Commit Graph

2879 Commits

Author SHA1 Message Date
Katie Smith
b5fa270cd2 Bump all test dependencies
This results in some new errors from flake8-bugbear:
```
B020: Loop control variable overrides iterable it iterates
```
I can't see an issue with the places that we do this, so have ignored
these warnings. If we keep getting these and they look fine, we can
create a global rule to ignore B020.
2022-04-06 12:17:09 +01:00
Ben Thorner
59f6b0b5d8 Replace "primary", etc. with "first", etc.
Using "primary" made sense when the other "secondary" provider was
new, but today we see them as equivalent and the terminology is a
bit confusing. In future we may add a third provider as well.
2022-04-05 15:55:06 +01:00
Ben Thorner
55e2a2f96b Stop reversing the order of SMS providers
This makes no functional difference but does make it easier to read.
2022-04-05 15:55:05 +01:00
Ben Thorner
9355c4f8d1 Only show active providers when changing priority
This fixes a bug where a third inactive provider would (potentially)
appear in place of one of the two active ones, depending on the order
of its identifier compared to the other two.

In future we may look at simplifying this to cope with more than two
active providers. For now, the existing UI will continue to work when
we add a new, inactive SMS provider for Reach.
2022-04-05 15:55:04 +01:00
Ben Thorner
332c240b01 Use "get_email_choices" directly in branding view 2022-03-30 17:46:44 +01:00
Ben Thorner
b4b1c91fb9 Remove redundant "something else" branding check
This is always allowed and there was no test for it.
2022-03-30 17:46:43 +01:00
Ben Thorner
1cc5413f96 Move and clarify "NHS_BRANDING_ID" constant
This is specific to email branding [^1]. Using the name to match
the current branding is more error-prone.

[^1]: a165f62b60
2022-03-30 17:46:41 +01:00
Ben Thorner
8f55972aae Split "get_available_choices" by branding type
We already had different functionality for email branding and will
soon be adding more for email branding pools.

Note that the "get_available_choices" class method was only used for
email branding - we can do it in the constructor for letters.
2022-03-30 17:46:39 +01:00
Ben Thorner
352cdb80fa Remove remaining uses of ChooseBrandingForm
This was missed in a previous commit.
2022-03-30 17:46:37 +01:00
Pea Tyczynska
7d5ca324d0 Merge pull request #4166 from alphagov/allow_user_delete_mobile_number
Let users on email auth delete their mobile numbers
2022-03-25 16:02:38 +00:00
Pea Tyczynska
99682db7bf Change conditional for consistency 2022-03-22 17:55:55 +00:00
Ben Thorner
d1d3a6a6c3 Merge pull request #4182 from alphagov/refactor-email-branding-181415991
First set of refactorings for branding
2022-03-22 13:43:10 +00:00
Ben Thorner
6a2367bb72 Merge pull request #4184 from alphagov/simplify-session-clear
Simplify "activate_user" to clear session earlier
2022-03-15 13:07:53 +00:00
Ben Thorner
f02c2b0b1d Rename other "Admin" forms consistently
I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.
2022-03-15 11:47:22 +00:00
Ben Thorner
a04ed3eca5 Use separate classes for branding option forms
These are about to become a lot less similar to each other when we
add email branding pools. Note that the optional *args and *kwargs
weren't used anywhere.
2022-03-15 11:47:15 +00:00
Ben Thorner
26d1222f1c Rename branding forms to clarify who they're for
I've often struggled to find the form associated with a particular
page due to the overlapping names e.g. "SetEmailBranding" sounds
more like the radio button form a user sees than "BrandingOptions".

Almost every form in forms.py also ends with "Form", so this also
makes the branding forms consistent with that naming convention.
2022-03-15 11:47:14 +00:00
Rebecca Law
de46fb6477 Merge pull request #4183 from alphagov/volume_reports
Report for total notifications sent per day for each channel.
2022-03-09 15:15:03 +00:00
Rebecca Law
c6e67d1690 Fix column names
Add unit test
2022-03-09 15:02:52 +00:00
Rebecca Law
971cb745c9 Report for total notifications sent per day for each channel.
Daily volumes report: total volumes across the platform aggregated by whole business day (bst_date)
Volumes by service report: total volumes per service aggregated by the date range given.

