Commit Graph

3834 Commits

Author SHA1 Message Date
Ben Thorner
a04ed3eca5 Use separate classes for branding option forms
These are about to become a lot less similar to each other when we
add email branding pools. Note that the optional *args and *kwargs
weren't used anywhere.
2022-03-15 11:47:15 +00:00
Ben Thorner
26d1222f1c Rename branding forms to clarify who they're for
I've often struggled to find the form associated with a particular
page due to the overlapping names e.g. "SetEmailBranding" sounds
more like the radio button form a user sees than "BrandingOptions".

Almost every form in forms.py also ends with "Form", so this also
makes the branding forms consistent with that naming convention.
2022-03-15 11:47:14 +00:00
Chris Hill-Scott
9a1a328aca Format auth_type in a consistent way in the UI
On the ‘find user’ page it says ‘sms_auth’ instead of ‘Text message
code’.

This commit fixes that, and adds a handy formatter so it’s easier to do
the right thing in the future.
2022-03-14 14:55:31 +00:00
Ben Thorner
34c2c3b47c Merge pull request #4176 from alphagov/replay-falsey-values
Replay falsey values in input fields
2022-03-14 09:53:02 +00:00
Rebecca Law
de46fb6477 Merge pull request #4183 from alphagov/volume_reports
Report for total notifications sent per day for each channel.
2022-03-09 15:15:03 +00:00
Rebecca Law
c6e67d1690 Fix column names
Add unit test
2022-03-09 15:02:52 +00:00
Rebecca Law
971cb745c9 Report for total notifications sent per day for each channel.
Daily volumes report: total volumes across the platform aggregated by whole business day (bst_date)
Volumes by service report: total volumes per service aggregated by the date range given.

NB: start and end dates are inclusive
2022-03-07 14:30:11 +00:00
Ben Thorner
81d9c73543 Bump -utils to 55.0.0
This renames "delete_cache_keys_by_pattern" to match the new method
name, which will also catch exceptions if Redis is down [1].

Note that this also includes a change to RecipientCSV [2], which has
no effect because the new default is the same as the old behaviour.

[1]: https://github.com/alphagov/notifications-utils/pull/949
[2]: https://github.com/alphagov/notifications-utils/pull/947/files#diff-a8a994bf655634f89dc7439880708b4ff0d780ac1bd8033827d8aaa2692a8e0fR373
2022-03-07 13:53:57 +00:00
Ben Thorner
21452649fd Fix ignoring submitted data that was falsey
This was causing some tests for the "estimate_volume" endpoint to
fail due to the surprising way that form handles "''":

- The form is the exclusive user of the ForgivingIntegerField [^1].
- The field secretly/silently converts "''" to the integer 0 [^2].

If the validations fail, we don't want to surprise the user with a
"0" when they didn't enter one. The field already handles this by
massaging the values in the __call__ method that generates the HTML
for the form [^3]. However, there are two scenarios:

- User submits field with '' - converted to integer 0.
- User submits field with '0' - remains as a string.

In the case where "value" is "''", the parent class will use the
converted value from form.data instead [^4]. This seems to be an
oversight and so we get either the integer 0 (from form.data) or
the string '0' (from the value kwarg). Complicado!

Previously it was a fluke that we avoided replaying the integer 0
to the user; the previous commit removes the fluke. This fixes the
conditional to always use the data in the "value" kwarg if it has
been provided, as it's meant to override "form.data".

[^1]: 9f63449384
[^2]: a22b8cf684/app/main/forms.py (L364)
[^3]: a22b8cf684/app/main/forms.py (L393)
[^4]: a22b8cf684 (diff-a1c8d24b22d4478fe71f75fd43b71b18dd82aae97bc63de84473a6da1902909bR215)
2022-03-07 12:55:38 +00:00
Ben Thorner
f827a825a1 Merge pull request #4180 from alphagov/dedup-something-else-181415991
Link directly to email branding "something else"
2022-03-07 11:33:11 +00:00
Ben Thorner
8d5974eb47 Simplify "activate_user" to clear session earlier
A snippet of old code [^1] in "activate_user" was forcing us to
keep "user_details" in the session until the very last moment with
a "try / finally" combo. But "activate_user" already knows the ID
of the user: it's the argument we pass to the function.

