
    def children(self):
        # start map with root option as a single child entry
        child_map = {
            None: [option for option in self if option.data == self.NONE_OPTION_VALUE]
        }

        # add entries for all other children
        for option in self:
            # assign all options with a NONE_OPTION_VALUE (not always None) to the None key
            if option.data == self.NONE_OPTION_VALUE:
                child_ids = [
                    folder["id"]
                    for folder in self.all_template_folders
                    if folder["parent_id"] is None
                ]
                key = self.NONE_OPTION_VALUE
            else:
                child_ids = [
                    folder["id"]
                    for folder in self.all_template_folders
                    if folder["parent_id"] == option.data
                ]
                key = option.data

            child_map[key] = [option for option in self if option.data in child_ids]

        return child_map

    # to be used as the only version of .children once radios are converted
    @cached_property
    def _children(self):
        return self.children()

    def get_items_from_options(self, field):
        items = []

        for option in self._children[None]:
            item = self.get_item_from_option(option)
            if option.data in self._children:
                item["children"] = self.render_children(
                    field.name, option.label.text, self._children[option.data]
                )
            items.append(item)

        return items

    def render_children(self, name, label, options):
        params = {
            "name": name,
            "fieldset": {"legend": {"text": label, "classes": "usa-sr-only"}},
            "formGroup": {"classes": "usa-form-group--nested"},
            "asList": True,
            "items": [],
        }
        for option in options:
            item = self.get_item_from_option(option)

            if len(self._children[option.data]):
                item["children"] = self.render_children(
                    name, option.label.text, self._children[option.data]
                )

            params["items"].append(item)

        return render_template("forms/fields/checkboxes/template.njk", params=params)


class NestedRadioField(RadioFieldWithNoneOption, NestedFieldMixin):
    pass


class NestedCheckboxesField(SelectMultipleField, NestedFieldMixin):
    NONE_OPTION_VALUE = None


class HiddenFieldWithNoneOption(FieldWithNoneOption, HiddenField):
    pass


class RadioFieldWithRequiredMessage(RadioField):
    def __init__(self, *args, required_message="Not a valid choice", **kwargs):
        self.required_message = required_message
        super().__init__(*args, **kwargs)

    def pre_validate(self, form):
        try:
            return super().pre_validate(form)
        except ValueError:
            raise ValidationError(self.required_message)


class StripWhitespaceForm(Form):
    class Meta:
        def bind_field(self, form, unbound_field, options):
            # FieldList simply doesn't support filters.
            # @see: https://github.com/wtforms/wtforms/issues/148
            no_filter_fields = (FieldList, PasswordField, GovukPasswordField)
            filters = (
                [strip_all_whitespace]
                if not issubclass(unbound_field.field_class, no_filter_fields)
                else []
            )
            filters += unbound_field.kwargs.get("filters", [])
            bound = unbound_field.bind(form=form, filters=filters, **options)
            bound.get_form = weakref.ref(
                form
            )  # GC won't collect the form if we don't use a weakref
            return bound

        def render_field(self, field, render_kw):
            render_kw.setdefault("required", False)
            return super().render_field(field, render_kw)


class StripWhitespaceStringField(GovukTextInputField):
    def __init__(self, label=None, param_extensions=None, **kwargs):
        kwargs["filters"] = tuple(
            chain(
                kwargs.get("filters", ()),
                (strip_all_whitespace,),
            )
        )
        super(GovukTextInputField, self).__init__(label, **kwargs)
        self.param_extensions = param_extensions


class LoginForm(StripWhitespaceForm):
    email_address = GovukEmailField(
        "Email address",
        validators=[
            Length(min=5, max=255),
            DataRequired(message="Cannot be empty"),
            ValidEmail(),
        ],
    )
    password = GovukPasswordField(
        "Password", validators=[DataRequired(message="Enter your password")]
    )


class RegisterUserForm(StripWhitespaceForm):
    name = GovukTextInputField(
        "Full name", validators=[DataRequired(message="Cannot be empty")]
    )
    email_address = email_address()
    mobile_number = international_phone_number()
    password = password()
    # always register as sms type
    auth_type = HiddenField("auth_type", default="sms_auth")


class RegisterUserFromInviteForm(RegisterUserForm):
    def __init__(self, invited_user):
        super().__init__(
            service=invited_user.service,
            email_address=invited_user.email_address,
            auth_type=invited_user.auth_type,
            name=guess_name_from_email_address(invited_user.email_address),
        )

    mobile_number = InternationalPhoneNumber("Mobile number", validators=[])
    service = HiddenField("service")
    email_address = HiddenField("email_address")
    auth_type = HiddenField("auth_type", validators=[DataRequired()])

    def validate_mobile_number(self, field):
        if self.auth_type.data == "sms_auth" and not field.data:
            raise ValidationError("Cannot be empty")


class RegisterUserFromOrgInviteForm(StripWhitespaceForm):
    def __init__(self, invited_org_user):
        super().__init__(
            organization=invited_org_user.organization,
            email_address=invited_org_user.email_address,
        )

    name = GovukTextInputField(
        "Full name", validators=[DataRequired(message="Cannot be empty")]
    )

    mobile_number = InternationalPhoneNumber(
        "Mobile number", validators=[DataRequired(message="Cannot be empty")]
    )
    password = password()
    organization = HiddenField("organization")
    email_address = HiddenField("email_address")
    auth_type = HiddenField("auth_type", validators=[DataRequired()])


def govuk_checkbox_field_widget(self, field, param_extensions=None, **kwargs):
    # error messages
    error_message = None
    if field.errors:
        error_message = {
            "attributes": {
                "data-module": "track-error",
                "data-error-type": field.errors[0],
                "data-error-label": field.name,
            },
            "text": field.errors[0],
        }

    params = {
        "name": field.name,
        "errorMessage": error_message,
        "items": [
            {
                "name": field.name,
                "id": field.id,
                "text": field.label.text,
                "value": "y",
                "checked": field.data,
            }
        ],
    }

    # extend default params with any sent in during instantiation
    if self.param_extensions:
        merge_jsonlike(params, self.param_extensions)

    # add any sent in though use in templates
    if param_extensions:
        merge_jsonlike(params, param_extensions)

    return Markup(render_template("forms/fields/checkboxes/macro.njk", params=params))


def govuk_checkboxes_field_widget(
    self, field, wrap_in_collapsible=False, param_extensions=None, **kwargs
):
    def _wrap_in_collapsible(field_label, checkboxes_string):
        # wrap the checkboxes HTML in the HTML needed by the collapisble JS
        result = Markup(
            f'<div class="selection-wrapper"'
            f'     data-module="collapsible-checkboxes"'
            f'     data-field-label="{field_label}">'
            f"  {checkboxes_string}"
            f"</div>"
        )

        return result

    # error messages
    error_message = None
    if field.errors:
        error_message = {
            "attributes": {
                "data-module": "track-error",
                "data-error-type": field.errors[0],
                "data-error-label": field.name,
            },
            "text": field.errors[0],
        }

    # returns either a list or a hierarchy of lists
    # depending on how get_items_from_options is implemented
    items = self.get_items_from_options(field)

    params = {
        "name": field.name,
        "fieldset": {
            "attributes": {"id": field.name},
            "legend": {
                "text": field.label.text,
            },
        },
        "asList": self.render_as_list,
        "errorMessage": error_message,
        "items": items,
    }

    # extend default params with any sent in during instantiation
    if self.param_extensions:
        merge_jsonlike(params, self.param_extensions)

    # add any sent in though use in templates
    if param_extensions:
        merge_jsonlike(params, param_extensions)

    if wrap_in_collapsible:
        # add a blank hint to act as an ARIA live-region
        params.update(
            {
                "hint": {
                    "html": '<div class="selection-summary" role="region" aria-live="polite"></div>'
                }
            }
        )

        return _wrap_in_collapsible(
            self.field_label,
            Markup(render_template("forms/fields/checkboxes/macro.njk", params=params)),
        )
    else:
        return Markup(
            render_template("forms/fields/checkboxes/macro.njk", params=params)
        )


def govuk_radios_field_widget(self, field, param_extensions=None, **kwargs):
    # error messages
    error_message = None
    if field.errors:
        error_message = {
            "attributes": {
                "data-module": "track-error",
                "data-error-type": field.errors[0],
                "data-error-label": field.name,
            },
            "text": field.errors[0],
        }

    # returns either a list or a hierarchy of lists
    # depending on how get_items_from_options is implemented
    items = self.get_items_from_options(field)

    params = {
        "name": field.name,
        "fieldset": {
            "attributes": {"id": field.name},
            "legend": {
                "text": field.label.text,
                "classes": "usa-legend text-bold",
            },
        },
        "errorMessage": error_message,
        "items": items,
    }

    # extend default params with any sent in during instantiation
    if self.param_extensions:
        merge_jsonlike(params, self.param_extensions)

    # add any sent in though use in templates
    if param_extensions:
        merge_jsonlike(params, param_extensions)

    return Markup(
        render_template("components/components/radios/template.njk", params=params)
    )


class GovukCheckboxField(BooleanField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukCheckboxField, self).__init__(
            label, validators, false_values=None, **kwargs
        )
        self.param_extensions = param_extensions

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_checkbox_field_widget(
            self, field, param_extensions=param_extensions, **kwargs
        )


# based on work done by @richardjpope: https://github.com/richardjpope/recourse/blob/master/recourse/forms.py#L6
class GovukCheckboxesField(SelectMultipleField):
    render_as_list = False

    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukCheckboxesField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    def get_item_from_option(self, option):
        return {
            "name": option.name,
            "id": option.id,
            "text": option.label.text,
            "value": str(option.data),  # to protect against non-string types like uuids
            "checked": option.checked,
        }

    def get_items_from_options(self, field):
        return [self.get_item_from_option(option) for option in field]

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_checkboxes_field_widget(
            self, field, param_extensions=param_extensions, **kwargs
        )


# Wraps checkboxes rendering in HTML needed by the collapsible JS
class GovukCollapsibleCheckboxesField(GovukCheckboxesField):
    def __init__(
        self, label="", validators=None, field_label="", param_extensions=None, **kwargs
    ):
        super(GovukCollapsibleCheckboxesField, self).__init__(
            label, validators, param_extensions, **kwargs
        )
        self.field_label = field_label

    def widget(self, field, **kwargs):
        return govuk_checkboxes_field_widget(
            self, field, wrap_in_collapsible=True, param_extensions=None, **kwargs
        )


# GovukCollapsibleCheckboxesField adds an ARIA live-region to the hint and wraps the render in HTML needed by the
# collapsible JS
# NestedFieldMixin puts the items into a tree hierarchy, pre-rendering the sub-trees of the top-level items
class GovukCollapsibleNestedCheckboxesField(
    NestedFieldMixin, GovukCollapsibleCheckboxesField
):
    NONE_OPTION_VALUE = None
    render_as_list = True


class GovukRadiosField(RadioField):
    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
        super(GovukRadiosField, self).__init__(label, validators, **kwargs)
        self.param_extensions = param_extensions

    def get_item_from_option(self, option):
        return {
            "name": option.name,
            "id": option.id,
            "text": option.label.text,
            "value": str(option.data),  # to protect against non-string types like uuids
            "checked": option.checked,
        }

    def get_items_from_options(self, field):
        return [self.get_item_from_option(option) for option in field]

    # self.__call__ renders the HTML for the field by:
    # 1. delegating to self.meta.render_field which
    # 2. calls field.widget
    # this bypasses that by making self.widget a method with the same interface as widget.__call__
    def widget(self, field, param_extensions=None, **kwargs):
        return govuk_radios_field_widget(
            self, field, param_extensions=param_extensions, **kwargs
        )


class OptionalGovukRadiosField(GovukRadiosField):
    def pre_validate(self, form):
        if self.data is None:
            return
        super().pre_validate(form)


class OnOffField(GovukRadiosField):
    def __init__(self, label, choices=None, *args, **kwargs):
        choices = choices or [
            (True, "On"),
            (False, "Off"),
        ]
        super().__init__(
            label,
            *args,
            choices=choices,
            thing=f"{choices[0][1].lower()} or {choices[1][1].lower()}",
            **kwargs,
        )

    def process_formdata(self, valuelist):
        if valuelist:
            value = valuelist[0]
            self.data = (value == "True") if value in ["True", "False"] else value

    def iter_choices(self):
        for value, label in self.choices:
            # This overrides WTForms default behaviour which is to check
            # self.coerce(value) == self.data
            # where self.coerce returns a string for a boolean input
            yield (value, label, (self.data in {value, self.coerce(value)}))


class OrganizationTypeField(GovukRadiosField):
    def __init__(self, *args, include_only=None, validators=None, **kwargs):
        super().__init__(
            *args,
            choices=[
                (value, label)
                for value, label in Organization.TYPE_LABELS.items()
                if not include_only or value in include_only
            ],
            thing="the type of organization",
            validators=validators or [],
            **kwargs,
        )


class GovukRadiosFieldWithNoneOption(FieldWithNoneOption, GovukRadiosField):
    pass


# guard against data entries that aren't a known permission
def filter_by_permissions(valuelist):
    if valuelist is None:
        return None
    else:
        return [
            entry
            for entry in valuelist
            if any(entry in option for option in permission_options)
        ]


class AuthTypeForm(StripWhitespaceForm):
    auth_type = GovukRadiosField(
        "Sign in using",
        choices=[
            ("sms_auth", format_auth_type("sms_auth")),
            ("email_auth", format_auth_type("email_auth")),
        ],
    )


class BasePermissionsForm(StripWhitespaceForm):
    def __init__(self, all_template_folders=None, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.folder_permissions.choices = []
        if all_template_folders is not None:
            self.folder_permissions.all_template_folders = all_template_folders
            self.folder_permissions.choices = [
                (item["id"], item["name"])
                for item in ([{"name": "Templates", "id": None}] + all_template_folders)
            ]

    folder_permissions = GovukCollapsibleNestedCheckboxesField(
        "Folders this team member can see", field_label="folder"
    )

    login_authentication = GovukRadiosField(
        "Sign in using",
        choices=[
            ("sms_auth", "Text message code"),
            ("email_auth", "Email link"),
        ],
        thing="how this team member should sign in",
        validators=[DataRequired()],
    )

    permissions_field = GovukCheckboxesField(
        "Permissions",
        filters=[filter_by_permissions],
        choices=[(value, label) for value, label in permission_options],
        param_extensions={"hint": {"text": "All team members can see sent messages."}},
    )

    @property
    def permissions(self):
        return set(self.permissions_field.data)

    @classmethod
    def from_user(cls, user, service_id, **kwargs):
        form = cls(
            **kwargs,
            **{
                "permissions_field": (
                    user.permissions_for_service(service_id) & all_ui_permissions
                )
            },
            login_authentication=user.auth_type,
        )

        return form


class PermissionsForm(BasePermissionsForm):
    pass


class BaseInviteUserForm:
    email_address = email_address(gov_user=False)

    def __init__(self, inviter_email_address, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.inviter_email_address = inviter_email_address

    def validate_email_address(self, field):
        if current_user.platform_admin:
            return
        if field.data.lower() == self.inviter_email_address.lower():
            raise ValidationError("You cannot send an invitation to yourself")


class InviteUserForm(BaseInviteUserForm, PermissionsForm):
    pass


class InviteOrgUserForm(BaseInviteUserForm, StripWhitespaceForm):
    pass


class TwoFactorForm(StripWhitespaceForm):
    def __init__(self, validate_code_func, *args, **kwargs):
        """
        Keyword arguments:
        validate_code_func -- Validates the code with the API.
        """
        self.validate_code_func = validate_code_func
        super(TwoFactorForm, self).__init__(*args, **kwargs)

    sms_code = SMSCode("Text message code")

    def validate(self, extra_validators=None):
        if not self.sms_code.validate(self):
            return False

        is_valid, reason = self.validate_code_func(self.sms_code.data)

        if not is_valid:
            self.sms_code.errors.append(reason)
            return False

        return True


class TextNotReceivedForm(StripWhitespaceForm):
    mobile_number = international_phone_number()


class RenameServiceForm(StripWhitespaceForm):
    name = GovukTextInputField(
        "Service name",
        validators=[
            DataRequired(message="Cannot be empty"),
            MustContainAlphanumericCharacters(),
            Length(max=255, message="Service name must be 255 characters or fewer"),
        ],
    )


class RenameOrganizationForm(StripWhitespaceForm):
    name = GovukTextInputField(
        "Organization name",
        validators=[
            DataRequired(message="Cannot be empty"),
            MustContainAlphanumericCharacters(),
            Length(
                max=255, message="Organization name must be 255 characters or fewer"
            ),
        ],
    )


class OrganizationOrganizationTypeForm(StripWhitespaceForm):
    organization_type = OrganizationTypeField("What type of organization is this?")


class AdminOrganizationDomainsForm(StripWhitespaceForm):
    def populate(self, domains_list):
        for index, value in enumerate(domains_list):
            self.domains[index].data = value

    domains = FieldList(
        StripWhitespaceStringField(
            "",
            validators=[
                Optional(),
            ],
            default="",
        ),
        min_entries=20,
        max_entries=20,
        label="Domain names",
    )


class CreateServiceForm(StripWhitespaceForm):
    name = GovukTextInputField(
        "What’s your service called?",
        validators=[
            DataRequired(message="Cannot be empty"),
            MustContainAlphanumericCharacters(),
            Length(max=255, message="Service name must be 255 characters or fewer"),
        ],
    )
    organization_type = OrganizationTypeField("Where is this service run?")


class AdminNewOrganizationForm(
    RenameOrganizationForm, OrganizationOrganizationTypeForm
):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)


class AdminServiceSMSAllowanceForm(StripWhitespaceForm):
    free_sms_allowance = GovukIntegerField(
        "Numbers of text message fragments per year",
        validators=[InputRequired(message="Cannot be empty")],
    )


class AdminServiceMessageLimitForm(StripWhitespaceForm):
    message_limit = GovukIntegerField(
        "Max number of messages the service has per send",
        validators=[DataRequired(message="Cannot be empty")],
    )


class AdminServiceRateLimitForm(StripWhitespaceForm):
    rate_limit = GovukIntegerField(
        "Number of messages the service can send in a rolling 60 second window",
        validators=[DataRequired(message="Cannot be empty")],
    )


class ConfirmPasswordForm(StripWhitespaceForm):
    def __init__(self, validate_password_func, *args, **kwargs):
        self.validate_password_func = validate_password_func
        super(ConfirmPasswordForm, self).__init__(*args, **kwargs)

    password = GovukPasswordField("Enter password")

    def validate_password(self, field):
        if not self.validate_password_func(field.data):
            raise ValidationError("Invalid password")


class BaseTemplateForm(StripWhitespaceForm):
    name = GovukTextInputField(
        "Template name", validators=[DataRequired(message="Cannot be empty")]
    )

    template_content = TextAreaField(
        "Message",
        validators=[DataRequired(message="Cannot be empty"), NoCommasInPlaceHolders()],
    )
    process_type = HiddenField("normal")


class SMSTemplateForm(BaseTemplateForm):
    def validate_template_content(self, field):
        OnlySMSCharacters(template_type="sms")(None, field)


class EmailTemplateForm(BaseTemplateForm):
    subject = TextAreaField(
        "Subject", validators=[DataRequired(message="Cannot be empty")]
    )


class ForgotPasswordForm(StripWhitespaceForm):
    email_address = email_address(gov_user=False)


class NewPasswordForm(StripWhitespaceForm):
    new_password = password()


class ChangePasswordForm(StripWhitespaceForm):
    def __init__(self, validate_password_func, *args, **kwargs):
        self.validate_password_func = validate_password_func
        super(ChangePasswordForm, self).__init__(*args, **kwargs)

    old_password = password("Current password")
    new_password = password("New password")

    def validate_old_password(self, field):
        if not self.validate_password_func(field.data):
            raise ValidationError("Invalid password")


class CsvUploadForm(StripWhitespaceForm):
    file = FileField(
        "Add recipients",
        validators=[
            DataRequired(message="Please pick a file"),
            CsvFileValidator(),
            FileSize(max_size=10e6, message="File must be smaller than 10Mb"),  # 10Mb
        ],
    )


class ChangeNameForm(StripWhitespaceForm):
    new_name = GovukTextInputField("Your name")


# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
class ChangePreferredTimezoneForm(StripWhitespaceForm):
    def __init__(self, *args, **kwargs):
        super(ChangePreferredTimezoneForm, self).__init__(*args, **kwargs)
        self.new_preferred_timezone.choices = [
            ("America/Puerto_Rico", "America/Puerto_Rico"),
            ("US/Eastern", "US/Eastern"),
            ("US/Central", "US/Central"),
            ("US/Mountain", "US/Mountain"),
            ("US/Pacific", "US/Pacific"),
            ("US/Alaska", "US/Alaska"),
            ("US/Hawaii", "US/Hawaii"),
            ("US/Aleutian", "US/Aleutian"),
            ("US/Samoa", "US/Samoa"),
        ]

    new_preferred_timezone = GovukRadiosField(
        "What timezone would you like to use?",
    )


class ChangeEmailForm(StripWhitespaceForm):
    def __init__(self, validate_email_func, *args, **kwargs):
        self.validate_email_func = validate_email_func
        super(ChangeEmailForm, self).__init__(*args, **kwargs)

    email_address = email_address()

    def validate_email_address(self, field):
        # The validate_email_func can be used to call API to check if the email address is already in
        # use. We don't want to run that check for invalid email addresses, since that will cause an error.
        # If there are any other validation errors on the email_address, we should skip this check.
        if self.email_address.errors:
            return

        is_valid = self.validate_email_func(field.data)
        if is_valid:
            raise ValidationError("The email address is already in use")


class ChangeNonGovEmailForm(ChangeEmailForm):
    email_address = email_address(gov_user=False)


class ChangeMobileNumberForm(StripWhitespaceForm):
    mobile_number = international_phone_number()


class ChooseTimeForm(StripWhitespaceForm):
    def __init__(self, *args, **kwargs):
        super(ChooseTimeForm, self).__init__(*args, **kwargs)
        self.scheduled_for.choices = [("", "Now")] + [
            get_time_value_and_label(hour)
            for hour in get_next_hours_until(get_furthest_possible_scheduled_time())
        ]
        self.scheduled_for.categories = get_next_days_until(
            get_furthest_possible_scheduled_time()
        )

    scheduled_for = GovukRadiosField(
        "When should Notify send these messages?",
        default="",
    )


class CreateKeyForm(StripWhitespaceForm):
    def __init__(self, existing_keys, *args, **kwargs):
        self.existing_key_names = [
            key["name"].lower() for key in existing_keys if not key["expiry_date"]
        ]
        super().__init__(*args, **kwargs)

    key_type = GovukRadiosField(
        "Type of key",
        thing="the type of key",
    )

    key_name = GovukTextInputField(
        "Name for this key",
        validators=[DataRequired(message="You need to give the key a name")],
    )

    def validate_key_name(self, key_name):
        if key_name.data.lower() in self.existing_key_names:
            raise ValidationError("A key with this name already exists")


class EstimateUsageForm(StripWhitespaceForm):
    volume_email = ForgivingIntegerField(
        "How many emails do you expect to send in the next year?",
        things="emails",
        format_error_suffix="you expect to send",
    )
    volume_sms = ForgivingIntegerField(
        "How many text messages do you expect to send in the next year?",
        things="text messages",
        format_error_suffix="you expect to send",
    )
    consent_to_research = GovukRadiosField(
        "Can we contact you when we’re doing user research?",
        choices=[
            ("yes", "Yes"),
            ("no", "No"),
        ],
        thing="yes or no",
        param_extensions={
            "hint": {
                "text": "You do not have to take part and you can unsubscribe at any time"
            }
        },
    )

    at_least_one_volume_filled = True

    def validate(self, *args, **kwargs):
        if self.volume_email.data == self.volume_sms.data == 0:
            self.at_least_one_volume_filled = False
            return False

        return super().validate(*args, **kwargs)


class ServiceContactDetailsForm(StripWhitespaceForm):
    contact_details_type = RadioField(
        "Type of contact details",
        choices=[
            ("url", "Link"),
            ("email_address", "Email address"),
            ("phone_number", "Phone number"),
        ],
    )

    url = GovukTextInputField("URL")
    email_address = GovukEmailField("Email address")
    # This is a text field because the number provided by the user can also be a short code
    phone_number = GovukTextInputField("Phone number")

    def validate(self, extra_validators=None):
        if self.contact_details_type.data == "url":
            self.url.validators = [DataRequired(), URL(message="Must be a valid URL")]

        elif self.contact_details_type.data == "email_address":
            self.email_address.validators = [
                DataRequired(),
                Length(min=5, max=255),
                ValidEmail(),
            ]

        elif self.contact_details_type.data == "phone_number":

            def valid_phone_number(self, num):
                try:
                    validate_phone_number(num.data, international=True)
                    return True
                except InvalidPhoneError:
                    raise ValidationError("Must be a valid phone number")

            self.phone_number.validators = [
                DataRequired(),
                Length(min=5, max=20),
                valid_phone_number,
            ]

        return super().validate(extra_validators)


class ServiceReplyToEmailForm(StripWhitespaceForm):
    email_address = email_address(label="Reply-to email address", gov_user=False)
    is_default = GovukCheckboxField("Make this email address the default")


class ServiceSmsSenderForm(StripWhitespaceForm):
    sms_sender = GovukTextInputField(
        "Text message sender",
        validators=[
            DataRequired(message="Cannot be empty"),
            Length(max=11, message="Enter 11 characters or fewer"),
            Length(min=3, message="Enter 3 characters or more"),
            LettersNumbersSingleQuotesFullStopsAndUnderscoresOnly(),
            DoesNotStartWithDoubleZero(),
        ],
    )
    is_default = GovukCheckboxField("Make this text message sender the default")


class ServiceEditInboundNumberForm(StripWhitespaceForm):
    is_default = GovukCheckboxField("Make this text message sender the default")


class AdminNotesForm(StripWhitespaceForm):
    notes = TextAreaField(validators=[])


class AdminBillingDetailsForm(StripWhitespaceForm):
    billing_contact_email_addresses = GovukTextInputField("Contact email addresses")
    billing_contact_names = GovukTextInputField("Contact names")
    billing_reference = GovukTextInputField("Reference")
    purchase_order_number = GovukTextInputField("Purchase order number")
    notes = TextAreaField(validators=[])


class ServiceOnOffSettingForm(StripWhitespaceForm):
    def __init__(self, name, *args, truthy="On", falsey="Off", **kwargs):
        super().__init__(*args, **kwargs)
        self.enabled.label.text = name
        self.enabled.choices = [
            (True, truthy),
            (False, falsey),
        ]

    enabled = OnOffField("Choices")


class ServiceSwitchChannelForm(ServiceOnOffSettingForm):
    def __init__(self, channel, *args, **kwargs):
        name = "Send {}".format(
            {
                "email": "emails",
                "sms": "text messages",
            }.get(channel)
        )

        super().__init__(name, *args, **kwargs)


class SVGFileUpload(StripWhitespaceForm):
    file = FileField_wtf(
        "Upload an SVG logo",
        validators=[
            FileAllowed(["svg"], "SVG Images only!"),
            DataRequired(message="You need to upload a file to submit"),
            NoEmbeddedImagesInSVG(),
            NoTextInSVG(),
        ],
    )


class EmailFieldInGuestList(GovukEmailField, StripWhitespaceStringField):
    pass


class InternationalPhoneNumberInGuestList(
    InternationalPhoneNumber, StripWhitespaceStringField
):
    pass


class GuestList(StripWhitespaceForm):
    def populate(self, email_addresses, phone_numbers):
        for form_field, existing_guest_list in (
            (self.email_addresses, email_addresses),
            (self.phone_numbers, phone_numbers),
        ):
            for index, value in enumerate(existing_guest_list):
                form_field[index].data = value

    email_addresses = FieldList(
        EmailFieldInGuestList("", validators=[Optional(), ValidEmail()], default=""),
        min_entries=5,
        max_entries=5,
        label="Email addresses",
    )

    phone_numbers = FieldList(
        InternationalPhoneNumberInGuestList("", validators=[Optional()], default=""),
        min_entries=5,
        max_entries=5,
        label="Mobile numbers",
    )


class DateFilterForm(StripWhitespaceForm):
    start_date = GovukDateField("Start Date", [validators.optional()])
    end_date = GovukDateField("End Date", [validators.optional()])
    include_from_test_key = GovukCheckboxField("Include test keys")


class RequiredDateFilterForm(StripWhitespaceForm):
    start_date = GovukDateField("Start Date")
    end_date = GovukDateField("End Date")


class BillingReportDateFilterForm(StripWhitespaceForm):
    start_date = GovukDateField("First day covered by report")
    end_date = GovukDateField("Last day covered by report")


class SearchByNameForm(StripWhitespaceForm):
    search = GovukSearchField(
        "Search by name",
        validators=[
            DataRequired("You need to enter full or partial name to search by.")
        ],
    )


class AdminSearchUsersByEmailForm(StripWhitespaceForm):
    search = GovukSearchField(
        "Search by name or email address",
        validators=[
            DataRequired(
                "You need to enter full or partial email address to search by."
            )
        ],
    )


class SearchUsersForm(StripWhitespaceForm):
    search = GovukSearchField("Search by name or email address")


class SearchNotificationsForm(StripWhitespaceForm):
    to = GovukSearchField()

    labels = {
        "email": "Search by email address",
        "sms": "Search by phone number",
    }

    def __init__(self, message_type, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.to.label.text = self.labels.get(
            message_type,
            "Search by phone number or email address",
        )


class SearchTemplatesForm(StripWhitespaceForm):
    search = GovukSearchField()

    def __init__(self, api_keys, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.search.label.text = (
            "Search by name or ID" if api_keys else "Search by name"
        )


class PlaceholderForm(StripWhitespaceForm):
    pass


class AdminServiceInboundNumberForm(StripWhitespaceForm):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.inbound_number.choices = kwargs["inbound_number_choices"]

    inbound_number = GovukRadiosField(
        "Set inbound number",
        thing="an inbound number",
    )


class CallbackForm(StripWhitespaceForm):
    url = GovukTextInputField(
        "URL",
        validators=[
            DataRequired(message="Cannot be empty"),
            Regexp(regex="^https.*", message="Must be a valid https URL"),
        ],
    )
    bearer_token = GovukPasswordField(
        "Bearer token",
        validators=[
            DataRequired(message="Cannot be empty"),
            Length(min=10, message="Must be at least 10 characters"),
        ],
    )

    def validate(self, extra_validators=None):
        return super().validate(extra_validators) or self.url.data == ""


class SMSPrefixForm(StripWhitespaceForm):
    enabled = OnOffField("")  # label is assigned on instantiation


def get_placeholder_form_instance(
    placeholder_name,
    dict_to_populate_from,
    template_type,
    allow_international_phone_numbers=False,
):
    if (
        InsensitiveDict.make_key(placeholder_name) == "emailaddress"
        and template_type == "email"
    ):
        field = email_address(label=placeholder_name, gov_user=False)
    elif (
        InsensitiveDict.make_key(placeholder_name) == "phonenumber"
        and template_type == "sms"
    ):
        if allow_international_phone_numbers:
            field = international_phone_number(
                label=placeholder_name
            )  # TODO: modify as necessary for non-us numbers
        else:
            field = uk_mobile_number(
                label=placeholder_name
            )  # TODO: replace with us_mobile_number
    else:
        field = GovukTextInputField(
            placeholder_name, validators=[DataRequired(message="Cannot be empty")]
        )

    PlaceholderForm.placeholder_value = field

    return PlaceholderForm(
        placeholder_value=dict_to_populate_from.get(placeholder_name, "")
    )


class SetSenderForm(StripWhitespaceForm):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.sender.choices = kwargs["sender_choices"]
        self.sender.label.text = kwargs["sender_label"]

    sender = GovukRadiosField()


class SetTemplateSenderForm(StripWhitespaceForm):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.sender.choices = kwargs["sender_choices"]
        self.sender.label.text = "Select your sender"

    sender = GovukRadiosField()


class AdminSetOrganizationForm(StripWhitespaceForm):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.organizations.choices = kwargs["choices"]

    organizations = GovukRadiosField(
        "Select an organization", validators=[DataRequired()]
    )


class AdminServiceAddDataRetentionForm(StripWhitespaceForm):
    notification_type = GovukRadiosField(
        "What notification type?",
        choices=[
            ("email", "Email"),
            ("sms", "SMS"),
        ],
        thing="notification type",
    )
    days_of_retention = GovukIntegerField(
        label="Days of retention",
        validators=[
            validators.NumberRange(min=3, max=90, message="Must be between 3 and 90")
        ],
    )


class AdminServiceEditDataRetentionForm(StripWhitespaceForm):
    days_of_retention = GovukIntegerField(
        label="Days of retention",
        validators=[
            validators.NumberRange(min=3, max=90, message="Must be between 3 and 90")
        ],
    )


class TemplateFolderForm(StripWhitespaceForm):
    def __init__(self, all_service_users=None, *args, **kwargs):
        super().__init__(*args, **kwargs)
        if all_service_users is not None:
            self.users_with_permission.all_service_users = all_service_users
            self.users_with_permission.choices = [
                (item.id, item.name) for item in all_service_users
            ]

    users_with_permission = GovukCollapsibleCheckboxesField(
        "Team members who can see this folder", field_label="team member"
    )
    name = GovukTextInputField(
        "Folder name", validators=[DataRequired(message="Cannot be empty")]
    )


def required_for_ops(*operations):
    operations = set(operations)

    def validate(form, field):
        if form.op not in operations and any(field.raw_data):
            # super weird
            raise validators.StopValidation("Must be empty")
        if form.op in operations and not any(field.raw_data):
            raise validators.StopValidation("Cannot be empty")

    return validate


class TemplateAndFoldersSelectionForm(Form):
    """
    This form expects the form data to include an operation, based on which submit button is clicked.
    If enter is pressed, unknown will be sent by a hidden submit button at the top of the form.
    The value of this operation affects which fields are required, expected to be empty, or optional.

