Commit Graph

141 Commits

Author SHA1 Message Date
Chris Hill-Scott
fbd58ef1f8 Add separate messages for invited/team member
2 messages seems like a good idea.
2021-01-08 10:56:59 +00:00
Chris Hill-Scott
a68dfae5c2 Short circuit if team member is already invited
It would be confusing if people got invited twice, so let’s tell people
if someone’s has a pending invite.
2020-12-31 14:50:13 +00:00
Chris Hill-Scott
92c6cca6a1 Don’t populate invite with users from other orgs
We shouldn’t have a page where someone can look up any other user’s
email address based on their user ID.

We also don’t want a page where a malicious user could send someone an
link which would get them invited to the service.

Restricting the invite to be populated just from users in their own
organisation doesn’t mitigate against this stuff completely, but they
probably have a way of finding out the email address of someone in their
organisation already.
2020-12-31 14:47:00 +00:00
Chris Hill-Scott
deaf2059f5 Short circuit if already a team member
It would be confusing if people got invited twice, so let’s tell people
if someone’s already been invited.
2020-12-31 14:45:58 +00:00
Chris Hill-Scott
6edc356c22 Allow invite form to be pre-populated
At the moment users must be invited to join a service. But this means:
- users must know that a service already exists
- they need to know who to ask for an invite

If the user doesn’t know these thing then sometimes they just go ahead
and set up a new service. Which means they have to get all the way to
the point of requesting to go live before we tell them that there’s
already a service with a similar name or purpose.

So we should let users:
1. discover what other services exist in their organisation
2. apply to join a service
3. automatically notify the service managers of their interest
4. be invited by a service manager
5. accept the invite

This commit implements step 4. We can just link them to the invite form
in step 3., but we should make it easy for them to send the invite,
without having to copy and paste email addresses.

So this commit let the invite form be pre-populated with an existing
user’s email address.
2020-12-31 14:35:39 +00:00
Tom Byers
676a9297fe Merge pull request #3593 from alphagov/fix-link-and-button-text-across-pages
Fix link and button text across pages
2020-09-01 15:11:09 +01:00
Pea Tyczynska
e0faad6cea Only approved email domain users can be invited
to broadcast services. This is done to improve security.
2020-08-28 14:41:03 +01:00
Tom Byers
c12b7cbb5d Fix tests from changes to link text 2020-08-26 10:10:21 +01:00
Katie Smith
e3006f62b2 Ensure H2 headings follow H1 headings
We had some cases where an H3 heading followed an H1. This was flagged
as something to change in the accessibility report.
2020-08-21 16:52:35 +01:00
Katie Smith
895a9df55a Add confirmation banner when cancelling user invites
This shows the green banner with a tick when cancelling a user's
invitation to a service or organisation. The accessibility audit noted
that 'When cancelling an invite a new page loads, however, there is no
immediate indication that the invite has been cancelled.'

In order to display the invited user's email address as part of the
flash message, this adds new methods to the api clients for invites to get
a single invite.
2020-08-19 09:05:41 +01:00
Pea Tyczynska
39bc7cf721 Convert EmailFields to GovukEmailFields
Changes those fields (and sometimes also regular text input fields)
 in the following forms:
- LoginForm
- RegisterUserForm
- ChangeEmailForm
- FeedbackOrProblem
- AcceptAgreementForm
- ChangeNameForm (only name field here, but used in the same template
field as ChangeEmailForm here: app/templates/views/user-profile/change.html)

Also includes changes to templates that use this form
and associated tests.
2020-08-12 10:34:42 +01:00
Tom Byers
468a43bd68 Revert support for old user permissions params
The fields used for user permissions on
permissions forms were changed as part of the work
converting the checkboxes to GOVUK Frontend.

This removes code added to protect against a
situation where the server-side app was running
this updated code but clients were POSTing from
pages that were not, and so sending the old HTTP
params.
2020-07-31 15:40:12 +01:00
Tom Byers
e3c434bb8f Change permissions tests to support old API
User permissions were handled by a group of
BooleanFields but introducing the new checkboxes
changed this to just one field that stores its
data in a list.

It was mentioned in a comment that there could be
a situation, when the instances roll, where clients
are using the old fields but POSTing to a server
running the new code.

https://github.com/alphagov/notifications-admin/pull/3535#discussion_r460872903

This introduces tests for that situation.
2020-07-31 15:15:26 +01:00
Tom Byers
f322229614 Change tests to check permissions_field name
A comment on this group of changes mentioned the
'name' attribute of checkboxes for the
permissions_field should be checked as well as the
'value' attribute:

