Commit Graph

2800 Commits

Author SHA1 Message Date
Pea Tyczynska
00a629befc Link to downloadable report for org usage
Link is sticky so that it is easy to spot even when
an org has many services.
2021-11-17 17:58:06 +00:00
David McDonald
b4b124d681 Fix bug with reply to email addresses
https://www.pivotaltracker.com/story/show/180026726

There was a bug where if you enter an invalid email address in
to the edit reply to email address form and click save, the
form you get shown with your error message will always contain
the field to set as default the reply to and also delete. This should
not have been the case. If you make an error on the form when
changing a reply to that is already a default, then you should not
be given the chance to change it to not default, nor should you
be able to delete it.

This commit fixes that bug by making sure the additional form fields
are only shown if the reply to being changed is not the default.
2021-11-04 11:21:58 +00:00
Chris Hill-Scott
a145c501ab Use Jinja template for branding request tickets
Following the pattern established by
https://github.com/alphagov/notifications-admin/pull/4041/files
this commit move the ticket message from a Python f-string to a proper
templating language.
2021-10-26 18:14:09 +01:00
Chris Hill-Scott
af64da8f82 Move support ticket template into its own folder
In the future this could be a place to put other support ticket content,
if we turn them into Jinja template
2021-10-15 09:23:32 +01:00
Chris Hill-Scott
f85ee3dd0a Move go live ticket content to a Jinja template
Jinja is a better language for doing complex templating. And we can use
the global Jinja scope to automatically get access to things like
`current_user` and our formatters.
2021-10-15 09:23:30 +01:00
Chris Hill-Scott
dd573fec87 Format organisation type nicely in go live requests 2021-10-15 09:23:30 +01:00
Chris Hill-Scott
1cc087b8de Move end of tour route into tour.py
In https://github.com/alphagov/notifications-admin/pull/3663/files we
made specific routes for sending the ‘tour’ text message, rather than
sharing the ‘one-off’ routes in `send.py`.

This commit moves the final route in the tour journey into `tour.py` as
well, which is where I expected to find it when I was looking for it
just now.
2021-10-06 13:57:03 +01:00
Katie Smith
5885110360 Ensure only logged in users can see /webauthn/register
There are no links to the `webauthn_begin_register` route - you are only
taken there if you are logged in and have clicked to register a key.
However, we have seen this route being crawled by bots making a GET
request which gives a `500` status code error because there isn't a
logged in current_user. For consistency, this also adds teh decorator to
the POST route.
2021-10-05 11:38:12 +01:00
Katie Smith
a54b3c9f77 Pass valid ticket type to Zendesk
The feedback endpoints use `ticket_type` to decide what to display and
whether or not a ticket should be escalated. We were using the
ticket_type as the value for the Zendesk ticket_type. However, the Zendesk
API accepts 4 values for its ticket_type and these are different from
the ticket_type values we use in our code.

This change converts the Notify ticket_type value to a valid Zendesk
ticket_type value when creating a Notify feedback ticket.
2021-09-29 10:37:01 +01:00
Katie Smith
437af32d82 Use Zendesk form for general enquiries 2021-09-29 10:30:32 +01:00
Katie Smith
e9948a0234 Use Zendesk form for branding requests
This changes the Zendesk tickets created when an email or letter
branding request is submitted to use the new Zendesk Form that was
introduced in https://github.com/alphagov/notifications-utils/pull/899
2021-09-29 10:30:32 +01:00
Katie Smith
39c26f5bfb Create go-live support tickets using the new way
The new way of creating support tickets can be seen in
[notifications-utils](https://github.com/alphagov/notifications-utils/pull/899).

This changes tickets created when making a request to go live to use
the new way, while other tickets stay the same for now.