None of the functions called by "activate_user" require the session
to have that key either i.e. it's definitely redundant.

It's unclear if we need to pop the key from the session in both
"verify" methods - there are no tests covering this behaviour. For
now, we can at least make the flow clearer by adjusting where we do
the "pop" and the assignment.

[^1]: bbc7b173f0 (diff-d12384ece5ad90e9b66063fd3ab170453788d36b7e0babf49ee016f0a880f251L71)
2022-03-07 11:08:19 +00:00
Pea Tyczynska
ae4fc977c1 Apply suggestions from code review
Co-authored-by: Ben Thorner <benthorner@users.noreply.github.com>
2022-03-03 17:02:26 +00:00
Pea Tyczynska
8112930e24 Do not verify sms for pending users with email auth
This is to fix a bug where a user creates an account but doesn't
complete registration, then they are invited to a service that
changes their auth to email_auth, and then when they try to
complete registration they are still asked for sms code.

It should save users some pain, and reduce number of support tickets.
2022-03-03 17:02:26 +00:00
Pea Tyczynska
08f0393553 Allow platform admins to change user auth in the UI
So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.
2022-03-03 13:44:13 +00:00
Ben Thorner
8da8b167c9 Merge pull request #4169 from alphagov/downgrade-existing-letter-error
Downgrade error log for expected exception
2022-03-03 11:27:48 +00:00
Ben Thorner
33c6ca0989 Link directly to email branding "something else"
Previously we duplicated the "something else" email branding form
on its own page and embedded in the choices form (if it was the
only option). See [^1] for how this looks - it's inconsistent.

This DRYs-up the "something else" form by bypassing the choices
form when "something else" is the only option. I've also tweaked
the "Back" button to be consistent with this behaviour.

Making this change also simplifies the choices form, which we'll
be adding pool options to shortly. I'd like to make the letters
form consistent, but let's see how emails pan out first.

Note that the choices form will now show a single radio button if
"something else" is the only option. I think that's OK as nothing
will link to the page, and the form still works.

[^1]: https://github.com/alphagov/notifications-admin/pull/4163#issuecomment-1050088088
2022-03-03 10:18:58 +00:00
Ben Thorner
09899eb99d Replay falsey values in input fields
Currently an integer of 0 doesn't get shown because it fails the
truthiness check in the govuk-frontend template [^1]. Note that
we can't just do str(value) as for None this would be "None".

[^1]: fd4952f1c0/src/govuk/components/input/template.njk (L51)
2022-03-01 13:57:56 +00:00
Ben Thorner
35e7e5e957 Downgrade error log for expected exception
Previously we weren't sure if the cause of this exception was what
the comment below suggested [1]. I've now verified this from:

        Letter not found for service 0bd1d970-f11c-40e1-8319-4baefe6239d7 and file aa07ed06-3161-4795-93b3-b45d7c576af9

I checked that aa07ed06-3161-4795-93b3-b45d7c576af9 exists already
as a notification i.e. the comment is correct and we're not sending
users to a 404 page. It's possible there are other scenarios where
the comment is wrong, but I don't think it's worth keeping the error.