NB: start and end dates are inclusive
2022-03-07 14:30:11 +00:00
Ben Thorner
81d9c73543 Bump -utils to 55.0.0
This renames "delete_cache_keys_by_pattern" to match the new method
name, which will also catch exceptions if Redis is down [1].

Note that this also includes a change to RecipientCSV [2], which has
no effect because the new default is the same as the old behaviour.

[1]: https://github.com/alphagov/notifications-utils/pull/949
[2]: https://github.com/alphagov/notifications-utils/pull/947/files#diff-a8a994bf655634f89dc7439880708b4ff0d780ac1bd8033827d8aaa2692a8e0fR373
2022-03-07 13:53:57 +00:00
Ben Thorner
f827a825a1 Merge pull request #4180 from alphagov/dedup-something-else-181415991
Link directly to email branding "something else"
2022-03-07 11:33:11 +00:00
Ben Thorner
8d5974eb47 Simplify "activate_user" to clear session earlier
A snippet of old code [^1] in "activate_user" was forcing us to
keep "user_details" in the session until the very last moment with
a "try / finally" combo. But "activate_user" already knows the ID
of the user: it's the argument we pass to the function.

None of the functions called by "activate_user" require the session
to have that key either i.e. it's definitely redundant.

It's unclear if we need to pop the key from the session in both
"verify" methods - there are no tests covering this behaviour. For
now, we can at least make the flow clearer by adjusting where we do
the "pop" and the assignment.

[^1]: bbc7b173f0 (diff-d12384ece5ad90e9b66063fd3ab170453788d36b7e0babf49ee016f0a880f251L71)
2022-03-07 11:08:19 +00:00
Pea Tyczynska
ae4fc977c1 Apply suggestions from code review
Co-authored-by: Ben Thorner <benthorner@users.noreply.github.com>
2022-03-03 17:02:26 +00:00
Pea Tyczynska
8112930e24 Do not verify sms for pending users with email auth
This is to fix a bug where a user creates an account but doesn't
complete registration, then they are invited to a service that
changes their auth to email_auth, and then when they try to
complete registration they are still asked for sms code.

It should save users some pain, and reduce number of support tickets.
2022-03-03 17:02:26 +00:00
Pea Tyczynska
08f0393553 Allow platform admins to change user auth in the UI
So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.
2022-03-03 13:44:13 +00:00
Ben Thorner
33c6ca0989 Link directly to email branding "something else"
Previously we duplicated the "something else" email branding form
on its own page and embedded in the choices form (if it was the
only option). See [^1] for how this looks - it's inconsistent.

This DRYs-up the "something else" form by bypassing the choices
form when "something else" is the only option. I've also tweaked
the "Back" button to be consistent with this behaviour.

Making this change also simplifies the choices form, which we'll
be adding pool options to shortly. I'd like to make the letters
form consistent, but let's see how emails pan out first.

Note that the choices form will now show a single radio button if
"something else" is the only option. I think that's OK as nothing
will link to the page, and the form still works.

[^1]: https://github.com/alphagov/notifications-admin/pull/4163#issuecomment-1050088088
2022-03-03 10:18:58 +00:00
Ben Thorner
35e7e5e957 Downgrade error log for expected exception
Previously we weren't sure if the cause of this exception was what
the comment below suggested [1]. I've now verified this from:

        Letter not found for service 0bd1d970-f11c-40e1-8319-4baefe6239d7 and file aa07ed06-3161-4795-93b3-b45d7c576af9

I checked that aa07ed06-3161-4795-93b3-b45d7c576af9 exists already
as a notification i.e. the comment is correct and we're not sending
users to a 404 page. It's possible there are other scenarios where
the comment is wrong, but I don't think it's worth keeping the error.

[1]: https://github.com/alphagov/notifications-admin/pull/4159
2022-02-25 14:00:02 +00:00
Katie Smith
05b8fd7c01 Merge pull request #4163 from alphagov/branding-previews
Show a preview of GOV.UK and NHS email branding and apply straight away
2022-02-24 11:31:53 +00:00
Ben Thorner
f94c6ded5c Merge pull request #4158 from alphagov/catch-missing-recipient
Fix 500 error due to inconsistent recipient check
2022-02-24 10:17:03 +00:00
Ben Thorner
468e42a12e Merge pull request #4159 from alphagov/catch-missing-letter
Catch error if letter does not exist on send
2022-02-24 10:16:54 +00:00
Pea Tyczynska
e1d1c5c3f5 Let users on email auth delete their mobile numbers
Sometimes users ask us to delete their mobile numbers for them.