The go live tags have been removed. Some of these had become
unneccessary since you can't make the request to go live unless they are
true (e.g. `notify_go_live_email_reply_to`). Others will always get
added by a Zendesk macro when the ticket is replied to, so we don't need
to add them here.
2021-09-22 12:00:05 +01:00
Ben Thorner
41f44c51fe Fix showing service type radios on error
The radio buttons to select the type of service - central, etc. -
are only shown if we can't infer the type based on the user's email
/ default organisation. However, the code to render the page in the
error case didn't accommodate this, nor did it show the version of
the page for adding a local government service.

This fixes the bug by DRYing-up the logic to render the pages. I've
not added a test for this for a couple of reasons:

- It's not a critical bug: no one has complained about it and it
doesn't block the user from adding service.

- It's unlikely to reoccur because the bug involved writing _more_
code than was necessary.

- It's not trivial to test this due to the 3 versions of the page
involved - these are tested for the happy path.
2021-09-16 12:07:03 +01:00
Leo Hemsted
a96bfdb16e remove server-side error messages for webauthn
since we are hard-coding a generic error message on the front-end, we
have no need to do anything on the back end. This is also nice as it
standardises the two flows to behave more like each other (rather than
previously where one would `flash` an error message and the other would
return CBOR for the js to decode).

Note that the register flow returns 400 while the auth flow returns 403.
The js for both just checks `response.ok` so will handle both. The JS
completely discards any body returned if the status isn't 200 now.
2021-09-15 11:43:41 +01:00
Leo Hemsted
b7e50fc638 redirect non logged in users
previously it'd show an error because non logged in users don't have the
can_use_webauthn attribute. now we can just bounce them to the sign-in
page
2021-09-14 18:43:26 +01:00
Leo Hemsted
546836b22f move pricing pages to their own file 2021-09-08 10:19:46 +01:00
Leo Hemsted
86c413557c move financial deets to an environment variable
lets us keep cabinet office financials safe in the credentials repo

the dict in the creds repo will either be an empty dict or a full dict,
so the env var on paas will always contain some parseable json. But
locally it might not, so if it's not set at all then default to the
string `null` so the json parsing doesn't throw a wobbly.
2021-09-08 10:19:46 +01:00
Leo Hemsted
a0adf3c63c add new billing details page
contains both signed in and signed out versions (when signed in you can
see bank details etc)
2021-09-08 10:19:42 +01:00
Chris Hill-Scott
8355abeaf2 Update email_access_validated_at on invite
Accepting an invite means that you’ve just clicked a link in your email
inbox. This shows that you have access to your email.

We can make a record of this, thereby extending the time before we ask
you to revalidate your email address.
2021-08-19 11:14:47 +01:00
Chris Hill-Scott
cb59413581 Update email_access_validated_at on link click
When someone uses a fresh password reset link they have proved that they
have access to their inbox.

At the moment, when revalidating a user’s email address we wait until
after they’ve put in the 2FA code before updating the timestamp which
records when they last validated their email address[1].

We can’t think of a good reason that we need the extra assurance of a
valid 2FA code to assert that the user has access to their email –
they’ve done that just by clicking the link. When the user clicks the
link we already update their failed login count before they 2fa. Think
it makes sense to handle `email_access_validated_at` then too.

As a bonus, the functional tests never go as far as getting a 2FA code
after a password reset[2], so the functional test user never gets its
timestamp updated. This causes the functional tests start failing after
90 days. By moving the update to this point we ensure that the
functional tests will keep passing indefinitely.

1. This code in the API (91542ad33e/app/dao/users_dao.py (L131))
   which is called by this code in the admin app (9ba37249a4/app/utils/login.py (L26))
2. 5837eb01dc/tests/functional/preview_and_dev/test_email_auth.py (L43-L46)
2021-08-19 11:14:47 +01:00
Chris Hill-Scott
ff12ba689d Merge pull request #3993 from alphagov/4-hours-expiry-test-channels
Expire test and operator alerts after 4 hours
2021-08-18 10:12:26 +01:00
Leo Hemsted
71d3aa13d7 follow sign_in redirect even if you're already signed in 2021-08-17 14:44:09 +01:00
Chris Hill-Scott
8ff7fecf40 Expire test and operator alerts after 4 hours
While testing alerts on these channels the MNOs sometimes need to
restart their CBCs to make sure everything is failing over properly.

