Commit Graph

123 Commits

Author SHA1 Message Date
Chris Hill-Scott
0f0b2dad3f Correct whitelist to non-government in test name
See c31264d4c for why ‘whitelist’ should be avoided. The use of
whitelist here was not referring to the user-maintained list, but to
mean ‘not a government’ email address. This commit renames these tests
to make that difference clear.
2020-06-12 10:28:08 +01:00
Tom Byers
f0f461f5c9 Revert "Change checkboxes to GOVUK frontend" 2020-05-14 16:59:34 +01:00
Tom Byers
c9420418b3 Fix issues in tests from new fields 2020-05-13 17:37:44 +01:00
Chris Hill-Scott
db2d312ba7 Link to ‘who it’s for’ when error creating account
If someone enters an email address from a domain we don’t recognise we
direct them straight to our support channel. This is causing increased
contact from suppliers and members of the public.

Now that we have a page which explains who can use Notify, let’s direct
people there first. Then if they really do need to contact support
(because we don’t recognise their organisation) then they can do so from
that page.
2020-03-26 14:55:51 +00:00
David McDonald
c248fee772 Add event for remove_user_from_service
Follows our existing patterns of events for managing users
2020-03-10 13:52:39 +00:00
Tom Byers
16c1c34588 Fix tests broken by changes to HTML 2020-02-25 10:52:03 +00:00
Tom Byers
5b306dde4d Revert "Convert all links to govuk frontend" 2020-02-24 11:56:38 +00:00
Tom Byers
12c30c47a5 Fix tests broken by changes to HTML 2020-02-20 09:11:26 +00:00
Katie Smith
dca6d1690f Use govuk-button in page footer component 2020-02-17 08:05:05 +00:00
Tom Byers
28140104f1 Fix python tests broken by cookie banner 2020-01-20 10:03:19 +00:00
Chris Hill-Scott
c4818eb7f2 Rename property on ModelLists
The property doesn’t represent the whole client, but just one method on
it. So this commit renames the property to better describe what it is
designed to store.
2020-01-16 16:31:20 +00:00
Leo Hemsted
66db735e09 Revert "Merge pull request #3238 from alphagov/cookies-update"
This reverts commit eec4bec761, reversing
changes made to 64480e2fff.
2020-01-15 14:40:48 +00:00
Tom Byers
eec4bec761 Merge pull request #3238 from alphagov/cookies-update
New cookies banner and page
2020-01-15 10:37:14 +00:00
Chris Hill-Scott
72eb6ef99a Fix session bug when changing user’s email address
The session key we use is global.

This means if you open the edit page for two different users in two
different tabs the session for the first tab is overwritten with the
session from the second tab. This means the two users are both set to
the same email address, which causes an exception (email addresses are
unique).

This commit fixes that bug by including the user ID in the session ID.
2020-01-13 12:03:39 +00:00
Tom Byers
beeb273d6c Fix python tests broken by cookie banner 2020-01-03 17:28:33 +00:00
Katie Smith
e4134072d9 Reduce the errors related to user fixtures
We were using user fixtures in a lot of parameterized tests, but this is
no longer allowed in Pytest 5. To avoid having to split up the parametrized
tests (which would make the test files a lot longer and slightly more
difficult to read) this commit creates functions which return various types
of user json so that we can use these as the test parameters instead.
2019-12-19 16:59:07 +00:00
Rebecca Law
18e3eb6b32 Update tests for content changes. 2019-09-23 13:22:28 +01:00
karlchillmaid
852699e3e8 Replace hasn't with has not 2019-09-23 13:22:26 +01:00
karlchillmaid
92343aa45e Update change links and headings (#3064)
* Update Settings titles
* Update Change links on settings
* Update Team members Change link
* Update Settings pages headings
2019-07-25 11:52:13 +01:00
Chris Hill-Scott
30eeaec154 Add autocomplete to email address on register form
GOV.UK Design System recommends:
> You should also set the autocomplete attribute to email. This lets
> browsers autofill the email address on a user’s behalf if they’ve
> entered it previously.

Only doing this on the register and sign in forms because it’s unlikely
to be helpful where a user is trying to enter someone else’s email
address.
2019-07-16 17:14:49 +01:00
Chris Hill-Scott
f34a252e72 Remove defaults from User model
the api always returns exactly:
```
id
name
email_address
auth_type
current_session_id
failed_login_count
logged_in_at
mobile_number
organisations
password_changed_at
permissions
platform_admin
services
state
```

it does this through `models.py::User.serialize` – there is an old
Marshmallow `user_schema` in `schemas.py` but this isn’t used for
dumping return data, only parsing the json in the create user rest
endpoint.