[1]: https://github.com/alphagov/notifications-admin/pull/4159
2022-02-25 14:00:02 +00:00
Katie Smith
9dc3252079 Allow free allowance to be set to 0
We want to be able to set the free allowance for a service to 0, but the
form was not allowing this - it gave an error message of `Cannot be
empty`. This can be fixed by changing the WTForms validator from
`DataRequired` (which coerces 0 to falsey) to the `InputRequired`
validator.
2022-02-25 11:27:56 +00:00
Katie Smith
05b8fd7c01 Merge pull request #4163 from alphagov/branding-previews
Show a preview of GOV.UK and NHS email branding and apply straight away
2022-02-24 11:31:53 +00:00
Ben Thorner
f94c6ded5c Merge pull request #4158 from alphagov/catch-missing-recipient
Fix 500 error due to inconsistent recipient check
2022-02-24 10:17:03 +00:00
Ben Thorner
468e42a12e Merge pull request #4159 from alphagov/catch-missing-letter
Catch error if letter does not exist on send
2022-02-24 10:16:54 +00:00
Pea Tyczynska
e1d1c5c3f5 Let users on email auth delete their mobile numbers
Sometimes users ask us to delete their mobile numbers for them.

If those users are on email auth, they should be able to
delete their number themselves.

This will save them writing a support ticket and save us
going into the database.
2022-02-23 18:31:00 +00:00
Ben Thorner
3effb75045 Clarify purpose of file_id in redirects
In response to: [1].

[1]: https://github.com/alphagov/notifications-admin/pull/4159/files#r813050941
2022-02-23 17:25:35 +00:00
Katie Smith
5ada431da9 NHS and GOV.UK email branding pages now show preview and apply branding
The pages you were redirected to if you selected either GOV.UK branding
or NHS branding used to give information about the branding and have a
button that submitted a Zendesk ticket. Now, we show a preview of the
new branding and the button applies it.
2022-02-22 13:18:21 +00:00
Katie Smith
d75c1ea398 Split out the govuk and govuk_and_org branding templates
The `.email_branding_govuk` and `.email_branding_govuk_and_org` routes
shared a template since the content was the same - the only difference
was in the action of the button. However, since the pages will no longer
be so similar (e.g. the govuk page will show a preview) this splits them
up to use separate templates.

It may be the case that when the branding work is complete these pages
are fairly similar and we decided that one template between the two
endpoints is the best option again.
2022-02-22 11:39:53 +00:00
Ben Thorner
ebbfd20472 Make it easy to clear cache for all key formats
Having to submit the form for each choice separately slowed us down
during an incident where Redis was unavailable and came back with
stale data, which we had to clear manually.

Note: we don't want to use the "flush" feature in case there are other
keys in Redis, which may not be safe to remove.
2022-02-21 15:09:03 +00:00
Ben Thorner
8396412ce1 Report all cache keys that were deleted
This will make it easier to add another test / feature to clear all
the cache keys. It's debatable which of "sum" and "max" is useful:

- "max" is a better (although still not accurate) indicator of the
number of "things" affected e.g. templates, services, etc.

- "sum" makes sense in places where "max" doesn't e.g. when we clear
the "organisations" group, which doesn't equate to individual orgs.

Using "sum() ... across" seems like a reasonable compromise and makes
it clear that we're iterating over different kinds of keys.

While the pluralisation is nice, I don't think it's worth the effort
to make it work for both "object(s)" and "format(s)".
2022-02-21 14:11:49 +00:00
Ben Thorner
4fef2861c6 Catch error if letter does not exist on send
This repeats the pattern we already have for previewing a letter,
where we assume the error is because the notification has already
been sent and redirect the user to see it.

I've improved the original pattern a bit:

- I've DRYed-up the low-level boto code and moved the error handler
there so it can be reused.

- I've introduced a custom exception, which the calling code can
choose to log.

- I've introduced the moto library, which we use elsewhere, to make
it easier to test S3 code.

I've used an error level log when sending a notification - now that
we have a more descriptive log, we can verify the assumption is true
and then make an informed decision to downgrade the log.

In future we may want to merge this handler with the similar code
in utils [1], but we'll need to be careful as the utils handler is
superficial - it doesn't check the reason for the error.

