darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

revamp PII masking

Browse Source
This commit is contained in:
Kenneth Kehl
2024-06-17 11:13:03 -07:00
parent 4e8e1acb5b e426449a38
commit 16ad4a6c0c
20 changed files with 256 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/assets/images/logo-login.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 292.1 39.47"><path fill="#fff" d="M7.44 6.89h17.2v22.06H7.44z"/><path fill="#112e51" d="M53.45 5.28h-6.16v27.31h17.87v-5.38H53.45V5.28zm30.76-.19c-8.35 0-14.67 5.89-14.67 13.85s6.32 13.93 14.67 13.93 14.67-6 14.67-13.93S92.56 5.09 84.21 5.09zm.08 22.39a8.49 8.49 0 0 1-8.43-8.54 8.4 8.4 0 0 1 8.43-8.47 8.29 8.29 0 0 1 8.27 8.47 8.36 8.36 0 0 1-8.27 8.54zm35.36-17.05a11.43 11.43 0 0 1 7.49 3l3.47-4.41a17.21 17.21 0 0 0-11-4c-8.51 0-14.9 6-14.9 13.85s6.29 13.99 14.58 13.99a20.21 20.21 0 0 0 11.08-3.55V17.57h-10.11v4.82H125V26a12.42 12.42 0 0 1-5.34 1.48 8.52 8.52 0 1 1 0-17zm19.61-5.15h6.17v27.31h-6.17zm34.53 17.56L160.52 5.28h-5.61v27.31h5.89V15.07l13.22 17.52h5.62V5.28h-5.85v17.56zm17.47 2.85a3.39 3.39 0 0 0-3.47 3.56 3.47 3.47 0 1 0 6.94 0 3.36 3.36 0 0 0-3.47-3.56zm23.15-15.26a11.43 11.43 0 0 1 7.49 3l3.47-4.41a17.21 17.21 0 0 0-11-4c-8.51 0-14.9 6-14.9 13.85s6.28 13.93 14.55 13.93a20.21 20.21 0 0 0 11.08-3.55V17.57H215v4.82h4.77V26a12.42 12.42 0 0 1-5.34 1.48 8.52 8.52 0 1 1 0-17zm32.23-5.34C238.29 5.09 232 11 232 18.94s6.32 13.93 14.67 13.93 14.67-6 14.67-13.93S255 5.09 246.64 5.09zm.08 22.39a8.49 8.49 0 0 1-8.43-8.54 8.4 8.4 0 0 1 8.43-8.47 8.29 8.29 0 0 1 8.28 8.47 8.36 8.36 0 0 1-8.28 8.54zm39.02-22.2-7.49 20.6-7.45-20.6h-6.63l10.73 27.31h6.36L292.1 5.28h-6.36z"/><path fill="#e21d3e" d="m11.38 25.34 1.45-8.28a4.39 4.39 0 0 1 2.71-7.86V0H4.34A4.34 4.34 0 0 0 0 4.34v21.28a2.62 2.62 0 0 0 .26 1.16c.94 1.9 4.65 8 15.27 12.69V25.7a24.3 24.3 0 0 1-4.15-.36z"/><path fill="#b51e23" d="M26.72 0H15.53v9.19A4.39 4.39 0 0 1 18.28 17l1.45 8.32a24.29 24.29 0 0 1-4.2.36v13.79C26.14 34.8 29.86 28.68 30.8 26.79a2.62 2.62 0 0 0 .26-1.16V4.34A4.34 4.34 0 0 0 26.72 0z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

12
app/assets/sass/uswds/_uswds-theme-custom-styles.scss
View File

@@ -157,6 +157,18 @@ td.table-empty-message {
}
}
.usa-button img {
margin-left: .5rem;
height: 1rem;
}
.usa-button.login-button.login-button--primary,.login-button.login-button--primary:hover{
color:#112e51;background-color:#fff;
border:1px solid #767676;
display: inline-flex;
justify-content: center;
}
.user-list-edit-link:active:before,
.user-list-edit-link:focus:before {
box-shadow: none;

18
app/main/views/index.py
View File

@@ -1,6 +1,6 @@
import os
from flask import abort, redirect, render_template, request, url_for
from flask import abort, current_app, redirect, render_template, request, url_for
from flask_login import current_user
from app import status_api_client
@@ -9,20 +9,28 @@ from app.main import main
from app.main.views.pricing import CURRENT_SMS_RATE
from app.main.views.sub_navigation_dictionaries import features_nav, using_notify_nav
from app.utils.user import user_is_logged_in
login_dot_gov_url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL")
from notifications_utils.url_safe_token import generate_token
@main.route("/")
def index():
if current_user and current_user.is_authenticated:
return redirect(url_for("main.choose_account"))
token = generate_token(
str(request.remote_addr),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL")
# handle unit tests
if url is not None:
url = url.replace("NONCE", token)
url = url.replace("STATE", token)
return render_template(
"views/signedout.html",
sms_rate=CURRENT_SMS_RATE,
counts=status_api_client.get_count_of_live_services_and_organizations(),
login_dot_gov_url=login_dot_gov_url,
initial_signin_url=url,
)

