Merge branch 'master' into platform-admin

Conflicts: app/main/views/send.py
2026-02-05 10:53:28 -05:00 · 2016-03-21 12:18:44 +00:00
parent 402f55be23 18633af83c
commit a1ef676fab
21 changed files with 189 additions and 39 deletions
--- a/app/main/forms.py
+++ b/app/main/forms.py
@@ -12,9 +12,9 @@ from wtforms import (
    HiddenField
 )
 from wtforms.fields.html5 import EmailField, TelField
-from wtforms.validators import DataRequired, Email, Length, Regexp
+from wtforms.validators import (DataRequired, Email, Length, Regexp)

-from app.main.validators import Blacklist, CsvFileValidator
+from app.main.validators import (Blacklist, CsvFileValidator, ValidEmailDomainRegex)

 from utils.recipients import (
    validate_phone_number,
@@ -24,13 +24,11 @@ from utils.recipients import (


 def email_address(label='Email address'):
-    gov_uk_email \
-        = "(^[^@^\\s]+@[^@^\\.^\\s]+(\\.[^@^\\.^\\s]*)*.gov.uk)"
    return EmailField(label, validators=[
        Length(min=5, max=255),
        DataRequired(message='Email cannot be empty'),
        Email(message='Enter a valid email address'),
-        Regexp(regex=gov_uk_email, message='Enter a gov.uk email address')])
+        ValidEmailDomainRegex()])


 class UKMobileNumber(TelField):
--- a/app/main/validators.py
+++ b/app/main/validators.py
@@ -1,3 +1,4 @@
+import re
 from wtforms import ValidationError
 from datetime import datetime
 from app.main.encryption import check_hash
@@ -22,3 +23,18 @@ class CsvFileValidator(object):
    def __call__(self, form, field):
        if not form.file.data.mimetype == 'text/csv':
            raise ValidationError(self.message)
+
+
+class ValidEmailDomainRegex(object):
+
+    def __call__(self, form, field):
+        from flask import (current_app, url_for)
+        message = (
+            'Enter a central government email address.'
+            ' If you think you should have access'
+            ' <a href="{}">contact us</a>').format(
+                "https://docs.google.com/forms/d/1AL8U-xJX_HAFEiQiJszGQw0PcEaEUnYATSntEghNDGo/viewform")
+        valid_domains = current_app.config.get('EMAIL_DOMAIN_REGEXES', [])
+        email_regex = "(^[^@^\\s]+@[^@^\\.^\\s]+(\\.[^@^\\.^\\s]*)*.({}))".format("|".join(valid_domains))
+        if not re.match(email_regex, field.data):
+            raise ValidationError(message)
--- a/app/main/views/invites.py
+++ b/app/main/views/invites.py
@@ -36,12 +36,7 @@ def accept_invite(token):

    session['invited_user'] = invited_user.serialize()

-    try:
-        existing_user = user_api_client.get_user_by_email(invited_user.email_address)
-    except HTTPError as ex:
-        if ex.status_code == 404:
-            existing_user = False
-
+    existing_user = user_api_client.get_user_by_email_or_none(invited_user.email_address)
    service_users = user_api_client.get_users_for_service(invited_user.service)

    if existing_user:
--- a/app/main/views/send.py
+++ b/app/main/views/send.py
@@ -56,9 +56,9 @@ def get_send_button_text(template_type, number_of_messages):
        }[template_type].format(number_of_messages)


-def get_page_headings(template_type, service_id):
+def get_page_headings(template_type):
    # User has manage_service role
-    if current_user.has_permissions(permissions=['send_texts', 'send_emails', 'send_letters']):
+    if current_user.has_permissions(['send_texts', 'send_emails', 'send_letters']):
        return send_messages_page_headings[template_type]
    else:
        return manage_templates_page_headings[template_type]
@@ -66,7 +66,8 @@ def get_page_headings(template_type, service_id):

@main.route("/services/<service_id>/send/<template_type>", methods=['GET'])
@login_required
-@user_has_permissions('send_texts', 'send_emails', 'send_letters', 'manage_templates', admin_override=True, or_=True)
+@user_has_permissions('send_texts', 'send_emails', 'send_letters', 'manage_templates', 'manage_api_keys',
+                      admin_override=True, or_=True)
 def choose_template(service_id, template_type):

    service = services_dao.get_service_by_id_or_404(service_id)
@@ -85,7 +86,7 @@ def choose_template(service_id, template_type):
            if template['template_type'] == template_type
        ],
        template_type=template_type,
-        page_heading=get_page_headings(template_type, service_id),
+        page_heading=get_page_headings(template_type),
        service=service,
        has_jobs=len(jobs),
        service_id=service_id
@@ -253,7 +254,7 @@ def check_messages(service_id, upload_id):
        'views/check.html',
        recipients=recipients,
        template=template,
-        page_heading=get_page_headings(template.template_type, service_id),
+        page_heading=get_page_headings(template.template_type),
        errors=get_errors_for_csv(recipients, template.template_type),
        rows_have_errors=any(recipients.rows_with_errors),
        count_of_recipients=session['upload_data']['notification_count'],
--- a/app/main/views/sign_in.py
+++ b/app/main/views/sign_in.py
@@ -29,7 +29,7 @@ def sign_in():

    form = LoginForm()
    if form.validate_on_submit():
-        user = user_api_client.get_user_by_email(form.email_address.data)
+        user = user_api_client.get_user_by_email_or_none(form.email_address.data)
        user = _get_and_verify_user(user, form.password.data)
        if user:
            # Remember me login