Commit Graph

10714 Commits

Author SHA1 Message Date
karlchillmaid
cb8166efa0 Correct anchor link 2020-01-22 13:48:24 +00:00
karlchillmaid
edc7a28a70 Add anchor links 2020-01-22 13:48:24 +00:00
karlchillmaid
c1f3f5c99e Update links 2020-01-22 13:48:24 +00:00
karlchillmaid
4b598d463c Add list of links 2020-01-22 13:48:24 +00:00
karlchillmaid
7b49a566c5 Update content 2020-01-22 13:48:23 +00:00
karlchillmaid
7057f79532 Update upload letters content 2020-01-22 13:48:23 +00:00
karlchillmaid
3bdcc0ec32 Update upload letters content 2020-01-22 13:48:23 +00:00
karlchillmaid
ebd91fabd2 Update sms sender content 2020-01-22 13:47:33 +00:00
karlchillmaid
747d60175e Update branding content 2020-01-22 13:47:33 +00:00
karlchillmaid
c7c9d6c3de Update reply-to address content 2020-01-22 13:47:32 +00:00
karlchillmaid
7068271f39 Update page title and content 2020-01-22 13:47:32 +00:00
karlchillmaid
bcf12a20b4 Update personalisation content 2020-01-22 13:47:31 +00:00
karlchillmaid
07306e948d Add heading IDs 2020-01-22 13:47:31 +00:00
karlchillmaid
917687f567 Update title and h1 2020-01-22 13:47:30 +00:00
karlchillmaid
e43190b936 Create page and add content 2020-01-22 13:47:30 +00:00
Tom Byers
945701c607 Merge pull request #3273 from alphagov/fix-ga-config
Update Google Analytics tracker config
2020-01-22 13:00:55 +00:00
Tom Byers
cfdc83a336 Update tests 2020-01-22 12:26:55 +00:00
Tom Byers
174c10c7ff Clear old cookies to be based on consent
We have been clearing all the Google Analytics
cookies on each page request.

It is now possible for a user to consent to having
Google Analytics cookies so this should have been
checking for that before deleting them.

This makes that change, with tests for those
scenarios.
2020-01-22 12:14:23 +00:00
Tom Byers
0885dde2c1 Update Google Analytics tracker config
Removes the following fields from the tracker
config:
- `name`, which was erroring due to it
  including a `.`
- `displayFeaturesTask` which seems to be
  deprecated

Also refactors the `create` command to put all
fields into the options parameter, as shown in the
developer docs:

https://developers.google.com/analytics/devguides/collection/analyticsjs/creating-trackers
2020-01-22 12:10:01 +00:00
Tom Byers
98e48e68f9 Change the URL JSDOM uses for the current page
https://jestjs.io/docs/en/configuration#testurl-string

Affects all DOM APIs that return information about
the URL, for example window.location.

Why:

We now have tests for setting/deleting cookies.
Tough-cookie, the library JSDOM uses for cookie
handling cookies doesn't allow setting cookies
with `domain=localhost`. This is correct by
RFC6265, the standard it follows, as domains must
have 2 or more `.`s in them.

The only way to set a cookie on `localhost` is to
leave out the `domain` attribute.

The code we are testing sets and deletes cookies
set on specific domains so using `localhost` is
out.

We also cannot just set/delete cookies on the
domains used as cookies are required to match the
domain of the current page.

The solution we are left with is to set the
current page to one from production and make sure
each cookie is set relative to that domain.

Note: this introduces `testURL` in isolation to be
sure it doesn't break any existing tests.
2020-01-22 11:08:29 +00:00
Leo Hemsted
1cd96d7e2f Merge pull request #3271 from alphagov/bump-python
fix service letter contact blocks
2020-01-21 17:41:37 +00:00
Leo Hemsted
5bbbdc3cd9 fix xss with service letter contact blocks
service contact blocks contain new lines - and jinja2 normally ignores
newlines (as in it keeps them as new lines) - but we need to turn them
into `<br>` tags so that we can show the formatting that the user has
added. We were previously just doing `{{ block | nl2br | safe }}`. nl2br
turns the new lines into `<br>` tags, and then `safe` tells jinja that
it doesn't need to escape the html.

this causes issues if the user adds `<script>alert(1)</script>` to their
contact block (or some other evil xss hack), where that will get let
through due to the safe flag

To solve this, use `Markup(html='escape')` to sanitise any html, and
then convert new lines to <br>.

bump utils

another xss
2020-01-21 17:34:49 +00:00
Pea Tyczynska
5a32177982 Delete old letter branding request page 2020-01-21 16:47:42 +00:00
Pea M. Tyczynska
cc61e87701 Parametrized options label for the branding request form
Co-Authored-By: Chris Hill-Scott <me@quis.cc>
2020-01-21 16:47:42 +00:00
Pea Tyczynska
02cb6c9c38 Create a letter branding request flow to match email branding request
Test if service settings links to branding request page for letters