If the CBC does not come back up, for whatever reason, then we are left
in a state where the alert can’t be cancelled.

To minimise the impact to the public in this scenario we should keep the
expiry time at 4 hours for alerts sent on test channels. We recently
increased it back up to 24 hours for all channels, so this in effect is
reverting that change for channels that won’t be used in a real
emergency.
2021-08-09 15:15:58 +01:00
Chris Hill-Scott
5e1b96a3a7 Remove argument unpacking from get_areas
Making it only callable in one way is just less stuff to understand.
2021-08-06 13:28:40 +01:00
Pea Tyczynska
af6b1d38b5 Merge pull request #3984 from alphagov/handle-cancel-letter-errors-from-api
Catch cancel_letter errors from API
2021-08-03 11:05:46 +01:00
Pea Tyczynska
e1420e7ff7 Catch cancel_letter errors from API
When we catch such error, if the message is recognised,
show the message and redirect user to view_notification page.
2021-07-28 12:55:06 +01:00
Ben Thorner
a38baa0bd8 Rename unclear "permissions" attributes
These are more than a list of permissions: each item includes the
label to use when displaying it as an option on a form. Switching
to a name that reflects how the attributes are used will help to
avoid confusion when we rename some of the other attributes in the
same file in later commits.
2021-07-28 12:37:15 +01:00
Ben Thorner
1127a03c32 Move and rename roles_and_permissions.py
This file does not represent a model, but rather a set of utilities
that are specific to user permissions (vs. service permissions).
2021-07-28 12:36:40 +01:00
Katie Smith
8b08661902 Remove check for send_messages permission from broadcast pages
The `send_messages` permission has been deprecated for use with
broadcast services, so we can drop support for it in the code. We
were supporting both the old permissions and new permissions
(`create_broadcasts` and `approve_broadcasts`) while we switched people
over.

This removes `send_messages` from the `user_has_permissions` decorator
around the broadcast routes and from the page to view a broadcast and
broadcast dashboards. We can now git rid of a lot of the parameterization
that was temporarily added to the tests.
2021-07-26 10:58:16 +01:00
Leo Hemsted
80cfbacd84 Merge pull request #3974 from alphagov/deleted-template
dont let people get into one-off flow for deleted templates
2021-07-22 13:14:08 +01:00
Leo Hemsted
5da69dd495 dont let people get into one-off flow for deleted templates
previously we'd skip the template page entirely if someone didnt have
manage templates/api keys permission. however, if the template is
deleted you'd then go through the flow entering placeholders and stuff
before it would then crash when trying to send.

instead, just bounce the user to the template page. It has the content
and says when the template was deleted.
2021-07-22 11:47:07 +01:00
Ben Thorner
171f911237 Audit when user permissions are changed
I've used the term "admin_roles" in the event data to try and show
that these are not the permissions we store in the DB. This is the
name we use for the abstracted form of permissions in the Admin app.
While we could store the DB permissions, that would be a bit more
effort and arguably it's clearer to keep the event data consistent
with the options the user actually saw / chose.
2021-07-21 15:32:03 +01:00
Katie Smith
a66a31c944 Allow users with new broadcast permissions access to routes
Added two new permissions - `create_broadcasts` and
`approve_broadcasts`. These new permissions get added to the
`has_permissions` decorator of the broadcast routes to allow the routes
to be accessed with either the old permissions on the new ones while we
switch over.

