Merge remote-tracking branch 'origin/master' into add_manage_service_permission

2026-02-05 02:42:26 -05:00 · 2016-03-03 12:21:30 +00:00
parent 1d9cace0e5 30cc01059b
commit 32b84f4ce2
9 changed files with 46 additions and 75 deletions
--- a/README.md
+++ b/README.md
@@ -4,52 +4,49 @@

 # notifications-admin

-Application to handle the admin functions of the notifications application.
+GOV.UK Notify admin application.

 ## Features of this application

- - Register users
- - Register services
- - Download CSV for an email or SMS batch
+ - Register and manage users
+ - Create and manage services
+ - Send batch emails and SMS by uploading a CSV
 - Show history of notifications
- - Reports

 ## First-time setup

-You need [Node](http://nodejs.org/) which will also get you [NPM](npmjs.org),
-Node's package management tool.
+Languages needed
+- Python 3
+- [Node](http://nodejs.org/) 5.0.0 or greater
 ```shell
    brew install node
 ```

-n is a tool for managing different versions of node. The following installs n
-and uses the latest version of node.
+[NPM](npmjs.org) is Node's package management tool. `n` is a tool for managing
+different versions of Node. The following installs `n` and uses the latest
+version of Node.
 ```shell
    npm install -g n
    n latest
    npm rebuild node-sass
 ```

-The frontend dependencies are managed using NPM and Bower. To install or update
-*all the things*, run
-```shell
-    npm install
-    npm run build
-```
-
 The app runs within a virtual environment. To [install virtualenv](https://virtualenv.readthedocs.org/en/latest/installation.html), run
 ```shell
    [sudo] pip install virtualenv
 ```

-To make a virtualenv for this app, run
+Make a virtual environment for this app:
 ```shell
    mkvirtualenv -p /usr/local/bin/python3 notifications-admin
-    pip install -r requirements.txt
+```
+
+Install dependencies and build the frontend assets:
+```shell
    ./scripts/bootstrap.sh
 ```