    * unknown
        currently not implemented, but in the future will try and work out if there are any obvious commands that can be
        assumed based on which fields are empty vs populated.
    * move-to-existing-folder
        must have data for templates_and_folders checkboxes, and move_to radios
    * move-to-new-folder
        must have data for move_to_new_folder_name, cannot have data for move_to_existing_folder_name
    * add-new-folder
        must have data for move_to_existing_folder_name, cannot have data for move_to_new_folder_name
    """

    ALL_TEMPLATES_FOLDER = {
        "name": "Templates",
        "id": RadioFieldWithNoneOption.NONE_OPTION_VALUE,
    }

    def __init__(
        self,
        all_template_folders,
        template_list,
        available_template_types,
        allow_adding_copy_of_template,
        *args,
        **kwargs,
    ):
        super().__init__(*args, **kwargs)

        self.available_template_types = available_template_types

        self.templates_and_folders.choices = template_list.as_id_and_name

        self.op = None
        self.is_move_op = self.is_add_folder_op = self.is_add_template_op = False

        self.move_to.all_template_folders = all_template_folders
        self.move_to.choices = [
            (item["id"], item["name"])
            for item in ([self.ALL_TEMPLATES_FOLDER] + all_template_folders)
        ]

        self.add_template_by_template_type.choices = list(
            filter(
                None,
                [
                    # ('email', 'Email') if 'email' in available_template_types else None,
                    ("sms", "Start with a blank template")
                    if "sms" in available_template_types
                    else None,
                    ("copy-existing", "Copy an existing template")
                    if allow_adding_copy_of_template
                    else None,
                ],
            )
        )

    @property
    def trying_to_add_unavailable_template_type(self):
        return all(
            (
                self.is_add_template_op,
                self.add_template_by_template_type.data,
                self.add_template_by_template_type.data
                not in self.available_template_types,
            )
        )

    def is_selected(self, template_folder_id):
        return template_folder_id in (self.templates_and_folders.data or [])

    def validate(self, extra_validators=None):
        self.op = request.form.get("operation")

        self.is_move_op = self.op in {"move-to-existing-folder", "move-to-new-folder"}
        self.is_add_folder_op = self.op in {"add-new-folder", "move-to-new-folder"}
        self.is_add_template_op = self.op in {"add-new-template"}

        if not (self.is_add_folder_op or self.is_move_op or self.is_add_template_op):
            return False

        return super().validate(extra_validators)

    def get_folder_name(self):
        if self.op == "add-new-folder":
            return self.add_new_folder_name.data
        elif self.op == "move-to-new-folder":
            return self.move_to_new_folder_name.data
        return None

    templates_and_folders = GovukCheckboxesField(
        "Choose templates or folders",
        validators=[required_for_ops("move-to-new-folder", "move-to-existing-folder")],
        choices=[],  # added to keep order of arguments, added properly in __init__
        param_extensions={"fieldset": {"legend": {"classes": "usa-sr-only"}}},
    )
    # if no default set, it is set to None, which process_data transforms to '__NONE__'
    # this means '__NONE__' (self.ALL_TEMPLATES option) is selected when no form data has been submitted
    # set default to empty string so process_data method doesn't perform any transformation
    move_to = NestedRadioField(
        "Choose a folder",
        default="",
        validators=[required_for_ops("move-to-existing-folder"), Optional()],
    )
    add_new_folder_name = GovukTextInputField(
        "Folder name", validators=[required_for_ops("add-new-folder")]
    )
    move_to_new_folder_name = GovukTextInputField(
        "Folder name", validators=[required_for_ops("move-to-new-folder")]
    )

    add_template_by_template_type = RadioFieldWithRequiredMessage(
        "New template",
        validators=[
            required_for_ops("add-new-template"),
            Optional(),
        ],
        required_message="Select the type of template you want to add",
    )


class AdminClearCacheForm(StripWhitespaceForm):
    model_type = GovukCheckboxesField(
        "What do you want to clear today",
    )

    def validate_model_type(self, field):
        if not field.data:
            raise ValidationError("Select at least one option")


class ChangeSecurityKeyNameForm(StripWhitespaceForm):
    security_key_name = GovukTextInputField(
        "Name of key",
        validators=[
            DataRequired(message="Cannot be empty"),
            MustContainAlphanumericCharacters(),
            Length(max=255, message="Name of key must be 255 characters or fewer"),
        ],
    )
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								import weakref
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								from datetime import datetime, timedelta
-												Make whitespace stripping work for whitelists too

It’s a bit hacky, but it fixes a potential issue for users.

Code adapted from:
https://github.com/alphagov/digitalmarketplace-utils/commit/2c34f678ab4a34eaa1c510c91dacfc210343f389

											
										
										
											2017-12-11 16:22:37 +00:00
+								from itertools import chain
-												Replay falsey values in input fields

Currently an integer of 0 doesn't get shown because it fails the
truthiness check in the govuk-frontend template [^1]. Note that
we can't just do str(value) as for None this would be "None".

[^1]: https://github.com/alphagov/govuk-frontend/blob/fd4952f1c02c79056e09fc9c9ebae5c078140e49/src/govuk/components/input/template.njk#L51

											
										
										
											2022-03-01 13:51:04 +00:00
+								from numbers import Number
-												[WIP]
Let the API return a 400 error message if the service name is a duplicate.

											
										
										
											2017-08-07 11:30:25 +01:00
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								import pytz
-												Remove PY_TIMEZONE references (#547)

This changeset removes the PY_TIMEZONE configuration variable and updates all references to it to refer directly to pytz.utc instead.  It also cleans up a few of the import statements and removes those that are no longer needed (like the current_app reference from Flask).

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
											
										
										
											2023-06-12 17:00:20 -04:00
+								from flask import Markup, render_template, request
-												move invite error handler to top level

ensure we catch org errors as well as regular errors

											
										
										
											2020-03-06 11:53:55 +00:00
+								from flask_login import current_user
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								from flask_wtf import FlaskForm as Form
 								from flask_wtf.file import FileAllowed
 								from flask_wtf.file import FileField as FileField_wtf
-												Reject CSV / Spreadsheet files larger than 10Mb

This is a quick additional check to protect the user:

- From getting a CloudFront 502 error if the file takes too
long to upload. I was surprised to find it takes about 1 minute
to upload a 70Mb file to S3.*

- From getting a CloudFront 502 error when we follow the redirect
and run through the slow processing code in utils that builds a
RecipientCSV [1].

For context, a CSV with 100K rows and a few columns is around 5Mb,
so a 10Mb limit should be enough. Analysis over the past week shows
that the vast majority of CSV uploads are actually < 2.5Mb.

I haven't added any tests for this because:

- The check isn't critical, as the worst case scenario is the user
gets a worse error than this in-app one.

- There's no easy way to mock the validation, and I didn't want to
have a test that depends on a 10Mb+ file.

*We're using "key.put" to upload the file, when we could be doing
a multipart upload [2]. However, I tried this myself with a chunk
size of 1000 bytes and found it only led to a marginal improvement.

[1]: https://github.com/alphagov/notifications-utils/pull/930
[2]: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/s3-uploading-files.html

											
										
										
											2021-12-07 12:39:37 +00:00
+								from flask_wtf.file import FileSize
-												Upgrade utils to 48.0.0

Fixes a bug with non breaking spaces being removed from templates

											
										
										
											2021-10-29 16:10:55 +01:00
+								from notifications_utils.formatters import strip_all_whitespace
-												Bump utils to 53.0.0

Changes:

53.0.0
---

* `notifications_utils.columns.Columns` has moved to
  `notifications_utils.insensitive_dict.InsensitiveDict`
* `notifications_utils.columns.Rows` has moved to
  `notifications_utils.recipients.Rows`
* `notifications_utils.columns.Cell` has moved to
  `notifications_utils.recipients.Cell`

52.0.0
---

* Deprecate the following unused `redis_client` functions:
  - `redis_client.increment_hash_value`
  - `redis_client.decrement_hash_value`
  - `redis_client.get_all_from_hash`
  - `redis_client.set_hash_and_expire`
  - `redis_client.expire`

51.3.1
---

* Bump govuk-bank-holidays to cache holidays for next year.

51.3.0
---

* Log exception and stacktrace when Celery tasks fail.

											
										
										
											2022-02-04 10:43:36 +00:00
+								from notifications_utils.insensitive_dict import InsensitiveDict
-												merge from main

											
										
										
											2023-08-25 08:57:24 -07:00
+								from notifications_utils.recipients import InvalidPhoneError, validate_phone_number
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								from werkzeug.utils import cached_property
-												resolve merge conflicts

											
										
										
											2016-01-12 10:43:23 +00:00
+								from wtforms import (
-												[WIP] New user can now accept invite and will be made to
register. On succesful register and verfication they
will be added to service and forwarded to dashboard.

Nothing is done yet with the permissions requested in the
invite to the user.

											
										
										
											2016-03-02 15:25:04 +00:00
+								    BooleanField,
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								    DateField,
-												Bump WTForms and Flask-WTF to latest versions

WTForms versions less than 3.0.0 have a security vulnerability where
arbitrary HTML can be inserted into the label of a form, allowing the
possibility of a cross-site scripting attack.

I don’t know if there’s anywhere we put user-generated content into form
labels but it’s possible we are vulnerable somewhere.

This require moving some imports because as of
https://github.com/wtforms/wtforms/pull/614/files
there is no longer a separate module for HTML 5 fields, they are now
considered core fields.

As of https://github.com/wtforms/wtforms/issues/445/files custom
implementations of `pre_validate` or `post_validate` must raise
`ValidationError` to trigger a validation message, where we were raising
`ValueError` this was no longer being caught.

As of https://github.com/wtforms/wtforms/pull/355/files `StringField`
returns `None` for empty data, not `''` but our `validate_email_address`
function only accepts strings.

											
										
										
											2021-11-30 17:17:16 +00:00
+								    EmailField,
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								    FieldList,
 								    FileField,
-												Added provider management pages in.

- see priority
- change priority

											
										
										
											2016-05-11 09:43:55 +01:00
+								    HiddenField,
-												Add radio buttons for choosing the API key type

Best-guess wording for what the labels and question should be.

Adds a macro for rendering radio buttons from a WTForms field.

											
										
										
											2016-06-29 17:10:49 +01:00
+								    IntegerField,
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								    PasswordField,
-												Bump WTForms to 2.3.1

This involves three changes which broke our code.

To validate email addresses, the optional dependency `email-validator`
must be installed<sup>1</sup>. But since we don’t use WTForms’ email
validation, we shouldn’t need to subclass it – it can just be its own
self contained thing. Then we don’t need to add the extra dependency.

When rendering textareas, and extra `\r\n` is inserted at the beginning
<sup>2</sup>. Browsers will strip this when displaying the textbox and
submitting the form, but some of our tests need updating to account for
this.

The error message for when you don’t choose an option from some radio
buttons has now changed. Rather than just accepting WTForms’ new
message, this commit makes the error messages like the examples from
the Design System<sup>3</sup>. By default it will say ‘Select an
option’, but by passing in an extra parameter (`thing`) it can be
customised to be more specific, for example ‘Select a type of
organisation’.

***

1. https://github.com/wtforms/wtforms/pull/429
2. https://github.com/wtforms/wtforms/issues/238
3. https://design-system.service.gov.uk/components/radios/#error-messages

											
										
										
											2020-04-22 17:49:03 +01:00
+								)
 								from wtforms import RadioField as WTFormsRadioField
 								from wtforms import (
-												Bump WTForms and Flask-WTF to latest versions

WTForms versions less than 3.0.0 have a security vulnerability where
arbitrary HTML can be inserted into the label of a form, allowing the
possibility of a cross-site scripting attack.

I don’t know if there’s anywhere we put user-generated content into form
labels but it’s possible we are vulnerable somewhere.

This require moving some imports because as of
https://github.com/wtforms/wtforms/pull/614/files
there is no longer a separate module for HTML 5 fields, they are now
considered core fields.

As of https://github.com/wtforms/wtforms/issues/445/files custom
implementations of `pre_validate` or `post_validate` must raise
`ValidationError` to trigger a validation message, where we were raising
`ValueError` this was no longer being caught.

As of https://github.com/wtforms/wtforms/pull/355/files `StringField`
returns `None` for empty data, not `''` but our `validate_email_address`
function only accepts strings.

											
										
										
											2021-11-30 17:17:16 +00:00
+								    SearchField,
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
+								    SelectMultipleField,
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								    StringField,
-												Bump WTForms and Flask-WTF to latest versions

WTForms versions less than 3.0.0 have a security vulnerability where
arbitrary HTML can be inserted into the label of a form, allowing the
possibility of a cross-site scripting attack.

I don’t know if there’s anywhere we put user-generated content into form
labels but it’s possible we are vulnerable somewhere.

This require moving some imports because as of
https://github.com/wtforms/wtforms/pull/614/files
there is no longer a separate module for HTML 5 fields, they are now
considered core fields.

As of https://github.com/wtforms/wtforms/issues/445/files custom
implementations of `pre_validate` or `post_validate` must raise
`ValidationError` to trigger a validation message, where we were raising
`ValueError` this was no longer being caught.

As of https://github.com/wtforms/wtforms/pull/355/files `StringField`
returns `None` for empty data, not `''` but our `validate_email_address`
function only accepts strings.

											
										
										
											2021-11-30 17:17:16 +00:00
+								    TelField,
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								    TextAreaField,
 								    ValidationError,
 								    validators,
-												Add flake8 linting to project

The GDS Way™[1] recommends using Flake8 to lint Python projects.

This commit takes the Flake8 config from Digital Marketplace API[2] and
removes the bits we don’t need.

It changes the `max_complexity` setting to 14, which is the most complex
code we have in this repo currently (we shouldn’t be writing code _more_
complex than what we already have).

This commit also fixes the errors found by Flake8, which includes 6(!)
tests which were never getting run because they had the same names as
existing tests.

Here is a full list of the errors that were found and fixed:
```
./app/__init__.py:2:1: F401 're' imported but unused
./app/__init__.py:4:1: F401 'json' imported but unused
./app/__init__.py:8:1: F401 'dateutil' imported but unused
./app/__init__.py:11:1: F401 'flask.escape' imported but unused
./app/__init__.py:41:1: F401 'app.proxy_fix' imported but unused
./app/__init__.py:129:5: F821 undefined name 'proxy_fix'
./app/__init__.py:221:19: F821 undefined name 'highlight'
./app/__init__.py:221:35: F821 undefined name 'JavascriptLexer'
./app/__init__.py:221:54: F821 undefined name 'HtmlFormatter'
./app/config.py:2:1: F401 'datetime.timedelta' imported but unused
./app/event_handlers.py:2:1: F401 'flask_login.current_user' imported but unused
./app/utils.py:11:1: F401 'dateutil.parser' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.two_factor' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.notifications' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.add_service' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.forgot_password' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.inbound_number' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.styleguide' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.organisations' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.letter_jobs' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.verify' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.conversation' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.api_keys' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.send' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.dashboard' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.jobs' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.manage_users' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.sign_in' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.sign_out' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.code_not_received' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.invites' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.platform_admin' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.providers' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.service_settings' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.index' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.new_password' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.user_profile' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.feedback' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.choose_service' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.templates' imported but unused
./app/main/__init__.py:5:1: F401 'app.main.views.register' imported but unused
./app/main/forms.py:12:1: F401 'wtforms.SelectField' imported but unused
./app/main/views/api_keys.py:37:29: E241 multiple spaces after ':'
./app/main/views/feedback.py:3:1: F401 'flask.flash' imported but unused
./app/main/views/feedback.py:122:17: E123 closing bracket does not match indentation of opening bracket's line
./app/main/views/inbound_number.py:1:1: F401 'flask.url_for' imported but unused
./app/main/views/inbound_number.py:1:1: F401 'flask.session' imported but unused
./app/main/views/inbound_number.py:1:1: F401 'flask.redirect' imported but unused
./app/main/views/inbound_number.py:1:1: F401 'flask.request' imported but unused
./app/main/views/inbound_number.py:13:1: F401 'flask.jsonify' imported but unused
./app/main/views/jobs.py:31:1: F401 'app.utils.get_template' imported but unused
./app/main/views/letter_jobs.py:1:1: F401 'datetime' imported but unused
./app/main/views/letter_jobs.py:6:1: F401 'app.format_datetime_24h' imported but unused
./app/main/views/manage_users.py:111:9: E123 closing bracket does not match indentation of opening bracket's line
./app/main/views/notifications.py:121:5: F841 local variable 'status_args' is assigned to but never used
./app/main/views/organisations.py:1:1: F401 'flask.request' imported but unused
./app/main/views/service_settings.py:77:9: E123 closing bracket does not match indentation of opening bracket's line
./app/main/views/service_settings.py:82:9: E123 closing bracket does not match indentation of opening bracket's line
./app/main/views/service_settings.py:420:13: E123 closing bracket does not match indentation of opening bracket's line
./app/main/views/sign_in.py:12:1: F401 'flask_login.confirm_login' imported but unused
./app/main/views/sign_in.py:17:1: F401 'app.service_api_client' imported but unused
./app/main/views/sign_in.py:62:13: E123 closing bracket does not match indentation of opening bracket's line
./app/main/views/templates.py:4:1: F401 'flask.json' imported but unused
./app/main/views/templates.py:17:1: F401 'notifications_utils.formatters.escape_html' imported but unused
./app/main/views/templates.py:23:1: F401 'app.utils.get_help_argument' imported but unused
./app/main/views/templates.py:64:13: E123 closing bracket does not match indentation of opening bracket's line
./app/notify_client/service_api_client.py:6:1: F401 '.notification_api_client' imported but unused
./app/notify_client/user_api_client.py:1:1: F401 'uuid' imported but unused
./app/notify_client/user_api_client.py:3:1: F401 'flask.session' imported but unused
./tests/__init__.py:1:1: F401 'csv' imported but unused
./tests/app/main/test_asset_fingerprinter.py:2:1: F401 'os' imported but unused
./tests/app/main/test_asset_fingerprinter.py:4:1: F401 'unittest.mock' imported but unused
./tests/app/main/test_asset_fingerprinter.py:98:9: F841 local variable 'string_with_unicode_character' is assigned to but never used
./tests/app/main/test_errorhandlers.py:2:1: F401 'flask.url_for' imported but unused
./tests/app/main/test_permissions.py:26:13: F841 local variable 'response' is assigned to but never used
./tests/app/main/test_placeholder_form.py:3:1: F401 'wtforms.Label' imported but unused
./tests/app/main/test_placeholder_form.py:11:10: F841 local variable 'req' is assigned to but never used
./tests/app/main/test_two_factor_form.py:10:67: F841 local variable 'req' is assigned to but never used
./tests/app/main/test_two_factor_form.py:23:65: F841 local variable 'req' is assigned to but never used
./tests/app/main/test_two_factor_form.py:37:48: F841 local variable 'req' is assigned to but never used
./tests/app/main/test_two_factor_form.py:51:67: F841 local variable 'req' is assigned to but never used
./tests/app/main/test_two_factor_form.py:65:67: F841 local variable 'req' is assigned to but never used
./tests/app/main/views/test_accept_invite.py:356:5: F841 local variable 'element' is assigned to but never used
./tests/app/main/views/test_activity.py:11:1: F811 redefinition of unused 'mock_get_notifications' from line 11
./tests/app/main/views/test_activity.py:18:1: F401 'datetime.datetime' imported but unused
./tests/app/main/views/test_activity.py:102:5: F841 local variable 'content' is assigned to but never used
./tests/app/main/views/test_activity.py:104:5: F841 local variable 'notification' is assigned to but never used
./tests/app/main/views/test_activity.py:337:5: F841 local variable '_notifications_mock' is assigned to but never used
./tests/app/main/views/test_activity.py:373:13: E126 continuation line over-indented for hanging indent
./tests/app/main/views/test_activity.py:378:9: E121 continuation line under-indented for hanging indent
./tests/app/main/views/test_activity.py:404:13: E126 continuation line over-indented for hanging indent
./tests/app/main/views/test_activity.py:407:9: E121 continuation line under-indented for hanging indent
./tests/app/main/views/test_api_keys.py:354:5: F841 local variable 'response' is assigned to but never used
./tests/app/main/views/test_conversation.py:5:1: F401 'bs4.BeautifulSoup' imported but unused
./tests/app/main/views/test_conversation.py:198:5: F841 local variable 'mock_get_inbound_sms' is assigned to but never used
./tests/app/main/views/test_dashboard.py:53:5: F841 local variable 'mock_template_stats' is assigned to but never used
./tests/app/main/views/test_dashboard.py:72:5: F841 local variable 'mock_template_stats' is assigned to but never used
./tests/app/main/views/test_jobs.py:2:1: F401 'uuid' imported but unused
./tests/app/main/views/test_jobs.py:3:1: F401 'urllib.parse.urlparse' imported but unused
./tests/app/main/views/test_jobs.py:3:1: F401 'urllib.parse.quote' imported but unused
./tests/app/main/views/test_jobs.py:3:1: F401 'urllib.parse.parse_qs' imported but unused
./tests/app/main/views/test_jobs.py:9:1: F401 'app.main.views.jobs.get_status_filters' imported but unused
./tests/app/main/views/test_jobs.py:10:1: F401 'tests.notification_json' imported but unused
./tests/app/main/views/test_letters.py:6:1: F401 'tests.service_json' imported but unused
./tests/app/main/views/test_notifications.py:5:1: F401 'app.utils.REQUESTED_STATUSES' imported but unused
./tests/app/main/views/test_notifications.py:5:1: F401 'app.utils.DELIVERED_STATUSES' imported but unused
./tests/app/main/views/test_notifications.py:5:1: F401 'app.utils.SENDING_STATUSES' imported but unused
./tests/app/main/views/test_notifications.py:5:1: F401 'app.utils.FAILURE_STATUSES' imported but unused
./tests/app/main/views/test_platform_admin.py:242:13: E126 continuation line over-indented for hanging indent
./tests/app/main/views/test_platform_admin.py:247:13: E126 continuation line over-indented for hanging indent
./tests/app/main/views/test_send.py:3:1: F401 'unittest.mock.Mock' imported but unused
./tests/app/main/views/test_send.py:18:1: F811 redefinition of unused 'mock_get_service' from line 18
./tests/app/main/views/test_send.py:18:1: F401 'tests.conftest.multiple_letter_contact_blocks' imported but unused
./tests/app/main/views/test_send.py:18:1: F401 'tests.conftest.no_sms_senders' imported but unused
./tests/app/main/views/test_send.py:18:1: F401 'tests.conftest.multiple_sms_senders' imported but unused
./tests/app/main/views/test_send.py:18:1: F401 'tests.conftest.no_letter_contact_blocks' imported but unused
./tests/app/main/views/test_send.py:102:5: F841 local variable 'response' is assigned to but never used
./tests/app/main/views/test_send.py:870:5: F841 local variable 'response' is assigned to but never used
./tests/app/main/views/test_send.py:1367:5: F841 local variable 'service_id' is assigned to but never used
./tests/app/main/views/test_send.py:1451:13: E126 continuation line over-indented for hanging indent
./tests/app/main/views/test_send.py:1620:80: E226 missing whitespace around arithmetic operator
./tests/app/main/views/test_send.py:1909:13: E126 continuation line over-indented for hanging indent
./tests/app/main/views/test_send.py:1912:9: E121 continuation line under-indented for hanging indent
./tests/app/main/views/test_service_settings.py:13:1: F811 redefinition of unused 'no_reply_to_email_addresses' from line 13
./tests/app/main/views/test_service_settings.py:13:1: F401 'tests.conftest.single_reply_to_email_address' imported but unused
./tests/app/main/views/test_service_settings.py:28:5: E123 closing bracket does not match indentation of opening bracket's line
./tests/app/main/views/test_service_settings.py:104:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:166:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:186:5: F841 local variable 'mocked_get_fn' is assigned to but never used
./tests/app/main/views/test_service_settings.py:217:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:237:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:257:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:307:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:340:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:466:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:555:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:615:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:719:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:874:5: F841 local variable 'page' is assigned to but never used
./tests/app/main/views/test_service_settings.py:902:5: F841 local variable 'page' is assigned to but never used
./tests/app/main/views/test_service_settings.py:954:5: F841 local variable 'page' is assigned to but never used
./tests/app/main/views/test_service_settings.py:986:5: F841 local variable 'page' is assigned to but never used
./tests/app/main/views/test_service_settings.py:1101:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1121:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1271:1: F811 redefinition of unused 'test_set_letter_contact_block_saves' from line 1189
./tests/app/main/views/test_service_settings.py:1433:5: F841 local variable 'page' is assigned to but never used
./tests/app/main/views/test_service_settings.py:1495:5: F841 local variable 'mocked_get_fn' is assigned to but never used
./tests/app/main/views/test_service_settings.py:1540:5: F841 local variable 'mocked_get_fn' is assigned to but never used
./tests/app/main/views/test_service_settings.py:1570:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1589:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1621:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1641:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1658:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1676:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1697:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1759:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_service_settings.py:1775:1: F811 redefinition of unused 'single_reply_to_email_address' from line 13
./tests/app/main/views/test_templates.py:3:1: F401 'uuid' imported but unused
./tests/app/main/views/test_templates.py:11:1: F401 'tests.conftest.mock_get_user' imported but unused
./tests/app/main/views/test_templates.py:514:1: F811 redefinition of unused 'mock_get_user' from line 11
./tests/app/main/views/test_templates.py:672:1: F811 redefinition of unused 'mock_get_user' from line 11
./tests/app/main/views/test_templates.py:795:1: F811 redefinition of unused 'mock_get_user' from line 11
./tests/app/main/views/test_templates.py:835:1: F811 redefinition of unused 'mock_get_user' from line 11
./tests/app/main/views/test_two_factor.py:67:13: E126 continuation line over-indented for hanging indent
./tests/app/notify_client/test_notification_client.py:79:5: F841 local variable 'mock_post' is assigned to but never used
```

1. https://gds-way.cloudapps.digital/manuals/programming-languages/python/linting.html#how-to-use-flake8
2. https://github.com/alphagov/digitalmarketplace-api/blob/d5ab8afef4a0472f9d266d94ab4ffe1333a9aaad/.flake8

											
										
										
											2017-10-18 14:51:26 +01:00
+								)
-												Allow free allowance to be set to 0

We want to be able to set the free allowance for a service to 0, but the
form was not allowing this - it gave an error message of `Cannot be
empty`. This can be fixed by changing the WTForms validator from
`DataRequired` (which coerces 0 to falsey) to the `InputRequired`
validator.

											
										
										
											2022-02-25 11:27:56 +00:00
+								from wtforms.validators import (
 								    URL,
 								    DataRequired,
 								    InputRequired,
 								    Length,
 								    Optional,
 								    Regexp,
 								)
-												First slice of csv upload of phone numbers for sending messages.

At the moment the file contents are not persisted by checked in
memory.

The first and last three records are show if all are valid.

If there are invalid rows, they are reported and the user is
prompted to go back and sort out upload file.

The storing of upload result (i.e. validation of file) in session
will be removed in next story which is about persisting of file
for later processing.

											
										
										
											2016-01-11 15:00:51 +00:00
-												Format `auth_type` in a consistent way in the UI

On the ‘find user’ page it says ‘sms_auth’ instead of ‘Text message
code’.

This commit fixes that, and adds a handy formatter so it’s easier to do
the right thing in the future.

											
										
										
											2022-03-14 14:39:54 +00:00
+								from app.formatters import (
 								    format_auth_type,
 								    format_thousands,
 								    guess_name_from_email_address,
 								)
-												Refactor to use validator class

Using a separate validator class to check for appropriate characters in
a text message sender means that we’re not doing this validation in a
different way from the other checks (length and required). So the code
is cleaner.

											
										
										
											2018-01-31 10:26:37 +00:00
+								from app.main.validators import (
-												Remove term ‘blacklist’ from codebase

‘Commonly used passwords’ is more specific, and avoids the terminology
‘blacklist’ which the National Cyber Security Centre explain to be
problematic:

> It's fairly common to say whitelisting and blacklisting to describe desirable and undesirable things in cyber security. For instance, when talking about which applications you will allow or deny on your corporate network; or deciding which bad passwords you want your users not to be able to use.
>
> However, there's an issue with the terminology. It only makes sense if you equate white with 'good, permitted, safe' and black with 'bad, dangerous, forbidden'. There are some obvious problems with this. So in the name of helping to stamp out racism in cyber security, we will
> avoid this casually pejorative wording on our website in the future. No, it's not the biggest issue in the world - but to borrow a slogan from elsewhere: every little helps.

– https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white

											
										
										
											2020-06-16 18:04:29 +01:00
+								    CommonlyUsedPassword,
-												Refactor to use validator class

Using a separate validator class to check for appropriate characters in
a text message sender means that we’re not doing this validation in a
different way from the other checks (length and required). So the code
is cleaner.

											
										
										
											2018-01-31 10:26:37 +00:00
+								    CsvFileValidator,
-												Update SMS sender validation to reject senders starting with 00

Having SMS senders that start with 00 can cause issues with Firetext due
to Firetext's validation rules, so we shouldn't allow SMS senders to start
with 00.

Firetext treats a double 00 at the start of the senderID as an international
prefix, so removes them. A sender of 00447876574016 would become 447876574016.

Under Firetext's validation rules, an SMS sender of five 0s (00000) would
become  4400. This is because the first 00 are removed (as the international
prefix). The third 0 is seen as the start of a phone number, and becomes 44,
leaving the final 00 = 4400.

											
										
										
											2018-02-28 11:50:41 +00:00
+								    DoesNotStartWithDoubleZero,
-												Allow straight single quote in sms sender names

This is so we can allow the sender name 'UC' for DWP.

Note, this is specifically only straight single quotes and not curly
quotes or double quotes. Curly quotes are not supported in the GSM
character set (https://en.wikipedia.org/wiki/GSM_03.38). There is
currently no defined user ask to support double quotes in sms sender
names.

I have tested this by sending a message through both Firetext and MMG to
make sure they both support the single quote character in SMS sender
names.

DWP also have had no particular issues using the SMS sender name with
their existing system in the past either.

											
										
										
											2021-07-26 15:10:57 +01:00
+								    LettersNumbersSingleQuotesFullStopsAndUnderscoresOnly,
-												Validate service and organisation name

											
										
										
											2019-11-08 17:12:32 +00:00
+								    MustContainAlphanumericCharacters,
-												Refactor to use validator class

Using a separate validator class to check for appropriate characters in
a text message sender means that we’re not doing this validation in a
different way from the other checks (length and required). So the code
is cleaner.

											
										
										
											2018-01-31 10:26:37 +00:00
+								    NoCommasInPlaceHolders,
-												Do not allow to upload SVG logos with embedded raster images in them

Those are for example png or jpg images. They do not render properly.

											
										
										
											2020-03-04 14:25:14 +00:00
+								    NoEmbeddedImagesInSVG,
-												Don’t allow `<text>` elements in letter logos

To render text in an SVG consistently the system rendering the SVG must
have the fonts specified by the SVG installed.

If the fonts are not installed then the renderer will fall back to a
system font and the text will look different. This is especially bad
news for branding where the right font is an integral part of any brand.

To fix this, the text should instead be converted to `<path>` elements.
This process is sometimes called ‘outlining’.

A few of our logos had this problem, and I’ve fixed most of them by
hand. Adding this validation will stop the problem, coming up again.

											
										
										
											2022-01-06 11:21:12 +00:00
+								    NoTextInSVG,
-												Allow Welsh characters in SMS

- This brings in the latest version of notifications-utils which
allows Welsh characters in SMS templates.
- Updated the pricing page to show the new prices for SMS with certain
Welsh characters

											
										
										
											2019-05-03 15:13:39 +01:00
+								    OnlySMSCharacters,
-												Enforce order and style of imports

Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort

											
										
										
											2018-02-20 11:22:17 +00:00
+								    ValidEmail,
 								    ValidGovEmail,
-												Refactor to use validator class

Using a separate validator class to check for appropriate characters in
a text message sender means that we’re not doing this validation in a
different way from the other checks (length and required). So the code
is cleaner.

