Commit Graph

240 Commits

Author SHA1 Message Date
Katie Smith
1b6c357dea Use new value of SMS_CHAR_COUNT_LIMIT from utils
Admin, API and utils were all defining a value for SMS_CHAR_COUNT_LIMIT.
This value has been updated in notifications-utils to allow text
messages to be 4 fragments long and notifications-admin now gets the value of
SMS_CHAR_COUNT_LIMIT from notifications-utils instead of defining it in
config.
2018-08-16 16:56:32 +01:00
Chris Hill-Scott
5a52eafb84 Fix ‘Back’ link from first step of fix one off
If you skip past the templates page (because you don’t have the edit
permission) but then click back you end up in a loop which redirects you
to the page you’re already on.

This commit makes sure that you’re sent back a step further, so you
don’t get stuck in that loop.
2018-08-10 09:16:18 +01:00
Chris Hill-Scott
dda93e64de Don’t show ‘use my …’ link to send-only users
Since they’re not going to be testing the content of the messages this
isn’t feature that they need.
2018-08-09 13:49:06 +01:00
Chris Hill-Scott
e34ca2a8ee Make it clear which template you’re sending
The one downside of skipping the template page is that you no longer
get such strong confirmation that you’ve picked the correct template.
You still see the preview of the template, but it’s further down the
page, and the name of the template has disappeared.

This commit adds the name of the template to the page title, to:
- have some continuity from the previous page
- make it easier to double-check you’ve chosen the correct template
2018-08-09 11:56:15 +01:00
Chris Hill-Scott
3bd62c2aef Offer link to upload
‘Upload recipients’ and ‘Send to one recipient’ have always been
slightly clunky phrases.

Now that basic view jumps straight into the ‘Send to one recipient’
flow there’s no way for users to get to the ‘Upload recipients’ flow.

By adding a link to it from the ‘Send to one recipient’ flow it’s
possible for users of basic view to access it.

But we don’t want to introduce too much inconsistency between basic view
and admin view because users will be migrating from one to another. They
might also be talking to their manager, who wouldn’t be able to tell
them where to click if they were looking at two completely different
interfaces.

This also means that we can keep the left-hand navigation in basic view
nice and simple with the two options (‘Templates’ and ‘Sent messages’),
rather than trying to introduce something like ‘Send one message’ and
‘Send lots of messages’ later on.
2018-08-09 11:56:13 +01:00
Chris Hill-Scott
1304561a70 Use service model to look up service attributes
This is better than just keying into the JSON because it means you get
an exception straight away when looking up a key that doesn’t exist
(which via mocking you could ordinarily miss).
2018-07-30 14:56:36 +01:00
Chris Hill-Scott
036923c382 Make a service model and use for permissions
Having the service floating about as JSON is a bit flakey. Could easily
introduce a mistake where you mistype the name of a key and silently
get `None`.

Also means doing awkward things like `if 'permission' in
current_service['permissions']`, whereas for users we can do the
much cleaner `user.has_permission()`.

So this commit:
- introduces a model
- adds a `.has_permission` method similar to the one we have for users
2018-07-30 14:56:36 +01:00
Katie Smith
a5124f4af1 Sanitise csv filenames before saving to S3
Commit 58cc1604a7 sanitises any non-ascii
characters in the headers. CSV filenames get used as a header value, so
this fixed a bug that occurred when non-ascii characters were used.

The CSV filename also gets used as part of the metadata when uploading
the file to S3. Since the S3 metadata can only contain ASII characters,
we also need to sanitise the filename before uploading it to S3.
2018-07-12 15:19:45 +01:00
Chris Hill-Scott
0018ecd765 Hide ‘Use my email address/phone number link’
This link is useful for people who are setting up templates and want to
test out how they look/how Notify works.

‘Caseworker’ users shouldn’t need to send themselves messages on a
regular basis, so this link is another thing we can take away.
2018-07-05 11:53:42 +01:00
Chris Hill-Scott
57ad1a0f7c Don’t send caseworkers back to template page
Caseworkers skip the template page in their message sending journey.
Instead they go straight from picking a template to the first step of
sending. So the ‘Back’ link should send them straight back to the
picking a template page, skipping the individual template page (which
they don’t have permission to view).
2018-07-05 11:53:42 +01:00
Chris Hill-Scott
4b37ca4021 Don’t duplicate columns in example spreadsheet
If a template has a placeholder like `((email address))` then the sample
spreadsheet and CSV file have the email column twice.

Trying to upload this spreadsheet will result in a ‘duplicate column’
error.

This commit fixes it so that the column will only appear once.
2018-06-08 13:28:02 +01:00
Chris Hill-Scott
77f2f27103 Refactor how we decide to set metadata
We want to set the metadata on a file when rendering the check page, but
not when rendering the preview of a letter. So let’s put the code that
does that only in the place where we’re rendering the check page. This
means not having to pass a variable around.