-## Building the frontend
+## Rebuilding the frontend assets

 If you want the front end assets to re-compile on changes, leave this running
 in a separate terminal from the app
@@ -64,10 +61,4 @@ in a separate terminal from the app
    ./scripts/run_app.sh
 ```

-Then visit [localhost:6012](localhost:6012)
-
-## Domain model
-
-All the domain models are defined in the
-[models.py](https://github.com/alphagov/notifications-admin/blob/master/app/models.py)
-file.
+Then visit [localhost:6012](http://localhost:6012)
--- a/app/init.py
+++ b/app/init.py
@@ -15,7 +15,6 @@ from app.notify_client.api_key_api_client import ApiKeyApiClient
 from app.notify_client.user_api_client import UserApiClient
 from app.notify_client.job_api_client import JobApiClient
 from app.notify_client.status_api_client import StatusApiClient
-from app.notify_client.permission_api_client import PermissionApiClient
 from app.notify_client.invite_api_client import InviteApiClient
 from app.its_dangerous_session import ItsdangerousSessionInterface
 from app.asset_fingerprinter import AssetFingerprinter
@@ -34,7 +33,6 @@ job_api_client = JobApiClient()
 status_api_client = StatusApiClient()
 invite_api_client = InviteApiClient()
 asset_fingerprinter = AssetFingerprinter()
-permission_api_client = PermissionApiClient()


 def create_app(config_name, config_overrides=None):
@@ -51,7 +49,6 @@ def create_app(config_name, config_overrides=None):
    api_key_api_client.init_app(application)
    job_api_client.init_app(application)
    status_api_client.init_app(application)
-    permission_api_client.init_app(application)
    invite_api_client.init_app(application)

    login_manager.init_app(application)
--- a/app/main/views/send.py
+++ b/app/main/views/send.py
@@ -31,7 +31,7 @@ from app.utils import (
 from utils.process_csv import first_column_heading


-manage_service_page_headings = {
+send_messages_page_headings = {
    'email': 'Send emails',
    'sms': 'Send text messages'
 }
@@ -44,8 +44,9 @@ manage_templates_page_headings = {


 def get_page_headings(template_type):
-    if current_user.has_permissions(['manage_service']):
-        return manage_service_page_headings[template_type]
+    # User has manage_service role
+    if current_user.has_permissions(['send_texts', 'send_emails', 'send_letters']):
+        return send_messages_page_headings[template_type]
    else:
        return manage_templates_page_headings[template_type]

@@ -59,7 +60,7 @@ def letters_stub(service_id):

@main.route("/services/<service_id>/send/<template_type>", methods=['GET'])
@login_required
-@user_has_permissions('send_messages', 'manage_templates', or_=True)
+@user_has_permissions('send_texts', 'send_emails', 'send_letters', 'manage_templates', or_=True)
 def choose_template(service_id, template_type):

    service = services_dao.get_service_by_id_or_404(service_id)
@@ -92,7 +93,7 @@ def choose_template(service_id, template_type):

@main.route("/services/<service_id>/send/<int:template_id>", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('send_messages')
+@user_has_permissions('send_texts', 'send_emails', 'send_letters')
 def send_messages(service_id, template_id):

    form = CsvUploadForm()
@@ -130,7 +131,7 @@ def send_messages(service_id, template_id):

@main.route("/services/<service_id>/send/<template_id>.csv", methods=['GET'])
@login_required
-@user_has_permissions('send_messages', 'manage_templates', or_=True)
+@user_has_permissions('send_texts', 'send_emails', 'send_letters', 'manage_templates', or_=True)
 def get_example_csv(service_id, template_id):
    template = Template(templates_dao.get_service_template_or_404(service_id, template_id)['data'])
    output = io.StringIO()
@@ -150,7 +151,7 @@ def get_example_csv(service_id, template_id):

@main.route("/services/<service_id>/send/<template_id>/to-self", methods=['GET'])
@login_required
-@user_has_permissions('send_messages')
+@user_has_permissions('send_texts', 'send_emails', 'send_letters')
 def send_message_to_self(service_id, template_id):
    template = Template(templates_dao.get_service_template_or_404(service_id, template_id)['data'])
    output = io.StringIO()
@@ -186,7 +187,7 @@ def send_message_to_self(service_id, template_id):
@main.route("/services/<service_id>/check/<upload_id>",
            methods=['GET', 'POST'])
@login_required
-@user_has_permissions('send_messages')
+@user_has_permissions('send_texts', 'send_emails', 'send_letters')
 def check_messages(service_id, upload_id):

    upload_data = session['upload_data']
--- a/app/main/views/service_settings.py
+++ b/app/main/views/service_settings.py
@@ -13,7 +13,7 @@ from notifications_python_client.errors import HTTPError

@main.route("/services/<service_id>/service-settings")
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_settings(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -31,7 +31,7 @@ def service_settings(service_id):

@main.route("/services/<service_id>/service-settings/name", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_name_change(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -56,7 +56,7 @@ def service_name_change(service_id):

@main.route("/services/<service_id>/service-settings/name/confirm", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_name_change_confirm(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -86,7 +86,7 @@ def service_name_change_confirm(service_id):

@main.route("/services/<service_id>/service-settings/request-to-go-live", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_request_to_go_live(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -109,7 +109,7 @@ def service_request_to_go_live(service_id):

