Without the preview service name we probably have to go back to communicating
a bit more on the add service page. This commit brings back the two bullet
points about where the service name will appear, and tries to tie it into the
nice words that Matt Sheret wrote for us.
This page:
- confused users in research
- didn’t communicate what it was intended to (eg the generated email address,
how your service name would appear in messages)
This commit removes the page so that after typing in the service name the user
is sent straight to the dashboard for their new service.
Use one page template for each of:
- choosing a message template
- adding recipients
- checking an email message
- looking at a job
This commit consolidates the two templates into one, and adds logic to show
the SMS message pattern or the email message pattern depending on the type of
template.
It also gives email templates a bit more width, because the body and the from
address tend to be quite long.
This commit parameterises all methods in the send view so that they can send
either emails or SMS messages.
It works out what kind of message it is sending from the `template_type`
property of the template object.
This means that the `Template` util class needs to know about these properties,
which means that this commit depends on:
https://github.com/alphagov/notifications-utils/pull/2
This commit does _not_ add tests for sending emails. The existing tests for
sending SMS still pass, but actually sending emails is outside the scope of
this story.
Templates now have:
- a type (email or sms)
- a subject (if they are email templates)
We don’t want two completely separate view files for email and SMS, because they
would have an enormous amount of repetition.
So this commit adds
- different templates for SMS and email templates
- different form objects for SMS and email templates
…and wires them up.
As part of https://github.com/alphagov/notifications-admin/pull/187 the file
upload pattern was changed to auto-submit once a file had been picked. The
form that was submitted was, however, missing a CSRF token, as well as a submit
button for non-JS users.
This commit makes the file upload pattern self-contained, so that it will always
include a form with a CSRF token in a hidden input and a submit button, which is
then hidden when Javascript loads.
The ‘manage templates’ page was almost identical to the ‘send text messages’
page.
This commit consolidates them into one and makes them all hang together.
Part of this means tweaks to the javascript so that files upload as soon as
you’ve chosen them.
Because this commit’s parent added a few new images, we are now serving at
least a handful of images, therefore a few additional HTTP requests. It’s better
to combine multiple HTTP requests into one for performance reasons (up to a
point).
This commit adds an extra step to the preprocessing of SASS files which takes
any images it finds, base64 encodes them and inlines them into the distributed
CSS files.
It also modifies the content security policy to allow inline images.
This takes the original prototype version of this page, and, using the same
fake data (ie nothing is wired up):
- adds an invite users page
- adds an edit (and delete) user page
Both these pages allow the user to set another user’s permissions.
This commit adds images for the ticks and crosses, so we have control over their
appearance.
This commit adds a new page, which appears after a user enters the name for
their new service. It shows how the service name will appear in emails and
text messages.
This means that the new service is not created until after they have confirmed
that the name is appropriate in context.
This has also involved:
- visual changes to the ‘email template’ pattern, which wasn’t very refined
before
- removing a bunch of words from the enter service name page, because most users
don’t read them, and we reckon that showing a preview is a better way of
getting them to understand what is meant by service name
Still to do:
- validating the the generated email address for a service is unique (on the
API) side
- having the API return the generated email address, rather than determining it
in the admin app
This commit adds a new page, which appears after a user enters the name for
their new service. It shows how the service name will appear in emails and
text messages.
This means that the new service is not created until after they have confirmed
that the name is appropriate in context.
This has also involved:
- visual changes to the ‘email template’ pattern, which wasn’t very refined
before
- removing a bunch of words from the enter service name page, because most users
don’t read them, and we reckon that showing a preview is a better way of
getting them to understand what is meant by service name
Still to do:
- validating the the generated email address for a service is unique (on the
API) side
- having the API return the generated email address, rather than determining it
in the admin app
Since placeholders (almost) work now, it’s worth telling people what the syntax
is.
This commit also removes the ‘template type’ picker, since you can only create
SMS templates at the moment. This will be revisited when we start looking at how
you add an email template.
This commit extends the existing function to validate each row’s phone number
to also validate that all the required data is present.
It does this using the checking that the `Template` class can do when given
a template and a `dict` of values.
This commit brings in the `Template` util, added here:
https://github.com/alphagov/notifications-utils/pull/1
It also does a fair bit of tidying up, which I’ve unfortunately squashed into
this one massive commit. The main change is moving 404 handling into the
templates dao, so that every view isn’t littered with `try: … except(HTTPError)`.
It also adds new features, in a prototypy sort of way, which are:
- download a prefilled example CSV
- show all the columns for your template on the 'check' page
https://www.pivotaltracker.com/story/show/113840073
Previously the forgot password page would give an error if you entered an email
address which didn’t belong to an account.
This would allow a potential attacker to know which email addresses were
registered.
This commit changes the response to always be the same, whether or not the email
address exists.
Also, this is a good read about the dangers of asserting whether a mocked method
was called: http://engineeringblog.yelp.com/2015/02/assert_called_once-threat-or-menace.html
NOTE: you can not test that the session is cleared out by checking the session cookie does not exist on the index page,
because ItsDangerousSession will create a new session when it hits the index page. The unit test confirms that the session has been cleared.
https://www.pivotaltracker.com/story/show/113448149
This commit adds a query string to assets URLs which is generated from a hash
of the file contents. When asset files are changed they will now be served from
a different URL, which means they wont be loaded from browser cache.
This is similar to how GOV.UK template adds its version number as a querystring
parameter for its assets.
This is mostly copied from Digital Marketplace utils:
https://github.com/alphagov/digitalmarketplace-utils/pull/102
They have it in a shared codebase, we only have one frontend app so don’t need
to do that.
Usage in a template:
``` jinja
{{ asset_fingerprinter.get_url('stylesheets/application.css') }}
```
Output:
```
static/stylesheets/application.css?418e6f4a6cdf1142e45c072ed3e1c90a
```
When the template content was renamed in
9ee8610da0 I missed doing the same change for the
delete template route.
This commit does the same fix, so that template content is still visible when
you’re about to delete a template (so you can make sure it’s the right one).
Because the redirect after logging in checks the number of services a user has,
this now needs to be mocked.
Right now this means adding `mock_get_login` to any tests that need a login.
This must be one of the first mocks, so that it can be overridden by any use
of `mock_get_services`, for tests that specifically want to rely on a quantity
of mocked services, or their contents.
This is a bit fragile, but there’s already a TODO in the code to make it better
so ¯\_(ツ)_/¯
We used to do this by redirecting on the choose service page. However when we
lost the dropdown and this page also became the page for adding a new service
(in 3617f2e936) the redirect was removed.
This commit re-adds the redirect on the two factor page, so that it only happens
on first login.
So the flows are:
**Multiple services**
```
`Sign in` → `Enter two factor code` → `Choose service` → `Service dashboard`
```
**One service**
```
`Sign in` → `Enter two factor code` → `Service dashboard`
```
**No services (you’ve deleted all your services)**
`Sign in` → `Enter two factor code` → `Choose service` → `Add new service`
This commit examines all the pages that use the page footer component, and
determines whether they should have a back button, a secondary link, both or
neither.
