Commit Graph

2904 Commits

Author SHA1 Message Date
Pea Tyczynska
39bc7cf721 Convert EmailFields to GovukEmailFields
Changes those fields (and sometimes also regular text input fields)
 in the following forms:
- LoginForm
- RegisterUserForm
- ChangeEmailForm
- FeedbackOrProblem
- AcceptAgreementForm
- ChangeNameForm (only name field here, but used in the same template
field as ChangeEmailForm here: app/templates/views/user-profile/change.html)

Also includes changes to templates that use this form
and associated tests.
2020-08-12 10:34:42 +01:00
Tom Byers
e316e33180 Convert PasswordFields to GovukPasswordFields
Converts them directly in the following forms:
- LoginForm
- ConfirmPasswordForm

Changes the password function to return
GovukPasswordField instead of PasswordField which
effects the following forms:
- RegisterUserForm
- RegisterUserFromInviteForm
- RegisterUserFromOrgInviteForm
- NewPasswordForm
- ChangePasswordForm

It also updates StringField on RegisterUserFromOrgInviteForm
to GovukTextInputField

Also includes changes to templates that use this
form and associated tests.
2020-08-12 10:23:43 +01:00
Tom Byers
a3e661830d Convert text inputs on ServiceUpdateEmailBranding
Includes changes to templates that use this form
and associated tests.
2020-08-12 10:22:20 +01:00
Tom Byers
87beaf49ae Use GovukTextInputField in RenameServiceForm
Includes changes to templates that use this form
and associated tests.
2020-08-12 10:22:20 +01:00
Chris Hill-Scott
8570901731 Let users select electoral wards of local authorities
If a library has groups, we should show a link instead of selecting the
group directly.

Then we can give the user the choice of selecting the whole of that
group, or specific areas within the group.

For now the only libraries we have with groups are local authorities,
which group electoral wards.
2020-08-11 17:38:15 +01:00
Chris Hill-Scott
0ce64bcfde Merge pull request #3553 from alphagov/move-broadcast-areas-into-admin
Move broadcast areas into admin
2020-08-11 13:25:21 +01:00
Toby Lorne
b0ff2d41c5 broadcast-areas: examples are deterministic
Signed-off-by: Toby Lorne <toby.lornewelch-richards@digital.cabinet-office.gov.uk>
2020-08-11 12:04:02 +01:00
Chris Hill-Scott
b0fc1cd271 Make test name more explicit 2020-08-11 11:22:59 +01:00
Toby Lorne
73e68c355b broadcast-areas: include electoral wards
Signed-off-by: Toby Lorne <toby.lornewelch-richards@digital.cabinet-office.gov.uk>
2020-08-10 18:09:15 +01:00
Toby Lorne
6649d0ac70 broadcast-areas: use area ids in tests
Signed-off-by: Toby Lorne <toby.lornewelch-richards@digital.cabinet-office.gov.uk>
2020-08-10 18:09:15 +01:00
Chris Hill-Scott
834b0fc3d5 Put hidden email field on register from invite page
Password managers will try to guess what they should save as a username
by looking at the fields on the page where you set up your password.

When registering from an invite the email address (what we use as a
username) is predefined, and only shown on the page as text, not an
input.

This commit also adds a hidden input field for password managers to pick
up.

Adapted from: https://github.com/UKGovernmentBEIS/beis-opss-psd/blob/master/app/views/users/complete_registration.html.erb#L29-L36
2020-08-10 15:59:27 +01:00
Toby Lorne
8c3a8ecd04 broadcast-areas: view test does not assert order
the descriptions are liable to change esp for wards

Signed-off-by: Toby Lorne <toby.lornewelch-richards@digital.cabinet-office.gov.uk>
2020-08-10 13:04:03 +01:00
Chris Hill-Scott
3573ce1437 Merge pull request #3550 from alphagov/fix-html-escaping-email-subject-preview
Fix HTML being escaped in preview of email subject
2020-08-10 08:59:44 +01:00
Chris Hill-Scott
0e99bede68 Merge pull request #3552 from alphagov/cant-self-approve
Don’t let users self-approve broadcasts
2020-08-06 14:04:07 +01:00
Chris Hill-Scott
479406c02d Don’t let users self-approve broadcasts
At the moment they will get a ‘technical difficulties’ error if they
try.