This means we can rely on these keys always being in the dictionary.
2019-06-05 14:55:43 +01:00
Chris Hill-Scott
628e344b36 Make user API client return JSON, not a model
The data flow of other bits of our application looks like this:
```
                         API (returns JSON)
                                  ⬇
          API client (returns a built in type, usually `dict`)
                                  ⬇
          Model (returns an instance, eg of type `Service`)
                                  ⬇
                         View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:

```
                         API (returns JSON)
                                  ⬇
    API client (returns a model, of type `User`, `InvitedUser`, etc)
                                  ⬇
                         View (returns HTML)
```

This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.

It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.

For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.
2019-06-05 11:13:41 +01:00
Chris Hill-Scott
8835486d4e Look in organisation for whitelisted domains
At the moment we have to update a YAML file and deploy the change to get
a new domain whitelisted.

We already have a thing for adding new domains – the organisation stuff.

This commit extends the validation to look in the `domains` table on the
API if it can’t find anything in the YAML whitelist.

This has the advantage of:
- not having to deploy code to whitelist a new domain
- forcing us to create new organisations as they come along, so that
  users’ services automatically get allocated to the organisation once
  their domain is whitelisted
2019-06-03 11:41:13 +01:00
Chris Hill-Scott
fd7a33d0a6 Remove folder permissions feature flag from team members 2019-05-17 14:08:01 +01:00
Alexey Bezhan
cab780b549 Remove edit_folder_permissions service setting (feature flag)
This removes the edit_folder_permission checks from the code, enabling
the folder permissions for all services.

This also fixes folder-related tests to set up appropriate user
permissions.

This should only be merged right after alphagov/notifications-api#2428,
when all other permission stories are done.
2019-05-17 11:20:16 +01:00
Chris Hill-Scott
81b299428f Add tests for editing folder permissions for platform admin users 2019-05-17 11:03:41 +01:00
Alexey Bezhan
5dbd229781 Hide template folder permission editing for platform admin users
Platform admin users can access all template folders, so the folder
permissions form always displays everything as checked for them,
which makes it look like the form isn't actually working. We could
do the check based on folder data, but the field still wouldn't
have any effect on permissions. So instead, we hide it completely
for platform admin users.

Submitting the form will remove any folder permissions from the DB
for the platform admin user (which can still be created by changing
permissions on the template folder 'Manage' page), but that's only
relevant if a user stops being a platform admin but keeps their
Notify services.
2019-05-17 10:46:56 +01:00
Katie Smith
d689b031a2 Allow non-gov email addresses to be changed to gov email addresses
When a user's email address is updated, we not allowing it to be changed
to a non-government email address. We now allow a non-gov email address
to be changed to another non-gov email address. Government email
addresses still cannot be changed to non-government email addresses.

Also fixes the link in the error message on the ChangeEmailAddress form -
this was being escaped before.
2019-04-25 10:36:04 +01:00
Katie Smith
88e9a0ff61 Add audit event when a service manager changes someones profile
We should audit when a service manager changes a user profile that is not
their own. This can be recorded in our events table, which is currently
only used to record successful logins.

This adds two new types of event, `update_user_email` and
`update_user_mobile_number` which store the
- browser fingerprint
- IP address
- user id of the user being updated
- user id of the service manager  making the change
- original email address and new email address (for `update_user_email`
events)
- original mobile number and new mobile number (for
`update_user_mobile_number` events)
2019-04-09 14:37:37 +01:00
Leo Hemsted
249b80762a add count of folders visible per user to the team members page
Shows a count of how many folders that user can see - this doesn't do
anything smart with parent folder stuff, it's just "how many checkboxes
are ticked on the edit page".

* doesn't show if service has no folders
* doesn't show if service hasn't got folder permissions enabled
2019-04-04 17:55:37 +01:00
Chris Hill-Scott
883b07e3f0 Use client_request fixture where possible
It:
- saves repetetive boilerplate code
- does some extra checks (eg checking for a `200` response)
- makes the codebase less confusing to consistently do the same thing in
  the same way
2019-03-26 16:38:00 +00:00
Leo Hemsted
f872294235 remove the remove-user get method
remove `confirm` from `confirm_remove_user_from_service` as there's
only one action now that the initial confirmation prompt takes place
on the edit permissions page
2019-03-26 15:52:37 +00:00
Leo Hemsted
f7f9dd8530 fix user permissions save button sometimes deleting
when you hit the delete button, it flashes the delete button and takes
you to the `/service/../user/../delete` url. If you then click the save
