darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-06-02 04:20:34 -04:00
Code Issues Packages Projects Releases Wiki Activity
13,638 Commits 58 Branches 59 Tags
27ff29d0dba4cc99341907f3b551be77bfc9527e
Commit Graph

387 Commits

Author SHA1 Message Date
Carlo Costino
d02d2de9dc Made a few adjustments to test the beta redirect: 
- Explicitly return the redirect
- Change the redirect to be a 302 instead of 301
- Adjusted the test client to allow sub domains
- Added the remaining tests

A big thank you to @A-Shumway42 for getting this work underway!

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-18 15:59:28 -04:00
Andrew Shumway
118fd13189 Refactor code. Tests still failing 2023-09-18 06:24:17 -06:00
Andrew Shumway
068663ec1a Merge branch 'main' of https://github.com/GSA/notifications-admin into notify-762 2023-09-14 15:00:10 -06:00
Andrew Shumway
e22386e91b Redirect implemented with tests coverage 2023-09-14 14:59:48 -06:00
Kenneth Kehl
5e1a224c29 notify-admin-721 remove BasicAuth 2023-09-13 14:23:46 -07:00
Kenneth Kehl
8c9721d8e2 notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00
Kenneth Kehl
c6eb007386 merge from main 2023-08-25 08:57:24 -07:00
Kenneth Kehl
864c3dd6d9 code review feedback 2023-08-22 07:54:25 -07:00
Kenneth Kehl
5b8b235cb6 notify-admin-674 remove gds_metrics 2023-08-18 11:01:27 -07:00
Carlo Costino
9e609efa1c Remove webauthn hooks 
This changeset removes webauthn from the Notify.gov admin app.  We are not using webauthn at all in our implementation and will be looking at an entirely different authentication system in the near future.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-08-14 16:59:38 -04:00
Kenneth Kehl
00edf5d023 merge from main 2023-07-13 08:15:34 -07:00
Steven Reilly
13d0e46b52 blunt rename of org (#620) 2023-07-12 12:09:44 -04:00
Kenneth Kehl
c165589d4c notify-api-340 remove daily limit 2023-07-11 12:37:27 -07:00
Kenneth Kehl
7168309fbb fix all tests 2023-06-26 14:07:28 -07:00
Kenneth Kehl
ed274bd266 notify-542: move to 24 hour time for UTC 2023-06-26 08:42:04 -07:00
Andrew Shumway
21f9e80c9e Added hasattr() back for potential NoneType error 2023-06-02 08:32:44 -06:00
Andrew Shumway
a1484c62bb Requested changes in PR review 2023-06-01 15:40:50 -06:00
Andrew Shumway
bd798e78b6 Added global remaining daily messages across services to ui 2023-06-01 10:44:13 -06:00
Andrew Shumway
3abb61614c Added context_process to init.py for remaining daily messages 2023-05-30 08:01:29 -06:00
Steven Reilly
3f44877c8b Bump flask & werkzeug to 2.3 (#490) 
* bump werkzeug to 2.3
* remove no_cookie blueprint
 2023-05-02 09:45:48 -04:00
Ryan Ahearn
679072dd1b Clean up CSP header, add Permissions-Policy header 2023-04-19 16:06:21 -04:00
Ryan Ahearn
de668d7aba Remove contact-list references from code 2023-04-12 15:35:14 -04:00
Ryan Ahearn
703847e184 Respect HTTP_PROTOCOL config when forcing https 2023-03-08 10:48:22 -05:00
Ryan Ahearn
2a6bc62003 Use csp nonces for inline scripts and styles 2023-03-08 08:29:19 -05:00
Ryan Ahearn
e8e8c889d6 Add flask-talisman for security headers 2023-03-07 16:08:39 -05:00
Ryan Ahearn
9615f9d0c2 Fix header test 2023-01-23 11:05:51 -05:00
Ryan Ahearn
f5e3ad56c7 Add newrelic to browser CSP directives 2023-01-23 10:10:22 -05:00
Ryan Ahearn
7d08e9e0d4 Upgrade flask and install newrelic package 2023-01-19 17:29:21 -05:00
stvnrlly
ac1d5f0983 move vendored uk components to templates 2022-12-14 11:55:21 -05:00
stvnrlly
420845fac7 remove antivirus code (email does not allow attachments via ui) 2022-12-05 16:35:46 -05:00
stvnrlly
944715ac46 big commit with letters removal 2022-12-05 15:33:44 -05:00
stvnrlly
f16b5dd1c4 remove broadcast-related code 2022-10-04 03:04:13 +00:00
jimmoffet
dad051a662 2767 passing 2022-08-05 00:25:03 -07:00
Jim Moffet
b932294a9c formatting 2022-07-01 11:49:31 -07:00
Jim Moffet
8e9be686d2 clean obsolete import 2022-07-01 11:48:17 -07:00
Jim Moffet
522ed32a01 clean obsolete import 2022-07-01 11:47:44 -07:00
Jim Moffet
4001332741 clean comments 2022-07-01 11:36:47 -07:00
Jim Moffet
b8d5a0b5eb clean comments 2022-07-01 11:36:15 -07:00
Jim Moffet
e9a3b3d5e3 move CustomBasicAuth override to import 2022-07-01 11:34:51 -07:00
Jim Moffet
1e979ad519 fix basic auth for live environment 2022-07-01 07:58:58 -07:00
Jim Moffet
509cce38f4 set up basicauth config to protect staging site 2022-06-30 17:05:42 -07:00
Chris Hill-Scott
78a1a3099d Work around incompatibilty between govuk-frontend-jinja and Flask 2 
This line:
ddbe208a97/govuk_frontend_jinja/flask_ext.py (L22)

