Commit Graph

8183 Commits

Author SHA1 Message Date
karlchillmaid
d87f70c5f3 Revert ‘every’ to ‘any’ 2021-10-13 12:24:11 +01:00
karlchillmaid
a1258114a5 Change ‘last updated’ date 2021-10-13 12:24:10 +01:00
karlchillmaid
ed5e50d542 Update initialisation of ‘UK’ 2021-10-13 12:24:10 +01:00
karlchillmaid
a22b834532 Update Privacy page content 2021-10-13 12:24:10 +01:00
Chris Hill-Scott
1cc087b8de Move end of tour route into tour.py
In https://github.com/alphagov/notifications-admin/pull/3663/files we
made specific routes for sending the ‘tour’ text message, rather than
sharing the ‘one-off’ routes in `send.py`.

This commit moves the final route in the tour journey into `tour.py` as
well, which is where I expected to find it when I was looking for it
just now.
2021-10-06 13:57:03 +01:00
karlchillmaid
2949f2b61c Remove contact us link 2021-10-05 12:55:06 +01:00
karlchillmaid
67b8c7166f Add introduction 2021-10-05 12:54:14 +01:00
karlchillmaid
8bed53e6d1 Merge pull request #4031 from alphagov/better-messages-alpha-sprint-2
Update introduction
2021-10-05 12:22:16 +01:00
Katie Smith
5885110360 Ensure only logged in users can see /webauthn/register
There are no links to the `webauthn_begin_register` route - you are only
taken there if you are logged in and have clicked to register a key.
However, we have seen this route being crawled by bots making a GET
request which gives a `500` status code error because there isn't a
logged in current_user. For consistency, this also adds teh decorator to
the POST route.
2021-10-05 11:38:12 +01:00
karlchillmaid
825d4ecf96 Close <a> tag 2021-10-05 10:31:29 +01:00
karlchillmaid
3cb7ecd90e Update introduction 2021-10-01 15:08:41 +01:00
Chris Hill-Scott
975088308a Put media query after default CSS
Specificity means that the media query will always override, but this is
more obvious with the order this way around.
2021-09-30 15:07:22 +01:00
Chris Hill-Scott
eee4cdd0a7 Rewrite media queries to be mobile-first
Also adds height: 100% which forces the SVG to scale, rather than just
setting width which widens the viewbox.
2021-09-30 14:19:27 +01:00
Chris Hill-Scott
c63313e839 Give WebAuthn illustration a fixed size
The browser uses the `width` and `height` attributes of the image tag to
allocate space on the page for the image.

If these aren’t provided then the browser will assume the image takes up
no space, until it’s downloaded it and had a look at what the file’s
dimensions are. This causes the layout of the page to jump once the
image downloads.

`149 × 150px` is the native size of the image. But we don’t want it to
display at that size, so this commit also adds some extra CSS which
keeps it looking the same, namely:
- the full width of the 1/4 page column on desktop
- the full width of the column minus a `40px` gutter either side on
  mobile (by using `box-sizing: border-box` the `40px` of padding is
  subtracted from the 100% width, rather than added to it)
2021-09-30 14:19:27 +01:00
Chris Hill-Scott
28f26e0056 Merge pull request #4029 from alphagov/copy-clipboard-key-value-styles
Fix styles for API key value not being applied
2021-09-30 11:09:22 +01:00
Katie Smith
a54b3c9f77 Pass valid ticket type to Zendesk
The feedback endpoints use `ticket_type` to decide what to display and
whether or not a ticket should be escalated. We were using the
ticket_type as the value for the Zendesk ticket_type. However, the Zendesk
API accepts 4 values for its ticket_type and these are different from
the ticket_type values we use in our code.

This change converts the Notify ticket_type value to a valid Zendesk
ticket_type value when creating a Notify feedback ticket.
2021-09-29 10:37:01 +01:00
Katie Smith
437af32d82 Use Zendesk form for general enquiries 2021-09-29 10:30:32 +01:00
Katie Smith
e9948a0234 Use Zendesk form for branding requests
This changes the Zendesk tickets created when an email or letter
branding request is submitted to use the new Zendesk Form that was
introduced in https://github.com/alphagov/notifications-utils/pull/899
2021-09-29 10:30:32 +01:00
Chris Hill-Scott
bc5745c77b Fix styles for API key value not being applied
When the component was renamed from ‘API key’ to ‘Copy to clipboard’ the class for the thing to be copied changed from `api-key__key` to `copy-to-clipboard__value`. While the CSS was updated to reflect the change from `api-key` to `copy-to-clipboard` the change from `__key` to `__value` was not made.

Before: 4921e6d46e/app/templates/components/api-key.html
After: 85f6881a56/app/templates/components/copy-to-clipboard.html

This commit changes updates the CSS to reflect the latter change, so that the styles get applied properly.
2021-09-28 15:30:44 +01:00
Katie Smith
c76cd82a97 Merge pull request #4024 from alphagov/new-zendesk-form
Use Zendesk form for go live requests
2021-09-23 09:20:47 +01:00
Tom Byers
87f54d1e88 Replace diffDOM library with domdiff
A while ago diffDOM moved its code to use ES6
modules and started using various language
features specific to ES6. These two things
happened independently btw.