We probably want to do something around letting people self-approve
broadcasts in trial mode, but for now just telling them they can’t is a
better experience than ‘technical difficulties’ (and will probably be
close to what they should see on a live service as well).
2020-08-05 16:01:21 +01:00
Tom Byers
cd398ab55c Merge pull request #3543 from alphagov/remove-code-supporting-old-permissions-form_fields
Revert support for old user permissions params
2020-08-05 15:51:28 +01:00
Chris Hill-Scott
4d65b94c77 Fix HTML being escaped in preview of email subject
`EmailPreviewTemplate.subject` returns a string of HTML, with any
user-submitted HTML already escaped:
b5a61bfb7b/notifications_utils/template.py (L672)

What won’t be escaped is the HTML needed to redact the placeholders. We
generate this HTML so we know its safe, and doesn’t need to be escaped.
However when we pass it to Jinja, Jinja doesn’t know this, so will try
to escape it. This means users will see the raw HTML.

We can get around this by using Flask’s `Markup` class to tell Jinja
that the string is already sanitised and doesn’t need escaping again.

Text message templates don’t have this problem because they already
return `Markup`: b5a61bfb7b/notifications_utils/template.py (L288)

Letter templates don’t suffer from this problem (because they don’t
support redaction) but without making the same change they would still
double-escape ampersands, greater-than symbols, and so on.
2020-08-04 15:16:18 +01:00
Tom Byers
a74501f1d8 Merge pull request #3535 from alphagov/try-introducing-govuk-checkboxes-again
Try introducing govuk checkboxes again
2020-08-04 14:39:54 +01:00
Chris Hill-Scott
3faf92bfef Go to broadcast, not dashboard after submitting
Once you’ve created a broadcast you’re taken back to the dashboard. This
feels too passive, and you might miss that the broadcast still needs
approval.

We should be much more explicit that you now need to find someone to
approve your broadcast. Taking someone directly to the page for a
broadcast lets us give more information about the status of the
broadcast and what the next steps should be.
2020-08-03 15:46:23 +01:00
Chris Hill-Scott
47a5c2abba Merge pull request #3540 from alphagov/search-whole-postal-address
Tell users that they can search whole postal address
2020-08-03 14:47:58 +01:00
Chris Hill-Scott
19b42e3331 Add a tour for users new to broadcast services
This is an initial, prototype-quality attempt at introducing some kind
of tour for users new to broadcasting. A lot of the users we’re speaking
to don’t have a good concept of what broadcasting means, which is
causing usability problems down the line.

We did a similar thing in the early days of Notify to explain the
concept of message templates and personalisation.
2020-08-03 14:13:48 +01:00
Tom Byers
468a43bd68 Revert support for old user permissions params
The fields used for user permissions on
permissions forms were changed as part of the work
converting the checkboxes to GOVUK Frontend.

This removes code added to protect against a
situation where the server-side app was running
this updated code but clients were POSTing from
pages that were not, and so sending the old HTTP
params.
2020-07-31 15:40:12 +01:00
Tom Byers
e3c434bb8f Change permissions tests to support old API
User permissions were handled by a group of
BooleanFields but introducing the new checkboxes
changed this to just one field that stores its
data in a list.

It was mentioned in a comment that there could be
a situation, when the instances roll, where clients
are using the old fields but POSTing to a server
running the new code.