											
										
										
											2018-01-31 10:26:37 +00:00
+								)
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								from app.models.organization import Organization
-												remove email branding

											
										
										
											2023-12-18 16:10:12 -05:00
+								from app.utils import merge_jsonlike
-												notify-api-861 show eastern time

											
										
										
											2023-11-16 12:24:27 -08:00
+								from app.utils.csv import get_user_preferred_timezone
-												remove broadcast-related code

											
										
										
											2022-10-04 03:04:13 +00:00
+								from app.utils.user_permissions import all_ui_permissions, permission_options
-												Moved mobile validation to utils module for use in csv upload as well.

This could be moved to shared utils code base at some point.

											
										
										
											2016-02-01 16:57:40 +00:00
-												108536490: Initial effort to implement log in

Add endpoint for post to /sign-in
Initialise role data

											
										
										
											2015-11-27 09:47:29 +00:00
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								def get_time_value_and_label(future_time):
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    preferred_tz = pytz.timezone(get_user_preferred_timezone())
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								    return (
-												make ChooseTimeForm time zone aware

											
										
										
											2024-02-07 12:14:00 -08:00
+								        future_time.astimezone(preferred_tz).isoformat(),
-												notify-api-861 show eastern time

											
										
										
											2023-11-16 12:24:27 -08:00
+								        "{} at {} {}".format(
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								            get_human_day(future_time.astimezone(preferred_tz)),
 								            get_human_time(future_time.astimezone(preferred_tz)),
-												notify-api-861 show eastern time

											
										
										
											2023-11-16 12:24:27 -08:00
+								            get_user_preferred_timezone(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        ),
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								    )
 								def get_human_time(time):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    return {"0": "midnight", "12": "noon"}.get(
 								        time.strftime("%-H"), time.strftime("%-I%p").lower()
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								    )
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def get_human_day(time, prefix_today_with="T"):
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
+								    #  Add 1 hour to get ‘midnight today’ instead of ‘midnight tomorrow’
-												notify-api-861 show eastern time

											
										
										
											2023-11-16 12:24:27 -08:00
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    preferred_tz = pytz.timezone(get_user_preferred_timezone())
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    time = (time - timedelta(hours=1)).strftime("%A")
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    if time == datetime.now(preferred_tz).strftime("%A"):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return "{}oday".format(prefix_today_with)
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    if time == (datetime.now(preferred_tz) + timedelta(days=1)).strftime("%A"):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return "Tomorrow"
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
+								    return time
 								def get_furthest_possible_scheduled_time():
-												use local timezone to get future sending options

											
										
										
											2022-11-29 16:38:06 -05:00
+								    # We want local time to find date boundaries
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    preferred_tz = pytz.timezone(get_user_preferred_timezone())
 								    return (datetime.now(preferred_tz) + timedelta(days=4)).replace(hour=0)
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
 								def get_next_hours_until(until):
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    preferred_tz = pytz.timezone(get_user_preferred_timezone())
 								    now = datetime.now(preferred_tz)
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
+								    hours = int((until - now).total_seconds() / (60 * 60))
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								    return [
-												use local timezone to get future sending options

											
										
										
											2022-11-29 16:38:06 -05:00
+								        (now + timedelta(hours=i)).replace(minute=0, second=0, microsecond=0)
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								        for i in range(1, hours + 1)
 								    ]
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
+								def get_next_days_until(until):
-												code review feedback

											
										
										
											2023-11-22 08:09:28 -08:00
+								    preferred_tz = pytz.timezone(get_user_preferred_timezone())
 								    now = datetime.now(preferred_tz)
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
+								    days = int((until - now).total_seconds() / (60 * 60 * 24))
 								    return [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        get_human_day((now + timedelta(days=i)), prefix_today_with="Later t")
-												Allow a job to be scheduled any time in next 96hrs

If you want to send a job on Monday morning, you should be able to
schedule it on Friday. You shouldn’t need to work on the weekend.

96 hours is a full 4 days, so you can schedule a job at any time on
Friday for any time on Monday.

We’ve checked with the information assurance people, and they’re OK
with us holding the data for this extra amount of time.

This commit changes the choose time form from showing one radio button
for each of the next 24 hours to one for each of the next 96 hours. It
changes the labels from ‘9am’ to ‘Monday at 9am’ so it’s clear which
day you’re choosing.

											
										
										
											2016-10-11 14:11:10 +01:00
+								        for i in range(0, days + 1)
 								    ]
-												Bump WTForms to 2.3.1

This involves three changes which broke our code.

To validate email addresses, the optional dependency `email-validator`
must be installed<sup>1</sup>. But since we don’t use WTForms’ email
validation, we shouldn’t need to subclass it – it can just be its own
self contained thing. Then we don’t need to add the extra dependency.

When rendering textareas, and extra `\r\n` is inserted at the beginning
<sup>2</sup>. Browsers will strip this when displaying the textbox and
submitting the form, but some of our tests need updating to account for
this.

The error message for when you don’t choose an option from some radio
buttons has now changed. Rather than just accepting WTForms’ new
message, this commit makes the error messages like the examples from
the Design System<sup>3</sup>. By default it will say ‘Select an
option’, but by passing in an extra parameter (`thing`) it can be
customised to be more specific, for example ‘Select a type of
organisation’.

***

1. https://github.com/wtforms/wtforms/pull/429
2. https://github.com/wtforms/wtforms/issues/238
3. https://design-system.service.gov.uk/components/radios/#error-messages

											
										
										
											2020-04-22 17:49:03 +01:00
+								class RadioField(WTFormsRadioField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, *args, thing="an option", **kwargs):
-												Bump WTForms to 2.3.1

This involves three changes which broke our code.

To validate email addresses, the optional dependency `email-validator`
must be installed<sup>1</sup>. But since we don’t use WTForms’ email
validation, we shouldn’t need to subclass it – it can just be its own
self contained thing. Then we don’t need to add the extra dependency.

When rendering textareas, and extra `\r\n` is inserted at the beginning
<sup>2</sup>. Browsers will strip this when displaying the textbox and
submitting the form, but some of our tests need updating to account for
this.

The error message for when you don’t choose an option from some radio
buttons has now changed. Rather than just accepting WTForms’ new
message, this commit makes the error messages like the examples from
the Design System<sup>3</sup>. By default it will say ‘Select an
option’, but by passing in an extra parameter (`thing`) it can be
customised to be more specific, for example ‘Select a type of
organisation’.

***

1. https://github.com/wtforms/wtforms/pull/429
2. https://github.com/wtforms/wtforms/issues/238
3. https://design-system.service.gov.uk/components/radios/#error-messages

											
										
										
											2020-04-22 17:49:03 +01:00
+								        super().__init__(*args, **kwargs)
 								        self.thing = thing
 								        self.validate_choice = False
 								    def pre_validate(self, form):
 								        super().pre_validate(form)
 								        if self.data not in dict(self.choices).keys():
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise ValidationError(f"Select {self.thing}")
-												Bump WTForms to 2.3.1

This involves three changes which broke our code.

To validate email addresses, the optional dependency `email-validator`
must be installed<sup>1</sup>. But since we don’t use WTForms’ email
validation, we shouldn’t need to subclass it – it can just be its own
self contained thing. Then we don’t need to add the extra dependency.

When rendering textareas, and extra `\r\n` is inserted at the beginning
<sup>2</sup>. Browsers will strip this when displaying the textbox and
submitting the form, but some of our tests need updating to account for
this.

The error message for when you don’t choose an option from some radio
buttons has now changed. Rather than just accepting WTForms’ new
message, this commit makes the error messages like the examples from
the Design System<sup>3</sup>. By default it will say ‘Select an
option’, but by passing in an extra parameter (`thing`) it can be
customised to be more specific, for example ‘Select a type of
organisation’.

***

1. https://github.com/wtforms/wtforms/pull/429
2. https://github.com/wtforms/wtforms/issues/238
3. https://design-system.service.gov.uk/components/radios/#error-messages

											
										
										
											2020-04-22 17:49:03 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def email_address(label="Email address", gov_user=True, required=True):
-												Update forgotten password to allow non-gov with test

											
										
										
											2016-10-26 14:01:01 +01:00
+								    validators = [
-												Use email fields for feedback form

Otherwise we can end up collecting invalid email addresses…

This required some refactoring to allow our email fields to be optional
(but not by default).

											
										
										
											2018-12-07 12:23:12 +00:00
+								        ValidEmail(),
-												Update forgotten password to allow non-gov with test

											
										
										
											2016-10-26 14:01:01 +01:00
+								    ]
 								    if gov_user:
-												Refactor to use a cleaner and lean regex

											
										
										
											2016-10-28 10:45:05 +01:00
+								        validators.append(ValidGovEmail())
-												Use email fields for feedback form

Otherwise we can end up collecting invalid email addresses…

This required some refactoring to allow our email fields to be optional
(but not by default).

											
										
										
											2018-12-07 12:23:12 +00:00
 								    if required:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators.append(DataRequired(message="Cannot be empty"))
-												Use email fields for feedback form

Otherwise we can end up collecting invalid email addresses…

This required some refactoring to allow our email fields to be optional
(but not by default).

											
										
										
											2018-12-07 12:23:12 +00:00
-												Remove duplicate spellcheck false for email fields

											
										
										
											2020-08-13 10:53:28 +01:00
+								    return GovukEmailField(label, validators)
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												Use correct HTML 5 input types

These give devices a hint (although don’t mandate them) to use a numeric keypad,
or a keypad with the `@` symbol visible when entering phone numbers or email
addresses.

											
										
										
											2016-02-15 13:13:57 +00:00
+								class UKMobileNumber(TelField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Update UKMobileNumber & InternationalPhoneNumber

Changes those classes so they have the same
interface as a GOVUK field when instantiated and
render GovukTextInputField HTML.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 13:46:15 +01:00
+								        super(UKMobileNumber, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, type="tel", param_extensions=param_extensions, **kwargs
 								        )
-												Update UKMobileNumber & InternationalPhoneNumber

Changes those classes so they have the same
interface as a GOVUK field when instantiated and
render GovukTextInputField HTML.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 13:46:15 +01:00
-												Add form field for a UK mobile phone number

This field does two things:
- validates the format of the phone number
- outputs a consistent representation of the phone number

Because of this I think it’s better represented as a new field type, rather
than individual validators.

I also think that it’s better to do this without regular expression(s), because
it makes returning the specific error easier.

This commit also adds basic pass/fail test for a series of valid/invalid
phone numbers.

											
										
										
											2016-01-12 18:10:16 +00:00
+								    def pre_validate(self, form):
-												Moved mobile validation to utils module for use in csv upload as well.

This could be moved to shared utils code base at some point.

											
										
										
											2016-02-01 16:57:40 +00:00
+								        try:
-												Store phone number as the user entered it

It’s confusing to the user to have their phone number played back to them in
a format that they didn’t enter it. We’ve seen multiple times that people enter
0781… and then don’t recognise their own phone number when it’s played back as
+44781…

The API can handle phone numbers in any format as of
https://github.com/alphagov/notifications-api/pull/134

So there is no need to reformat the user’s phone number before storing it now.

											
										
										
											2016-03-08 07:17:39 +00:00
+								            validate_phone_number(self.data)
-												Moved mobile validation to utils module for use in csv upload as well.

This could be moved to shared utils code base at some point.

											
										
										
											2016-02-01 16:57:40 +00:00
+								        except InvalidPhoneError as e:
-												Add remaining endpoints for PDFs and PNGs

Right now we can show what a letter template looks like as a PDF or PNG.

This commit completes the work so this is also possible when:

- showing a template with the placeholders replaced
- showing any version of a template

Also removes dependency on `Exception().message`, which was deprecated
in Python 2.6. See
https://github.com/alphagov/notifications-utils/commit/97f82d565f3112926752ae382e723b0808a3135d
for full details.

											
										
										
											2016-12-20 14:38:34 +00:00
+								            raise ValidationError(str(e))
-												Add form field for a UK mobile phone number

This field does two things:
- validates the format of the phone number
- outputs a consistent representation of the phone number

Because of this I think it’s better represented as a new field type, rather
than individual validators.

I also think that it’s better to do this without regular expression(s), because
it makes returning the specific error easier.

This commit also adds basic pass/fail test for a series of valid/invalid
phone numbers.

											
										
										
											2016-01-12 18:10:16 +00:00
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								class InternationalPhoneNumber(TelField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
 								        super(InternationalPhoneNumber, self).__init__(
 								            label, validators=validators, **kwargs
 								        )
-												Update UKMobileNumber & InternationalPhoneNumber

Changes those classes so they have the same
interface as a GOVUK field when instantiated and
render GovukTextInputField HTML.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 13:46:15 +01:00
+								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, type="tel", param_extensions=param_extensions, **kwargs
 								        )
-												Update UKMobileNumber & InternationalPhoneNumber

Changes those classes so they have the same
interface as a GOVUK field when instantiated and
render GovukTextInputField HTML.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 13:46:15 +01:00
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								    def pre_validate(self, form):
 								        try:
-												Updated invite email auth user flow

											
										
										
											2017-11-10 12:35:21 +00:00
+								            if self.data:
 								                validate_phone_number(self.data, international=True)
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								        except InvalidPhoneError as e:
 								            raise ValidationError(str(e))
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def uk_mobile_number(label="Mobile number"):
 								    return UKMobileNumber(label, validators=[DataRequired(message="Cannot be empty")])
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def international_phone_number(label="Mobile number"):
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								    return InternationalPhoneNumber(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        label, validators=[DataRequired(message="Cannot be empty")]
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								    )
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def password(label="Password"):
-												Convert PasswordFields to GovukPasswordFields

Converts them directly in the following forms:
- LoginForm
- ConfirmPasswordForm

Changes the password function to return
GovukPasswordField instead of PasswordField which
effects the following forms:
- RegisterUserForm
- RegisterUserFromInviteForm
- RegisterUserFromOrgInviteForm
- NewPasswordForm
- ChangePasswordForm

It also updates StringField on RegisterUserFromOrgInviteForm
to GovukTextInputField

Also includes changes to templates that use this
form and associated tests.

											
										
										
											2020-08-07 09:53:09 +01:00
+								    return GovukPasswordField(
 								        label,
 								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            DataRequired(message="Cannot be empty"),
 								            Length(8, 255, message="Must be at least 8 characters"),
 								            CommonlyUsedPassword(message="Choose a password that’s harder to guess"),
 								        ],
-												Convert PasswordFields to GovukPasswordFields

Converts them directly in the following forms:
- LoginForm
- ConfirmPasswordForm

Changes the password function to return
GovukPasswordField instead of PasswordField which
effects the following forms:
- RegisterUserForm
- RegisterUserFromInviteForm
- RegisterUserFromOrgInviteForm
- NewPasswordForm
- ChangePasswordForm

It also updates StringField on RegisterUserFromOrgInviteForm
to GovukTextInputField

Also includes changes to templates that use this
form and associated tests.

											
										
										
											2020-08-07 09:53:09 +01:00
+								    )
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def govuk_text_input_field_widget(
 								    self, field, type=None, param_extensions=None, **kwargs
 								):
-												Fix ignoring submitted data that was falsey

This was causing some tests for the "estimate_volume" endpoint to
fail due to the surprising way that form handles "''":

- The form is the exclusive user of the ForgivingIntegerField [^1].
- The field secretly/silently converts "''" to the integer 0 [^2].

If the validations fail, we don't want to surprise the user with a
"0" when they didn't enter one. The field already handles this by
massaging the values in the __call__ method that generates the HTML
for the form [^3]. However, there are two scenarios:

- User submits field with '' - converted to integer 0.
- User submits field with '0' - remains as a string.

In the case where "value" is "''", the parent class will use the
converted value from form.data instead [^4]. This seems to be an
oversight and so we get either the integer 0 (from form.data) or
the string '0' (from the value kwarg). Complicado!

Previously it was a fluke that we avoided replaying the integer 0
to the user; the previous commit removes the fluke. This fixes the
conditional to always use the data in the "value" kwarg if it has
been provided, as it's meant to override "form.data".

[^1]: https://github.com/alphagov/notifications-admin/commit/9f634493841d3dad54ca709f4a688dabb207fd15
[^2]: https://github.com/alphagov/notifications-admin/blob/a22b8cf684b5581aad54d6e36d98e498085925a5/app/main/forms.py#L364
[^3]: https://github.com/alphagov/notifications-admin/blob/a22b8cf684b5581aad54d6e36d98e498085925a5/app/main/forms.py#L393
[^4]: https://github.com/alphagov/notifications-admin/commit/a22b8cf684b5581aad54d6e36d98e498085925a5#diff-a1c8d24b22d4478fe71f75fd43b71b18dd82aae97bc63de84473a6da1902909bR215

											
										
										
											2022-03-07 12:40:18 +00:00
+								    value = kwargs["value"] if "value" in kwargs else field.data
-												Replay falsey values in input fields

Currently an integer of 0 doesn't get shown because it fails the
truthiness check in the govuk-frontend template [^1]. Note that
we can't just do str(value) as for None this would be "None".

[^1]: https://github.com/alphagov/govuk-frontend/blob/fd4952f1c02c79056e09fc9c9ebae5c078140e49/src/govuk/components/input/template.njk#L51

											
										
										
											2022-03-01 13:51:04 +00:00
+								    value = str(value) if isinstance(value, Number) else value
-												Update ForgivingIntegerField

Makes it inherit from GovukTextInputField.

Changes to govuk_field_widget to allow the value
attribute to be set by passing a value keyword
argument to the __call__ method.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 11:36:45 +01:00
-												Refactor gov uk textbox field classes to avoid repetition

											
										
										
											2020-07-22 16:29:11 +01:00
+								    # error messages
 								    error_message = None
 								    if field.errors:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        error_message_format = (
 								            "html" if kwargs.get("error_message_with_html") else "text"
 								        )
-												Add data attributes to send errors to analytics

											
										
										
											2020-07-28 11:44:53 +01:00
+								        error_message = {
 								            "attributes": {
 								                "data-module": "track-error",
 								                "data-error-type": field.errors[0],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                "data-error-label": field.name,
-												Add data attributes to send errors to analytics

											
										
										
											2020-07-28 11:44:53 +01:00
+								            },
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            error_message_format: field.errors[0],
-												Add data attributes to send errors to analytics

											
										
										
											2020-07-28 11:44:53 +01:00
+								        }
-												Refactor gov uk textbox field classes to avoid repetition

											
										
										
											2020-07-22 16:29:11 +01:00
-												Update dashboard and template flow (#514)

* Updated header and footer
* Moved files around and updated gulpfile to correct the build process when it goes to production
* Updated fonts
* Adjusted grid templating
* Adding images to assets
* Updated account pages, dashboard, and pages in message sending flow
* Updated the styling for the landing pages in the account section once logged in
											
										
										
											2023-06-08 13:12:00 -04:00
+								    # convert to parameters that usa understands
-												Refactor gov uk textbox field classes to avoid repetition

											
										
										
											2020-07-22 16:29:11 +01:00
+								    params = {
 								        "errorMessage": error_message,
 								        "id": field.id,
 								        "label": {"text": field.label.text},
 								        "name": field.name,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "value": value,
-												Refactor gov uk textbox field classes to avoid repetition

											
										
										
											2020-07-22 16:29:11 +01:00
+								    }
 								    if type:
 								        params["type"] = type
 								    # extend default params with any sent in
-												Deep merge jsonlike objects

Also remove duplicate checkboxes code

											
										
										
											2020-08-13 12:38:12 +01:00
+								    merge_jsonlike(params, self.param_extensions)
 								    # add any sent in through use in templates
 								    merge_jsonlike(params, param_extensions)
-												Refactor gov uk textbox field classes to avoid repetition

											
										
										
											2020-07-22 16:29:11 +01:00
 								    return Markup(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        render_template("components/components/input/template.njk", params=params)
 								    )
-												Refactor gov uk textbox field classes to avoid repetition

											
										
										
											2020-07-22 16:29:11 +01:00
-												Add GovukTextInputField - extends StringField

											
										
										
											2020-07-14 16:24:40 +01:00
+								class GovukTextInputField(StringField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukTextInputField - extends StringField

											
										
										
											2020-07-14 16:24:40 +01:00
+								        super(GovukTextInputField, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, **kwargs):
-												Make name of govuk_field_widget more specific

There will be a variant for each type of field so
make the original specific to text input fields.

											
										
										
											2020-10-29 14:57:32 +00:00
+								        return govuk_text_input_field_widget(self, field, **kwargs)
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												Add GovukPasswordField - extends PasswordField

Also adds it to the list of fields
StripWhitespaceForm skips when processing field
data.

											
										
										
											2020-08-07 09:49:07 +01:00
+								class GovukPasswordField(PasswordField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukPasswordField - extends PasswordField

Also adds it to the list of fields
StripWhitespaceForm skips when processing field
data.

											
										
										
											2020-08-07 09:49:07 +01:00
+								        super(GovukPasswordField, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, type="password", param_extensions=param_extensions, **kwargs
 								        )
-												Add GovukPasswordField - extends PasswordField

Also adds it to the list of fields
StripWhitespaceForm skips when processing field
data.

											
										
										
											2020-08-07 09:49:07 +01:00
-												Add GovukEmailField - extends EmailField

											
										
										
											2020-08-07 10:07:52 +01:00
+								class GovukEmailField(EmailField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukEmailField - extends EmailField

											
										
										
											2020-08-07 10:07:52 +01:00
+								        super(GovukEmailField, self).__init__(label, validators=validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        params = {
 								            "attributes": {"spellcheck": "false"}
 								        }  # email addresses don't need to be spellchecked
-												Deep merge jsonlike objects

Also remove duplicate checkboxes code

											
										
										
											2020-08-13 12:38:12 +01:00
+								        merge_jsonlike(params, param_extensions)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, type="email", param_extensions=params, **kwargs
 								        )
-												Add GovukEmailField - extends EmailField

											
										
										
											2020-08-07 10:07:52 +01:00
-												Add GovukSearchField - extends SearchField

											
										
										
											2020-08-07 10:15:49 +01:00
+								class GovukSearchField(SearchField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukSearchField - extends SearchField

											
										
										
											2020-08-07 10:15:49 +01:00
+								        super(GovukSearchField, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												Working through the Platform Admin section

											
										
										
											2023-08-17 15:13:26 -04:00
+								        params = {"classes": ""}  # email addresses don't need to be spellchecked
-												Deep merge jsonlike objects

Also remove duplicate checkboxes code

											
										
										
											2020-08-13 12:38:12 +01:00
+								        merge_jsonlike(params, param_extensions)
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, type="search", param_extensions=params, **kwargs
 								        )
-												Add GovukSearchField - extends SearchField

											
										
										
											2020-08-07 10:15:49 +01:00
-												Add GovukDateField - extends DateField

											
										
										
											2020-08-07 10:24:34 +01:00
+								class GovukDateField(DateField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukDateField - extends DateField

											
										
										
											2020-08-07 10:24:34 +01:00
+								        super(GovukDateField, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, param_extensions=param_extensions, **kwargs
 								        )
-												Add GovukDateField - extends DateField

											
										
										
											2020-08-07 10:24:34 +01:00
-												Add GovukIntegerField - extends IntegerField

											
										
										
											2020-08-07 10:30:46 +01:00
+								class GovukIntegerField(IntegerField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukIntegerField - extends IntegerField

											
										
										
											2020-08-07 10:30:46 +01:00
+								        super(GovukIntegerField, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_text_input_field_widget(
 								            self, field, param_extensions=param_extensions, **kwargs
 								        )
-												Add GovukIntegerField - extends IntegerField

											
										
										
											2020-08-07 10:30:46 +01:00
-												Convert TwoFactorForm to gov uk frontend

											
										
										
											2020-08-03 18:12:52 +01:00
+								class SMSCode(GovukTextInputField):
-												Refactor `sms_code` functionality into the class

So it’s all in one place, not two.

											
										
										
											2018-05-07 22:57:18 +01:00
+								    validators = [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        DataRequired(message="Cannot be empty"),
 								        Regexp(regex=r"^\d+$", message="Numbers only"),
 								        Length(min=6, message="Not enough numbers"),
 								        Length(max=6, message="Too many numbers"),
-												Refactor `sms_code` functionality into the class

So it’s all in one place, not two.

											
										
										
											2018-05-07 22:57:18 +01:00
+								    ]
 								    def __call__(self, **kwargs):
-												Convert TwoFactorForm to gov uk frontend

											
										
										
											2020-08-03 18:12:52 +01:00
+								        params = {"attributes": {"pattern": "[0-9]*"}}
 								        if "param_extensions" in kwargs:
-												Deep merge jsonlike objects

Also remove duplicate checkboxes code

											
										
										
											2020-08-13 12:38:12 +01:00
+								            merge_jsonlike(kwargs["param_extensions"], params)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return super().__call__(type="tel", **kwargs)
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												Allow spaces and dashes in the two factor code

I noticed when using the dication software that saying ‘one two three
four five’ got dictated as `123 45`. This tripped the validation,
because the space character isn’t a digit.

So this commit normalises out spaces (and other spacing characters like
dashes and underscores) before validating the code and sending it to the
API.

I can also imagine that some people might like to space out the code to
make it easier to transcribe (like you might do with a credit card
number).

											
										
										
											2020-04-17 16:16:52 +01:00
+								    def process_formdata(self, valuelist):
 								        if valuelist:
-												Bump utils to 53.0.0

Changes:

53.0.0
---

* `notifications_utils.columns.Columns` has moved to
  `notifications_utils.insensitive_dict.InsensitiveDict`
* `notifications_utils.columns.Rows` has moved to
  `notifications_utils.recipients.Rows`
* `notifications_utils.columns.Cell` has moved to
  `notifications_utils.recipients.Cell`

52.0.0
---

* Deprecate the following unused `redis_client` functions:
  - `redis_client.increment_hash_value`
  - `redis_client.decrement_hash_value`
  - `redis_client.get_all_from_hash`
  - `redis_client.set_hash_and_expire`
  - `redis_client.expire`

51.3.1
---

* Bump govuk-bank-holidays to cache holidays for next year.

51.3.0
---

* Log exception and stacktrace when Celery tasks fail.

											
										
										
											2022-02-04 10:43:36 +00:00
+								            self.data = InsensitiveDict.make_key(valuelist[0])
-												Allow spaces and dashes in the two factor code

I noticed when using the dication software that saying ‘one two three
four five’ got dictated as `123 45`. This tripped the validation,
because the space character isn’t a digit.

So this commit normalises out spaces (and other spacing characters like
dashes and underscores) before validating the code and sending it to the
API.

I can also imagine that some people might like to space out the code to
make it easier to transcribe (like you might do with a credit card
number).

											
										
										
											2020-04-17 16:16:52 +01:00
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
-												Update ForgivingIntegerField

Makes it inherit from GovukTextInputField.

Changes to govuk_field_widget to allow the value
attribute to be set by passing a value keyword
argument to the __call__ method.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 11:36:45 +01:00
+								class ForgivingIntegerField(GovukTextInputField):
-												Round max number limit down

A round number feels better than a very arbitrary-looking one.

											
										
										
											2019-02-27 13:02:55 +00:00
+								    #  Actual value is 2147483647 but this is a scary looking arbitrary number
 								    POSTGRES_MAX_INT = 2000000000
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label=None, things="items", format_error_suffix="", **kwargs):
-												Add latest content

From: https://docs.google.com/document/d/1aykf1MjJH5y21Bz1ht6WJncb9cKu0fsPlac3-bkMPe8/edit

											
										
										
											2019-02-27 13:02:37 +00:00
+								        self.things = things
-												Revise error message for non-numeric responses

Things we talked about:
• asking users to write the number 'as numerals' or 'using digits' isn't
  very plain English
• the style guide says to use an example in the error `..., like 5,000`
  but not if you have an example in the hint text, so we can't do that
• I have reservations about 'correct format', because it sounds odd if
  you're not describing something like a phone number, NI number or
  credit card number.

Looking back through Request to Go Live tickets on Zendesk.
---

I got to September before I found anything that would count as invalid
under our new rules:

> Possibly around 1,000,000- not planning on implementing emails yet but
might change

I'll keep looking, but if most people enter the number according to the
hint example we might be able to go with a much simpler error just
prompting them to enter a number – no convoluted descriptions of what we
mean by a number

There seemed to be more problems when the Qs were about start volume and
peak volume. Users felt the need to explain their plans more.

Using 'number' instead of 'volume' is more explicit too – so that
probably helps.

In terms of errors:
`Enter the number of emails you expect to send`
`Enter the number of text messages you expect to send`
`Enter the number of letters you expect to send`
– will probably do it, right?

											
										
										
											2019-02-27 15:10:34 +00:00
+								        self.format_error_suffix = format_error_suffix
-												Add latest content

From: https://docs.google.com/document/d/1aykf1MjJH5y21Bz1ht6WJncb9cKu0fsPlac3-bkMPe8/edit

											
										
										
											2019-02-27 13:02:37 +00:00
+								        super().__init__(label, **kwargs)
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								    def process_formdata(self, valuelist):
 								        if valuelist:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            value = valuelist[0].replace(",", "").replace(" ", "")
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
 								            try:
-												Don’t reformat numbers if there are errors

It’s confusing to at the same time:
1. change what you’ve inputted
2. tell you it’s wrong

This commit makes it so that 1. only happens if 2. doesn’t.

											
										
										
											2019-02-27 12:05:28 +00:00
+								                value = int(value)
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								            except ValueError:
 								                pass
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            if value == "":
-												Don’t reformat numbers if there are errors

It’s confusing to at the same time:
1. change what you’ve inputted
2. tell you it’s wrong

This commit makes it so that 1. only happens if 2. doesn’t.

											
										
										
											2019-02-27 12:05:28 +00:00
+								                value = 0
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
-												Don’t reformat numbers if there are errors

It’s confusing to at the same time:
1. change what you’ve inputted
2. tell you it’s wrong

This commit makes it so that 1. only happens if 2. doesn’t.

											
										
										
											2019-02-27 12:05:28 +00:00
+								        return super().process_formdata([value])
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
 								    def pre_validate(self, form):
 								        if self.data:
 								            error = None
 								            try:
 								                if int(self.data) > self.POSTGRES_MAX_INT:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                    error = "Number of {} must be {} or less".format(
-												Add latest content

From: https://docs.google.com/document/d/1aykf1MjJH5y21Bz1ht6WJncb9cKu0fsPlac3-bkMPe8/edit

											
										
										
											2019-02-27 13:02:37 +00:00
+								                        self.things,
-												Make one method for comma-formatting numbers

We were doing this a few different ways in different places.

											
										
										
											2019-07-08 14:09:29 +01:00
+								                        format_thousands(self.POSTGRES_MAX_INT),
-												Add latest content

From: https://docs.google.com/document/d/1aykf1MjJH5y21Bz1ht6WJncb9cKu0fsPlac3-bkMPe8/edit

											
										
										
											2019-02-27 13:02:37 +00:00
+								                    )
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								            except ValueError:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                error = "Enter the number of {} {}".format(
-												Revise error message for non-numeric responses

Things we talked about:
• asking users to write the number 'as numerals' or 'using digits' isn't
  very plain English
• the style guide says to use an example in the error `..., like 5,000`
  but not if you have an example in the hint text, so we can't do that
• I have reservations about 'correct format', because it sounds odd if
  you're not describing something like a phone number, NI number or
  credit card number.

Looking back through Request to Go Live tickets on Zendesk.
---

I got to September before I found anything that would count as invalid
under our new rules:

> Possibly around 1,000,000- not planning on implementing emails yet but
might change

I'll keep looking, but if most people enter the number according to the
hint example we might be able to go with a much simpler error just
prompting them to enter a number – no convoluted descriptions of what we
mean by a number

There seemed to be more problems when the Qs were about start volume and
peak volume. Users felt the need to explain their plans more.

Using 'number' instead of 'volume' is more explicit too – so that
probably helps.

In terms of errors:
`Enter the number of emails you expect to send`
`Enter the number of text messages you expect to send`
`Enter the number of letters you expect to send`
– will probably do it, right?

											
										
										
											2019-02-27 15:10:34 +00:00
+								                    self.things,
 								                    self.format_error_suffix,
 								                )
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
 								            if error:
 								                raise ValidationError(error)
 								        return super().pre_validate(form)
 								    def __call__(self, **kwargs):
-												Don’t reformat numbers if there are errors

It’s confusing to at the same time:
1. change what you’ve inputted
2. tell you it’s wrong

This commit makes it so that 1. only happens if 2. doesn’t.

											
										
										
											2019-02-27 12:05:28 +00:00
+								        if self.get_form().is_submitted() and not self.get_form().validate():
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            return super().__call__(value=(self.raw_data or [None])[0], **kwargs)
-												Don’t reformat numbers if there are errors

It’s confusing to at the same time:
1. change what you’ve inputted
2. tell you it’s wrong

This commit makes it so that 1. only happens if 2. doesn’t.

											
										
										
											2019-02-27 12:05:28 +00:00
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								        try:
 								            value = int(self.data)
-												Make one method for comma-formatting numbers

We were doing this a few different ways in different places.

