Commit Graph

3593 Commits

Author SHA1 Message Date
Chris Hill-Scott
9dfa48cfdd Don’t treat letters as a special case
This conditional comes from before we launched the letters feature.
Since we were only giving the letters permission to teams that we were
inviting, we didn’t want to confuse new users by mentioning letters.

Nowadays all new services will have the letters permission, so this
check is redundant.
2020-07-14 15:00:57 +01:00
Chris Hill-Scott
008e4befb4 Add ‘no templates’ message for broadcast services
This shouldn’t talk about emails, text messages or letters.
2020-07-14 14:59:46 +01:00
Tom Byers
2b49e5eb7c Make tests work with new template list HTML
Adds the extra text added to each checkbox label.
It's a copy of the text of the link in the same
list item which does add a lot of duplication to
the test data.

This reformats a lot of the test data, stacking it
to separate out the duplicate items.
2020-07-14 10:41:09 +01:00
Tom Byers
05088037d2 Fix issues in tests from new fields 2020-07-14 10:41:09 +01:00
Chris Hill-Scott
94434b36e7 Only show relevant permissions on the team members page
Since users of broadcast services will always have the view dashboard
permission and never have the API keys permission we can hide these. And
we should re-label the permissions to make sense in the context of
broadcasting.
2020-07-14 09:46:55 +01:00
Chris Hill-Scott
72c1b3d8a1 Only show relevant user permissions for broadcast services
For services with the broadcast permission this hides:
- the ‘View dashboard’ permission (and defaults it to _checked_) because
  all users of broadcast services will need to see the dashboard
- the ‘Manage API keys’ permission (and defaults it to _not checked_)
  because we don’t offer an API integration for broadcast services yet
  – if we do we won’t want existing users to automatically get the
  permission

It relabels:
- the ‘Send’ permission to ‘Prepare and approve’ to match the current,
  slightly clunky language on the templates page
- the ‘Manage settings’ label to not refer to ‘usage’ because broadcast
  services won’t incur cost
2020-07-14 09:45:42 +01:00
Chris Hill-Scott
c17db333d3 Hide email, text message and letter settings
Services with the broadcast permission won’t be able to send emails,
text messages or letters. So we should avoid confusion by removing any
reference to these things.
2020-07-13 09:59:05 +01:00
Chris Hill-Scott
97aca503f7 No emails, texts or letters for broadcast services
To make the interface as simple as possible we don’t want to mix up
sending other types of communication where services have the broadcast
permission.

This commit removes the other permissions once a service has been given
the broadcast permission by a platform admin user.
2020-07-13 09:58:58 +01:00
Chris Hill-Scott
2a62ba9cbb Redirect to ‘view’ page after cancelling
This is better confirmation of your action than the dashboard, because
everything will stay the same except the thing you’ve just done.
2020-07-10 15:56:07 +01:00
Chris Hill-Scott
15611d67d3 Remove ‘Stop’ links from dashboard
Now you have to click in to cancel a broadcast instead.
2020-07-10 15:55:52 +01:00
Chris Hill-Scott
7d6dffc098 Add a page to view a single broadcast
This commit adds a page to view a single broadcast. This is important
for two reasons:
- users need an audit of what happened when, and who else was involved
  in approving or cancelling a broadcast
- we need a place to put actions (approving, cancelling) on a broadcast
  so that you can confirm details of the message and the areas before
  performing the action
2020-07-10 15:55:05 +01:00
Chris Hill-Scott
3136d1a33b Implement sorting
Shows the broadcasts with the longest time still to live at the top. At
the moment this will be the same as the newest broadcasts, so we may
want to revisit this sort order when we have broadcasts of variable
duration.

For no-longer-live broadcasts we show the most-recently-finished at the
top, whether it finished naturally or was cancelled.
2020-07-10 09:57:06 +01:00
Chris Hill-Scott
44e177b402 Allow broadcasts to be cancelled
Currently this is a `get` request from the dashboard. Once we have a page
for viewing an individual broadcast it should probably show there
instead and be a `get`/confirm/`post` loop like for deleting a template.
2020-07-10 09:57:06 +01:00
Chris Hill-Scott
6b822f9fde Add broadcasts to the dashboard
Shows current and previous broadcasts. Does not add a page for viewing
an individual broadcast.

