Commit Graph

4972 Commits

Author SHA1 Message Date
Chris Hill-Scott
f1126c8cbb Say ‘team members’ not ‘users’ for permissions
This is consistent with the language we use elsewhere.

Also removes the colon (it’s considered implicit in a form label).
2019-04-01 17:23:16 +01:00
Chris Hill-Scott
2c03771e9c Mark agreement signed by East Staffordshire 2019-04-01 10:17:00 +01:00
Leo Hemsted
53cdbad2cc make inbound search a POST
that way it doesn't expose PII to our logs
2019-03-29 15:16:29 +00:00
Tom Byers
c5208d712e Merge pull request #2876 from alphagov/stop-focus-overlap-alternative
Stop focus overlap - with support for caret focus
2019-03-27 14:54:09 +00:00
Chris Hill-Scott
a852b6ef07 Merge pull request #2879 from alphagov/use-client-request-fixture
Use `client_request` fixture where possible
2019-03-27 10:51:22 +00:00
karlchillmaid
151fa35e1e Merge pull request #2877 from alphagov/free-message-allowance-update
Update free text message allowance
2019-03-27 10:38:02 +00:00
Chris Hill-Scott
883b07e3f0 Use client_request fixture where possible
It:
- saves repetetive boilerplate code
- does some extra checks (eg checking for a `200` response)
- makes the codebase less confusing to consistently do the same thing in
  the same way
2019-03-26 16:38:00 +00:00
Leo Hemsted
f872294235 remove the remove-user get method
remove `confirm` from `confirm_remove_user_from_service` as there's
only one action now that the initial confirmation prompt takes place
on the edit permissions page
2019-03-26 15:52:37 +00:00
Leo Hemsted
f7f9dd8530 fix user permissions save button sometimes deleting
when you hit the delete button, it flashes the delete button and takes
you to the `/service/../user/../delete` url. If you then click the save
button, it would make a POST to the delete URL... and delete the user.

now the page stays on the edit url, but adds a `?delete=yes` query
string. The dangerous flash banner now has an action field which
defines where the browser will make the POST to (which remains at
/delete).
2019-03-26 15:52:37 +00:00
Chris Hill-Scott
59311e5eab Mark agreement signed by Angus Council 2019-03-26 14:46:06 +00:00
karlchillmaid
67e176133b Updated free text message allowance
Updated free text message allowance to make it clearer.

Added a link to full pricing information.

Ticket: https://www.pivotaltracker.com/story/show/163908166
2019-03-26 10:59:27 +00:00
Chris Hill-Scott
d693715516 Merge pull request #2875 from alphagov/set-service-count-as-live
Allow excluding services from live services count
2019-03-25 16:26:34 +00:00
Tom Byers
a426cae968 Remove overlap check for elements in sticky
Our sticky controls often contain focusable
elements.
2019-03-25 15:59:32 +00:00
Tom Byers
8ad4c5e6e1 Add separate overlap handling for textareas
Our textareas are multi-line and can change in
size based on their content.

Because of this, we need to check the caret for
overlapping, not the whole textarea.

This adds separate tracking for this.
2019-03-25 15:59:32 +00:00
Tom Byers
5ba2bd66e0 Revert "Merge pull request #2855 from alphagov/revert-2843-stop-sticky-overlapping-focus"
This reverts commit 0f9969989a, reversing
changes made to 42e3770e65.
2019-03-25 15:58:23 +00:00
Chris Hill-Scott
8fb576e60a Allow excluding services from live services count
Adds a front end for:
https://github.com/alphagov/notifications-api/pull/2417