Parametrize all branding tests so they also work for letter branding
2020-01-21 16:47:14 +00:00
Leo Hemsted
c57aec8cd5 Merge pull request #3270 from alphagov/bump-python
bump python version
2020-01-21 15:17:30 +00:00
Leo Hemsted
edfcd49861 bump python version
we all run 3.6 locally, we test against 3.6 both locally and on
concourse, and the latest version of openpyxl (required by
pyexcel-xlsx) doesn't support 3.5 anymore
2020-01-21 15:10:43 +00:00
Leo Hemsted
772a47e870 Merge pull request #3269 from alphagov/reqs-bump
bump requirements
2020-01-21 14:55:40 +00:00
Leo Hemsted
9620559a55 bump requirements 2020-01-21 14:47:18 +00:00
Chris Hill-Scott
291734b0c4 Merge branch 'master' into fix-new-jobs-showing-as-deleted 2020-01-21 14:24:40 +00:00
Chris Hill-Scott
d27d400f53 Test the boundary conditions
Since date math can be hard it’s good to test as close to the boundary
as possible, which hopefully catches stuff like timezone related bugs.
2020-01-21 14:15:48 +00:00
Chris Hill-Scott
f5ced76e63 Don’t mock job processing in the future
It could hide bugs or make the tests harder to understand later on if
what they’re testing is an impossible scenario.
2020-01-21 14:09:54 +00:00
Chris Hill-Scott
f6a263a7b2 Rename property to more accurately describe purpose
`recently_created` says it would just be looking at the `created_at`
field to see if it's been created recently. Technically this method
isn't doing that, whilst its behaviour would be similar, it's actually
different and maybe therefore a bit misleading.
2020-01-21 14:07:23 +00:00
Chris Hill-Scott
d93866bc7e Use utils function to parse datetime strings
Rather than hard-coding a format string in a bunch of different places
we can use the function we already have in utils.

This commit also refactors some logic around password resets to put the
date-parsing changes in the most sensible bit of the codebase, so it’s
clearer what the intention of the view-layer code is.
2020-01-21 13:55:57 +00:00
David McDonald
8a41b63e23 Merge pull request #3267 from alphagov/bank-hols
Add more bank holiday dates
2020-01-21 10:24:02 +00:00
Chris Hill-Scott
6ff9dac161 Merge pull request #3254 from alphagov/letter-validation-short-messages
Add separate messages for precompiled letters that have failed validation
2020-01-21 10:02:58 +00:00
Chris Hill-Scott
68bc41685c Merge pull request #3266 from alphagov/job-status-not-on-uploads
Don’t assume a job’s status will be present
2020-01-21 10:02:51 +00:00
David McDonald
8d2053216f Add more bank holiday dates 2020-01-20 17:14:54 +00:00
Chris Hill-Scott
0202f73f9a Remove job_status from allowed properties
We can’t guarantee it’s always present, so shouldn’t allow direct access
to it.
2020-01-20 16:47:09 +00:00
Chris Hill-Scott
34f209a08b Fix mixed-up error messages
The too many pages error was being returned when the file couldn’t be
read. This commit corrects the error message, and adds a test to make
sure this case is covered.
2020-01-20 15:54:07 +00:00
Chris Hill-Scott
1fc0f58541 Add test for plural form of error message 2020-01-20 15:50:16 +00:00
Chris Hill-Scott
bc7deebcc7 Split test in two for readability 2020-01-20 15:46:03 +00:00
Chris Hill-Scott
32105b3328 Don’t assume jobs status will be present
The API response for jobs includes a field called `job_status`. The API
response for uploads doesn’t.

The `Job` mode handles uploads and jobs, so it needs to account for the
possibility of the field not being there.
2020-01-20 15:25:47 +00:00
Tom Byers
182c47dfa6 Merge pull request #3265 from alphagov/cookies-update-2nd-attempt
Cookies update 2nd attempt
2020-01-20 14:54:42 +00:00
Tom Byers
62f1c5a88e Fix associated test 2020-01-20 10:05:15 +00:00
Tom Byers
5de29f2389 Fix Google Analytics tracking code 2020-01-20 10:05:15 +00:00
Tom Byers
a67cd65f47 Make Google Analytics cookies expire in 1 year 2020-01-20 10:05:06 +00:00
Tom Byers
1d9c5e5da9 Default the cookie banner to be hidden
It should only be shown if JS is available and the
cookieMessage JS finds consent has not been set.
2020-01-20 10:04:58 +00:00
Tom Byers
1a97c6028c Add event tracking to window.GOVUK.analytics
app/assets/javascripts/errorTracking.js sent
events to `window.ga`.

This extends the API of `window.GOVUK.Analytics`
to include support for sending events so all
calls to `window.ga` can use it instead of direct
access.

This use of `window.ga` was missed from the
initial work on `window.GOVUK.Anaytics`.
2020-01-20 10:04:56 +00:00
karlchillmaid
c8f36683ed Remove lead in line before table 2020-01-20 10:04:18 +00:00