button, it would make a POST to the delete URL... and delete the user.

now the page stays on the edit url, but adds a `?delete=yes` query
string. The dangerous flash banner now has an action field which
defines where the browser will make the POST to (which remains at
/delete).
2019-03-26 15:52:37 +00:00
Katie Smith
7654d3c5fd Send folders if inviting user for service without edit folder permissions
If a new user is being invited for a service which doesn't have edit
folder permissions turned on, we want to send all folders for that
service to api.
2019-03-22 13:29:13 +00:00
Katie Smith
c39f6d49ea Set folder permissions when creating and accepting invites to services
Added a folder permissions form to the page to invite users to services.
This only shows if the service has 'edit_folder_permissions' enabled,
and all folder checkboxes are checked by default. This change means that
InviteApiClient.create_invite now sends folder_permissions through to
notifications_api (so invites get created with folder permissions).

Started passing the folder_permissions through to notifications-api when
accepting an invite. This changes UserApiClient.add_user_to_service to
send folder_permissions to notifications_api so that new users get folder
permissions when they are added to the service.
2019-03-21 10:17:05 +00:00
Pea Tyczynska
a9be6015dc Test if auth type can be chosen while inviting user 2019-03-12 16:53:46 +00:00
Alexey Bezhan
6fa975e867 Send updated user folder permissions to the API
Integrates the folder permissions form with the updated API endpoint
to store changes in the user folders.

Since user folder permissions are returned in the full list of template
folders for the service we need to invalidate the cache key for it each
time we update user permissions.
2019-03-05 11:44:34 +00:00
Pea Tyczynska
7413423243 Display nested folders permissions form on user permissions page
We're reusing the logic for the `move_to` nested radios field for the
user folder permissions nested checkboxes.

The main difference between the two forms (aside from the different
input type) is that "Move" form contains the root "Templates" as an
option, whereas the folder permissions doesn't.

It turns out that, because of the way NestedFieldMixin.children and
select_nested macro are implemented the easiest way to get the desired
folder permissions behaviour is to add the root folder as a choice with
a `None` value and `NONE_OPTION_VALUE = None` set on the field, which
allows the `child_map` to be constructed but doesn't display the root
folder checkbox itself since it gets overwritten in the final `child_map`.
2019-03-05 11:44:34 +00:00
Rebecca Law
184ea5b92b Update the message when changing a users mobile phone number. 2019-03-04 11:14:35 +00:00
Pea Tyczynska
7da2ed4539 Tell api when mobile or email updated by colleague
So that API can send a confirmation email to the affected user
2019-02-26 16:35:11 +00:00
Pea Tyczynska
d93278f5f0 Ensure that mobile of user not belonging to service cannot be edited 2019-02-26 11:51:56 +00:00
Pea Tyczynska
d60ab838a8 Edit mobile page allows users to proceed without changing mobile number
Also:
- change formatting of mobile number redact characters

- redirect if session empty

- update a test with new mock after rebase
2019-02-26 11:50:56 +00:00
Pea Tyczynska
f7e54b7f5b Change team member's mobile number upon confirmation
Also add edit user mobile number urls to navigation exceptions
2019-02-26 11:50:42 +00:00
Pea Tyczynska
94b78a7649 Confirm change of team member's phone number 2019-02-26 11:50:41 +00:00
Pea Tyczynska
5a59989497 Redirect to mobile number confirmation page 2019-02-26 11:50:41 +00:00
Pea Tyczynska
9d57a81029 Edit mobile number page 2019-02-26 11:50:41 +00:00
Pea Tyczynska
94c4151640 Edit user permissions page shows redacted phone number and Change link
Also make plan for story development
2019-02-26 11:50:17 +00:00
Chris Hill-Scott
d82f410325 Don’t allow editing of users from other services
Currently when you load the ‘edit user’ page (which has a URL like
`/service/<service_id>/users/<user_id>`) we check that:
- you belong to the service represented by `service_id`
- you have permission to edit users on this service

We don’t check that:
- the user represented by `user_id` belongs to this service

This means that if you could somehow determine another user’s `user_id`
(which I don’t think is possible if you don’t already have the manage
service permission for that service) then you could:
- edit their permissions on your service (weird, but wouldn’t have any
  effect)
- change their email address (bad)

This commit adds checks to return a `404` any time you’re looking at a
service and trying to do stuff to a user who doesn’t belong to that
service.

We can’t add this check to the API easily because there are still times
that we want to get/modify users outside the context of a service (eg
platform admin pages, or users who have no services).
2019-02-25 17:19:07 +00:00
Chris Hill-Scott
ffaa8cd1a6 Don’t error if email address hasn’t changed
When updating a user’s email address you currently get an validation
error if you save without changing it. Instead it should just obey your
command. And no need for the confirmation step because nothing is
actually changing.
2019-02-25 12:04:07 +00:00
Pea Tyczynska
6c406ae5cd Redirect from confirmation page if session empty 2019-02-22 16:13:46 +00:00