Fitt’s law[1] states that bigger click areas are quicker and easier for
people to click. Therefore we should make click areas as big as
possible, without being ambiguous about what the outcome of clicking
will be or increasing the potential for accidental clicks.
The click areas of the row numbers in the table were very small – this
commits makes them as big as the containing table cells.
Uses this technique to achieve the bigger click areas without disrupting
the layout:
http://authenticff.com/journal/css-pro-tip-expanding-clickable-area
1. https://en.wikipedia.org/wiki/Fitts%27s_law
We’ve heard from some users, especially those sending letters, that
they’d like to check that a spreadsheet they’ve uploaded has populated
the template correctly.
My reckon is that seeing just one row of the spreadsheet populate the
template isn’t enough to give people confidence that everything’s
working properly.
This commit adds links to all but the currently-previewed row. Clicking
that link will populate the preview with values from that row. These
pages already exist; they were created in this PR:
https://github.com/alphagov/notifications-admin/pull/1696
If you’ve got an inbound number and are using the API you’ll probably
be interested in this new feature we’ve got. And if you do know about
it, you might not be able to find it because we’ve moved it.
The letters notification page makes ajax calls to update the status - these
were failing because it's making a POST request without a CSRF token.
(The email and SMS notification pages contain a search form that includes
the hidden CSRF input, so this was only occurring with the letters
page.)
This commit adds a hidden form for the letters page which just contains
the CSRF token.
However, by default, session cookies don't expire (only cleared out by
the end user's browser).
This is dumb. You'd think, given that there's
`config['PERMANENT_SESSION_LIFETIME']`, that you'd enable permanent
sessions in the config too - but no, you have to declare it for each
request. session.permanent is also, helpfully, a way of saying that the
session isn't permanent - in that, it will expire on its own, as
opposed to being controlled by the browser's session. Because session
is a proxy, it's only accessible from within a request context, so we
need to set this before every request 🙄http://flask.pocoo.org/docs/0.12/api/#flask.sessionhttps://stackoverflow.com/questions/34118093/flask-permanent-session-where-to-define-them
VCAP_SERVICES is not set on PaaS if no services are bound to the
application, so we need to check for VCAP_APPLICATION to parse the
application name and environment.
We're no longer using user-provided services for application secrets
so we can remove the cloudfoundry_config code responsible for parsing
VCAP_SERVICES.