Raises `KeyError: 'extensions'` when using Flask 2

I think this is because there are no default Jinja extensions in Flask
as of pallets/flask@81ba6c2 in accordance with
https://github.com/pallets/jinja/issues/1203

So we need to manually add an `extensions` field to the `jinja_options`
`dict` if one doesn’t exist already.

Issue raised here: https://www.github.com/Crown-Commercial-Service/govuk-frontend-jinja/issues/66
 2022-06-06 12:12:52 +01:00
Chris Hill-Scott
9a1a328aca Format auth_type in a consistent way in the UI 
On the ‘find user’ page it says ‘sms_auth’ instead of ‘Text message
code’.

This commit fixes that, and adds a handy formatter so it’s easier to do
the right thing in the future.
 2022-03-14 14:55:31 +00:00
Chris Hill-Scott
4f672cb5dc Make logo CDN domain into simple config 
Having this as a function which does string parsing and manipulation
surprised me a bit when I was trying to figure out why something wasn’t
working.

It’s more in line with the way we do other config like this (for example
`ASSET_PATH`) to make it a simple config variable, rather than trying to
be clever and guess things based on other config variables.

It’s also less code, and is explicit enough that it doesn’t need tests.
 2022-01-27 10:33:05 +00:00
Ben Thorner
39e03cee50 Remove redundant 413 error page 
This was used when there was an Nginx instance sitting in front of
Admin [1], but nowadays traffic goes through CloudFront, where we
decided not to implement the same protection:

- The likelihood of large requests being a security threat is small
because it's a difficult attack vector.

- We have put in place specific limits on routes where we the size
of the request is actually important [2].

Note that the other error pages can all still be used based on the
response code we get from API requests [3]. Also worth noting we've
had 0 413 response codes for Admin in the last month.

[1]: https://github.com/alphagov/notifications-aws/blob/master/ansible/roles/nginx/templates/nginx.conf.j2#L29-L30
[2]: https://github.com/alphagov/notifications-admin/pull/4090
[3]: b3c0abc496/app/__init__.py (L407-L416)
 2021-12-09 14:48:34 +00:00
Chris Hill-Scott
6cb326f153 Update utils to do linear transformation of polygons 
Brings in https://github.com/alphagov/notifications-utils/pull/889/files

At the moment, we are not doing any transformation of features before
applying geometric algorithms to them. This is, in effect, assuming that
the earth is flat.

This new version of utils implements the transformation of our polygons
to a Cartesian plane. In other words, it converts them from being
defined in spherical degrees to metres.

For the admin app this means we need to convert places where the code
expects things to be measured in degrees to work in metres instead.
 2021-12-01 14:10:54 +00:00
David McDonald
c6b884dcef Upgrade utils to 48.0.0 
Fixes a bug with non breaking spaces being removed from templates
 2021-11-01 10:22:58 +00:00
Chris Hill-Scott
fad3ff70f2 Add a formatter for yes/no 
This is a bit neater than a bunch of repetetive ternary statements.
 2021-10-15 09:23:30 +01:00
Ben Thorner
748ba2fdee Remove pointless 'list-routes' command 
This is superseded by the native 'flask routes' command.
 2021-09-07 09:35:45 +01:00
Chris Hill-Scott
2accf8434a Remove false precision from area estimates 
We give estimates of the area for those who can’t see the map. These
estimates were needlessly precise, gave a false sense of accuracy and
were causing intermittent test failures between different environments.

This commit rounds them in the same way that we round the count of
phones.
 2021-07-06 17:00:51 +01:00