darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-06-18 12:16:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1937 from alphagov/automate-terms

Browse Source 
Make terms page smarter about the agreement
This commit is contained in:
Chris Hill-Scott
2018-03-15 10:14:14 +00:00
committed by GitHub
parent 1a4adfafa0 59f9fe7df1
commit 2006e092f5
5 changed files with 115 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/main/views/feedback.py
View File

@@ -134,6 +134,9 @@ def feedback(ticket_type):
abort(500, "Feedback submission failed")
return redirect(url_for('.thanks', urgent=urgent, anonymous=anonymous))
if not form.feedback.data:
form.feedback.data = request.args.get('body', '')
return render_template(
'views/support/{}.html'.format(ticket_type),
form=form,

4
app/main/views/index.py
View File

@@ -9,6 +9,7 @@ from app import convert_to_boolean
from app.main import main
from app.main.forms import SearchTemplatesForm
from app.main.views.sub_navigation_dictionaries import features_nav
from app.utils import GovernmentDomain
@main.route('/')
@@ -152,7 +153,8 @@ def security():
def terms():
return render_template(
'views/terms-of-use.html',
navigation_links=features_nav()
navigation_links=features_nav(),
agreement_info=GovernmentDomain.from_current_user(),
)

48
app/templates/views/terms-of-use.html
View File

@@ -15,23 +15,29 @@ Terms of use
<div class="column-two-thirds">
<h1 class="heading-large">Terms of use</h1>
<p>To go live on GOV.UK Notify, you must accept our data sharing and financial agreement.</p>
<p><a href="{{url_for('.feedback', ticket_type='ask-question-give-feedback')}}">Contact us</a> to get a copy of the agreement or find out if your organisation has already accepted it.</p>
<p>To accept these terms of use, you must be the service manager for your service.</p>
<h2 class="heading-medium">Notifys side of the agreement</h2>
<p>We agree to:</p>
<ul class="list list-bullet">
<li>send all the messages you pass to us, as long as they meet our guidelines</li>
<li>
show how Notify is performing (through our <a href="https://www.gov.uk/performance/govuk-notify">performance</a> and <a href="https://status.notifications.service.gov.uk/">status</a> pages)
</li>
<li>keep your data <a href="{{ url_for('.security') }}">secure</a></li>
<li>give you one months notice by email if we change our terms of use or delivery providers</li>
</ul>
<p>
These terms apply to your services use of GOV.UK&nbsp;Notify. You must be the service manager to accept them.
</p>
<h2 class="heading-medium">Your side of the agreement</h2>
<p>You agree to:</p>
{% if agreement_info.agreement_signed %}
<p>Your organisation ({{ agreement_info.owner }}) has already accepted the GOV.UK&nbsp;Notify data sharing and financial agreement.</p>
{% else %}
<p>
Your organisation
{% if agreement_info.owner %}
({{ agreement_info.owner }})
must also accept our data sharing and financial agreement.
<a href="{{ url_for('.feedback', ticket_type='ask-question-give-feedback', body='Please send me a copy of the GOV.UK Notify data sharing and financial agreement for {} to sign.'.format(agreement_info.owner)) }}">Contact us</a> to get a copy.
{% else %}
must also accept our data sharing and financial agreement.
<a href="{{ url_for('.feedback', ticket_type='ask-question-give-feedback', body='Please send me a copy of the GOV.UK Notify data sharing and financial agreement.') }}">Contact us</a> to get a copy.
{% endif %}
</p>
{% endif %}
<h2 class="heading-medium">When using Notify</h2>
<p>You must:</p>
<ul class="list list-bullet">
<li>complete your organisations information assurance process (you dont need to include Notify or our delivery partners, weve already done that)</li>
<li>tell us immediately if you have any security breaches</li>
@@ -43,7 +49,17 @@ Terms of use
<li>not send messages containing any personally or commercially sensitive information</li>
<li>check that the data you add to Notify is accurate and complies with Data Protection Act principles</li>
</ul>
<p>If you dont keep to your side of the agreement, we might have to stop sending your messages.</p>
<p>If you dont keep to these terms, we might have to stop sending your messages.</p>
<p>Notify will:</p>
<ul class="list list-bullet">
<li>send all the messages you pass to us, as long as they meet our guidelines</li>
<li>
show how Notify is performing (through our <a href="https://www.gov.uk/performance/govuk-notify">performance</a> and <a href="https://status.notifications.service.gov.uk/">status</a> pages)
</li>
<li>keep your data <a href="{{ url_for('.security') }}">secure</a></li>
<li>give you one months notice by email if we change our terms of use or delivery providers</li>
</ul>
<h2 class="heading-medium">Leaving Notify</h2>
<p>You can leave Notify at any time. Just <a href="{{url_for('.feedback', ticket_type='ask-question-give-feedback')}}">contact us</a> and well close your account.</p>

