2015-11-24 09:40:14 +00:00
|
|
|
|
import os
|
2020-12-29 13:38:27 +00:00
|
|
|
|
import pathlib
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from functools import partial
|
2016-10-19 11:54:51 +01:00
|
|
|
|
from time import monotonic
|
|
|
|
|
|
|
2019-10-03 13:00:32 +01:00
|
|
|
|
import jinja2
|
2016-04-04 16:53:52 +01:00
|
|
|
|
from flask import (
|
|
|
|
|
|
current_app,
|
2019-03-25 10:25:05 +00:00
|
|
|
|
flash,
|
2016-07-11 13:53:55 +01:00
|
|
|
|
g,
|
2019-03-25 10:25:05 +00:00
|
|
|
|
make_response,
|
2020-03-06 11:53:55 +00:00
|
|
|
|
redirect,
|
2019-03-25 10:25:05 +00:00
|
|
|
|
render_template,
|
|
|
|
|
|
request,
|
|
|
|
|
|
session,
|
2017-11-01 15:47:05 +00:00
|
|
|
|
url_for,
|
2017-10-18 14:51:26 +01:00
|
|
|
|
)
|
2017-05-04 11:28:45 +01:00
|
|
|
|
from flask.globals import _lookup_req_object, _request_ctx_stack
|
2018-01-25 15:29:05 +00:00
|
|
|
|
from flask_login import LoginManager, current_user
|
2017-07-27 15:17:17 +01:00
|
|
|
|
from flask_wtf import CSRFProtect
|
2017-07-26 11:01:24 +01:00
|
|
|
|
from flask_wtf.csrf import CSRFError
|
2020-07-01 13:27:12 +01:00
|
|
|
|
from gds_metrics import GDSMetrics
|
2019-10-03 13:00:32 +01:00
|
|
|
|
from govuk_frontend_jinja.flask_ext import init_govuk_frontend
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from itsdangerous import BadSignature
|
2016-04-15 11:04:35 +01:00
|
|
|
|
from notifications_python_client.errors import HTTPError
|
2021-01-06 12:12:01 +00:00
|
|
|
|
from notifications_utils import logging, request_helper
|
|
|
|
|
|
from notifications_utils.formatters import formatted_list, normalise_lines
|
|
|
|
|
|
from notifications_utils.recipients import format_phone_number_human_readable
|
2018-05-25 10:18:39 +01:00
|
|
|
|
from notifications_utils.sanitise_text import SanitiseASCII
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from werkzeug.exceptions import HTTPException as WerkzeugHTTPException
|
|
|
|
|
|
from werkzeug.exceptions import abort
|
2016-04-21 09:30:33 +01:00
|
|
|
|
from werkzeug.local import LocalProxy
|
2016-03-10 14:56:47 +00:00
|
|
|
|
|
Support registering a new authenticator
This adds Yubico's FIDO2 library and two APIs for working with the
"navigator.credentials.create()" function in JavaScript. The GET
API uses the library to generate options for the "create()" function,
and the POST API decodes and verifies the resulting credential. While
the options and response are dict-like, CBOR is necessary to encode
some of the byte-level values, which can't be represented in JSON.
Much of the code here is based on the Yubico library example [1][2].
Implementation notes:
- There are definitely better ways to alert the user about failure, but
window.alert() will do for the time being. Using location.reload() is
also a bit jarring if the page scrolls, but not a major issue.
- Ideally we would use window.fetch() to do AJAX calls, but we don't
have a polyfill for this, and we use $.ajax() elsewhere [3]. We need
to do a few weird tricks [6] to stop jQuery trashing the data.
- The FIDO2 server doesn't serve web requests; it's just a "server" in
the sense of WebAuthn terminology. It lives in its own module, since it
needs to be initialised with the app / config.
- $.ajax returns a promise-like object. Although we've used ".fail()"
elsewhere [3], I couldn't find a stub object that supports it, so I've
gone for ".catch()", and used a Promise stub object in tests.
- WebAuthn only works over HTTPS, but there's an exception for "localhost"
[4]. However, the library is a bit too strict [5], so we have to disable
origin verification to avoid needing HTTPS for dev work.
[1]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/examples/server/server.py
[2]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/examples/server/static/register.html
[3]: https://github.com/alphagov/notifications-admin/blob/91453d36395b7a0cf2998dfb8a5f52cc9e96640f/app/assets/javascripts/updateContent.js#L33
[4]: https://stackoverflow.com/questions/55971593/navigator-credentials-is-null-on-local-server
[5]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/fido2/rpid.py#L69
[6]: https://stackoverflow.com/questions/12394622/does-jquery-ajax-or-load-allow-for-responsetype-arraybuffer
2021-05-07 18:10:07 +01:00
|
|
|
|
from app import proxy_fix, webauthn_server
|
2018-10-26 15:39:32 +01:00
|
|
|
|
from app.asset_fingerprinter import asset_fingerprinter
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.commands import setup_commands
|
|
|
|
|
|
from app.config import configs
|
2020-07-01 13:27:12 +01:00
|
|
|
|
from app.extensions import antivirus_client, redis_client, zendesk_client
|
2021-01-06 12:12:01 +00:00
|
|
|
|
from app.formatters import (
|
|
|
|
|
|
convert_to_boolean,
|
2021-03-11 13:23:02 +00:00
|
|
|
|
format_billions,
|
2021-01-06 12:12:01 +00:00
|
|
|
|
format_date,
|
|
|
|
|
|
format_date_human,
|
|
|
|
|
|
format_date_normal,
|
|
|
|
|
|
format_date_numeric,
|
|
|
|
|
|
format_date_short,
|
|
|
|
|
|
format_datetime,
|
|
|
|
|
|
format_datetime_24h,
|
|
|
|
|
|
format_datetime_human,
|
|
|
|
|
|
format_datetime_normal,
|
|
|
|
|
|
format_datetime_relative,
|
|
|
|
|
|
format_datetime_short,
|
|
|
|
|
|
format_day_of_week,
|
|
|
|
|
|
format_delta,
|
|
|
|
|
|
format_delta_days,
|
|
|
|
|
|
format_list_items,
|
2021-02-15 21:02:37 +00:00
|
|
|
|
format_mobile_network,
|
2021-01-06 12:12:01 +00:00
|
|
|
|
format_notification_status,
|
|
|
|
|
|
format_notification_status_as_field_status,
|
|
|
|
|
|
format_notification_status_as_time,
|
|
|
|
|
|
format_notification_status_as_url,
|
|
|
|
|
|
format_notification_type,
|
|
|
|
|
|
format_number_in_pounds_as_currency,
|
|
|
|
|
|
format_thousands,
|
|
|
|
|
|
format_time,
|
|
|
|
|
|
id_safe,
|
2021-01-06 12:59:48 +00:00
|
|
|
|
iteration_count,
|
2021-01-06 12:12:01 +00:00
|
|
|
|
linkable_name,
|
2021-01-06 12:59:48 +00:00
|
|
|
|
message_count,
|
|
|
|
|
|
message_count_label,
|
|
|
|
|
|
message_count_noun,
|
2021-01-06 12:12:01 +00:00
|
|
|
|
nl2br,
|
2021-01-06 12:59:48 +00:00
|
|
|
|
recipient_count,
|
|
|
|
|
|
recipient_count_label,
|
2021-01-06 12:12:01 +00:00
|
|
|
|
valid_phone_number,
|
|
|
|
|
|
)
|
2019-05-23 17:17:26 +01:00
|
|
|
|
from app.models.organisation import Organisation
|
2018-10-26 15:58:44 +01:00
|
|
|
|
from app.models.service import Service
|
Make user API client return JSON, not a model
The data flow of other bits of our application looks like this:
```
API (returns JSON)
⬇
API client (returns a built in type, usually `dict`)
⬇
Model (returns an instance, eg of type `Service`)
⬇
View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:
```
API (returns JSON)
⬇
API client (returns a model, of type `User`, `InvitedUser`, etc)
⬇
View (returns HTML)
```
This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.