											
										
										
											2019-07-08 14:09:29 +01:00
+								            value = format_thousands(value)
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								        except (ValueError, TypeError):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            value = self.data if self.data is not None else ""
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
 								        return super().__call__(value=value, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								class FieldWithNoneOption:
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
+								    # This is a special value that is specific to our forms. This is
 								    # more expicit than casting `None` to a string `'None'` which can
 								    # have unexpected edge cases
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    NONE_OPTION_VALUE = "__NONE__"
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
 								    # When receiving Python data, eg when instantiating the form object
 								    # we want to convert that data to our special value, so that it gets
 								    # recognised as being one of the valid choices
 								    def process_data(self, value):
 								        self.data = self.NONE_OPTION_VALUE if value is None else value
 								    # After validation we want to convert it back to a Python `None` for
 								    # use elsewhere, eg posting to the API
 								    def post_validate(self, form, validation_stopped):
 								        if self.data == self.NONE_OPTION_VALUE and not validation_stopped:
 								            self.data = None
 								class RadioFieldWithNoneOption(FieldWithNoneOption, RadioField):
 								    pass
 								class NestedFieldMixin:
 								    def children(self):
 								        # start map with root option as a single child entry
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        child_map = {
 								            None: [option for option in self if option.data == self.NONE_OPTION_VALUE]
 								        }
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
 								        # add entries for all other children
 								        for option in self:
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								            # assign all options with a NONE_OPTION_VALUE (not always None) to the None key
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
+								            if option.data == self.NONE_OPTION_VALUE:
 								                child_ids = [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                    folder["id"]
 								                    for folder in self.all_template_folders
 								                    if folder["parent_id"] is None
 								                ]
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
+								                key = self.NONE_OPTION_VALUE
 								            else:
 								                child_ids = [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                    folder["id"]
 								                    for folder in self.all_template_folders
 								                    if folder["parent_id"] == option.data
 								                ]
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
+								                key = option.data
 								            child_map[key] = [option for option in self if option.data in child_ids]
 								        return child_map
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								    # to be used as the only version of .children once radios are converted
 								    @cached_property
 								    def _children(self):
 								        return self.children()
 								    def get_items_from_options(self, field):
 								        items = []
 								        for option in self._children[None]:
 								            item = self.get_item_from_option(option)
 								            if option.data in self._children:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                item["children"] = self.render_children(
 								                    field.name, option.label.text, self._children[option.data]
 								                )
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								            items.append(item)
 								        return items
 								    def render_children(self, name, label, options):
 								        params = {
 								            "name": name,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "fieldset": {"legend": {"text": label, "classes": "usa-sr-only"}},
 								            "formGroup": {"classes": "usa-form-group--nested"},
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								            "asList": True,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "items": [],
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								        }
 								        for option in options:
 								            item = self.get_item_from_option(option)
 								            if len(self._children[option.data]):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                item["children"] = self.render_children(
 								                    name, option.label.text, self._children[option.data]
 								                )
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            params["items"].append(item)
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return render_template("forms/fields/checkboxes/template.njk", params=params)
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
 								class NestedRadioField(RadioFieldWithNoneOption, NestedFieldMixin):
 								    pass
 								class NestedCheckboxesField(SelectMultipleField, NestedFieldMixin):
 								    NONE_OPTION_VALUE = None
 								class HiddenFieldWithNoneOption(FieldWithNoneOption, HiddenField):
 								    pass
 								class RadioFieldWithRequiredMessage(RadioField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, *args, required_message="Not a valid choice", **kwargs):
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
+								        self.required_message = required_message
 								        super().__init__(*args, **kwargs)
 								    def pre_validate(self, form):
 								        try:
 								            return super().pre_validate(form)
 								        except ValueError:
-												Bump WTForms and Flask-WTF to latest versions

WTForms versions less than 3.0.0 have a security vulnerability where
arbitrary HTML can be inserted into the label of a form, allowing the
possibility of a cross-site scripting attack.

I don’t know if there’s anywhere we put user-generated content into form
labels but it’s possible we are vulnerable somewhere.

This require moving some imports because as of
https://github.com/wtforms/wtforms/pull/614/files
there is no longer a separate module for HTML 5 fields, they are now
considered core fields.

As of https://github.com/wtforms/wtforms/issues/445/files custom
implementations of `pre_validate` or `post_validate` must raise
`ValidationError` to trigger a validation message, where we were raising
`ValueError` this was no longer being caught.

As of https://github.com/wtforms/wtforms/pull/355/files `StringField`
returns `None` for empty data, not `''` but our `validate_email_address`
function only accepts strings.

											
										
										
											2021-11-30 17:17:16 +00:00
+								            raise ValidationError(self.required_message)
-												Move field definitions before form definitions

											
										
										
											2019-02-25 16:17:48 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class StripWhitespaceForm(Form):
 								    class Meta:
 								        def bind_field(self, form, unbound_field, options):
 								            # FieldList simply doesn't support filters.
 								            # @see: https://github.com/wtforms/wtforms/issues/148
-												Add GovukPasswordField - extends PasswordField

Also adds it to the list of fields
StripWhitespaceForm skips when processing field
data.

											
										
										
											2020-08-07 09:49:07 +01:00
+								            no_filter_fields = (FieldList, PasswordField, GovukPasswordField)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            filters = (
 								                [strip_all_whitespace]
 								                if not issubclass(unbound_field.field_class, no_filter_fields)
 								                else []
 								            )
 								            filters += unbound_field.kwargs.get("filters", [])
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								            bound = unbound_field.bind(form=form, filters=filters, **options)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            bound.get_form = weakref.ref(
 								                form
 								            )  # GC won't collect the form if we don't use a weakref
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								            return bound
-												Stop adding required attribute to WTForm fields

WTForms now renders the `required` attribute if there is a validator
such as `DataRequired`. This was flagged in an accessibility audit as
being unnecessary since it doesn't conform to the Design System
recommendations, which state that "all form fields are considered
mandatory when navigating a government service unless otherwise denoted
by the word ‘(optional)’."

This uses the approach here https://github.com/wtforms/wtforms/pull/361
to overwrite the `render_field` method.

											
										
										
											2021-02-19 11:31:25 +00:00
+								        def render_field(self, field, render_kw):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            render_kw.setdefault("required", False)
-												Stop adding required attribute to WTForm fields

WTForms now renders the `required` attribute if there is a validator
such as `DataRequired`. This was flagged in an accessibility audit as
being unnecessary since it doesn't conform to the Design System
recommendations, which state that "all form fields are considered
mandatory when navigating a government service unless otherwise denoted
by the word ‘(optional)’."

This uses the approach here https://github.com/wtforms/wtforms/pull/361
to overwrite the `render_field` method.

											
										
										
											2021-02-19 11:31:25 +00:00
+								            return super().render_field(field, render_kw)
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
-												Convert ListEntry component to use new fields

ListEntry component uses FieldList field to group
textboxes. Textboxes can be text inputs, email fields
or international phone number fields. This converts
all field-lists to use:

- GovukTextInputField
- GovukEmailField
- InternationalPhoneNumber

Affects these forms:
- OrganisationDomainsForm
- GuestList

Also changes to related Javascript:

Update list-entry JS tests to match new HTML

Updates the HTML the JS operates on in the test
(a fixture representing the HTML in the page on
load) to match the new GOVUK Frontend we are
generating.

Make list-entry JS work with GOVUK Frontend HTML

The existing list-entry JS did a few things that
clashed with how the new HTML works:
- added a 'input-' prefix to the id attributes
  of all text-inputs
- did not make its name and id attributes values
  match

The new HTML has id and name attributes that
match so these changes remove the prefix for id
attributes and makes them match the name
attribute.

To understand these changes, it is useful to
know how the values for id and name attributes are
generated:
1. the id attribute for the component element is
   stored
2. the 'list-entry-' prefix is removed and the
   remainder is used to generate ids

For example, if the component's id is
'list-entry-domains', the id will be 'domains-1',
where the text-input is the first one.

This also adds some logic to the HoganJS template
to make the value attribute optional, so it is
only added if it has a non-null value. This
matches the behaviour of the text-input component
used in the new list-entry component.

Also change whitelist references to guestlist in tests
- we forgot to do it earlier, when we moved from calling this
feature whitelist to calling it guestlist.

											
										
										
											2020-08-07 10:48:21 +01:00
+								class StripWhitespaceStringField(GovukTextInputField):
 								    def __init__(self, label=None, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        kwargs["filters"] = tuple(
 								            chain(
 								                kwargs.get("filters", ()),
 								                (strip_all_whitespace,),
 								            )
 								        )
-												Convert ListEntry component to use new fields

ListEntry component uses FieldList field to group
textboxes. Textboxes can be text inputs, email fields
or international phone number fields. This converts
all field-lists to use:

- GovukTextInputField
- GovukEmailField
- InternationalPhoneNumber

Affects these forms:
- OrganisationDomainsForm
- GuestList

Also changes to related Javascript:

Update list-entry JS tests to match new HTML

Updates the HTML the JS operates on in the test
(a fixture representing the HTML in the page on
load) to match the new GOVUK Frontend we are
generating.

Make list-entry JS work with GOVUK Frontend HTML

The existing list-entry JS did a few things that
clashed with how the new HTML works:
- added a 'input-' prefix to the id attributes
  of all text-inputs
- did not make its name and id attributes values
  match

The new HTML has id and name attributes that
match so these changes remove the prefix for id
attributes and makes them match the name
attribute.

To understand these changes, it is useful to
know how the values for id and name attributes are
generated:
1. the id attribute for the component element is
   stored
2. the 'list-entry-' prefix is removed and the
   remainder is used to generate ids

For example, if the component's id is
'list-entry-domains', the id will be 'domains-1',
where the text-input is the first one.

This also adds some logic to the HoganJS template
to make the value attribute optional, so it is
only added if it has a non-null value. This
matches the behaviour of the text-input component
used in the new list-entry component.

Also change whitelist references to guestlist in tests
- we forgot to do it earlier, when we moved from calling this
feature whitelist to calling it guestlist.

											
										
										
											2020-08-07 10:48:21 +01:00
+								        super(GovukTextInputField, self).__init__(label, **kwargs)
 								        self.param_extensions = param_extensions
-												Make whitespace stripping work for whitelists too

It’s a bit hacky, but it fixes a potential issue for users.

Code adapted from:
https://github.com/alphagov/digitalmarketplace-utils/commit/2c34f678ab4a34eaa1c510c91dacfc210343f389

											
										
										
											2017-12-11 16:22:37 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class LoginForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    email_address = GovukEmailField(
 								        "Email address",
 								        validators=[
 								            Length(min=5, max=255),
 								            DataRequired(message="Cannot be empty"),
 								            ValidEmail(),
 								        ],
 								    )
 								    password = GovukPasswordField(
 								        "Password", validators=[DataRequired(message="Enter your password")]
 								    )
-												108536366: Implement register flow

Includes validation for gov.uk email address, mobile number with +44, password at least 10 char.
Form validation errors will be added to template in a later story.
User is created when form validates.

											
										
										
											2015-12-01 13:23:54 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class RegisterUserForm(StripWhitespaceForm):
-												Convert EmailFields to GovukEmailFields

Changes those fields (and sometimes also regular text input fields)
 in the following forms:
- LoginForm
- RegisterUserForm
- ChangeEmailForm
- FeedbackOrProblem
- AcceptAgreementForm
- ChangeNameForm (only name field here, but used in the same template
field as ChangeEmailForm here: app/templates/views/user-profile/change.html)

Also includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 15:16:04 +01:00
+								    name = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Full name", validators=[DataRequired(message="Cannot be empty")]
-												Convert EmailFields to GovukEmailFields

Changes those fields (and sometimes also regular text input fields)
 in the following forms:
- LoginForm
- RegisterUserForm
- ChangeEmailForm
- FeedbackOrProblem
- AcceptAgreementForm
- ChangeNameForm (only name field here, but used in the same template
field as ChangeEmailForm here: app/templates/views/user-profile/change.html)

Also includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 15:16:04 +01:00
+								    )
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
+								    email_address = email_address()
-												Let users register with int’national phone numbers

Right now Notify restricts you to registering with a UK mobile number.
This is because when we built the user registration stuff we couldn’t
send to international mobiles.

However we can send to international mobile numbers, and it’s totally
reasonable to expect employees of the UK government to be working
abroad, and have a foreign mobile phone – we’ve heard from one such
user.

So this commit:
- changes all places where users enter their own phone number to use
  the validation function which allows international phone numbers
- renames the `mobile_number` validation to `uk_mobile_number` to make
  it explicit, and force it to break the tests if there’s somewhere it’s
  being used that I haven’t thought of

											
										
										
											2017-08-29 14:52:24 +01:00
+								    mobile_number = international_phone_number()
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
+								    password = password()
-												refactor RegisterFromInvite to make auth_type required, and update test fixtures

											
										
										
											2017-11-13 13:39:31 +00:00
+								    # always register as sms type
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    auth_type = HiddenField("auth_type", default="sms_auth")
-												109526520: render verify template with VerifyForm

											
										
										
											2015-12-04 16:21:01 +00:00
-												Guess people’s names when they’re invited

Most people’s names, especially in government are in the format
firstname.lastname@department.gov.uk. This means that you can pretty
reliably guess that their name is ‘Firstname Lastname’.

When users are invited to Notify we know their email address already.

So this commit pre-populates the registration form based on this guess.

This is a nice little detail, but it should also stop the browser
pre-filling the name field with someone’s email address (which I think
happens because the browser assumes a registration form will have an
email field).

											
										
										
											2018-07-02 09:08:21 +01:00
+								class RegisterUserFromInviteForm(RegisterUserForm):
-												only show mobile number on register from invite page if user is sms_auth

also clean up the way the form is invoked - it now populates from an
invited_user object

											
										
										
											2017-11-14 15:53:38 +00:00
+								    def __init__(self, invited_user):
 								        super().__init__(
-												Make user API client return JSON, not a model

The data flow of other bits of our application looks like this:
```
                         API (returns JSON)
                                  ⬇
          API client (returns a built in type, usually `dict`)
                                  ⬇
          Model (returns an instance, eg of type `Service`)
                                  ⬇
                         View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:

```
                         API (returns JSON)
                                  ⬇
    API client (returns a model, of type `User`, `InvitedUser`, etc)
                                  ⬇
                         View (returns HTML)
```

This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.

It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.

For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.

											
										
										
											2019-05-23 15:27:35 +01:00
+								            service=invited_user.service,
 								            email_address=invited_user.email_address,
 								            auth_type=invited_user.auth_type,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            name=guess_name_from_email_address(invited_user.email_address),
-												only show mobile number on register from invite page if user is sms_auth

also clean up the way the form is invoked - it now populates from an
invited_user object

											
										
										
											2017-11-14 15:53:38 +00:00
+								        )
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    mobile_number = InternationalPhoneNumber("Mobile number", validators=[])
 								    service = HiddenField("service")
 								    email_address = HiddenField("email_address")
 								    auth_type = HiddenField("auth_type", validators=[DataRequired()])
-												[WIP] New user can now accept invite and will be made to
register. On succesful register and verfication they
will be added to service and forwarded to dashboard.

Nothing is done yet with the permissions requested in the
invite to the user.

											
										
										
											2016-03-02 15:25:04 +00:00
-												Updated invite email auth user flow

											
										
										
											2017-11-10 12:35:21 +00:00
+								    def validate_mobile_number(self, field):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        if self.auth_type.data == "sms_auth" and not field.data:
 								            raise ValidationError("Cannot be empty")
-												Updated invite email auth user flow

											
										
										
											2017-11-10 12:35:21 +00:00
-												[WIP] New user can now accept invite and will be made to
register. On succesful register and verfication they
will be added to service and forwarded to dashboard.

Nothing is done yet with the permissions requested in the
invite to the user.

											
										
										
											2016-03-02 15:25:04 +00:00
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
+								class RegisterUserFromOrgInviteForm(StripWhitespaceForm):
 								    def __init__(self, invited_org_user):
 								        super().__init__(
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								            organization=invited_org_user.organization,
-												Make user API client return JSON, not a model

The data flow of other bits of our application looks like this:
```
                         API (returns JSON)
                                  ⬇
          API client (returns a built in type, usually `dict`)
                                  ⬇
          Model (returns an instance, eg of type `Service`)
                                  ⬇
                         View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:

```
                         API (returns JSON)
                                  ⬇
    API client (returns a model, of type `User`, `InvitedUser`, etc)
                                  ⬇
                         View (returns HTML)
```

This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.

It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.

For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.

											
										
										
											2019-05-23 15:27:35 +01:00
+								            email_address=invited_org_user.email_address,
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
+								        )
-												Convert PasswordFields to GovukPasswordFields

Converts them directly in the following forms:
- LoginForm
- ConfirmPasswordForm

Changes the password function to return
GovukPasswordField instead of PasswordField which
effects the following forms:
- RegisterUserForm
- RegisterUserFromInviteForm
- RegisterUserFromOrgInviteForm
- NewPasswordForm
- ChangePasswordForm

It also updates StringField on RegisterUserFromOrgInviteForm
to GovukTextInputField

Also includes changes to templates that use this
form and associated tests.

											
										
										
											2020-08-07 09:53:09 +01:00
+								    name = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Full name", validators=[DataRequired(message="Cannot be empty")]
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
+								    )
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    mobile_number = InternationalPhoneNumber(
 								        "Mobile number", validators=[DataRequired(message="Cannot be empty")]
 								    )
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
+								    password = password()
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    organization = HiddenField("organization")
 								    email_address = HiddenField("email_address")
 								    auth_type = HiddenField("auth_type", validators=[DataRequired()])
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								def govuk_checkbox_field_widget(self, field, param_extensions=None, **kwargs):
 								    # error messages
 								    error_message = None
 								    if field.errors:
 								        error_message = {
 								            "attributes": {
 								                "data-module": "track-error",
 								                "data-error-type": field.errors[0],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                "data-error-label": field.name,
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								            },
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "text": field.errors[0],
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								        }
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    params = {
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "name": field.name,
 								        "errorMessage": error_message,
 								        "items": [
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								            {
 								                "name": field.name,
 								                "id": field.id,
 								                "text": field.label.text,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                "value": "y",
 								                "checked": field.data,
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								            }
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        ],
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    }
-												Split common checkbox methods off into mixin

											
										
										
											2020-05-07 15:44:13 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    # extend default params with any sent in during instantiation
 								    if self.param_extensions:
-												Remove extend_params in favour of merge_jsonlike

A comment on the pull request for this branch
pointed out that it's not clear why the 'items'
list is deleted and then reassigned in
extend_params:

https://github.com/alphagov/notifications-admin/pull/3770#pullrequestreview-573067465

The simple reason is that we want to use
merge_jsonlike to merge params and
param_extensions (passed in as extensions) but
merge_jsonlike doesn't merge lists correctly.

I realised that if we just make merge_jsonlike
merge lists correctly, we can use it for
everything extend_params does.

This commit does that, and replaces all calls to
extend_params with merge_jsonlike.

Because extend_params is used across many form
field classes, and so many pages, I took the
following precautions after making those changes:
1. found every use of param_extensions
2. looked at the merges onto params that each would
   cause and deduped them to a final list of 6(!)
3. tested pages containing fields from that list
4. added new testcases to the merge_jsonlike tests
   for any merges that exist in our codebase but
   not in our tests

											
										
										
											2021-01-22 15:40:28 +00:00
+								        merge_jsonlike(params, self.param_extensions)
-												Split common checkbox methods off into mixin

											
										
										
											2020-05-07 15:44:13 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    # add any sent in though use in templates
 								    if param_extensions:
-												Remove extend_params in favour of merge_jsonlike

A comment on the pull request for this branch
pointed out that it's not clear why the 'items'
list is deleted and then reassigned in
extend_params:

https://github.com/alphagov/notifications-admin/pull/3770#pullrequestreview-573067465

The simple reason is that we want to use
merge_jsonlike to merge params and
param_extensions (passed in as extensions) but
merge_jsonlike doesn't merge lists correctly.

I realised that if we just make merge_jsonlike
merge lists correctly, we can use it for
everything extend_params does.

This commit does that, and replaces all calls to
extend_params with merge_jsonlike.

Because extend_params is used across many form
field classes, and so many pages, I took the
following precautions after making those changes:
1. found every use of param_extensions
2. looked at the merges onto params that each would
   cause and deduped them to a final list of 6(!)
3. tested pages containing fields from that list
4. added new testcases to the merge_jsonlike tests
   for any merges that exist in our codebase but
   not in our tests

											
										
										
											2021-01-22 15:40:28 +00:00
+								        merge_jsonlike(params, param_extensions)
-												Split common checkbox methods off into mixin

											
										
										
											2020-05-07 15:44:13 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    return Markup(render_template("forms/fields/checkboxes/macro.njk", params=params))
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								def govuk_checkboxes_field_widget(
 								    self, field, wrap_in_collapsible=False, param_extensions=None, **kwargs
 								):
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    def _wrap_in_collapsible(field_label, checkboxes_string):
 								        # wrap the checkboxes HTML in the HTML needed by the collapisble JS
 								        result = Markup(
 								            f'<div class="selection-wrapper"'
 								            f'     data-module="collapsible-checkboxes"'
 								            f'     data-field-label="{field_label}">'
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            f"  {checkboxes_string}"
 								            f"</div>"
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								        )
 								        return result
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    # error messages
 								    error_message = None
 								    if field.errors:
 								        error_message = {
 								            "attributes": {
 								                "data-module": "track-error",
 								                "data-error-type": field.errors[0],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                "data-error-label": field.name,
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								            },
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "text": field.errors[0],
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
+								        }
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    # returns either a list or a hierarchy of lists
 								    # depending on how get_items_from_options is implemented
 								    items = self.get_items_from_options(field)
 								    params = {
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "name": field.name,
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								        "fieldset": {
 								            "attributes": {"id": field.name},
 								            "legend": {
 								                "text": field.label.text,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            },
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								        },
 								        "asList": self.render_as_list,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "errorMessage": error_message,
 								        "items": items,
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    }
 								    # extend default params with any sent in during instantiation
 								    if self.param_extensions:
-												Remove extend_params in favour of merge_jsonlike

A comment on the pull request for this branch
pointed out that it's not clear why the 'items'
list is deleted and then reassigned in
extend_params:

https://github.com/alphagov/notifications-admin/pull/3770#pullrequestreview-573067465

The simple reason is that we want to use
merge_jsonlike to merge params and
param_extensions (passed in as extensions) but
merge_jsonlike doesn't merge lists correctly.

I realised that if we just make merge_jsonlike
merge lists correctly, we can use it for
everything extend_params does.

This commit does that, and replaces all calls to
extend_params with merge_jsonlike.

Because extend_params is used across many form
field classes, and so many pages, I took the
following precautions after making those changes:
1. found every use of param_extensions
2. looked at the merges onto params that each would
   cause and deduped them to a final list of 6(!)
3. tested pages containing fields from that list
4. added new testcases to the merge_jsonlike tests
   for any merges that exist in our codebase but
   not in our tests

											
										
										
											2021-01-22 15:40:28 +00:00
+								        merge_jsonlike(params, self.param_extensions)
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
 								    # add any sent in though use in templates
 								    if param_extensions:
-												Remove extend_params in favour of merge_jsonlike

A comment on the pull request for this branch
pointed out that it's not clear why the 'items'
list is deleted and then reassigned in
extend_params:

https://github.com/alphagov/notifications-admin/pull/3770#pullrequestreview-573067465

The simple reason is that we want to use
merge_jsonlike to merge params and
param_extensions (passed in as extensions) but
merge_jsonlike doesn't merge lists correctly.

I realised that if we just make merge_jsonlike
merge lists correctly, we can use it for
everything extend_params does.

This commit does that, and replaces all calls to
extend_params with merge_jsonlike.

Because extend_params is used across many form
field classes, and so many pages, I took the
following precautions after making those changes:
1. found every use of param_extensions
2. looked at the merges onto params that each would
   cause and deduped them to a final list of 6(!)
3. tested pages containing fields from that list
4. added new testcases to the merge_jsonlike tests
   for any merges that exist in our codebase but
   not in our tests

											
										
										
											2021-01-22 15:40:28 +00:00
+								        merge_jsonlike(params, param_extensions)
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    if wrap_in_collapsible:
 								        # add a blank hint to act as an ARIA live-region
 								        params.update(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            {
 								                "hint": {
 								                    "html": '<div class="selection-summary" role="region" aria-live="polite"></div>'
 								                }
 								            }
 								        )
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
 								        return _wrap_in_collapsible(
 								            self.field_label,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            Markup(render_template("forms/fields/checkboxes/macro.njk", params=params)),
-passing

											
										
										
											2022-08-05 00:25:03 -07:00
+								        )
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								    else:
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
+								        return Markup(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            render_template("forms/fields/checkboxes/macro.njk", params=params)
 								        )
-												Add govukCheckboxField for single checkboxes

Single checkboxes are distinct because:
- they don't need to be wrapped in a `<fieldset>`
- they are a subclass of BooleanField so their
  data is either True or False

											
										
										
											2020-05-07 15:30:20 +01:00
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								def govuk_radios_field_widget(self, field, param_extensions=None, **kwargs):
 								    # error messages
 								    error_message = None
 								    if field.errors:
 								        error_message = {
 								            "attributes": {
 								                "data-module": "track-error",
 								                "data-error-type": field.errors[0],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                "data-error-label": field.name,
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								            },
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "text": field.errors[0],
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								        }
 								    # returns either a list or a hierarchy of lists
 								    # depending on how get_items_from_options is implemented
 								    items = self.get_items_from_options(field)
 								    params = {
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "name": field.name,
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								        "fieldset": {
 								            "attributes": {"id": field.name},
 								            "legend": {
 								                "text": field.label.text,
-												Changes to the forms file

											
										
										
											2023-08-28 12:29:25 -04:00
+								                "classes": "usa-legend text-bold",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            },
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								        },
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "errorMessage": error_message,
 								        "items": items,
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								    }
 								    # extend default params with any sent in during instantiation
 								    if self.param_extensions:
-												Remove extend_params in favour of merge_jsonlike

A comment on the pull request for this branch
pointed out that it's not clear why the 'items'
list is deleted and then reassigned in
extend_params:

https://github.com/alphagov/notifications-admin/pull/3770#pullrequestreview-573067465

The simple reason is that we want to use
merge_jsonlike to merge params and
param_extensions (passed in as extensions) but
merge_jsonlike doesn't merge lists correctly.

I realised that if we just make merge_jsonlike
merge lists correctly, we can use it for
everything extend_params does.

This commit does that, and replaces all calls to
extend_params with merge_jsonlike.

Because extend_params is used across many form
field classes, and so many pages, I took the
following precautions after making those changes:
1. found every use of param_extensions
2. looked at the merges onto params that each would
   cause and deduped them to a final list of 6(!)
3. tested pages containing fields from that list
4. added new testcases to the merge_jsonlike tests
   for any merges that exist in our codebase but
   not in our tests

											
										
										
											2021-01-22 15:40:28 +00:00
+								        merge_jsonlike(params, self.param_extensions)
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
 								    # add any sent in though use in templates
 								    if param_extensions:
-												Remove extend_params in favour of merge_jsonlike

A comment on the pull request for this branch
pointed out that it's not clear why the 'items'
list is deleted and then reassigned in
extend_params:

https://github.com/alphagov/notifications-admin/pull/3770#pullrequestreview-573067465

The simple reason is that we want to use
merge_jsonlike to merge params and
param_extensions (passed in as extensions) but
merge_jsonlike doesn't merge lists correctly.

I realised that if we just make merge_jsonlike
merge lists correctly, we can use it for
everything extend_params does.

This commit does that, and replaces all calls to
extend_params with merge_jsonlike.

Because extend_params is used across many form
field classes, and so many pages, I took the
following precautions after making those changes:
1. found every use of param_extensions
2. looked at the merges onto params that each would
   cause and deduped them to a final list of 6(!)
3. tested pages containing fields from that list
4. added new testcases to the merge_jsonlike tests
   for any merges that exist in our codebase but
   not in our tests

											
										
										
											2021-01-22 15:40:28 +00:00
+								        merge_jsonlike(params, param_extensions)
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
 								    return Markup(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        render_template("components/components/radios/template.njk", params=params)
 								    )
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								class GovukCheckboxField(BooleanField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
 								        super(GovukCheckboxField, self).__init__(
 								            label, validators, false_values=None, **kwargs
 								        )
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								        self.param_extensions = param_extensions
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_checkbox_field_widget(
 								            self, field, param_extensions=param_extensions, **kwargs
 								        )
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
-												Add govukCheckboxesField

govukCheckboxesField subclasses
SelectMultipleField and overwrites how it renders
HTML to let us use the GOVUK Checkboxes component
while retaining all the functionality of WTForms
fields.

Based on work on github.com/richardjpope/recourse:

https://github.com/richardjpope/recourse/blob/master/recourse/forms.py#L6

											
										
										
											2020-04-02 18:06:01 +01:00
+								# based on work done by @richardjpope: https://github.com/richardjpope/recourse/blob/master/recourse/forms.py#L6
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								class GovukCheckboxesField(SelectMultipleField):
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								    render_as_list = False
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								        super(GovukCheckboxesField, self).__init__(label, validators, **kwargs)
-												Add govukCheckboxesField

govukCheckboxesField subclasses
SelectMultipleField and overwrites how it renders
HTML to let us use the GOVUK Checkboxes component
while retaining all the functionality of WTForms
fields.

Based on work on github.com/richardjpope/recourse:

https://github.com/richardjpope/recourse/blob/master/recourse/forms.py#L6

											
										
										
											2020-04-02 18:06:01 +01:00
+								        self.param_extensions = param_extensions
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								    def get_item_from_option(self, option):
 								        return {
 								            "name": option.name,
 								            "id": option.id,
 								            "text": option.label.text,
 								            "value": str(option.data),  # to protect against non-string types like uuids
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "checked": option.checked,
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								        }
 								    def get_items_from_options(self, field):
 								        return [self.get_item_from_option(option) for option in field]
-												Add govukCheckboxesField

govukCheckboxesField subclasses
SelectMultipleField and overwrites how it renders
HTML to let us use the GOVUK Checkboxes component
while retaining all the functionality of WTForms
fields.

Based on work on github.com/richardjpope/recourse:

https://github.com/richardjpope/recourse/blob/master/recourse/forms.py#L6

											
										
										
											2020-04-02 18:06:01 +01:00
+								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
-												Update templates page

Includes:
- changes to the govukCheckboxesField class
  to allow params to be extended at render time
- updates to templates and folders CSS

											
										
										
											2020-04-09 11:51:11 +01:00
+								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_checkboxes_field_widget(
 								            self, field, param_extensions=param_extensions, **kwargs
 								        )
-												Add govukCheckboxesField

govukCheckboxesField subclasses
SelectMultipleField and overwrites how it renders
HTML to let us use the GOVUK Checkboxes component
while retaining all the functionality of WTForms
fields.

Based on work on github.com/richardjpope/recourse:

https://github.com/richardjpope/recourse/blob/master/recourse/forms.py#L6

											
										
										
											2020-04-02 18:06:01 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								# Wraps checkboxes rendering in HTML needed by the collapsible JS
 								class GovukCollapsibleCheckboxesField(GovukCheckboxesField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(
 								        self, label="", validators=None, field_label="", param_extensions=None, **kwargs
 								    ):
 								        super(GovukCollapsibleCheckboxesField, self).__init__(
 								            label, validators, param_extensions, **kwargs
 								        )
-												Add mixin & field to make collapsible checkboxes

Allows checkboxes to be collapsed so they take up
less space in the page. The collapsed state
includes a live summary tracking which of them are
selected.

Includes changes to the JS for collapsible
checkboxes to make it work with the GOVUK
Checkboxes component HTML.

											
										
										
											2020-04-23 12:12:55 +01:00
+								        self.field_label = field_label
 								    def widget(self, field, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_checkboxes_field_widget(
 								            self, field, wrap_in_collapsible=True, param_extensions=None, **kwargs
 								        )
-												Add mixin & field to make collapsible checkboxes

Allows checkboxes to be collapsed so they take up
less space in the page. The collapsed state
includes a live summary tracking which of them are
selected.

Includes changes to the JS for collapsible
checkboxes to make it work with the GOVUK
Checkboxes component HTML.

											
										
										
											2020-04-23 12:12:55 +01:00
-												Refactor GovukCheckboxField and all variants

Aims to make the structure of their code more like
GovukTextInputField so this convention can be
extended for radios.

It does that by:
- moving the code in their widget methods out into
  the govuk_checkbox_field_widget helper function
- moving the code that wraps the checkboxes
  in HTML to make them collapsible into the helper
  function
- remove GovukCheckboxesMixin in favour of having
  the extend_params method as a stand-alone
  function*

*The code is generic enough that it can be used
with other fields that share the same type of
data.