The result of this is that the version of diffDOM
suitable for our build pipeline, structured as an
immediately invoked function evocation (IIFE),
now requires polyfills of some ES6 features to
work in the older browsers we support, like IE11.

It's also worth noting that in the move to ES6
the maintainers of diffDOM have adopted a process
whereby users who need to support older browsers
now have to add polyfill code for any ES6 features
they choose to use.

This commmit proposes a move to the domdiff
library instead because:
- it runs on all javascript runtimes with no
  polyfills
- it is 2KB instead of diffDOM's 25KB

Domdiff takes a different approach to diffDOM, in
that it compares existing nodes and new nodes and
replaces the existing ones with the new ones if
there are differences. By contrast, diffDOM will
make in-place changes to nodes if there are enough
similarities. In other words, in most situations,
diffDOM won't change the node in $component
whereas domdiff will.

Because of this, I've had to change the
updateContent.js code to cache the data-key
attribute's value so we don't lose access to it by
overwrite the $component variable with a different
jQuery selection.
2021-09-22 12:05:47 +01:00
Katie Smith
d41185db5f Delete unused template
`delete.html` hasn't been used since e89f89bd11
2021-09-22 12:00:05 +01:00
Katie Smith
39c26f5bfb Create go-live support tickets using the new way
The new way of creating support tickets can be seen in
[notifications-utils](https://github.com/alphagov/notifications-utils/pull/899).

This changes tickets created when making a request to go live to use
the new way, while other tickets stay the same for now.

The go live tags have been removed. Some of these had become
unneccessary since you can't make the request to go live unless they are
true (e.g. `notify_go_live_email_reply_to`). Others will always get
added by a Zendesk macro when the ticket is replied to, so we don't need
to add them here.
2021-09-22 12:00:05 +01:00
Ben Thorner
41f44c51fe Fix showing service type radios on error
The radio buttons to select the type of service - central, etc. -
are only shown if we can't infer the type based on the user's email
/ default organisation. However, the code to render the page in the
error case didn't accommodate this, nor did it show the version of
the page for adding a local government service.

This fixes the bug by DRYing-up the logic to render the pages. I've
not added a test for this for a couple of reasons:

- It's not a critical bug: no one has complained about it and it
doesn't block the user from adding service.

- It's unlikely to reoccur because the bug involved writing _more_
code than was necessary.

- It's not trivial to test this due to the 3 versions of the page
involved - these are tested for the happy path.
2021-09-16 12:07:03 +01:00
Leo Hemsted
9e915703fd fix contact list bst bug
the api returns UTC timestamps, we should keep them as UTC timestamps
until the very last moment, and only convert them into BST when we know
we want to return to a user (ie: in contact-list.html and other places
like that)
2021-09-15 15:12:13 +01:00
Leo Hemsted
a96bfdb16e remove server-side error messages for webauthn
since we are hard-coding a generic error message on the front-end, we
have no need to do anything on the back end. This is also nice as it
standardises the two flows to behave more like each other (rather than
previously where one would `flash` an error message and the other would
return CBOR for the js to decode).

Note that the register flow returns 400 while the auth flow returns 403.
The js for both just checks `response.ok` so will handle both. The JS
completely discards any body returned if the status isn't 200 now.
2021-09-15 11:43:41 +01:00
Leo Hemsted
2c55f4d0ce hard-code html error message for errorBanner
turns out that we're only using errorBanner with a static message, and
it's also full of rich html content. This means that it's probably
better to put it in the html templates with other content, rather than
hidden away in js files if we can help it.

Since there are two places, had to dupe the error message but i think
that's fine as i don't anticipate this error message being used in
significantly more places.

making it a string is a bit gross and means we don't get nice syntax
highlighting on it, but as it needs to be passed in to a jinja macro
that's the way it has to go unfortunately.
2021-09-14 18:43:27 +01:00
Leo Hemsted
b7e50fc638 redirect non logged in users
previously it'd show an error because non logged in users don't have the
can_use_webauthn attribute. now we can just bounce them to the sign-in
page
2021-09-14 18:43:26 +01:00
Leo Hemsted
0b27d7e0a9 show error message in banner rather than an alert
the banner is a nicer user experience, and consistent with how we
display errors elsewhere in notify. For now pass through the error
message from JS, but we'll probably want to change that since the erorr
messages themselves are often a bit cryptic and unhelpful
2021-09-14 18:43:26 +01:00
Leo Hemsted
c96a1dc0b7 add new error banner module for showing users js errors
this ensures it's reusable by other components, and easier to unit test
by isolating the separate concerns

note: this is not in Modules since that's designed for classes that are
then bound to an element in the DOM as indicated by a data-module
attribute. This will just live at the window.GOVUK level since we want
there to only ever be one `.banner-dangerous` warning.
2021-09-14 18:43:25 +01:00
Pea Tyczynska
c42fc071b5 Merge pull request #4020 from alphagov/update-service-name-hint-text
Add additional instructions for the service name
2021-09-14 12:18:46 +01:00
karlchillmaid
385a17ca8b Add additional instructions for the service name
Add additional instructions for the service name - this is more consistent with the local government version of this page