It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.
For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.
2019-05-23 15:27:35 +01:00
|
|
|
|
from app.models.user import AnonymousUser, User
|
2018-06-12 16:17:20 +01:00
|
|
|
|
from app.navigation import (
|
|
|
|
|
|
CaseworkNavigation,
|
|
|
|
|
|
HeaderNavigation,
|
|
|
|
|
|
MainNavigation,
|
2019-03-25 10:25:05 +00:00
|
|
|
|
OrgNavigation,
|
2018-06-12 16:17:20 +01:00
|
|
|
|
)
|
2020-03-06 11:53:55 +00:00
|
|
|
|
from app.notify_client import InviteTokenError
|
2018-10-26 15:39:32 +01:00
|
|
|
|
from app.notify_client.api_key_api_client import api_key_api_client
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.billing_api_client import billing_api_client
|
2020-07-09 10:33:50 +01:00
|
|
|
|
from app.notify_client.broadcast_message_api_client import (
|
|
|
|
|
|
broadcast_message_api_client,
|
|
|
|
|
|
)
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.complaint_api_client import complaint_api_client
|
2020-03-12 16:13:18 +00:00
|
|
|
|
from app.notify_client.contact_list_api_client import contact_list_api_client
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.email_branding_client import email_branding_client
|
|
|
|
|
|
from app.notify_client.events_api_client import events_api_client
|
|
|
|
|
|
from app.notify_client.inbound_number_client import inbound_number_client
|
2018-10-26 15:39:32 +01:00
|
|
|
|
from app.notify_client.invite_api_client import invite_api_client
|
|
|
|
|
|
from app.notify_client.job_api_client import job_api_client
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.letter_branding_client import letter_branding_client
|
|
|
|
|
|
from app.notify_client.letter_jobs_client import letter_jobs_client
|
2018-10-26 15:39:32 +01:00
|
|
|
|
from app.notify_client.notification_api_client import notification_api_client
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.org_invite_api_client import org_invite_api_client
|
|
|
|
|
|
from app.notify_client.organisations_api_client import organisations_client
|
2021-03-10 11:01:15 +00:00
|
|
|
|
from app.notify_client.performance_dashboard_api_client import (
|
|
|
|
|
|
performance_dashboard_api_client,
|
2021-03-10 10:35:58 +00:00
|
|
|
|
)
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.platform_stats_api_client import (
|
|
|
|
|
|
platform_stats_api_client,
|
|
|
|
|
|
)
|
|
|
|
|
|
from app.notify_client.provider_client import provider_client
|
|
|
|
|
|
from app.notify_client.service_api_client import service_api_client
|
2018-10-26 15:39:32 +01:00
|
|
|
|
from app.notify_client.status_api_client import status_api_client
|
2019-03-25 10:25:05 +00:00
|
|
|
|
from app.notify_client.template_folder_api_client import (
|
|
|
|
|
|
template_folder_api_client,
|
|
|
|
|
|
)
|
|
|
|
|
|
from app.notify_client.template_statistics_api_client import (
|
|
|
|
|
|
template_statistics_client,
|
|
|
|
|
|
)
|
2020-05-11 10:52:43 +01:00
|
|
|
|
from app.notify_client.upload_api_client import upload_api_client
|
2018-10-26 15:39:32 +01:00
|
|
|
|
from app.notify_client.user_api_client import user_api_client
|
2019-11-04 11:20:08 +00:00
|
|
|
|
from app.url_converters import (
|
|
|
|
|
|
LetterFileExtensionConverter,
|
2019-12-30 16:53:32 +00:00
|
|
|
|
SimpleDateTypeConverter,
|
2019-11-04 11:20:08 +00:00
|
|
|
|
TemplateTypeConverter,
|
2020-03-24 15:13:53 +00:00
|
|
|
|
TicketTypeConverter,
|
2019-11-04 11:20:08 +00:00
|
|
|
|
)
|
2021-01-06 12:12:01 +00:00
|
|
|
|
from app.utils import get_logo_cdn_domain
|
2017-07-11 17:06:15 +01:00
|
|
|
|
|
2015-11-27 16:25:56 +00:00
|
|
|
|
login_manager = LoginManager()
|
2017-07-27 15:17:17 +01:00
|
|
|
|
csrf = CSRFProtect()
|
2020-07-01 13:27:12 +01:00
|
|
|
|
metrics = GDSMetrics()