Broadcasts are split into live and previous.

Draft broadcasts are excluded from the dashboard.
2020-07-09 16:32:15 +01:00
Chris Hill-Scott
effe24893e Make the broadcast flow talk to the API
This commit removes the code the puts areas into the session and instead
creates and then updates a draft broadcast in the database.

This is so we can avoid session-related bugs, and potentially having a
large session when we start adding personalisation etc.

Once a broadcast is ready to go it is set to `broadcasting` straight
away with no approval. We’ll revisit this as we learn more about how
users might want to manage who can create and approve broadcasts.

The tests are a bit light in terms of checking what’s on the page, but
clicking through the pages is probably good enough for now.
2020-07-09 14:31:12 +01:00
Chris Hill-Scott
ea1c9f4059 Merge pull request #3509 from alphagov/fix-broadcast-library-examples
Fix examples on choose broadcast library page
2020-07-08 16:22:44 +01:00
Chris Hill-Scott
11032a1e7a Fix examples on choose broadcast library page
It should be `.get_examples()` (a method) not `.examples` (a property)
but Jinja swallows the error and prints nothing.
2020-07-08 16:02:16 +01:00
Chris Hill-Scott
60f9ea5f9c Hide template ID and redaction for broadcast templates
We’re not going to have an API for sending broadcasts at the moment, so
you don’t need the template ID for anything.

Broadcast also won’t contain personal information, or tokenised links,
etc, so there’s no need to redact them after sending.

Removing this things means the interface is less cluttered.
2020-07-08 15:49:32 +01:00
Chris Hill-Scott
653b6b3601 Fix test broken by merging
The test came from one branch, the correct value came from another.
2020-07-08 15:12:29 +01:00
Chris Hill-Scott
641bd41f8f Merge pull request #3506 from alphagov/broadcast-dashboard
Add a dashboard for broadcast services
2020-07-08 14:59:30 +01:00
Chris Hill-Scott
dd45fb99c6 Merge pull request #3505 from alphagov/broadcast-navigation
Hide irrelevant things from nav for broadcast services
2020-07-08 14:59:25 +01:00
Chris Hill-Scott
5c52d3c362 Redirect from normal dashboard to broadcast dashboard
There are lots of places where we redirect people to the dashboard, for
example after logging in. Rather than add logic to all these places to
check for the broadcast permission, let’s just redirect from the normal
dashboard to the broadcast dashboard.

Other places like the main navigation can still link directly to the
broadcast dashboard, where we do care about speed and not going through
multiple redirect jumps.
2020-07-08 14:18:13 +01:00
Chris Hill-Scott
6ec9a25dd1 Add a dashboard for broadcast services
This is just a placeholder for now
2020-07-08 14:18:13 +01:00
Chris Hill-Scott
29ad5cf510 Add a form for choosing areas
Picking multiple areas at once definitely feels like a need, so let’s
make them checkboxes.
2020-07-08 10:28:04 +01:00
Chris Hill-Scott
d0d3fc6857 Add a map
So you can check you’ve chosen the right areas, and to give you a clear
idea of where the boundaries of an area are.

The Javascript and CSS for the map is only loaded on this page because
it adds quite a few kb, and we don’t want to be sending assets to the
majority of our users who will never see them.
2020-07-08 10:27:50 +01:00
Chris Hill-Scott
18d464d4f0 Add some views for selecting broadcast areas
These are just so we have some pages to click through for now. They
don’t use real templates, or any of the broadcast stuff from the
database.

But I think it’s useful to get some skeleton pages in first so that we
can see the map etc working in production, then build on that, without
having to do it all in one mega PR.