https://github.com/alphagov/notifications-admin/pull/3535#discussion_r460872903

This introduces tests for that situation.
2020-07-31 15:15:26 +01:00
Tom Byers
f322229614 Change tests to check permissions_field name
A comment on this group of changes mentioned the
'name' attribute of checkboxes for the
permissions_field should be checked as well as the
'value' attribute:

https://github.com/alphagov/notifications-admin/pull/3535#discussion_r460869797

This adds checks to support that point.
2020-07-31 15:15:16 +01:00
Tom Byers
e266b11ee2 Fix tests for pages using govukCheckboxField
These fields used to use govukCheckboxesField and
so stored their data in a list. They were since
migrated to govukCheckboxField, which extends
BooleanField and so keeps its data as a boolean
value.
2020-07-31 10:20:44 +01:00
Katie Smith
ba5f7d7c36 Check for invalid chars in letter addresses
This now adds validation for invalid characters on the
LetterAddressForm for one off letters. It also adds a validation failed
message for uploaded letters, precompiled letters sent through the API,
and CSV rows with errors.
2020-07-31 08:51:07 +01:00
Chris Hill-Scott
3fbf966719 Display full address on the notifications page
This is what we do on the uploads page now. It makes it more obvious
why your search term has returned a certain result if you can see most
of the address, not just the first line.
2020-07-30 16:40:25 +01:00
Chris Hill-Scott
2789b6a596 Tell users that they can search whole postal address
We’re now normalising and storing the whole address in the
`normalised_to` field. Previously we were only storing the first line
of the address.

Enough time should now have passed that the field will have been
populated for all letters in the database.

Thus we can now tell users that it’s not just the first line they can
search by.
2020-07-30 16:20:19 +01:00
Tom Byers
64cc9f2520 Make tests work with new template list HTML
Adds the extra text added to each checkbox label.
It's a copy of the text of the link in the same
list item which does add a lot of duplication to
the test data.

This reformats a lot of the test data, stacking it
to separate out the duplicate items.
2020-07-24 11:34:02 +01:00
Tom Byers
e3753ae623 Fix issues in tests from new fields 2020-07-24 11:34:02 +01:00
Leo Hemsted
8f0c6e43c1 fix tests 2020-07-22 15:15:23 +01:00
Chris Hill-Scott
9958460ab3 Update tests for service permission
This commit makes the tests for the `broadcast` service permission more
robust by:
- adding coverage of endpoints that have been created since the test was
  first written
- checking that the endpoint also responds to a `post` request with a
  `403` (or `405` where it is a `get`-only endpoint)
2020-07-20 09:27:46 +01:00
Chris Hill-Scott
6704919a2d Add a confirmation step to cancelling a broadcast
It’s an irreversible action if you do click it, so it feels like an ‘Are
you sure?’ step is sensible. Follows the same pattern for deleting
templates, etc.
2020-07-20 09:27:44 +01:00
Chris Hill-Scott
4f859a69a6 Merge pull request #3527 from alphagov/broadcast-end-time
Let users choose when to end a broadcast
2020-07-17 10:43:10 +01:00
Chris Hill-Scott
2d7d800c64 Merge pull request #3528 from alphagov/fix-set-broadcast-permission
Fix setting of broadcast permission
2020-07-17 10:40:26 +01:00
Chris Hill-Scott
83156bd16e Let users choose when to end a broadcast
Different emergencies will need broadcasts to last for a variable amount
of time. We give users some control over this by letting them stop a
broadcast early. But we should also let them set a maximum broadcast
time, for:
- when the duration of the danger is known
- when the broadcast has been live long enough to alert everyone who
  needs to know about it

This code re-uses the pattern for scheduling jobs, which has some
constraints that are probably OK for now:
- end time is limited to an hour
- longest duration is 3 whole days (eg if you start broadcasting Friday
  you have the choice of Saturday, Sunday and all of Monday, up to
  midnight)
2020-07-17 08:23:10 +01:00
Chris Hill-Scott
03b4aabf5f Add a link to reject a broadcast
If a broadcast definitely shouldn’t go out (for example because it has a
spelling mistake or is going to the wrong areas) then we should have a
way of removing it. Once it’s removed no-one else can approve it, and it
isn’t cluttering up the dashboard.

This is a link (because it’s a secondary action) and red (because it’s
destructive, in that it’s throwing away someone’s work).
2020-07-17 08:07:44 +01:00
Chris Hill-Scott
a99b40304b Add button to approve broadcast
Since new broadcasts will go into `pending-approval`, we now need a way
of approving them.