|
2018-10-26 15:29:59 +01:00
|
|
|
|
|
2018-07-20 08:43:02 +01:00
|
|
|
|
|
2016-04-04 16:53:52 +01:00
|
|
|
|
# The current service attached to the request stack.
|
2018-07-20 08:43:02 +01:00
|
|
|
|
def _get_current_service():
|
2018-10-26 08:20:00 +01:00
|
|
|
|
return _lookup_req_object('service')
|
2018-07-20 08:43:02 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
current_service = LocalProxy(_get_current_service)
|
2016-04-04 16:53:52 +01:00
|
|
|
|
|
2018-02-13 14:49:03 +00:00
|
|
|
|
# The current organisation attached to the request stack.
|
|
|
|
|
|
current_organisation = LocalProxy(partial(_lookup_req_object, 'organisation'))
|
2015-11-20 16:22:44 +00:00
|
|
|
|
|
2018-04-25 11:11:37 +01:00
|
|
|
|
navigation = {
|
2018-06-12 16:17:20 +01:00
|
|
|
|
'casework_navigation': CaseworkNavigation(),
|
2018-04-25 11:11:37 +01:00
|
|
|
|
'main_navigation': MainNavigation(),
|
|
|
|
|
|
'header_navigation': HeaderNavigation(),
|
2018-04-25 13:17:47 +01:00
|
|
|
|
'org_navigation': OrgNavigation(),
|
2018-04-25 11:11:37 +01:00
|
|
|
|
}
|
2018-04-25 10:24:32 +01:00
|
|
|
|
|
2018-02-14 13:08:44 +00:00
|
|
|
|
|
2017-11-06 13:07:21 +00:00
|
|
|
|
def create_app(application):
|
|
|
|
|
|
setup_commands(application)
|
2015-11-20 16:22:44 +00:00
|
|
|
|
|
2017-01-09 19:14:04 +00:00
|
|
|
|
notify_environment = os.environ['NOTIFY_ENVIRONMENT']
|
2016-12-08 16:50:37 +00:00
|
|
|
|
|
|
|
|
|
|
application.config.from_object(configs[notify_environment])
|
2018-11-29 13:06:10 +00:00
|
|
|
|
asset_fingerprinter._asset_root = application.config['ASSET_PATH']
|
2016-03-17 13:45:59 +00:00
|
|
|
|
|
|
|
|
|
|
init_app(application)
|
2019-01-29 11:18:08 +00:00
|
|
|
|
|
2019-10-03 13:00:32 +01:00
|
|
|
|
init_govuk_frontend(application)
|
|
|
|
|
|
init_jinja(application)
|
|
|
|
|
|
|
2019-01-29 11:18:08 +00:00
|
|
|
|
for client in (
|
2019-01-30 13:45:05 +00:00
|
|
|
|
# Gubbins
|
2020-07-01 13:52:04 +01:00
|
|
|
|
# Note, metrics purposefully first so we start measuring response times as early as possible before any
|
|
|
|
|
|
# other `app.before_request` handlers (introduced by any of these clients) are processed (which would
|
|
|
|
|
|
# otherwise mean we aren't measuring the full response time)
|
|
|
|
|
|
metrics,
|
2019-01-29 11:18:08 +00:00
|
|
|
|
csrf,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
login_manager,
|
|
|
|
|
|
proxy_fix,
|
2019-01-29 11:18:08 +00:00
|
|
|
|
request_helper,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
|
2019-02-14 14:25:31 +00:00
|
|
|
|
# API clients
|
2019-01-29 11:18:08 +00:00
|
|
|
|
api_key_api_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
billing_api_client,
|
2020-07-09 10:33:50 +01:00
|
|
|
|
broadcast_message_api_client,
|
2020-03-12 16:13:18 +00:00
|
|
|
|
contact_list_api_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
complaint_api_client,
|
|
|
|
|
|
email_branding_client,
|
|
|
|
|
|
events_api_client,
|
|
|
|
|
|
inbound_number_client,
|
|
|
|
|
|
invite_api_client,
|
2019-01-29 11:18:08 +00:00
|
|
|
|
job_api_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
letter_branding_client,
|
|
|
|
|
|
letter_jobs_client,
|
2019-01-29 11:18:08 +00:00
|
|
|
|
notification_api_client,
|
|
|
|
|
|
org_invite_api_client,
|
|
|
|
|
|
organisations_client,
|
2021-03-10 11:01:15 +00:00
|
|
|
|
performance_dashboard_api_client,
|
2019-01-29 11:18:08 +00:00
|
|
|
|
platform_stats_api_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
provider_client,
|
|
|
|
|
|
service_api_client,
|
|
|
|
|
|
status_api_client,
|
2019-01-29 11:18:08 +00:00
|
|
|
|
template_folder_api_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
template_statistics_client,
|
2020-05-11 10:52:43 +01:00
|
|
|
|
upload_api_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
user_api_client,
|
|
|
|
|
|
|
|
|
|
|
|
# External API clients
|
2019-02-14 14:25:31 +00:00
|
|
|
|
antivirus_client,
|
2020-07-01 13:27:12 +01:00
|
|
|
|
redis_client,
|
2019-01-30 13:45:05 +00:00
|
|
|
|
zendesk_client,
|
|
|
|
|
|
|
2019-01-29 11:18:08 +00:00
|
|
|
|
):
|
|
|
|
|
|
client.init_app(application)
|
|
|
|
|
|
|
2020-07-01 13:27:12 +01:00
|
|
|
|
logging.init_app(application)
|
Support registering a new authenticator
This adds Yubico's FIDO2 library and two APIs for working with the
"navigator.credentials.create()" function in JavaScript. The GET
API uses the library to generate options for the "create()" function,
and the POST API decodes and verifies the resulting credential. While
the options and response are dict-like, CBOR is necessary to encode
some of the byte-level values, which can't be represented in JSON.
Much of the code here is based on the Yubico library example [1][2].
Implementation notes:
- There are definitely better ways to alert the user about failure, but
window.alert() will do for the time being. Using location.reload() is
also a bit jarring if the page scrolls, but not a major issue.
- Ideally we would use window.fetch() to do AJAX calls, but we don't
have a polyfill for this, and we use $.ajax() elsewhere [3]. We need
to do a few weird tricks [6] to stop jQuery trashing the data.
- The FIDO2 server doesn't serve web requests; it's just a "server" in
the sense of WebAuthn terminology. It lives in its own module, since it
needs to be initialised with the app / config.