These changes also:
- don't alter the interface of any classes
  involved
- don't break any tests

											
										
										
											2020-10-29 16:25:02 +00:00
+								# GovukCollapsibleCheckboxesField adds an ARIA live-region to the hint and wraps the render in HTML needed by the
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								# collapsible JS
 								# NestedFieldMixin puts the items into a tree hierarchy, pre-rendering the sub-trees of the top-level items
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								class GovukCollapsibleNestedCheckboxesField(
 								    NestedFieldMixin, GovukCollapsibleCheckboxesField
 								):
-												Add govukCollapsibleNestedCheckboxesField

Includes:
1. changes to make NestedFieldMixin work
  with new fields and CSS for nested checkboxes
2. adds custom version of GOVUK checkboxes
  component to allow us to:
  - add classes to elements currently inaccessible
  - wrap the checkboxes in a list
  - add child checkboxes to each checkbox (making
    tree structures possible through recursion

Change 2. should be pushed upstream to the GOVUK
Design System as a proposal for changes to the
GOVUK Checkboxes component.

											
										
										
											2020-04-23 12:15:24 +01:00
+								    NONE_OPTION_VALUE = None
 								    render_as_list = True
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								class GovukRadiosField(RadioField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, label="", validators=None, param_extensions=None, **kwargs):
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								        super(GovukRadiosField, self).__init__(label, validators, **kwargs)
 								        self.param_extensions = param_extensions
 								    def get_item_from_option(self, option):
 								        return {
 								            "name": option.name,
 								            "id": option.id,
 								            "text": option.label.text,
 								            "value": str(option.data),  # to protect against non-string types like uuids
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "checked": option.checked,
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
+								        }
 								    def get_items_from_options(self, field):
 								        return [self.get_item_from_option(option) for option in field]
 								    # self.__call__ renders the HTML for the field by:
 								    # 1. delegating to self.meta.render_field which
 								    # 2. calls field.widget
 								    # this bypasses that by making self.widget a method with the same interface as widget.__call__
 								    def widget(self, field, param_extensions=None, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return govuk_radios_field_widget(
 								            self, field, param_extensions=param_extensions, **kwargs
 								        )
-												Add GovukRadiosField

Roughly based on GovukCheckboxesField.

											
										
										
											2020-06-23 14:53:51 +01:00
-												Simplify network choice to optional radio buttons

Previously this field had to mimic the final hyphenated string of
the broadcast account type, even though it was only used to select
one of its components. The new, shorter choices make it easier to
simplify the test for the POST request.

I've also deleted a number of test cases for pre-selected radios.
This functionality isn't critical, so we don't need to exhaustively
test every single possible combination of values.

											
										
										
											2021-06-07 17:06:15 +01:00
+								class OptionalGovukRadiosField(GovukRadiosField):
 								    def pre_validate(self, form):
 								        if self.data is None:
 								            return
 								        super().pre_validate(form)
-												Make OnOffField inherit from GovukRadiosField

Means that ServiceOnOffSettingForm.enabled ends up
using the GovukRadiosField methods for rendering.

											
										
										
											2020-06-26 22:18:24 +01:00
+								class OnOffField(GovukRadiosField):
 								    def __init__(self, label, choices=None, *args, **kwargs):
 								        choices = choices or [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            (True, "On"),
 								            (False, "Off"),
-												Make OnOffField inherit from GovukRadiosField

Means that ServiceOnOffSettingForm.enabled ends up
using the GovukRadiosField methods for rendering.

											
										
										
											2020-06-26 22:18:24 +01:00
+								        ]
 								        super().__init__(
 								            label,
-												Adjust positional arguments flagged by flake8-bugbear

The new release of flake8-bugbear is starting to flag positional argument unpacking that comes after keyword arguments in function calls as a style warning that fails.  This is a good thing to catch because it can lead to unexpected side effects with function arguments and/or errors thrown by Python.

See the following links for more details:

- https://stackoverflow.com/questions/58961715/python-value-unpacking-order-in-method-parameters
- https://github.com/python/cpython/issues/82741

This changeset fixes a couple of instances where the positional argument unpacking was happening after keyword arguments were being provided.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>

											
										
										
											2023-11-28 17:33:17 -05:00
+								            *args,
-												Make OnOffField inherit from GovukRadiosField

Means that ServiceOnOffSettingForm.enabled ends up
using the GovukRadiosField methods for rendering.

											
										
										
											2020-06-26 22:18:24 +01:00
+								            choices=choices,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            thing=f"{choices[0][1].lower()} or {choices[1][1].lower()}",
-												Make OnOffField inherit from GovukRadiosField

Means that ServiceOnOffSettingForm.enabled ends up
using the GovukRadiosField methods for rendering.

											
										
										
											2020-06-26 22:18:24 +01:00
+								            **kwargs,
 								        )
 								    def process_formdata(self, valuelist):
 								        if valuelist:
 								            value = valuelist[0]
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            self.data = (value == "True") if value in ["True", "False"] else value
-												Make OnOffField inherit from GovukRadiosField

Means that ServiceOnOffSettingForm.enabled ends up
using the GovukRadiosField methods for rendering.

											
										
										
											2020-06-26 22:18:24 +01:00
 								    def iter_choices(self):
 								        for value, label in self.choices:
 								            # This overrides WTForms default behaviour which is to check
 								            # self.coerce(value) == self.data
 								            # where self.coerce returns a string for a boolean input
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            yield (value, label, (self.data in {value, self.coerce(value)}))
-												Make OnOffField inherit from GovukRadiosField

Means that ServiceOnOffSettingForm.enabled ends up
using the GovukRadiosField methods for rendering.

											
										
										
											2020-06-26 22:18:24 +01:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								class OrganizationTypeField(GovukRadiosField):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, *args, include_only=None, validators=None, **kwargs):
-												Convert radios in edit org type page (basic)

Changes the OrganisationTypeField class used by
OrganisationOrganisationTypeForm.organisation_type

OrganisationTypeField is also used by the forms in
/add-service:
- CreateServiceForm
- CreateNhsServiceForm

Because of that, this commit also includes changes
to the template for that route.

Note: this also moves where OrganisationTypeField
appears in app/main/forms.py so it can use
GovukRadiosField.

											
										
										
											2020-06-26 20:39:20 +01:00
+								        super().__init__(
 								            *args,
 								            choices=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                (value, label)
 								                for value, label in Organization.TYPE_LABELS.items()
-												Convert radios in edit org type page (basic)

Changes the OrganisationTypeField class used by
OrganisationOrganisationTypeForm.organisation_type

OrganisationTypeField is also used by the forms in
/add-service:
- CreateServiceForm
- CreateNhsServiceForm

Because of that, this commit also includes changes
to the template for that route.

Note: this also moves where OrganisationTypeField
appears in app/main/forms.py so it can use
GovukRadiosField.

											
										
										
											2020-06-26 20:39:20 +01:00
+								                if not include_only or value in include_only
 								            ],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            thing="the type of organization",
-												Convert radios in edit org type page (basic)

Changes the OrganisationTypeField class used by
OrganisationOrganisationTypeForm.organisation_type

OrganisationTypeField is also used by the forms in
/add-service:
- CreateServiceForm
- CreateNhsServiceForm

Because of that, this commit also includes changes
to the template for that route.

Note: this also moves where OrganisationTypeField
appears in app/main/forms.py so it can use
GovukRadiosField.

											
										
										
											2020-06-26 20:39:20 +01:00
+								            validators=validators or [],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            **kwargs,
-												Convert radios in edit org type page (basic)

Changes the OrganisationTypeField class used by
OrganisationOrganisationTypeForm.organisation_type

OrganisationTypeField is also used by the forms in
/add-service:
- CreateServiceForm
- CreateNhsServiceForm

Because of that, this commit also includes changes
to the template for that route.

Note: this also moves where OrganisationTypeField
appears in app/main/forms.py so it can use
GovukRadiosField.

											
										
										
											2020-06-26 20:39:20 +01:00
+								        )
-												Add GovukRadiosFieldWithNoneOption

											
										
										
											2020-06-26 22:32:42 +01:00
+								class GovukRadiosFieldWithNoneOption(FieldWithNoneOption, GovukRadiosField):
 								    pass
-												Replace remaining uses of the term "role"

In one case I did this by refactoring the code to avoid the need
for the "role" variable in the first place.

											
										
										
											2021-07-22 14:51:52 +01:00
+								# guard against data entries that aren't a known permission
-												Update permissions page

Includes adding filtering to the user permissions
data.

Classes extending BasePermissionsForm have their
user permissions handled by permissions_field
which stores its data in a list. This replaces the
previous approach of having a BooleanField for
each role.

Because permissions_field.data is taken directly
from POST data, it needs extra guarding against
values not present in whatever roles model the
class is based on (ie. broadcast_permissions).

											
										
										
											2020-04-02 18:08:50 +01:00
+								def filter_by_permissions(valuelist):
 								    if valuelist is None:
 								        return None
 								    else:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return [
 								            entry
 								            for entry in valuelist
 								            if any(entry in option for option in permission_options)
 								        ]
-												Update permissions page

Includes adding filtering to the user permissions
data.

Classes extending BasePermissionsForm have their
user permissions handled by permissions_field
which stores its data in a list. This replaces the
previous approach of having a BooleanField for
each role.

Because permissions_field.data is taken directly
from POST data, it needs extra guarding against
values not present in whatever roles model the
class is based on (ie. broadcast_permissions).

											
										
										
											2020-04-02 18:08:50 +01:00
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
+								class AuthTypeForm(StripWhitespaceForm):
 								    auth_type = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Sign in using",
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
+								        choices=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            ("sms_auth", format_auth_type("sms_auth")),
 								            ("email_auth", format_auth_type("email_auth")),
 								        ],
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
+								    )
-												Only show relevant user permissions for broadcast services

For services with the broadcast permission this hides:
- the ‘View dashboard’ permission (and defaults it to _checked_) because
  all users of broadcast services will need to see the dashboard
- the ‘Manage API keys’ permission (and defaults it to _not checked_)
  because we don’t offer an API integration for broadcast services yet
  – if we do we won’t want existing users to automatically get the
  permission

It relabels:
- the ‘Send’ permission to ‘Prepare and approve’ to match the current,
  slightly clunky language on the templates page
- the ‘Manage settings’ label to not refer to ‘usage’ because broadcast
  services won’t incur cost

											
										
										
											2020-07-13 11:10:34 +01:00
+								class BasePermissionsForm(StripWhitespaceForm):
-												Display nested folders permissions form on user permissions page

We're reusing the logic for the `move_to` nested radios field for the
user folder permissions nested checkboxes.

The main difference between the two forms (aside from the different
input type) is that "Move" form contains the root "Templates" as an
option, whereas the folder permissions doesn't.

It turns out that, because of the way NestedFieldMixin.children and
select_nested macro are implemented the easiest way to get the desired
folder permissions behaviour is to add the root folder as a choice with
a `None` value and `NONE_OPTION_VALUE = None` set on the field, which
allows the `child_map` to be constructed but doesn't display the root
folder checkbox itself since it gets overwritten in the final `child_map`.

											
										
										
											2019-02-25 16:23:28 +00:00
+								    def __init__(self, all_template_folders=None, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
-												Add tests for editing folder permissions for platform admin users

											
										
										
											2019-05-17 11:03:41 +01:00
+								        self.folder_permissions.choices = []
-												Send updated user folder permissions to the API

Integrates the folder permissions form with the updated API endpoint
to store changes in the user folders.

Since user folder permissions are returned in the full list of template
folders for the service we need to invalidate the cache key for it each
time we update user permissions.

											
										
										
											2019-02-27 15:45:18 +00:00
+								        if all_template_folders is not None:
-												Display nested folders permissions form on user permissions page

We're reusing the logic for the `move_to` nested radios field for the
user folder permissions nested checkboxes.

The main difference between the two forms (aside from the different
input type) is that "Move" form contains the root "Templates" as an
option, whereas the folder permissions doesn't.

It turns out that, because of the way NestedFieldMixin.children and
select_nested macro are implemented the easiest way to get the desired
folder permissions behaviour is to add the root folder as a choice with
a `None` value and `NONE_OPTION_VALUE = None` set on the field, which
allows the `child_map` to be constructed but doesn't display the root
folder checkbox itself since it gets overwritten in the final `child_map`.

											
										
										
											2019-02-25 16:23:28 +00:00
+								            self.folder_permissions.all_template_folders = all_template_folders
 								            self.folder_permissions.choices = [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                (item["id"], item["name"])
 								                for item in ([{"name": "Templates", "id": None}] + all_template_folders)
-												Display nested folders permissions form on user permissions page

We're reusing the logic for the `move_to` nested radios field for the
user folder permissions nested checkboxes.

The main difference between the two forms (aside from the different
input type) is that "Move" form contains the root "Templates" as an
option, whereas the folder permissions doesn't.

It turns out that, because of the way NestedFieldMixin.children and
select_nested macro are implemented the easiest way to get the desired
folder permissions behaviour is to add the root folder as a choice with
a `None` value and `NONE_OPTION_VALUE = None` set on the field, which
allows the `child_map` to be constructed but doesn't display the root
folder checkbox itself since it gets overwritten in the final `child_map`.

											
										
										
											2019-02-25 16:23:28 +00:00
+								            ]
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    folder_permissions = GovukCollapsibleNestedCheckboxesField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Folders this team member can see", field_label="folder"
 								    )
-												Make permission checking a method

Having a function that takes an instance as its only argument suggests
that it should instead be a method on that instance.

											
										
										
											2018-06-13 12:07:08 +01:00
-												Convert radios on user page (basic)

Covers the page for both new and existing users.

											
										
										
											2020-06-25 16:24:34 +01:00
+								    login_authentication = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Sign in using",
-												Email auth for inviting members and editing permissions

											
										
										
											2017-11-01 15:36:27 +00:00
+								        choices=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            ("sms_auth", "Text message code"),
 								            ("email_auth", "Email link"),
-												Email auth for inviting members and editing permissions

											
										
										
											2017-11-01 15:36:27 +00:00
+								        ],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        thing="how this team member should sign in",
 								        validators=[DataRequired()],
-												Email auth for inviting members and editing permissions

											
										
										
											2017-11-01 15:36:27 +00:00
+								    )
-												Updated form and fixed existing tests.

											
										
										
											2016-03-03 13:00:12 +00:00
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    permissions_field = GovukCheckboxesField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Permissions",
-												Update permissions page

Includes adding filtering to the user permissions
data.

Classes extending BasePermissionsForm have their
user permissions handled by permissions_field
which stores its data in a list. This replaces the
previous approach of having a BooleanField for
each role.

Because permissions_field.data is taken directly
from POST data, it needs extra guarding against
values not present in whatever roles model the
class is based on (ie. broadcast_permissions).

											
										
										
											2020-04-02 18:08:50 +01:00
+								        filters=[filter_by_permissions],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        choices=[(value, label) for value, label in permission_options],
 								        param_extensions={"hint": {"text": "All team members can see sent messages."}},
-												Update permissions page

Includes adding filtering to the user permissions
data.

Classes extending BasePermissionsForm have their
user permissions handled by permissions_field
which stores its data in a list. This replaces the
previous approach of having a BooleanField for
each role.

Because permissions_field.data is taken directly
from POST data, it needs extra guarding against
values not present in whatever roles model the
class is based on (ie. broadcast_permissions).

											
										
										
											2020-04-02 18:08:50 +01:00
+								    )
-												Revert "Change checkboxes to GOVUK frontend"

											
										
										
											2020-05-14 16:59:34 +01:00
 								    @property
 								    def permissions(self):
-												Revert support for old user permissions params

The fields used for user permissions on
permissions forms were changed as part of the work
converting the checkboxes to GOVUK Frontend.

This removes code added to protect against a
situation where the server-side app was running
this updated code but clients were POSTing from
pages that were not, and so sending the old HTTP
params.

											
										
										
											2020-07-31 15:16:56 +01:00
+								        return set(self.permissions_field.data)
-												Relabel existing permissions

Since we have added a new, 5th permission the existing permissions
should be relabelled so that the five make sense as a coherent set.

We especially want to make sure that:
- the labels work against the checkboxes and against the tick/crosses on
  the manage users page (a long time ago this page was layed out
  differently so didn’t have space for full labels)
- there is no confusion between usage and reports

This commit also:
- re-adds a line about what all users can see (‘sent messages’) but
  continues to omit the additional bullet points about templates and
  team members (because we think this is clear enough from reading the
  permissions)
- refactors the `Form` subclass so that the content and order of the
  permissions only have to be defined once
- brings back the ‘permissions’ legend on the `fieldset`

											
										
										
											2018-08-08 08:45:58 +01:00
-												Add a ‘See dashboard’ permission

Our research and prototyping around ‘basic view’ found that:
- a lot of users who send messages rarely or never look at the dashboard
  (yet it’s the first page they see when they sign in)
- team managers like the idea of taking away things that users don’t
  need in order to make the interface simpler

We’ve disentangled the simpler way of sending messages from being part
of ‘basic view’. This means we can give managers the option of taking
away the dashboard as an independent choice, not something that’s
wrapped up in a separate ‘view’.

I think that this checkbox is a more straightforward proposition than
‘basic view’ ever was (despite all the work we did to explain it and
develop the nested checkbox pattern). In research users would often
explain the feature back to us as being about hiding the dashboard – we
should try to make Notify operate in terms of concepts that come
naturally to people wherever possible.

											
										
										
											2018-08-06 11:10:37 +01:00
+								    @classmethod
-												Display nested folders permissions form on user permissions page

We're reusing the logic for the `move_to` nested radios field for the
user folder permissions nested checkboxes.

The main difference between the two forms (aside from the different
input type) is that "Move" form contains the root "Templates" as an
option, whereas the folder permissions doesn't.

It turns out that, because of the way NestedFieldMixin.children and
select_nested macro are implemented the easiest way to get the desired
folder permissions behaviour is to add the root folder as a choice with
a `None` value and `NONE_OPTION_VALUE = None` set on the field, which
allows the `child_map` to be constructed but doesn't display the root
folder checkbox itself since it gets overwritten in the final `child_map`.

											
										
										
											2019-02-25 16:23:28 +00:00
+								    def from_user(cls, user, service_id, **kwargs):
-												fix bug stopping editing of permissions of webauthn platform admins

We hide the radio field in the HTML for platform admins, as we don't
want anyone to be able to change their auth type. However, when the form
is validated, the form has a field called login_authentication that it
expects a value for. It silently fails as it complains that when the
user POSTed they didn't select a value for that radio field, but the
error message is on the radio fields that don't get displayed to the
user so they'd never know.

Fixing this is actually pretty hard.

We use this form in two places, one where we have a user to edit, one
where we are creating an invite from scratch. So sometimes we don't know
about a user's auth type. In addition, radio buttons are mandatory by
design, but now sometimes we don't just want to make it optional but
explicitly ignore the value being passed in? To solve this, remove the
field entirely from the form if the user is a platform admin. This means
that if the code in manage_users.py tries to access the
login_authentication value from the form, it'll error, but I think
that's okay to leave for now given we concede that this isn't a perfect
final solution.

The tests didn't flag this previously as they tried to set from sms_auth
(the default for `platform_admin_user`) TO email_auth or sms_auth. Also,
the diagnosis of this bug was confounded further by the fact that
`mock_get_users_by_service` sets what is returned by the API - the
service model then takes the IDs out of that response and calls
`User.get_user_by_id` for the matching ID (as in, the code only uses
get_users_by_service to ensure the user belongs to that service). This
means that we accidentally set the form editing the current user, as
when we log in we set `get_user_by_id` to return the user of our choice

											
										
										
											2021-06-10 23:09:36 +01:00
+								        form = cls(
-												Display nested folders permissions form on user permissions page

We're reusing the logic for the `move_to` nested radios field for the
user folder permissions nested checkboxes.

The main difference between the two forms (aside from the different
input type) is that "Move" form contains the root "Templates" as an
option, whereas the folder permissions doesn't.

It turns out that, because of the way NestedFieldMixin.children and
select_nested macro are implemented the easiest way to get the desired
folder permissions behaviour is to add the root folder as a choice with
a `None` value and `NONE_OPTION_VALUE = None` set on the field, which
allows the `child_map` to be constructed but doesn't display the root
folder checkbox itself since it gets overwritten in the final `child_map`.

											
										
										
											2019-02-25 16:23:28 +00:00
+								            **kwargs,
-												Add a ‘See dashboard’ permission

Our research and prototyping around ‘basic view’ found that:
- a lot of users who send messages rarely or never look at the dashboard
  (yet it’s the first page they see when they sign in)
- team managers like the idea of taking away things that users don’t
  need in order to make the interface simpler

We’ve disentangled the simpler way of sending messages from being part
of ‘basic view’. This means we can give managers the option of taking
away the dashboard as an independent choice, not something that’s
wrapped up in a separate ‘view’.

I think that this checkbox is a more straightforward proposition than
‘basic view’ ever was (despite all the work we did to explain it and
develop the nested checkbox pattern). In research users would often
explain the feature back to us as being about hiding the dashboard – we
should try to make Notify operate in terms of concepts that come
naturally to people wherever possible.

											
										
										
											2018-08-06 11:10:37 +01:00
+								            **{
-												Replace remaining uses of the term "role"

In one case I did this by refactoring the code to avoid the need
for the "role" variable in the first place.

											
										
										
											2021-07-22 14:51:52 +01:00
+								                "permissions_field": (
 								                    user.permissions_for_service(service_id) & all_ui_permissions
 								                )
-												Add a ‘See dashboard’ permission

Our research and prototyping around ‘basic view’ found that:
- a lot of users who send messages rarely or never look at the dashboard
  (yet it’s the first page they see when they sign in)
- team managers like the idea of taking away things that users don’t
  need in order to make the interface simpler

We’ve disentangled the simpler way of sending messages from being part
of ‘basic view’. This means we can give managers the option of taking
away the dashboard as an independent choice, not something that’s
wrapped up in a separate ‘view’.

I think that this checkbox is a more straightforward proposition than
‘basic view’ ever was (despite all the work we did to explain it and
develop the nested checkbox pattern). In research users would often
explain the feature back to us as being about hiding the dashboard – we
should try to make Notify operate in terms of concepts that come
naturally to people wherever possible.

											
										
										
											2018-08-06 11:10:37 +01:00
+								            },
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            login_authentication=user.auth_type,
-												Add a ‘See dashboard’ permission

Our research and prototyping around ‘basic view’ found that:
- a lot of users who send messages rarely or never look at the dashboard
  (yet it’s the first page they see when they sign in)
- team managers like the idea of taking away things that users don’t
  need in order to make the interface simpler

We’ve disentangled the simpler way of sending messages from being part
of ‘basic view’. This means we can give managers the option of taking
away the dashboard as an independent choice, not something that’s
wrapped up in a separate ‘view’.

I think that this checkbox is a more straightforward proposition than
‘basic view’ ever was (despite all the work we did to explain it and
develop the nested checkbox pattern). In research users would often
explain the feature back to us as being about hiding the dashboard – we
should try to make Notify operate in terms of concepts that come
naturally to people wherever possible.

											
										
										
											2018-08-06 11:10:37 +01:00
+								        )
-												Prevent auth type changing for any WebAuthn user

Previously we applied this restriction to Platform Admins, on the
assumption that all of them use a security key to log in. Rather
than making that assumption, we can explicitly check their login
method, which also supports rolling out the feature to more users.

											
										
										
											2021-06-30 15:15:00 +01:00
-												fix bug stopping editing of permissions of webauthn platform admins

We hide the radio field in the HTML for platform admins, as we don't
want anyone to be able to change their auth type. However, when the form
is validated, the form has a field called login_authentication that it
expects a value for. It silently fails as it complains that when the
user POSTed they didn't select a value for that radio field, but the
error message is on the radio fields that don't get displayed to the
user so they'd never know.

Fixing this is actually pretty hard.

We use this form in two places, one where we have a user to edit, one
where we are creating an invite from scratch. So sometimes we don't know
about a user's auth type. In addition, radio buttons are mandatory by
design, but now sometimes we don't just want to make it optional but
explicitly ignore the value being passed in? To solve this, remove the
field entirely from the form if the user is a platform admin. This means
that if the code in manage_users.py tries to access the
login_authentication value from the form, it'll error, but I think
that's okay to leave for now given we concede that this isn't a perfect
final solution.

The tests didn't flag this previously as they tried to set from sms_auth
(the default for `platform_admin_user`) TO email_auth or sms_auth. Also,
the diagnosis of this bug was confounded further by the fact that
`mock_get_users_by_service` sets what is returned by the API - the
service model then takes the IDs out of that response and calls
`User.get_user_by_id` for the matching ID (as in, the code only uses
get_users_by_service to ensure the user belongs to that service). This
means that we accidentally set the form editing the current user, as
when we log in we set `get_user_by_id` to return the user of our choice

											
										
										
											2021-06-10 23:09:36 +01:00
+								        return form
-												Allow setting of caseworking on a user

This commit changes the form that the user sees when inviting or editing
another user, if the service has the ‘caseworking’ permission set.

This will allow creating a new type of user, one who only has the
`send_messages` permission, without the `view_activity` permission.

We are doing this because we think there are a number of services with a
lot of users who don’t need to see the dashboard, or the other team
members, and that we can make a simpler interface for these users.

											
										
										
											2018-06-12 14:29:47 +01:00
-												Revert support for old user permissions params

The fields used for user permissions on
permissions forms were changed as part of the work
converting the checkboxes to GOVUK Frontend.

This removes code added to protect against a
situation where the server-side app was running
this updated code but clients were POSTing from
pages that were not, and so sending the old HTTP
params.

											
										
										
											2020-07-31 15:16:56 +01:00
+								class PermissionsForm(BasePermissionsForm):
-												Only show relevant user permissions for broadcast services

For services with the broadcast permission this hides:
- the ‘View dashboard’ permission (and defaults it to _checked_) because
  all users of broadcast services will need to see the dashboard
- the ‘Manage API keys’ permission (and defaults it to _not checked_)
  because we don’t offer an API integration for broadcast services yet
  – if we do we won’t want existing users to automatically get the
  permission

It relabels:
- the ‘Send’ permission to ‘Prepare and approve’ to match the current,
  slightly clunky language on the templates page
- the ‘Manage settings’ label to not refer to ‘usage’ because broadcast
  services won’t incur cost

											
										
										
											2020-07-13 11:10:34 +01:00
+								    pass
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								class BaseInviteUserForm:
-												Update forgotten password to allow non-gov with test

											
										
										
											2016-10-26 14:01:01 +01:00
+								    email_address = email_address(gov_user=False)
-												Added validation to ensure user can't invite themselves.

Refactored Invited user form into permissions and invite forms
for use in invite and edit permissions.

Added template for edit permissions.

											
										
										
											2016-03-09 13:00:52 +00:00
-												Rename confusing variable

The reason the email address is considered invalid is because it is the
address of the person doing the inviting.

This commit renames the variable to be more specific and avoid confusion
with the email address of the person being invited.

											
										
										
											2021-07-15 14:21:58 +01:00
+								    def __init__(self, inviter_email_address, *args, **kwargs):
-												Refactor form classes for future reuse

There are three parts to a ‘user’ form:
- the email address
- the permissions
- the auth type setting

This commit breaks them up into abstract classes so that they can be
composed more flexibly in future commits.

											
										
										
											2018-06-12 11:51:37 +01:00
+								        super().__init__(*args, **kwargs)
-												Rename confusing variable

The reason the email address is considered invalid is because it is the
address of the person doing the inviting.

This commit renames the variable to be more specific and avoid confusion
with the email address of the person being invited.

											
										
										
											2021-07-15 14:21:58 +01:00
+								        self.inviter_email_address = inviter_email_address
-												Added validation to ensure user can't invite themselves.

Refactored Invited user form into permissions and invite forms
for use in invite and edit permissions.

Added template for edit permissions.

											
										
										
											2016-03-09 13:00:52 +00:00
 								    def validate_email_address(self, field):
-												Move two calls to `str.lower` next to each other

This means that we can rewrite `validate_email_address` to do a
different comparison without having to also change `__init__`

I’ve moved the platform admin check into its own conditional to keep the
line length manageable.

											
										
										
											2021-07-13 14:43:26 +01:00
+								        if current_user.platform_admin:
 								            return
-												Rename confusing variable

The reason the email address is considered invalid is because it is the
address of the person doing the inviting.

This commit renames the variable to be more specific and avoid confusion
with the email address of the person being invited.

											
										
										
											2021-07-15 14:21:58 +01:00
+								        if field.data.lower() == self.inviter_email_address.lower():
-												Replace can't with cannot
											
										
										
											2019-09-12 16:42:33 +01:00
+								            raise ValidationError("You cannot send an invitation to yourself")
-												Added validation to ensure user can't invite themselves.

Refactored Invited user form into permissions and invite forms
for use in invite and edit permissions.

Added template for edit permissions.

											
										
										
											2016-03-09 13:00:52 +00:00
-												Only show relevant user permissions for broadcast services

For services with the broadcast permission this hides:
- the ‘View dashboard’ permission (and defaults it to _checked_) because
  all users of broadcast services will need to see the dashboard
- the ‘Manage API keys’ permission (and defaults it to _not checked_)
  because we don’t offer an API integration for broadcast services yet
  – if we do we won’t want existing users to automatically get the
  permission

It relabels:
- the ‘Send’ permission to ‘Prepare and approve’ to match the current,
  slightly clunky language on the templates page
- the ‘Manage settings’ label to not refer to ‘usage’ because broadcast
  services won’t incur cost

											
										
										
											2020-07-13 11:10:34 +01:00
+								class InviteUserForm(BaseInviteUserForm, PermissionsForm):
 								    pass
-												Refactor organisation invite form for reuse

It’s exactly the same code as `BaseInviteUserForm` so there’s really no
need to duplicate it (and means that changes we make to
`BaseInviteUserForm` in the future will get inherited).

											
										
										
											2021-07-13 14:38:13 +01:00
+								class InviteOrgUserForm(BaseInviteUserForm, StripWhitespaceForm):
 								    pass
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class TwoFactorForm(StripWhitespaceForm):
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								    def __init__(self, validate_code_func, *args, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        """
-												Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised.

											
										
										
											2016-01-07 12:43:10 +00:00
+								        Keyword arguments:
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								        validate_code_func -- Validates the code with the API.
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        """
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								        self.validate_code_func = validate_code_func
-												Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised.

											
										
										
											2016-01-07 12:43:10 +00:00
+								        super(TwoFactorForm, self).__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    sms_code = SMSCode("Text message code")
-												109638656: Implement two factor verify flow
When user enters valid sms code they are redirected to the dashboard.
Otherwise, form errors are present.

											
										
										
											2015-12-08 12:36:54 +00:00
-												Update utils for improved logging

											
										
										
											2023-04-26 11:24:01 -04:00
+								    def validate(self, extra_validators=None):
-												Give better error messages for incorrect code

If we know the code won’t pass the validation on the API side, we might
as well tell the user before even passing it to the API.

So this commit:
- adds some more validators to the field
- rewrites the validation function on the form to actually call the
  field-level validators before hitting the API 🤦‍♂️
- refactors the tests to be parametrize, which means they can be
  shorter, easier to read, and more comprehensive

											
										
										
											2018-05-07 21:24:23 +01:00
+								        if not self.sms_code.validate(self):
 								            return False
 								        is_valid, reason = self.validate_code_func(self.sms_code.data)
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								        if not is_valid:
-												Give better error messages for incorrect code

If we know the code won’t pass the validation on the API side, we might
as well tell the user before even passing it to the API.

So this commit:
- adds some more validators to the field
- rewrites the validation function on the form to actually call the
  field-level validators before hitting the API 🤦‍♂️
- refactors the tests to be parametrize, which means they can be
  shorter, easier to read, and more comprehensive

											
										
										
											2018-05-07 21:24:23 +01:00
+								            self.sms_code.errors.append(reason)
 								            return False
 								        return True
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
-												109638656: Initial implementation for two-factor

											
										
										
											2015-12-07 16:56:11 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class TextNotReceivedForm(StripWhitespaceForm):
-												Let users register with int’national phone numbers

Right now Notify restricts you to registering with a UK mobile number.
This is because when we built the user registration stuff we couldn’t
send to international mobiles.

However we can send to international mobile numbers, and it’s totally
reasonable to expect employees of the UK government to be working
abroad, and have a foreign mobile phone – we’ve heard from one such
user.

So this commit:
- changes all places where users enter their own phone number to use
  the validation function which allows international phone numbers
- renames the `mobile_number` validation to `uk_mobile_number` to make
  it explicit, and force it to break the tests if there’s somewhere it’s
  being used that I haven’t thought of

											
										
										
											2017-08-29 14:52:24 +01:00
+								    mobile_number = international_phone_number()
-												109898688: Implementation of text-not-received and email-not-received

											
										
										
											2015-12-15 15:35:30 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class RenameServiceForm(StripWhitespaceForm):
-												Use GovukTextInputField in RenameServiceForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-07-14 16:51:11 +01:00
+								    name = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Service name",
-												Service name uniqueness handled in all cases and tests passing.

											
										
										
											2016-03-10 14:29:31 +00:00
+								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            DataRequired(message="Cannot be empty"),
-												Add form validation for max service and org name

There was a recent error in the logs because a service tried to change
its name to one exceeding 255 characters (which is a limit on the
database field). We can easily catch these errors on the form, so that
the user doesn't see an error page.

