def choose_service(): return render_template( 'views/choose-service.html', services=[ServicesBrowsableItem(x) for x in service_api_client.get_active_services({'user_id': current_user.id})['data']], can_add_service=is_gov_user(current_user.email_address) )
def edit_user_email(service_id, user_id): user = current_service.get_team_member(user_id) user_email = user.email_address session_key = 'team_member_email_change-{}'.format(user_id) if is_gov_user(user_email): form = ChangeEmailForm(User.already_registered, email_address=user_email) else: form = ChangeNonGovEmailForm(User.already_registered, email_address=user_email) if request.form.get('email_address', '').strip() == user_email: return redirect(url_for('.manage_users', service_id=current_service.id)) if form.validate_on_submit(): session[session_key] = form.email_address.data return redirect( url_for('.confirm_edit_user_email', user_id=user.id, service_id=service_id)) return render_template('views/manage-users/edit-user-email.html', user=user, form=form, service_id=service_id)
def test_non_whitelist_user_cannot_access_create_service_page( logged_in_client, mock_get_non_govuser, api_nongov_user_active, ): assert not is_gov_user(api_nongov_user_active.email_address) response = logged_in_client.get(url_for('main.add_service')) assert response.status_code == 403
def __call__(self, form, field): from flask import url_for message = ( 'Enter a central government email address.' ' If you think you should have access' ' <a href="{}">contact us</a>').format(url_for('main.feedback')) if not is_gov_user(field.data.lower()): raise ValidationError(message)
def test_non_whitelist_user_cannot_create_service(client, mock_login, mock_get_non_govuser, api_nongov_user_active): client.login(api_nongov_user_active) assert not is_gov_user(api_nongov_user_active.email_address) response = client.post(url_for('main.add_service'), data={'name': 'SERVICE TWO'}) assert response.status_code == 403
def test_non_whitelist_user_cannot_access_create_service_page(client, mock_login, mock_get_non_govuser, api_nongov_user_active): client.login(api_nongov_user_active) assert not is_gov_user(api_nongov_user_active.email_address) response = client.get(url_for('main.add_service')) assert response.status_code == 403
def __call__(self, form, field): from flask import url_for message = ('Enter a government email address.' ' If you think you should have access' ' <a href="{}">contact us</a>').format( url_for('main.support')) if not is_gov_user(field.data.lower()): raise ValidationError(message)
def choose_service(): return render_template('views/choose-service.html', services=[ ServicesBrowsableItem(x) for x in service_api_client.get_active_services( {'user_id': current_user.id})['data'] ], can_add_service=is_gov_user( current_user.email_address))
def test_non_whitelist_user_cannot_create_service( logged_in_client, mock_get_non_govuser, api_nongov_user_active, ): assert not is_gov_user(api_nongov_user_active.email_address) response = logged_in_client.post(url_for('main.add_service'), data={'name': 'SERVICE TWO'}) assert response.status_code == 403
def choose_account(): orgs_and_services = user_api_client.get_organisations_and_services_for_user( current_user.id) return render_template('views/choose-account.html', organisations=orgs_and_services['organisations'], services_without_organisations=orgs_and_services[ 'services_without_organisations'], can_add_service=is_gov_user( current_user.email_address))
def test_non_whitelist_user_cannot_access_create_service_page( client_request, mock_get_non_govuser, api_nongov_user_active, ): assert not is_gov_user(api_nongov_user_active.email_address) client_request.get( 'main.add_service', _expected_status=403, )
def test_non_whitelist_user_cannot_create_service( client_request, mock_get_non_govuser, api_nongov_user_active, ): assert not is_gov_user(api_nongov_user_active.email_address) client_request.post( 'main.add_service', _data={'name': 'SERVICE TWO'}, _expected_status=403, )
def test_non_safelist_user_cannot_access_create_service_page( client_request, mock_get_non_govuser, api_nongov_user_active, mock_get_organisations, ): assert is_gov_user(api_nongov_user_active["email_address"]) is False client_request.get( "main.add_service", _expected_status=403, )
def test_non_government_user_can_access_create_service_page( client_request, mock_get_non_govuser, api_nongov_user_active, mock_get_organisations, mock_get_organisation_by_domain, ): assert is_gov_user(api_nongov_user_active['email_address']) is False client_request.get( 'main.add_service', _expected_status=200, )
def test_non_government_user_cannot_create_service( client_request, mock_get_non_govuser, api_nongov_user_active, mock_get_organisations, ): assert is_gov_user(api_nongov_user_active['email_address']) is False client_request.post( 'main.add_service', _data={'name': 'SERVICE TWO'}, _expected_status=403, )
def test_non_safelist_user_cannot_create_service( client_request, mock_get_non_govuser, api_nongov_user_active, mock_get_organisations, ): assert is_gov_user(api_nongov_user_active["email_address"]) is False client_request.post( "main.add_service", _data={"name": "SERVICE TWO"}, _expected_status=403, )
