darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-05-26 08:09:51 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into download_link-activity-page

Browse Source
This commit is contained in:
Rebecca Law
2018-01-03 12:48:02 +00:00
parent 259db9c271 9586632fec
commit 1fccb3da5e
14 changed files with 101 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/main/views/invites.py
View File

@@ -38,7 +38,7 @@ def accept_invite(token):
invited_user = invite_api_client.check_token(token)
if not current_user.is_anonymous and current_user.email_address != invited_user.email_address:
if not current_user.is_anonymous and current_user.email_address.lower() != invited_user.email_address.lower():
message = Markup("""
Youre signed in as {}.
This invite is for another email address.

2
app/main/views/sign_in.py
View File

@@ -40,7 +40,7 @@ def sign_in():
if user and session.get('invited_user'):
invited_user = session.get('invited_user')
if user.email_address != invited_user['email_address']:
if user.email_address.lower() != invited_user['email_address'].lower():
flash("You can't accept an invite for another person.")
session.pop('invited_user', None)
abort(403)

4
app/notify_client/invite_api_client.py
View File

@@ -9,6 +9,7 @@ class InviteApiClient(NotifyAdminAPIClient):
def init_app(self, app):
self.base_url = app.config['API_HOST_NAME']
self.admin_url = app.config['ADMIN_BASE_URL']
self.service_id = app.config['ADMIN_CLIENT_USER_NAME']
self.api_key = app.config['ADMIN_CLIENT_SECRET']
@@ -18,7 +19,8 @@ class InviteApiClient(NotifyAdminAPIClient):
'email_address': email_address,
'from_user': invite_from_id,
'permissions': permissions,
'auth_type': auth_type
'auth_type': auth_type,
'invite_link_host': self.admin_url,
}
data = _attach_current_user(data)
resp = self.post(url='/service/{}/invite'.format(service_id), data=data)

2
app/templates/partials/jobs/notifications.html
View File

@@ -31,7 +31,7 @@
</p>
{% elif notifications %}
<p class="bottom-gutter">
<a href="{{ download_link }}" download="download" class="heading-small">Download this report</a>
<a href="{{ download_link }}" download class="heading-small">Download this report</a>
&emsp;
<span id="time-left">{{ time_left }}</span>
</p>

2
app/templates/views/check/ok.html
View File

@@ -39,7 +39,7 @@
{% if template.template_type != 'letter' or not request.args.from_test %}
<input type="submit" class="button" value="Send {{ count_of_recipients }} {{ message_count_label(count_of_recipients, template.template_type, suffix='') }}" />
{% else %}
<a href="{{ url_for('main.check_messages_preview', service_id=current_service.id, template_type=template.template_type, upload_id=upload_id, filetype='pdf') }}" download="download" class="button">Download as a printable PDF</a>
<a href="{{ url_for('main.check_messages_preview', service_id=current_service.id, template_type=template.template_type, upload_id=upload_id, filetype='pdf') }}" download class="button">Download as a printable PDF</a>
{% endif %}
<a href="{{ back_link }}" class="page-footer-back-link">Back</a>
</form>

2
app/templates/views/dashboard/_inbox_messages.html
View File

@@ -4,7 +4,7 @@
<div class="ajax-block-container">
{% if messages %}
<p class="bottom-gutter-2-3 top-gutter-2-3">
<a href="{{ url_for('.inbox_download', service_id=current_service.id) }}" download="download" class="heading-small">Download these messages</a>
<a href="{{ url_for('.inbox_download', service_id=current_service.id) }}" download class="heading-small">Download these messages</a>
</p>
{% endif %}
{% call(item, row_number) list_table(

2
app/templates/views/notifications/check.html
View File

@@ -53,7 +53,7 @@
{% if template.template_type != 'letter' or not request.args.from_test %}
<input type="submit" class="button" value="Send 1 {{ message_count_label(1, template.template_type, suffix='') }}" />
{% else %}
<a href="{{ url_for('main.check_messages_preview', service_id=current_service.id, template_type=template.template_type, upload_id=upload_id, filetype='pdf') }}" download="download" class="button">Download as a printable PDF</a>
<a href="{{ url_for('main.check_messages_preview', service_id=current_service.id, template_type=template.template_type, upload_id=upload_id, filetype='pdf') }}" download class="button">Download as a printable PDF</a>
{% endif %}
{% endif %}
<a href="{{ back_link }}" class="page-footer-back-link">Back</a>

2
app/templates/views/notifications/notification.html
View File

@@ -35,7 +35,7 @@
Estimated delivery date: {{ estimated_letter_delivery_date|string|format_date_short }}
</p>
<p class="bottom-gutter">
<a href="{{ url_for('main.view_letter_notification_as_preview', service_id=current_service.id, notification_id=notification_id, filetype='pdf') }}" download="download">Download as a PDF</a>
<a href="{{ url_for('main.view_letter_notification_as_preview', service_id=current_service.id, notification_id=notification_id, filetype='pdf') }}" download>Download as a PDF</a>
</p>
{% endif %}