This commit adds a button to this page to start (or approve) the
broadcast. This button is wrapped in a bordered box, to emphasise that
it’s something consequential.
2020-07-17 08:07:44 +01:00
Chris Hill-Scott
5b83db9768 Don’t start broadcasts immediately
We don’t want one person going full yolo and start broadcasting without
any oversight. This commit changes the flow so that the button on the
‘preview’ page puts the broadcast into `pending-approval`, rather than
directly into `broadcasting`.
2020-07-17 08:07:43 +01:00
Chris Hill-Scott
c270688fe4 Show pending broadcasts on dashboard
When we have an approval flow, `pending-approval` will be the state a
broadcast is in between being a draft and broadcasting.

This means it is the earliest stage at which a broadcast can appear on
the dashboard, so this commit adds a new section at the top of the
dashboard to display these broadcasts (since the dashboard is in a
reverse chronological order).

Rather than displaying the scheduled time, the extra information shown
is the person who drafted the broadcast, since I reckon you’ll be coming
to this page because they’ve asked you to approve their broadcast.
2020-07-17 08:07:40 +01:00
Chris Hill-Scott
e29a477eb1 Fix setting of broadcast permission
This was broken because current_service doesn’t update itself after
calling the `update` method of the API. So we thought we were changing
the permissions like this:
```
{'email', 'sms', 'letter'}
{'email', 'sms', 'letter', 'broadcast'}
{'sms', 'letter', 'broadcast'}
{'letter', 'broadcast'}
{'broadcast'}
```

But actually we were doing this:
```
{'email', 'sms', 'letter'}
{'email', 'sms', 'letter', 'broadcast'}
{'sms', 'letter'}
{'email', 'letter'}
{'email', 'sms'}
```

This commit changes the code to update the permissions like this:
```
{'email', 'sms', 'letter'}
{'broadcast'}
```

It does so by adding a new method to the service model which changes all
the permissions in one API call, and updates the tests to mock the
underlying API call, not the method on the model.
2020-07-16 19:44:20 +01:00
Chris Hill-Scott
5229373341 Make the broadcast dashboard update via AJAX
Same technique as we use for other pages that update via AJAX.

I’ve split the page up into separate chunks because the DiffDOM library
we use finds it easier to work out what’s changed when there are fewer
elements/a shallower tree.
2020-07-16 16:47:08 +01:00
Chris Hill-Scott
414e4b5834 Merge pull request #3520 from alphagov/broadcast-user-permissions
Make user permissions make sense for services with the broadcast permission
2020-07-16 14:59:57 +01:00
Katie Smith
756a17f8db Add filter for formatting a number as currency
This is used on the usage page, but is likely to become useful in other
places now that letter rates can be greater than £1.
2020-07-15 14:09:49 +01:00
Katie Smith
355e981028 Show international letters on the usage page
The api returns letter details split by postage, so international
letters are returned with a postage of `europe` or `rest-of-world` not
`international` and these rows need to be added together when the rate
is the same before they are displayed on the usage page.

To do this, we need to replace the postage of `europe` and
`rest-of-world` with `international`. The data then needs to be sorted
by postage and rate before the letter units for rows which are
international and have the same rate are added together.
2020-07-15 14:09:49 +01:00
Tom Byers
dfcddb757e Revert "Re-introduce govuk checkboxes" 2020-07-15 13:41:34 +01:00
Tom Byers
86f70ae9fa Merge pull request #3476 from alphagov/introduce-govuk-checkboxes
Re-introduce govuk checkboxes
2020-07-15 13:14:19 +01:00
Chris Hill-Scott
cc925238c7 Merge pull request #3518 from alphagov/view-broadcast-page
Add a page to view a single broadcast
2020-07-15 11:42:45 +01:00
Chris Hill-Scott
da29d35482 Merge pull request #3524 from alphagov/no-templates-message-broadcast
Add ‘no templates’ message for broadcast services
2020-07-15 11:37:56 +01:00
Chris Hill-Scott
c20958ef34 Clean up test formatting
Ensures that:
- test name reflects what it now does
- only one parameter per line
- argument order in parameterize matches argument order in function
  definition
2020-07-15 09:16:06 +01:00