darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-27 05:41:00 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,639 Commits 51 Branches 59 Tags
e65dcbe199efb4bf73528eef9e72512900a37585
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Chris Hill-Scott e65dcbe199 Make search by recipient form POST not GET 
Phone numbers and email addresses are showing up in URLs where we let
users search for sent notifications by phone number or email address.

`GET` requests put the form data as a query string in the URL. This is
problematic when people are searching by a recipient’s phone number or
email address, because the URL may show up:
- in our server logs
- in our analytics
- in the user’s browser history

This is bad because these are all places where we don’t want
people’s personal information. It’s not too bad when this is happening
a handful of times. But it would be bad if we kept aggregating this
information because it would allow us to track users across services.

So, while it’s not especially RESTful, it’s better for the search form
to submit as a `POST` request. This way the phone number or email
address goes in the body of the request and does not show up in the URL.
2017-06-13 12:15:03 +01:00
app
Make search by recipient form POST not GET
2017-06-13 12:15:03 +01:00
docker
paas-failwhale
scripts
tests
Make search by recipient form POST not GET
2017-06-13 12:15:03 +01:00
.babelrc
.cfignore
.coveralls.yml
.gitignore
.sass-lint.yml
app.py
appspec.yml
deploy-exclude.lst
environment_test.sh
gulpfile.babel.js
LICENSE
Makefile
manifest-base.yml
manifest-preview.yml
manifest-production.yml
manifest-prototype-base.yml
manifest-prototype-preview.yml
manifest-prototype-production.yml
manifest-prototype-staging.yml
manifest-sandbox.yml
manifest-staging.yml
package.json
README.md
requirements_for_test.txt
requirements.txt
Roll up messages in inbox
2017-06-06 15:15:36 +01:00
runtime.txt
setup.cfg
wsgi.py

README.md

Requirements Status Coverage Status

notifications-admin

GOV.UK Notify admin application.

Features of this application

  • Register and manage users
  • Create and manage services
  • Send batch emails and SMS by uploading a CSV
  • Show history of notifications

First-time setup

Brew is a package manager for OSX. The following command installs brew:

    /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Languages needed

  • Python 3.4
  • Node 5.0.0 or greater
  • npm 3.0.0 or greater
    brew install node

NPM is Node's package management tool. n is a tool for managing different versions of Node. The following installs n and uses the latest version of Node.

    npm install -g n
    n latest
    npm rebuild node-sass

The app runs within a virtual environment. We use mkvirtualenv for easier working with venvs

    pip install virtualenvwrapper
    mkvirtualenv -p /usr/local/bin/python3 notifications-admin

Install dependencies and build the frontend assets:

    workon notifications-admin
    ./scripts/bootstrap.sh

Rebuilding the frontend assets

If you want the front end assets to re-compile on changes, leave this running in a separate terminal from the app

    npm run watch

Create a local environment.sh file containing the following:

echo "
export NOTIFY_ENVIRONMENT='development'
export ADMIN_CLIENT_SECRET='notify-secret-key'
export API_HOST_NAME='http://localhost:6011'
export DANGEROUS_SALT='dev-notify-salt'
export SECRET_KEY='notify-secret-key'
export DESKPRO_API_HOST="some-host"
export DESKPRO_API_KEY="some-key"
"> environment.sh

AWS credentials

Your aws credentials should be stored in a folder located at ~/.aws. Follow Amazon's instructions for storing them correctly

Running the application

    workon notifications-admin
    ./scripts/run_app.sh

Then visit localhost:6012

Reference in New Issue View Git Blame Copy Permalink
Description
The UI of Notify.gov
Readme 553 MiB
Languages
Python 69.3%
HTML 16.6%
JavaScript 11.1%
SCSS 0.9%
Nunjucks 0.7%
Other 1.4%