Also update tests to use the new content.
2021-09-14 12:10:14 +01:00
Ben Thorner
674f0f6258 Merge pull request #4019 from alphagov/fix-incorrect-log-message-178986763
Fix incorrect log message for dodgy broadcasts
2021-09-14 11:22:50 +01:00
Leo Hemsted
a231738a16 Merge pull request #3989 from alphagov/update-pricing-pages
Add a billing details page
2021-09-08 16:31:38 +01:00
Ben Thorner
c694529d2d Fix incorrect log message for dodgy broadcasts
This was logging the number of keys in the whole JSON blob, rather
than the number of IDs specified within it.
2021-09-08 15:22:40 +01:00
Ben Thorner
85aeebcdd5 Support broadcasts with unidentifiable areas
The original code to raise the exception was flawed: if a broadcast
only had a single area that was invalid, we would assume it was a
custom broadcast [1]. Since the recent changes [2] fixed the flaw
we're now getting exceptions for broadcasts of this kind.

It's not practical to go and manually fix the invalid broadcasts,
and the likelihood is there will be more in future as the set of
areas we support changes. This takes a pragmatic approach of simply
logging the issue and pretending such broadcasts are custom.

[1]: 926ada2f21
[2]: https://github.com/alphagov/notifications-admin/pull/4014/files#diff-2dd8f77d6df281e7674b20263cdf27a3d58b839dc5930c0087ac8b9749b313e4R92
2021-09-08 14:05:18 +01:00
Leo Hemsted
49d1208056 remove name from copy-to-clipboard invocations
name is designed for a human readable description of what the thing
you're copying belongs to. (while thing is supposed to describe what the
value represents.

For example on the reply-to email address page, thing="ID" because
you're copying a uuid, and name is the actual name of the email address.
So the talkback speech will read out "copy ID to clipboard for
my@email.com, button".

However, in our case, there's no need to add what the context is for
since each copyable item on the page is something different (a sort
code, a VAT number, etc).

Removing the name makes the talkback just read "Copy sort code to
clipboard", which is what we want. However the macro also only shows a
header if the name is present, so we have to add the header manually.
2021-09-08 10:19:47 +01:00
Leo Hemsted
546836b22f move pricing pages to their own file 2021-09-08 10:19:46 +01:00
Leo Hemsted
86c413557c move financial deets to an environment variable
lets us keep cabinet office financials safe in the credentials repo

the dict in the creds repo will either be an empty dict or a full dict,
so the env var on paas will always contain some parseable json. But
locally it might not, so if it's not set at all then default to the
string `null` so the json parsing doesn't throw a wobbly.
2021-09-08 10:19:46 +01:00
Leo Hemsted
2b8289a5d8 update content on how-to-pay page 2021-09-08 10:19:46 +01:00
Leo Hemsted
a0adf3c63c add new billing details page
contains both signed in and signed out versions (when signed in you can
see bank details etc)
2021-09-08 10:19:42 +01:00
Leo Hemsted
85f6881a56 rename api key component to copy_to_clipboard
does what it says on the tin, and is also consistent with prior art:
https://components.publishing.service.gov.uk/component-guide/copy_to_clipboard
2021-09-08 10:18:17 +01:00
Ben Thorner
1d4326b9b2 Merge pull request #4014 from alphagov/support-custom-broadcasts-178986763
Fix areas not showing for custom broadcasts
2021-09-08 09:40:42 +01:00
Ben Thorner
bda49a4e0c Merge pull request #4012 from alphagov/remove-migration-command-178986763
Remove redundant command to migrate areas
2021-09-07 14:20:03 +01:00
Tom Byers
8d3ec9284b Merge pull request #3996 from alphagov/improve-map-accessibility
Accessibility fixes for interactive map
2021-09-07 11:37:51 +01:00
Tom Byers
c6ecbf647a Change comment about turning part of focus style off
Co-authored-by: Ben Thorner <benthorner@users.noreply.github.com>
2021-09-07 10:10:05 +01:00
Ben Thorner
748ba2fdee Remove pointless 'list-routes' command
This is superseded by the native 'flask routes' command.
2021-09-07 09:35:45 +01:00
Ben Thorner
fd6d7f8b7a Remove redundant command to migrate areas
The data migration is now complete.
2021-09-07 09:35:03 +01:00
Ben Thorner
cf3f69199a Support new broadcasts (without area IDs)
Previously we relied on the API defaulting this field to an empty
array [1], but that conflicts with using it to decide whether a
broadcast is custom or created in this app.

[1]: 3779146cc5/app/models.py (L2342)
2021-09-06 12:40:32 +01:00
Ben Thorner
baf20e0075 Support broadcasts with no areas data
Previously we used to return an empty CustomBroadcastAreas object,
which doesn't make sense for broadcasts created in this app.
2021-09-06 12:40:31 +01:00