[1]: bce0f4e596/notifications_utils/s3.py (L52)
2022-02-18 14:52:27 +00:00
Ben Thorner
a30a317153 Fix 500 error due to inconsistent recipient check
This strengthens the initial check of what's in the session to make
sure it contains some kind of recipient. Without this, we get:

    Traceback (most recent call last):
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/flask/app.py", line 1950, in full_dispatch_request
        rv = self.dispatch_request()
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/flask/app.py", line 1936, in dispatch_request
        return self.view_functions[rule.endpoint](**req.view_args)
      File "/home/vcap/app/app/utils/user.py", line 26, in wrap_func
        return func(*args, **kwargs)
      File "/home/vcap/app/app/main/views/send.py", line 1041, in send_notification
        recipient=session['recipient'] or InsensitiveDict(session['placeholders'])['address line 1'],
      File "/home/vcap/deps/0/python/lib/python3.9/site-packages/notifications_utils/insensitive_dict.py", line 41, in __getitem__
        return super().__getitem__(self.make_key(key))
    KeyError: 'addressline1'

I'm not sure how to reproduce this, but this should at least give
the user a better experience, instead of a 500 page.
2022-02-18 12:44:01 +00:00
Chris Hill-Scott
6fe766ffaf Merge pull request #4152 from alphagov/bump-utils-53
Bump utils to 53.0.0
2022-02-08 09:56:15 +00:00
Chris Hill-Scott
61660134ff Bump utils to 53.0.0
Changes:

53.0.0
---

* `notifications_utils.columns.Columns` has moved to
  `notifications_utils.insensitive_dict.InsensitiveDict`
* `notifications_utils.columns.Rows` has moved to
  `notifications_utils.recipients.Rows`
* `notifications_utils.columns.Cell` has moved to
  `notifications_utils.recipients.Cell`

52.0.0
---

* Deprecate the following unused `redis_client` functions:
  - `redis_client.increment_hash_value`
  - `redis_client.decrement_hash_value`
  - `redis_client.get_all_from_hash`
  - `redis_client.set_hash_and_expire`
  - `redis_client.expire`

51.3.1
---

* Bump govuk-bank-holidays to cache holidays for next year.

51.3.0
---

* Log exception and stacktrace when Celery tasks fail.
2022-02-04 10:43:36 +00:00
Katie Smith
a7a593fd8b Make separate endpoints for GOV.UK email branding options
The endpoint to change the email branding to "GOV.UK" branding and
"GOV.UK and organisation" branding was the same but with a query string
used to determine which of the two options had been selected. This makes
them two separate endpoints, which makes the code a bit simpler and
hopefully means there is less chance of things not working as expected.
2022-02-03 11:31:25 +00:00
Katie Smith
194fec9009 Remove old branding URLs
We've changed the URLs for these endpoints but needed to keep the old
URLs in place in addition to the new URLs in case anyone was in the
middle of changing their branding as the change was being deployed.
We can now safely remove the old URLs.
2022-02-03 11:03:16 +00:00
Katie Smith
c5db847543 Change both existing branding URLs
This changes the URLs for someone to request new email or letter
branding to match the new URLs we've agreed for the new email branding
changes. The old URLs are still in place for now too to keep backwards
compatibility.
2022-02-03 09:59:21 +00:00
Katie Smith
f92167de71 Only show branding description pages if branding allowed for service
It shouldn't be possible to view the page to confirm that you want a
particular type of email branding if that branding is not allowed for
your service. Although we don't show banned branding options on the
branding form, it would have been possible to visit the relevant URLs
directly.

We now give a `404` status page if you visit a page to select branding
that isn't allowed.
2022-02-03 09:59:21 +00:00
Katie Smith
f9c551a558 Add and use textarea component from GOV.UK Frontend
For the "Something else" branding form we want the form label to be the
title. This brings in the textarea component from GOV.UK Frontend in
order to do this since that contains code to set a the textarea label as
the page heading in an accessible way.