> Sometimes we have to make a few services for what really is one
> service, for example GOV.UK Pay and GOV.UK Pay Direct Debit. We also
> have our own test services which aren’t included in the count of live
> services. We currently count these as one service by not including
> them in the beta partners spreadsheet.
2019-03-25 15:46:35 +00:00
Chris Hill-Scott
0f4fcafe59 Mark agreement signed by Sevenoaks District Council 2019-03-25 14:24:46 +00:00
Chris Hill-Scott
23bbfb955f Fix isort breaking things 2019-03-25 11:23:59 +00:00
Chris Hill-Scott
cff009bc0d Run isort 2019-03-25 11:23:58 +00:00
Chris Hill-Scott
9e27e4e510 Merge pull request #2869 from alphagov/update-dependencies
Update pyexcel, pyexcel-io and werkzeug
2019-03-25 11:16:45 +00:00
Chris Hill-Scott
db3cee63ba Update call to proxy fix to use new method signature
Old method:

```python
ProxyFix(app, num_proxies=1)
```
https://werkzeug.palletsprojects.com/en/0.14.x/contrib/fixers/#werkzeug.contrib.fixers.ProxyFix

This uses forwarded values for `REMOTE_ADDR` and `HTTP_HOST`.

New method:
```python
ProxyFix(app, num_proxies=None, x_for=1, x_proto=0, x_host=0, x_port=0, x_prefix=0)
```
https://werkzeug.palletsprojects.com/en/0.15.x/middleware/proxy_fix/#module-werkzeug.middleware.proxy_fix

Setting `x_for=1` preserves the same behaviour as `num_proxies=1`.
Setting  `x_proto=1` and `x_host=1` will cause `REMOTE_ADDR`,
`HTTP_HOST`, `SERVER_NAME` and `SERVER_PORT` to be forwarded.

So we will be forwarding `SERVER_NAME` and `SERVER_PORT` which we
weren’t before, but we think this is OK.
2019-03-25 11:03:48 +00:00
Chris Hill-Scott
50bb20ad32 Allow up to 20 domains per organisation
The most we have in the spreadsheet is 18
2019-03-22 16:27:30 +00:00
Chris Hill-Scott
8b81d3594a Prevent duplicate domains 2019-03-22 16:10:34 +00:00
Chris Hill-Scott
de68d720c7 Make all services for an organisation available to platform admin users 2019-03-22 14:23:25 +00:00
Chris Hill-Scott
eaa7af8692 Make navigating organisations a bit easier 2019-03-22 14:23:25 +00:00
Chris Hill-Scott
936883bf7b Allow editing of an organisation’s details
Adds a user interface for updating all the columns added in
https://github.com/alphagov/notifications-api/pull/2368

Sorry for the mega commit 😓
2019-03-22 14:23:24 +00:00
Katie Smith
c675925fd1 Upgrade pyexcel-io, which also upgrades Werkzeug
Upgraded pyexcel-io from 0.5.14 to 0.5.16. This change causes Werkzeug
to be upgraded from 0.14.1 to 0.15.1 which requires some changes:

* ProxyFix now needs to be imported from a different location
* The status code of RequestRedirect has changed from 301 to 308. Since
status code 308 is not currently supported on Internet Explorer with
Windows 7 and 8.1, this subclasses RequestRedirect to keep the status
code of 301.

changelog: https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-0
2019-03-22 14:18:44 +00:00
Pea (Malgorzata Tyczynska)
307e959fd6 Merge pull request #2862 from alphagov/show-templates-across-user-folders
When replying to inbound sms show templates in all user's folders
2019-03-22 14:15:13 +00:00
Katie Smith
fe86833549 Merge pull request #2850 from alphagov/add-folder-permissions-when-inviting-user
Set folder permissions when creating and accepting invites
2019-03-22 13:37:27 +00:00
Katie Smith
7654d3c5fd Send folders if inviting user for service without edit folder permissions
If a new user is being invited for a service which doesn't have edit
folder permissions turned on, we want to send all folders for that
service to api.
2019-03-22 13:29:13 +00:00
Pea Tyczynska
0743a68e09 Reflect template folder structure on inbound conversation reply page 2019-03-21 16:06:47 +00:00
Pea Tyczynska
3fc4f6866c When replying to inbound sms show templates in all user's folders 2019-03-21 16:06:47 +00:00
karlchillmaid
358b5054ad Correct typo and remove sub-heading
Correct typo in line 39

Remove sub-heading because it's probably not needed on the Letter validation preview page
2019-03-21 10:28:18 +00:00
Katie Smith
3fb752a009 Delete cached template-folders when adding user to service
The api endpoint to get all template folders also returns the users who
can see each folder.