We were using the `send_messages` permission for the broadcast routes.
By having two new permissions we can allow a more granular control of
these routes.
2021-07-19 14:40:13 +01:00
Chris Hill-Scott
f84f05191e Merge pull request #3968 from alphagov/forgotten-password-govuk-link
Style link in wrong password error
2021-07-16 09:16:53 +01:00
Chris Hill-Scott
93fbd1319c Merge pull request #3966 from alphagov/block-plus-addressing
Be strict about similar email addresses when inviting a user to an emergency alerts service
2021-07-16 09:16:47 +01:00
Chris Hill-Scott
d749ee5cea Rename confusing variable
The reason the email address is considered invalid is because it is the
address of the person doing the inviting.

This commit renames the variable to be more specific and avoid confusion
with the email address of the person being invited.
2021-07-15 14:21:58 +01:00
Ben Thorner
9170c0b175 Merge pull request #3969 from alphagov/fix-suspend-archive-perm-178770416
Fix backend permissions for stopping services
2021-07-15 09:29:20 +01:00
Katie Smith
9d4095074d Merge pull request #3967 from alphagov/broadcast-form-cache-clear
Clear user cache when broadcast service settings form is submitted
2021-07-14 16:02:14 +01:00
Ben Thorner
96a87e7cf2 Fix and test archive service permissions
Previously the backend would never validate permissions because the
"not service.active" part would (usually) fail. I've updated it to
match the (inverse of the) conditional we have in the HTML [1].

[1]: 6ac593aa5f/app/templates/views/service-settings.html (L455)
2021-07-14 14:51:33 +01:00
Ben Thorner
cd95a891a7 Enforce only Platform Admin can suspend / resume
This was previously out-of-sync with the superficial restriction in
the HTML [1][2].

[1]: 6ac593aa5f/app/templates/views/service-settings.html (L462-L468)
[2]: 6ac593aa5f/app/templates/views/service-settings.html (L471)
2021-07-14 14:51:32 +01:00
Chris Hill-Scott
db15e3ebb0 Style link in wrong password error
It was missing the class which gives it the correct colour and underline styles.

Also adds a little bit of spacing to make it look better.
2021-07-14 09:42:56 +01:00
Katie Smith
5b52b6f9bf Clear user cache when broadcast service settings form is submitted
When the broadcast service settings form is submitted it now removes all
permissions for users in notifications-api. This means it should be
clearing the user cache.
2021-07-13 17:06:35 +01:00
Ben Thorner
6ac593aa5f Merge pull request #3963 from alphagov/audit-service-resume-178770416
Audit when a service is resumed
2021-07-13 12:09:54 +01:00
Ben Thorner
1cde6ac686 Audit when a service is resumed
This could also be an issue if the service can send broadcasts, so
it's worth auditing who performed this action.
2021-07-13 10:57:23 +01:00
Ben Thorner
22ac1bfcae DRY-up and enforce kwargs for most events
For most events this makes the purpose of each argument clearer at
the point the event is called. It's still worth having a function
for each event type, as this abstracts knowledge of the event label.
Using a schema approach will make adding new events easier.

In the next commit we'll DRY-up the duplication in the tests as well.
2021-07-13 10:57:19 +01:00
Chris Hill-Scott
aefbe7709b Merge pull request #3951 from alphagov/hide-go-live-ticket-content
Hide details of go live request ticket from the user
2021-07-13 08:49:43 +01:00
Ben Thorner
301908460a Audit when a service is archived ("deleted")
This is similar to the previous commit. I've used the term 'archive'
to match the rest of the code - services aren't ever truly deleted.
2021-07-08 17:17:22 +01:00
Ben Thorner
bb4c86008a Add audit event for suspending a service
This is particularly important for broadcast services, where a rogue
service or platform admin could launch a DoS attack by suspending a
service at a critical moment when it needs to send alerts.
2021-07-08 15:29:52 +01:00
Ben Thorner
e72a260e13 Merge pull request #3947 from alphagov/allow-ccs
Allow other users to use security keys
2021-07-08 11:53:03 +01:00
Chris Hill-Scott
ceca92c84e Merge pull request #3952 from alphagov/emergency-alerts-content-review
Emergency alerts content review
2021-07-08 09:33:54 +01:00