From c33465e7cfb17122ea97c4d7dc4749ac1cf9b0fb Mon Sep 17 00:00:00 2001
From: Pea Tyczynska <CrystalPea@users.noreply.github.com>
Date: Fri, 14 May 2021 12:40:24 +0100
Subject: [PATCH] Add link and placeholder view for managing a security key

---
 app/main/views/user_profile.py                |  8 +++++
 .../user-profile/manage-security-key.html     | 17 ++++++++++
 .../views/user-profile/security-keys.html     | 34 ++++++++++---------
 tests/app/main/views/test_user_profile.py     |  5 +++
 tests/app/test_navigation.py                  |  1 +
 tests/conftest.py                             |  1 +
 6 files changed, 50 insertions(+), 16 deletions(-)
 create mode 100644 app/templates/views/user-profile/manage-security-key.html

diff --git a/app/main/views/user_profile.py b/app/main/views/user_profile.py
index f75624df6..9f57f573f 100644
--- a/app/main/views/user_profile.py
+++ b/app/main/views/user_profile.py
@@ -237,3 +237,11 @@ def user_profile_security_keys():
     return render_template(
         'views/user-profile/security-keys.html',
     )
+
+
+@main.route("/user-profile/security-keys/<uuid:key_id>/manage", methods=['GET'])
+@user_is_platform_admin
+def user_profile_manage_security_key():
+    return render_template(
+        'views/user-profile/manage-security-key.html',
+    )
diff --git a/app/templates/views/user-profile/manage-security-key.html b/app/templates/views/user-profile/manage-security-key.html
new file mode 100644
index 000000000..bb229de86
--- /dev/null
+++ b/app/templates/views/user-profile/manage-security-key.html
@@ -0,0 +1,17 @@
+{% extends "withoutnav_template.html" %}
+{% from "components/page-header.html" import page_header %}
+
+
+{% set page_title = 'Manage security key' %}
+
+{% block per_page_title %}
+  {{ page_title }}
+{% endblock %}
+
+{% block maincolumn_content %}
+  {{ page_header(
+    page_title,
+    back_link=url_for('.user_profile_security_keys')
+  ) }}
+
+{% endblock %}
diff --git a/app/templates/views/user-profile/security-keys.html b/app/templates/views/user-profile/security-keys.html
index c510ff992..c1df142a8 100644
--- a/app/templates/views/user-profile/security-keys.html
+++ b/app/templates/views/user-profile/security-keys.html
@@ -2,7 +2,7 @@
 {% from "components/page-header.html" import page_header %}
 {% from "components/button/macro.njk" import govukButton %}
 {% from "components/back-link/macro.njk" import govukBackLink %}
-{% from "components/table.html" import mapping_table, row, field, row_heading %}
+{% from "components/table.html" import edit_field, mapping_table, row, field, row_heading %}
 {% from "components/webauthn-api-check.html" import webauthn_api_check %}
 {% from "vendor/govuk-frontend/components/error-message/macro.njk" import govukErrorMessage %}
 
@@ -26,22 +26,24 @@
   <div class="govuk-grid-row">
     <div class="govuk-grid-column-five-sixths">
       {% if credentials %}
-
-        {% call mapping_table(
-          caption=page_title,
-          field_headings=['Security key'],
-          field_headings_visible=False,
-          caption_visible=False,
-        ) %}
-          {% for credential in credentials %}
-            {% call row() %}
-              {% call field() %}
-                <div class="govuk-body">{{ credential.name }}</div>
-                <div class="govuk-body hint">Registered {{ credential.created_at|format_delta }}</div>
+        <div class="body-copy-table">
+          {% call mapping_table(
+            caption=page_title,
+            field_headings=['Security key details', 'Action'],
+            field_headings_visible=False,
+            caption_visible=False,
+          ) %}
+            {% for credential in credentials %}
+              {% call row() %}
+                {% call field() %}
+                  <div class="govuk-body">{{ credential.name }}</div>
+                  <div class="govuk-body hint">Registered {{ credential.created_at|format_delta }}</div>
+                {% endcall %}
+                {{ edit_field('Manage', url_for('.user_profile_manage_security_key', key_id=credential.id)) }}
               {% endcall %}
-            {% endcall %}
-          {% endfor %}
-        {% endcall %}
+            {% endfor %}
+          {% endcall %}
+        </div>
 
       {% else %}
 
diff --git a/tests/app/main/views/test_user_profile.py b/tests/app/main/views/test_user_profile.py
index b0c9d486b..32f743b1f 100644
--- a/tests/app/main/views/test_user_profile.py
+++ b/tests/app/main/views/test_user_profile.py
@@ -366,6 +366,11 @@ def test_should_show_security_keys_page(
 
     credential_row = page.select('tr')[-1]
     assert 'Test credential' in credential_row.text
+    assert "Manage" in credential_row.find('a').text
+    assert credential_row.find('a')["href"] == url_for(
+        '.user_profile_manage_security_key',
+        key_id=webauthn_credential['id']
+    )
 
     register_button = page.select_one("[data-module='register-security-key']")
     assert register_button.text.strip() == 'Register a key'
diff --git a/tests/app/test_navigation.py b/tests/app/test_navigation.py
index 68f612e84..f91142383 100644
--- a/tests/app/test_navigation.py
+++ b/tests/app/test_navigation.py
@@ -307,6 +307,7 @@ EXCLUDED_ENDPOINTS = tuple(map(Navigation.get_endpoint_with_blueprint, {
     'user_profile_email',
     'user_profile_email_authenticate',
     'user_profile_email_confirm',
+    'user_profile_manage_security_key',
     'user_profile_mobile_number',
     'user_profile_mobile_number_authenticate',
     'user_profile_mobile_number_confirm',
diff --git a/tests/conftest.py b/tests/conftest.py
index 36950f562..6ec70da96 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -4484,6 +4484,7 @@ def mock_get_invited_org_user_by_id(mocker, sample_org_invite):
 @pytest.fixture
 def webauthn_credential():
     return {
+        'id': uuid4(),
         'name': 'Test credential',
         'credential_data': 'WJ0AAAAAAAAAAAAAAAAAAAAAAECKU1ppjl9gmhHWyDkgHsUvZmhr6oF3/lD3llzLE2SaOSgOGIsIuAQqgp8JQSUu3r/oOaP8RS44dlQjrH+ALfYtpAECAyYhWCAxnqAfESXOYjKUc2WACuXZ3ch0JHxV0VFrrTyjyjIHXCJYIFnx8H87L4bApR4M+hPcV+fHehEOeW+KCyd0H+WGY8s6',  # noqa
         'registration_response': 'anything',