Commit Graph

14648 Commits

Author SHA1 Message Date
Katie Smith
ca84b37179 Merge pull request #3916 from alphagov/consolidate-test
Revise error tests for setting broadcast types
2021-06-11 16:42:38 +01:00
Katie Smith
c1bfc280b7 Add total_letters to the billing report
This adds an extra column to the report that can be downloaded from
`platform-admin/reports/usage-for-all-services`.
2021-06-11 11:08:33 +01:00
karlchillmaid
e7fdd768e6 Fix typo 2021-06-10 16:43:48 +01:00
Rebecca Law
aedf875110 Improve permenant failure message.
Update delivery status document page.
2021-06-10 16:34:00 +01:00
Ben Thorner
fba8d09875 Move broadcast model code into an explicit module
Previously this was hidden away in an anonymous __init__.py file.
I did think about splitting the models into individual files, like
we do with the top-level models for the app. Since the models are
only imported in one place - i.e. are all used together - it didn't
seem worth the hassle, so I've kept them in one file.
2021-06-10 15:05:38 +01:00
Ben Thorner
a2fb92ab74 Remove redundant semicolons in ES6 tests 2021-06-10 14:48:18 +01:00
Ben Thorner
1bb49e5456 Remove redundant spies after assertions
We only need to assert on the URL for the subsequent POST back to
the server, at which point we can call the test "done()". This is
a technique we use in the following tests as well, so we don't need
to comment about it here.
2021-06-10 14:47:58 +01:00
Ben Thorner
2d98bf6c5d Restore all mocks after each test
This is easier than re-assigning the mock functions manually, as
we're reusing Jest's in-built behaviour. Because all the mocks
are restored, we need to move the ones we had in the beforeAll
block into the beforeEach block.

Note: "require('./support/teardown.js')" also resets all Jest
mocks, but "require" only runs once, so we can't use it in a
beforeEach block [1]. We could do a "jest.resetModules()" to fix
that, which seems worse on the whole. I think there's a broader
discussion here about whether we could / should have a global
reset of Jest mocks after each test - I quickly tried this and
it causes some existing tests to fail :-|.

[1]: https://stackoverflow.com/questions/48989643/how-to-reset-module-imported-between-tests
2021-06-10 14:43:30 +01:00
Chris Hill-Scott
e7713de4a5 Merge pull request #3920 from alphagov/refactor-webauthn-model
Refactor User.webauthn_credentials into a ModelList
2021-06-10 11:07:21 +01:00
Rebecca Law
498092f9ac When a letters has passed our validation but is not the postal provider
is unable to print the letter we need to mark the letter as failed.
If we mark the letter as a technical-failure, we say that we will fix
the issue, which is wrong because we can not fix the issue.
If we mark the letter as validation-failed, the letter is in wrong
bucket so the letter is not viewable/downloadable by the client.

This PR updates the message for a letter marked as permanent-failure to
better reflect what has actually happened.
2021-06-10 08:56:14 +01:00
Ben Thorner
adc49b8792 Add __init__.py file to make pytest happy
Otherwise we get the following error:

    ________________________________________ ERROR collecting tests/app/utils/test_user.py ________________________________________
    import file mismatch:
    imported module 'test_user' has this __file__ attribute:
      /Users/benthorner/Documents/Projects/admin/tests/app/models/test_user.py
    which is not the same as the test file we want to collect:
      /Users/benthorner/Documents/Projects/admin/tests/app/utils/test_user.py
    HINT: remove __pycache__ / .pyc files and/or use a unique basename for your test file modules
2021-06-09 15:56:34 +01:00
Ben Thorner
35301df908 Relocate unit tests for user permission util
Previously these were lumped together with integration-level tests
for specific endpoints, which test the decorator was applied to the
endpoint in question.
2021-06-09 15:38:28 +01:00
Chris Hill-Scott
f6aa5bdfb8 Refactor User.webauthn_credentials into a ModelList
This saves a bit of repetition, and lets us attach other methods to the
collection, rather than having multiple methods on the user object
prefixed with the same name, or random functions floating about.
2021-06-09 15:21:41 +01:00
Ben Thorner
aafb7e9182 Merge separate test for CSV errors function
It's not clear why this was separate from the other utils tests, or
why it was put under main/ - the code under test wasn't in there.
2021-06-09 15:19:01 +01:00
Ben Thorner
0326005aeb Extract template / csv utility code into modules
This follows a similar approach to the previous commits, noting that
one module depends on the other, so we have to extract both together.
2021-06-09 15:19:00 +01:00
Ben Thorner
2a4aa8b4e1 Extract letter utility code into own module
This provides more room for expansion, and reduces the amount of
arbitrary code in the __init__.py file for the new package.
2021-06-09 13:59:06 +01:00
Ben Thorner
7c27646d6a Extract user utility code into own module
This provides more room for expansion, and reduces the amount of
arbitrary code in the __init__.py file for the new package.
2021-06-09 13:19:05 +01:00
Ben Thorner
3f55c746aa Turn utils into a module
This provides more room for expansion, so we don't get another
massive file to scroll through. We do also have some top-level
files, such as "formatters.py", which we could consider moving
under utils/ in future.
2021-06-09 12:50:01 +01:00
Ben Thorner
c1f778a61c Merge pull request #3922 from alphagov/try-avoid-global-query-params
Set window location for individual test
2021-06-09 12:48:21 +01:00
Ben Thorner
3a4601bbe4 Set window location for individual test
This is less surprising and means we don't end up in a situation
where a future test needs to change the global config to something
else.
2021-06-09 12:23:24 +01:00
Chris Hill-Scott
eca3454a39 Merge pull request #3914 from alphagov/prune-email-domains-list
Prune the email domains list
2021-06-09 10:25:27 +01:00
Chris Hill-Scott
9344eabceb Merge pull request #3917 from alphagov/set-webauthn-after-adding-token
Set user to WebAuthn login after adding token
2021-06-09 10:18:56 +01:00
Chris Hill-Scott
f8f718dff8 Set user to sign in with newly-added key 2021-06-08 09:31:30 +01:00
Chris Hill-Scott
45645728c7 Refactor into model
It’s generally an antipattern for the view layer code to be calling the
API client directly.
2021-06-08 09:31:20 +01:00
Ben Thorner
9ada8ad11e Remove redundant code to populate account type
This field is now only used on the confirmation page of the settings
form, where we pre-populate it with the hyphenated string it expects.
2021-06-07 17:51:11 +01:00
Ben Thorner
5bfe5f86de Simplify channel selection using radio buttons
This takes a similar approach as in the previous commit. Since the
"training channel" doesn't really exist, we need some extra code
to pre-select it if a service is already in training mode. As in
the previous commit, I've removed a few non-critical test cases
where we really don't need to test exhaustively.