The rest of the textarea fields have not been switched to use the new
component yet.
2022-02-03 09:59:21 +00:00
Katie Smith
92f76638c8 Split up email branding form into separate pages
We were showing the form to request email branding with a button which
submits your choice immediately. Now, we only submit the form
immediately if "Something else" is the only branding option available to
you. If you select any other radio button (or select "Something else"
when it's not the only option) we take you to another page which either
contains more information or a textbox to fill in the details for the
branding you want.

There is currently some duplication between the new pages and their
tests, but these will be changed in future versions of the work so will
start to differ more.
2022-02-03 09:59:21 +00:00
Katie Smith
d4454a982d Split branding-options.html into two
This splits the template into separate templates for emails and letters
since the journey for email branding is about to change.
2022-02-03 09:59:21 +00:00
Katie Smith
4226193346 Split up the branding_request endpoint
The endpoint used to handle both email and letter branding, but this
replaces `.branding_request` with `.email_branding_request` and
`.letter_branding_request` instead. This is in preparation for changing
how email branding works.

The `from_template` arg was only possible for letter branding, so I've
removed that from the `.email_branding_request` endpoint.
2022-02-03 09:59:21 +00:00
Rebecca Law
453a1a699f Merge pull request #4107 from alphagov/mark-letter-invalid-if-over-10-sheets-169209742
Show validation-failed status for templated letters over 10 pages
2022-02-02 07:58:34 +00:00
Pea Tyczynska
ffb8549a21 Merge pull request #4137 from alphagov/rename_column_in_billing_report
Rename sms_fragments to sms_chargeable_units
2022-02-01 17:01:03 +00:00
Pea Tyczynska
9862acd7ee Hint that report is inclusive of both start date and end date
Bu changing labels for date input fields.
2022-02-01 16:48:05 +00:00
Pea Tyczynska
feb2657040 Change formatting for guidance from list to table. Also rewrite
some of the guidance following content review.

Co-authored-by: karlchillmaid <karl.chillmaid@digital.cabinet-office.gov.uk>
2022-02-01 16:47:38 +00:00
Rebecca Law
49138946ac Update comment to help clarify the decision for this approach to showing
letters that are too long.
2022-02-01 13:20:25 +00:00
Chris Hill-Scott
4f672cb5dc Make logo CDN domain into simple config
Having this as a function which does string parsing and manipulation
surprised me a bit when I was trying to figure out why something wasn’t
working.

It’s more in line with the way we do other config like this (for example
`ASSET_PATH`) to make it a simple config variable, rather than trying to
be clever and guess things based on other config variables.

It’s also less code, and is explicit enough that it doesn’t need tests.
2022-01-27 10:33:05 +00:00
Pea Tyczynska
f1d5c33fda Rename sms_fragments to sms_chargeable_units
This field caused some confusion and lots of unnecessary work
to our colleague because of unclear name.

The field was named sms_fragments, where in fact the value of
the field is: those sms fragments that go above free allowance
multiplied by the rate multiplier.

The new name was chosen through consultation with colleagues
who use billing report the most.
2022-01-18 18:05:07 +00:00
Katie Smith
d166c6382c Add link next to org team members allowing them to be removed
This adds a link next to the organisation team members which lets
them be removed from the organisation. Service team members have
their own page and the link to remove them appears there. For
organisation team members, we don't currently have any other
information we want to show or any  other actions to perform. As
a result, this change uses the 'Team members' page to show the
confirmation banner.

The endpoint called 'edit_user_org_permissions' was renamed to
'edit_organisation_user' and some of the existing code around deleting
org users (which didn't work) was changed.
2022-01-13 14:08:37 +00:00
Chris Hill-Scott
3ab30f27b6 Remove checks for renaming without changes
When checking the service or organisation name for uniqueness before
changing it, it would be necessary to exclude the current name from
this check. However now we are changing it immediately we don’t need
to guard around this behaviour of the uniqueness check.

So this commit removes the guard for both renaming a service and an
organisation.
2022-01-13 10:29:01 +00:00
Chris Hill-Scott
24ff80280e Move template file to parent directory
It was the only file in its directory.
2022-01-13 10:28:50 +00:00