Refactoring only; no functional changes.
2018-05-11 08:46:42 +01:00
Chris Hill-Scott
a827f2e2b4 Remove redundant call to .get_template
Every call to the API is a blocking network request.
2018-05-10 17:02:41 +01:00
Chris Hill-Scott
3a471e2f61 Stop overwriting S3 metadata with empty filename
When you upload a CSV the check page takes the file name from the URL
and writes it to the S3 metadata for that file.

This also happens when you go to the .png version of this page.

The .png version of the page doesn’t have the filename in the URL. So it
re-writes the S3 metadata with an empty filename.

This means that all letter jobs sent recently have no file names. This
commit fixes this problem.
2018-05-10 17:01:03 +01:00
Leo Hemsted
78a6f86043 use service statistics endpoint instead of detailed service
we're not actually looking at the detailed service aspects - just
the stats. We're doing this in three places:

* dashboard
* notification activity page
* when checking jobs to see if we're over the daily limit

change these places to use a new api endpoint (service/id/statistics),
which hopefully be a little more performant, and will definitely be a
little more organised - moving away from generic endpoints with loads
of optional parameters.

We still need the detailed endpoints for the platform admin page tho.

Depends on https://github.com/alphagov/notifications-api/pull/1865
2018-05-09 14:00:24 +01:00
Leo Hemsted
09a8e863a4 in send flow replace suppress with try catch
suppress was suppressing 404 errors (the happy path) - but it was also
suppressing 503s from tests where we hadn't mocked endpoints
2018-05-03 16:33:32 +01:00
Chris Hill-Scott
054f75a8ed Don’t load the check page if a job exists already
If a user clicks ‘back’ once they’ve sent a job we don’t want them to
land on the ‘check’ page again. This would suggest that they can send
the same job again (they can’t because that `job_id` is in the database
already). That said, it’s confusing to see that page; the natural thing
is to go jump back another step, to where you uploaded the file.
2018-05-01 09:47:05 +01:00
Chris Hill-Scott
b44074bf3a Stop writing job metadata to the session
We’re not looking at the job metadata in the session any more (see
previous commits) so it’s safe to stop writing it.
2018-05-01 09:47:05 +01:00
Chris Hill-Scott
8c04f8f21a Stop checking the session to see if a file’s valid
We’re going to stop storing job metadata in the session. So we can’t
rely on it for checking whether a file is valid. That safeguard is
happening in the API instead now (because it’s looking at the metadata
stored in S3).
2018-05-01 09:47:04 +01:00
Chris Hill-Scott
98214884d3 Stop posting job metadata to the API
The API is looking at the S3 metadata for this information now, so
there’s no need for us to continue sending it through.
2018-05-01 09:47:04 +01:00
Chris Hill-Scott
ef4dd9d126 Add some breathing room to file name length limit
Because Amazon stores metadata keys prefixed with `x-amz-` which might
get counted as part of the size.
2018-04-30 11:44:00 +01:00
Chris Hill-Scott
bc8bc727f3 Limit length of filename
S3 has a limit of 2kb for metadata:

> the user-defined metadata is limited to 2 KB in size. The size of
> user-defined metadata is measured by taking the sum of the number of
> bytes in the UTF-8 encoding of each key and value.

– https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#object-metadata

This means we have a limit of 1870 bytes for the filename:
```python
encoded = 'notification_count50000template_id665d26e7-ceac-4cc5-82ed-63d773d21561validTrueoriginal_file_name'.encode('utf-8')
sys.getsizeof(b)
>>> 130
2000-130
>>> 1870
```

Or, in other words, ~918 characters:
```python
sys.getsizeof(('ü'*918).encode('utf-8'))
>>> 1869
```
2018-04-30 11:44:00 +01:00
Chris Hill-Scott
735d5f0a29 Remove redundant call to get_template
We’re getting the template just to get back its `id`, which is the one
thing we do know in order to get it.

The call to get template is still happening inside `_check_messages`, so
we’ll still catch someone trying to look at this page for a template
that doesn’t exist.
2018-04-30 10:06:51 +01:00
Chris Hill-Scott
66e6538d95 Store original filename as S3 metadata
By doing this we no longer have to store it in the session. This is the
last thing that’s currently in the session, so removing it means we can
drop session storage for file uploads entirely.
2018-04-30 10:06:33 +01:00
Chris Hill-Scott
e7e3b95fee Store info about files as S3 metadata
Storing things in the session is proving buggy – we still have one user
(that we know about) where the session data isn’t getting written, so
they’re blocked from uploading a file.

Since all the info we’re storing in the session is about the file, it
makes sense to store it with the file.