Note that we also need some specific code to avoid pre-selecting an
option for non-broadcast services, which only used to work by fluke:
we would try to populate the field with (False, None, 'all'), which
isn't a valid combination, so nothing was selected.
2021-06-07 17:51:10 +01:00
Ben Thorner
b38cdcad63 Simplify network choice to optional radio buttons
Previously this field had to mimic the final hyphenated string of
the broadcast account type, even though it was only used to select
one of its components. The new, shorter choices make it easier to
simplify the test for the POST request.

I've also deleted a number of test cases for pre-selected radios.
This functionality isn't critical, so we don't need to exhaustively
test every single possible combination of values.
2021-06-07 17:51:09 +01:00
Ben Thorner
ef8cab7fa4 Simplify network choice form to use boolean radio
This follows the same pattern as in other forms [1].

[1]: 1b459d6692/app/templates/views/organisations/add-gp-organisation.html (L20)
2021-06-07 17:51:09 +01:00
Ben Thorner
5ce76b8b33 Add property to construct account type string
This allows us to start decoupling the form fields from the final,
hyphenated string, which we'll do in the next commits.

Note that I've also removed the conditional that changes the data
of the network field as part of validating it. We shouldn't change
data in validations, and having the new property directly above
makes it clear there's no need for this code.
2021-06-07 17:51:08 +01:00
Ben Thorner
e848643361 Simplify provider selection with '-all' suffix
Previously we had to cope with two forms of the hyphenated string
we use to represent a pending change in broadcast account type.
Using "all" to mean "all providers" matches the behaviour in the
API [1], and means we can remove some complexity.

"training-test-all" isn't ideal, since the provider is irrelevant
for a training mode service. However, this isn't much worse than
the previous "training-test", noting that the channel also has no
relevance. We'll iterate this in later commits.

[1]: 8e1a144f87/migrations/versions/0352_broadcast_provider_types.py (L14)
2021-06-07 17:51:01 +01:00
Ben Thorner
e3cc16c936 Remove redundant '_get' and '_post' in test names
This is inconsistent with all the other tests in the same file, and
one of them was incorrect ('_post' was testing a GET). I don't think
we get any value from them, given the inconsistency.
2021-06-07 17:33:55 +01:00
Ben Thorner
9f3cd7332e Add missing test for dodgy broadcast account types
This moves the redundant assertions for the service not changing to
where they're actually relevant, by comparing with the happy path [1].

[1]: c5196fbf07/tests/app/main/views/test_service_settings.py (L5858)
2021-06-07 12:58:52 +01:00
Ben Thorner
2a09429e1d Remove duplication between no-radio-selected tests
Previously the network selection case was tested here and also by
'test_post_service_set_broadcast_network_makes_you_choose'.