											
										
										
											2020-11-30 17:08:40 +00:00
+								            MustContainAlphanumericCharacters(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            Length(max=255, message="Service name must be 255 characters or fewer"),
 								        ],
 								    )
-												Service name uniqueness handled in all cases and tests passing.

											
										
										
											2016-03-10 14:29:31 +00:00
-												Add a WTForms-compatible textbox macro

This macro:
- accepts a WTForm form field as a parameter
- renders a form field which follows the GOV.UK Elements patterns, both visually
  and in markup terms

It then changes any page which uses either:
- the old, non-WTForms macro or
- the old, WTFforms `render_field` macro

…to use this new macro and removes both of the old ones.

It also adds the option to display hint text above the textbox.

											
										
										
											2016-01-11 13:15:10 +00:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								class RenameOrganizationForm(StripWhitespaceForm):
-												Update RenameOrganisationForm with new fields

Changes its StringFields to GovukTextInputFields.

This change also affects NewOrganisationForm,
which inherits from RenameOrganisationForm.

Also includes changes to templates that use this
form and associated tests.

											
										
										
											2020-08-04 16:32:40 +01:00
+								    name = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Organization name",
-												update organisation name

											
										
										
											2018-03-06 17:12:31 +00:00
+								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            DataRequired(message="Cannot be empty"),
-												Add form validation for max service and org name

There was a recent error in the logs because a service tried to change
its name to one exceeding 255 characters (which is a limit on the
database field). We can easily catch these errors on the form, so that
the user doesn't see an error page.

											
										
										
											2020-11-30 17:08:40 +00:00
+								            MustContainAlphanumericCharacters(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            Length(
 								                max=255, message="Organization name must be 255 characters or fewer"
 								            ),
 								        ],
 								    )
-												update organisation name

											
										
										
											2018-03-06 17:12:31 +00:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								class OrganizationOrganizationTypeForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    organization_type = OrganizationTypeField("What type of organization is this?")
-												Allow editing of an organisation’s details

Adds a user interface for updating all the columns added in
https://github.com/alphagov/notifications-api/pull/2368

Sorry for the mega commit 😓

											
										
										
											2019-02-19 17:26:16 +00:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								class AdminOrganizationDomainsForm(StripWhitespaceForm):
-												Allow editing of an organisation’s details

Adds a user interface for updating all the columns added in
https://github.com/alphagov/notifications-api/pull/2368

Sorry for the mega commit 😓

											
										
										
											2019-02-19 17:26:16 +00:00
+								    def populate(self, domains_list):
 								        for index, value in enumerate(domains_list):
 								            self.domains[index].data = value
 								    domains = FieldList(
 								        StripWhitespaceStringField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "",
-												Allow editing of an organisation’s details

Adds a user interface for updating all the columns added in
https://github.com/alphagov/notifications-api/pull/2368

Sorry for the mega commit 😓

											
										
										
											2019-02-19 17:26:16 +00:00
+								            validators=[
 								                Optional(),
 								            ],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            default="",
-												Allow editing of an organisation’s details

Adds a user interface for updating all the columns added in
https://github.com/alphagov/notifications-api/pull/2368

Sorry for the mega commit 😓

											
										
										
											2019-02-19 17:26:16 +00:00
+								        ),
-												Allow up to 20 domains per organisation

The most we have in the spreadsheet is 18

											
										
										
											2019-03-22 16:27:30 +00:00
+								        min_entries=20,
 								        max_entries=20,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        label="Domain names",
-												Allow editing of an organisation’s details

Adds a user interface for updating all the columns added in
https://github.com/alphagov/notifications-api/pull/2368

Sorry for the mega commit 😓

											
										
										
											2019-02-19 17:26:16 +00:00
+								    )
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class CreateServiceForm(StripWhitespaceForm):
-												Update CreateServiceForm with new fields

Changes its StringField to GovukTextInputField.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 12:18:29 +01:00
+								    name = GovukTextInputField(
-												Only show nhs radios if user has nhs domain email

Also split local NHS into two groups following designer advice
on readability.

											
										
										
											2019-07-16 15:37:27 +01:00
+								        "What’s your service called?",
-												Collect organisation type

So that we can default services to their appropriate text allowance, we
need to find out what sector they're in. So let's start collecting that
from teams as they create new services.

I think Central/Local/NHS are the right options, but these can be easily
changed if not.

											
										
										
											2017-10-04 11:49:32 +01:00
+								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            DataRequired(message="Cannot be empty"),
-												Add form validation for max service and org name

There was a recent error in the logs because a service tried to change
its name to one exceeding 255 characters (which is a limit on the
database field). We can easily catch these errors on the form, so that
the user doesn't see an error page.

											
										
										
											2020-11-30 17:08:40 +00:00
+								            MustContainAlphanumericCharacters(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            Length(max=255, message="Service name must be 255 characters or fewer"),
 								        ],
 								    )
 								    organization_type = OrganizationTypeField("Where is this service run?")
-												Only show nhs radios if user has nhs domain email

Also split local NHS into two groups following designer advice
on readability.

											
										
										
											2019-07-16 15:37:27 +01:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								class AdminNewOrganizationForm(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    RenameOrganizationForm, OrganizationOrganizationTypeForm
-												Require more information when creating organisations

Currently we set not-very-useful defaults for organisation type and
crown status when creating an organisation. This commit adds two field
to the form (in addition to the existing name field) to explicitly ask
for:
- organisation type
- crown status

We need these for all organisations before we can make any of their
services live.

This commit also records any new organisation as not having accepted the
data sharing and financial agreement, because if we don’t know about the
organisation already then they definitely won’t have signed it.

											
										
										
											2019-07-01 10:19:33 +01:00
+								):
-												Don’t create new organisations with no crown status

We need the crown status set so that we can let them accept the
agreement online.

											
										
										
											2019-07-01 17:01:11 +01:00
+								    def __init__(self, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
-												Require more information when creating organisations

Currently we set not-very-useful defaults for organisation type and
crown status when creating an organisation. This commit adds two field
to the form (in addition to the existing name field) to explicitly ask
for:
- organisation type
- crown status

We need these for all organisations before we can make any of their
services live.

This commit also records any new organisation as not having accepted the
data sharing and financial agreement, because if we don’t know about the
organisation already then they definitely won’t have signed it.

											
										
										
											2019-07-01 10:19:33 +01:00
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminServiceSMSAllowanceForm(StripWhitespaceForm):
-												Convert IntegerFields to GovukIntegerFields

Changes those fields in the following forms:
- FreeSMSAllowance
- ProviderForm
- ProviderRatioForm
- ServiceDataRetentionEditForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:31:09 +01:00
+								    free_sms_allowance = GovukIntegerField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Numbers of text message fragments per year",
 								        validators=[InputRequired(message="Cannot be empty")],
-												Add page to change SMS allowance

There may be exceptions to the rule, so we should have a way of
overriding this manually.

											
										
										
											2017-10-05 13:49:43 +01:00
+								    )
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminServiceMessageLimitForm(StripWhitespaceForm):
-												Allow platform admins to change daily message limit

One less thing we have to go into the database to do, and remember to
manually clear the cache for after.

											
										
										
											2020-10-19 17:19:32 +01:00
+								    message_limit = GovukIntegerField(
-												Fix verbage on front end to better reflect functionality

											
										
										
											2023-12-06 12:26:33 -07:00
+								        "Max number of messages the service has per send",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators=[DataRequired(message="Cannot be empty")],
-												Allow platform admins to change daily message limit

One less thing we have to go into the database to do, and remember to
manually clear the cache for after.

											
										
										
											2020-10-19 17:19:32 +01:00
+								    )
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminServiceRateLimitForm(StripWhitespaceForm):
-												Allow platform admins to change rate limit

One less thing we have to go into the database to do, and remember to
manually clear the cache for after.

											
										
										
											2020-10-21 14:30:35 +01:00
+								    rate_limit = GovukIntegerField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Number of messages the service can send in a rolling 60 second window",
 								        validators=[DataRequired(message="Cannot be empty")],
-												Allow platform admins to change rate limit

One less thing we have to go into the database to do, and remember to
manually clear the cache for after.

											
										
										
											2020-10-21 14:30:35 +01:00
+								    )
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ConfirmPasswordForm(StripWhitespaceForm):
-												Added check for password on service change page, work in progress.

											
										
										
											2016-01-22 16:34:36 +00:00
+								    def __init__(self, validate_password_func, *args, **kwargs):
 								        self.validate_password_func = validate_password_func
 								        super(ConfirmPasswordForm, self).__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    password = GovukPasswordField("Enter password")
-												Add a WTForms-compatible textbox macro

This macro:
- accepts a WTForm form field as a parameter
- renders a form field which follows the GOV.UK Elements patterns, both visually
  and in markup terms

It then changes any page which uses either:
- the old, non-WTForms macro or
- the old, WTFforms `render_field` macro

…to use this new macro and removes both of the old ones.

It also adds the option to display hint text above the textbox.

											
										
										
											2016-01-11 13:15:10 +00:00
-												Added check for password on service change page, work in progress.

											
										
										
											2016-01-22 16:34:36 +00:00
+								    def validate_password(self, field):
 								        if not self.validate_password_func(field.data):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise ValidationError("Invalid password")
-												Added check for password on service change page, work in progress.

											
										
										
											2016-01-22 16:34:36 +00:00
-												Add a WTForms-compatible textbox macro

This macro:
- accepts a WTForm form field as a parameter
- renders a form field which follows the GOV.UK Elements patterns, both visually
  and in markup terms

It then changes any page which uses either:
- the old, non-WTForms macro or
- the old, WTFforms `render_field` macro

…to use this new macro and removes both of the old ones.

It also adds the option to display hint text above the textbox.

											
										
										
											2016-01-11 13:15:10 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class BaseTemplateForm(StripWhitespaceForm):
-												Convert BaseTemplateForm to use new fields

Updates StringField to GovukTextInputField.

These changes also affect the following forms that
inherit from BaseTemplateForm:
- SMSTemplateForm
- EmailTemplateForm

Includes changes to templates that use these forms
and associated tests.

											
										
										
											2020-08-07 12:07:16 +01:00
+								    name = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Template name", validators=[DataRequired(message="Cannot be empty")]
 								    )
-												Make ‘template type’ radio buttons not `<select>`

Because burn your select tags[1]

This commit hard codes the markup for the time being until I can work out how
to get WTForms outputting the markup I want.

1. https://www.youtube.com/watch?v=CUkMCQR4TpY

											
										
										
											2016-01-22 12:19:15 +00:00
-												Rename `content` to `template` content

WTForms sets the `id` of a `textarea` element to the variable name to which the
form control is assigned.

This conflicts with the page container, which is styled by targeting `#content`.

											
										
										
											2016-01-22 12:15:47 +00:00
+								    template_content = TextAreaField(
-												Convert BaseTemplateForm to use new fields

Updates StringField to GovukTextInputField.

These changes also affect the following forms that
inherit from BaseTemplateForm:
- SMSTemplateForm
- EmailTemplateForm

Includes changes to templates that use these forms
and associated tests.

											
										
										
											2020-08-07 12:07:16 +01:00
+								        "Message",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators=[DataRequired(message="Cannot be empty"), NoCommasInPlaceHolders()],
-												Don’t allow commas in placeholders

> If a user tries to save a template containing something like
> ((name,date)) we should give a validation error.

This is because it causes havoc with the column headers in CSV files.

https://www.pivotaltracker.com/story/show/117043389

											
										
										
											2016-04-07 16:02:06 +01:00
+								    )
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    process_type = HiddenField("normal")
-												Add a WTForms-compatible textbox macro

This macro:
- accepts a WTForm form field as a parameter
- renders a form field which follows the GOV.UK Elements patterns, both visually
  and in markup terms

It then changes any page which uses either:
- the old, non-WTForms macro or
- the old, WTFforms `render_field` macro

…to use this new macro and removes both of the old ones.

It also adds the option to display hint text above the textbox.

											
										
										
											2016-01-11 13:15:10 +00:00
-												ensure emails still accept emoji

											
										
										
											2017-02-15 15:06:47 +00:00
+								class SMSTemplateForm(BaseTemplateForm):
 								    def validate_template_content(self, field):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        OnlySMSCharacters(template_type="sms")(None, field)
-												ensure emails still accept emoji

											
										
										
											2017-02-15 15:06:47 +00:00
 								class EmailTemplateForm(BaseTemplateForm):
-												Make subject a textarea

In order for subject lines to have their fields highlighted they have to
be textboxes. This is because the highlighting script only works with
textboxes that don’t scroll, either horizontally, vertically, or be
keying through them.

											
										
										
											2016-04-14 14:04:41 +01:00
+								    subject = TextAreaField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Subject", validators=[DataRequired(message="Cannot be empty")]
 								    )
-												Add basic flow for adding email _or_ sms templates

Templates now have:
- a type (email or sms)
- a subject (if they are email templates)

We don’t want two completely separate view files for email and SMS, because they
would have an enormous amount of repetition.

So this commit adds
- different templates for SMS and email templates
- different form objects for SMS and email templates

…and wires them up.

											
										
										
											2016-02-22 14:45:13 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ForgotPasswordForm(StripWhitespaceForm):
-												Update forgotten password to allow non-gov with test

											
										
										
											2016-10-26 14:01:01 +01:00
+								    email_address = email_address(gov_user=False)
-												Add endpoints for forgot-password.

											
										
										
											2016-01-04 14:00:39 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class NewPasswordForm(StripWhitespaceForm):
-												Take out the Canadian politeness.
Make the error message more consistent.
Extracted common fields for the forms.

											
										
										
											2016-01-08 12:00:52 +00:00
+								    new_password = password()
-												First slice of csv upload of phone numbers for sending messages.

At the moment the file contents are not persisted by checked in
memory.

The first and last three records are show if all are valid.

If there are invalid rows, they are reported and the user is
prompted to go back and sort out upload file.

The storing of upload result (i.e. validation of file) in session
will be removed in next story which is about persisting of file
for later processing.

											
										
										
											2016-01-11 15:00:51 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ChangePasswordForm(StripWhitespaceForm):
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								    def __init__(self, validate_password_func, *args, **kwargs):
 								        self.validate_password_func = validate_password_func
 								        super(ChangePasswordForm, self).__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    old_password = password("Current password")
 								    new_password = password("New password")
-												Add confirmation of password for important changes

This commit adds an extra page or field for confirming your current password
when making important changes

Name                 | Email address     | Mobile number     | Password
---------------------|-------------------|-------------------|------------
No password required | As second page    | As second page    | On same page as new password

											
										
										
											2016-01-12 11:25:46 +00:00
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								    def validate_old_password(self, field):
 								        if not self.validate_password_func(field.data):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise ValidationError("Invalid password")
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
-												Add confirmation of password for important changes

This commit adds an extra page or field for confirming your current password
when making important changes

Name                 | Email address     | Mobile number     | Password
---------------------|-------------------|-------------------|------------
No password required | As second page    | As second page    | On same page as new password

											
										
										
											2016-01-12 11:25:46 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class CsvUploadForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    file = FileField(
 								        "Add recipients",
 								        validators=[
 								            DataRequired(message="Please pick a file"),
 								            CsvFileValidator(),
 								            FileSize(max_size=10e6, message="File must be smaller than 10Mb"),  # 10Mb
 								        ],
 								    )
-												Add loops for changing each part of your profile

This commit adds a page or series of pages for changing your:

Name              | Email address     | Mobile number     | Password
------------------|-------------------|-------------------|------------
Enter new value   | Enter new value   | Enter new value   | Enter new value
                  | Enter 2fa code    | Enter 2fa code    |
Return to profile | Return to profile | Return to profile | Return to profile

(each row is a page)

											
										
										
											2016-01-12 10:28:14 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ChangeNameForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    new_name = GovukTextInputField("Your name")
-												Add loops for changing each part of your profile

This commit adds a page or series of pages for changing your:

Name              | Email address     | Mobile number     | Password
------------------|-------------------|-------------------|------------
Enter new value   | Enter new value   | Enter new value   | Enter new value
                  | Enter 2fa code    | Enter 2fa code    |
Return to profile | Return to profile | Return to profile | Return to profile

(each row is a page)

											
										
										
											2016-01-12 10:28:14 +00:00
-												add missing timezones

											
										
										
											2024-01-08 10:13:26 -08:00
+								# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
-												notify-admin-931

											
										
										
											2023-12-04 14:52:48 -08:00
+								class ChangePreferredTimezoneForm(StripWhitespaceForm):
 								    def __init__(self, *args, **kwargs):
 								        super(ChangePreferredTimezoneForm, self).__init__(*args, **kwargs)
-												Just removing the default selection

											
										
										
											2024-02-08 15:10:07 -05:00
+								        self.new_preferred_timezone.choices = [
 								            ("America/Puerto_Rico", "America/Puerto_Rico"),
 								            ("US/Eastern", "US/Eastern"),
 								            ("US/Central", "US/Central"),
 								            ("US/Mountain", "US/Mountain"),
 								            ("US/Pacific", "US/Pacific"),
 								            ("US/Alaska", "US/Alaska"),
 								            ("US/Hawaii", "US/Hawaii"),
 								            ("US/Aleutian", "US/Aleutian"),
 								            ("US/Samoa", "US/Samoa"),
 								        ]
-												notify-admin-931

											
										
										
											2023-12-04 14:52:48 -08:00
-												Just removing the default selection

											
										
										
											2024-02-08 15:10:07 -05:00
+								    new_preferred_timezone = GovukRadiosField(
 								        "What timezone would you like to use?",
 								    )
-												notify-admin-931

											
										
										
											2023-12-04 14:52:48 -08:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ChangeEmailForm(StripWhitespaceForm):
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								    def __init__(self, validate_email_func, *args, **kwargs):
 								        self.validate_email_func = validate_email_func
 								        super(ChangeEmailForm, self).__init__(*args, **kwargs)
-												Add loops for changing each part of your profile

This commit adds a page or series of pages for changing your:

Name              | Email address     | Mobile number     | Password
------------------|-------------------|-------------------|------------
Enter new value   | Enter new value   | Enter new value   | Enter new value
                  | Enter 2fa code    | Enter 2fa code    |
Return to profile | Return to profile | Return to profile | Return to profile

(each row is a page)

											
										
										
											2016-01-12 10:28:14 +00:00
+								    email_address = email_address()
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								    def validate_email_address(self, field):
-												Stop errors when changing an email address to an invalid one

We use the `ChangeEmailForm` if you want to change your own email
address or someone else's email address. This has various validators
which get run. We check if the email address is valid (by using a
function from utils) and if the email address is already in use
(by calling API).

If the email address is not valid, we should not call API to see if it's
already in use because this will cause an exception in API leading to a
`500` in admin. We now only call API if there were no other errors with
the email address.

(The `test_should_redirect_after_name_change` test didn't need the
`mock_email_is_not_already_in_use` fixture, so this has been removed.)

											
										
										
											2021-12-10 16:56:08 +00:00
+								        # The validate_email_func can be used to call API to check if the email address is already in
 								        # use. We don't want to run that check for invalid email addresses, since that will cause an error.
 								        # If there are any other validation errors on the email_address, we should skip this check.
 								        if self.email_address.errors:
 								            return
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								        is_valid = self.validate_email_func(field.data)
-												invite-team-members

											
										
										
											2018-02-19 16:53:29 +00:00
+								        if is_valid:
-												Working tests, hopefully all code changes done.

											
										
										
											2016-01-27 12:22:32 +00:00
+								            raise ValidationError("The email address is already in use")
-												Add loops for changing each part of your profile

This commit adds a page or series of pages for changing your:

Name              | Email address     | Mobile number     | Password
------------------|-------------------|-------------------|------------
Enter new value   | Enter new value   | Enter new value   | Enter new value
                  | Enter 2fa code    | Enter 2fa code    |
Return to profile | Return to profile | Return to profile | Return to profile

(each row is a page)

											
										
										
											2016-01-12 10:28:14 +00:00
-												Allow non-gov email addresses to be changed to gov email addresses

When a user's email address is updated, we not allowing it to be changed
to a non-government email address. We now allow a non-gov email address
to be changed to another non-gov email address. Government email
addresses still cannot be changed to non-government email addresses.

Also fixes the link in the error message on the ChangeEmailAddress form -
this was being escaped before.

											
										
										
											2019-04-18 16:03:13 +01:00
+								class ChangeNonGovEmailForm(ChangeEmailForm):
 								    email_address = email_address(gov_user=False)
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ChangeMobileNumberForm(StripWhitespaceForm):
-												Let users register with int’national phone numbers

Right now Notify restricts you to registering with a UK mobile number.
This is because when we built the user registration stuff we couldn’t
send to international mobiles.

However we can send to international mobile numbers, and it’s totally
reasonable to expect employees of the UK government to be working
abroad, and have a foreign mobile phone – we’ve heard from one such
user.

So this commit:
- changes all places where users enter their own phone number to use
  the validation function which allows international phone numbers
- renames the `mobile_number` validation to `uk_mobile_number` to make
  it explicit, and force it to break the tests if there’s somewhere it’s
  being used that I haven’t thought of

											
										
										
											2017-08-29 14:52:24 +01:00
+								    mobile_number = international_phone_number()
-												Add loops for changing each part of your profile

This commit adds a page or series of pages for changing your:

Name              | Email address     | Mobile number     | Password
------------------|-------------------|-------------------|------------
Enter new value   | Enter new value   | Enter new value   | Enter new value
                  | Enter 2fa code    | Enter 2fa code    |
Return to profile | Return to profile | Return to profile | Return to profile

(each row is a page)

											
										
										
											2016-01-12 10:28:14 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ChooseTimeForm(StripWhitespaceForm):
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								    def __init__(self, *args, **kwargs):
 								        super(ChooseTimeForm, self).__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.scheduled_for.choices = [("", "Now")] + [
 								            get_time_value_and_label(hour)
 								            for hour in get_next_hours_until(get_furthest_possible_scheduled_time())
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								        ]
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.scheduled_for.categories = get_next_days_until(
 								            get_furthest_possible_scheduled_time()
 								        )
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
-												Make radioSelect use GOVUK Frontend radios

Includes changing the code so that the radios
aren't split into two columns in the HTML present
when the page loads. This layout is now added by
the JS.

											
										
										
											2021-01-26 15:43:59 +00:00
+								    scheduled_for = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "When should Notify send these messages?",
 								        default="",
-												Add a component for picking the time to send a job

Users need to pick a time in the next 24hrs, or send a file immediately.

Rationale for this is a bit lost in time-before-holiday, but generally:

‘Now’ and ‘later’ as the inital choices makes it really clear what
this feature is about conceptually.

The choice of times is absolute, eg ‘1pm’ not ‘in 3 hours’

											
										
										
											2016-08-07 09:17:49 +01:00
+								    )
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class CreateKeyForm(StripWhitespaceForm):
-												Make existing_keys a required argument

Because we should always expect its presence, even it’s an empty list.
And because having mutable default arguments can have nasty side
effects.

											
										
										
											2018-11-13 14:27:01 +00:00
+								    def __init__(self, existing_keys, *args, **kwargs):
-												Move data transformation into the form

Follows what we’re doing with the folders stuff. Avoids having too many
very straightforward methods on the model. Especially when the data they
need is only used by the form. So it’s better to encapsulate the logic
in the form.

											
										
										
											2018-11-13 09:57:17 +00:00
+								        self.existing_key_names = [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            key["name"].lower() for key in existing_keys if not key["expiry_date"]
-												Move data transformation into the form

Follows what we’re doing with the folders stuff. Avoids having too many
very straightforward methods on the model. Especially when the data they
need is only used by the form. So it’s better to encapsulate the logic
in the form.

											
										
										
											2018-11-13 09:57:17 +00:00
+								        ]
 								        super().__init__(*args, **kwargs)
-												Added a validator so that the key name is unique per service.

											
										
										
											2016-01-21 14:15:36 +00:00
-												Convert create API key radios to GOVUK Frontend

											
										
										
											2021-01-12 15:04:54 +00:00
+								    key_type = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Type of key",
 								        thing="the type of key",
-												Add radio buttons for choosing the API key type

Best-guess wording for what the labels and question should be.

Adds a macro for rendering radio buttons from a WTForms field.

											
										
										
											2016-06-29 17:10:49 +01:00
+								    )
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    key_name = GovukTextInputField(
 								        "Name for this key",
 								        validators=[DataRequired(message="You need to give the key a name")],
 								    )
-												Added a validator so that the key name is unique per service.

											
										
										
											2016-01-21 14:15:36 +00:00
 								    def validate_key_name(self, key_name):
-												Validation on key name is case insenstive

											
										
										
											2016-01-21 16:52:01 +00:00
+								        if key_name.data.lower() in self.existing_key_names:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise ValidationError("A key with this name already exists")
-												Feedback page working with all tests passing.

Updated to include team id.

Give Feedback -> Give feedback

											
										
										
											2016-04-19 13:51:16 +01:00
-												Move the ‘estimated usage’ questions

We get a bunch of requests to go live where people have told us they're
going to send email but there is no email reply-to address present.

These come from 2 scenarios:

1. when there are email templates, and no reply to address – but they
   ignore the checklist
2. when there are no email templates (yet) but they provide anticipated
   volumes for email

At the moment we only auto-check for a reply to address when they have
email templates. And because the question about anticipated volumes
follows the checklist, you'll get a checklist that passes (reply
addresses not required as no templates present) - but your future intent
that differs (reply address IS required because you have anticipated
volumes).

So let’s bring the request for anticipated volumes into the checklist,
that way we can dynamically add the requirement for a reply to address
if they say they will send email but don't have templates yet.

We should begin storing it in the database against the service to stop
people having to re-enter it each time they try to complete the go live
screens.

This also means moving the ‘consent to research question’ along with
the questions about volume, because
- we want people to answer both before going live
- we don’t want to clutter up the summary page by asking questions there
  too

											
										
										
											2019-02-15 11:03:19 +00:00
+								class EstimateUsageForm(StripWhitespaceForm):
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								    volume_email = ForgivingIntegerField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "How many emails do you expect to send in the next year?",
 								        things="emails",
 								        format_error_suffix="you expect to send",
-												Made the request to go live fields mandatory
											
										
										
											2016-10-24 15:46:22 +01:00
+								    )
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								    volume_sms = ForgivingIntegerField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "How many text messages do you expect to send in the next year?",
 								        things="text messages",
 								        format_error_suffix="you expect to send",
-												Fix casing and multi-line stuff

											
										
										
											2016-10-24 13:38:55 +01:00
+								    )
-												Convert radios on research consent (basic)

											
										
										
											2020-06-26 21:56:08 +01:00
+								    consent_to_research = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Can we contact you when we’re doing user research?",
-												Add question about research consent

Since GDPR came into effect it’s less clear about whether we can
contact teams for user research purposes.

If we make people opt-in (or not) we know we’re safe to contact them (or
not).

Since we mostly care about how services are using Notify for real (ie
live services) or services that are considering adopting it (ie those
who have contacted us with a question) it feels like the go-live process
is the most appropriate place to collect this consent.

											
										
										
											2018-08-30 11:51:34 +01:00
+								        choices=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            ("yes", "Yes"),
 								            ("no", "No"),
-												Add question about research consent

Since GDPR came into effect it’s less clear about whether we can
contact teams for user research purposes.

If we make people opt-in (or not) we know we’re safe to contact them (or
not).

Since we mostly care about how services are using Notify for real (ie
live services) or services that are considering adopting it (ie those
who have contacted us with a question) it feels like the go-live process
is the most appropriate place to collect this consent.

											
										
										
											2018-08-30 11:51:34 +01:00
+								        ],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        thing="yes or no",
-												Convert radios on research consent (basic)

											
										
										
											2020-06-26 21:56:08 +01:00
+								        param_extensions={
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "hint": {
 								                "text": "You do not have to take part and you can unsubscribe at any time"
 								            }
 								        },
-												Add question about research consent

Since GDPR came into effect it’s less clear about whether we can
contact teams for user research purposes.

If we make people opt-in (or not) we know we’re safe to contact them (or
not).

Since we mostly care about how services are using Notify for real (ie
live services) or services that are considering adopting it (ie those
who have contacted us with a question) it feels like the go-live process
is the most appropriate place to collect this consent.

											
										
										
											2018-08-30 11:51:34 +01:00
+								    )
-												Added provider management pages in.

- see priority
- change priority

											
										
										
											2016-05-11 09:43:55 +01:00
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								    at_least_one_volume_filled = True
 								    def validate(self, *args, **kwargs):
-												big commit with letters removal

											
										
										
											2022-12-05 15:33:44 -05:00
+								        if self.volume_email.data == self.volume_sms.data == 0:
-												Make answers to volume questions optional

It’s annoying and very ‘computer says no’ to make people type `0` in a
box. We can see from our analytics that this error is affecting about 7%
of users trying to go live.

This commit relaxes the validation to only require a number greater than
1 for at least one of the questions.

It also lets people enter their numbers comma-separated – like our
examples suggest – but normalises them to integers before sending them
over to the API.

											
										
										
											2019-02-15 13:34:29 +00:00
+								            self.at_least_one_volume_filled = False
 								            return False
 								        return super().validate(*args, **kwargs)
-												Added provider management pages in.

- see priority
- change priority

											
										
										
											2016-05-11 09:43:55 +01:00
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
+								class ServiceContactDetailsForm(StripWhitespaceForm):
 								    contact_details_type = RadioField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Type of contact details",
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
+								        choices=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            ("url", "Link"),
 								            ("email_address", "Email address"),
 								            ("phone_number", "Phone number"),
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
+								        ],
-												Add page to change a service's contact link

Added a page which lets users with the 'manage_service' permission change the
contact link for their service. There are no links to this page yet
since only services using document download will need to set a contact
link.

											
										
										
											2018-06-05 10:37:41 +01:00
+								    )
-												Update ServiceContactDetailsForm with new fields

Changes its:
- StringFields to GovukTextInputFields
- EmailFields to GovukEmailFields

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 12:21:05 +01:00
+								    url = GovukTextInputField("URL")
 								    email_address = GovukEmailField("Email address")
-												Add comment explaining use of textbox for tel

											
										
										
											2020-08-13 11:40:09 +01:00
+								    # This is a text field because the number provided by the user can also be a short code
-												Update ServiceContactDetailsForm with new fields

Changes its:
- StringFields to GovukTextInputFields
- EmailFields to GovukEmailFields

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 12:21:05 +01:00
+								    phone_number = GovukTextInputField("Phone number")
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
-												Update utils for improved logging

											
										
										
											2023-04-26 11:24:01 -04:00
+								    def validate(self, extra_validators=None):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        if self.contact_details_type.data == "url":
 								            self.url.validators = [DataRequired(), URL(message="Must be a valid URL")]
 								        elif self.contact_details_type.data == "email_address":
 								            self.email_address.validators = [
 								                DataRequired(),
 								                Length(min=5, max=255),
 								                ValidEmail(),
 								            ]
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        elif self.contact_details_type.data == "phone_number":
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
 								            def valid_phone_number(self, num):
 								                try:
-												Replace UK phone numbers in tests with US numbers

											
										
										
											2022-12-22 22:11:07 -05:00
+								                    validate_phone_number(num.data, international=True)
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
+								                    return True
 								                except InvalidPhoneError:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                    raise ValidationError("Must be a valid phone number")
 								            self.phone_number.validators = [
 								                DataRequired(),
 								                Length(min=5, max=20),
 								                valid_phone_number,
 								            ]
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
-												Update utils for improved logging

											
										
										
											2023-04-26 11:24:01 -04:00
+								        return super().validate(extra_validators)
-												Allow service contact details to be phone number, email or url

Service contact details are needed if the upload document permission is
enabled - this used to be a link but services can now choose to use a
link, email address or phone number. The form to add or change service
contact details now gives these options and validates the data according
to the type of contact details provided.

When validating phone numbers we can't use the existing validation
because we want to allow landlines too, so there is a basic check that
the phone number is the right length and doesn't include certain
characters.

											
										
										
											2018-08-09 11:59:05 +01:00
-												Add page to change a service's contact link

Added a page which lets users with the 'manage_service' permission change the
contact link for their service. There are no links to this page yet
since only services using document download will need to set a contact
link.

											
										
										
											2018-06-05 10:37:41 +01:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ServiceReplyToEmailForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    email_address = email_address(label="Reply-to email address", gov_user=False)
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    is_default = GovukCheckboxField("Make this email address the default")
-												Users can set a value that appears as the sender of a text message.

It can be up to eleven characters alpha numeric, no special characters
allowed.

											
										
										
											2016-07-01 13:47:22 +01:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ServiceSmsSenderForm(StripWhitespaceForm):
-												Update ServiceSmsSenderForm with new fields

Changes its StringField to GovukTextInputField.

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-04 16:58:04 +01:00
+								    sms_sender = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Text message sender",
-												Add some explaining to the SMS sender page

											
										
										
											2016-08-22 16:10:57 +01:00
+								        validators=[
-												Replace can't with cannot
											
										
										
											2019-09-12 16:42:33 +01:00
+								            DataRequired(message="Cannot be empty"),
-												Refactor to use validator class

Using a separate validator class to check for appropriate characters in
a text message sender means that we’re not doing this validation in a
different way from the other checks (length and required). So the code
is cleaner.