For that reason there are two short term things I’ve done in this commit
which should be revisited soon:
- no tests for the endpoints
- data about which areas are selected is stored in the session
2020-07-08 10:27:42 +01:00
Chris Hill-Scott
59470e9d6d Hide irrelevant things from nav for broadcast services
Services doing broadcasts wont:
- incur costs, so don’t need to see the usage page
- be sending anything by uploading, so don’t need to see the uploads
  page
- (for now) be sending anything using the API, so don’t need to see the
  API integration page
2020-07-08 09:57:32 +01:00
Chris Hill-Scott
c4458efa21 Bump utils to 40.2.1
Brings in:
- re-usable `SerialisedModel`
- speed improvements to processing CSVs against email templates

I chose not to rename `JSONModel` or `ModelList` to keep the diff nice
and small.
2020-07-06 09:39:54 +01:00
Chris Hill-Scott
98eb3c61f6 Merge pull request #3498 from alphagov/add-broadcast-template
Allow adding broadcast templates
2020-07-06 09:06:16 +01:00
Chris Hill-Scott
e832d18002 Make error message specific to template type 2020-07-03 15:46:00 +01:00
Chris Hill-Scott
f3115c0cea Remove redundant line 2020-07-03 14:52:38 +01:00
Chris Hill-Scott
dd2b737d24 Use service_has_permission decorator on inbox
This proves that the decorator works, because the inbox code is already
tested:
bad1e69cc3/tests/app/main/views/test_dashboard.py (L353-L367)
2020-07-03 10:12:55 +01:00
Pea Tyczynska
e1f1f2a9c2 When changing service name, use organisation of the service for hint
text if available. If service is not attached to any organisation yet,
use default org for the user.
2020-07-02 12:01:48 +01:00
Chris Hill-Scott
724e8d1838 Make it possible to preview a broadcast template
At the moment this won’t look like much, but it will let us do an
end-to-end run of adding a broadcast template.

At the moment all you can do with a broadcast template is edit it, so
there’s no ‘Send’ link on the page.
2020-07-01 17:49:55 +01:00
Chris Hill-Scott
154d4bdb85 Allow adding broadcast templates
At the moment the page is the same as for text message templates,
except:
- different H1
- no guidance about personalisation, links, etc (until we decide how
  these should work)

For now you won’t be able to really create a broadcast template, because
the API doesn’t support it (the API will respond with a 400). But that’s
OK because no real services have the broadcast permission yet.

This required a bit of refactoring of how we check which template types
a service can use, because there were some hard-coded assumptions about
emails and text messages.
2020-07-01 17:17:46 +01:00
Pea Tyczynska
b3bc3a6447 Write test for separate page for service name change for local orgs
Also make a bullet list gov uk style
2020-07-01 14:57:45 +01:00
Pea Tyczynska
d0dd6218f7 Show different page for local org users when adding new service 2020-07-01 14:57:44 +01:00
Tom Byers
a381c6d37d Add test for local auth' version of add-service 2020-07-01 14:57:43 +01:00
Leo Hemsted
8b3aa43101 add broadcast service permission 2020-06-30 13:06:26 +01:00
Chris Hill-Scott
c98d21da12 Merge pull request #3491 from alphagov/platform-admin-services-layout
Platform admin services layout
2020-06-29 16:22:16 +01:00
Chris Hill-Scott
fb4076dc5b Don’t break statistics down by sending/failed/delivered
This should:
- make the page load faster because it has to render less HTML for each
  service
- make the page easier to scan for services that are sending lots of
  text messages or letters

We used to scan this page to look for services with high failure rates,
and the design of the page was gear towards this. Now we have alerting
for high failure rates, so the page can focus on volumes instead.

This commit also puts the service name above the statistics, so that
long service names don’t break the layout of the page.
2020-06-24 11:45:32 +01:00
Chris Hill-Scott
37673bce32 Merge pull request #3490 from alphagov/remove-letter-contact-block-field
Stop expecting letter contact block in service JSON
2020-06-24 09:17:17 +01:00
Chris Hill-Scott
45697aac43 Stop expecting letter contact block in service JSON
We’re removing it for performance reasons.

