mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-03-05 01:42:45 -05:00
7edff47410
Right now, a user can change their name and masquerade as someone else and the service manager has no way of telling who is who. This is also true for platform admins, where they can see the users of a service but can’t identify which department they are from. This commit adds a user’s email address next to their name to remedy this.
114 lines
3.7 KiB
HTML
114 lines
3.7 KiB
HTML
{% extends "withnav_template.html" %}
|
||
{% from "components/table.html" import list_table, row, field, boolean_field, hidden_field_heading %}
|
||
{% from "components/page-footer.html" import page_footer %}
|
||
{% from "components/tick-cross.html" import tick_cross %}
|
||
|
||
{% set table_options = {
|
||
'field_headings': [
|
||
'Name', 'Send messages', 'Modify service', 'Access API keys', hidden_field_heading('Link to change')
|
||
],
|
||
'field_headings_visible': True,
|
||
'caption_visible': True
|
||
} %}
|
||
|
||
{% block page_title %}
|
||
Manage users – GOV.UK Notify
|
||
{% endblock %}
|
||
|
||
{% block maincolumn_content %}
|
||
|
||
<div class="grid-row">
|
||
<div class="column-two-thirds">
|
||
<h1 class="heading-large">
|
||
Team members
|
||
</h1>
|
||
</div>
|
||
{% if current_user.has_permissions(['manage_users'], admin_override=True) %}
|
||
<div class="column-one-third">
|
||
<a href="{{ url_for('.invite_user', service_id=current_service.id) }}" class="button align-with-heading">Invite team member</a>
|
||
</div>
|
||
{% endif %}
|
||
</div>
|
||
|
||
<h2 class="heading-medium">
|
||
Active
|
||
</h2>
|
||
<div class="user-list">
|
||
{% for user in users %}
|
||
<div class="user-list-item">
|
||
<h3>
|
||
{{ user.name }} <span class="hint">
|
||
{%- if user.email_address == current_user.email_address -%}
|
||
(you)
|
||
{% else %}
|
||
{{ user.email_address }}
|
||
{% endif %}
|
||
</span>
|
||
</h3>
|
||
<ul class="tick-cross-list">
|
||
<div class="tick-cross-list-permissions">
|
||
{{ tick_cross(
|
||
user.has_permissions(permissions=['send_texts', 'send_emails', 'send_letters']),
|
||
'Send messages'
|
||
) }}
|
||
{{ tick_cross(
|
||
user.has_permissions(permissions=['manage_users', 'manage_templates', 'manage_settings']),
|
||
'Manage service'
|
||
) }}
|
||
{{ tick_cross(
|
||
user.has_permissions(permissions=['manage_api_keys']),
|
||
'Access API keys'
|
||
) }}
|
||
</div>
|
||
{% if current_user.has_permissions(['manage_users']) %}
|
||
{% if current_user.id != user.id %}
|
||
<li class="tick-cross-list-edit-link">
|
||
<a href="{{ url_for('.edit_user_permissions', service_id=current_service.id, user_id=user.id)}}">Edit permissions</a>
|
||
</li>
|
||
{% endif %}
|
||
{% endif %}
|
||
</ul>
|
||
</div>
|
||
{% endfor %}
|
||
</div>
|
||
|
||
{% if invited_users %}
|
||
<h2 class="heading-medium">
|
||
Invited
|
||
</h2>
|
||
<div class="user-list">
|
||
{% for user in invited_users %}
|
||
<div class="user-list-item">
|
||
<h3>
|
||
{{ user.email_address }}
|
||
</h3>
|
||
<ul class="tick-cross-list">
|
||
<div class="tick-cross-list-permissions">
|
||
{{ tick_cross(
|
||
user.has_permissions(permissions=['send_texts', 'send_emails', 'send_letters']),
|
||
'Send messages'
|
||
) }}
|
||
{{ tick_cross(
|
||
user.has_permissions(permissions=['manage_users', 'manage_templates', 'manage_settings']),
|
||
'Manage service'
|
||
) }}
|
||
{{ tick_cross(
|
||
user.has_permissions(permissions=['manage_api_keys']),
|
||
'Access API keys'
|
||
) }}
|
||
</div>
|
||
<li class="tick-cross-list-edit-link">
|
||
{% if user.status == 'pending' and current_user.has_permissions(['manage_users']) %}
|
||
<a href="{{ url_for('.cancel_invited_user', service_id=current_service.id, invited_user_id=user.id)}}">Cancel invitation</a>
|
||
{% else %}
|
||
{{ user.status|title }}
|
||
{% endif %}
|
||
</li>
|
||
</ul>
|
||
</div>
|
||
{% endfor %}
|
||
</div>
|
||
{% endif %}
|
||
|
||
{% endblock %}
|