I've renamed the test to be consistent and more specific.
2021-06-07 12:51:43 +01:00
Leo Hemsted
1b459d6692 Merge pull request #3912 from alphagov/next-url
Get webauthn login to honour next queryparam url
2021-06-04 16:58:15 +01:00
Leo Hemsted
4ad93a0ea9 add logging when webauthn cred registration fails 2021-06-04 12:52:40 +01:00
Leo Hemsted
e9636119ef set user_verification to discouraged
this is in line with our settings during registration. user verification
involves the browser popping up a PIN prompt. Since the user has already
entered their password correctly to get to this stage, we don't need any
more proof of Something They Know, so there's no need for this.
2021-06-04 12:52:40 +01:00
Leo Hemsted
9fe8666733 add some docstrings for the webauthn endpoints 2021-06-04 12:52:40 +01:00
Leo Hemsted
0993792137 rename verify to complete in api endpoint
it was changed in this PR: https://github.com/alphagov/notifications-api/pull/3260
2021-06-04 12:52:40 +01:00
Leo Hemsted
26ad20719f send people to /two-factor-sms instead of /two-factor
both routes are already valid, however, the link from sign-in sends to
the old link. it fetches whichever URL is second in the route decorator
list when you call `url_for`. Swapping the order around keeps the routes
valid but starts pointing users to the new url.
2021-06-04 12:52:40 +01:00
Leo Hemsted
bb7343d846 pass nextUrl through yubikey flow
the next url comes from sign in via a query param, and needs to go to
the POST /webauthn/authenticate endpoint. That endpoint logs the user
in and returns the redirect to the browser, and will take the next from
the request query params to get there.

also moving the window mocks to beforeEach/afterEach ensures that
promise callbacks from previous tests aren't still associated in future
tests to ensure good test isolation.

unfortunately i couldn't get mocking location for a single js test to
work, but by changing the global config i was able to add some query
params that i can expect to be passed through. Don't love this at all
but not quite sure of a good way round this. I think we're not
practicing very good hygiene and best practices with our mocking and
it's really confounding me here.
2021-06-04 12:52:40 +01:00
Chris Hill-Scott
5c158891aa Prune the email domains list
We only need domains in here which either:
- don’t belong to a single organisation (eg gov.uk)

All other domains should be stored in the database.

This PR removes domains which are now in the database.

Before
---

```sql
select domain from domain where domain in ('gov.uk', 'mod.uk', 'mil.uk', 'd
 dc-mod.org', 'gov.scot', 'parliament.scot', 'parliament.uk', 'nhs.uk', 'nhs.net', 'nhs.scot', 'police.uk', 'scotent.c
 o.uk', 'assembly.wales', 'cjsm.net', 'gov.wales', 'ac.uk', 'sch.uk', 'onevoicewales.wales', 'mtvh.co.uk', 'wmca.org.u
 k', 'suttonmail.org');
 ```

+-----------------+
| domain          |
|-----------------+
| mtvh.co.uk      |
| wmca.org.uk     |
| gov.wales       |
| gov.scot        |
| parliament.uk   |
| assembly.wales  |
| mil.uk          |
| mod.uk          |
| ddc-mod.org     |
| parliament.scot |
| scotent.co.uk   |
+-----------------+

After
---

```sql
select domain from domain where domain in ('gov.uk', 'nhs.uk', 'nhs.ne
 t', 'nhs.scot', 'police.uk', 'cjsm.net', 'ac.uk', 'sch.uk', 'onevoicewales.wales', 'suttonmail.org') ;
```

+----------+
| domain   |
|----------|
+----------+
2021-06-04 11:45:48 +01:00
Chris Hill-Scott
5ea82b0cdc Merge pull request #3911 from alphagov/fix-html-on-old-job-page
Fix HTML showing on old job page
2021-06-03 14:14:55 +01:00
Chris Hill-Scott
64ac12d7c3 Merge pull request #3910 from alphagov/designerise-webauthn-2fa-page
Designerise the page for signing in with a security key
2021-06-03 14:14:47 +01:00
Chris Hill-Scott
9838c30a55 Merge pull request #3909 from alphagov/security-key-flash
Add a success message when security key registered
2021-06-03 14:12:55 +01:00
Chris Hill-Scott
a149c6a853 Fix HTML showing on old job page
Using the `Markup` class tells Jinja that the content is safe to render
without any escaping.
2021-06-03 14:01:20 +01:00
Chris Hill-Scott
5de7c6981f Add image and content to security key 2FA page
This reinforces the graphic from when you registered the key. ‘Check’ is
language we use on the test message two factor page.
2021-06-03 14:01:07 +01:00
Chris Hill-Scott
2a62d6dfb8 Add a success message when security key registered
This makes it clear that there’s nothing more the user needs to do,
until the next time they sign in.
2021-06-03 13:59:43 +01:00
Chris Hill-Scott
6869b299b3 Merge pull request #3906 from alphagov/pyup-scheduled-update-2021-05-31
Scheduled weekly dependency update for week 22
2021-06-03 13:37:40 +01:00
David McDonald
0fcb7778ac Merge pull request #3893 from alphagov/allow-provider-all-channels
Allow setting provider for any channel
2021-06-03 09:36:43 +01:00
David McDonald
d04602c3aa Fix incorrect test having channel as 'all'
'all' isn't a valid channel. It should be one of government, severe or
test. I think this is a mistake and therefore this commit changes it to
what it should be
2021-06-02 18:17:54 +01:00