@main.route("/services/<service_id>/service-settings/status", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_status_change(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -131,7 +131,7 @@ def service_status_change(service_id):

@main.route("/services/<service_id>/service-settings/status/confirm", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_status_change_confirm(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -160,7 +160,7 @@ def service_status_change_confirm(service_id):

@main.route("/services/<service_id>/service-settings/delete", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_delete(service_id):
    try:
        service = get_service_by_id(service_id)['data']
@@ -182,7 +182,7 @@ def service_delete(service_id):

@main.route("/services/<service_id>/service-settings/delete/confirm", methods=['GET', 'POST'])
@login_required
-@user_has_permissions('manage_service')
+@user_has_permissions('manage_settings')
 def service_delete_confirm(service_id):
    try:
        service = get_service_by_id(service_id)['data']
--- a/app/notify_client/permission_api_client.py
+++ b/app/notify_client/permission_api_client.py
@@ -1,25 +0,0 @@
-import uuid
-
-from notifications_python_client.base import BaseAPIClient
-
-
-class PermissionApiClient(BaseAPIClient):
-    def __init__(self, base_url=None, client_id=None, secret=None):
-        super(self.__class__, self).__init__(base_url=base_url or 'base_url',
-                                             client_id=client_id or 'client_id',
-                                             secret=secret or 'secret')
-
-    def init_app(self, app):
-        self.base_url = app.config['API_HOST_NAME']
-        self.client_id = app.config['ADMIN_CLIENT_USER_NAME']
-        self.secret = app.config['ADMIN_CLIENT_SECRET']
-
-    def delete_permission(self, permission_id):
-        return self.delete(url='/permission/{}'.format(permission_id))['data']
-
-    def create_permission(self, permission, user_id, service_id):
-        return self.post(
-            url='/permission',
-            data={'permission': permission,
-                  'user': user_id,
-                  'service': service_id})['data']
--- a/app/notify_client/user_api_client.py
+++ b/app/notify_client/user_api_client.py
@@ -98,3 +98,8 @@ class UserApiClient(BaseAPIClient):
        endpoint = '/service/{}/users/{}'.format(service_id, user_id)
        resp = self.post(endpoint, data={})
        return User(resp['data'], max_failed_login_count=self.max_failed_login_count)
+
+    def set_user_permissions(self, user_id, service_id, permissions):
+        data = [{'permission': x} for x in permissions]
+        endpoint = '/user/{}/service/{}/permission'.format(user_id, service_id)
+        resp = self.post(endpoint, data=data)
--- a/app/templates/main_nav.html
+++ b/app/templates/main_nav.html
@@ -2,7 +2,7 @@
  <h2 class="navigation-service-name">
    <a href="{{ url_for('.service_dashboard', service_id=service_id) }}">{{ session.get('service_name', 'Service') }}</a>
  </h2>
-  {% if current_user.has_permissions(['send_messages']) %}
+  {% if current_user.has_permissions(['send_texts', 'send_emails', 'send_letters']) %}
  <ul>
    <li><a href="{{ url_for('.choose_template', service_id=service_id, template_type='sms') }}">Send text messages</a></li>
    <li><a href="{{ url_for('.choose_template', service_id=service_id, template_type='email') }}">Send emails</a></li>
@@ -15,13 +15,13 @@
    <li><a href="{{ url_for('.letters_stub', service_id=service_id) }}">Send letters</a></li>
  </ul>
  {% endif %}
-  {% if current_user.has_permissions(['manage_service']) %}
+  {% if current_user.has_permissions(['manage_users', 'manage_settings']) %}
  <ul>
    <li><a href="{{ url_for('.manage_users', service_id=service_id) }}">Manage team</a></li>
    <li><a href="{{ url_for('.service_settings', service_id=service_id) }}">Manage settings</a></li>
  </ul>
  {% endif %}
-  {% if current_user.has_permissions(['manage_api_keys']) %}
+  {% if current_user.has_permissions(['manage_api_keys', 'access_developer_docs']) %}
  <ul>
    <li><a href="{{ url_for('.api_keys', service_id=service_id) }}">API keys</a></li>
    <li><a href="{{ url_for('.documentation', service_id=service_id) }}">Developer documentation</a></li>
--- a/app/templates/views/choose-template.html
+++ b/app/templates/views/choose-template.html
@@ -16,7 +16,7 @@

    {% if templates %}
      {% if not has_jobs %}
-        {% if current_user.has_permissions(['manage_service']) %}
+        {% if current_user.has_permissions(['send_texts', 'send_emails', 'send_letters'], or_=True) %}
        {{ banner(
          """
            Send yourself a test message
@@ -41,7 +41,7 @@
          </div>
          <div class="column-one-third">
            <div class="sms-message-use-links">
-              {% if current_user.has_permissions(['manage_service']) %}
+              {% if current_user.has_permissions(['send_texts', 'send_emails', 'send_letters']) %}
              <a href="{{ url_for(".send_messages", service_id=service_id, template_id=template.id) }}">Add recipients</a>
              <a href="{{ url_for(".send_message_to_self", service_id=service_id, template_id=template.id) }}">Send yourself a test</a>
              {% endif %}
--- a/scripts/bootstrap.sh
+++ b/scripts/bootstrap.sh
@@ -27,3 +27,5 @@ fi

 # Install Python development dependencies
 pip3 install -r requirements_for_test.txt
+
+npm install && npm run build