If those users are on email auth, they should be able to
delete their number themselves.

This will save them writing a support ticket and save us
going into the database.
2022-02-23 18:31:00 +00:00
Ben Thorner
3effb75045 Clarify purpose of file_id in redirects
In response to: [1].

[1]: https://github.com/alphagov/notifications-admin/pull/4159/files#r813050941
2022-02-23 17:25:35 +00:00
Katie Smith
5ada431da9 NHS and GOV.UK email branding pages now show preview and apply branding
The pages you were redirected to if you selected either GOV.UK branding
or NHS branding used to give information about the branding and have a
button that submitted a Zendesk ticket. Now, we show a preview of the
new branding and the button applies it.
2022-02-22 13:18:21 +00:00
Katie Smith
d75c1ea398 Split out the govuk and govuk_and_org branding templates
The `.email_branding_govuk` and `.email_branding_govuk_and_org` routes
shared a template since the content was the same - the only difference
was in the action of the button. However, since the pages will no longer
be so similar (e.g. the govuk page will show a preview) this splits them
up to use separate templates.

It may be the case that when the branding work is complete these pages
are fairly similar and we decided that one template between the two
endpoints is the best option again.
2022-02-22 11:39:53 +00:00
Ben Thorner
ebbfd20472 Make it easy to clear cache for all key formats
Having to submit the form for each choice separately slowed us down
during an incident where Redis was unavailable and came back with
stale data, which we had to clear manually.

Note: we don't want to use the "flush" feature in case there are other
keys in Redis, which may not be safe to remove.
2022-02-21 15:09:03 +00:00
Ben Thorner
8396412ce1 Report all cache keys that were deleted
This will make it easier to add another test / feature to clear all
the cache keys. It's debatable which of "sum" and "max" is useful:

- "max" is a better (although still not accurate) indicator of the
number of "things" affected e.g. templates, services, etc.

- "sum" makes sense in places where "max" doesn't e.g. when we clear
the "organisations" group, which doesn't equate to individual orgs.

Using "sum() ... across" seems like a reasonable compromise and makes
it clear that we're iterating over different kinds of keys.

While the pluralisation is nice, I don't think it's worth the effort
to make it work for both "object(s)" and "format(s)".
2022-02-21 14:11:49 +00:00
Ben Thorner
4fef2861c6 Catch error if letter does not exist on send
This repeats the pattern we already have for previewing a letter,
where we assume the error is because the notification has already
been sent and redirect the user to see it.

I've improved the original pattern a bit:

- I've DRYed-up the low-level boto code and moved the error handler
there so it can be reused.

- I've introduced a custom exception, which the calling code can
choose to log.

- I've introduced the moto library, which we use elsewhere, to make
it easier to test S3 code.

I've used an error level log when sending a notification - now that
we have a more descriptive log, we can verify the assumption is true
and then make an informed decision to downgrade the log.

In future we may want to merge this handler with the similar code
in utils [1], but we'll need to be careful as the utils handler is
superficial - it doesn't check the reason for the error.

[1]: bce0f4e596/notifications_utils/s3.py (L52)
2022-02-18 14:52:27 +00:00
Ben Thorner
a30a317153 Fix 500 error due to inconsistent recipient check
This strengthens the initial check of what's in the session to make
sure it contains some kind of recipient. Without this, we get:

    Traceback (most recent call last):
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/flask/app.py", line 1950, in full_dispatch_request
        rv = self.dispatch_request()
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/flask/app.py", line 1936, in dispatch_request
        return self.view_functions[rule.endpoint](**req.view_args)
      File "/home/vcap/app/app/utils/user.py", line 26, in wrap_func
        return func(*args, **kwargs)
      File "/home/vcap/app/app/main/views/send.py", line 1041, in send_notification
        recipient=session['recipient'] or InsensitiveDict(session['placeholders'])['address line 1'],
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/notifications_utils/insensitive_dict.py", line 41, in __getitem__
        return super().__getitem__(self.make_key(key))
    KeyError: 'addressline1'