We need to clear the template-folder cache when adding a user to a service so
that we are not using out of date data about who can see each folder.
2019-03-21 10:17:05 +00:00
Katie Smith
c39f6d49ea Set folder permissions when creating and accepting invites to services
Added a folder permissions form to the page to invite users to services.
This only shows if the service has 'edit_folder_permissions' enabled,
and all folder checkboxes are checked by default. This change means that
InviteApiClient.create_invite now sends folder_permissions through to
notifications_api (so invites get created with folder permissions).

Started passing the folder_permissions through to notifications-api when
accepting an invite. This changes UserApiClient.add_user_to_service to
send folder_permissions to notifications_api so that new users get folder
permissions when they are added to the service.
2019-03-21 10:17:05 +00:00
Katie Smith
782bd34394 Use folder_permissions in the InvitedUser model
We were already invitializing InvitedUser with folder_permissions
(defaulting to None), but this removes the default and adds
folder_permissions to the serialize method. Folder permissions should
now always be returned from api, either as an empty list or a list of
UUIDs.
2019-03-21 10:17:05 +00:00
Rebecca Law
15b74a74fb Merge pull request #2864 from alphagov/fix-delete-folder-with-permissions
Delete folder bug fix
2019-03-21 09:17:06 +00:00
Rebecca Law
980f75029f This is a fix for delete folder when the service has permission to edit folder permissions. 2019-03-20 17:04:44 +00:00
Chris Hill-Scott
0cc566a796 Mark agreement signed by Horsham Council 2019-03-20 16:20:58 +00:00
Chris Hill-Scott
e32f6a92c1 Merge pull request #2860 from fidejoseph/patch-8
Update email_domains.yml
2019-03-20 13:48:44 +00:00
Rebecca Law
42e63667f7 Updated copy on the page.
Added unit tests.
Added error when file is too big.
2019-03-20 11:31:29 +00:00
Pea Tyczynska
6925b36b27 Get templates from all folders a user can see 2019-03-19 17:54:44 +00:00
fidejoseph
118b6981f2 Update email_domains.yml
Onevoice Wales has been added
2019-03-19 16:34:15 +00:00
Rebecca Law
8fd5fa90ff Make the letter-validation-preview url public.
In the short term I have created a duplicate version of the letter-validation-preview so that people from a service can upload a pdf and see why the letter isnot validating.

It's hard to get a precompiled letter to validate when starting to integrate with Notify. This will return the overlay of the letter validation and is now available to the services.
At the moment they send us a PDF to upload.
This is temporary because there is a story to create a one-off flow to get this overlay, that will replace this page.

There is no navigation to this on purpose.
2019-03-19 16:00:15 +00:00
Pea (Malgorzata Tyczynska)
c994552fc2 Merge pull request #2856 from alphagov/edit-members-who-see-folder
Edit members who see folder
2019-03-19 14:11:59 +00:00
Pea Tyczynska
86d8464fa2 Show all users in folder viewing permissions, correct users checked 2019-03-18 17:58:53 +00:00
Pea Tyczynska
e85969f6fa Change folder viewing permissions from manage folder page 2019-03-18 17:52:02 +00:00
Tom Byers
4e7e934e25 Revert "Prevent sticky controls overlapping focus" 2019-03-18 16:38:49 +00:00
Tom Byers
1bdf79bd22 Merge pull request #2843 from alphagov/stop-sticky-overlapping-focus
Prevent sticky controls overlapping focus
2019-03-18 13:31:26 +00:00
Chris Hill-Scott
3b6af41660 Merge pull request #2830 from alphagov/put-current-branding-in-branding-request
Put current email branding in new branding request
2019-03-18 12:05:59 +00:00