https://github.com/alphagov/notifications-admin/pull/3535#discussion_r460869797

This adds checks to support that point.
2020-07-31 15:15:16 +01:00
Tom Byers
e266b11ee2 Fix tests for pages using govukCheckboxField
These fields used to use govukCheckboxesField and
so stored their data in a list. They were since
migrated to govukCheckboxField, which extends
BooleanField and so keeps its data as a boolean
value.
2020-07-31 10:20:44 +01:00
Tom Byers
e3753ae623 Fix issues in tests from new fields 2020-07-24 11:34:02 +01:00
Chris Hill-Scott
94434b36e7 Only show relevant permissions on the team members page
Since users of broadcast services will always have the view dashboard
permission and never have the API keys permission we can hide these. And
we should re-label the permissions to make sense in the context of
broadcasting.
2020-07-14 09:46:55 +01:00
Chris Hill-Scott
72c1b3d8a1 Only show relevant user permissions for broadcast services
For services with the broadcast permission this hides:
- the ‘View dashboard’ permission (and defaults it to _checked_) because
  all users of broadcast services will need to see the dashboard
- the ‘Manage API keys’ permission (and defaults it to _not checked_)
  because we don’t offer an API integration for broadcast services yet
  – if we do we won’t want existing users to automatically get the
  permission

It relabels:
- the ‘Send’ permission to ‘Prepare and approve’ to match the current,
  slightly clunky language on the templates page
- the ‘Manage settings’ label to not refer to ‘usage’ because broadcast
  services won’t incur cost
2020-07-14 09:45:42 +01:00
Chris Hill-Scott
0f0b2dad3f Correct whitelist to non-government in test name
See c31264d4c for why ‘whitelist’ should be avoided. The use of
whitelist here was not referring to the user-maintained list, but to
mean ‘not a government’ email address. This commit renames these tests
to make that difference clear.
2020-06-12 10:28:08 +01:00
Tom Byers
f0f461f5c9 Revert "Change checkboxes to GOVUK frontend" 2020-05-14 16:59:34 +01:00
Tom Byers
c9420418b3 Fix issues in tests from new fields 2020-05-13 17:37:44 +01:00
Chris Hill-Scott
db2d312ba7 Link to ‘who it’s for’ when error creating account
If someone enters an email address from a domain we don’t recognise we
direct them straight to our support channel. This is causing increased
contact from suppliers and members of the public.

Now that we have a page which explains who can use Notify, let’s direct
people there first. Then if they really do need to contact support
(because we don’t recognise their organisation) then they can do so from
that page.
2020-03-26 14:55:51 +00:00
David McDonald
c248fee772 Add event for remove_user_from_service
Follows our existing patterns of events for managing users
2020-03-10 13:52:39 +00:00
Tom Byers
16c1c34588 Fix tests broken by changes to HTML 2020-02-25 10:52:03 +00:00
Tom Byers
5b306dde4d Revert "Convert all links to govuk frontend" 2020-02-24 11:56:38 +00:00
Tom Byers
12c30c47a5 Fix tests broken by changes to HTML 2020-02-20 09:11:26 +00:00
Katie Smith
dca6d1690f Use govuk-button in page footer component 2020-02-17 08:05:05 +00:00
Tom Byers
28140104f1 Fix python tests broken by cookie banner 2020-01-20 10:03:19 +00:00
Chris Hill-Scott
c4818eb7f2 Rename property on ModelLists
The property doesn’t represent the whole client, but just one method on
it. So this commit renames the property to better describe what it is
designed to store.
2020-01-16 16:31:20 +00:00
Leo Hemsted
66db735e09 Revert "Merge pull request #3238 from alphagov/cookies-update"
This reverts commit eec4bec761, reversing
changes made to 64480e2fff.
2020-01-15 14:40:48 +00:00
Tom Byers
eec4bec761 Merge pull request #3238 from alphagov/cookies-update
New cookies banner and page
2020-01-15 10:37:14 +00:00
Chris Hill-Scott
72eb6ef99a Fix session bug when changing user’s email address
The session key we use is global.

This means if you open the edit page for two different users in two
different tabs the session for the first tab is overwritten with the
session from the second tab. This means the two users are both set to
the same email address, which causes an exception (email addresses are
unique).

This commit fixes that bug by including the user ID in the session ID.
2020-01-13 12:03:39 +00:00
Tom Byers
beeb273d6c Fix python tests broken by cookie banner 2020-01-03 17:28:33 +00:00
Katie Smith
e4134072d9 Reduce the errors related to user fixtures
We were using user fixtures in a lot of parameterized tests, but this is
no longer allowed in Pytest 5. To avoid having to split up the parametrized
tests (which would make the test files a lot longer and slightly more
difficult to read) this commit creates functions which return various types
of user json so that we can use these as the test parameters instead.
2019-12-19 16:59:07 +00:00
Rebecca Law
18e3eb6b32 Update tests for content changes. 2019-09-23 13:22:28 +01:00
karlchillmaid
852699e3e8 Replace hasn't with has not 2019-09-23 13:22:26 +01:00
karlchillmaid
92343aa45e Update change links and headings (#3064)
* Update Settings titles
* Update Change links on settings
* Update Team members Change link
* Update Settings pages headings
2019-07-25 11:52:13 +01:00
Chris Hill-Scott
30eeaec154 Add autocomplete to email address on register form
GOV.UK Design System recommends:
> You should also set the autocomplete attribute to email. This lets
> browsers autofill the email address on a user’s behalf if they’ve
> entered it previously.

