Because we’re not showing a summary of error messages screen reader users might
take a while to discover that there’s an error on the page. Since the only
real action on a page with errors is to correct them this commit adds some
Javascript to send focus straight to the first error message on a page.
As part of https://github.com/alphagov/notifications-admin/pull/187 the file
upload pattern was changed to auto-submit once a file had been picked. The
form that was submitted was, however, missing a CSRF token, as well as a submit
button for non-JS users.
This commit makes the file upload pattern self-contained, so that it will always
include a form with a CSRF token in a hidden input and a submit button, which is
then hidden when Javascript loads.
The ‘manage templates’ page was almost identical to the ‘send text messages’
page.
This commit consolidates them into one and makes them all hang together.
Part of this means tweaks to the javascript so that files upload as soon as
you’ve chosen them.
While looking at front end performance I noticed that the GOV.UK Template CSS
and Javascript files weren’t being minified, so were being served with (for
example) lots of comments still in the code.
This changes the Gulp task from simply copying the files to also minfiying them,
where appropriate.
Because this commit’s parent added a few new images, we are now serving at
least a handful of images, therefore a few additional HTTP requests. It’s better
to combine multiple HTTP requests into one for performance reasons (up to a
point).
This commit adds an extra step to the preprocessing of SASS files which takes
any images it finds, base64 encodes them and inlines them into the distributed
CSS files.
It also modifies the content security policy to allow inline images.
This takes the original prototype version of this page, and, using the same
fake data (ie nothing is wired up):
- adds an invite users page
- adds an edit (and delete) user page
Both these pages allow the user to set another user’s permissions.
This commit adds images for the ticks and crosses, so we have control over their
appearance.
This commit adds a new page, which appears after a user enters the name for
their new service. It shows how the service name will appear in emails and
text messages.
This means that the new service is not created until after they have confirmed
that the name is appropriate in context.
This has also involved:
- visual changes to the ‘email template’ pattern, which wasn’t very refined
before
- removing a bunch of words from the enter service name page, because most users
don’t read them, and we reckon that showing a preview is a better way of
getting them to understand what is meant by service name
Still to do:
- validating the the generated email address for a service is unique (on the
API) side
- having the API return the generated email address, rather than determining it
in the admin app
This commit adds a new page, which appears after a user enters the name for
their new service. It shows how the service name will appear in emails and
text messages.
This means that the new service is not created until after they have confirmed
that the name is appropriate in context.
This has also involved:
- visual changes to the ‘email template’ pattern, which wasn’t very refined
before
- removing a bunch of words from the enter service name page, because most users
don’t read them, and we reckon that showing a preview is a better way of
getting them to understand what is meant by service name
Still to do:
- validating the the generated email address for a service is unique (on the
API) side
- having the API return the generated email address, rather than determining it
in the admin app
The api has now has an user/<user_id>/email-code and user/<user_id>/sms-code
This commit requires an update to the python-client. Make sure the PR for that version has been merged first and the tag push using scripts/push_tag.sh
If you want to send yourself a test message from a template that has
placeholders you can’t, at the moment.
Rather than forcing you to upload a CSV, we should prefil the data, and then
you only need to upload a CSV if you want to customise it.
This commit adds a shortcut, which (in the background) does the creation and
uploading of a CSV file for you.
This enables users to send themselves a test message without having to fiddle
about with CSV files.
Since placeholders (almost) work now, it’s worth telling people what the syntax
is.
This commit also removes the ‘template type’ picker, since you can only create
SMS templates at the moment. This will be revisited when we start looking at how
you add an email template.
Since placeholders (almost) work now, it’s worth telling people what the syntax
is.
This commit also removes the ‘template type’ picker, since you can only create
SMS templates at the moment. This will be revisited when we start looking at how
you add an email template.
This commit extends the existing function to validate each row’s phone number
to also validate that all the required data is present.
It does this using the checking that the `Template` class can do when given
a template and a `dict` of values.
This commit adds a first stab at checking whether a CSV file has the right
data to fill the placeholders.
The UI is very much first bash, but I’d like to get this merged and see how it
feels. The main thing is that we’ve got all the bit in place now to do this
logic.
This commit brings in the `Template` util, added here:
https://github.com/alphagov/notifications-utils/pull/1
It also does a fair bit of tidying up, which I’ve unfortunately squashed into
this one massive commit. The main change is moving 404 handling into the
templates dao, so that every view isn’t littered with `try: … except(HTTPError)`.
It also adds new features, in a prototypy sort of way, which are:
- download a prefilled example CSV
- show all the columns for your template on the 'check' page
Since https://github.com/alphagov/govuk_template/pull/193 the Jinja version of
the GOV.UK Template is published with a `package.json`. This means
- we can consume it via NPM
- so we can get rid of Bower
Which is what this commit does.
https://www.pivotaltracker.com/story/show/113840073
Previously the forgot password page would give an error if you entered an email
address which didn’t belong to an account.
This would allow a potential attacker to know which email addresses were
registered.
This commit changes the response to always be the same, whether or not the email
address exists.
Also, this is a good read about the dangers of asserting whether a mocked method
was called: http://engineeringblog.yelp.com/2015/02/assert_called_once-threat-or-menace.html