I'm not sure how to reproduce this, but this should at least give
the user a better experience, instead of a 500 page.
2022-02-18 12:44:01 +00:00
Chris Hill-Scott
6fe766ffaf Merge pull request #4152 from alphagov/bump-utils-53
Bump utils to 53.0.0
2022-02-08 09:56:15 +00:00
Chris Hill-Scott
61660134ff Bump utils to 53.0.0
Changes:

53.0.0
---

* `notifications_utils.columns.Columns` has moved to
  `notifications_utils.insensitive_dict.InsensitiveDict`
* `notifications_utils.columns.Rows` has moved to
  `notifications_utils.recipients.Rows`
* `notifications_utils.columns.Cell` has moved to
  `notifications_utils.recipients.Cell`

52.0.0
---

* Deprecate the following unused `redis_client` functions:
  - `redis_client.increment_hash_value`
  - `redis_client.decrement_hash_value`
  - `redis_client.get_all_from_hash`
  - `redis_client.set_hash_and_expire`
  - `redis_client.expire`

51.3.1
---

* Bump govuk-bank-holidays to cache holidays for next year.

51.3.0
---

* Log exception and stacktrace when Celery tasks fail.
2022-02-04 10:43:36 +00:00
Katie Smith
a7a593fd8b Make separate endpoints for GOV.UK email branding options
The endpoint to change the email branding to "GOV.UK" branding and
"GOV.UK and organisation" branding was the same but with a query string
used to determine which of the two options had been selected. This makes
them two separate endpoints, which makes the code a bit simpler and
hopefully means there is less chance of things not working as expected.
2022-02-03 11:31:25 +00:00
Katie Smith
194fec9009 Remove old branding URLs
We've changed the URLs for these endpoints but needed to keep the old
URLs in place in addition to the new URLs in case anyone was in the
middle of changing their branding as the change was being deployed.
We can now safely remove the old URLs.
2022-02-03 11:03:16 +00:00
Katie Smith
c5db847543 Change both existing branding URLs
This changes the URLs for someone to request new email or letter
branding to match the new URLs we've agreed for the new email branding
changes. The old URLs are still in place for now too to keep backwards
compatibility.
2022-02-03 09:59:21 +00:00
Katie Smith
f92167de71 Only show branding description pages if branding allowed for service
It shouldn't be possible to view the page to confirm that you want a
particular type of email branding if that branding is not allowed for
your service. Although we don't show banned branding options on the
branding form, it would have been possible to visit the relevant URLs
directly.

We now give a `404` status page if you visit a page to select branding
that isn't allowed.
2022-02-03 09:59:21 +00:00
Katie Smith
92f76638c8 Split up email branding form into separate pages
We were showing the form to request email branding with a button which
submits your choice immediately. Now, we only submit the form
immediately if "Something else" is the only branding option available to
you. If you select any other radio button (or select "Something else"
when it's not the only option) we take you to another page which either
contains more information or a textbox to fill in the details for the
branding you want.

There is currently some duplication between the new pages and their
tests, but these will be changed in future versions of the work so will
start to differ more.
2022-02-03 09:59:21 +00:00
Katie Smith
d4454a982d Split branding-options.html into two
This splits the template into separate templates for emails and letters
since the journey for email branding is about to change.
2022-02-03 09:59:21 +00:00
Katie Smith
4226193346 Split up the branding_request endpoint
The endpoint used to handle both email and letter branding, but this
replaces `.branding_request` with `.email_branding_request` and
`.letter_branding_request` instead. This is in preparation for changing
how email branding works.

The `from_template` arg was only possible for letter branding, so I've
removed that from the `.email_branding_request` endpoint.
2022-02-03 09:59:21 +00:00
Rebecca Law
453a1a699f Merge pull request #4107 from alphagov/mark-letter-invalid-if-over-10-sheets-169209742
Show validation-failed status for templated letters over 10 pages
2022-02-02 07:58:34 +00:00
Pea Tyczynska
ffb8549a21 Merge pull request #4137 from alphagov/rename_column_in_billing_report
Rename sms_fragments to sms_chargeable_units
2022-02-01 17:01:03 +00:00
Pea Tyczynska
9862acd7ee Hint that report is inclusive of both start date and end date
Bu changing labels for date input fields.
2022-02-01 16:48:05 +00:00