- $.ajax returns a promise-like object. Although we've used ".fail()"
elsewhere [3], I couldn't find a stub object that supports it, so I've
gone for ".catch()", and used a Promise stub object in tests.
- WebAuthn only works over HTTPS, but there's an exception for "localhost"
[4]. However, the library is a bit too strict [5], so we have to disable
origin verification to avoid needing HTTPS for dev work.
[1]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/examples/server/server.py
[2]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/examples/server/static/register.html
[3]: https://github.com/alphagov/notifications-admin/blob/91453d36395b7a0cf2998dfb8a5f52cc9e96640f/app/assets/javascripts/updateContent.js#L33
[4]: https://stackoverflow.com/questions/55971593/navigator-credentials-is-null-on-local-server
[5]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/fido2/rpid.py#L69
[6]: https://stackoverflow.com/questions/12394622/does-jquery-ajax-or-load-allow-for-responsetype-arraybuffer
2021-05-07 18:10:07 +01:00
|
|
|
|
webauthn_server.init_app(application)
|
2019-01-29 11:18:08 +00:00
|
|
|
|
|
2016-01-06 17:17:02 +00:00
|
|
|
|
login_manager.login_view = 'main.sign_in'
|
2016-03-02 16:29:39 +00:00
|
|
|
|
login_manager.login_message_category = 'default'
|
2016-12-14 14:07:08 +00:00
|
|
|
|
login_manager.session_protection = None
|
2017-02-17 14:06:09 +00:00
|
|
|
|
login_manager.anonymous_user = AnonymousUser
|
2015-11-24 09:40:14 +00:00
|
|
|
|
|
2019-02-14 14:25:31 +00:00
|
|
|
|
# make sure we handle unicode correctly
|
|
|
|
|
|
redis_client.redis_store.decode_responses = True
|
|
|
|
|
|
|
2019-11-28 14:39:30 +00:00
|
|
|
|
setup_blueprints(application)
|
2016-01-11 14:54:23 +00:00
|
|
|
|
|
2017-11-06 13:07:21 +00:00
|
|
|
|
add_template_filters(application)
|
2016-04-21 09:30:33 +01:00
|
|
|
|
|
2016-01-07 15:48:29 +00:00
|
|
|
|
register_errorhandlers(application)
|
2016-01-07 13:58:38 +00:00
|
|
|
|
|
2016-04-27 16:39:17 +01:00
|
|
|
|
setup_event_handlers()
|
|
|
|
|
|
|
2015-11-24 09:40:14 +00:00
|
|
|
|
|
2016-03-17 13:45:59 +00:00
|
|
|
|
def init_app(application):
|
2017-11-06 13:07:21 +00:00
|
|
|
|
application.after_request(useful_headers_after_request)
|
2019-11-28 14:39:30 +00:00
|
|
|
|
|
2017-11-06 13:07:21 +00:00
|
|
|
|
application.before_request(load_service_before_request)
|
2018-02-13 16:40:04 +00:00
|
|
|
|
application.before_request(load_organisation_before_request)
|
2017-11-16 16:25:40 +00:00
|
|
|
|
application.before_request(request_helper.check_proxy_header_before_request)
|
2017-11-06 13:07:21 +00:00
|
|
|
|
|
2020-12-29 13:38:27 +00:00
|
|
|
|
font_paths = [
|
|
|
|
|
|
str(item)[len(asset_fingerprinter._filesystem_path):]
|
|
|
|
|
|
for item in pathlib.Path(asset_fingerprinter._filesystem_path).glob('fonts/*.woff2')
|
|
|
|
|
|
]
|
|
|
|
|
|
|
2017-11-06 13:07:21 +00:00
|
|
|
|
@application.context_processor
|
|
|
|
|
|
def _attach_current_service():
|
|
|
|
|
|
return {'current_service': current_service}
|
2016-05-12 13:56:14 +01:00
|
|
|
|
|
2018-02-13 14:49:03 +00:00
|
|
|
|
@application.context_processor
|
|
|
|
|
|
def _attach_current_organisation():
|
|
|
|
|
|
return {'current_org': current_organisation}
|
|
|
|
|
|
|
2018-01-25 15:29:05 +00:00
|
|
|
|
@application.context_processor
|
|
|
|
|
|
def _attach_current_user():
|
2019-03-28 16:07:26 +00:00
|
|
|
|
return {'current_user': current_user}
|
2018-01-25 15:29:05 +00:00
|
|
|
|
|
2018-04-24 12:48:05 +01:00
|
|
|
|
@application.context_processor
|
|
|
|
|
|
def _nav_selected():
|
2018-04-25 11:11:37 +01:00
|
|
|
|
return navigation
|
2018-04-24 12:48:05 +01:00
|
|
|
|
|
2016-05-12 13:56:14 +01:00
|
|
|
|
@application.before_request
|
|
|
|
|
|
def record_start_time():
|
|
|
|
|
|
g.start = monotonic()
|
2016-12-01 17:21:06 +00:00
|
|
|
|
g.endpoint = request.endpoint
|
2016-05-12 13:56:14 +01:00
|
|
|
|
|
2016-03-17 13:45:59 +00:00
|
|
|
|
@application.context_processor
|
Use a Node-based tools for handling assets
…or how to move a bunch of things from a bunch of different places into
`app/static`.
There are three main reasons not to use Flask Assets:
- It had some strange behaviour like only
- It was based on Ruby SASS, which is slower to get new features than libsass,
and meant depending on Ruby, and having the SASS Gem globally installed—so
you’re already out of being a ‘pure’ Python app
- Martyn and I have experience of doing it this way on Marketplace, and we’ve
ironed out the initial rough patches
The specific technologies this introduces, all of which are Node-based:
- Gulp – like a Makefile written in Javascript
- NPM – package management, used for managing Gulp and its related dependencies
- Bower – also package management, and the only way I can think to have
GOV.UK template as a proper dependency
…speaking of which, GOV.UK template is now a dependency. This means it can’t be
modified at all (eg to add a global `#content` wrapper), so every page now
inherits from a template that has this wrapper. But it also means that we have a
clean upgrade path when the template is modified.
Everything else (toolkit, elements) I’ve kept as submodules but moved them to a
more logical place (`app/assets` not `app/assets/stylesheets`, because they
contain more than just SASS/CSS).