											
										
										
											2018-01-31 10:26:37 +00:00
+								            Length(max=11, message="Enter 11 characters or fewer"),
-												Reduce min sender length from 4 to 3

This is now supported at the network and aggregator level

											
										
										
											2020-04-21 12:51:54 +01:00
+								            Length(min=3, message="Enter 3 characters or more"),
-												Allow straight single quote in sms sender names

This is so we can allow the sender name 'UC' for DWP.

Note, this is specifically only straight single quotes and not curly
quotes or double quotes. Curly quotes are not supported in the GSM
character set (https://en.wikipedia.org/wiki/GSM_03.38). There is
currently no defined user ask to support double quotes in sms sender
names.

I have tested this by sending a message through both Firetext and MMG to
make sure they both support the single quote character in SMS sender
names.

DWP also have had no particular issues using the SMS sender name with
their existing system in the past either.

											
										
										
											2021-07-26 15:10:57 +01:00
+								            LettersNumbersSingleQuotesFullStopsAndUnderscoresOnly(),
-												Update SMS sender validation to reject senders starting with 00

Having SMS senders that start with 00 can cause issues with Firetext due
to Firetext's validation rules, so we shouldn't allow SMS senders to start
with 00.

Firetext treats a double 00 at the start of the senderID as an international
prefix, so removes them. A sender of 00447876574016 would become 447876574016.

Under Firetext's validation rules, an SMS sender of five 0s (00000) would
become  4400. This is because the first 00 are removed (as the international
prefix). The third 0 is seen as the start of a phone number, and becomes 44,
leaving the final 00 = 4400.

											
										
										
											2018-02-28 11:50:41 +00:00
+								            DoesNotStartWithDoubleZero(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        ],
-												Add some explaining to the SMS sender page

											
										
										
											2016-08-22 16:10:57 +01:00
+								    )
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    is_default = GovukCheckboxField("Make this text message sender the default")
-												Users can set a value that appears as the sender of a text message.

It can be up to eleven characters alpha numeric, no special characters
allowed.

											
										
										
											2016-07-01 13:47:22 +01:00
-												Add a page to set organisation and branding option

Platform admin only.

Adds radio buttons to choose one of:
- three hard-coded branding options
- organisations from a list provided by the API

											
										
										
											2016-08-08 10:28:40 +01:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class ServiceEditInboundNumberForm(StripWhitespaceForm):
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    is_default = GovukCheckboxField("Make this text message sender the default")
-												Fixed broken edit functionality

											
										
										
											2017-10-30 14:30:43 +00:00
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminNotesForm(StripWhitespaceForm):
-												'Change' link links to edit_service_notes

											
										
										
											2021-01-14 18:00:44 +00:00
+								    notes = TextAreaField(validators=[])
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminBillingDetailsForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    billing_contact_email_addresses = GovukTextInputField("Contact email addresses")
 								    billing_contact_names = GovukTextInputField("Contact names")
 								    billing_reference = GovukTextInputField("Reference")
 								    purchase_order_number = GovukTextInputField("Purchase order number")
-												Add notes to edit billing details page

As per ticket and as per Caley's request, so everything can be
edited together.

Also pluralise labels for billing contact info, to indicate
that putting multiple in is ok, and widen the input fields so
that it is more comfortable to input multiple contact details.

											
										
										
											2021-01-27 18:20:25 +00:00
+								    notes = TextAreaField(validators=[])
-												Change service billing details

View page that lets you change service billing details and
update details on form submission.

											
										
										
											2021-01-25 15:40:49 +00:00
-												Add a new boolean radios fields and change forms to use it

This adds a new OnOffField class that implements a boolean field
that is rendered as two On / Off radio buttons. This allows us to
avoid comparing 'on' and 'off' string values in the views since
the field takes care of transforming form data into python booleans.

This also adds a form class that can be used for any single On / Off
switch forms (e.g. service permissions).

											
										
										
											2019-02-18 16:27:53 +00:00
+								class ServiceOnOffSettingForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    def __init__(self, name, *args, truthy="On", falsey="Off", **kwargs):
-												Let users switch channels on and off by themselves

We let people do this for letters already. We should let them do it for
emails and texts too, rather than have to email us.

											
										
										
											2019-01-29 14:51:31 +00:00
+								        super().__init__(*args, **kwargs)
-												Add a new boolean radios fields and change forms to use it

This adds a new OnOffField class that implements a boolean field
that is rendered as two On / Off radio buttons. This allows us to
avoid comparing 'on' and 'off' string values in the views since
the field takes care of transforming form data into python booleans.

This also adds a form class that can be used for any single On / Off
switch forms (e.g. service permissions).

											
										
										
											2019-02-18 16:27:53 +00:00
+								        self.enabled.label.text = name
-												Allow excluding services from live services count

Adds a front end for:
https://github.com/alphagov/notifications-api/pull/2417

> Sometimes we have to make a few services for what really is one
> service, for example GOV.UK Pay and GOV.UK Pay Direct Debit. We also
> have our own test services which aren’t included in the count of live
> services. We currently count these as one service by not including
> them in the beta partners spreadsheet.

											
										
										
											2019-03-25 14:46:42 +00:00
+								        self.enabled.choices = [
 								            (True, truthy),
 								            (False, falsey),
 								        ]
-												Add a new boolean radios fields and change forms to use it

This adds a new OnOffField class that implements a boolean field
that is rendered as two On / Off radio buttons. This allows us to
avoid comparing 'on' and 'off' string values in the views since
the field takes care of transforming form data into python booleans.

This also adds a form class that can be used for any single On / Off
switch forms (e.g. service permissions).

											
										
										
											2019-02-18 16:27:53 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    enabled = OnOffField("Choices")
-												Add a new boolean radios fields and change forms to use it

This adds a new OnOffField class that implements a boolean field
that is rendered as two On / Off radio buttons. This allows us to
avoid comparing 'on' and 'off' string values in the views since
the field takes care of transforming form data into python booleans.

This also adds a form class that can be used for any single On / Off
switch forms (e.g. service permissions).

											
										
										
											2019-02-18 16:27:53 +00:00
 								class ServiceSwitchChannelForm(ServiceOnOffSettingForm):
 								    def __init__(self, channel, *args, **kwargs):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        name = "Send {}".format(
 								            {
 								                "email": "emails",
 								                "sms": "text messages",
 								            }.get(channel)
 								        )
-												Allows services to choose if they can send letters

Our support ticket analysis shows that the most common action request
after going live is turning on letters.

We just do this for any team that requests it – there’s no gatekeeping.
So we should just allow people to make the change themselves.

This will be a better experience for our users, and less work for us.
The design of the page replicates roughly what we have for international
text messaging.

											
										
										
											2018-01-19 13:45:54 +00:00
-												Add a new boolean radios fields and change forms to use it

This adds a new OnOffField class that implements a boolean field
that is rendered as two On / Off radio buttons. This allows us to
avoid comparing 'on' and 'off' string values in the views since
the field takes care of transforming form data into python booleans.

This also adds a form class that can be used for any single On / Off
switch forms (e.g. service permissions).

											
										
										
											2019-02-18 16:27:53 +00:00
+								        super().__init__(name, *args, **kwargs)
-												Allows services to choose if they can send letters

Our support ticket analysis shows that the most common action request
after going live is turning on letters.

We just do this for any team that requests it – there’s no gatekeeping.
So we should just allow people to make the change themselves.

This will be a better experience for our users, and less work for us.
The design of the page replicates roughly what we have for international
text messaging.

											
										
										
											2018-01-19 13:45:54 +00:00
-												Add page to create new letter branding

This has a form with 3 fields - the file upload field, logo name, and an
optional logo domain. Logos need to be uploaded in `.svg` format and we
then convert this to `.png` format and upload both file types to S3 as
well as saving the letter branding details in the database.

											
										
										
											2019-01-31 16:56:35 +00:00
+								class SVGFileUpload(StripWhitespaceForm):
 								    file = FileField_wtf(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Upload an SVG logo",
-												Add page to create new letter branding

This has a form with 3 fields - the file upload field, logo name, and an
optional logo domain. Logos need to be uploaded in `.svg` format and we
then convert this to `.png` format and upload both file types to S3 as
well as saving the letter branding details in the database.

											
										
										
											2019-01-31 16:56:35 +00:00
+								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            FileAllowed(["svg"], "SVG Images only!"),
-												Do not allow to upload SVG logos with embedded raster images in them

Those are for example png or jpg images. They do not render properly.

											
										
										
											2020-03-04 14:25:14 +00:00
+								            DataRequired(message="You need to upload a file to submit"),
-												Don’t allow `<text>` elements in letter logos

To render text in an SVG consistently the system rendering the SVG must
have the fonts specified by the SVG installed.

If the fonts are not installed then the renderer will fall back to a
system font and the text will look different. This is especially bad
news for branding where the right font is an integral part of any brand.

To fix this, the text should instead be converted to `<path>` elements.
This process is sometimes called ‘outlining’.

A few of our logos had this problem, and I’ve fixed most of them by
hand. Adding this validation will stop the problem, coming up again.

											
										
										
											2022-01-06 11:21:12 +00:00
+								            NoEmbeddedImagesInSVG(),
 								            NoTextInSVG(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        ],
-												Add page to create new letter branding

This has a form with 3 fields - the file upload field, logo name, and an
optional logo domain. Logos need to be uploaded in `.svg` format and we
then convert this to `.png` format and upload both file types to S3 as
well as saving the letter branding details in the database.

											
										
										
											2019-01-31 16:56:35 +00:00
+								    )
-												Convert ListEntry component to use new fields

ListEntry component uses FieldList field to group
textboxes. Textboxes can be text inputs, email fields
or international phone number fields. This converts
all field-lists to use:

- GovukTextInputField
- GovukEmailField
- InternationalPhoneNumber

Affects these forms:
- OrganisationDomainsForm
- GuestList

Also changes to related Javascript:

Update list-entry JS tests to match new HTML

Updates the HTML the JS operates on in the test
(a fixture representing the HTML in the page on
load) to match the new GOVUK Frontend we are
generating.

Make list-entry JS work with GOVUK Frontend HTML

The existing list-entry JS did a few things that
clashed with how the new HTML works:
- added a 'input-' prefix to the id attributes
  of all text-inputs
- did not make its name and id attributes values
  match

The new HTML has id and name attributes that
match so these changes remove the prefix for id
attributes and makes them match the name
attribute.

To understand these changes, it is useful to
know how the values for id and name attributes are
generated:
1. the id attribute for the component element is
   stored
2. the 'list-entry-' prefix is removed and the
   remainder is used to generate ids

For example, if the component's id is
'list-entry-domains', the id will be 'domains-1',
where the text-input is the first one.

This also adds some logic to the HoganJS template
to make the value attribute optional, so it is
only added if it has a non-null value. This
matches the behaviour of the text-input component
used in the new list-entry component.

Also change whitelist references to guestlist in tests
- we forgot to do it earlier, when we moved from calling this
feature whitelist to calling it guestlist.

											
										
										
											2020-08-07 10:48:21 +01:00
+								class EmailFieldInGuestList(GovukEmailField, StripWhitespaceStringField):
-												Make whitespace stripping work for whitelists too

It’s a bit hacky, but it fixes a potential issue for users.

Code adapted from:
https://github.com/alphagov/digitalmarketplace-utils/commit/2c34f678ab4a34eaa1c510c91dacfc210343f389

											
										
										
											2017-12-11 16:22:37 +00:00
+								    pass
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								class InternationalPhoneNumberInGuestList(
 								    InternationalPhoneNumber, StripWhitespaceStringField
 								):
-												Make whitespace stripping work for whitelists too

It’s a bit hacky, but it fixes a potential issue for users.

Code adapted from:
https://github.com/alphagov/digitalmarketplace-utils/commit/2c34f678ab4a34eaa1c510c91dacfc210343f389

											
										
										
											2017-12-11 16:22:37 +00:00
+								    pass
-												Rename form objects to remove the term ‘whitelist’

See c31264d4c for rationale. To avoid confusion the codebase should use
the same terminology as the UI.

											
										
										
											2020-06-12 09:02:40 +01:00
+								class GuestList(StripWhitespaceForm):
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								    def populate(self, email_addresses, phone_numbers):
-												Rename form objects to remove the term ‘whitelist’

See c31264d4c for rationale. To avoid confusion the codebase should use
the same terminology as the UI.

											
										
										
											2020-06-12 09:02:40 +01:00
+								        for form_field, existing_guest_list in (
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								            (self.email_addresses, email_addresses),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            (self.phone_numbers, phone_numbers),
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								        ):
-												Rename form objects to remove the term ‘whitelist’

See c31264d4c for rationale. To avoid confusion the codebase should use
the same terminology as the UI.

											
										
										
											2020-06-12 09:02:40 +01:00
+								            for index, value in enumerate(existing_guest_list):
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								                form_field[index].data = value
 								    email_addresses = FieldList(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        EmailFieldInGuestList("", validators=[Optional(), ValidEmail()], default=""),
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								        min_entries=5,
 								        max_entries=5,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        label="Email addresses",
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								    )
 								    phone_numbers = FieldList(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        InternationalPhoneNumberInGuestList("", validators=[Optional()], default=""),
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								        min_entries=5,
 								        max_entries=5,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        label="Mobile numbers",
-												Add a page to manage a service’s whitelist

Services who are in alpha or building prototypes need a way of sending
to any email address or phone number without having to sign the MOU.

This commit adds a page where they can whitelist up to 5 email addresses
and 5 phone numbers.

It uses the ‘list entry’ UI pattern from the Digital Marketplace
frontend toolkit [1] [2] [3].

I had to do some modification:
- of the Javascript, to make it work with the GOV.UK Module pattern
- of the template to make it work with WTForms
- of the content security policy, because the list entry pattern uses
  Hogan[1], which needs to use `eval()` (this should be fine if we’re
  only allowing it for scripts that we serve)
- of our SASS lint config, to allow browser-targeting mixins to come
  after normal rules (so that they can override them)

This commit also adds a new form class to validate and populate the two
whitelists. The validation is fairly rudimentary at the moment, and
doesn’t highlight which item in the list has the error, but it’s
probably good enough.

The list can only be updated all-at-once, this is how it’s possible to
remove items from the list without having to make multiple `POST`
requests.

1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html
2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss
3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js
4. http://twitter.github.io/hogan.js/

											
										
										
											2016-09-20 12:30:00 +01:00
+								    )
-												Add date filter for platform admin page.

											
										
										
											2017-01-03 10:45:06 +00:00
-												Get the BooleanField working in the form.

											
										
										
											2017-01-03 16:14:25 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class DateFilterForm(StripWhitespaceForm):
-												Convert DateFields to GovukDateFields

Changes those fields in the following forms:
- DateFilterForm
- RequiredDateFilterForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:24:56 +01:00
+								    start_date = GovukDateField("Start Date", [validators.optional()])
 								    end_date = GovukDateField("End Date", [validators.optional()])
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    include_from_test_key = GovukCheckboxField("Include test keys")
-												Merge email, text message + letter templates pages

Right now we have separate pages for email and text message templates.
In the future we will also have a separate page for letter templates.

This commit changes Notify to only have one page for all templates.

What is the problem?
---

The left-hand navigation is getting quite crowded, at 8 items for a
service that can send letters. Research suggests that the number of
objects an average human can hold in working memory is 7 ± 2 [1]. So
we’re at the limit of how many items the navigation should have.

In the future we will need to search/sort/filter templates by attributes
other than type, for example:
- show me the ‘confirmation’ templates
- show me the most recently used templates
- show me all templates containing the placeholder `((ref_no))`

These are hypothetical for now, but these needs (or others) may become
real in the future. At this point pre-filtering the list of templates
by type would restrict what searches a user could do. So by making this
change now we’re in a better position to iterate the design in the
future.

What’s the change?
---

This commit replaces the ‘Email templates’, ‘Text message templates’ and
‘Letter templates’ pages with one page called ‘Templates’.

This new templates page shows all the templates for the service, sorted
by most recently created first (as before).

To add a new template there is a new page with a form asking you what
kind of template you want to create. This is necessary because in the
past we knew what kind of template you wanted to create based on the
kind you were looking at.

What’s the impact of this change on new users?
---

This change alters the onboarding process slightly. We still want to
take people through the empty templates page from the call-to-action on
the dashboard because it helps them understand that to send a message
using Notify you need a template. But because we don’t have separate
pages for emails/text messages we will have to send users through the
extra step of choosing what kind of template to create. This is a bit
clunkier on first use but:

- it still gets the point across
- it takes them through the actual flow they will be using to create new
  templates in the future (ie they’re learning how to use Notify, not
  just being taken through a special onboarding route)

I’m not too worried about this change in terms of the experience for new
users. Furthermore, by making it now we get to validate whether it’s
causing any problems in the lab research booked for next week.

What’s the impact of this change on current services?
---

Looking at the top 15 services by number of templates[2], most are using
either text messages or emails. So this change would not have a
significant impact on these services because the page will not get any
longer. In other words we wouldn’t be making it worse for them.

Those services who do use both are not using as many templates. The
worst-case scenario is SSCS, who have 16 templates, evenly split between
email and text messages. So they would go from having 8 templates per
page to 16, which is still less than half the number that HMPO or
Digital Marketplace are managing.

References
---

1. https://en.wikipedia.org/wiki/The_Magical_Number_Seven,_Plus_or_Minus_Two

2. Template usage by service

Service name                           | Template count | Template types
---------------------------------------|----------------|---------------
Her Majesty's Passport Office          |             40 | sms
Digital Marketplace                    |             40 | email
GovWifi-Staging                        |             19 | sms
GovWifi                                |             18 | sms
Digital Apprenticeship Service         |             16 | email
SSCS                                   |             16 | both
Crown Commercial Service MI Collection |             15 | email
Help with Prison Visits                |             12 | both
Digital Future                         |             12 | email
Export Licensing Service               |             11 | email
Civil Money Claims                     |              9 | both
DVLA Drivers Medical Service           |              9 | sms
GOV.UK Notify                          |              8 | both
Manage your benefit overpayments       |              8 | both
Tax Renewals                           |              8 | both

											
										
										
											2017-02-28 12:16:35 +00:00
-												Add new report to show monthly notification stats for each service

This report will be used by the engagement team. There is a form to give
a start and end date for the report, and the form is then downloaded
as a CSV file when the form is submitted.

											
										
										
											2019-07-22 13:09:03 +01:00
+								class RequiredDateFilterForm(StripWhitespaceForm):
-												Convert DateFields to GovukDateFields

Changes those fields in the following forms:
- DateFilterForm
- RequiredDateFilterForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:24:56 +01:00
+								    start_date = GovukDateField("Start Date")
 								    end_date = GovukDateField("End Date")
-												Add new report to show monthly notification stats for each service

This report will be used by the engagement team. There is a form to give
a start and end date for the report, and the form is then downloaded
as a CSV file when the form is submitted.

											
										
										
											2019-07-22 13:09:03 +01:00
-												Hint that report is inclusive of both start date and end date

Bu changing labels for date input fields.

											
										
										
											2022-01-28 15:43:58 +00:00
+								class BillingReportDateFilterForm(StripWhitespaceForm):
 								    start_date = GovukDateField("First day covered by report")
 								    end_date = GovukDateField("Last day covered by report")
-												remove option for branding to sometimes not show search

it wouldn't show search if there were under a certain amount of letter
or email branding options - however we know there will always be more
than that amount so lets remove some complexity.

Also, rename the SearchTemplatesForm because it can search anything -
it just prompts you to search by name is all.

											
										
										
											2019-02-06 17:32:13 +00:00
+								class SearchByNameForm(StripWhitespaceForm):
-												Convert SearchFields to GovukSearchFields

Changes those fields in the following forms:
- SearchByNameForm
- SearchUsersByEmailForm
- SearchUsersForm
- SearchNotificationsForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:16:24 +01:00
+								    search = GovukSearchField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Search by name",
 								        validators=[
 								            DataRequired("You need to enter full or partial name to search by.")
 								        ],
-												Require data on search by name form

This lets us build leaner views when using this form.

											
										
										
											2019-08-15 12:41:46 +01:00
+								    )
-												Show one field at a time on send yourself a test

The send yourself a test feature is useful for two things:
- constructing an email/text message/letter without uploading a CSV file
- seeing what the thing your going to send will look like (either by
  getting it in your inbox or downloading the PDF)
- learning the concept of placeholders, ie understanding they’re thing
  that gets populated with _stuff_

The problem we’re seeing is that the current UI breaks when a template
has a lot of placeholders. This is especially apparent with letter
templates, which have a minimum of 7 placeholders by virtue of the
address.

The idea behind having the form fields side-by-side was to help people
understand the relationship between their spreadsheet columns and the
placeholders. But this means that the page was doing a lot of work,
trying to teach:
- replacement of placeholders
- link between placeholders and spreadsheet columns

The latter is better explained by the example spreadsheet shown on the
upload page. So it can safely be removed from the send yourself a test
page – in other words the fields don’t need to be shown side by side.

Showing them one-at-a-time works well because:
- it’s really obvious, even on first use, what the page is asking you to
  do
- as your step through each placeholder, you see the message build up
  with the data you’ve entered – you’re learning how replacement of
  placeholders works by repetition

This also means adding a matching endpoint for viewing each step of
making the test letter as a PDF/PNG because we can’t reuse the view of
the template without any placeholders filled any more.

											
										
										
											2017-05-04 09:30:55 +01:00
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminSearchUsersByEmailForm(StripWhitespaceForm):
-												Convert SearchFields to GovukSearchFields

Changes those fields in the following forms:
- SearchByNameForm
- SearchUsersByEmailForm
- SearchUsersForm
- SearchNotificationsForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:16:24 +01:00
+								    search = GovukSearchField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Search by name or email address",
-												Validate against empty form submission for find_users_by_email

This included:
- creating a new form SearchUsersByEmailForm with validation
on its search field

- introducing 400 status to the view  if the form does not validate

- fixing the POST request data structure in the tests (it was
incorrect before and uncaught due to lack of validation and mocking
the response from the API.

											
										
										
											2018-07-10 16:33:13 +01:00
+								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            DataRequired(
 								                "You need to enter full or partial email address to search by."
 								            )
-												Add view that displays user information, including:

- name
- email
- phone number
- services
- last login
- failed login attempts if any

The view can be accessed from results of find_users_by_email

logged_in_at added to User serialization on admin frontend as
a part of this work

											
										
										
											2018-07-10 17:24:20 +01:00
+								        ],
-												Validate against empty form submission for find_users_by_email

This included:
- creating a new form SearchUsersByEmailForm with validation
on its search field

- introducing 400 status to the view  if the form does not validate

- fixing the POST request data structure in the tests (it was
incorrect before and uncaught due to lack of validation and mocking
the response from the API.

											
										
										
											2018-07-10 16:33:13 +01:00
+								    )
-												Add search bar to team member list

Another thing we did for templates, when they started to get
unmanageable, was add a find-as-you type search. We’ve observed real
users interacting with this to great effect, so I think it makes sense
for users too.

Like for templates, it only shows up when there are more than 7, so that
it’s not clutter for teams who don’t have a lot of members.

											
										
										
											2018-01-26 17:21:06 +00:00
+								class SearchUsersForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    search = GovukSearchField("Search by name or email address")
-												Add search bar to team member list

Another thing we did for templates, when they started to get
unmanageable, was add a find-as-you type search. We’ve observed real
users interacting with this to great effect, so I think it makes sense
for users too.

Like for templates, it only shows up when there are more than 7, so that
it’s not clutter for teams who don’t have a lot of members.

											
										
										
											2018-01-26 17:21:06 +00:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class SearchNotificationsForm(StripWhitespaceForm):
-												Convert SearchFields to GovukSearchFields

Changes those fields in the following forms:
- SearchByNameForm
- SearchUsersByEmailForm
- SearchUsersForm
- SearchNotificationsForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:16:24 +01:00
+								    to = GovukSearchField()
-												Label the search box dependent on message type

It doesn’t make sense to say ‘Search by email address or phone number’
when you’re only looking at emails.

											
										
										
											2018-08-07 14:44:09 +01:00
 								    labels = {
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "email": "Search by email address",
 								        "sms": "Search by phone number",
-												Label the search box dependent on message type

It doesn’t make sense to say ‘Search by email address or phone number’
when you’re only looking at emails.

											
										
										
											2018-08-07 14:44:09 +01:00
+								    }
 								    def __init__(self, message_type, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
 								        self.to.label.text = self.labels.get(
 								            message_type,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "Search by phone number or email address",
-												Label the search box dependent on message type

It doesn’t make sense to say ‘Search by email address or phone number’
when you’re only looking at emails.

											
										
										
											2018-08-07 14:44:09 +01:00
+								        )
-												Add a form to filter notifications by recipient

Because manually editing the URL isn’t a great user interface, this
commit adds a search field to do this on the user’s behalf.

For this pass at the story it doesn’t do any validation – the user will
just get no results if they search by something which isn’t a phone
number or email address.

If the user navigates to a different ‘bucket’ of notifications (eg
delivered, failed) then the search term is reset, because they’ve
changed the filter which is at a level above the search term.

											
										
										
											2017-05-30 13:51:25 +01:00
-												Allow users of the API to search templates by ID

For someone who has retrieved a template ID from their system the only
way to find it in Notify is:
- hack the URL
- click through every template, visually inspecting the ID shown on the
  page until you find the right one

Neither of these is ideal.

This commit adds searching by ID, for those services who have an API
integration. This means we don’t need to confuse teams who aren’t using
the API by talking about IDs.

This is similar to how we let these teams search for notifications by
reference[1]

1. https://github.com/alphagov/notifications-admin/pull/3223/files

											
										
										
											2021-04-13 13:59:51 +01:00
+								class SearchTemplatesForm(StripWhitespaceForm):
 								    search = GovukSearchField()
 								    def __init__(self, api_keys, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
 								        self.search.label.text = (
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            "Search by name or ID" if api_keys else "Search by name"
-												Allow users of the API to search templates by ID

For someone who has retrieved a template ID from their system the only
way to find it in Notify is:
- hack the URL
- click through every template, visually inspecting the ID shown on the
  page until you find the right one

Neither of these is ideal.

This commit adds searching by ID, for those services who have an API
integration. This means we don’t need to confuse teams who aren’t using
the API by talking about IDs.

This is similar to how we let these teams search for notifications by
reference[1]

1. https://github.com/alphagov/notifications-admin/pull/3223/files

											
										
										
											2021-04-13 13:59:51 +01:00
+								        )
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class PlaceholderForm(StripWhitespaceForm):
-												Show one field at a time on send yourself a test

The send yourself a test feature is useful for two things:
- constructing an email/text message/letter without uploading a CSV file
- seeing what the thing your going to send will look like (either by
  getting it in your inbox or downloading the PDF)
- learning the concept of placeholders, ie understanding they’re thing
  that gets populated with _stuff_

The problem we’re seeing is that the current UI breaks when a template
has a lot of placeholders. This is especially apparent with letter
templates, which have a minimum of 7 placeholders by virtue of the
address.

The idea behind having the form fields side-by-side was to help people
understand the relationship between their spreadsheet columns and the
placeholders. But this means that the page was doing a lot of work,
trying to teach:
- replacement of placeholders
- link between placeholders and spreadsheet columns

The latter is better explained by the example spreadsheet shown on the
upload page. So it can safely be removed from the send yourself a test
page – in other words the fields don’t need to be shown side by side.

Showing them one-at-a-time works well because:
- it’s really obvious, even on first use, what the page is asking you to
  do
- as your step through each placeholder, you see the message build up
  with the data you’ve entered – you’re learning how replacement of
  placeholders works by repetition

This also means adding a matching endpoint for viewing each step of
making the test letter as a PDF/PNG because we can’t reuse the view of
the template without any placeholders filled any more.

											
										
										
											2017-05-04 09:30:55 +01:00
+								    pass
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminServiceInboundNumberForm(StripWhitespaceForm):
-												Added Multiple SMS sender functionality

											
										
										
											2017-10-24 15:37:44 +01:00
+								    def __init__(self, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.inbound_number.choices = kwargs["inbound_number_choices"]
-												Added Multiple SMS sender functionality

											
										
										
											2017-10-24 15:37:44 +01:00
-												Convert radios on set inbound page (basic)

											
										
										
											2020-06-30 15:13:42 +01:00
+								    inbound_number = GovukRadiosField(
-												Stop legend duplication on set-inbound-number

											
										
										
											2021-01-14 15:16:02 +00:00
+								        "Set inbound number",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        thing="an inbound number",
-												Added Multiple SMS sender functionality

											
										
										
											2017-10-24 15:37:44 +01:00
+								    )
-												Allow callbacks to be removed

We’ve had a user who’s said:

> Seems configured callbacks cannot be removed once they’re set as the
> fields have a presence check. Is that intentional?

This means it’s not working as they expect. Rather than have to go and
change stuff in the database for them, let’s make it work as they’d
expect.

Only lets you clear the form if you remove both the token and the URL.

											
										
										
											2018-04-26 17:23:44 +01:00
+								class CallbackForm(StripWhitespaceForm):
-												Consolidate callback forms and convert them to gov uk frontend

We had two identical callback form classes. One for delivery callbacks
and one for inbound sms callbacks. Since they did not differ I consolidated
them into one CallbackForm class that they both inherited from previously.

I also substituted field classes for this form with new fields
that cooperate with gov uk frontend.

											
										
										
											2020-08-03 15:10:02 +01:00
+								    url = GovukTextInputField(
-												refactor of api callbacks admin work

											
										
										
											2017-12-08 10:52:38 +00:00
+								        "URL",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators=[
 								            DataRequired(message="Cannot be empty"),
 								            Regexp(regex="^https.*", message="Must be a valid https URL"),
 								        ],
-												Allow service to set callback url for notifications

											
										
										
											2017-12-04 15:07:11 +00:00
+								    )
-												Consolidate callback forms and convert them to gov uk frontend

We had two identical callback form classes. One for delivery callbacks
and one for inbound sms callbacks. Since they did not differ I consolidated
them into one CallbackForm class that they both inherited from previously.

I also substituted field classes for this form with new fields
that cooperate with gov uk frontend.

											
										
										
											2020-08-03 15:10:02 +01:00
+								    bearer_token = GovukPasswordField(
-												Allow service to set callback url for notifications

											
										
										
											2017-12-04 15:07:11 +00:00
+								        "Bearer token",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators=[
 								            DataRequired(message="Cannot be empty"),
 								            Length(min=10, message="Must be at least 10 characters"),
 								        ],
-												Allow service to set callback url for notifications

											
										
										
											2017-12-04 15:07:11 +00:00
+								    )
-												Update utils for improved logging

											
										
										
											2023-04-26 11:24:01 -04:00
+								    def validate(self, extra_validators=None):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return super().validate(extra_validators) or self.url.data == ""
-												[WIP]
Page and form to persist the inbound api data for a service.

											
										
										
											2017-06-15 16:20:07 +01:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class SMSPrefixForm(StripWhitespaceForm):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    enabled = OnOffField("")  # label is assigned on instantiation
-												Allow updates to SMS prefixing setting

We’re extracting this from being determined based on what the sender
name is to its own setting.

This commit will let users set it independently.

Until the explicitly set it, it will still be determined based on
whether their default sender name matches the default for the platform.

											
										
										
											2017-11-03 15:01:41 +00:00
-												Show one field at a time on send yourself a test

The send yourself a test feature is useful for two things:
- constructing an email/text message/letter without uploading a CSV file
- seeing what the thing your going to send will look like (either by
  getting it in your inbox or downloading the PDF)
- learning the concept of placeholders, ie understanding they’re thing
  that gets populated with _stuff_

The problem we’re seeing is that the current UI breaks when a template
has a lot of placeholders. This is especially apparent with letter
templates, which have a minimum of 7 placeholders by virtue of the
address.

The idea behind having the form fields side-by-side was to help people
understand the relationship between their spreadsheet columns and the
placeholders. But this means that the page was doing a lot of work,
trying to teach:
- replacement of placeholders
- link between placeholders and spreadsheet columns

The latter is better explained by the example spreadsheet shown on the
upload page. So it can safely be removed from the send yourself a test
page – in other words the fields don’t need to be shown side by side.

Showing them one-at-a-time works well because:
- it’s really obvious, even on first use, what the page is asking you to
  do
- as your step through each placeholder, you see the message build up
  with the data you’ve entered – you’re learning how replacement of
  placeholders works by repetition

This also means adding a matching endpoint for viewing each step of
making the test letter as a PDF/PNG because we can’t reuse the view of
the template without any placeholders filled any more.

											
										
										
											2017-05-04 09:30:55 +01:00
+								def get_placeholder_form_instance(
 								    placeholder_name,
 								    dict_to_populate_from,
-												Don’t validate phone numbers when sending emails

If you have a placeholder called `((phone number))` in your email
template, and you try to send a one-off message then the form input will
attempt to validate your ‘phone number’.

This is not helpful if you’re trying to put a landline number in your
email, for example.

This only affects messages being sent through the one-off interface.

This commit makes the form be aware of template type, which fixes the
problem.