This means removing the old pages that edited the letter contact block
when it was stored directly on the service, rather than the current
model where a service can have multiple contact blocks.
2020-06-23 08:13:52 +01:00
Chris Hill-Scott
51e99bd828 Ask API for less detailed JSON for all templates
This should speed things up by:
- less time waiting for big blobs of JSON to come from Redis or the API
- less time spent deserialising big blobs of JSON
2020-06-19 10:32:44 +01:00
Chris Hill-Scott
972ba9e3da Remove term ‘blacklist’ from codebase
‘Commonly used passwords’ is more specific, and avoids the terminology
‘blacklist’ which the National Cyber Security Centre explain to be
problematic:

> It's fairly common to say whitelisting and blacklisting to describe desirable and undesirable things in cyber security. For instance, when talking about which applications you will allow or deny on your corporate network; or deciding which bad passwords you want your users not to be able to use.
>
> However, there's an issue with the terminology. It only makes sense if you equate white with 'good, permitted, safe' and black with 'bad, dangerous, forbidden'. There are some obvious problems with this. So in the name of helping to stamp out racism in cyber security, we will
> avoid this casually pejorative wording on our website in the future. No, it's not the biggest issue in the world - but to borrow a slogan from elsewhere: every little helps.

– https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
2020-06-16 18:07:47 +01:00
Chris Hill-Scott
0f0b2dad3f Correct whitelist to non-government in test name
See c31264d4c for why ‘whitelist’ should be avoided. The use of
whitelist here was not referring to the user-maintained list, but to
mean ‘not a government’ email address. This commit renames these tests
to make that difference clear.
2020-06-12 10:28:08 +01:00
Chris Hill-Scott
16cc640822 Rename API client methods to remove term ‘whitelist’
See c31264d4c for rationale. To avoid confusion the codebase should use
the same terminology as the UI.
2020-06-12 10:27:18 +01:00
Chris Hill-Scott
23f9728108 Rename endpoint to remove term ‘whitelist’
See c31264d4c for rationale. To avoid confusion the codebase should use
the same terminology as the UI.
2020-06-12 10:26:59 +01:00
Chris Hill-Scott
c31264d4c9 Rename ‘whitelist’ to ‘guest list’ in UI
This commit changes all the places where a user would see the term
‘whitelist’ in the content of page to say guestlist instead.

We’re removing the term ‘whitelist’ for two reasons. The first reason
is that we agree with the National Cyber Security Centre say:

> It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security. For instance, when
> talking about which applications you will allow or deny on your
> corporate network; or deciding which bad passwords you want your users
> not to be able to use.

> However, there's an issue with the terminology. It only makes sense if
> you equate white with 'good, permitted, safe' and black with 'bad,
> dangerous, forbidden'. There are some obvious problems with this. So
> in the name of helping to stamp out racism in cyber security, we will
> avoid this casually pejorative wording on our website in the future.
> No, it's not the biggest issue in the world - but to borrow a slogan
> from elsewhere: every little helps.

– https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white

The second reason is that we’ve observed some users think that they have
to put recipients in the whitelist even when they’re already with in the
team. We think that the term ‘whitelist’ might be reinforcing this
mental model because of how ‘whitelists’ might work in other
applications.

We considered the following alternatives or concepts:
- Development
- Recipients
- Sandbox
- Extended team
- Smoke test recipients
- Allowed
- Nominated
- Bonus
- Additional
- Safe
- Team list
- Trusted contacts
- Designated people
- Guest list
- Team key list

We also considered not giving it a name, and explaining it as a nuance
of how the team key works. After mocking this up it felt more disjoined.
We think it’s still useful for the thing to have a name so that it’s
easy to refer to between the docs and the UI.

We like the term ‘guest list’ because:
- of how it sits with team members – members and guests in the abstract
- a guest list is a concept that a lot of people will be familiar with
  – a list of people who can access a thing
- ‘guest’ is very different to ‘recipient’ – we want to mitigate any
  confusion between this and the (emergency) contact lists
2020-06-12 09:56:31 +01:00
karlchillmaid
14cb386279 Merge pull request #3471 from alphagov/update-permanent-failure-error-message-content
Update permanent failure error message content
2020-06-10 17:02:27 +01:00