2015-12-15 08:20:25 +00:00
|
|
|
|
def inject_global_template_variables():
|
2016-02-01 14:46:12 +00:00
|
|
|
|
return {
|
2018-11-28 15:39:08 +00:00
|
|
|
|
'asset_path': application.config['ASSET_PATH'],
|
2016-03-17 13:45:59 +00:00
|
|
|
|
'header_colour': application.config['HEADER_COLOUR'],
|
2020-12-29 13:38:27 +00:00
|
|
|
|
'asset_url': asset_fingerprinter.get_url,
|
|
|
|
|
|
'font_paths': font_paths,
|
2016-02-01 14:46:12 +00:00
|
|
|
|
}
|
Use a Node-based tools for handling assets
…or how to move a bunch of things from a bunch of different places into
`app/static`.
There are three main reasons not to use Flask Assets:
- It had some strange behaviour like only
- It was based on Ruby SASS, which is slower to get new features than libsass,
and meant depending on Ruby, and having the SASS Gem globally installed—so
you’re already out of being a ‘pure’ Python app
- Martyn and I have experience of doing it this way on Marketplace, and we’ve
ironed out the initial rough patches
The specific technologies this introduces, all of which are Node-based:
- Gulp – like a Makefile written in Javascript
- NPM – package management, used for managing Gulp and its related dependencies
- Bower – also package management, and the only way I can think to have
GOV.UK template as a proper dependency
…speaking of which, GOV.UK template is now a dependency. This means it can’t be
modified at all (eg to add a global `#content` wrapper), so every page now
inherits from a template that has this wrapper. But it also means that we have a
clean upgrade path when the template is modified.
Everything else (toolkit, elements) I’ve kept as submodules but moved them to a
more logical place (`app/assets` not `app/assets/stylesheets`, because they
contain more than just SASS/CSS).
2015-12-15 08:20:25 +00:00
|
|
|
|
|
2019-11-04 12:20:09 +00:00
|
|
|
|
application.url_map.converters['uuid'].to_python = lambda self, value: value
|
2019-11-04 11:20:08 +00:00
|
|
|
|
application.url_map.converters['template_type'] = TemplateTypeConverter
|
2020-03-24 15:13:53 +00:00
|
|
|
|
application.url_map.converters['ticket_type'] = TicketTypeConverter
|
2019-11-04 11:20:08 +00:00
|
|
|
|
application.url_map.converters['letter_file_extension'] = LetterFileExtensionConverter
|
2019-12-30 16:53:32 +00:00
|
|
|
|
application.url_map.converters['simple_date'] = SimpleDateTypeConverter
|
2019-11-04 12:20:09 +00:00
|
|
|
|
|
2015-11-25 15:29:12 +00:00
|
|
|
|
|
2016-03-30 09:58:10 +01:00
|
|
|
|
@login_manager.user_loader
|
|
|
|
|
|
def load_user(user_id):
|
Make user API client return JSON, not a model
The data flow of other bits of our application looks like this:
```
API (returns JSON)
⬇
API client (returns a built in type, usually `dict`)
⬇
Model (returns an instance, eg of type `Service`)
⬇
View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:
```
API (returns JSON)
⬇
API client (returns a model, of type `User`, `InvitedUser`, etc)
⬇
View (returns HTML)
```
This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.
It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.
For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.
2019-05-23 15:27:35 +01:00
|
|
|
|
return User.from_id(user_id)
|
2016-03-30 09:58:10 +01:00
|
|
|
|
|
|
|
|
|
|
|
2019-11-28 14:39:30 +00:00
|
|
|
|
def make_session_permanent():
|
|
|
|
|
|
"""
|
|
|
|
|
|
Make sessions permanent. By permanent, we mean "admin app sets when it expires". Normally the cookie would expire
|
|
|
|
|
|
whenever you close the browser. With this, the session expiry is set in `config['PERMANENT_SESSION_LIFETIME']`
|
|
|
|
|
|
(20 hours) and is refreshed after every request. IE: you will be logged out after twenty hours of inactivity.
|
|
|
|
|
|
|
|
|
|
|
|
We don't _need_ to set this every request (it's saved within the cookie itself under the `_permanent` flag), only
|
|
|
|
|
|
when you first log in/sign up/get invited/etc, but we do it just to be safe. For more reading, check here:
|
|
|
|
|
|
https://stackoverflow.com/questions/34118093/flask-permanent-session-where-to-define-them
|
|
|
|
|
|
"""
|
|
|
|
|
|
session.permanent = True
|
|
|
|
|
|
|
|
|
|
|
|
|
2016-04-04 16:53:52 +01:00
|
|
|
|
def load_service_before_request():
|
2016-08-12 12:37:18 +01:00
|
|
|
|
if '/static/' in request.url:
|
2017-05-04 11:28:45 +01:00
|
|
|
|
_request_ctx_stack.top.service = None
|
2016-08-12 12:37:18 +01:00
|
|
|
|
return
|
2016-04-13 16:19:34 +01:00
|
|
|
|
if _request_ctx_stack.top is not None:
|
2017-10-30 16:59:24 +00:00
|
|
|
|
_request_ctx_stack.top.service = None
|
|
|
|
|
|
|
|
|
|
|
|
if request.view_args:
|
|
|
|
|
|
service_id = request.view_args.get('service_id', session.get('service_id'))
|
|
|
|
|
|
else:
|
|
|
|
|
|
service_id = session.get('service_id')
|
|
|
|
|
|
|
|
|
|
|
|
if service_id:
|
|
|
|
|
|
try:
|
2018-10-26 08:20:00 +01:00
|
|
|
|
_request_ctx_stack.top.service = Service(
|
|
|
|
|
|
service_api_client.get_service(service_id)['data']
|
|
|
|
|
|
)
|
2017-10-30 16:59:24 +00:00
|
|
|
|
except HTTPError as exc:
|
|
|
|
|
|