2
app/templates/views/send.html
View File

@@ -40,7 +40,7 @@
{% endcall %}
</div>
<p class="table-show-more-link">
<a href="{{ url_for('.get_example_csv', service_id=current_service.id, template_id=template.id) }}">Download this example</a>
<a href="{{ url_for('.get_example_csv', service_id=current_service.id, template_id=template.id) }}" download>Download this example</a>
</p>
<h2 class="heading-medium">Your file will populate this template ({{ template.name }})</h2>

2
requirements.txt
View File

@@ -20,4 +20,4 @@ notifications-python-client==4.7.1
awscli==1.14.16
awscli-cwlogs>=1.4,<1.5
git+https://github.com/alphagov/notifications-utils.git@23.3.5#egg=notifications-utils==23.3.5
git+https://github.com/alphagov/notifications-utils.git@23.4.0#egg=notifications-utils==23.4.0

23
tests/app/main/views/test_accept_invite.py
View File

@@ -315,6 +315,29 @@ def test_signed_in_existing_user_cannot_use_anothers_invite(
assert mock_accept_invite.call_count == 0
def test_accept_invite_does_not_treat_email_addresses_as_case_sensitive(
logged_in_client,
mocker,
api_user_active,
sample_invite,
service_one,
mock_accept_invite,
mock_get_user_by_email
):
mocker.patch('app.main.views.invites.check_token')
# the email address of api_user_active is 'test@user.gov.uk'
sample_invite['email_address'] = 'TEST@user.gov.uk'
invite = InvitedUser(**sample_invite)
mocker.patch('app.invite_api_client.check_token', return_value=invite)
mocker.patch('app.user_api_client.get_users_for_service', return_value=[api_user_active])
response = logged_in_client.get(url_for('main.accept_invite', token='thisisnotarealtoken'))
assert response.status_code == 302
assert response.location == url_for('main.service_dashboard', service_id=service_one['id'], _external=True)
def test_new_invited_user_verifies_and_added_to_service(
client,
service_one,

2
tests/app/main/views/test_jobs.py
View File

@@ -97,7 +97,7 @@ def test_should_show_page_for_one_job(
job_id=fake_uuid,
status=status_argument,
)
csv_link = page.find('a', {'download': 'download'})
csv_link = page.select_one('a[download]')
assert csv_link['href'] == url_for(
'main.view_job_csv',
service_id=service_one['id'],

27
tests/app/main/views/test_sign_in.py
View File

@@ -170,3 +170,30 @@ def test_should_attempt_redirect_when_user_is_pending(
'password': 'val1dPassw0rd!'})
assert response.location == url_for('main.resend_email_verification', _external=True)
assert response.status_code == 302
def test_email_address_is_treated_case_insensitively_when_signing_in_as_invited_user(
client,
mocker,
mock_verify_password,
api_user_active,
sample_invite,
mock_accept_invite,
mock_send_verify_code
):
sample_invite['email_address'] = 'TEST@user.gov.uk'
mocker.patch('app.user_api_client.get_user_by_email_or_none', return_value=api_user_active)
mocker.patch('app.main.views.sign_in._get_and_verify_user', return_value=api_user_active)
with client.session_transaction() as session:
session['invited_user'] = sample_invite
response = client.post(
url_for('main.sign_in'), data={
'email_address': 'test@user.gov.uk',
'password': 'val1dPassw0rd!'})
assert mock_accept_invite.called
assert response.status_code == 302
assert mock_send_verify_code.called

41
tests/app/notify_client/test_invite_client.py
View File

@@ -1,4 +1,40 @@
from app.notify_client.invite_api_client import InviteApiClient
from unittest.mock import ANY
from app import invite_api_client
def test_client_creates_invite(
app_,
mocker,
fake_uuid,
sample_invite,
):
mocker.patch('app.notify_client.current_user')
mock_post = mocker.patch(
'app.invite_api_client.post',
return_value={'data': dict.fromkeys({
'id', 'service', 'from_user', 'email_address',
'permissions', 'status', 'created_at', 'auth_type'
})}
)
invite_api_client.create_invite(
'12345', '67890', 'test@example.com', 'send_messages', 'sms_auth'
)
mock_post.assert_called_once_with(
url='/service/{}/invite'.format('67890'),
data={
'auth_type': 'sms_auth',
'email_address': 'test@example.com',
'from_user': '12345',
'service': '67890',
'created_by': ANY,
'permissions': 'send_messages',
'invite_link_host': 'http://localhost:6012',
}
)
def test_client_returns_invite(mocker, sample_invite):
@@ -10,10 +46,9 @@ def test_client_returns_invite(mocker, sample_invite):
expected_url = '/service/{}/invite'.format(service_id)
client = InviteApiClient()
mock_get = mocker.patch('app.notify_client.invite_api_client.InviteApiClient.get', return_value=expected_data)
invites = client.get_invites_for_service(service_id)
invites = invite_api_client.get_invites_for_service(service_id)
mock_get.assert_called_once_with(expected_url)
assert len(invites) == 1