def __call__(self, form, field): if field.data == '': return from flask import url_for message = ''' Enter a public sector email address or <a class="govuk-link govuk-link--no-visited-state" href="{}">find out who can use Notify</a> '''.format(url_for('main.who_can_use_notify')) if not is_gov_user(field.data.lower()): raise ValidationError(message)
def test_invite_user_with_email_auth_service( client_request, service_one, active_user_with_permissions, sample_invite, email_address, gov_user, mocker, auth_type, mock_get_organisations, mock_get_template_folders, ): service_one['permissions'].append('email_auth') sample_invite['email_address'] = '*****@*****.**' assert is_gov_user(email_address) is gov_user mocker.patch('app.models.user.InvitedUsers.client_method', return_value=[sample_invite]) mocker.patch('app.models.user.Users.client_method', return_value=[active_user_with_permissions]) mocker.patch('app.invite_api_client.create_invite', return_value=sample_invite) page = client_request.post( 'main.invite_user', service_id=SERVICE_ONE_ID, _data={ 'email_address': email_address, 'view_activity': 'y', 'send_messages': 'y', 'manage_templates': 'y', 'manage_service': 'y', 'manage_api_keys': 'y', 'login_authentication': auth_type, }, _follow_redirects=True, _expected_status=200, ) assert page.h1.string.strip() == 'Team members' flash_banner = page.find('div', class_='banner-default-with-tick').string.strip() assert flash_banner == 'Invite sent to [email protected]' expected_permissions = { 'manage_api_keys', 'manage_service', 'manage_templates', 'send_messages', 'view_activity' } app.invite_api_client.create_invite.assert_called_once_with( sample_invite['from_user'], sample_invite['service'], email_address, expected_permissions, auth_type, [])
def __call__(self, form, field): if field.data == "": return from flask import url_for gov_email = _("Enter a government email address.") contact_url = url_for(".contact") access_text = _("If you think you should have access") contact_text = _("contact us") message = ('{} {} <a href="{}">{}</a>').format(gov_email, access_text, contact_url, contact_text) if not is_gov_user(field.data.lower()): raise ValidationError(message)
def test_invite_user( client_request, active_user_with_permissions, mocker, sample_invite, email_address, gov_user, mock_get_template_folders, mock_get_organisations, ): sample_invite['email_address'] = '*****@*****.**' assert is_gov_user(email_address) == gov_user mocker.patch('app.models.user.InvitedUsers.client', return_value=[sample_invite]) mocker.patch('app.models.user.Users.client', return_value=[active_user_with_permissions]) mocker.patch('app.invite_api_client.create_invite', return_value=sample_invite) page = client_request.post( 'main.invite_user', service_id=SERVICE_ONE_ID, _data={ 'email_address': email_address, 'view_activity': 'y', 'send_messages': 'y', 'manage_templates': 'y', 'manage_service': 'y', 'manage_api_keys': 'y', }, _follow_redirects=True, ) if (gov_user): assert page.h1.string.strip() == 'Team members' flash_banner = page.find( 'div', class_='banner-default-with-tick').string.strip() assert flash_banner == 'Invite sent to [email protected]' expected_permissions = { 'manage_api_keys', 'manage_service', 'manage_templates', 'send_messages', 'view_activity' } app.invite_api_client.create_invite.assert_called_once_with( sample_invite['from_user'], sample_invite['service'], email_address, expected_permissions, 'sms_auth', []) else: assert page.h1.string.strip() == 'Invite a team member' app.invite_api_client.create_invite.assert_not_called()
def user_profile_email(): if not is_gov_user(current_user.email_address): abort(403) def _is_email_already_in_use(email): return user_api_client.is_email_already_in_use(email) form = ChangeEmailForm(_is_email_already_in_use, email_address=current_user.email_address) if form.validate_on_submit(): session[NEW_EMAIL] = form.email_address.data return redirect(url_for('.user_profile_email_authenticate')) return render_template('views/user-profile/change.html', thing='email address', form_field=form.email_address)
def test_invite_user( logged_in_client, active_user_with_permissions, mocker, sample_invite, email_address, gov_user, ): service = create_sample_service(active_user_with_permissions) sample_invite['email_address'] = '*****@*****.**' data = [InvitedUser(**sample_invite)] assert is_gov_user(email_address) == gov_user mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data) mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions]) mocker.patch('app.invite_api_client.create_invite', return_value=InvitedUser(**sample_invite)) response = logged_in_client.post(url_for('main.invite_user', service_id=service['id']), data={ 'email_address': email_address, 'view_activity': 'y', 'send_messages': 'y', 'manage_templates': 'y', 'manage_service': 'y', 'manage_api_keys': 'y' }, follow_redirects=True) assert response.status_code == 200 page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser') assert page.h1.string.strip() == 'Team members' flash_banner = page.find('div', class_='banner-default-with-tick').string.strip() assert flash_banner == 'Invite sent to [email protected]' expected_permissions = { 'manage_api_keys', 'manage_service', 'manage_templates', 'send_messages', 'view_activity' } app.invite_api_client.create_invite.assert_called_once_with( sample_invite['from_user'], sample_invite['service'], email_address, expected_permissions, 'sms_auth')