# if service id isn't real, then 404 rather than 500ing later because we expect service to be set
|
|
|
|
|
|
if exc.status_code == 404:
|
|
|
|
|
|
abort(404)
|
|
|
|
|
|
else:
|
|
|
|
|
|
raise
|
2016-04-04 16:53:52 +01:00
|
|
|
|
|
|
|
|
|
|
|
2018-02-13 16:40:04 +00:00
|
|
|
|
def load_organisation_before_request():
|
|
|
|
|
|
if '/static/' in request.url:
|
|
|
|
|
|
_request_ctx_stack.top.organisation = None
|
|
|
|
|
|
return
|
|
|
|
|
|
if _request_ctx_stack.top is not None:
|
|
|
|
|
|
_request_ctx_stack.top.organisation = None
|
|
|
|
|
|
|
|
|
|
|
|
if request.view_args:
|
2018-03-01 11:34:53 +00:00
|
|
|
|
org_id = request.view_args.get('org_id')
|
|
|
|
|
|
|
|
|
|
|
|
if org_id:
|
|
|
|
|
|
try:
|
2019-05-23 17:17:26 +01:00
|
|
|
|
_request_ctx_stack.top.organisation = Organisation.from_id(org_id)
|
2018-03-01 11:34:53 +00:00
|
|
|
|
except HTTPError as exc:
|
|
|
|
|
|
# if org id isn't real, then 404 rather than 500ing later because we expect org to be set
|
|
|
|
|
|
if exc.status_code == 404:
|
|
|
|
|
|
abort(404)
|
|
|
|
|
|
else:
|
|
|
|
|
|
raise
|
2018-02-13 16:40:04 +00:00
|
|
|
|
|
|
|
|
|
|
|
2018-03-07 18:30:26 +00:00
|
|
|
|
def save_service_or_org_after_request(response):
|
2016-04-04 16:53:52 +01:00
|
|
|
|
# Only save the current session if the request is 200
|
|
|
|
|
|
service_id = request.view_args.get('service_id', None) if request.view_args else None
|
2018-03-07 18:30:26 +00:00
|
|
|
|
organisation_id = request.view_args.get('org_id', None) if request.view_args else None
|
|
|
|
|
|
if response.status_code == 200:
|
|
|
|
|
|
if service_id:
|
|
|
|
|
|
session['service_id'] = service_id
|
|
|
|
|
|
session['organisation_id'] = None
|
|
|
|
|
|
elif organisation_id:
|
|
|
|
|
|
session['service_id'] = None
|
|
|
|
|
|
session['organisation_id'] = organisation_id
|
2016-04-04 16:53:52 +01:00
|
|
|
|
return response
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# https://www.owasp.org/index.php/List_of_useful_HTTP_headers
|
2016-01-07 13:58:38 +00:00
|
|
|
|
def useful_headers_after_request(response):
|
|
|
|
|
|
response.headers.add('X-Frame-Options', 'deny')
|
|
|
|
|
|
response.headers.add('X-Content-Type-Options', 'nosniff')
|
|
|
|
|
|
response.headers.add('X-XSS-Protection', '1; mode=block')
|
2016-07-05 07:12:21 +01:00
|
|
|
|
response.headers.add('Content-Security-Policy', (
|
2018-11-29 11:41:13 +00:00
|
|
|
|
"default-src 'self' {asset_domain} 'unsafe-inline';"
|
|
|
|
|
|
"script-src 'self' {asset_domain} *.google-analytics.com 'unsafe-inline' 'unsafe-eval' data:;"
|
2017-11-06 10:25:30 +00:00
|
|
|
|
"connect-src 'self' *.google-analytics.com;"
|
2016-07-05 07:12:21 +01:00
|
|
|
|
"object-src 'self';"
|
2018-11-29 11:41:13 +00:00
|
|
|
|
"font-src 'self' {asset_domain} data:;"
|
2020-07-06 10:53:14 +01:00
|
|
|
|
"img-src 'self' {asset_domain} *.tile.openstreetmap.org *.google-analytics.com"
|
|
|
|
|
|
" *.notifications.service.gov.uk {logo_domain} data:;"
|
2019-12-19 13:43:44 +00:00
|
|
|
|
"frame-src 'self' www.youtube-nocookie.com;".format(
|
2018-11-29 12:07:48 +00:00
|
|
|
|
asset_domain=current_app.config['ASSET_DOMAIN'],
|
2018-11-29 11:41:13 +00:00
|
|
|
|
logo_domain=get_logo_cdn_domain(),
|
2018-11-29 11:29:52 +00:00
|
|
|
|
)
|
2016-07-05 07:12:21 +01:00
|
|
|
|
))
|
2020-12-03 10:52:25 +00:00
|
|
|
|
response.headers.add('Link', (
|
|
|
|
|
|
'<{asset_url}>; rel=dns-prefetch, <{asset_url}>; rel=preconnect'.format(
|
|
|
|
|
|
asset_url=f'https://{current_app.config["ASSET_DOMAIN"]}'
|
|
|
|
|
|
)
|
|
|
|
|
|
))
|
2016-02-02 14:02:10 +00:00
|
|
|
|
if 'Cache-Control' in response.headers:
|
|
|
|
|
|
del response.headers['Cache-Control']
|
|
|
|
|
|
response.headers.add(
|
2016-02-02 16:50:13 +00:00
|
|
|
|
'Cache-Control', 'no-store, no-cache, private, must-revalidate')
|
2018-05-25 10:18:39 +01:00
|
|
|
|
for key, value in response.headers:
|
|
|
|
|
|
response.headers[key] = SanitiseASCII.encode(value)
|
2016-01-07 13:58:38 +00:00
|
|
|
|
return response
|
2016-01-07 15:48:29 +00:00
|
|
|
|
|
2016-01-07 15:55:55 +00:00
|
|
|
|
|
2017-11-01 16:02:05 +00:00
|
|
|
|
def register_errorhandlers(application): # noqa (C901 too complex)
|
2020-02-20 17:46:48 +00:00
|
|
|
|
def _error_response(error_code, error_page_template=None):
|
|
|
|
|
|
if error_page_template is None:
|
|
|
|
|
|
error_page_template = error_code
|
|
|
|
|
|
resp = make_response(render_template("error/{0}.html".format(error_page_template)), error_code)
|
2016-03-10 14:56:47 +00:00
|
|
|
|
return useful_headers_after_request(resp)
|
|
|
|
|
|
|
2016-03-10 11:53:29 +00:00
|
|
|
|
@application.errorhandler(HTTPError)
|
|
|
|
|
|
def render_http_error(error):
|
2018-03-08 16:10:17 +00:00
|
|
|
|
application.logger.warning("API {} failed with status {} message {}".format(
|
2016-07-21 17:32:28 +01:00
|
|
|
|
error.response.url if error.response else 'unknown',
|
2016-07-19 13:53:27 +01:00
|
|
|
|
error.status_code,
|
|
|
|
|
|
error.message
|
|
|
|
|
|
))
|
2016-03-11 10:16:06 +00:00
|
|
|
|
error_code = error.status_code
|
2020-02-20 17:48:48 +00:00
|
|
|
|
if error_code not in [401, 404, 403, 410]:
|
|
|
|
|
|
# probably a 500 or 503.
|
|
|
|
|
|
# it might be a 400, which we should handle as if it's an internal server error. If the API might
|
|
|
|
|
|
# legitimately return a 400, we should handle that within the view or the client that calls it.
|
2018-03-08 16:10:17 +00:00
|
|
|
|
application.logger.exception("API {} failed with status {} message {}".format(
|
|
|
|
|
|
error.response.url if error.response else 'unknown',
|
|
|
|
|
|
error.status_code,
|
|
|
|
|
|
error.message
|
|
|
|
|
|
))
|
2016-03-10 11:53:29 +00:00
|
|
|
|
error_code = 500
|
2016-03-10 14:56:47 +00:00
|
|
|
|
return _error_response(error_code)
|
2016-10-10 11:36:12 +01:00
|
|
|
|
|
2018-05-30 13:50:29 +01:00
|
|
|
|
@application.errorhandler(400)
|
2020-02-20 17:46:48 +00:00
|
|
|
|
def handle_client_error(error):
|
|
|
|
|
|
# This is tripped if we call `abort(400)`.
|
|
|
|
|
|
application.logger.exception('Unhandled 400 client error')
|
|
|
|
|
|
return _error_response(400, error_page_template=500)
|
2018-05-30 13:50:29 +01:00
|
|
|
|
|
2016-10-10 11:36:12 +01:00
|
|
|
|
@application.errorhandler(410)
|
|
|
|
|
|
def handle_gone(error):
|
|
|
|
|
|
return _error_response(410)
|
2016-03-10 14:56:47 +00:00
|
|
|
|
|
2018-03-08 17:49:08 +00:00
|
|
|
|
@application.errorhandler(413)
|
|
|
|
|
|
def handle_payload_too_large(error):
|
|
|
|
|
|
return _error_response(413)
|
|
|
|
|
|
|
2016-03-10 14:56:47 +00:00
|
|
|
|
@application.errorhandler(404)
|
|
|
|
|
|
def handle_not_found(error):
|
|
|
|
|
|
return _error_response(404)
|
|
|
|
|
|
|
|
|
|
|
|
@application.errorhandler(403)
|
|
|
|
|
|
def handle_not_authorized(error):
|
|
|
|
|
|
return _error_response(403)
|
|
|
|
|
|
|
|
|
|
|
|
@application.errorhandler(401)
|
|
|
|
|
|
def handle_no_permissions(error):
|
|
|
|
|
|
return _error_response(401)
|
|
|
|
|
|
|
2017-11-01 15:47:05 +00:00
|
|
|
|
@application.errorhandler(BadSignature)
|
|
|
|
|
|
def handle_bad_token(error):
|
|
|
|
|
|
# if someone has a malformed token
|
|
|
|
|
|
flash('There’s something wrong with the link you’ve used.')
|
|
|
|
|
|
return _error_response(404)
|
|
|
|
|
|
|
2017-11-28 12:11:29 +00:00
|
|
|
|
@application.errorhandler(CSRFError)
|
|
|
|
|
|
def handle_csrf(reason):
|
|
|
|
|
|
application.logger.warning('csrf.error_message: {}'.format(reason))
|
|
|
|
|
|
|
|
|
|
|
|
if 'user_id' not in session:
|
|
|
|
|
|
application.logger.warning(
|
|
|
|
|
|
u'csrf.session_expired: Redirecting user to log in page'
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
return application.login_manager.unauthorized()
|
|
|
|
|
|
|
|
|
|
|
|
application.logger.warning(
|
|
|
|
|
|
u'csrf.invalid_token: Aborting request, user_id: {user_id}',
|
|
|
|
|
|
extra={'user_id': session['user_id']})
|
|
|
|
|
|
|
2020-02-20 17:46:48 +00:00
|
|
|
|
return _error_response(400, error_page_template=500)
|
2017-11-28 12:11:29 +00:00
|
|
|
|
|
2018-06-22 17:36:58 +01:00
|
|
|
|
@application.errorhandler(405)
|
2020-02-20 17:46:48 +00:00
|
|
|
|
def handle_method_not_allowed(error):
|
|
|
|
|
|
return _error_response(405, error_page_template=500)
|
2018-06-22 17:36:58 +01:00
|
|
|
|
|
|
|
|
|
|
@application.errorhandler(WerkzeugHTTPException)
|
|
|
|
|
|
def handle_http_error(error):
|
|
|
|
|
|
if error.code == 301:
|
2019-03-21 16:41:22 +00:00
|
|
|
|
# PermanentRedirect exception
|
2018-06-22 17:36:58 +01:00
|
|
|
|
return error
|
|
|
|
|
|
|
|
|
|
|
|
return _error_response(error.code)
|
2018-05-30 14:54:25 +01:00
|
|
|
|
|
2020-03-06 11:53:55 +00:00
|
|
|
|
@application.errorhandler(InviteTokenError)
|
|
|
|
|
|
def handle_bad_invite_token(error):
|
|
|
|
|
|
flash(str(error))
|
|
|
|
|
|
return redirect(url_for('main.sign_in'))
|
|
|
|
|
|
|
2018-02-12 16:02:33 +00:00
|
|
|
|
@application.errorhandler(500)
|
|
|
|
|
|
@application.errorhandler(Exception)
|
|
|
|
|
|
def handle_bad_request(error):
|
|
|
|
|
|
current_app.logger.exception(error)
|
|
|
|
|
|
# We want the Flask in browser stacktrace
|
|
|
|
|
|
if current_app.config.get('DEBUG', None):
|
|
|
|
|
|
raise error
|
|
|
|
|
|
return _error_response(500)
|
|
|
|
|
|
|
2016-04-27 16:39:17 +01:00
|
|
|
|
|
2019-11-28 14:39:30 +00:00
|
|
|
|
def setup_blueprints(application):
|
|
|
|
|
|
"""
|
|
|
|
|
|
There are three blueprints: status_blueprint, no_cookie_blueprint, and main_blueprint.