25
tests/app/main/views/test_feedback.py
View File

@@ -85,6 +85,31 @@ def test_get_feedback_page(client, ticket_type, expected_status_code):
assert response.status_code == expected_status_code
@freeze_time('2016-12-12 12:00:00.000000')
def test_get_feedback_page_with_prefilled_body(
client_request,
mocker,
):
mock_post = mocker.patch('app.main.views.feedback.deskpro_client.create_ticket')
page = client_request.get(
'main.feedback',
ticket_type=QUESTION_TICKET_TYPE,
body='Please send cat pictures <script>alert("foo");</script>',
)
assert page.select_one('textarea').text == (
'Please send cat pictures <script>alert("foo");</script>'
)
client_request.post(
'main.feedback',
ticket_type=QUESTION_TICKET_TYPE,
body='Please send cat pictures <script>alert("foo");</script>',
_data={'feedback': 'blah', 'name': 'Example', 'email_address': 'test@example.com'}
)
message = mock_post.call_args[1]['message']
assert message.endswith('blah')
assert 'cat pictures' not in message
@freeze_time('2016-12-12 12:00:00.000000')
@pytest.mark.parametrize('ticket_type', [PROBLEM_TICKET_TYPE, QUESTION_TICKET_TYPE])
def test_passed_non_logged_in_user_details_through_flow(client, mocker, ticket_type):

52
tests/app/main/views/test_index.py
View File

@@ -1,6 +1,7 @@
import pytest
from bs4 import BeautifulSoup
from flask import url_for
from tests.conftest import active_user_with_permissions, normalize_spaces
def test_non_logged_in_user_can_see_homepage(
@@ -86,3 +87,54 @@ def test_old_static_pages_redirect(
'main.{}'.format(expected_view),
_external=True
)
def test_terms_is_generic_if_user_is_not_logged_in(
client
):
response = client.get(url_for('main.terms'))
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert normalize_spaces(page.select('main p')[1].text) == (
'Your organisation must also accept our data sharing and '
'financial agreement. Contact us to get a copy.'
)
@pytest.mark.parametrize('email_address, expected_first_paragraph', [
(
'test@cabinet-office.gov.uk',
(
'Your organisation (Cabinet Office) has already accepted '
'the GOV.UK Notify data sharing and financial agreement.'
),
),
(
'test@aylesburytowncouncil.gov.uk',
(
'Your organisation (Aylesbury Town Council) must also '
'accept our data sharing and financial agreement. Contact '
'us to get a copy.'
),
),
(
'larry@downing-street.gov.uk',
(
'Your organisation must also accept our data sharing and '
'financial agreement. Contact us to get a copy.'
),
),
])
def test_terms_tells_logged_in_users_what_we_know_about_their_agreement(
mocker,
fake_uuid,
client_request,
email_address,
expected_first_paragraph,
):
user = active_user_with_permissions(fake_uuid)
user.email_address = email_address
mocker.patch('app.user_api_client.get_user', return_value=user)
page = client_request.get('main.terms')
assert normalize_spaces(page.select('main p')[1].text) == expected_first_paragraph