def __call__(self, form, field): if field.data == '': return from flask import url_for gov_email = _("Enter a government email address.") feedback_url = url_for('.feedback', ticket_type='ask-question-give-feedback') access_text = _("If you think you should have access") contact_text = _('contact us') message = ('{} {} <a href="{}">{}</a>').format(gov_email, access_text, feedback_url, contact_text) if not is_gov_user(field.data.lower()): raise ValidationError(message)
def user_profile_email(): if not is_gov_user(current_user.email_address): abort(403) def _is_email_unique(email): return user_api_client.is_email_unique(email) form = ChangeEmailForm(_is_email_unique, email_address=current_user.email_address) if form.validate_on_submit(): session[NEW_EMAIL] = form.email_address.data return redirect(url_for('.user_profile_email_authenticate')) return render_template( 'views/user-profile/change.html', thing='email address', form_field=form.email_address )
def add_service(): invited_user = session.get('invited_user') if invited_user: service_id = _add_invited_user_to_service(invited_user) return redirect( url_for('main.service_dashboard', service_id=service_id)) if not is_gov_user(current_user.email_address): abort(403) form = CreateServiceForm() heading = 'About your service' if form.validate_on_submit(): email_from = email_safe(form.name.data) service_name = form.name.data service_id, error = _create_service(service_name, form.organisation_type.data, email_from, form) if error: return render_template('views/add-service.html', form=form, heading=heading) if len( service_api_client.get_active_services({ 'user_id': session['user_id'] }).get('data', [])) > 1: return redirect( url_for('main.service_dashboard', service_id=service_id)) example_sms_template = _create_example_template(service_id) return redirect( url_for( 'main.start_tour', service_id=service_id, template_id=example_sms_template['data']['id'], )) else: return render_template('views/add-service.html', form=form, heading=heading)
def test_invite_user( app_, active_user_with_permissions, mocker, sample_invite, email_address, gov_user ): service = create_sample_service(active_user_with_permissions) sample_invite['email_address'] = '*****@*****.**' data = [InvitedUser(**sample_invite)] with app_.test_request_context(): with app_.test_client() as client: client.login(active_user_with_permissions, mocker, service) assert is_gov_user(email_address) == gov_user mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data) mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions]) mocker.patch('app.invite_api_client.create_invite', return_value=InvitedUser(**sample_invite)) response = client.post( url_for('main.invite_user', service_id=service['id']), data={'email_address': email_address, 'send_messages': 'y', 'manage_service': 'y', 'manage_api_keys': 'y'}, follow_redirects=True ) assert response.status_code == 200 page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser') assert page.h1.string.strip() == 'Team members' flash_banner = page.find('div', class_='banner-default-with-tick').string.strip() assert flash_banner == 'Invite sent to [email protected]' expected_permissions = 'manage_api_keys,manage_settings,manage_templates,manage_users,send_emails,send_letters,send_texts,view_activity' # noqa app.invite_api_client.create_invite.assert_called_once_with(sample_invite['from_user'], sample_invite['service'], email_address, expected_permissions)
def add_service(): invited_user = session.get('invited_user') if invited_user: service_id = _add_invited_user_to_service(invited_user) return redirect(url_for('main.service_dashboard', service_id=service_id)) if not is_gov_user(current_user.email_address): abort(403) form = AddServiceForm(service_api_client.find_all_service_email_from) heading = 'Which service do you want to set up notifications for?' if form.validate_on_submit(): email_from = email_safe(form.name.data) service_name = form.name.data service_id = _create_service(service_name, email_from) if (len(service_api_client.get_active_services({'user_id': session['user_id']}).get('data', [])) > 1): return redirect(url_for('main.service_dashboard', service_id=service_id)) example_sms_template = service_api_client.create_service_template( 'Example text message template', 'sms', 'Hey ((name)), I’m trying out Notify. Today is ((day of week)) and my favourite colour is ((colour)).', service_id ) return redirect(url_for( 'main.send_test', service_id=service_id, template_id=example_sms_template['data']['id'], help=1 )) else: return render_template( 'views/add-service.html', form=form, heading=heading )
def user_profile(): return render_template('views/user-profile.html', can_see_edit=is_gov_user( current_user.email_address))
def is_gov_user(self): return is_gov_user(self.email_address)
def user_profile(): return render_template( 'views/user-profile.html', can_see_edit=is_gov_user(current_user.email_address) )