This commit only does the writing of the metadata, once we’re sure this
is working we can do subsequent work to read it back, and remove
reliance on the session.
2018-04-27 16:37:05 +01:00
Chris Hill-Scott
0b905249a7 Make send test letter preview use template ID
The check page expects template ID to be passed through in the URL not
the session now. The send test letter page wasn’t changed.

This commit changes it, and adds a test to make sure this path is
covered.
2018-04-04 17:10:22 +01:00
Chris Hill-Scott
b2722a0cd7 Put template_id back in the session
The start job endpoint needs the template ID in order to make the API
call.

It doesn’t make sense to add it to the start job URL, because users
could potentially start a job with the wrong template by hacking the URL
(which would blow up at some point, if the template didn’t match the
columns in the file).
2018-04-04 15:28:30 +01:00
Rebecca Law
fc846cf4a2 Merge pull request #2001 from alphagov/store-less-in-session
Stop storing `template_id` and `original_file_name` in session
2018-04-04 14:42:38 +01:00
Chris Hill-Scott
ba9935c49e Remove ‘check’ page’s reliance on session
A of this commit’s parent we are storing `template_id` and
`original_file_name` in the URL. Getting them from the URL is better,
so the check page no longer needs to look for them in the session. This
commit removes the code that looks for these values in the session.
2018-04-04 11:37:43 +01:00
Chris Hill-Scott
3dab34cd38 Store template ID and original file name in URL
At the moment you can’t press refresh on the check page if there’s
errors. This is because the session gets cleared when there’s errors.
This is a bad user experience.

The data that this page is relying on (from the session) is:
- template ID
- original file name

Neither of these things need to be in the session because:
- they are not secret
- the user can modify them already (by choosing a different template or
  renaming their file locally)

So this commit additionally stores them in the URL.
2018-04-04 11:30:27 +01:00
Leo Hemsted
0dabd4ffc0 remove any old file upload data on sign in
if a user signs in again, clear their file upload data from any
aborted journeys from before, so that their cookies don't fill up

also add some temporary logging when the session starts getting full.
2018-04-03 14:58:50 +01:00
Chris Hill-Scott
becee15e1e Add logging for session not being set bug
This is so we can be alerted to it before our users alert us to it.
2018-03-29 12:07:37 +01:00
Chris Hill-Scott
e74d261ec3 Don’t store info about bad uploads in session
Because we now[1] store info about each file upload separately in the
session the session isn’t overridden every time you upload a file. This
is good because you can do multiple file uploads idempotently.

Generally we are cleaning up after ourselves because we pop anything to
do with that upload from the session. However there is an edge case: if
you never send the file then the info about the file stays in the
session in perpetuity[2]. This is generally happening when people are
uploading files that are impossible to send, ie ones that have errors.

So this commit makes two changes:

1. remove info about a file upload from the session as soon as we know
   that it contains errors
2. `POST` reuploads to the same endpoint as initial uploads because
   otherwise we need to keep info about bad uploads in the session,
   which would prevent us from doing 1.

1. https://github.com/alphagov/notifications-admin/pull/1968
2. or at least until the session is cleared by the user logging out
2018-03-29 11:56:53 +01:00
Chris Waszczuk
5f65bb5e56 Merge pull request #1968 from alphagov/fixed-session-overriding-while-uploading-csvs-2
Fixed sessions overriding while uploading csvs
2018-03-20 13:45:33 +00:00
chrisw
287230acac fixed sessions overriding while uploading csvs 2018-03-20 12:15:17 +00:00
Chris Hill-Scott
5a2fafb66b Don’t validate phone numbers when sending emails
If you have a placeholder called `((phone number))` in your email
template, and you try to send a one-off message then the form input will
attempt to validate your ‘phone number’.

This is not helpful if you’re trying to put a landline number in your
email, for example.

This only affects messages being sent through the one-off interface.

This commit makes the form be aware of template type, which fixes the
problem.
2018-03-16 14:17:43 +00:00
Chris Hill-Scott
f6f5faa361 Bring in refactored CSV processing
Shouldn’t be any functional changes here, just things being named more
clearly.
2018-03-08 13:30:20 +00:00
Leo Hemsted
8acf5115d5 add restrict_admin_usage flag to more of the send flow 2018-03-06 13:08:07 +00:00
Leo Hemsted
3afc193624 remove any_ from has_permissions
we branch on any_ to either say "require ALL these permissions" or
"require ANY of these permissions". But we only ever call the decorator
with one permission, or with any_=True, so it's unnecessary
2018-03-06 13:08:07 +00:00
Leo Hemsted
4a08cf81e7 remove admin_override from all has_permissions usage
as previously pointed out, it's not used anywhere.
2018-03-06 13:08:07 +00:00
Leo Hemsted
3ae815528c add restrict_admin_usage arg to admin_override
rather than allow admins to do everything specifically, we should
only block them from things we conciously don't want them to do.
This is "Don't let platform admins send letters from services they're
not in". Everything else the platform admins can do.