|
|
|
|
|
|
|
|
|
|
|
|
main_blueprint is the default for everything.
|
|
|
|
|
|
|
|
|
|
|
|
status_blueprint is only for the status page - unauthenticated, unstyled, no cookies, etc.
|
|
|
|
|
|
|
|
|
|
|
|
no_cookie_blueprint is for subresources (things loaded asynchronously) that we might be concerned are setting
|
|
|
|
|
|
cookies unnecessarily and potentially getting in to strange race conditions and overwriting other cookies, as we've
|
|
|
|
|
|
seen in the send message flow. Currently, this includes letter template previews, and the iframe from the platform
|
|
|
|
|
|
admin email branding preview pages.
|
|
|
|
|
|
|
|
|
|
|
|
This notably doesn't include the *.json ajax endpoints. If we included them in this, the cookies wouldn't be
|
|
|
|
|
|
updated, including the expiration date. If you have a dashboard open and in focus it'll refresh the expiration timer
|
|
|
|
|
|
every two seconds, and you will never log out, which is behaviour we want to preserve.
|
|
|
|
|
|
"""
|
2021-03-08 15:36:23 +00:00
|
|
|
|
from app.main import main as main_blueprint
|
|
|
|
|
|
from app.main import no_cookie as no_cookie_blueprint
|
2019-11-28 14:39:30 +00:00
|
|
|
|
from app.status import status as status_blueprint
|
|
|
|
|
|
|
|
|
|
|
|
main_blueprint.before_request(make_session_permanent)
|
|
|
|
|
|
main_blueprint.after_request(save_service_or_org_after_request)
|
|
|
|
|
|
|
|
|
|
|
|
application.register_blueprint(main_blueprint)
|
|
|
|
|
|
# no_cookie_blueprint specifically doesn't have `make_session_permanent` or `save_service_or_org_after_request`
|
|
|
|
|
|
application.register_blueprint(no_cookie_blueprint)
|
|
|
|
|
|
application.register_blueprint(status_blueprint)
|
|
|
|
|
|
|
|
|
|
|
|
|
2016-04-27 16:39:17 +01:00
|
|
|
|
def setup_event_handlers():
|
2017-07-26 11:02:57 +01:00
|
|
|
|
from flask_login import user_logged_in
|
2021-03-08 15:36:23 +00:00
|
|
|
|
|
2017-02-23 16:43:09 +00:00
|
|
|
|
from app.event_handlers import on_user_logged_in
|
2016-04-27 16:39:17 +01:00
|
|
|
|
|
|
|
|
|
|
user_logged_in.connect(on_user_logged_in)
|
2017-11-06 13:07:21 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def add_template_filters(application):
|
2017-11-09 15:54:49 +00:00
|
|
|
|
for fn in [
|
2021-03-11 13:23:02 +00:00
|
|
|
|
format_billions,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_datetime,
|
|
|
|
|
|
format_datetime_24h,
|
|
|
|
|
|
format_datetime_normal,
|
|
|
|
|
|
format_datetime_short,
|
|
|
|
|
|
format_time,
|
|
|
|
|
|
valid_phone_number,
|
|
|
|
|
|
linkable_name,
|
|
|
|
|
|
format_date,
|
2019-10-18 16:43:52 +01:00
|
|
|
|
format_date_human,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_date_normal,
|
2020-05-11 10:52:30 +01:00
|
|
|
|
format_date_numeric,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_date_short,
|
2020-02-19 17:11:31 +00:00
|
|
|
|
format_datetime_human,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_datetime_relative,
|
2020-02-17 12:58:05 +00:00
|
|
|
|
format_day_of_week,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_delta,
|
2020-02-12 14:19:21 +00:00
|
|
|
|
format_delta_days,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_notification_status,
|
2018-07-17 14:39:04 +01:00
|
|
|
|
format_notification_type,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
format_notification_status_as_time,
|
|
|
|
|
|
format_notification_status_as_field_status,
|
|
|
|
|
|
format_notification_status_as_url,
|
2020-07-14 14:45:37 +01:00
|
|
|
|
format_number_in_pounds_as_currency,
|
2021-01-06 12:12:01 +00:00
|
|
|
|
formatted_list,
|
|
|
|
|
|
normalise_lines,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
nl2br,
|
|
|
|
|
|
format_phone_number_human_readable,
|
2019-07-08 12:00:40 +01:00
|
|
|
|
format_thousands,
|
2018-09-21 14:24:31 +01:00
|
|
|
|
id_safe,
|
2019-11-14 16:22:06 +00:00
|
|
|
|
convert_to_boolean,
|
2020-12-17 10:46:42 +00:00
|
|
|
|
format_list_items,
|
2021-01-06 12:59:48 +00:00
|
|
|
|
iteration_count,
|
|
|
|
|
|
recipient_count,
|
|
|
|
|
|
recipient_count_label,
|
|
|
|
|
|
message_count_label,
|
|
|
|
|
|
message_count,
|
|
|
|
|
|
message_count_noun,
|
2021-02-15 21:02:37 +00:00
|
|
|
|
format_mobile_network,
|
2017-11-09 15:54:49 +00:00
|
|
|
|
]:
|
|
|
|
|
|
application.add_template_filter(fn)
|
2019-10-03 13:00:32 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def init_jinja(application):
|
|
|
|
|
|
repo_root = os.path.abspath(os.path.join(os.path.dirname(__file__), '..'))
|
|
|
|
|
|
template_folders = [
|
|
|
|
|
|
os.path.join(repo_root, 'app/templates'),
|
2019-11-25 13:04:23 +00:00
|
|
|
|
os.path.join(repo_root, 'app/templates/vendor/govuk-frontend'),
|
2019-10-03 13:00:32 +01:00
|
|
|
|
]
|
|
|
|
|
|
jinja_loader = jinja2.FileSystemLoader(template_folders)
|
|
|
|
|
|
application.jinja_loader = jinja_loader
|