Only doing this on the register and sign in forms because it’s unlikely
to be helpful where a user is trying to enter someone else’s email
address.
2019-07-16 17:14:49 +01:00
Chris Hill-Scott
f34a252e72 Remove defaults from User model
the api always returns exactly:
```
id
name
email_address
auth_type
current_session_id
failed_login_count
logged_in_at
mobile_number
organisations
password_changed_at
permissions
platform_admin
services
state
```

it does this through `models.py::User.serialize` – there is an old
Marshmallow `user_schema` in `schemas.py` but this isn’t used for
dumping return data, only parsing the json in the create user rest
endpoint.

This means we can rely on these keys always being in the dictionary.
2019-06-05 14:55:43 +01:00
Chris Hill-Scott
628e344b36 Make user API client return JSON, not a model
The data flow of other bits of our application looks like this:
```
                         API (returns JSON)
                                  ⬇
          API client (returns a built in type, usually `dict`)
                                  ⬇
          Model (returns an instance, eg of type `Service`)
                                  ⬇
                         View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:

```
                         API (returns JSON)
                                  ⬇
    API client (returns a model, of type `User`, `InvitedUser`, etc)
                                  ⬇
                         View (returns HTML)
```

This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.

It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.

For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.
2019-06-05 11:13:41 +01:00
Chris Hill-Scott
8835486d4e Look in organisation for whitelisted domains
At the moment we have to update a YAML file and deploy the change to get
a new domain whitelisted.

We already have a thing for adding new domains – the organisation stuff.

This commit extends the validation to look in the `domains` table on the
API if it can’t find anything in the YAML whitelist.

This has the advantage of:
- not having to deploy code to whitelist a new domain
- forcing us to create new organisations as they come along, so that
  users’ services automatically get allocated to the organisation once
  their domain is whitelisted
2019-06-03 11:41:13 +01:00
Chris Hill-Scott
fd7a33d0a6 Remove folder permissions feature flag from team members 2019-05-17 14:08:01 +01:00
Alexey Bezhan
cab780b549 Remove edit_folder_permissions service setting (feature flag)
This removes the edit_folder_permission checks from the code, enabling
the folder permissions for all services.

This also fixes folder-related tests to set up appropriate user
permissions.

This should only be merged right after alphagov/notifications-api#2428,
when all other permission stories are done.
2019-05-17 11:20:16 +01:00
Chris Hill-Scott
81b299428f Add tests for editing folder permissions for platform admin users 2019-05-17 11:03:41 +01:00
Alexey Bezhan
5dbd229781 Hide template folder permission editing for platform admin users
Platform admin users can access all template folders, so the folder
permissions form always displays everything as checked for them,
which makes it look like the form isn't actually working. We could
do the check based on folder data, but the field still wouldn't
have any effect on permissions. So instead, we hide it completely
for platform admin users.

Submitting the form will remove any folder permissions from the DB
for the platform admin user (which can still be created by changing
permissions on the template folder 'Manage' page), but that's only
relevant if a user stops being a platform admin but keeps their
Notify services.
2019-05-17 10:46:56 +01:00
Katie Smith
d689b031a2 Allow non-gov email addresses to be changed to gov email addresses
When a user's email address is updated, we not allowing it to be changed
to a non-government email address. We now allow a non-gov email address
to be changed to another non-gov email address. Government email
addresses still cannot be changed to non-government email addresses.

Also fixes the link in the error message on the ChangeEmailAddress form -
this was being escaped before.
2019-04-25 10:36:04 +01:00
Katie Smith
88e9a0ff61 Add audit event when a service manager changes someones profile
We should audit when a service manager changes a user profile that is not
their own. This can be recorded in our events table, which is currently
only used to record successful logins.

This adds two new types of event, `update_user_email` and
`update_user_mobile_number` which store the
- browser fingerprint
- IP address
- user id of the user being updated
- user id of the service manager  making the change
- original email address and new email address (for `update_user_email`
events)
- original mobile number and new mobile number (for
`update_user_mobile_number` events)
2019-04-09 14:37:37 +01:00
Leo Hemsted
249b80762a add count of folders visible per user to the team members page
Shows a count of how many folders that user can see - this doesn't do
anything smart with parent folder stuff, it's just "how many checkboxes
are ticked on the edit page".

* doesn't show if service has no folders
* doesn't show if service hasn't got folder permissions enabled
2019-04-04 17:55:37 +01:00
Chris Hill-Scott
883b07e3f0 Use client_request fixture where possible
It:
- saves repetetive boilerplate code
- does some extra checks (eg checking for a `200` response)
- makes the codebase less confusing to consistently do the same thing in
  the same way
2019-03-26 16:38:00 +00:00
Leo Hemsted
f872294235 remove the remove-user get method
remove `confirm` from `confirm_remove_user_from_service` as there's
only one action now that the initial confirmation prompt takes place
on the edit permissions page
2019-03-26 15:52:37 +00:00