											
										
										
											2018-03-16 14:17:43 +00:00
+								    template_type,
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								    allow_international_phone_numbers=False,
-												Show one field at a time on send yourself a test

The send yourself a test feature is useful for two things:
- constructing an email/text message/letter without uploading a CSV file
- seeing what the thing your going to send will look like (either by
  getting it in your inbox or downloading the PDF)
- learning the concept of placeholders, ie understanding they’re thing
  that gets populated with _stuff_

The problem we’re seeing is that the current UI breaks when a template
has a lot of placeholders. This is especially apparent with letter
templates, which have a minimum of 7 placeholders by virtue of the
address.

The idea behind having the form fields side-by-side was to help people
understand the relationship between their spreadsheet columns and the
placeholders. But this means that the page was doing a lot of work,
trying to teach:
- replacement of placeholders
- link between placeholders and spreadsheet columns

The latter is better explained by the example spreadsheet shown on the
upload page. So it can safely be removed from the send yourself a test
page – in other words the fields don’t need to be shown side by side.

Showing them one-at-a-time works well because:
- it’s really obvious, even on first use, what the page is asking you to
  do
- as your step through each placeholder, you see the message build up
  with the data you’ve entered – you’re learning how replacement of
  placeholders works by repetition

This also means adding a matching endpoint for viewing each step of
making the test letter as a PDF/PNG because we can’t reuse the view of
the template without any placeholders filled any more.

											
										
										
											2017-05-04 09:30:55 +01:00
+								):
-												Don’t validate phone numbers when sending emails

If you have a placeholder called `((phone number))` in your email
template, and you try to send a one-off message then the form input will
attempt to validate your ‘phone number’.

This is not helpful if you’re trying to put a landline number in your
email, for example.

This only affects messages being sent through the one-off interface.

This commit makes the form be aware of template type, which fixes the
problem.

											
										
										
											2018-03-16 14:17:43 +00:00
+								    if (
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        InsensitiveDict.make_key(placeholder_name) == "emailaddress"
 								        and template_type == "email"
-												Don’t validate phone numbers when sending emails

If you have a placeholder called `((phone number))` in your email
template, and you try to send a one-off message then the form input will
attempt to validate your ‘phone number’.

This is not helpful if you’re trying to put a landline number in your
email, for example.

This only affects messages being sent through the one-off interface.

This commit makes the form be aware of template type, which fixes the
problem.

											
										
										
											2018-03-16 14:17:43 +00:00
+								    ):
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								        field = email_address(label=placeholder_name, gov_user=False)
-												Don’t validate phone numbers when sending emails

If you have a placeholder called `((phone number))` in your email
template, and you try to send a one-off message then the form input will
attempt to validate your ‘phone number’.

This is not helpful if you’re trying to put a landline number in your
email, for example.

This only affects messages being sent through the one-off interface.

This commit makes the form be aware of template type, which fixes the
problem.

											
										
										
											2018-03-16 14:17:43 +00:00
+								    elif (
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        InsensitiveDict.make_key(placeholder_name) == "phonenumber"
 								        and template_type == "sms"
-												Don’t validate phone numbers when sending emails

If you have a placeholder called `((phone number))` in your email
template, and you try to send a one-off message then the form input will
attempt to validate your ‘phone number’.

This is not helpful if you’re trying to put a landline number in your
email, for example.

This only affects messages being sent through the one-off interface.

This commit makes the form be aware of template type, which fixes the
problem.

											
										
										
											2018-03-16 14:17:43 +00:00
+								    ):
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								        if allow_international_phone_numbers:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            field = international_phone_number(
 								                label=placeholder_name
 								            )  # TODO: modify as necessary for non-us numbers
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								        else:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            field = uk_mobile_number(
 								                label=placeholder_name
 								            )  # TODO: replace with us_mobile_number
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
+								    else:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        field = GovukTextInputField(
 								            placeholder_name, validators=[DataRequired(message="Cannot be empty")]
 								        )
-												Validate recipients in send a one-off message

It would be annoying to get all the way to the end of the flow and get
told that the phone number or email address you entered isn’t valid.

So this commit reuses the existing WTForms objects that we have to do
some extra validation on the first step in the send one-off message
flow. It also accounts for international phone numbers, if the service
is allowed to send them.

It doesn’t reject other people’s phone numbers if your service is
restricted, because I think it’s better to let users play with the
feature – it’s good for learning.

											
										
										
											2017-05-25 09:40:37 +01:00
 								    PlaceholderForm.placeholder_value = field
-												Show one field at a time on send yourself a test

The send yourself a test feature is useful for two things:
- constructing an email/text message/letter without uploading a CSV file
- seeing what the thing your going to send will look like (either by
  getting it in your inbox or downloading the PDF)
- learning the concept of placeholders, ie understanding they’re thing
  that gets populated with _stuff_

The problem we’re seeing is that the current UI breaks when a template
has a lot of placeholders. This is especially apparent with letter
templates, which have a minimum of 7 placeholders by virtue of the
address.

The idea behind having the form fields side-by-side was to help people
understand the relationship between their spreadsheet columns and the
placeholders. But this means that the page was doing a lot of work,
trying to teach:
- replacement of placeholders
- link between placeholders and spreadsheet columns

The latter is better explained by the example spreadsheet shown on the
upload page. So it can safely be removed from the send yourself a test
page – in other words the fields don’t need to be shown side by side.

Showing them one-at-a-time works well because:
- it’s really obvious, even on first use, what the page is asking you to
  do
- as your step through each placeholder, you see the message build up
  with the data you’ve entered – you’re learning how replacement of
  placeholders works by repetition

This also means adding a matching endpoint for viewing each step of
making the test letter as a PDF/PNG because we can’t reuse the view of
the template without any placeholders filled any more.

											
										
										
											2017-05-04 09:30:55 +01:00
 								    return PlaceholderForm(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        placeholder_value=dict_to_populate_from.get(placeholder_name, "")
-												Show one field at a time on send yourself a test

The send yourself a test feature is useful for two things:
- constructing an email/text message/letter without uploading a CSV file
- seeing what the thing your going to send will look like (either by
  getting it in your inbox or downloading the PDF)
- learning the concept of placeholders, ie understanding they’re thing
  that gets populated with _stuff_

The problem we’re seeing is that the current UI breaks when a template
has a lot of placeholders. This is especially apparent with letter
templates, which have a minimum of 7 placeholders by virtue of the
address.

The idea behind having the form fields side-by-side was to help people
understand the relationship between their spreadsheet columns and the
placeholders. But this means that the page was doing a lot of work,
trying to teach:
- replacement of placeholders
- link between placeholders and spreadsheet columns

The latter is better explained by the example spreadsheet shown on the
upload page. So it can safely be removed from the send yourself a test
page – in other words the fields don’t need to be shown side by side.

Showing them one-at-a-time works well because:
- it’s really obvious, even on first use, what the page is asking you to
  do
- as your step through each placeholder, you see the message build up
  with the data you’ve entered – you’re learning how replacement of
  placeholders works by repetition

This also means adding a matching endpoint for viewing each step of
making the test letter as a PDF/PNG because we can’t reuse the view of
the template without any placeholders filled any more.

											
										
										
											2017-05-04 09:30:55 +01:00
+								    )
-												Allow one-off email sending to select the reply-to address

											
										
										
											2017-10-16 16:35:35 +01:00
-												Strip whitespace before validating any form

We’ve had whitespace-in-emails problems on:
- register form
- sign in form
- send one off form

We should just handle whitespace gracefully, by ignoring it. Makes sense
to do this at a global level because there might be other places it’s
causing problems that we don’t know about.

The only place that users _might_ be relying on leading/trailing spaces
(and we have no way of knowing this) is in passwords or tokens. So this
filter ignores any instances of `PasswordField`.

Adapted from @pcraig3’s work on Digital Marketplace:
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/4b06f5cfb703678f5b8bb303e2f0590bb248b5f2
- https://github.com/alphagov/digitalmarketplace-supplier-frontend/commit/e761c1ce655137fed11f730da4e0a2b1893dee91

											
										
										
											2017-12-11 16:02:12 +00:00
+								class SetSenderForm(StripWhitespaceForm):
-												Allow one-off email sending to select the reply-to address

											
										
										
											2017-10-16 16:35:35 +01:00
+								    def __init__(self, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.sender.choices = kwargs["sender_choices"]
 								        self.sender.label.text = kwargs["sender_label"]
-												Allow one-off email sending to select the reply-to address

											
										
										
											2017-10-16 16:35:35 +01:00
-												Convert radios on set-sender page

Includes making the legend the page header to
follow design system guidance:

https://design-system.service.gov.uk/get-started/labels-legends-headings/

I had to add some override styles to allow the
legend to classes as a full-width column, and the
radios to be in one that is three-quarters.

											
										
										
											2021-01-13 10:31:07 +00:00
+								    sender = GovukRadiosField()
-												Allow letter templates to select the default contact block from the list

											
										
										
											2018-01-03 10:44:36 +00:00
 								class SetTemplateSenderForm(StripWhitespaceForm):
 								    def __init__(self, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.sender.choices = kwargs["sender_choices"]
 								        self.sender.label.text = "Select your sender"
-												Allow letter templates to select the default contact block from the list

											
										
										
											2018-01-03 10:44:36 +00:00
-												Convert radios on set-template-sender page

Includes making the legend the h1 for the page to
follow design system guidance:

https://design-system.service.gov.uk/get-started/labels-legends-headings/

											
										
										
											2021-01-13 14:58:39 +00:00
+								    sender = GovukRadiosField()
-												link-services-to-organisations

											
										
										
											2018-02-12 09:26:13 +00:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								class AdminSetOrganizationForm(StripWhitespaceForm):
-												link-services-to-organisations

											
										
										
											2018-02-12 09:26:13 +00:00
+								    def __init__(self, *args, **kwargs):
 								        super().__init__(*args, **kwargs)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.organizations.choices = kwargs["choices"]
-												link-services-to-organisations

											
										
										
											2018-02-12 09:26:13 +00:00
-												blunt rename of org (#620)


											
										
										
											2023-07-12 12:09:44 -04:00
+								    organizations = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Select an organization", validators=[DataRequired()]
-												link-services-to-organisations

											
										
										
											2018-02-12 09:26:13 +00:00
+								    )
-												Add page where users can say they want branding

At the moment branding is an undocumented feature. We get a bunch of
support tickets from teams asking its possible.

This commit:
- lets people know it’s possible, and what the options are
- is the first step towards making this process as self-service as
  possible

In some cases we will be able to infer a user’s organisation from there
email address, and Google image search their logo. So the experience for
them is that they press a button and government just sorts it out for
you (also known as "the dream").

In other cases we will have to get back to people asking for a copy of
their logo, or to find out about their service, but this is what we have
to do at the moment anyway.

											
										
										
											2018-05-18 14:05:48 +01:00
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminServiceAddDataRetentionForm(StripWhitespaceForm):
-												Convert radios on data retention page (basic)

											
										
										
											2020-06-26 21:17:38 +01:00
+								    notification_type = GovukRadiosField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "What notification type?",
-												Adding views to view, add and edit service data retention policies.
Only visible to a platform admin.
A service can have a custom number of days to retain the notification data for each notification type.

											
										
										
											2018-07-17 14:39:04 +01:00
+								        choices=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            ("email", "Email"),
 								            ("sms", "SMS"),
-												Adding views to view, add and edit service data retention policies.
Only visible to a platform admin.
A service can have a custom number of days to retain the notification data for each notification type.

											
										
										
											2018-07-17 14:39:04 +01:00
+								        ],
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        thing="notification type",
-												Adding views to view, add and edit service data retention policies.
Only visible to a platform admin.
A service can have a custom number of days to retain the notification data for each notification type.

											
										
										
											2018-07-17 14:39:04 +01:00
+								    )
-												Convert IntegerFields to GovukIntegerFields

Changes those fields in the following forms:
- FreeSMSAllowance
- ProviderForm
- ProviderRatioForm
- ServiceDataRetentionEditForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:31:09 +01:00
+								    days_of_retention = GovukIntegerField(
 								        label="Days of retention",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators=[
 								            validators.NumberRange(min=3, max=90, message="Must be between 3 and 90")
 								        ],
-												Convert IntegerFields to GovukIntegerFields

Changes those fields in the following forms:
- FreeSMSAllowance
- ProviderForm
- ProviderRatioForm
- ServiceDataRetentionEditForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:31:09 +01:00
+								    )
-												Adding views to view, add and edit service data retention policies.
Only visible to a platform admin.
A service can have a custom number of days to retain the notification data for each notification type.

											
										
										
											2018-07-17 14:39:04 +01:00
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminServiceEditDataRetentionForm(StripWhitespaceForm):
-												Convert IntegerFields to GovukIntegerFields

Changes those fields in the following forms:
- FreeSMSAllowance
- ProviderForm
- ProviderRatioForm
- ServiceDataRetentionEditForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:31:09 +01:00
+								    days_of_retention = GovukIntegerField(
 								        label="Days of retention",
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        validators=[
 								            validators.NumberRange(min=3, max=90, message="Must be between 3 and 90")
 								        ],
-												Convert IntegerFields to GovukIntegerFields

Changes those fields in the following forms:
- FreeSMSAllowance
- ProviderForm
- ProviderRatioForm
- ServiceDataRetentionEditForm

Includes changes to templates that use this form
and associated tests.

											
										
										
											2020-08-07 10:31:09 +01:00
+								    )
-												Add a platform admin page to submit returned letter references

A platform admin form accepts a list of references (one per line)
received from DVLA and sends them to the API to update notification
statuses.

References we get from DVLA start with `NOTIFY00\d`, which isn't
part of the reference we store in the database, so we remove them
before sending the data to the API.

The new `returned-letter` status should be treated as `delivered`
for now until we decide a way to display returned letters to users.

											
										
										
											2018-09-06 16:34:23 +01:00
-												add template folder form

											
										
										
											2018-11-01 16:02:43 +00:00
+								class TemplateFolderForm(StripWhitespaceForm):
-												Show all users in folder viewing permissions, correct users checked

											
										
										
											2019-03-18 16:12:12 +00:00
+								    def __init__(self, all_service_users=None, *args, **kwargs):
-												Show checkboxes for users with permission to view the managed folder

											
										
										
											2019-03-15 14:13:27 +00:00
+								        super().__init__(*args, **kwargs)
-												Show all users in folder viewing permissions, correct users checked

											
										
										
											2019-03-18 16:12:12 +00:00
+								        if all_service_users is not None:
 								            self.users_with_permission.all_service_users = all_service_users
 								            self.users_with_permission.choices = [
 								                (item.id, item.name) for item in all_service_users
-												Show checkboxes for users with permission to view the managed folder

											
										
										
											2019-03-15 14:13:27 +00:00
+								            ]
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    users_with_permission = GovukCollapsibleCheckboxesField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Team members who can see this folder", field_label="team member"
 								    )
 								    name = GovukTextInputField(
 								        "Folder name", validators=[DataRequired(message="Cannot be empty")]
 								    )
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								def required_for_ops(*operations):
 								    operations = set(operations)
 								    def validate(form, field):
-												fix being able to add template without selecting a radio button

											
										
										
											2018-12-07 16:38:48 +00:00
+								        if form.op not in operations and any(field.raw_data):
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								            # super weird
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise validators.StopValidation("Must be empty")
-												fix being able to add template without selecting a radio button

											
										
										
											2018-12-07 16:38:48 +00:00
+								        if form.op in operations and not any(field.raw_data):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise validators.StopValidation("Cannot be empty")
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								    return validate
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
+								class TemplateAndFoldersSelectionForm(Form):
-												add fieldsets to template/folder form and update docstrings

also remove erroneous pytest.ini cfg and reset button

											
										
										
											2018-11-27 14:33:50 +00:00
+								    """
-												fix being able to add template without selecting a radio button

											
										
										
											2018-12-07 16:38:48 +00:00
+								    This form expects the form data to include an operation, based on which submit button is clicked.
-												add fieldsets to template/folder form and update docstrings

also remove erroneous pytest.ini cfg and reset button

											
										
										
											2018-11-27 14:33:50 +00:00
+								    If enter is pressed, unknown will be sent by a hidden submit button at the top of the form.
 								    The value of this operation affects which fields are required, expected to be empty, or optional.
 								    * unknown
 								        currently not implemented, but in the future will try and work out if there are any obvious commands that can be
 								        assumed based on which fields are empty vs populated.
-												change operations to kebab-case

so that they better align with the front-end, where they'll be used in
data attributes. Also, making the kebab case is nice because it doesn't
give favouritism to either JS or python naming conventions

											
										
										
											2018-12-04 14:47:05 +00:00
+								    * move-to-existing-folder
-												add fieldsets to template/folder form and update docstrings

also remove erroneous pytest.ini cfg and reset button

											
										
										
											2018-11-27 14:33:50 +00:00
+								        must have data for templates_and_folders checkboxes, and move_to radios
-												change operations to kebab-case

so that they better align with the front-end, where they'll be used in
data attributes. Also, making the kebab case is nice because it doesn't
give favouritism to either JS or python naming conventions

											
										
										
											2018-12-04 14:47:05 +00:00
+								    * move-to-new-folder
-												add fieldsets to template/folder form and update docstrings

also remove erroneous pytest.ini cfg and reset button

											
										
										
											2018-11-27 14:33:50 +00:00
+								        must have data for move_to_new_folder_name, cannot have data for move_to_existing_folder_name
-												change operations to kebab-case

so that they better align with the front-end, where they'll be used in
data attributes. Also, making the kebab case is nice because it doesn't
give favouritism to either JS or python naming conventions

											
										
										
											2018-12-04 14:47:05 +00:00
+								    * add-new-folder
-												add fieldsets to template/folder form and update docstrings

also remove erroneous pytest.ini cfg and reset button

											
										
										
											2018-11-27 14:33:50 +00:00
+								        must have data for move_to_existing_folder_name, cannot have data for move_to_new_folder_name
 								    """
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
 								    ALL_TEMPLATES_FOLDER = {
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "name": "Templates",
 								        "id": RadioFieldWithNoneOption.NONE_OPTION_VALUE,
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
+								    }
 								    def __init__(
 								        self,
-												Allow any sub-items to be moved from a folder

Since you can now see them when searching you should also be able to
select and move them. Which means that they needed to be included in
the `Form`’s list of possible choices of things to move.

											
										
										
											2018-11-23 16:29:21 +00:00
+								        all_template_folders,
 								        template_list,
-												Allow adding broadcast templates

At the moment the page is the same as for text message templates,
except:
- different H1
- no guidance about personalisation, links, etc (until we decide how
  these should work)

For now you won’t be able to really create a broadcast template, because
the API doesn’t support it (the API will respond with a 400). But that’s
OK because no real services have the broadcast permission yet.

This required a bit of refactoring of how we check which template types
a service can use, because there were some hard-coded assumptions about
emails and text messages.

											
										
										
											2020-07-01 16:43:08 +01:00
+								        available_template_types,
-												Let users add new template from the choose page

Since we’re letting users add new folders directly from the choose page
it makes sense that they should also be able to add templates from
there.

This resolves the problem we saw in user research where people found it
hard to know where to go to add a new folder when they were all behind
one green button.

											
										
										
											2018-11-28 13:48:13 +00:00
+								        allow_adding_copy_of_template,
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
+								        *args,
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        **kwargs,
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
+								    ):
 								        super().__init__(*args, **kwargs)
-												Allow adding broadcast templates

At the moment the page is the same as for text message templates,
except:
- different H1
- no guidance about personalisation, links, etc (until we decide how
  these should work)

For now you won’t be able to really create a broadcast template, because
the API doesn’t support it (the API will respond with a 400). But that’s
OK because no real services have the broadcast permission yet.

This required a bit of refactoring of how we check which template types
a service can use, because there were some hard-coded assumptions about
emails and text messages.

											
										
										
											2020-07-01 16:43:08 +01:00
+								        self.available_template_types = available_template_types
-												Allow any sub-items to be moved from a folder

Since you can now see them when searching you should also be able to
select and move them. Which means that they needed to be included in
the `Form`’s list of possible choices of things to move.

											
										
										
											2018-11-23 16:29:21 +00:00
+								        self.templates_and_folders.choices = template_list.as_id_and_name
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								        self.op = None
-												Let users add new template from the choose page

Since we’re letting users add new folders directly from the choose page
it makes sense that they should also be able to add templates from
there.

This resolves the problem we saw in user research where people found it
hard to know where to go to add a new folder when they were all behind
one green button.

											
										
										
											2018-11-28 13:48:13 +00:00
+								        self.is_move_op = self.is_add_folder_op = self.is_add_template_op = False
-												move add new folder and move to folder into one dialog box

this lets us combine the two actions to create "Move to a new folder".
If the user hits enter rather than clicking a button, there is a hidden
submit button that (for now) prevents them from taking any action.
A future commit will try and understand what the user might be doing
based on which fields are populated/selected.

											
										
										
											2018-11-15 17:31:07 +00:00
-												Display the template folders nested on the move template/folder form

Before, all the folders were displayed in a list which was ordered but
not nested. This changes the move form to nest the template folders.

											
										
										
											2018-12-18 14:40:53 +00:00
+								        self.move_to.all_template_folders = all_template_folders
-												Allow any sub-items to be moved from a folder

Since you can now see them when searching you should also be able to
select and move them. Which means that they needed to be included in
the `Form`’s list of possible choices of things to move.

											
										
										
											2018-11-23 16:29:21 +00:00
+								        self.move_to.choices = [
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            (item["id"], item["name"])
-												Allow any sub-items to be moved from a folder

Since you can now see them when searching you should also be able to
select and move them. Which means that they needed to be included in
the `Form`’s list of possible choices of things to move.

											
										
										
											2018-11-23 16:29:21 +00:00
+								            for item in ([self.ALL_TEMPLATES_FOLDER] + all_template_folders)
-												Show form elements for templates and folders

This commit adds:
- checkboxes to let you select a template or folder
- radio buttons to let you select where to move those template(s) and/or
  folder(s) to

It only does the `get` part of this work; handling the `post` and
calling API will be done in a subsequent commit.

											
										
										
											2018-11-08 11:56:29 +00:00
+								        ]
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.add_template_by_template_type.choices = list(
 								            filter(
 								                None,
 								                [
 								                    # ('email', 'Email') if 'email' in available_template_types else None,
-- Change "new template" wording

											
										
										
											2023-10-03 11:14:21 -04:00
+								                    ("sms", "Start with a blank template")
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								                    if "sms" in available_template_types
 								                    else None,
 								                    ("copy-existing", "Copy an existing template")
 								                    if allow_adding_copy_of_template
 								                    else None,
 								                ],
 								            )
 								        )
-												Let users add new template from the choose page

Since we’re letting users add new folders directly from the choose page
it makes sense that they should also be able to add templates from
there.

This resolves the problem we saw in user research where people found it
hard to know where to go to add a new folder when they were all behind
one green button.

											
										
										
											2018-11-28 13:48:13 +00:00
-												Allow adding broadcast templates

At the moment the page is the same as for text message templates,
except:
- different H1
- no guidance about personalisation, links, etc (until we decide how
  these should work)

For now you won’t be able to really create a broadcast template, because
the API doesn’t support it (the API will respond with a 400). But that’s
OK because no real services have the broadcast permission yet.

This required a bit of refactoring of how we check which template types
a service can use, because there were some hard-coded assumptions about
emails and text messages.

											
										
										
											2020-07-01 16:43:08 +01:00
+								    @property
 								    def trying_to_add_unavailable_template_type(self):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return all(
 								            (
 								                self.is_add_template_op,
 								                self.add_template_by_template_type.data,
 								                self.add_template_by_template_type.data
 								                not in self.available_template_types,
 								            )
 								        )
-												Allow adding broadcast templates

At the moment the page is the same as for text message templates,
except:
- different H1
- no guidance about personalisation, links, etc (until we decide how
  these should work)

For now you won’t be able to really create a broadcast template, because
the API doesn’t support it (the API will respond with a 400). But that’s
OK because no real services have the broadcast permission yet.

This required a bit of refactoring of how we check which template types
a service can use, because there were some hard-coded assumptions about
emails and text messages.

											
										
										
											2020-07-01 16:43:08 +01:00
-												pre-check templates/folders that were checked previously

(when rendering an error)

											
										
										
											2018-11-30 16:31:42 +00:00
+								    def is_selected(self, template_folder_id):
 								        return template_folder_id in (self.templates_and_folders.data or [])
-												Update utils for improved logging

											
										
										
											2023-04-26 11:24:01 -04:00
+								    def validate(self, extra_validators=None):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.op = request.form.get("operation")
-												move add new folder and move to folder into one dialog box

this lets us combine the two actions to create "Move to a new folder".
If the user hits enter rather than clicking a button, there is a hidden
submit button that (for now) prevents them from taking any action.
A future commit will try and understand what the user might be doing
based on which fields are populated/selected.

											
										
										
											2018-11-15 17:31:07 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        self.is_move_op = self.op in {"move-to-existing-folder", "move-to-new-folder"}
 								        self.is_add_folder_op = self.op in {"add-new-folder", "move-to-new-folder"}
 								        self.is_add_template_op = self.op in {"add-new-template"}
-												move add new folder and move to folder into one dialog box

this lets us combine the two actions to create "Move to a new folder".
If the user hits enter rather than clicking a button, there is a hidden
submit button that (for now) prevents them from taking any action.
A future commit will try and understand what the user might be doing
based on which fields are populated/selected.

											
										
										
											2018-11-15 17:31:07 +00:00
-												Let users add new template from the choose page

Since we’re letting users add new folders directly from the choose page
it makes sense that they should also be able to add templates from
there.

This resolves the problem we saw in user research where people found it
hard to know where to go to add a new folder when they were all behind
one green button.

											
										
										
											2018-11-28 13:48:13 +00:00
+								        if not (self.is_add_folder_op or self.is_move_op or self.is_add_template_op):
-												move add new folder and move to folder into one dialog box

this lets us combine the two actions to create "Move to a new folder".
If the user hits enter rather than clicking a button, there is a hidden
submit button that (for now) prevents them from taking any action.
A future commit will try and understand what the user might be doing
based on which fields are populated/selected.

											
										
										
											2018-11-15 17:31:07 +00:00
+								            return False
-												Update utils for improved logging

											
										
										
											2023-04-26 11:24:01 -04:00
+								        return super().validate(extra_validators)
-												move add new folder and move to folder into one dialog box

this lets us combine the two actions to create "Move to a new folder".
If the user hits enter rather than clicking a button, there is a hidden
submit button that (for now) prevents them from taking any action.
A future commit will try and understand what the user might be doing
based on which fields are populated/selected.

											
										
										
											2018-11-15 17:31:07 +00:00
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								    def get_folder_name(self):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        if self.op == "add-new-folder":
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								            return self.add_new_folder_name.data
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        elif self.op == "move-to-new-folder":
-												split out new folder into two separate forms

move_to_new_folder and add_new_folder are now two separate html fields
and form items - so that we can more easily manipulate them on the
front end

											
										
										
											2018-11-20 18:03:57 +00:00
+								            return self.move_to_new_folder_name.data
 								        return None
-												move add new folder and move to folder into one dialog box

this lets us combine the two actions to create "Move to a new folder".
If the user hits enter rather than clicking a button, there is a hidden
submit button that (for now) prevents them from taking any action.
A future commit will try and understand what the user might be doing
based on which fields are populated/selected.

											
										
										
											2018-11-15 17:31:07 +00:00
-												Rename govukCheckboxField and similar

Follows naming conventions for classes and matches
work done on GovukTextInputField.

											
										
										
											2020-10-29 14:58:39 +00:00
+								    templates_and_folders = GovukCheckboxesField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Choose templates or folders",
 								        validators=[required_for_ops("move-to-new-folder", "move-to-existing-folder")],
-												Update templates page

Includes:
- changes to the govukCheckboxesField class
  to allow params to be extended at render time
- updates to templates and folders CSS

											
										
										
											2020-04-09 11:51:11 +01:00
+								        choices=[],  # added to keep order of arguments, added properly in __init__
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        param_extensions={"fieldset": {"legend": {"classes": "usa-sr-only"}}},
-												Update templates page

Includes:
- changes to the govukCheckboxesField class
  to allow params to be extended at render time
- updates to templates and folders CSS

											
										
										
											2020-04-09 11:51:11 +01:00
+								    )
-												Swap order of move_to validators

If Optional runs before required_for_ops, it stops
the validation chain so it doesn't get to
required_for_ops. The move_to field isn't required
for the 'move-to-new-folder' operation, so this has
been removed.

This also adds comments explaining why we set
default to an empty string when instantiating the
move_to field.

											
										
										
											2019-01-03 14:58:20 +00:00
+								    # if no default set, it is set to None, which process_data transforms to '__NONE__'
 								    # this means '__NONE__' (self.ALL_TEMPLATES option) is selected when no form data has been submitted
 								    # set default to empty string so process_data method doesn't perform any transformation
-												Display the template folders nested on the move template/folder form

Before, all the folders were displayed in a list which was ordered but
not nested. This changes the move form to nest the template folders.

											
										
										
											2018-12-18 14:40:53 +00:00
+								    move_to = NestedRadioField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Choose a folder",
 								        default="",
 								        validators=[required_for_ops("move-to-existing-folder"), Optional()],
 								    )
 								    add_new_folder_name = GovukTextInputField(
 								        "Folder name", validators=[required_for_ops("add-new-folder")]
 								    )
 								    move_to_new_folder_name = GovukTextInputField(
 								        "Folder name", validators=[required_for_ops("move-to-new-folder")]
 								    )
-												Let users add new template from the choose page

Since we’re letting users add new folders directly from the choose page
it makes sense that they should also be able to add templates from
there.

This resolves the problem we saw in user research where people found it
hard to know where to go to add a new folder when they were all behind
one green button.

											
										
										
											2018-11-28 13:48:13 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    add_template_by_template_type = RadioFieldWithRequiredMessage(
 								        "New template",
 								        validators=[
 								            required_for_ops("add-new-template"),
 								            Optional(),
 								        ],
 								        required_message="Select the type of template you want to add",
 								    )
-												add clear cache platform admin page

a form that allows you to clear entries from the cache for all of
either users, services or templates. It'll tell you the largest amount
of keys deleted, since there are multiple keys associated with each
model.

											
										
										
											2019-02-15 10:27:38 +00:00
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								class AdminClearCacheForm(StripWhitespaceForm):
-												Make it easy to clear cache for all key formats

Having to submit the form for each choice separately slowed us down
during an incident where Redis was unavailable and came back with
stale data, which we had to clear manually.

Note: we don't want to use the "flush" feature in case there are other
keys in Redis, which may not be safe to remove.

											
										
										
											2022-02-21 11:28:15 +00:00
+								    model_type = GovukCheckboxesField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "What do you want to clear today",
-												add clear cache platform admin page

a form that allows you to clear entries from the cache for all of
either users, services or templates. It'll tell you the largest amount
of keys deleted, since there are multiple keys associated with each
model.

											
										
										
											2019-02-15 10:27:38 +00:00
+								    )
-												Allow custom notes when service goes live

This adds an option on the organisation settings page to add
'request_to_go_live_notes'. When a service belonging to this
organisation requests to go live, any go live notes for the
organisation will be added to the Zendesk ticket in the 'Agreement
signed' section.

											
										
										
											2019-05-13 14:50:40 +01:00
-												Make it easy to clear cache for all key formats

Having to submit the form for each choice separately slowed us down
during an incident where Redis was unavailable and came back with
stale data, which we had to clear manually.

Note: we don't want to use the "flush" feature in case there are other
keys in Redis, which may not be safe to remove.

											
										
										
											2022-02-21 11:28:15 +00:00
+								    def validate_model_type(self, field):
 								        if not field.data:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            raise ValidationError("Select at least one option")
-												Make it easy to clear cache for all key formats

Having to submit the form for each choice separately slowed us down
during an incident where Redis was unavailable and came back with
stale data, which we had to clear manually.

Note: we don't want to use the "flush" feature in case there are other
keys in Redis, which may not be safe to remove.

											
										
										
											2022-02-21 11:28:15 +00:00
-												Allow custom notes when service goes live

This adds an option on the organisation settings page to add
'request_to_go_live_notes'. When a service belonging to this
organisation requests to go live, any go live notes for the
organisation will be added to the Zendesk ticket in the 'Agreement
signed' section.

											
										
										
											2019-05-13 14:50:40 +01:00
-												Change name of the form and form field for consistency

Following PR review.

Also update function name for update name of security key in
user api client to be more specific.

											
										
										
											2021-05-21 17:10:34 +01:00
+								class ChangeSecurityKeyNameForm(StripWhitespaceForm):
 								    security_key_name = GovukTextInputField(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "Name of key",
-												Show manage security key page with name change form

											
										
										
											2021-05-14 17:52:13 +01:00
+								        validators=[
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            DataRequired(message="Cannot be empty"),
-												Show manage security key page with name change form

											
										
										
											2021-05-14 17:52:13 +01:00
+								            MustContainAlphanumericCharacters(),
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            Length(max=255, message="Name of key must be 255 characters or fewer"),
 								        ],
 								    )