This is step one, adding a restrict_admin_usage flag, and setting that
for those restricted endpoints around creating api keys, uploading CSVs
and sending one-off messages.

Also, this commit separates the two use cases for permissions:
* user.has_permission for access control
* user.has_permission_for_service for user info - this is used for
  showing checkboxes on the manage-users page for example

With this, we can remove the admin_override flag from the permission
decorator.
2018-03-06 13:08:06 +00:00
Leo Hemsted
09824078dd remove all instances of db style permissions
lots of renaming of send_texts/emails/letters to send_messages, and
manage_settings/users to manage_service
2018-03-06 13:08:06 +00:00
Chris Hill-Scott
a4424e999f Catch duplicate recipient columns in spreadsheets
If someone has duplicate recipient columns in their file we don’t know
which one to use. This commit adds an error message which should help
them fix the duplication.

This commit doesn’t go to the extra effort to actually show the
correct values for duplication in the preview. Don’t think it’s worth
the effort/complexity for how infrequently we’ve seen this error.

Depends on:
- [ ] https://github.com/alphagov/notifications-utils/pull/376
2018-03-02 13:18:04 +00:00
Chris Hill-Scott
aa7287bf64 Catch exceptions caused by ambiguous Excel files
Excel stores dates as floating point numbers, counting the days (or
fraction thereof) since 1900 (except when it counts from 1904).

However it also, incorrectly, recognises 1900 as a leap year. This means
that it’s ambiguous whether day 59 is February 28th, or February 27th,
depending if you’re counting up or down. In fact any number less than 60
is, therefore, ambiguous.

This shouldn’t really matter since no-one is going to be using dates in
the year 1900 in Notify messages. _Except_ when Excel misidentifies a
cell as containing a date. For example, if you have the number `9`
inside a cell, it means _house number 9_ if the next cell contains
_example_ street. but Excel is all like ‘oh they must want January 9th
1900!’ No. Bad Excel.

There’s not much we can do about this, but we can at least give people
an error message with the workaround, which is what this commit does.

Most of this commit message is paraphrased from:
http://xlrd.readthedocs.io/en/latest/dates.html
2018-02-28 15:09:55 +00:00
Chris Hill-Scott
f3a0c505bd Enforce order and style of imports
Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort
2018-02-27 16:35:13 +00:00
Chris Hill-Scott
072f8e0f87 Make row in URL match displayed row
Spreadsheets start at row 1 (the header row), and the values don’t start
until row 2. The row numbers in our URLs start at 0, which is a concept
that only makes sense to programmers.

It’s more predictable and consistent to make the number in the URL match
the row number displayed on the page when previewing the spreadsheet.
2018-01-15 14:45:38 +00:00
Chris Hill-Scott
ba0a010d64 Link each row in the spreadsheet
We’ve heard from some users, especially those sending letters, that
they’d like to check that a spreadsheet they’ve uploaded has populated
the template correctly.

My reckon is that seeing just one row of the spreadsheet populate the
template isn’t enough to give people confidence that everything’s
working properly.

This commit adds links to all but the currently-previewed row. Clicking
that link will populate the preview with values from that row. These
pages already exist; they were created in this PR:
https://github.com/alphagov/notifications-admin/pull/1696
2018-01-15 14:45:37 +00:00
Chris Hill-Scott
5f5dd3ac41 Rewrite check for row existence as conditional
Because exceptions can be expensive performance wise (see:
https://docs.python.org/3/faq/design.html#how-fast-are-exceptions).

Since we’re counting the number of rows anyway this doesn’t introduce
any performance overhead there. And I think it’s equally readable/same
number of lines of code.
2017-12-20 11:48:30 +00:00
Chris Hill-Scott
c3e2bce98b Add URLs for previewing all rows of a spreadsheet
We’ve heard from some users, especially those sending letters, that
they’d like to check that a spreadsheet they’ve uploaded has populated
the template correctly.

My reckon is that seeing just one row of the spreadsheet populate the
template isn’t enough to give people confidence that everything’s
working properly. So this commit is the first step towards being able
to preview an arbitrary row of a template, by extending the URL
structure to optionally accept a row number for pages or files (ie PNG)
that preview successfully uploaded spreadsheets.

What this commit doesn’t do is link to these pages; that will come as
part of a subsequent commit.
2017-12-20 11:15:38 +00:00
Chris Hill-Scott
587e18d2ef Lookup index, rather than iterating
Since instances of `Recipients` are now iterable we can just look up the
first row by index, rather than having to hit the rows property as a
generator.

There is a chance that there won’t be a first row, if the file has 1 or
fewer columns. So we still need to handle a possible exception (albeit
it a different one to before).
2017-12-20 11:15:37 +00:00