12
app/main/views/register.py
View File

@@ -116,10 +116,10 @@ def registration_continue():
def get_invite_data_from_redis(state):
invite_data = json.loads(redis_client.raw_get(f"invitedata-{state}"))
user_email = redis_client.raw_get(f"user_email-{state}").decode("utf8")
user_uuid = redis_client.raw_get(f"user_uuid-{state}").decode("utf8")
invited_user_email_address = redis_client.raw_get(
invite_data = json.loads(redis_client.get(f"invitedata-{state}"))
user_email = redis_client.get(f"user_email-{state}").decode("utf8")
user_uuid = redis_client.get(f"user_uuid-{state}").decode("utf8")
invited_user_email_address = redis_client.get(
f"invited_user_email_address-{state}"
).decode("utf8")
return invite_data, user_email, user_uuid, invited_user_email_address
@@ -163,7 +163,7 @@ def set_up_your_profile():
state = request.args.get("state")
login_gov_error = request.args.get("error")
if redis_client.raw_get(f"invitedata-{state}") is None:
if redis_client.get(f"invitedata-{state}") is None:
access_token = sign_in._get_access_token(code, state)
debug_msg("Got the access token for login.gov")
user_email, user_uuid = sign_in._get_user_email_and_uuid(access_token)
@@ -195,7 +195,7 @@ def set_up_your_profile():
if (
form.validate_on_submit()
and redis_client.raw_get(f"invitedata-{state}") is not None
and redis_client.get(f"invitedata-{state}") is not None
):
invite_data, user_email, user_uuid, invited_user_email_address = (
get_invite_data_from_redis(state)

20
app/main/views/send.py
View File

@@ -952,7 +952,6 @@ def send_notification(service_id, template_id):
)
)
current_app.logger.info(hilite(f"Recipient for the one-off will be {recipient}"))
keys = []
values = []
for k, v in session["placeholders"].items():
@@ -968,6 +967,12 @@ def send_notification(service_id, template_id):
)
my_data = {"filename": filename, "template_id": template_id, "data": data}
upload_id = s3upload(service_id, my_data)
# To debug messages that the user reports have not been sent, we log
# the csv filename and the job id. The user will give us the file name,
# so we can search on that to obtain the job id, which we can use elsewhere
# on the API side to find out what happens to the message.
current_app.logger.info(hilite(f"One-off file: {filename} job_id: {upload_id}"))
form = CsvUploadForm()
form.file.data = my_data
form.file.name = filename
@@ -986,16 +991,6 @@ def send_notification(service_id, template_id):
valid="True",
)
# Here we are attempting to cleverly link the job id to the one-off recipient
# If we know the partial phone number of the recipient, we can search
# on that initially and find this, which will give us the job_id
# And once we know the job_id, we can search on that and it might tell us something
# about report generation.
current_app.logger.info(
hilite(
f"Created job to send one-off, recipient is {recipient}, job_id is {upload_id}"
)
)
session.pop("recipient")
session.pop("placeholders")
@@ -1028,7 +1023,8 @@ def send_notification(service_id, template_id):
job_id=upload_id,
)
)
total = notifications['total']
current_app.logger.info(hilite(f"job_id: {upload_id} has notifications: {total} and attempts: {attempts}"))
return redirect(
url_for(
".view_job",

2
app/main/views/verify.py
View File

@@ -66,7 +66,7 @@ def activate_user(user_id):
user = User.from_id(user_id)
# TODO add org invites back in the new way
# organization_id = redis_client.raw_get(
# organization_id = redis_client.get(
# f"organization-invite-{user.email_address}"
# )
# user_api_client.add_user_to_organization(

3
app/templates/views/signedout.html
View File

@@ -21,7 +21,8 @@ Notify.gov
<h1 class="font-serif-2xl usa-hero__heading">Reach people where they are with government-powered text messages</h1>
<p class="font-sans-lg">Notify.gov is a text message service that helps federal, state, local, tribal and territorial governments more effectively communicate with the people they serve.</p>
<div class="usa-button-group margin-bottom-5">
<a class="usa-button usa-button--big margin-right-2" href="{{ url_for('main.sign_in' ) }}">Sign in</a>
<a class="usa-button usa-button login-button login-button--primary margin-right-2" href="{{ initial_signin_url }}">Sign in with <img src="{{ asset_url('images/logo-login.svg') }}" alt="Login.gov logo">
</a>
if you are an existing pilot partner
</div>
<p class="font-sans-md">Currently we are only working with select pilot partners. If you are interested in using Notify.gov in the future, please contact <br><a href="mailto:tts-benefits-studio@gsa.gov">tts-benefits-studio@gsa.gov</a> to learn more.</p>

18
app/templates/views/signin.html
View File

@@ -32,22 +32,6 @@
<a class="usa-link usa-button" href="{{ initial_signin_url }}">Sign in with Login.gov</a>
{% endif %}
</div>
<div class="tablet:grid-col-6 tablet:grid-offset-1 margin-top-2 padding-y-2 padding-x-4 bg-base-lightest">
<h2 class="font-body-lg">Effective April 16, 2024 Notify.gov requires you sign-in through Login.gov</h2>
<p>Why are we doing this?</p>
<ul class="usa-list">
<li><strong>Enhanced security:</strong> Login.gov is really secure and trustworthy</li>
<li><strong>One single source for signing in:</strong> You can use Login.gov for other services within the federal government</li>
<li><strong>2FA flexibility:</strong> Login.gov supports multiple methods for users to verify their identity.</li>
</ul>
<p>What do I need to do?</p>
<ul class="usa-list">
<li>If you have a Login.gov account, start using it to sign in to Notify today.</li>
<li>If you dont have a Login.gov account, you must create one to continue to access Notify.</li>
</ul>
<div class="border-bottom border-base-lighter margin-y-4"></div>
<a class="usa-link usa-button usa-button--outline margin-bottom-3" href="{{ initial_signin_url }}">Create Login.gov account</a>
</div>
</div>
</div>
{% endblock %}

1
app/utils/csv.py
View File

@@ -73,7 +73,6 @@ def generate_notifications_csv(**kwargs):
# This generates the "batch" csv report
if kwargs.get("job_id"):
# The kwargs contain the job id, which is linked to the recipient's partial phone number in other debug
# Some unit tests are mocking the kwargs and turning them into a function instead of dict,
# hence the try/except.
try: