From 0e6bc6f07f13122dda318a86ca5e85ea59d71ee3 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 5 Feb 2025 06:29:10 -0500
Subject: [PATCH 01/81] added helpers for role and permissions displays in
 templates

---
 src/registrar/models/portfolio_invitation.py  | 58 ++++++++++++
 .../models/user_portfolio_permission.py       | 58 ++++++++++++
 .../models/utility/portfolio_helper.py        | 89 +++++++++++++++++++
 .../templates/emails/portfolio_update.txt     | 35 ++++++++
 .../emails/portfolio_update_subject.txt       |  1 +
 .../includes/member_permissions_summary.html  | 30 +------
 6 files changed, 245 insertions(+), 26 deletions(-)
 create mode 100644 src/registrar/templates/emails/portfolio_update.txt
 create mode 100644 src/registrar/templates/emails/portfolio_update_subject.txt

diff --git a/src/registrar/models/portfolio_invitation.py b/src/registrar/models/portfolio_invitation.py
index 8feeb0794..dd80f946e 100644
--- a/src/registrar/models/portfolio_invitation.py
+++ b/src/registrar/models/portfolio_invitation.py
@@ -9,6 +9,10 @@ from .utility.portfolio_helper import (
     UserPortfolioPermissionChoices,
     UserPortfolioRoleChoices,
     cleanup_after_portfolio_member_deletion,
+    get_domain_requests_display,
+    get_domains_display,
+    get_members_display,
+    get_role_display,
     validate_portfolio_invitation,
 )  # type: ignore
 from .utility.time_stamped_model import TimeStampedModel
@@ -85,6 +89,60 @@ class PortfolioInvitation(TimeStampedModel):
         """
         return UserPortfolioPermission.get_portfolio_permissions(self.roles, self.additional_permissions)
 
+    @property
+    def role_display(self):
+        """
+        Returns a human-readable display name for the user's role.
+
+        Uses the `get_role_display` function to determine if the user is an "Admin",
+        "Basic" member, or has no role assigned.
+
+        Returns:
+            str: The display name of the user's role.
+        """
+        return get_role_display(self.roles)
+    
+    @property
+    def domains_display(self):
+        """
+        Returns a string representation of the user's domain access level.
+
+        Uses the `get_domains_display` function to determine whether the user has 
+        "Viewer, all" access (can view all domains) or "Viewer, limited" access.
+
+        Returns:
+            str: The display name of the user's domain permissions.
+        """
+        return get_domains_display(self.roles, self.additional_permissions)
+    
+    @property
+    def domain_requests_display(self):
+        """
+        Returns a string representation of the user's access to domain requests.
+
+        Uses the `get_domain_requests_display` function to determine if the user 
+        is a "Creator" (can create and edit requests), a "Viewer" (can only view requests), 
+        or has "No access" to domain requests.
+
+        Returns:
+            str: The display name of the user's domain request permissions.
+        """
+        return get_domain_requests_display(self.roles, self.additional_permissions)
+    
+    @property
+    def members_display(self):
+        """
+        Returns a string representation of the user's access to managing members.
+
+        Uses the `get_members_display` function to determine if the user is a 
+        "Manager" (can edit members), a "Viewer" (can view members), or has "No access" 
+        to member management.
+
+        Returns:
+            str: The display name of the user's member management permissions.
+        """
+        return get_members_display(self.roles, self.additional_permissions)
+
     @transition(field="status", source=PortfolioInvitationStatus.INVITED, target=PortfolioInvitationStatus.RETRIEVED)
     def retrieve(self):
         """When an invitation is retrieved, create the corresponding permission.
diff --git a/src/registrar/models/user_portfolio_permission.py b/src/registrar/models/user_portfolio_permission.py
index 11d9c56e3..372715db2 100644
--- a/src/registrar/models/user_portfolio_permission.py
+++ b/src/registrar/models/user_portfolio_permission.py
@@ -6,6 +6,10 @@ from registrar.models.utility.portfolio_helper import (
     DomainRequestPermissionDisplay,
     MemberPermissionDisplay,
     cleanup_after_portfolio_member_deletion,
+    get_domain_requests_display,
+    get_domains_display,
+    get_members_display,
+    get_role_display,
     validate_user_portfolio_permission,
 )
 from .utility.time_stamped_model import TimeStampedModel
@@ -185,6 +189,60 @@ class UserPortfolioPermission(TimeStampedModel):
         # This is the same as portfolio_permissions & common_forbidden_perms.
         return portfolio_permissions.intersection(common_forbidden_perms)
 
+    @property
+    def role_display(self):
+        """
+        Returns a human-readable display name for the user's role.
+
+        Uses the `get_role_display` function to determine if the user is an "Admin",
+        "Basic" member, or has no role assigned.
+
+        Returns:
+            str: The display name of the user's role.
+        """
+        return get_role_display(self.roles)
+    
+    @property
+    def domains_display(self):
+        """
+        Returns a string representation of the user's domain access level.
+
+        Uses the `get_domains_display` function to determine whether the user has 
+        "Viewer, all" access (can view all domains) or "Viewer, limited" access.
+
+        Returns:
+            str: The display name of the user's domain permissions.
+        """
+        return get_domains_display(self.roles, self.additional_permissions)
+    
+    @property
+    def domain_requests_display(self):
+        """
+        Returns a string representation of the user's access to domain requests.
+
+        Uses the `get_domain_requests_display` function to determine if the user 
+        is a "Creator" (can create and edit requests), a "Viewer" (can only view requests), 
+        or has "No access" to domain requests.
+
+        Returns:
+            str: The display name of the user's domain request permissions.
+        """
+        return get_domain_requests_display(self.roles, self.additional_permissions)
+    
+    @property
+    def members_display(self):
+        """
+        Returns a string representation of the user's access to managing members.
+
+        Uses the `get_members_display` function to determine if the user is a 
+        "Manager" (can edit members), a "Viewer" (can view members), or has "No access" 
+        to member management.
+
+        Returns:
+            str: The display name of the user's member management permissions.
+        """
+        return get_members_display(self.roles, self.additional_permissions)
+
     def clean(self):
         """Extends clean method to perform additional validation, which can raise errors in django admin."""
         super().clean()
diff --git a/src/registrar/models/utility/portfolio_helper.py b/src/registrar/models/utility/portfolio_helper.py
index 0864bded0..f1f9ef4f2 100644
--- a/src/registrar/models/utility/portfolio_helper.py
+++ b/src/registrar/models/utility/portfolio_helper.py
@@ -82,6 +82,95 @@ class MemberPermissionDisplay(StrEnum):
     VIEWER = "Viewer"
     NONE = "None"
 
+def get_role_display(roles):
+    """
+    Returns a user-friendly display name for a given list of user roles.
+
+    - If the user has the ORGANIZATION_ADMIN role, return "Admin".
+    - If the user has the ORGANIZATION_MEMBER role, return "Basic".
+    - If the user has neither role, return "-".
+
+    Args:
+        roles (list): A list of role strings assigned to the user.
+
+    Returns:
+        str: The display name for the highest applicable role.
+    """
+    if UserPortfolioRoleChoices.ORGANIZATION_ADMIN in roles:
+        return "Admin"
+    elif UserPortfolioRoleChoices.ORGANIZATION_MEMBER in roles:
+        return "Basic"
+    else:
+        return "-"
+
+def get_domains_display(roles, permissions):
+    """
+    Determines the display name for a user's domain viewing permissions.
+
+    - If the user has the VIEW_ALL_DOMAINS permission, return "Viewer, all".
+    - Otherwise, return "Viewer, limited".
+
+    Args:
+        roles (list): A list of role strings assigned to the user.
+        permissions (list): A list of additional permissions assigned to the user.
+
+    Returns:
+        str: A string representing the user's domain viewing access.
+    """
+    UserPortfolioPermission = apps.get_model("registrar.UserPortfolioPermission")
+    all_permissions = UserPortfolioPermission.get_portfolio_permissions(roles, permissions)
+    if UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS in all_permissions:
+        return "Viewer, all"
+    else:
+        return "Viewer, limited"
+
+def get_domain_requests_display(roles, permissions):
+    """
+    Determines the display name for a user's domain request permissions.
+
+    - If the user has the EDIT_REQUESTS permission, return "Creator".
+    - If the user has the VIEW_ALL_REQUESTS permission, return "Viewer".
+    - Otherwise, return "No access".
+
+    Args:
+        roles (list): A list of role strings assigned to the user.
+        permissions (list): A list of additional permissions assigned to the user.
+
+    Returns:
+        str: A string representing the user's domain request access level.
+    """
+    UserPortfolioPermission = apps.get_model("registrar.UserPortfolioPermission")
+    all_permissions = UserPortfolioPermission.get_portfolio_permissions(roles, permissions)
+    if UserPortfolioPermissionChoices.EDIT_REQUESTS in all_permissions:
+        return "Creator"
+    elif UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS in all_permissions:
+        return "Viewer"
+    else:
+        return "No access"
+
+def get_members_display(roles, permissions):
+    """
+    Determines the display name for a user's member management permissions.
+
+    - If the user has the EDIT_MEMBERS permission, return "Manager".
+    - If the user has the VIEW_MEMBERS permission, return "Viewer".
+    - Otherwise, return "No access".
+
+    Args:
+        roles (list): A list of role strings assigned to the user.
+        permissions (list): A list of additional permissions assigned to the user.
+
+    Returns:
+        str: A string representing the user's member management access level.
+    """
+    UserPortfolioPermission = apps.get_model("registrar.UserPortfolioPermission")
+    all_permissions = UserPortfolioPermission.get_portfolio_permissions(roles, permissions)
+    if UserPortfolioPermissionChoices.EDIT_MEMBERS in all_permissions:
+        return "Manager"
+    elif UserPortfolioPermissionChoices.VIEW_MEMBERS in all_permissions:
+        return "Viewer"
+    else:
+        return "No access"
 
 def validate_user_portfolio_permission(user_portfolio_permission):
     """
diff --git a/src/registrar/templates/emails/portfolio_update.txt b/src/registrar/templates/emails/portfolio_update.txt
new file mode 100644
index 000000000..aa13a9fb9
--- /dev/null
+++ b/src/registrar/templates/emails/portfolio_update.txt
@@ -0,0 +1,35 @@
+{% autoescape off %}{# In a text file, we don't want to have HTML entities escaped #}
+Hi,{% if requested_user and requested_user.first_name %} {{ requested_user.first_name }}.{% endif %}
+
+Your permissions were updated in the .gov registrar.
+
+ORGANIZATION: {{ portfolio.organization_name }}
+UPDATED BY: {{ requestor_email }}
+UPDATED ON: {{ date }}
+YOUR PERMISSIONS: {{ permissions.role_display }}
+  Domains - {{ permissions.domains_display }}
+  Domain requests - {{ permissions.domain_requests_display }}
+  Members - {{ permissions.members_display }}
+
+Your updated permissions are now active in the .gov registrar <https://manage.get.gov>.
+
+----------------------------------------------------------------
+
+SOMETHING WRONG?
+If you have questions or concerns, reach out to the person who updated your
+permissions, or reply to this email.
+
+
+THANK YOU
+.Gov helps the public identify official, trusted information. Thank you for using a .gov
+domain.
+
+----------------------------------------------------------------
+
+The .gov team
+Contact us: <https://get.gov/contact/>
+Learn about .gov <https://get.gov>
+
+The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency
+(CISA) <https://cisa.gov/>
+{% endautoescape %}
diff --git a/src/registrar/templates/emails/portfolio_update_subject.txt b/src/registrar/templates/emails/portfolio_update_subject.txt
new file mode 100644
index 000000000..2cd806a73
--- /dev/null
+++ b/src/registrar/templates/emails/portfolio_update_subject.txt
@@ -0,0 +1 @@
+Your permissions were updated in the .gov registrar
\ No newline at end of file
diff --git a/src/registrar/templates/includes/member_permissions_summary.html b/src/registrar/templates/includes/member_permissions_summary.html
index 3a91d16f6..95eca0a7e 100644
--- a/src/registrar/templates/includes/member_permissions_summary.html
+++ b/src/registrar/templates/includes/member_permissions_summary.html
@@ -1,33 +1,11 @@
 <h4 class="margin-bottom-0">Member access</h4>
-{% if permissions.roles and 'organization_admin' in permissions.roles %}
-    <p class="margin-top-0">Admin</p>
-{% elif permissions.roles and 'organization_member' in permissions.roles %}
-    <p class="margin-top-0">Basic</p>
-{% else %}
-    <p class="margin-top-0">⎯</p>
-{% endif %}
+    <p class="margin-top-0">{{ permissions.role_display }}</p>
 
 <h4 class="margin-bottom-0 text-primary">Domains</h4>
-{% if member_has_view_all_domains_portfolio_permission %}
-    <p class="margin-top-0">Viewer, all</p>
-{% else %}
-    <p class="margin-top-0">Viewer, limited</p>
-{% endif %}
+    <p class="margin-top-0">{{ permissions.domains_display }}</p>
 
 <h4 class="margin-bottom-0 text-primary">Domain requests</h4>
-{% if member_has_edit_request_portfolio_permission %}
-    <p class="margin-top-0">Creator</p>
-{% elif member_has_view_all_requests_portfolio_permission %}
-    <p class="margin-top-0">Viewer</p>
-{% else %}
-    <p class="margin-top-0">No access</p>
-{% endif %}
+    <p class="margin-top-0">{{ permissions.domain_requests_display }}</p>
 
 <h4 class="margin-bottom-0 text-primary">Members</h4>
-{% if member_has_edit_members_portfolio_permission %}
-    <p class="margin-top-0">Manager</p>
-{% elif member_has_view_members_portfolio_permission %}
-    <p class="margin-top-0">Viewer</p>
-{% else %}
-    <p class="margin-top-0">No access</p>
-{% endif %}
\ No newline at end of file
+    <p class="margin-top-0">{{ permissions.members_display }}</p>

From 350508f9c12f00576bfea74ebaf4d23506e336d7 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 5 Feb 2025 16:31:22 -0500
Subject: [PATCH 02/81] email notification to portfolio member on permissions
 update

---
 src/registrar/forms/portfolio.py           | 18 ++++++++++
 src/registrar/utility/email_invitations.py | 40 ++++++++++++++++++++++
 src/registrar/views/portfolios.py          |  7 ++++
 3 files changed, 65 insertions(+)

diff --git a/src/registrar/forms/portfolio.py b/src/registrar/forms/portfolio.py
index 2725224f1..d244f9931 100644
--- a/src/registrar/forms/portfolio.py
+++ b/src/registrar/forms/portfolio.py
@@ -337,6 +337,24 @@ class BasePortfolioMemberForm(forms.ModelForm):
             UserPortfolioRoleChoices.ORGANIZATION_ADMIN in previous_roles
             and UserPortfolioRoleChoices.ORGANIZATION_ADMIN not in new_roles
         )
+    
+    def is_change(self) -> bool:
+        """
+        Determines if the form has changed by comparing the initial data 
+        with the submitted cleaned data.
+        
+        Returns:
+            bool: True if the form has changed, False otherwise.
+        """
+        # Compare role values
+        previous_roles = set(self.initial.get("roles", []))  
+        new_roles = set(self.cleaned_data.get("roles", []))
+
+        # Compare additional permissions values
+        previous_permissions = set(self.initial.get("additional_permissions", []))  
+        new_permissions = set(self.cleaned_data.get("additional_permissions", []))
+
+        return previous_roles != new_roles or previous_permissions != new_permissions
 
 
 class PortfolioMemberForm(BasePortfolioMemberForm):
diff --git a/src/registrar/utility/email_invitations.py b/src/registrar/utility/email_invitations.py
index de21b2a61..ed057a41b 100644
--- a/src/registrar/utility/email_invitations.py
+++ b/src/registrar/utility/email_invitations.py
@@ -225,6 +225,46 @@ def send_portfolio_invitation_email(email: str, requestor, portfolio, is_admin_i
         )
     return all_admin_emails_sent
 
+def send_portfolio_member_permission_update_email(requestor, permissions: UserPortfolioPermission):
+    """
+    Sends an email notification to a portfolio member when their permissions are updated.
+
+    This function retrieves the requestor's email and sends a templated email to the affected user,
+    notifying them of changes to their portfolio permissions.
+
+    Args:
+        requestor (User): The user initiating the permission update.
+        permissions (UserPortfolioPermission): The updated permissions object containing the affected user 
+                                              and the portfolio details.
+
+    Returns:
+        bool: True if the email was sent successfully, False if an EmailSendingError occurred.
+
+    Raises:
+        MissingEmailError: If the requestor has no email associated with their account.
+    """
+    requestor_email = _get_requestor_email(requestor, portfolio=permissions.portfolio)
+    try:
+        send_templated_email(
+            "emails/portfolio_update.txt",
+            "emails/portfolio_update_subject.txt",
+            to_address=permissions.user.email,
+            context={
+                "requested_user": permissions.user,
+                "portfolio": permissions.portfolio,
+                "requestor_email": requestor_email,
+                "permissions": permissions,
+            }
+        )
+    except EmailSendingError as err:
+        logger.warning(
+            "Could not send email organization member update notification to %s " "for portfolio: %s",
+                permissions.user.email,
+                permissions.portfolio.organization_name,
+                exc_info=True,
+            )
+        return False
+    return True
 
 def send_portfolio_admin_addition_emails(email: str, requestor, portfolio: Portfolio):
     """
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index c5cc72c59..e2d031fca 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -20,6 +20,7 @@ from registrar.utility.email_invitations import (
     send_portfolio_admin_addition_emails,
     send_portfolio_admin_removal_emails,
     send_portfolio_invitation_email,
+    send_portfolio_member_permission_update_email,
 )
 from registrar.utility.errors import MissingEmailError
 from registrar.utility.enums import DefaultUserValues
@@ -212,6 +213,12 @@ class PortfolioMemberEditView(PortfolioMemberEditPermissionView, View):
         removing_admin_role_on_self = False
         if form.is_valid():
             try:
+                if form.is_change():
+                    if not send_portfolio_member_permission_update_email(
+                        requestor=request.user,
+                        permissions=form.instance
+                    ):
+                        messages.warning(self.request, f"Could not send email notification to {user.email}.")
                 if form.is_change_from_member_to_admin():
                     if not send_portfolio_admin_addition_emails(
                         email=portfolio_permission.user.email,

From cbc9cdbe34dd22630a2aef2bd897bab3f168fb16 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 5 Feb 2025 17:13:02 -0500
Subject: [PATCH 03/81] additional tests for email_invitations

---
 src/registrar/forms/portfolio.py              | 10 +--
 src/registrar/models/portfolio_invitation.py  | 16 ++--
 .../models/user_portfolio_permission.py       | 16 ++--
 .../models/utility/portfolio_helper.py        |  5 ++
 src/registrar/tests/test_email_invitations.py | 76 ++++++++++++++++++-
 src/registrar/utility/email_invitations.py    | 16 ++--
 src/registrar/views/portfolios.py             |  3 +-
 7 files changed, 111 insertions(+), 31 deletions(-)

diff --git a/src/registrar/forms/portfolio.py b/src/registrar/forms/portfolio.py
index d244f9931..a81f9d1e7 100644
--- a/src/registrar/forms/portfolio.py
+++ b/src/registrar/forms/portfolio.py
@@ -337,21 +337,21 @@ class BasePortfolioMemberForm(forms.ModelForm):
             UserPortfolioRoleChoices.ORGANIZATION_ADMIN in previous_roles
             and UserPortfolioRoleChoices.ORGANIZATION_ADMIN not in new_roles
         )
-    
+
     def is_change(self) -> bool:
         """
-        Determines if the form has changed by comparing the initial data 
+        Determines if the form has changed by comparing the initial data
         with the submitted cleaned data.
-        
+
         Returns:
             bool: True if the form has changed, False otherwise.
         """
         # Compare role values
-        previous_roles = set(self.initial.get("roles", []))  
+        previous_roles = set(self.initial.get("roles", []))
         new_roles = set(self.cleaned_data.get("roles", []))
 
         # Compare additional permissions values
-        previous_permissions = set(self.initial.get("additional_permissions", []))  
+        previous_permissions = set(self.initial.get("additional_permissions", []))
         new_permissions = set(self.cleaned_data.get("additional_permissions", []))
 
         return previous_roles != new_roles or previous_permissions != new_permissions
diff --git a/src/registrar/models/portfolio_invitation.py b/src/registrar/models/portfolio_invitation.py
index dd80f946e..045cf2de4 100644
--- a/src/registrar/models/portfolio_invitation.py
+++ b/src/registrar/models/portfolio_invitation.py
@@ -101,41 +101,41 @@ class PortfolioInvitation(TimeStampedModel):
             str: The display name of the user's role.
         """
         return get_role_display(self.roles)
-    
+
     @property
     def domains_display(self):
         """
         Returns a string representation of the user's domain access level.
 
-        Uses the `get_domains_display` function to determine whether the user has 
+        Uses the `get_domains_display` function to determine whether the user has
         "Viewer, all" access (can view all domains) or "Viewer, limited" access.
 
         Returns:
             str: The display name of the user's domain permissions.
         """
         return get_domains_display(self.roles, self.additional_permissions)
-    
+
     @property
     def domain_requests_display(self):
         """
         Returns a string representation of the user's access to domain requests.
 
-        Uses the `get_domain_requests_display` function to determine if the user 
-        is a "Creator" (can create and edit requests), a "Viewer" (can only view requests), 
+        Uses the `get_domain_requests_display` function to determine if the user
+        is a "Creator" (can create and edit requests), a "Viewer" (can only view requests),
         or has "No access" to domain requests.
 
         Returns:
             str: The display name of the user's domain request permissions.
         """
         return get_domain_requests_display(self.roles, self.additional_permissions)
-    
+
     @property
     def members_display(self):
         """
         Returns a string representation of the user's access to managing members.
 
-        Uses the `get_members_display` function to determine if the user is a 
-        "Manager" (can edit members), a "Viewer" (can view members), or has "No access" 
+        Uses the `get_members_display` function to determine if the user is a
+        "Manager" (can edit members), a "Viewer" (can view members), or has "No access"
         to member management.
 
         Returns:
diff --git a/src/registrar/models/user_portfolio_permission.py b/src/registrar/models/user_portfolio_permission.py
index 372715db2..7daa3bd11 100644
--- a/src/registrar/models/user_portfolio_permission.py
+++ b/src/registrar/models/user_portfolio_permission.py
@@ -201,41 +201,41 @@ class UserPortfolioPermission(TimeStampedModel):
             str: The display name of the user's role.
         """
         return get_role_display(self.roles)
-    
+
     @property
     def domains_display(self):
         """
         Returns a string representation of the user's domain access level.
 
-        Uses the `get_domains_display` function to determine whether the user has 
+        Uses the `get_domains_display` function to determine whether the user has
         "Viewer, all" access (can view all domains) or "Viewer, limited" access.
 
         Returns:
             str: The display name of the user's domain permissions.
         """
         return get_domains_display(self.roles, self.additional_permissions)
-    
+
     @property
     def domain_requests_display(self):
         """
         Returns a string representation of the user's access to domain requests.
 
-        Uses the `get_domain_requests_display` function to determine if the user 
-        is a "Creator" (can create and edit requests), a "Viewer" (can only view requests), 
+        Uses the `get_domain_requests_display` function to determine if the user
+        is a "Creator" (can create and edit requests), a "Viewer" (can only view requests),
         or has "No access" to domain requests.
 
         Returns:
             str: The display name of the user's domain request permissions.
         """
         return get_domain_requests_display(self.roles, self.additional_permissions)
-    
+
     @property
     def members_display(self):
         """
         Returns a string representation of the user's access to managing members.
 
-        Uses the `get_members_display` function to determine if the user is a 
-        "Manager" (can edit members), a "Viewer" (can view members), or has "No access" 
+        Uses the `get_members_display` function to determine if the user is a
+        "Manager" (can edit members), a "Viewer" (can view members), or has "No access"
         to member management.
 
         Returns:
diff --git a/src/registrar/models/utility/portfolio_helper.py b/src/registrar/models/utility/portfolio_helper.py
index f1f9ef4f2..67e546db8 100644
--- a/src/registrar/models/utility/portfolio_helper.py
+++ b/src/registrar/models/utility/portfolio_helper.py
@@ -82,6 +82,7 @@ class MemberPermissionDisplay(StrEnum):
     VIEWER = "Viewer"
     NONE = "None"
 
+
 def get_role_display(roles):
     """
     Returns a user-friendly display name for a given list of user roles.
@@ -103,6 +104,7 @@ def get_role_display(roles):
     else:
         return "-"
 
+
 def get_domains_display(roles, permissions):
     """
     Determines the display name for a user's domain viewing permissions.
@@ -124,6 +126,7 @@ def get_domains_display(roles, permissions):
     else:
         return "Viewer, limited"
 
+
 def get_domain_requests_display(roles, permissions):
     """
     Determines the display name for a user's domain request permissions.
@@ -148,6 +151,7 @@ def get_domain_requests_display(roles, permissions):
     else:
         return "No access"
 
+
 def get_members_display(roles, permissions):
     """
     Determines the display name for a user's member management permissions.
@@ -172,6 +176,7 @@ def get_members_display(roles, permissions):
     else:
         return "No access"
 
+
 def validate_user_portfolio_permission(user_portfolio_permission):
     """
     Validates a UserPortfolioPermission instance. Located in portfolio_helper to avoid circular imports
diff --git a/src/registrar/tests/test_email_invitations.py b/src/registrar/tests/test_email_invitations.py
index 77a8c402f..20ac4a565 100644
--- a/src/registrar/tests/test_email_invitations.py
+++ b/src/registrar/tests/test_email_invitations.py
@@ -16,6 +16,7 @@ from registrar.utility.email_invitations import (
     send_portfolio_admin_addition_emails,
     send_portfolio_admin_removal_emails,
     send_portfolio_invitation_email,
+    send_portfolio_member_permission_update_email,
 )
 
 from api.tests.common import less_console_noise_decorator
@@ -522,7 +523,6 @@ class PortfolioInvitationEmailTests(unittest.TestCase):
         "registrar.utility.email_invitations._get_requestor_email",
         side_effect=MissingEmailError("Requestor has no email"),
     )
-    @less_console_noise_decorator
     def test_send_portfolio_invitation_email_missing_requestor_email(self, mock_get_email):
         """Test when requestor has no email"""
         is_admin_invitation = False
@@ -888,3 +888,77 @@ class SendPortfolioAdminRemovalEmailsTests(unittest.TestCase):
         mock_get_requestor_email.assert_called_once_with(self.requestor, portfolio=self.portfolio)
         mock_send_removal_emails.assert_called_once_with(self.email, self.requestor.email, self.portfolio)
         self.assertFalse(result)
+
+
+class TestSendPortfolioMemberPermissionUpdateEmail(unittest.TestCase):
+    """Unit tests for send_portfolio_member_permission_update_email function."""
+
+    @patch("registrar.utility.email_invitations.send_templated_email")
+    @patch("registrar.utility.email_invitations._get_requestor_email")
+    def test_send_email_success(self, mock_get_requestor_email, mock_send_email):
+        """Test that the email is sent successfully when there are no errors."""
+        # Mock data
+        requestor = MagicMock()
+        permissions = MagicMock(spec=UserPortfolioPermission)
+        permissions.user.email = "user@example.com"
+        permissions.portfolio.organization_name = "Test Portfolio"
+
+        mock_get_requestor_email.return_value = "requestor@example.com"
+
+        # Call function
+        result = send_portfolio_member_permission_update_email(requestor, permissions)
+
+        # Assertions
+        mock_get_requestor_email.assert_called_once_with(requestor, portfolio=permissions.portfolio)
+        mock_send_email.assert_called_once_with(
+            "emails/portfolio_update.txt",
+            "emails/portfolio_update_subject.txt",
+            to_address="user@example.com",
+            context={
+                "requested_user": permissions.user,
+                "portfolio": permissions.portfolio,
+                "requestor_email": "requestor@example.com",
+                "permissions": permissions,
+            },
+        )
+        self.assertTrue(result)
+
+    @patch("registrar.utility.email_invitations.send_templated_email", side_effect=EmailSendingError("Email failed"))
+    @patch("registrar.utility.email_invitations._get_requestor_email")
+    @patch("registrar.utility.email_invitations.logger")
+    def test_send_email_failure(self, mock_logger, mock_get_requestor_email, mock_send_email):
+        """Test that the function returns False and logs an error when email sending fails."""
+        # Mock data
+        requestor = MagicMock()
+        permissions = MagicMock(spec=UserPortfolioPermission)
+        permissions.user.email = "user@example.com"
+        permissions.portfolio.organization_name = "Test Portfolio"
+
+        mock_get_requestor_email.return_value = "requestor@example.com"
+
+        # Call function
+        result = send_portfolio_member_permission_update_email(requestor, permissions)
+
+        # Assertions
+        mock_logger.warning.assert_called_once_with(
+            "Could not send email organization member update notification to %s for portfolio: %s",
+            permissions.user.email,
+            permissions.portfolio.organization_name,
+            exc_info=True,
+        )
+        self.assertFalse(result)
+
+    @patch("registrar.utility.email_invitations._get_requestor_email", side_effect=Exception("Unexpected error"))
+    @patch("registrar.utility.email_invitations.logger")
+    def test_requestor_email_retrieval_failure(self, mock_logger, mock_get_requestor_email):
+        """Test that an exception in retrieving requestor email is logged."""
+        # Mock data
+        requestor = MagicMock()
+        permissions = MagicMock(spec=UserPortfolioPermission)
+
+        # Call function
+        with self.assertRaises(Exception):
+            send_portfolio_member_permission_update_email(requestor, permissions)
+
+        # Assertions
+        mock_logger.warning.assert_not_called()  # Function should fail before logging email failure
diff --git a/src/registrar/utility/email_invitations.py b/src/registrar/utility/email_invitations.py
index ed057a41b..d206bf279 100644
--- a/src/registrar/utility/email_invitations.py
+++ b/src/registrar/utility/email_invitations.py
@@ -225,6 +225,7 @@ def send_portfolio_invitation_email(email: str, requestor, portfolio, is_admin_i
         )
     return all_admin_emails_sent
 
+
 def send_portfolio_member_permission_update_email(requestor, permissions: UserPortfolioPermission):
     """
     Sends an email notification to a portfolio member when their permissions are updated.
@@ -234,7 +235,7 @@ def send_portfolio_member_permission_update_email(requestor, permissions: UserPo
 
     Args:
         requestor (User): The user initiating the permission update.
-        permissions (UserPortfolioPermission): The updated permissions object containing the affected user 
+        permissions (UserPortfolioPermission): The updated permissions object containing the affected user
                                               and the portfolio details.
 
     Returns:
@@ -254,18 +255,19 @@ def send_portfolio_member_permission_update_email(requestor, permissions: UserPo
                 "portfolio": permissions.portfolio,
                 "requestor_email": requestor_email,
                 "permissions": permissions,
-            }
+            },
         )
-    except EmailSendingError as err:
+    except EmailSendingError:
         logger.warning(
             "Could not send email organization member update notification to %s " "for portfolio: %s",
-                permissions.user.email,
-                permissions.portfolio.organization_name,
-                exc_info=True,
-            )
+            permissions.user.email,
+            permissions.portfolio.organization_name,
+            exc_info=True,
+        )
         return False
     return True
 
+
 def send_portfolio_admin_addition_emails(email: str, requestor, portfolio: Portfolio):
     """
     Notifies all portfolio admins of the provided portfolio of a newly invited portfolio admin
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index e2d031fca..d63b5964e 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -215,8 +215,7 @@ class PortfolioMemberEditView(PortfolioMemberEditPermissionView, View):
             try:
                 if form.is_change():
                     if not send_portfolio_member_permission_update_email(
-                        requestor=request.user,
-                        permissions=form.instance
+                        requestor=request.user, permissions=form.instance
                     ):
                         messages.warning(self.request, f"Could not send email notification to {user.email}.")
                 if form.is_change_from_member_to_admin():

From f5ef2002169a68be0beff835b11729e1b50800bf Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 5 Feb 2025 18:27:16 -0500
Subject: [PATCH 04/81] updated tests

---
 src/registrar/forms/portfolio.py            |   4 +-
 src/registrar/tests/test_views_portfolio.py | 113 ++++++++++++++++----
 2 files changed, 95 insertions(+), 22 deletions(-)

diff --git a/src/registrar/forms/portfolio.py b/src/registrar/forms/portfolio.py
index a81f9d1e7..3a9074b2d 100644
--- a/src/registrar/forms/portfolio.py
+++ b/src/registrar/forms/portfolio.py
@@ -351,8 +351,8 @@ class BasePortfolioMemberForm(forms.ModelForm):
         new_roles = set(self.cleaned_data.get("roles", []))
 
         # Compare additional permissions values
-        previous_permissions = set(self.initial.get("additional_permissions", []))
-        new_permissions = set(self.cleaned_data.get("additional_permissions", []))
+        previous_permissions = set(self.initial.get("additional_permissions") or [])
+        new_permissions = set(self.cleaned_data.get("additional_permissions") or [])
 
         return previous_roles != new_roles or previous_permissions != new_permissions
 
diff --git a/src/registrar/tests/test_views_portfolio.py b/src/registrar/tests/test_views_portfolio.py
index 0c7c56e74..65e0350ee 100644
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@@ -3891,7 +3891,10 @@ class TestPortfolioMemberEditView(WebTest):
     @override_flag("organization_members", active=True)
     @patch("registrar.views.portfolios.send_portfolio_admin_addition_emails")
     @patch("registrar.views.portfolios.send_portfolio_admin_removal_emails")
-    def test_edit_member_permissions_basic_to_admin(self, mock_send_removal_emails, mock_send_addition_emails):
+    @patch("registrar.views.portfolios.send_portfolio_member_permission_update_email")
+    def test_edit_member_permissions_basic_to_admin(
+        self, mock_send_update_email, mock_send_removal_emails, mock_send_addition_emails
+    ):
         """Tests converting a basic member to admin with full permissions."""
         self.client.force_login(self.user)
 
@@ -3906,6 +3909,7 @@ class TestPortfolioMemberEditView(WebTest):
 
         # return indicator that notification emails sent successfully
         mock_send_addition_emails.return_value = True
+        mock_send_update_email.return_value = True
 
         response = self.client.post(
             reverse("member-permissions", kwargs={"pk": basic_permission.id}),
@@ -3925,6 +3929,8 @@ class TestPortfolioMemberEditView(WebTest):
         mock_send_addition_emails.assert_called_once()
         # assert removal emails are not sent
         mock_send_removal_emails.assert_not_called()
+        # assert update email sent
+        mock_send_update_email.assert_called_once()
 
         # Get the arguments passed to send_portfolio_admin_addition_emails
         _, called_kwargs = mock_send_addition_emails.call_args
@@ -3934,14 +3940,22 @@ class TestPortfolioMemberEditView(WebTest):
         self.assertEqual(called_kwargs["requestor"], self.user)
         self.assertEqual(called_kwargs["portfolio"], self.portfolio)
 
+        # Get the arguments passed to send_portfolio_member_permission_update_email
+        _, called_kwargs = mock_send_update_email.call_args
+
+        # Assert the update notification email content
+        self.assertEqual(called_kwargs["requestor"], self.user)
+        self.assertEqual(called_kwargs["permissions"], basic_permission)
+
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)
     @override_flag("organization_members", active=True)
     @patch("django.contrib.messages.warning")
     @patch("registrar.views.portfolios.send_portfolio_admin_addition_emails")
     @patch("registrar.views.portfolios.send_portfolio_admin_removal_emails")
+    @patch("registrar.views.portfolios.send_portfolio_member_permission_update_email")
     def test_edit_member_permissions_basic_to_admin_notification_fails(
-        self, mock_send_removal_emails, mock_send_addition_emails, mock_messages_warning
+        self, mock_send_update_email, mock_send_removal_emails, mock_send_addition_emails, mock_messages_warning
     ):
         """Tests converting a basic member to admin with full permissions.
         Handle when notification emails fail to send."""
@@ -3958,6 +3972,7 @@ class TestPortfolioMemberEditView(WebTest):
 
         # At least one notification email failed to send
         mock_send_addition_emails.return_value = False
+        mock_send_update_email.return_value = False
 
         response = self.client.post(
             reverse("member-permissions", kwargs={"pk": basic_permission.id}),
@@ -3977,6 +3992,8 @@ class TestPortfolioMemberEditView(WebTest):
         mock_send_addition_emails.assert_called_once()
         # assert no removal emails are sent
         mock_send_removal_emails.assert_not_called()
+        # assert update email sent
+        mock_send_update_email.assert_called_once()
 
         # Get the arguments passed to send_portfolio_admin_addition_emails
         _, called_kwargs = mock_send_addition_emails.call_args
@@ -3986,18 +4003,32 @@ class TestPortfolioMemberEditView(WebTest):
         self.assertEqual(called_kwargs["requestor"], self.user)
         self.assertEqual(called_kwargs["portfolio"], self.portfolio)
 
-        # Assert warning message is called correctly
-        mock_messages_warning.assert_called_once()
-        warning_args, _ = mock_messages_warning.call_args
-        self.assertIsInstance(warning_args[0], WSGIRequest)
-        self.assertEqual(warning_args[1], "Could not send email notification to existing organization admins.")
+        # Get the arguments passed to send_portfolio_member_permission_update_email
+        _, called_kwargs = mock_send_update_email.call_args
+
+        # Assert the update notification email content
+        self.assertEqual(called_kwargs["requestor"], self.user)
+        self.assertEqual(called_kwargs["permissions"], basic_permission)
+
+        # Assert that messages.warning is called twice
+        self.assertEqual(mock_messages_warning.call_count, 2)
+
+        # Extract the actual messages sent
+        warning_messages = [call_args[0][1] for call_args in mock_messages_warning.call_args_list]
+
+        # Check for the expected messages
+        self.assertIn("Could not send email notification to existing organization admins.", warning_messages)
+        self.assertIn(f"Could not send email notification to {basic_member.email}.", warning_messages)
 
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)
     @override_flag("organization_members", active=True)
     @patch("registrar.views.portfolios.send_portfolio_admin_addition_emails")
     @patch("registrar.views.portfolios.send_portfolio_admin_removal_emails")
-    def test_edit_member_permissions_admin_to_admin(self, mock_send_removal_emails, mock_send_addition_emails):
+    @patch("registrar.views.portfolios.send_portfolio_member_permission_update_email")
+    def test_edit_member_permissions_admin_to_admin(
+        self, mock_send_update_email, mock_send_removal_emails, mock_send_addition_emails
+    ):
         """Tests updating an admin without changing permissions."""
         self.client.force_login(self.user)
 
@@ -4007,6 +4038,7 @@ class TestPortfolioMemberEditView(WebTest):
             user=admin_member,
             portfolio=self.portfolio,
             roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
+            additional_permissions=[],
         )
 
         response = self.client.post(
@@ -4019,16 +4051,20 @@ class TestPortfolioMemberEditView(WebTest):
         # Verify redirect and success message
         self.assertEqual(response.status_code, 302)
 
-        # assert addition and removal emails are not sent to portfolio admins
+        # assert update, addition and removal emails are not sent to portfolio admins
         mock_send_addition_emails.assert_not_called()
         mock_send_removal_emails.assert_not_called()
+        mock_send_update_email.assert_not_called()
 
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)
     @override_flag("organization_members", active=True)
     @patch("registrar.views.portfolios.send_portfolio_admin_addition_emails")
     @patch("registrar.views.portfolios.send_portfolio_admin_removal_emails")
-    def test_edit_member_permissions_basic_to_basic(self, mock_send_removal_emails, mock_send_addition_emails):
+    @patch("registrar.views.portfolios.send_portfolio_member_permission_update_email")
+    def test_edit_member_permissions_basic_to_basic(
+        self, mock_send_update_email, mock_send_removal_emails, mock_send_addition_emails
+    ):
         """Tests updating an admin without changing permissions."""
         self.client.force_login(self.user)
 
@@ -4041,6 +4077,8 @@ class TestPortfolioMemberEditView(WebTest):
             additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS],
         )
 
+        mock_send_update_email.return_value = True
+
         response = self.client.post(
             reverse("member-permissions", kwargs={"pk": basic_permission.id}),
             {
@@ -4057,13 +4095,25 @@ class TestPortfolioMemberEditView(WebTest):
         # assert addition and removal emails are not sent to portfolio admins
         mock_send_addition_emails.assert_not_called()
         mock_send_removal_emails.assert_not_called()
+        # assert update email is sent to updated member
+        mock_send_update_email.assert_called_once()
+
+        # Get the arguments passed to send_portfolio_member_permission_update_email
+        _, called_kwargs = mock_send_update_email.call_args
+
+        # Assert the email content
+        self.assertEqual(called_kwargs["requestor"], self.user)
+        self.assertEqual(called_kwargs["permissions"], basic_permission)
 
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)
     @override_flag("organization_members", active=True)
     @patch("registrar.views.portfolios.send_portfolio_admin_addition_emails")
     @patch("registrar.views.portfolios.send_portfolio_admin_removal_emails")
-    def test_edit_member_permissions_admin_to_basic(self, mock_send_removal_emails, mock_send_addition_emails):
+    @patch("registrar.views.portfolios.send_portfolio_member_permission_update_email")
+    def test_edit_member_permissions_admin_to_basic(
+        self, mock_send_update_email, mock_send_removal_emails, mock_send_addition_emails
+    ):
         """Tests converting an admin to basic member."""
         self.client.force_login(self.user)
 
@@ -4074,8 +4124,9 @@ class TestPortfolioMemberEditView(WebTest):
             portfolio=self.portfolio,
             roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
         )
-
+        print(admin_permission)
         mock_send_removal_emails.return_value = True
+        mock_send_update_email.return_value = True
 
         response = self.client.post(
             reverse("member-permissions", kwargs={"pk": admin_permission.id}),
@@ -4094,7 +4145,8 @@ class TestPortfolioMemberEditView(WebTest):
         admin_permission.refresh_from_db()
         self.assertEqual(admin_permission.roles, [UserPortfolioRoleChoices.ORGANIZATION_MEMBER])
 
-        # assert removal emails are sent to portfolio admins
+        # assert removal emails and update email are sent to portfolio admins
+        mock_send_update_email.assert_called_once()
         mock_send_addition_emails.assert_not_called()
         mock_send_removal_emails.assert_called_once()
 
@@ -4106,14 +4158,22 @@ class TestPortfolioMemberEditView(WebTest):
         self.assertEqual(called_kwargs["requestor"], self.user)
         self.assertEqual(called_kwargs["portfolio"], self.portfolio)
 
+        # Get the arguments passed to send_portfolio_member_permission_update_email
+        _, called_kwargs = mock_send_update_email.call_args
+
+        # Assert the email content
+        self.assertEqual(called_kwargs["requestor"], self.user)
+        self.assertEqual(called_kwargs["permissions"], admin_permission)
+
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)
     @override_flag("organization_members", active=True)
     @patch("django.contrib.messages.warning")
     @patch("registrar.views.portfolios.send_portfolio_admin_addition_emails")
     @patch("registrar.views.portfolios.send_portfolio_admin_removal_emails")
+    @patch("registrar.views.portfolios.send_portfolio_member_permission_update_email")
     def test_edit_member_permissions_admin_to_basic_notification_fails(
-        self, mock_send_removal_emails, mock_send_addition_emails, mock_messages_warning
+        self, mock_send_update_email, mock_send_removal_emails, mock_send_addition_emails, mock_messages_warning
     ):
         """Tests converting an admin to basic member."""
         self.client.force_login(self.user)
@@ -4129,6 +4189,7 @@ class TestPortfolioMemberEditView(WebTest):
 
         # False return indicates that at least one notification email failed to send
         mock_send_removal_emails.return_value = False
+        mock_send_update_email.return_value = False
 
         response = self.client.post(
             reverse("member-permissions", kwargs={"pk": admin_permission.id}),
@@ -4147,9 +4208,10 @@ class TestPortfolioMemberEditView(WebTest):
         admin_permission.refresh_from_db()
         self.assertEqual(admin_permission.roles, [UserPortfolioRoleChoices.ORGANIZATION_MEMBER])
 
-        # assert removal emails are sent to portfolio admins
+        # assert update email and removal emails are sent to portfolio admins
         mock_send_addition_emails.assert_not_called()
         mock_send_removal_emails.assert_called_once()
+        mock_send_update_email.assert_called_once()
 
         # Get the arguments passed to send_portfolio_admin_removal_emails
         _, called_kwargs = mock_send_removal_emails.call_args
@@ -4159,11 +4221,22 @@ class TestPortfolioMemberEditView(WebTest):
         self.assertEqual(called_kwargs["requestor"], self.user)
         self.assertEqual(called_kwargs["portfolio"], self.portfolio)
 
-        # Assert warning message is called correctly
-        mock_messages_warning.assert_called_once()
-        warning_args, _ = mock_messages_warning.call_args
-        self.assertIsInstance(warning_args[0], WSGIRequest)
-        self.assertEqual(warning_args[1], "Could not send email notification to existing organization admins.")
+        # Get the arguments passed to send_portfolio_member_permission_update_email
+        _, called_kwargs = mock_send_update_email.call_args
+
+        # Assert the email content
+        self.assertEqual(called_kwargs["requestor"], self.user)
+        self.assertEqual(called_kwargs["permissions"], admin_permission)
+
+        # Assert that messages.warning is called twice
+        self.assertEqual(mock_messages_warning.call_count, 2)
+
+        # Extract the actual messages sent
+        warning_messages = [call_args[0][1] for call_args in mock_messages_warning.call_args_list]
+
+        # Check for the expected messages
+        self.assertIn("Could not send email notification to existing organization admins.", warning_messages)
+        self.assertIn(f"Could not send email notification to {admin_member.email}.", warning_messages)
 
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)

From 67ab988d1ee1ce8c4067cadda6d5c83f3c8fb90d Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Wed, 5 Feb 2025 22:50:01 -0700
Subject: [PATCH 05/81] removed role column

---
 .../admin/includes/portfolio/portfolio_members_table.html   | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/registrar/templates/django/admin/includes/portfolio/portfolio_members_table.html b/src/registrar/templates/django/admin/includes/portfolio/portfolio_members_table.html
index d07e5abf4..6624be95d 100644
--- a/src/registrar/templates/django/admin/includes/portfolio/portfolio_members_table.html
+++ b/src/registrar/templates/django/admin/includes/portfolio/portfolio_members_table.html
@@ -10,7 +10,6 @@
                 <th>Title</th>
                 <th>Email</th>
                 <th>Phone</th>
-                <th>Roles</th>
                 <th>Action</th>
             </tr>
         </thead>
@@ -28,11 +27,6 @@
                     {% endif %}
                 </td>
                 <td>{{ member.user.phone }}</td>
-                <td>
-                    {% for role in member.user|portfolio_role_summary:original %}
-                        <span class="usa-tag bg-primary-dark text-semibold">{{ role }}</span>
-                    {% endfor %}
-                </td>
                 <td class="padding-left-1 text-size-small">
                     {% if member.user.email %}
                     <input aria-hidden="true" class="display-none" value="{{ member.user.email }}" />

From 5de149394932407d49a0002c0592fed22ac3bfa6 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 6 Feb 2025 17:10:53 -0500
Subject: [PATCH 06/81] Change sort icon and sort header ui

---
 src/registrar/assets/js/uswds-edited.js       | 20 +++++++++-
 .../assets/src/js/getgov/formset-forms.js     |  1 +
 .../assets/src/sass/_theme/_tables.scss       | 39 ++++++++++++++-----
 3 files changed, 49 insertions(+), 11 deletions(-)

diff --git a/src/registrar/assets/js/uswds-edited.js b/src/registrar/assets/js/uswds-edited.js
index 9d4dd2e51..ae246b05c 100644
--- a/src/registrar/assets/js/uswds-edited.js
+++ b/src/registrar/assets/js/uswds-edited.js
@@ -5695,19 +5695,35 @@ const createHeaderButton = (header, headerName) => {
   buttonEl.setAttribute("tabindex", "0");
   buttonEl.classList.add(SORT_BUTTON_CLASS);
   // ICON_SOURCE
+  // ---- END DOTGOV EDIT
+  // Change icons on sort, use source from arro_upward and arrow_downward
+  // buttonEl.innerHTML = Sanitizer.escapeHTML`
+  // <svg class="${PREFIX}-icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+  //   <g class="descending" fill="transparent">
+  //     <path d="M17 17L15.59 15.59L12.9999 18.17V2H10.9999V18.17L8.41 15.58L7 17L11.9999 22L17 17Z" />
+  //   </g>
+  //   <g class="ascending" fill="transparent">
+  //     <path transform="rotate(180, 12, 12)" d="M17 17L15.59 15.59L12.9999 18.17V2H10.9999V18.17L8.41 15.58L7 17L11.9999 22L17 17Z" />
+  //   </g>
+  //   <g class="unsorted" fill="transparent">
+  //     <polygon points="15.17 15 13 17.17 13 6.83 15.17 9 16.58 7.59 12 3 7.41 7.59 8.83 9 11 6.83 11 17.17 8.83 15 7.42 16.41 12 21 16.59 16.41 15.17 15"/>
+  //   </g>
+  // </svg>
+  // `;
   buttonEl.innerHTML = Sanitizer.escapeHTML`
   <svg class="${PREFIX}-icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
     <g class="descending" fill="transparent">
-      <path d="M17 17L15.59 15.59L12.9999 18.17V2H10.9999V18.17L8.41 15.58L7 17L11.9999 22L17 17Z" />
+      <path d="m20 12-1.41-1.41L13 16.17V4h-2v12.17l-5.58-5.59L4 12l8 8 8-8z"/>
     </g>
     <g class="ascending" fill="transparent">
-      <path transform="rotate(180, 12, 12)" d="M17 17L15.59 15.59L12.9999 18.17V2H10.9999V18.17L8.41 15.58L7 17L11.9999 22L17 17Z" />
+      <path d="m4 12 1.41 1.41L11 7.83V20h2V7.83l5.58 5.59L20 12l-8-8-8 8z"/>
     </g>
     <g class="unsorted" fill="transparent">
       <polygon points="15.17 15 13 17.17 13 6.83 15.17 9 16.58 7.59 12 3 7.41 7.59 8.83 9 11 6.83 11 17.17 8.83 15 7.42 16.41 12 21 16.59 16.41 15.17 15"/>
     </g>
   </svg>
   `;
+  // ---- END DOTGOV EDIT
   header.appendChild(buttonEl);
   updateSortLabel(header, headerName);
 };
diff --git a/src/registrar/assets/src/js/getgov/formset-forms.js b/src/registrar/assets/src/js/getgov/formset-forms.js
index 27b85212e..faad54639 100644
--- a/src/registrar/assets/src/js/getgov/formset-forms.js
+++ b/src/registrar/assets/src/js/getgov/formset-forms.js
@@ -208,6 +208,7 @@ function hideDeletedForms() {
  * it everywhere.
  */
 export function initFormsetsForms() {
+  console.log('init formsets');
   let formIdentifier = "form"
   let repeatableForm = document.querySelectorAll(".repeatable-form");
   let container = document.querySelector("#form-container");
diff --git a/src/registrar/assets/src/sass/_theme/_tables.scss b/src/registrar/assets/src/sass/_theme/_tables.scss
index 37ae22b1b..d13cb8b0a 100644
--- a/src/registrar/assets/src/sass/_theme/_tables.scss
+++ b/src/registrar/assets/src/sass/_theme/_tables.scss
@@ -1,4 +1,5 @@
 @use "uswds-core" as *;
+@use "cisa_colors" as *;
 
 td,
 th {
@@ -68,7 +69,9 @@ th {
       border-bottom: 1px solid color('base-lighter');
     }
 
-    thead th {
+    thead th,
+    thead th[aria-sort],
+    thead th[aria-sort] {
       color: color('primary-darker');
       border-bottom: 2px solid color('base-light');
     }
@@ -93,17 +96,35 @@ th {
     }
   }
 
-  @include at-media(tablet-lg) {
-    th[data-sortable] .usa-table__header__button {
-      right: auto;
-  
-      &[aria-sort=ascending],
-      &[aria-sort=descending],
-      &:not([aria-sort]) {
-        right: auto;
+  th[aria-sort],
+  th[data-sortable][aria-sort=ascending],
+  th[data-sortable][aria-sort=descending] {
+    background-color: transparent;
+    .usa-table__header__button {
+      background-color: rgba(214, 233, 242, 0.6);
+      background-color: $theme-color-accent-cool-lightest;
+      border-radius: 4px;
+      // position: relative;
+      // left: 4px;
+      // top: 16px;
+      color: color('primary-darker');
+      
+      &:hover {
+        background-color: rgba(214, 233, 242, 0.6);
       }
     }
   }
+
+  @include at-media(tablet-lg) {
+    th[data-sortable] .usa-table__header__button,
+    th[data-sortable] .usa-table__header__button:not([aria-sort]),
+    th[data-sortable][aria-sort=ascending] .usa-table__header__button,
+    th[data-sortable][aria-sort=descending] .usa-table__header__button {
+      right: auto;
+      top: 12px;
+      transform: translateX(10px);
+    }
+  }
 }
 
 .dotgov-table--cell-padding-2 {

From ec9df83154565e8d1ae74e4cbeed4ba6594b0454 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 6 Feb 2025 20:01:15 -0500
Subject: [PATCH 07/81] Finish tweaking the UI

---
 .../assets/src/sass/_theme/_tables.scss       | 49 ++++++++++---------
 1 file changed, 26 insertions(+), 23 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_tables.scss b/src/registrar/assets/src/sass/_theme/_tables.scss
index d13cb8b0a..4b9ccbb8a 100644
--- a/src/registrar/assets/src/sass/_theme/_tables.scss
+++ b/src/registrar/assets/src/sass/_theme/_tables.scss
@@ -1,5 +1,4 @@
 @use "uswds-core" as *;
-@use "cisa_colors" as *;
 
 td,
 th {
@@ -42,13 +41,8 @@ th {
   }
 }
 
-// The member table has an extra "expand" row, which looks like a single row.
-// But the DOM disagrees - so we basically need to hide the border on both rows.
-#members__table-wrapper .dotgov-table tr:nth-last-child(2) td,
-#members__table-wrapper .dotgov-table tr:nth-last-child(2) th {
-  border-bottom: none;
-}
-
+// .dotgov-table allows us to customize .usa-table on the user-facing pages,
+// while leaving the default styles for use on the admin pages
 .dotgov-table {
   width: 100%;
 
@@ -96,35 +90,44 @@ th {
     }
   }
 
-  th[aria-sort],
+  // Sortable headers
   th[data-sortable][aria-sort=ascending],
   th[data-sortable][aria-sort=descending] {
     background-color: transparent;
     .usa-table__header__button {
-      background-color: rgba(214, 233, 242, 0.6);
-      background-color: $theme-color-accent-cool-lightest;
-      border-radius: 4px;
-      // position: relative;
-      // left: 4px;
-      // top: 16px;
+      background-color: color('accent-cool-lightest');
+      border-radius: units(.5);
       color: color('primary-darker');
-      
       &:hover {
-        background-color: rgba(214, 233, 242, 0.6);
+        background-color: color('accent-cool-lightest');
       }
     }
   }
-
   @include at-media(tablet-lg) {
     th[data-sortable] .usa-table__header__button,
-    th[data-sortable] .usa-table__header__button:not([aria-sort]),
-    th[data-sortable][aria-sort=ascending] .usa-table__header__button,
-    th[data-sortable][aria-sort=descending] .usa-table__header__button {
+    th[data-sortable] .usa-table__header__button:not([aria-sort]) {
+      // position next to the copy
       right: auto;
-      top: 12px;
-      transform: translateX(10px);
+      // slide left to mock a margin between the copy and the icon
+      transform: translateX(units(1));
+      // fix vertical alignment
+      top: units(1.5);
     }
   }
+
+  // Currently the 'flash' when sort is clicked,
+  // this will become persistent if the double-sort bug is fixed
+  td[data-sort-active],
+  th[data-sort-active] {
+    background-color: color('primary-lightest');
+  }
+}
+
+// The member table has an extra "expand" row, which looks like a single row.
+// But the DOM disagrees - so we basically need to hide the border on both rows.
+#members__table-wrapper .dotgov-table tr:nth-last-child(2) td,
+#members__table-wrapper .dotgov-table tr:nth-last-child(2) th {
+  border-bottom: none;
 }
 
 .dotgov-table--cell-padding-2 {

From 1ca3fba2f74f1065e40c7ad8145978595bdc9763 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 6 Feb 2025 20:04:29 -0500
Subject: [PATCH 08/81] cleanup

---
 src/registrar/assets/src/js/getgov/formset-forms.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/registrar/assets/src/js/getgov/formset-forms.js b/src/registrar/assets/src/js/getgov/formset-forms.js
index faad54639..27b85212e 100644
--- a/src/registrar/assets/src/js/getgov/formset-forms.js
+++ b/src/registrar/assets/src/js/getgov/formset-forms.js
@@ -208,7 +208,6 @@ function hideDeletedForms() {
  * it everywhere.
  */
 export function initFormsetsForms() {
-  console.log('init formsets');
   let formIdentifier = "form"
   let repeatableForm = document.querySelectorAll(".repeatable-form");
   let container = document.querySelector("#form-container");

From f28ec7cf74d132eab38f328a179f9858b7706091 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 6 Feb 2025 20:06:54 -0500
Subject: [PATCH 09/81] cleanup

---
 src/registrar/assets/src/sass/_theme/_tables.scss | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/registrar/assets/src/sass/_theme/_tables.scss b/src/registrar/assets/src/sass/_theme/_tables.scss
index 4b9ccbb8a..d67b08041 100644
--- a/src/registrar/assets/src/sass/_theme/_tables.scss
+++ b/src/registrar/assets/src/sass/_theme/_tables.scss
@@ -64,7 +64,6 @@ th {
     }
 
     thead th,
-    thead th[aria-sort],
     thead th[aria-sort] {
       color: color('primary-darker');
       border-bottom: 2px solid color('base-light');

From 456947e53f1454e7eb5fb145cd95d114d665f789 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Fri, 7 Feb 2025 10:06:05 -0700
Subject: [PATCH 10/81] Add table to each

---
 src/registrar/templates/admin/analytics.html  | 63 ++++++++++++++++++-
 .../admin/analytics_graph_table.html          | 62 ++++++++++++++++++
 2 files changed, 122 insertions(+), 3 deletions(-)
 create mode 100644 src/registrar/templates/admin/analytics_graph_table.html

diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 7c1a09c78..528a20297 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -120,7 +120,7 @@
             </li>
           </ul>
 
-          <div class="grid-row grid-gap-2 margin-y-2">
+          <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
             <div class="grid-col">
               <canvas id="myChart1" width="400" height="200"
                 aria-label="Chart: {{ data.managed_domains_sliced_at_end_date.0 }} managed domains for {{ data.end_date }}"
@@ -144,8 +144,27 @@
             </canvas>
             </div>
           </div>
+          
+          <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for managed domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                    {% include "admin/analytics_graph_table.html" with data=None %}
+                </div>
+              </details>
+            </div>
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for unmanaged domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                    {% include "admin/analytics_graph_table.html" with data=None %}
+                </div>
+              </details>
+            </div>
+          </div>
 
-          <div class="grid-row grid-gap-2 margin-y-2">
+          <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
             <div class="grid-col">
               <canvas id="myChart3" width="400" height="200"
                 aria-label="Chart: {{ data.deleted_domains_sliced_at_end_date.0 }} deleted domains for {{ data.end_date }}"
@@ -170,7 +189,26 @@
             </div>
           </div>
 
-          <div class="grid-row grid-gap-2 margin-y-2">
+          <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for deleted domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                    {% include "admin/analytics_graph_table.html" with data=None %}
+                </div>
+              </details>
+            </div>
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for ready domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                    {% include "admin/analytics_graph_table.html" with data=None %}
+                </div>
+              </details>
+            </div>
+          </div>
+
+          <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
             <div class="grid-col">
               <canvas id="myChart5" width="400" height="200"
                 aria-label="Chart: {{ data.submitted_requests_sliced_at_end_date.0 }} submitted requests for {{ data.end_date }}"
@@ -195,6 +233,25 @@
             </div>
           </div>
 
+          <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for submitted requests</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                    {% include "admin/analytics_graph_table.html" with data=None %}
+                </div>
+              </details>
+            </div>
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for all requests</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                    {% include "admin/analytics_graph_table.html" with data=None %}
+                </div>
+              </details>
+            </div>
+          </div>
+
         </div>
       </div>
     </div>
diff --git a/src/registrar/templates/admin/analytics_graph_table.html b/src/registrar/templates/admin/analytics_graph_table.html
new file mode 100644
index 000000000..c339c63c2
--- /dev/null
+++ b/src/registrar/templates/admin/analytics_graph_table.html
@@ -0,0 +1,62 @@
+{{ data }}
+<table>
+    <thead>
+        <tr>
+            <th>Type</th>
+            <th>For start date</th>
+            <th>for end date</th>
+        <tr>
+    </thead>
+    <tbody>
+        <tr>
+            <th class="padding-left-1" scope="row">Total</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">Federal</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">Interstate</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">State/Territory</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">Tribal</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">County</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">City</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">Special District</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">School District</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+        <tr>
+            <th class="padding-left-1" scope="row">Election Board</th>
+            <td class="padding-left-1">data</td>
+            <td class="padding-left-1">data</td>
+        </tr>
+    </tbody>
+</table>
\ No newline at end of file

From 499c8082b3086f882fe1e3629b4c0d5e40178c62 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Fri, 7 Feb 2025 11:06:38 -0700
Subject: [PATCH 11/81] Add tables

---
 src/registrar/templates/admin/analytics.html  | 212 +++++++++---------
 .../admin/analytics_graph_table.html          |  70 ++----
 src/registrar/views/report_views.py           |  70 ++++--
 3 files changed, 170 insertions(+), 182 deletions(-)

diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 528a20297..014f948d1 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -122,136 +122,134 @@
 
           <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
             <div class="grid-col">
-              <canvas id="myChart1" width="400" height="200"
-                aria-label="Chart: {{ data.managed_domains_sliced_at_end_date.0 }} managed domains for {{ data.end_date }}"
-                role="img"
-                data-list-one="{{data.managed_domains_sliced_at_start_date}}"
-                data-list-two="{{data.managed_domains_sliced_at_end_date}}"
-              >
-                <h2>Chart: Managed domains</h2>
-                <p>{{ data.managed_domains_sliced_at_end_date.0 }} managed domains for {{ data.end_date }}</p>
-              </canvas>
+                <canvas id="myChart1" width="400" height="200"
+                    aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
+                    role="img"
+                    data-list-one="{{ data.managed_domains.start_date_count }}"
+                    data-list-two="{{ data.managed_domains.end_date_count }}"
+                >
+                    <h2>Chart: Managed domains</h2>
+                    <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
+                </canvas>
             </div>
             <div class="grid-col">
-              <canvas id="myChart2" width="400" height="200"
-                aria-label="Chart: {{ data.unmanaged_domains_sliced_at_end_date.0 }} unmanaged domains for {{ data.end_date }}"
-                role="img"
-                data-list-one="{{data.unmanaged_domains_sliced_at_start_date}}"
-                data-list-two="{{data.unmanaged_domains_sliced_at_end_date}}"
-              >
-                <h2>Chart: Unmanaged domains</h2>
-                <p>{{ data.unmanaged_domains_sliced_at_end_date.0 }} unmanaged domains for {{ data.end_date }}</p>
-            </canvas>
+                <canvas id="myChart2" width="400" height="200"
+                    aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
+                    role="img"
+                    data-list-one="{{ data.unmanaged_domains.start_date_count }}"
+                    data-list-two="{{ data.unmanaged_domains.end_date_count }}"
+                >
+                    <h2>Chart: Unmanaged domains</h2>
+                    <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
+                </canvas>
             </div>
-          </div>
-          
-          <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
+        </div>
+    
+        <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for managed domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                    {% include "admin/analytics_graph_table.html" with data=None %}
-                </div>
-              </details>
+                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for managed domains</summary>
+                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                        {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
+                    </div>
+                </details>
             </div>
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for unmanaged domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                    {% include "admin/analytics_graph_table.html" with data=None %}
-                </div>
-              </details>
+                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for unmanaged domains</summary>
+                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                        {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
+                    </div>
+                </details>
             </div>
-          </div>
-
-          <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
+        </div>
+    
+        <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
             <div class="grid-col">
-              <canvas id="myChart3" width="400" height="200"
-                aria-label="Chart: {{ data.deleted_domains_sliced_at_end_date.0 }} deleted domains for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{data.deleted_domains_sliced_at_start_date}}"
-                data-list-two="{{data.deleted_domains_sliced_at_end_date}}"
-              >
-                <h2>Chart: Deleted domains</h2>
-                <p>{{ data.deleted_domains_sliced_at_end_date.0 }} deleted domains for {{ data.end_date }}</p>
-            </canvas>
+                <canvas id="myChart3" width="400" height="200"
+                    aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
+                    role="img" 
+                    data-list-one="{{ data.deleted_domains.start_date_count }}"
+                    data-list-two="{{ data.deleted_domains.end_date_count }}"
+                >
+                    <h2>Chart: Deleted domains</h2>
+                    <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
+                </canvas>
             </div>
             <div class="grid-col">
-              <canvas id="myChart4" width="400" height="200"
-                aria-label="Chart: {{ data.ready_domains_sliced_at_end_date.0 }} ready domains for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{data.ready_domains_sliced_at_start_date}}"
-                data-list-two="{{data.ready_domains_sliced_at_end_date}}"
-              >
-                <h2>Chart: Ready domains</h2>
-                <p>{{ data.ready_domains_sliced_at_end_date.0 }} ready domains for {{ data.end_date }}</p>
-            </canvas>
+                <canvas id="myChart4" width="400" height="200"
+                    aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
+                    role="img" 
+                    data-list-one="{{ data.ready_domains.start_date_count }}"
+                    data-list-two="{{ data.ready_domains.end_date_count }}"
+                >
+                    <h2>Chart: Ready domains</h2>
+                    <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
+                </canvas>
             </div>
-          </div>
-
-          <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
+        </div>
+    
+        <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for deleted domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                    {% include "admin/analytics_graph_table.html" with data=None %}
-                </div>
-              </details>
+                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for deleted domains</summary>
+                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                        {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
+                    </div>
+                </details>
             </div>
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for ready domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                    {% include "admin/analytics_graph_table.html" with data=None %}
-                </div>
-              </details>
+                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for ready domains</summary>
+                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                        {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
+                    </div>
+                </details>
             </div>
-          </div>
-
-          <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
+        </div>
+    
+        <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
             <div class="grid-col">
-              <canvas id="myChart5" width="400" height="200"
-                aria-label="Chart: {{ data.submitted_requests_sliced_at_end_date.0 }} submitted requests for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{data.submitted_requests_sliced_at_start_date}}"
-                data-list-two="{{data.submitted_requests_sliced_at_end_date}}"
-              >
-                <h2>Chart: Submitted requests</h2>
-                <p>{{ data.submitted_requests_sliced_at_end_date.0 }} submitted requests for {{ data.end_date }}</p>
-            </canvas>
+                <canvas id="myChart5" width="400" height="200"
+                    aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
+                    role="img" 
+                    data-list-one="{{ data.submitted_requests.start_date_count }}"
+                    data-list-two="{{ data.submitted_requests.end_date_count }}"
+                >
+                    <h2>Chart: Submitted requests</h2>
+                    <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
+                </canvas>
             </div>
             <div class="grid-col">
-              <canvas id="myChart6" width="400" height="200"
-                aria-label="Chart: {{ data.requests_sliced_at_end_date.0 }} requests for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{data.requests_sliced_at_start_date}}"
-                data-list-two="{{data.requests_sliced_at_end_date}}"
-              >
-                <h2>Chart: All requests</h2>
-                <p>{{ data.requests_sliced_at_end_date.0 }} requests for {{ data.end_date }}</p>
-            </canvas>
+                <canvas id="myChart6" width="400" height="200"
+                    aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
+                    role="img" 
+                    data-list-one="{{ data.requests.start_date_count }}"
+                    data-list-two="{{ data.requests.end_date_count }}"
+                >
+                    <h2>Chart: All requests</h2>
+                    <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
+                </canvas>
             </div>
-          </div>
-
-          <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
+        </div>
+    
+        <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for submitted requests</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                    {% include "admin/analytics_graph_table.html" with data=None %}
-                </div>
-              </details>
+                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for submitted requests</summary>
+                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                        {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
+                    </div>
+                </details>
             </div>
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for all requests</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                    {% include "admin/analytics_graph_table.html" with data=None %}
-                </div>
-              </details>
+                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for all requests</summary>
+                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                        {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
+                    </div>
+                </details>
             </div>
-          </div>
-
         </div>
       </div>
     </div>
diff --git a/src/registrar/templates/admin/analytics_graph_table.html b/src/registrar/templates/admin/analytics_graph_table.html
index c339c63c2..58132d023 100644
--- a/src/registrar/templates/admin/analytics_graph_table.html
+++ b/src/registrar/templates/admin/analytics_graph_table.html
@@ -1,62 +1,26 @@
-{{ data }}
 <table>
     <thead>
         <tr>
             <th>Type</th>
-            <th>For start date</th>
-            <th>for end date</th>
+            <th>Start date {{ data.start_date }}</th>
+            <th>End date {{ data.end_date }} </th>
         <tr>
     </thead>
     <tbody>
-        <tr>
-            <th class="padding-left-1" scope="row">Total</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">Federal</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">Interstate</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">State/Territory</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">Tribal</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">County</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">City</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">Special District</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">School District</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
-        <tr>
-            <th class="padding-left-1" scope="row">Election Board</th>
-            <td class="padding-left-1">data</td>
-            <td class="padding-left-1">data</td>
-        </tr>
+        {% comment %} 
+        This ugly notation is equivalent to data.property_name.start_date_count.index.
+        Or represented in the pure python way: data[property_name]["start_date_count"][index]
+        {% endcomment %}
+        {% with start_counts=data|get_item:property_name|get_item:"start_date_count" end_counts=data|get_item:property_name|get_item:"end_date_count" %}
+            {% for org_count_type in data.org_count_types %}
+                {% with index=forloop.counter %}
+                    <tr>
+                        <th class="padding-left-1" scope="row">{{ org_count_type }}</th>
+                        <td class="padding-left-1">{{ start_counts|slice:index|last }}</td>
+                        <td class="padding-left-1">{{ end_counts|slice:index|last }}</td>
+                    </tr>
+                {% endwith %}
+            {% endfor %}
+        {% endwith %}
     </tbody>
 </table>
\ No newline at end of file
diff --git a/src/registrar/views/report_views.py b/src/registrar/views/report_views.py
index 1b9198c79..596e69a5c 100644
--- a/src/registrar/views/report_views.py
+++ b/src/registrar/views/report_views.py
@@ -126,28 +126,54 @@ class AnalyticsView(View):
             # include it in the larger context dictionary so it's available in the template rendering context.
             # This ensures that the admin interface styling and behavior are consistent with other admin pages.
             **admin.site.each_context(request),
-            data=dict(
-                user_count=models.User.objects.all().count(),
-                domain_count=models.Domain.objects.all().count(),
-                ready_domain_count=models.Domain.objects.filter(state=models.Domain.State.READY).count(),
-                last_30_days_applications=last_30_days_applications.count(),
-                last_30_days_approved_applications=last_30_days_approved_applications.count(),
-                average_application_approval_time_last_30_days=avg_approval_time_display,
-                managed_domains_sliced_at_start_date=managed_domains_sliced_at_start_date,
-                unmanaged_domains_sliced_at_start_date=unmanaged_domains_sliced_at_start_date,
-                managed_domains_sliced_at_end_date=managed_domains_sliced_at_end_date,
-                unmanaged_domains_sliced_at_end_date=unmanaged_domains_sliced_at_end_date,
-                ready_domains_sliced_at_start_date=ready_domains_sliced_at_start_date,
-                deleted_domains_sliced_at_start_date=deleted_domains_sliced_at_start_date,
-                ready_domains_sliced_at_end_date=ready_domains_sliced_at_end_date,
-                deleted_domains_sliced_at_end_date=deleted_domains_sliced_at_end_date,
-                requests_sliced_at_start_date=requests_sliced_at_start_date,
-                submitted_requests_sliced_at_start_date=submitted_requests_sliced_at_start_date,
-                requests_sliced_at_end_date=requests_sliced_at_end_date,
-                submitted_requests_sliced_at_end_date=submitted_requests_sliced_at_end_date,
-                start_date=start_date,
-                end_date=end_date,
-            ),
+            data={
+                # Tracks what kind of orgs we are keeping count of.
+                # Used for the details table beneath the graph.
+                "org_count_types": [
+                    "Total",
+                    "Federal",
+                    "Interstate",
+                    "State/Territory",
+                    "Tribal",
+                    "County",
+                    "City",
+                    "Special District",
+                    "School District",
+                    "Election Board",
+                ],
+                "user_count": models.User.objects.all().count(),
+                "domain_count": models.Domain.objects.all().count(),
+                "ready_domain_count": models.Domain.objects.filter(state=models.Domain.State.READY).count(),
+                "last_30_days_applications": last_30_days_applications.count(),
+                "last_30_days_approved_applications": last_30_days_approved_applications.count(),
+                "average_application_approval_time_last_30_days": avg_approval_time_display,
+                "managed_domains": {
+                    "start_date_count": managed_domains_sliced_at_start_date,
+                    "end_date_count": managed_domains_sliced_at_end_date,
+                },
+                "unmanaged_domains": {
+                    "start_date_count": unmanaged_domains_sliced_at_start_date,
+                    "end_date_count": unmanaged_domains_sliced_at_end_date,
+                },
+                "ready_domains": {
+                    "start_date_count": ready_domains_sliced_at_start_date,
+                    "end_date_count": ready_domains_sliced_at_end_date,
+                },
+                "deleted_domains": {
+                    "start_date_count": deleted_domains_sliced_at_start_date,
+                    "end_date_count": deleted_domains_sliced_at_end_date,
+                },
+                "requests": {
+                    "start_date_count": requests_sliced_at_start_date,
+                    "end_date_count": requests_sliced_at_end_date,
+                },
+                "submitted_requests": {
+                    "start_date_count": submitted_requests_sliced_at_start_date,
+                    "end_date_count": submitted_requests_sliced_at_end_date,
+                },
+                "start_date": start_date,
+                "end_date": end_date,
+            },
         )
         return render(request, "admin/analytics.html", context)
 

From f539ede376626cb475aff9a6f42a48988436b16a Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Fri, 7 Feb 2025 11:53:27 -0700
Subject: [PATCH 12/81] fix style and andi stuff

---
 src/registrar/assets/src/sass/_theme/_admin.scss         | 8 +++++++-
 src/registrar/templates/admin/analytics_graph_table.html | 8 ++++----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_admin.scss b/src/registrar/assets/src/sass/_theme/_admin.scss
index 4f75fd2fb..035768dad 100644
--- a/src/registrar/assets/src/sass/_theme/_admin.scss
+++ b/src/registrar/assets/src/sass/_theme/_admin.scss
@@ -536,9 +536,15 @@ details.dja-detail-table {
         background-color: transparent;
     }
 
+    thead tr {
+        background-color: var(--darkened-bg);
+    }
+
     td, th {
         padding-left: 12px;
-        border: none
+        border: none;
+        background-color: var(--darkened-bg);
+        color: var(--body-quiet-color);
     }
 
     thead > tr > th {
diff --git a/src/registrar/templates/admin/analytics_graph_table.html b/src/registrar/templates/admin/analytics_graph_table.html
index 58132d023..88b538745 100644
--- a/src/registrar/templates/admin/analytics_graph_table.html
+++ b/src/registrar/templates/admin/analytics_graph_table.html
@@ -1,9 +1,9 @@
-<table>
+<table class="usa-table usa-table--borderless">
     <thead>
         <tr>
-            <th>Type</th>
-            <th>Start date {{ data.start_date }}</th>
-            <th>End date {{ data.end_date }} </th>
+            <th scope="col">Type</th>
+            <th scope="col">Start date {{ data.start_date }}</th>
+            <th scope="col">End date {{ data.end_date }} </th>
         <tr>
     </thead>
     <tbody>

From f154e9b870335fd6f8c31c755ad2e3f01b92cd1e Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Fri, 7 Feb 2025 14:37:23 -0700
Subject: [PATCH 13/81] Add desktop / mobile view

---
 .../assets/src/sass/_theme/_admin.scss        |  30 +-
 src/registrar/templates/admin/analytics.html  | 529 +++++++++---------
 2 files changed, 303 insertions(+), 256 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_admin.scss b/src/registrar/assets/src/sass/_theme/_admin.scss
index 035768dad..05df9a3c2 100644
--- a/src/registrar/assets/src/sass/_theme/_admin.scss
+++ b/src/registrar/assets/src/sass/_theme/_admin.scss
@@ -548,7 +548,6 @@ details.dja-detail-table {
     }
 
     thead > tr > th {
-        border-radius: 4px;
         border-top: none;
         border-bottom: none;
     }
@@ -930,3 +929,32 @@ ul.add-list-reset {
     background-color: transparent !important; 
     }
 }
+
+@media (min-width: 1024px) {
+    .analytics-dashboard-charts {
+        // Desktop layout - charts in top row, details in bottom row
+        display: grid;
+        gap: 2rem;
+        grid-template-columns: 1fr 1fr;
+        grid-template-areas:
+            "chart1 chart2"
+            "details1 details2"
+            "chart3 chart4"
+            "details3 details4"
+            "chart5 chart6"
+            "details5 details6";
+
+        .chart-1 { grid-area: chart1; }
+        .details-1 { grid-area: details1; }
+        .chart-2 { grid-area: chart2; }
+        .details-2 { grid-area: details2; }
+        .chart-3 { grid-area: chart3; }
+        .details-3 { grid-area: details3; }
+        .chart-4 { grid-area: chart4; }
+        .details-4 { grid-area: details4; }
+        .chart-5 { grid-area: chart5; }
+        .details-5 { grid-area: details5; }
+        .chart-6 { grid-area: chart6; }
+        .details-6 { grid-area: details6; }
+    }
+}
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 014f948d1..297f27d46 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -1,258 +1,277 @@
 {% extends "admin/base_site.html" %}
 {% load static %}
-
-{% block content_title %}<h1>Registrar Analytics</h1>{% endblock %}
-
-{% block content %}
-
-  <div id="content-main" class="custom-admin-template">
-
-    <div class="grid-row grid-gap-2">
-      <div class="tablet:grid-col-6 margin-top-2">
-        <div class="module height-full">
-          <h2>At a glance</h2>
-          <div class="padding-top-2 padding-x-2">
-            <ul>
-              <li>User Count: {{ data.user_count }}</li>
-              <li>Domain Count: {{ data.domain_count }}</li>
-              <li>Domains in READY state: {{ data.ready_domain_count }}</li>
-              <li>Domain applications (last 30 days): {{ data.last_30_days_applications }}</li>
-              <li>Approved applications (last 30 days): {{ data.last_30_days_approved_applications }}</li>
-              <li>Average approval time for applications (last 30 days): {{ data.average_application_approval_time_last_30_days }}</li>
-            </ul>
-          </div>
-        </div>
-      </div>
-      <div class="tablet:grid-col-6 margin-top-2">
-      <div class="module height-full">
-        <h2>Current domains</h2>
-        <div class="padding-top-2 padding-x-2">
-          <ul class="usa-button-group wrapped-button-group">
-            <li class="usa-button-group__item">
-                <a href="{% url 'export_data_type' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-                  <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                    <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                  </svg><span class="margin-left-05">All domain metadata</span>
-                </a>
-            </li>
-            <li class="usa-button-group__item">
-              <a href="{% url 'export_data_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                </svg><span class="margin-left-05">Current full</span>
-              </a>
-            </li>
-            <li class="usa-button-group__item">
-                <a href="{% url 'export_data_federal' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-                  <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                    <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                  </svg><span class="margin-left-05">Current federal</span>
-                </a>
-            </li>
-            <li class="usa-button-group__item">
-              <a href="{% url 'export_data_domain_requests_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                </svg><span class="margin-left-05">All domain requests metadata</span>
-              </a>
-            </li>
-          </ul>
-        </div>
-      </div>
-    </div>
-  </div>
-  
-  <div class="grid-row grid-gap-2 margin-top-2">
-    <div class="grid-col">
-      <div class="module">
-        <h2>Growth reports</h2>
-        <div class="padding-2">
-          {% comment %} 
-              Inputs of type date suck for accessibility.
-              We'll need to replace those guys with a django form once we figure out how to hook one onto this page.
-              See the commit "Review for ticket #999"
-          {% endcomment %}
-          <div class="display-flex flex-align-baseline margin-top-1 margin-bottom-2">
-              <div class="margin-right-1">
-                  <label for="start">Start date:</label>
-                  <input type="date" id="start" name="start" value="2018-07-22" min="2018-01-01" />
-              </div>
-              <div>
-                  <label for="end">End date:</label>
-                  <input type="date" id="end" name="end" value="2023-12-01" min="2023-12-01" />
-              </div>
-          </div>
-          <ul class="usa-button-group">
-            <li class="usa-button-group__item">
-              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                </svg><span class="margin-left-05">Domain growth</span>
-              </button>
-            </li>
-            <li class="usa-button-group__item">
-              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                </svg><span class="margin-left-05">Request growth</span>
-              </button>
-            </li>
-            <li class="usa-button-group__item">
-              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                </svg><span class="margin-left-05">Managed domains</span>
-              </button>
-            </li>
-            <li class="usa-button-group__item">
-              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-                </svg><span class="margin-left-05">Unmanaged domains</span>
-              </button>
-            </li>
-            <li class="usa-button-group__item">
-              <button class="usa-button usa-button--dja exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
-                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                  <use xlink:href="{%static 'img/sprite.svg'%}#assessment"></use>
-                </svg><span class="margin-left-05">Update charts</span>
-              </button>
-            </li>
-          </ul>
-
-          <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
-            <div class="grid-col">
-                <canvas id="myChart1" width="400" height="200"
-                    aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
-                    role="img"
-                    data-list-one="{{ data.managed_domains.start_date_count }}"
-                    data-list-two="{{ data.managed_domains.end_date_count }}"
-                >
-                    <h2>Chart: Managed domains</h2>
-                    <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
-                </canvas>
-            </div>
-            <div class="grid-col">
-                <canvas id="myChart2" width="400" height="200"
-                    aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
-                    role="img"
-                    data-list-one="{{ data.unmanaged_domains.start_date_count }}"
-                    data-list-two="{{ data.unmanaged_domains.end_date_count }}"
-                >
-                    <h2>Chart: Unmanaged domains</h2>
-                    <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
-                </canvas>
-            </div>
-        </div>
-    
-        <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
-            <div class="grid-col">
-                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for managed domains</summary>
-                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                        {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
-                    </div>
-                </details>
-            </div>
-            <div class="grid-col">
-                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for unmanaged domains</summary>
-                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                        {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
-                    </div>
-                </details>
-            </div>
-        </div>
-    
-        <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
-            <div class="grid-col">
-                <canvas id="myChart3" width="400" height="200"
-                    aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
-                    role="img" 
-                    data-list-one="{{ data.deleted_domains.start_date_count }}"
-                    data-list-two="{{ data.deleted_domains.end_date_count }}"
-                >
-                    <h2>Chart: Deleted domains</h2>
-                    <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
-                </canvas>
-            </div>
-            <div class="grid-col">
-                <canvas id="myChart4" width="400" height="200"
-                    aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
-                    role="img" 
-                    data-list-one="{{ data.ready_domains.start_date_count }}"
-                    data-list-two="{{ data.ready_domains.end_date_count }}"
-                >
-                    <h2>Chart: Ready domains</h2>
-                    <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
-                </canvas>
-            </div>
-        </div>
-    
-        <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
-            <div class="grid-col">
-                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for deleted domains</summary>
-                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                        {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
-                    </div>
-                </details>
-            </div>
-            <div class="grid-col">
-                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for ready domains</summary>
-                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                        {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
-                    </div>
-                </details>
-            </div>
-        </div>
-    
-        <div class="grid-row grid-gap-2 margin-y-2 margin-bottom-0">
-            <div class="grid-col">
-                <canvas id="myChart5" width="400" height="200"
-                    aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
-                    role="img" 
-                    data-list-one="{{ data.submitted_requests.start_date_count }}"
-                    data-list-two="{{ data.submitted_requests.end_date_count }}"
-                >
-                    <h2>Chart: Submitted requests</h2>
-                    <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
-                </canvas>
-            </div>
-            <div class="grid-col">
-                <canvas id="myChart6" width="400" height="200"
-                    aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
-                    role="img" 
-                    data-list-one="{{ data.requests.start_date_count }}"
-                    data-list-two="{{ data.requests.end_date_count }}"
-                >
-                    <h2>Chart: All requests</h2>
-                    <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
-                </canvas>
-            </div>
-        </div>
-    
-        <div class="grid-row grid-gap-2 margin-y-2 margin-top-0">
-            <div class="grid-col">
-                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for submitted requests</summary>
-                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                        {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
-                    </div>
-                </details>
-            </div>
-            <div class="grid-col">
-                <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                    <summary class="padding-1 padding-left-0 dja-details-summary">Details for all requests</summary>
-                    <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                        {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
-                    </div>
-                </details>
-            </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</div>
+{% block content_title %}
+<h1>Registrar Analytics</h1>
 {% endblock %}
+{% block content %}
+<div id="content-main" class="custom-admin-template">
+<div class="grid-row grid-gap-2">
+	<div class="tablet:grid-col-6 margin-top-2">
+		<div class="module height-full">
+			<h2>At a glance</h2>
+			<div class="padding-top-2 padding-x-2">
+				<ul>
+					<li>User Count: {{ data.user_count }}</li>
+					<li>Domain Count: {{ data.domain_count }}</li>
+					<li>Domains in READY state: {{ data.ready_domain_count }}</li>
+					<li>Domain applications (last 30 days): {{ data.last_30_days_applications }}</li>
+					<li>Approved applications (last 30 days): {{ data.last_30_days_approved_applications }}</li>
+					<li>Average approval time for applications (last 30 days): {{ data.average_application_approval_time_last_30_days }}</li>
+				</ul>
+			</div>
+		</div>
+	</div>
+	<div class="tablet:grid-col-6 margin-top-2">
+		<div class="module height-full">
+			<h2>Current domains</h2>
+			<div class="padding-top-2 padding-x-2">
+				<ul class="usa-button-group wrapped-button-group">
+					<li class="usa-button-group__item">
+						<a href="{% url 'export_data_type' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">All domain metadata</span>
+						</a>
+					</li>
+					<li class="usa-button-group__item">
+						<a href="{% url 'export_data_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">Current full</span>
+						</a>
+					</li>
+					<li class="usa-button-group__item">
+						<a href="{% url 'export_data_federal' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">Current federal</span>
+						</a>
+					</li>
+					<li class="usa-button-group__item">
+						<a href="{% url 'export_data_domain_requests_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">All domain requests metadata</span>
+						</a>
+					</li>
+				</ul>
+			</div>
+		</div>
+	</div>
+</div>
+<div class="grid-row grid-gap-2 margin-top-2">
+	<div class="grid-col">
+		<div class="module">
+			<h2>Growth reports</h2>
+			<div class="padding-2">
+				{% comment %} 
+				Inputs of type date suck for accessibility.
+				We'll need to replace those guys with a django form once we figure out how to hook one onto this page.
+				See the commit "Review for ticket #999"
+				{% endcomment %}
+				<div class="display-flex flex-align-baseline margin-top-1 margin-bottom-2">
+					<div class="margin-right-1">
+						<label for="start">Start date:</label>
+						<input type="date" id="start" name="start" value="2018-07-22" min="2018-01-01" />
+					</div>
+					<div>
+						<label for="end">End date:</label>
+						<input type="date" id="end" name="end" value="2023-12-01" min="2023-12-01" />
+					</div>
+				</div>
+				<ul class="usa-button-group">
+					<li class="usa-button-group__item">
+						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">Domain growth</span>
+						</button>
+					</li>
+					<li class="usa-button-group__item">
+						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">Request growth</span>
+						</button>
+					</li>
+					<li class="usa-button-group__item">
+						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">Managed domains</span>
+						</button>
+					</li>
+					<li class="usa-button-group__item">
+						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+							</svg>
+							<span class="margin-left-05">Unmanaged domains</span>
+						</button>
+					</li>
+					<li class="usa-button-group__item">
+						<button class="usa-button usa-button--dja exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
+							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+								<use xlink:href="{%static 'img/sprite.svg'%}#assessment"></use>
+							</svg>
+							<span class="margin-left-05">Update charts</span>
+						</button>
+					</li>
+				</ul>
+        <div class="analytics-dashboard-charts">
+          {% comment %} Managed/Unmanaged domains {% endcomment %}
+          <div class="analytics-item chart-1">
+            <div class="grid-col">
+              <canvas id="myChart1" width="400" height="200"
+                aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
+                role="img"
+                data-list-one="{{ data.managed_domains.start_date_count }}"
+                data-list-two="{{ data.managed_domains.end_date_count }}"
+                >
+                <h2>Chart: Managed domains</h2>
+                <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
+              </canvas>
+            </div>
+          </div>
+          <div class="analytics-item details-1">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for managed domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                  {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
+                </div>
+              </details>
+            </div>
+          </div>
+          <div class="analytics-item chart-2">
+            <div class="grid-col">
+              <canvas id="myChart2" width="400" height="200"
+                aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
+                role="img"
+                data-list-one="{{ data.unmanaged_domains.start_date_count }}"
+                data-list-two="{{ data.unmanaged_domains.end_date_count }}"
+                >
+                <h2>Chart: Unmanaged domains</h2>
+                <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
+              </canvas>
+            </div>
+          </div>
+          <div class="analytics-item details-2">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for unmanaged domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                  {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
+                </div>
+              </details>
+            </div>
+          </div>
+
+          {% comment %} Deleted/Ready domains {% endcomment %}
+          <div class="analytics-item chart-3">
+            <div class="grid-col">
+              <canvas id="myChart3" width="400" height="200"
+                aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
+                role="img" 
+                data-list-one="{{ data.deleted_domains.start_date_count }}"
+                data-list-two="{{ data.deleted_domains.end_date_count }}"
+                >
+                <h2>Chart: Deleted domains</h2>
+                <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
+              </canvas>
+            </div>
+          </div>
+          <div class="analytics-item details-3">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for deleted domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                  {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
+                </div>
+              </details>
+            </div>
+          </div>
+          <div class="analytics-item chart-4">
+            <div class="grid-col">
+              <canvas id="myChart4" width="400" height="200"
+                aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
+                role="img" 
+                data-list-one="{{ data.ready_domains.start_date_count }}"
+                data-list-two="{{ data.ready_domains.end_date_count }}"
+                >
+                <h2>Chart: Ready domains</h2>
+                <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
+              </canvas>
+            </div>
+          </div>
+          <div class="analytics-item details-4">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for ready domains</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                  {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
+                </div>
+              </details>
+            </div>
+          </div>
+
+          {% comment %} Requests {% endcomment %}
+          <div class="analytics-item chart-5">
+            <div class="grid-col">
+              <canvas id="myChart5" width="400" height="200"
+                aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
+                role="img" 
+                data-list-one="{{ data.submitted_requests.start_date_count }}"
+                data-list-two="{{ data.submitted_requests.end_date_count }}"
+                >
+                <h2>Chart: Submitted requests</h2>
+                <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
+              </canvas>
+            </div>
+          </div>
+          <div class="analytics-item details-5">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for submitted requests</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                  {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
+                </div>
+              </details>
+            </div>
+          </div>
+          <div class="analytics-item chart-6">
+            <div class="grid-col">
+              <canvas id="myChart6" width="400" height="200"
+                aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
+                role="img" 
+                data-list-one="{{ data.requests.start_date_count }}"
+                data-list-two="{{ data.requests.end_date_count }}"
+                >
+                <h2>Chart: All requests</h2>
+                <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
+              </canvas>
+            </div>
+          </div>
+          <div class="analytics-item details-6">
+            <div class="grid-col">
+              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
+                <summary class="padding-1 padding-left-0 dja-details-summary">Details for all requests</summary>
+                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                  {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
+                </div>
+              </details>
+            </div>
+          </div>
+        </div>
+			</div>
+		</div>
+	</div>
+</div>
+{% endblock %}
\ No newline at end of file

From 6fc5a76e923a98a6180bf94771d22e3d94eca557 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 9 Feb 2025 18:20:38 -0700
Subject: [PATCH 14/81] Removed header markup for "clear all" filters link

---
 .../templates/admin/change_list.html          | 24 ++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/src/registrar/templates/admin/change_list.html b/src/registrar/templates/admin/change_list.html
index 43abf0861..43e6fa5b5 100644
--- a/src/registrar/templates/admin/change_list.html
+++ b/src/registrar/templates/admin/change_list.html
@@ -1,4 +1,5 @@
 {% extends "admin/change_list.html" %}
+{% load i18n admin_urls static admin_list %}
 
 {% block content_title %}
     <h1>{{ title }}</h1>
@@ -46,4 +47,25 @@
             {{ block.super }}
         {% endblock %}
     </div>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
+
+
+{% comment %} Replace the Django header markup for clearing all filters with a div. {% endcomment %}
+{% block filters %}
+{% if cl.has_filters %}
+    <nav id="changelist-filter" aria-labelledby="changelist-filter-header">
+    <h2 id="changelist-filter-header">{% translate 'Filter' %}</h2>
+    {% if cl.is_facets_optional or cl.has_active_filters %}<div id="changelist-filter-extra-actions">
+        {% if cl.is_facets_optional %}<h3>
+        {% if cl.add_facets %}<a href="{{ cl.remove_facet_link }}" class="hidelink">{% translate "Hide counts" %}</a>
+        {% else %}<a href="{{ cl.add_facet_link }}" class="viewlink">{% translate "Show counts" %}</a>{% endif %}
+        </h3>{% endif %}
+        {% if cl.has_active_filters %}<div class="margin-2">
+        <a href="{{ cl.clear_all_filters_qs }}">&#10006; {% translate "Clear all filters" %}</a>
+        </div>{% endif %}
+    </div>{% endif %}
+    {% for spec in cl.filter_specs %}{% admin_list_filter cl spec %}{% endfor %}
+    </nav>
+{% endif %}
+{% endblock %}
+

From f90fe6c4629696616d50cee8bcc87064a18a7c39 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 9 Feb 2025 18:20:51 -0700
Subject: [PATCH 15/81] Removed header markup for "By Status" multiple choice
 filter

---
 .../admin/multiple_choice_list_filter.html    | 70 ++++++++++---------
 1 file changed, 37 insertions(+), 33 deletions(-)

diff --git a/src/registrar/templates/django/admin/multiple_choice_list_filter.html b/src/registrar/templates/django/admin/multiple_choice_list_filter.html
index 167059594..2a61fee93 100644
--- a/src/registrar/templates/django/admin/multiple_choice_list_filter.html
+++ b/src/registrar/templates/django/admin/multiple_choice_list_filter.html
@@ -1,37 +1,41 @@
 {% load i18n %}
 {% load static field_helpers url_helpers %}
 
+<details data-filter-title="{{ filter_title }}" open="">
+  <summary>
+    {% blocktrans with filter_title=title %} By {{ filter_title }} {% endblocktrans %} 
+  </summary>
+  <ul class="mulitple-choice">
+    {% for choice in choices %}
+        {% if choice.reset %}
+            <li{% if choice.selected %} class="selected"{% endif %}">
+                <a href="{{ choice.query_string|iriencode }}" title="{{ choice.display }}">{{ choice.display }}</a>
+            </li>
+        {% endif %}
+    {% endfor %}
 
-<h3>{% blocktrans with filter_title=title %} By {{ filter_title }} {% endblocktrans %}</h3>
-<ul class="mulitple-choice">
-{% for choice in choices %}
-    {% if choice.reset %}
-        <li{% if choice.selected %} class="selected"{% endif %}">
-            <a href="{{ choice.query_string|iriencode }}" title="{{ choice.display }}">{{ choice.display }}</a>
-        </li>
-    {% endif %}
-{% endfor %}
-{% for choice in choices %}
-    {% if not choice.reset %}
-        <li{% if choice.selected %} class="selected"{% endif %}">
-          {% if choice.selected and choice.exclude_query_string %}
-            <a class="choice-filter choice-filter--checked" href="{{ choice.exclude_query_string|iriencode }}">{{ choice.display }}
-              <svg class="usa-icon position-absolute z-0 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                <use xlink:href="{%static 'img/sprite.svg'%}#check_box_outline_blank"></use>
-              </svg>
-              <svg class="usa-icon position-absolute z-100 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                <use xlink:href="{%static 'img/sprite.svg'%}#check"></use>
-              </svg>
-            </a>
-          {% endif %}
-          {% if not choice.selected and choice.include_query_string %}
-            <a class="choice-filter" href="{{ choice.include_query_string|iriencode }}">{{ choice.display }}
-              <svg class="usa-icon position-absolute z-0 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-                <use xlink:href="{%static 'img/sprite.svg'%}#check_box_outline_blank"></use>
-              </svg>
-            </a>
-          {% endif %}
-        </li>
-    {% endif %}
-{% endfor %}
-</ul>
+    {% for choice in choices %}
+        {% if not choice.reset %}
+            <li{% if choice.selected %} class="selected"{% endif %}">
+              {% if choice.selected and choice.exclude_query_string %}
+                <a class="choice-filter choice-filter--checked" href="{{ choice.exclude_query_string|iriencode }}">{{ choice.display }}
+                  <svg class="usa-icon position-absolute z-0 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                    <use xlink:href="{%static 'img/sprite.svg'%}#check_box_outline_blank"></use>
+                  </svg>
+                  <svg class="usa-icon position-absolute z-100 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                    <use xlink:href="{%static 'img/sprite.svg'%}#check"></use>
+                  </svg>
+                </a>
+              {% endif %}
+              {% if not choice.selected and choice.include_query_string %}
+                <a class="choice-filter" href="{{ choice.include_query_string|iriencode }}">{{ choice.display }}
+                  <svg class="usa-icon position-absolute z-0 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                    <use xlink:href="{%static 'img/sprite.svg'%}#check_box_outline_blank"></use>
+                  </svg>
+                </a>
+              {% endif %}
+            </li>
+        {% endif %}
+    {% endfor %}
+  </ul>
+</details>

From 2c74654544c9ae41223ca527d393a2efc71045d5 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 9 Feb 2025 19:25:37 -0700
Subject: [PATCH 16/81] add skip-to-filters link for admin tables

---
 src/registrar/templates/admin/change_list.html | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/registrar/templates/admin/change_list.html b/src/registrar/templates/admin/change_list.html
index 43abf0861..7256f2af2 100644
--- a/src/registrar/templates/admin/change_list.html
+++ b/src/registrar/templates/admin/change_list.html
@@ -37,6 +37,8 @@
             for {{ search_query }}
         {% endif %}
     </h2>    
+    
+    <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
 {% endblock %}
 
 {% comment %} Replace the Django ul markup with a div. We'll replace the li with a p in change_list_object_tools {% endcomment %}

From d684fea8edbe091367b992d5bfad85630622df5c Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 09:16:42 -0700
Subject: [PATCH 17/81] test changes

---
 src/registrar/assets/js/get-gov-reports.js    | 35 +++++++++++++++---
 .../assets/src/sass/_theme/_admin.scss        | 15 ++++----
 src/registrar/templates/admin/analytics.html  | 36 +++++++++----------
 3 files changed, 56 insertions(+), 30 deletions(-)

diff --git a/src/registrar/assets/js/get-gov-reports.js b/src/registrar/assets/js/get-gov-reports.js
index 8bfe32fdd..650a2c6c7 100644
--- a/src/registrar/assets/js/get-gov-reports.js
+++ b/src/registrar/assets/js/get-gov-reports.js
@@ -59,6 +59,8 @@
 /** An IIFE to initialize the analytics page
 */
 (function () {
+    // Store chart instances globally within this IIFE
+    const chartInstances = new Map();
     function createComparativeColumnChart(canvasId, title, labelOne, labelTwo) {
         var canvas = document.getElementById(canvasId);
         if (!canvas) {
@@ -80,17 +82,16 @@
                     borderWidth: 1,
                     data: listOne,
                     backgroundColor: [
-                        pattern.draw('zigzag-vertical', '#1f77b4'),
+                        pattern.draw("zigzag-vertical", "#1f77b4"),
                     ]
                 },
                 {
                     label: labelTwo,
-                    backgroundColor: "rgba(75, 192, 192, 0.2)",
                     borderColor: "rgba(75, 192, 192, 1)",
                     borderWidth: 1,
                     data: listTwo,
                     backgroundColor: [
-                        pattern.draw('diagonal', '#1f77b4'),
+                        pattern.draw("diagonal", "#1f77b4"),
                     ]
                 },
             ],
@@ -98,7 +99,6 @@
 
         var options = {
             responsive: true,
-            maintainAspectRatio: false,
             plugins: {
                 legend: {
                     position: 'top',
@@ -115,11 +115,34 @@
             },
         };
 
-        new Chart(ctx, {
+        // Destroy existing chart instance if it exists
+        if (chartInstances.has(canvasId)) {
+            chartInstances.get(canvasId).destroy();
+        }
+
+        // Create and store new chart instance
+        const chart = new Chart(ctx, {
             type: "bar",
             data: data,
             options: options,
         });
+        
+        chartInstances.set(canvasId, chart);
+    }
+
+    function handleResize() {
+        // Debounce the resize handler
+        if (handleResize.timeout) {
+            clearTimeout(handleResize.timeout);
+        }
+        
+        handleResize.timeout = setTimeout(() => {
+            chartInstances.forEach((chart, canvasId) => {
+                if (chart && chart.canvas) {
+                    chart.resize();
+                }
+            });
+        }, 100);
     }
 
     function initComparativeColumnCharts() {
@@ -130,6 +153,8 @@
             createComparativeColumnChart("myChart4", "Ready domains", "Start Date", "End Date");
             createComparativeColumnChart("myChart5", "Submitted requests", "Start Date", "End Date");
             createComparativeColumnChart("myChart6", "All requests", "Start Date", "End Date");
+
+            //window.addEventListener("resize", handleResize);
         });
     };
 
diff --git a/src/registrar/assets/src/sass/_theme/_admin.scss b/src/registrar/assets/src/sass/_theme/_admin.scss
index 05df9a3c2..ba7d447ee 100644
--- a/src/registrar/assets/src/sass/_theme/_admin.scss
+++ b/src/registrar/assets/src/sass/_theme/_admin.scss
@@ -930,11 +930,11 @@ ul.add-list-reset {
     }
 }
 
-@media (min-width: 1024px) {
+// Break at tablet view
+@media (min-width: 768px) {
     .analytics-dashboard-charts {
         // Desktop layout - charts in top row, details in bottom row
         display: grid;
-        gap: 2rem;
         grid-template-columns: 1fr 1fr;
         grid-template-areas:
             "chart1 chart2"
@@ -945,16 +945,17 @@ ul.add-list-reset {
             "details5 details6";
 
         .chart-1 { grid-area: chart1; }
-        .details-1 { grid-area: details1; }
         .chart-2 { grid-area: chart2; }
-        .details-2 { grid-area: details2; }
         .chart-3 { grid-area: chart3; }
-        .details-3 { grid-area: details3; }
         .chart-4 { grid-area: chart4; }
-        .details-4 { grid-area: details4; }
         .chart-5 { grid-area: chart5; }
-        .details-5 { grid-area: details5; }
         .chart-6 { grid-area: chart6; }
+        .details-1 { grid-area: details1; }
+        .details-2 { grid-area: details2; }
+        .details-3 { grid-area: details3; }
+        .details-4 { grid-area: details4; }
+        .details-5 { grid-area: details5; }
         .details-6 { grid-area: details6; }
     }
+
 }
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 297f27d46..855f7f870 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -140,10 +140,10 @@
               </canvas>
             </div>
           </div>
-          <div class="analytics-item details-1">
+          <div class="margin-bottom-2 analytics-item details-1">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for managed domains</summary>
+              <details class="dja-detail-table" aria-role="button" closed>
+                <summary class="dja-details-summary">Details for managed domains</summary>
                 <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
                   {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
                 </div>
@@ -163,10 +163,10 @@
               </canvas>
             </div>
           </div>
-          <div class="analytics-item details-2">
+          <div class="margin-bottom-2 analytics-item details-2">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for unmanaged domains</summary>
+              <details class="dja-detail-table" aria-role="button" closed>
+                <summary class="dja-details-summary">Details for unmanaged domains</summary>
                 <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
                   {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
                 </div>
@@ -188,10 +188,10 @@
               </canvas>
             </div>
           </div>
-          <div class="analytics-item details-3">
+          <div class="margin-bottom-2 analytics-item details-3">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for deleted domains</summary>
+              <details class="dja-detail-table" aria-role="button" closed>
+                <summary class="dja-details-summary">Details for deleted domains</summary>
                 <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
                   {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
                 </div>
@@ -211,10 +211,10 @@
               </canvas>
             </div>
           </div>
-          <div class="analytics-item details-4">
+          <div class="margin-bottom-2 analytics-item details-4">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for ready domains</summary>
+              <details class="dja-detail-table" aria-role="button" closed>
+                <summary class="dja-details-summary">Details for ready domains</summary>
                 <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
                   {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
                 </div>
@@ -236,10 +236,10 @@
               </canvas>
             </div>
           </div>
-          <div class="analytics-item details-5">
+          <div class="margin-bottom-2 analytics-item details-5">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for submitted requests</summary>
+              <details class="dja-detail-table" aria-role="button" closed>
+                <summary class="dja-details-summary">Details for submitted requests</summary>
                 <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
                   {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
                 </div>
@@ -259,10 +259,10 @@
               </canvas>
             </div>
           </div>
-          <div class="analytics-item details-6">
+          <div class="margin-bottom-2 analytics-item details-6">
             <div class="grid-col">
-              <details class="margin-top-1 dja-detail-table" aria-role="button" closed>
-                <summary class="padding-1 padding-left-0 dja-details-summary">Details for all requests</summary>
+              <details class="dja-detail-table" aria-role="button" closed>
+                <summary class="dja-details-summary">Details for all requests</summary>
                 <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
                   {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
                 </div>

From e90e31acb713017ee587c1622b7f4425b6cacce9 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 09:52:09 -0700
Subject: [PATCH 18/81] Closing in

---
 src/registrar/assets/js/get-gov-reports.js   |   2 +-
 src/registrar/templates/admin/analytics.html | 226 +++++++++----------
 2 files changed, 102 insertions(+), 126 deletions(-)

diff --git a/src/registrar/assets/js/get-gov-reports.js b/src/registrar/assets/js/get-gov-reports.js
index 650a2c6c7..7af40be45 100644
--- a/src/registrar/assets/js/get-gov-reports.js
+++ b/src/registrar/assets/js/get-gov-reports.js
@@ -154,7 +154,7 @@
             createComparativeColumnChart("myChart5", "Submitted requests", "Start Date", "End Date");
             createComparativeColumnChart("myChart6", "All requests", "Start Date", "End Date");
 
-            //window.addEventListener("resize", handleResize);
+            window.addEventListener("resize", handleResize);
         });
     };
 
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 855f7f870..4628ecfb4 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -127,147 +127,123 @@
 				</ul>
         <div class="analytics-dashboard-charts">
           {% comment %} Managed/Unmanaged domains {% endcomment %}
-          <div class="analytics-item chart-1">
-            <div class="grid-col">
-              <canvas id="myChart1" width="400" height="200"
-                aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
-                role="img"
-                data-list-one="{{ data.managed_domains.start_date_count }}"
-                data-list-two="{{ data.managed_domains.end_date_count }}"
-                >
-                <h2>Chart: Managed domains</h2>
-                <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
-              </canvas>
-            </div>
+          <div class="analytics-item chart-1 grid-col">
+            <canvas id="myChart1" width="400" height="200"
+              aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
+              role="img"
+              data-list-one="{{ data.managed_domains.start_date_count }}"
+              data-list-two="{{ data.managed_domains.end_date_count }}"
+              >
+              <h2>Chart: Managed domains</h2>
+              <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
+            </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-1">
-            <div class="grid-col">
-              <details class="dja-detail-table" aria-role="button" closed>
-                <summary class="dja-details-summary">Details for managed domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                  {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
-                </div>
-              </details>
-            </div>
+          <div class="margin-bottom-2 analytics-item details-1 grid-col">
+            <details class="dja-detail-table" aria-role="button" closed>
+              <summary class="dja-details-summary">Details for managed domains</summary>
+              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
+              </div>
+            </details>
           </div>
           <div class="analytics-item chart-2">
-            <div class="grid-col">
-              <canvas id="myChart2" width="400" height="200"
-                aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
-                role="img"
-                data-list-one="{{ data.unmanaged_domains.start_date_count }}"
-                data-list-two="{{ data.unmanaged_domains.end_date_count }}"
-                >
-                <h2>Chart: Unmanaged domains</h2>
-                <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
-              </canvas>
-            </div>
+            <canvas id="myChart2" width="400" height="200"
+              aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
+              role="img"
+              data-list-one="{{ data.unmanaged_domains.start_date_count }}"
+              data-list-two="{{ data.unmanaged_domains.end_date_count }}"
+              >
+              <h2>Chart: Unmanaged domains</h2>
+              <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
+            </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-2">
-            <div class="grid-col">
-              <details class="dja-detail-table" aria-role="button" closed>
-                <summary class="dja-details-summary">Details for unmanaged domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                  {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
-                </div>
-              </details>
-            </div>
+          <div class="margin-bottom-2 analytics-item details-2 grid-col">
+            <details class="dja-detail-table" aria-role="button" closed>
+              <summary class="dja-details-summary">Details for unmanaged domains</summary>
+              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
+              </div>
+            </details>
           </div>
 
           {% comment %} Deleted/Ready domains {% endcomment %}
-          <div class="analytics-item chart-3">
-            <div class="grid-col">
-              <canvas id="myChart3" width="400" height="200"
-                aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{ data.deleted_domains.start_date_count }}"
-                data-list-two="{{ data.deleted_domains.end_date_count }}"
-                >
-                <h2>Chart: Deleted domains</h2>
-                <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
-              </canvas>
-            </div>
+          <div class="analytics-item chart-3 grid-col">
+            <canvas id="myChart3" width="400" height="200"
+              aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
+              role="img" 
+              data-list-one="{{ data.deleted_domains.start_date_count }}"
+              data-list-two="{{ data.deleted_domains.end_date_count }}"
+              >
+              <h2>Chart: Deleted domains</h2>
+              <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
+            </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-3">
-            <div class="grid-col">
-              <details class="dja-detail-table" aria-role="button" closed>
-                <summary class="dja-details-summary">Details for deleted domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                  {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
-                </div>
-              </details>
-            </div>
+          <div class="margin-bottom-2 analytics-item details-3 grid-col">
+            <details class="dja-detail-table" aria-role="button" closed>
+              <summary class="dja-details-summary">Details for deleted domains</summary>
+              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
+              </div>
+            </details>
           </div>
-          <div class="analytics-item chart-4">
-            <div class="grid-col">
-              <canvas id="myChart4" width="400" height="200"
-                aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{ data.ready_domains.start_date_count }}"
-                data-list-two="{{ data.ready_domains.end_date_count }}"
-                >
-                <h2>Chart: Ready domains</h2>
-                <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
-              </canvas>
-            </div>
+          <div class="analytics-item chart-4 grid-col">
+            <canvas id="myChart4" width="400" height="200"
+              aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
+              role="img" 
+              data-list-one="{{ data.ready_domains.start_date_count }}"
+              data-list-two="{{ data.ready_domains.end_date_count }}"
+              >
+              <h2>Chart: Ready domains</h2>
+              <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
+            </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-4">
-            <div class="grid-col">
-              <details class="dja-detail-table" aria-role="button" closed>
-                <summary class="dja-details-summary">Details for ready domains</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                  {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
-                </div>
-              </details>
-            </div>
+          <div class="margin-bottom-2 analytics-item details-4 grid-col">
+            <details class="dja-detail-table" aria-role="button" closed>
+              <summary class="dja-details-summary">Details for ready domains</summary>
+              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
+              </div>
+            </details>
           </div>
 
           {% comment %} Requests {% endcomment %}
-          <div class="analytics-item chart-5">
-            <div class="grid-col">
-              <canvas id="myChart5" width="400" height="200"
-                aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{ data.submitted_requests.start_date_count }}"
-                data-list-two="{{ data.submitted_requests.end_date_count }}"
-                >
-                <h2>Chart: Submitted requests</h2>
-                <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
-              </canvas>
-            </div>
+          <div class="analytics-item chart-5 grid-col">
+            <canvas id="myChart5" width="400" height="200"
+              aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
+              role="img" 
+              data-list-one="{{ data.submitted_requests.start_date_count }}"
+              data-list-two="{{ data.submitted_requests.end_date_count }}"
+              >
+              <h2>Chart: Submitted requests</h2>
+              <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
+            </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-5">
-            <div class="grid-col">
-              <details class="dja-detail-table" aria-role="button" closed>
-                <summary class="dja-details-summary">Details for submitted requests</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                  {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
-                </div>
-              </details>
-            </div>
+          <div class="margin-bottom-2 analytics-item details-5 grid-col">
+            <details class="dja-detail-table" aria-role="button" closed>
+              <summary class="dja-details-summary">Details for submitted requests</summary>
+              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
+              </div>
+            </details>
           </div>
-          <div class="analytics-item chart-6">
-            <div class="grid-col">
-              <canvas id="myChart6" width="400" height="200"
-                aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
-                role="img" 
-                data-list-one="{{ data.requests.start_date_count }}"
-                data-list-two="{{ data.requests.end_date_count }}"
-                >
-                <h2>Chart: All requests</h2>
-                <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
-              </canvas>
-            </div>
+          <div class="analytics-item chart-6 grid-col">
+            <canvas id="myChart6" width="400" height="200"
+              aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
+              role="img" 
+              data-list-one="{{ data.requests.start_date_count }}"
+              data-list-two="{{ data.requests.end_date_count }}"
+              >
+              <h2>Chart: All requests</h2>
+              <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
+            </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-6">
-            <div class="grid-col">
-              <details class="dja-detail-table" aria-role="button" closed>
-                <summary class="dja-details-summary">Details for all requests</summary>
-                <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                  {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
-                </div>
-              </details>
-            </div>
+          <div class="margin-bottom-2 analytics-item details-6 grid-col">
+            <details class="dja-detail-table" aria-role="button" closed>
+              <summary class="dja-details-summary">Details for all requests</summary>
+              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
+              </div>
+            </details>
           </div>
         </div>
 			</div>

From e45f9f9525a92d34199916e250fd40cc9ef91a67 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 10:40:43 -0700
Subject: [PATCH 19/81] Fix uneven scaling

---
 src/registrar/assets/src/sass/_theme/_admin.scss | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_admin.scss b/src/registrar/assets/src/sass/_theme/_admin.scss
index ba7d447ee..c06c9c926 100644
--- a/src/registrar/assets/src/sass/_theme/_admin.scss
+++ b/src/registrar/assets/src/sass/_theme/_admin.scss
@@ -930,12 +930,12 @@ ul.add-list-reset {
     }
 }
 
-// Break at tablet view
-@media (min-width: 768px) {
+@media (min-width: 1080px) {
     .analytics-dashboard-charts {
         // Desktop layout - charts in top row, details in bottom row
         display: grid;
-        grid-template-columns: 1fr 1fr;
+        // Equal columns each gets 1/2 of the space
+        grid-template-columns: minmax(0, 1fr) minmax(0, 1fr);
         grid-template-areas:
             "chart1 chart2"
             "details1 details2"

From 6d180eae71cf9a4a73c96b08ea69e5496a6ee3cf Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 13:08:58 -0700
Subject: [PATCH 20/81] Update analytics.html

---
 src/registrar/templates/admin/analytics.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 4628ecfb4..b36511206 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -125,7 +125,7 @@
 						</button>
 					</li>
 				</ul>
-        <div class="analytics-dashboard-charts">
+        <div class="analytics-dashboard-charts margin-top-2">
           {% comment %} Managed/Unmanaged domains {% endcomment %}
           <div class="analytics-item chart-1 grid-col">
             <canvas id="myChart1" width="400" height="200"

From 77fedf4dc8265b019badddda767e3a02e54b6af5 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 13:21:47 -0700
Subject: [PATCH 21/81] cleanup

---
 .../assets/src/sass/_theme/_admin.scss        |  1 +
 src/registrar/templates/admin/analytics.html  | 24 +++++++++----------
 2 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_admin.scss b/src/registrar/assets/src/sass/_theme/_admin.scss
index c06c9c926..07749d2dd 100644
--- a/src/registrar/assets/src/sass/_theme/_admin.scss
+++ b/src/registrar/assets/src/sass/_theme/_admin.scss
@@ -934,6 +934,7 @@ ul.add-list-reset {
     .analytics-dashboard-charts {
         // Desktop layout - charts in top row, details in bottom row
         display: grid;
+        gap: 2rem;
         // Equal columns each gets 1/2 of the space
         grid-template-columns: minmax(0, 1fr) minmax(0, 1fr);
         grid-template-areas:
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index b36511206..3747dc7b6 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -127,7 +127,7 @@
 				</ul>
         <div class="analytics-dashboard-charts margin-top-2">
           {% comment %} Managed/Unmanaged domains {% endcomment %}
-          <div class="analytics-item chart-1 grid-col">
+          <div class="chart-1 grid-col">
             <canvas id="myChart1" width="400" height="200"
               aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
               role="img"
@@ -138,7 +138,7 @@
               <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
             </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-1 grid-col">
+          <div class="details-1 grid-col margin-bottom-2">
             <details class="dja-detail-table" aria-role="button" closed>
               <summary class="dja-details-summary">Details for managed domains</summary>
               <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
@@ -146,7 +146,7 @@
               </div>
             </details>
           </div>
-          <div class="analytics-item chart-2">
+          <div class="chart-2 grid-col">
             <canvas id="myChart2" width="400" height="200"
               aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
               role="img"
@@ -157,7 +157,7 @@
               <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
             </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-2 grid-col">
+          <div class="details-2 grid-col margin-bottom-2">
             <details class="dja-detail-table" aria-role="button" closed>
               <summary class="dja-details-summary">Details for unmanaged domains</summary>
               <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
@@ -167,7 +167,7 @@
           </div>
 
           {% comment %} Deleted/Ready domains {% endcomment %}
-          <div class="analytics-item chart-3 grid-col">
+          <div class="chart-3 grid-col">
             <canvas id="myChart3" width="400" height="200"
               aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
               role="img" 
@@ -178,7 +178,7 @@
               <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
             </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-3 grid-col">
+          <div class="details-3 grid-col margin-bottom-2">
             <details class="dja-detail-table" aria-role="button" closed>
               <summary class="dja-details-summary">Details for deleted domains</summary>
               <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
@@ -186,7 +186,7 @@
               </div>
             </details>
           </div>
-          <div class="analytics-item chart-4 grid-col">
+          <div class="chart-4 grid-col">
             <canvas id="myChart4" width="400" height="200"
               aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
               role="img" 
@@ -197,7 +197,7 @@
               <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
             </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-4 grid-col">
+          <div class="details-4 grid-col margin-bottom-2">
             <details class="dja-detail-table" aria-role="button" closed>
               <summary class="dja-details-summary">Details for ready domains</summary>
               <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
@@ -207,7 +207,7 @@
           </div>
 
           {% comment %} Requests {% endcomment %}
-          <div class="analytics-item chart-5 grid-col">
+          <div class="chart-5 grid-col">
             <canvas id="myChart5" width="400" height="200"
               aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
               role="img" 
@@ -218,7 +218,7 @@
               <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
             </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-5 grid-col">
+          <div class="details-5 grid-col margin-bottom-2">
             <details class="dja-detail-table" aria-role="button" closed>
               <summary class="dja-details-summary">Details for submitted requests</summary>
               <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
@@ -226,7 +226,7 @@
               </div>
             </details>
           </div>
-          <div class="analytics-item chart-6 grid-col">
+          <div class="chart-6 grid-col">
             <canvas id="myChart6" width="400" height="200"
               aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
               role="img" 
@@ -237,7 +237,7 @@
               <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
             </canvas>
           </div>
-          <div class="margin-bottom-2 analytics-item details-6 grid-col">
+          <div class="details-6 grid-col margin-bottom-2">
             <details class="dja-detail-table" aria-role="button" closed>
               <summary class="dja-details-summary">Details for all requests</summary>
               <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">

From e900255e681b35b3208bc85457d97bcbb4df25f9 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 14:06:10 -0700
Subject: [PATCH 22/81] fix cutoff bug

---
 src/registrar/assets/js/get-gov-reports.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/registrar/assets/js/get-gov-reports.js b/src/registrar/assets/js/get-gov-reports.js
index 428b576ee..2cc8157b5 100644
--- a/src/registrar/assets/js/get-gov-reports.js
+++ b/src/registrar/assets/js/get-gov-reports.js
@@ -100,6 +100,7 @@
 
         var options = {
             responsive: true,
+            maintainAspectRatio: false,
             plugins: {
                 legend: {
                     position: 'top',

From 12fa9548a136521c910926994ee7e18cc53bd750 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Mon, 10 Feb 2025 14:07:41 -0700
Subject: [PATCH 23/81] Update get-gov-reports.js

---
 src/registrar/assets/js/get-gov-reports.js | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/registrar/assets/js/get-gov-reports.js b/src/registrar/assets/js/get-gov-reports.js
index 2cc8157b5..d458ae05a 100644
--- a/src/registrar/assets/js/get-gov-reports.js
+++ b/src/registrar/assets/js/get-gov-reports.js
@@ -59,7 +59,6 @@
 /** An IIFE to initialize the analytics page
 */
 (function () {
-    // Store chart instances globally within this IIFE
     const chartInstances = new Map();
     function createComparativeColumnChart(canvasId, title, labelOne, labelTwo) {
         var canvas = document.getElementById(canvasId);
@@ -117,12 +116,10 @@
             },
         };
 
-        // Destroy existing chart instance if it exists
         if (chartInstances.has(canvasId)) {
             chartInstances.get(canvasId).destroy();
         }
 
-        // Create and store new chart instance
         const chart = new Chart(ctx, {
             type: "bar",
             data: data,

From d84aa421d90ba2d3a26bb998f428f3643ecf1841 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Mon, 10 Feb 2025 19:23:50 -0500
Subject: [PATCH 24/81] wip

---
 src/djangooidc/views.py                      |  2 +
 src/registrar/config/settings.py             |  2 +
 src/registrar/decorators.py                  | 72 ++++++++++++++++++++
 src/registrar/registrar_middleware.py        | 39 +++++++++++
 src/registrar/utility/domain_cache_helper.py |  0
 src/registrar/views/domain_requests_json.py  |  3 +-
 src/registrar/views/domains_json.py          |  3 +-
 src/registrar/views/index.py                 |  2 +
 8 files changed, 121 insertions(+), 2 deletions(-)
 create mode 100644 src/registrar/decorators.py
 create mode 100644 src/registrar/utility/domain_cache_helper.py

diff --git a/src/djangooidc/views.py b/src/djangooidc/views.py
index 815df4ecf..984936a4c 100644
--- a/src/djangooidc/views.py
+++ b/src/djangooidc/views.py
@@ -5,12 +5,14 @@ import logging
 from django.conf import settings
 from django.contrib.auth import logout as auth_logout
 from django.contrib.auth import authenticate, login
+from login_required import login_not_required
 from django.http import HttpResponseRedirect
 from django.shortcuts import redirect
 from urllib.parse import parse_qs, urlencode
 
 from djangooidc.oidc import Client
 from djangooidc import exceptions as o_e
+from registrar.decorators import grant_access
 from registrar.models import User
 from registrar.views.utility.error_views import custom_500_error_view, custom_401_error_view
 
diff --git a/src/registrar/config/settings.py b/src/registrar/config/settings.py
index 78439188e..9b51383f3 100644
--- a/src/registrar/config/settings.py
+++ b/src/registrar/config/settings.py
@@ -200,6 +200,8 @@ MIDDLEWARE = [
     "waffle.middleware.WaffleMiddleware",
     "registrar.registrar_middleware.CheckUserProfileMiddleware",
     "registrar.registrar_middleware.CheckPortfolioMiddleware",
+    # Restrict access using Opt-Out approach
+    "registrar.registrar_middleware.RestrictAccessMiddleware",
 ]
 
 # application object used by Django's built-in servers (e.g. `runserver`)
diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
new file mode 100644
index 000000000..08214f89c
--- /dev/null
+++ b/src/registrar/decorators.py
@@ -0,0 +1,72 @@
+from functools import wraps
+from django.http import JsonResponse
+from django.core.exceptions import ObjectDoesNotExist
+
+from registrar.models.domain import Domain
+from registrar.models.user_domain_role import UserDomainRole
+
+# Constants for clarity
+ALL = "all"
+IS_SUPERUSER = "is_superuser"
+IS_STAFF = "is_staff"
+IS_DOMAIN_MANAGER = "is_domain_manager"
+
+def grant_access(*rules):
+    """
+    Allows multiple rules in a single decorator call:
+    @grant_access(IS_STAFF, IS_SUPERUSER, IS_DOMAIN_MANAGER)
+    or multiple stacked decorators:
+    @grant_access(IS_SUPERUSER)
+    @grant_access(IS_DOMAIN_MANAGER)
+    """
+
+    def decorator(view_func):
+        view_func.has_explicit_access = True  # Mark as explicitly access-controlled
+        existing_rules = getattr(view_func, "_access_rules", set())
+        existing_rules.update(rules)  # Support multiple rules in one call
+        view_func._access_rules = existing_rules  # Store rules on the function
+
+        @wraps(view_func)
+        def wrapper(request, *args, **kwargs):
+            user = request.user
+
+            # Skip authentication if @login_not_required is applied
+            if getattr(view_func, "login_not_required", False):
+                return view_func(request, *args, **kwargs)
+
+            # Allow everyone if `ALL` is in rules
+            if ALL in view_func._access_rules:
+                return view_func(request, *args, **kwargs)
+            
+            # Ensure user is authenticated
+            if not user.is_authenticated:
+                return JsonResponse({"error": "Authentication required"}, status=403)
+
+            conditions_met = []
+
+            if IS_STAFF in view_func._access_rules:
+                conditions_met.append(user.is_staff)
+
+            if not any(conditions_met) and IS_SUPERUSER in view_func._access_rules:
+                conditions_met.append(user.is_superuser)
+
+            if not any(conditions_met) and IS_DOMAIN_MANAGER in view_func._access_rules:
+                domain_id = kwargs.get('pk') or kwargs.get('domain_id')
+                if not domain_id:
+                    return JsonResponse({"error": "Domain ID missing"}, status=400)
+                try:
+                    domain = Domain.objects.get(pk=domain_id)
+                    has_permission = UserDomainRole.objects.filter(
+                        user=user, domain=domain
+                    ).exists()
+                    conditions_met.append(has_permission)
+                except ObjectDoesNotExist:
+                    return JsonResponse({"error": "Invalid Domain"}, status=404)
+
+            if not any(conditions_met):
+                return JsonResponse({"error": "Access Denied"}, status=403)
+
+            return view_func(request, *args, **kwargs)
+
+        return wrapper
+    return decorator
diff --git a/src/registrar/registrar_middleware.py b/src/registrar/registrar_middleware.py
index ed7a4dffc..c23fb0515 100644
--- a/src/registrar/registrar_middleware.py
+++ b/src/registrar/registrar_middleware.py
@@ -3,9 +3,13 @@ Contains middleware used in settings.py
 """
 
 import logging
+import re
 from urllib.parse import parse_qs
+from django.conf import settings
 from django.urls import reverse
 from django.http import HttpResponseRedirect
+from django.http import JsonResponse
+from django.urls import resolve
 from registrar.models import User
 from waffle.decorators import flag_is_active
 
@@ -170,3 +174,38 @@ class CheckPortfolioMiddleware:
             request.session["portfolio"] = request.user.get_first_portfolio()
         else:
             request.session["portfolio"] = request.user.get_first_portfolio()
+
+
+class RestrictAccessMiddleware:
+    """ Middleware that blocks all views unless explicitly permitted """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+        self.ignored_paths = [re.compile(pattern) for pattern in getattr(settings, "LOGIN_REQUIRED_IGNORE_PATHS", [])]
+
+    def __call__(self, request):
+        # Allow requests that match LOGIN_REQUIRED_IGNORE_PATHS
+        if any(pattern.match(request.path) for pattern in self.ignored_paths):
+            return self.get_response(request)
+        
+        # Try to resolve the view function
+        try:
+            resolver_match = resolve(request.path_info)
+            view_func = resolver_match.func
+            app_name = resolver_match.app_name  # Get app name of resolved view
+        except Exception:
+            return JsonResponse({"error": "Not Found"}, status=404)
+
+        # Auto-allow Django's built-in admin views (but NOT custom /admin/* views)
+        if app_name == "admin":
+            return self.get_response(request)
+        
+        # Skip access restriction if the view explicitly allows unauthenticated access
+        if getattr(view_func, "login_required", True) is False:
+            return self.get_response(request)
+        
+        # Enforce explicit access fules for other views
+        if not getattr(view_func, "has_explicit_access", False):
+            return JsonResponse({"error": "Access Denied"}, status=403)
+
+        return self.get_response(request)
\ No newline at end of file
diff --git a/src/registrar/utility/domain_cache_helper.py b/src/registrar/utility/domain_cache_helper.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/src/registrar/views/domain_requests_json.py b/src/registrar/views/domain_requests_json.py
index 88590010e..b6a9d1072 100644
--- a/src/registrar/views/domain_requests_json.py
+++ b/src/registrar/views/domain_requests_json.py
@@ -1,5 +1,6 @@
 from django.http import JsonResponse
 from django.core.paginator import Paginator
+from registrar.decorators import grant_access, ALL
 from registrar.models import DomainRequest
 from django.utils.dateformat import format
 from django.contrib.auth.decorators import login_required
@@ -7,7 +8,7 @@ from django.urls import reverse
 from django.db.models import Q
 
 
-@login_required
+@grant_access(ALL)
 def get_domain_requests_json(request):
     """Given the current request,
     get all domain requests that are associated with the request user and exclude the APPROVED ones.
diff --git a/src/registrar/views/domains_json.py b/src/registrar/views/domains_json.py
index 8734ef89c..e0081450d 100644
--- a/src/registrar/views/domains_json.py
+++ b/src/registrar/views/domains_json.py
@@ -1,6 +1,7 @@
 import logging
 from django.http import JsonResponse
 from django.core.paginator import Paginator
+from registrar.decorators import grant_access, ALL
 from registrar.models import UserDomainRole, Domain, DomainInformation, User
 from django.contrib.auth.decorators import login_required
 from django.urls import reverse
@@ -9,7 +10,7 @@ from django.db.models import Q
 logger = logging.getLogger(__name__)
 
 
-@login_required
+@grant_access(ALL)
 def get_domains_json(request):
     """Given the current request,
     get all domains that are associated with the UserDomainRole object"""
diff --git a/src/registrar/views/index.py b/src/registrar/views/index.py
index be7149018..d9ff9b209 100644
--- a/src/registrar/views/index.py
+++ b/src/registrar/views/index.py
@@ -1,6 +1,8 @@
 from django.shortcuts import render
 
+from registrar.decorators import grant_access, ALL
 
+@grant_access(ALL)
 def index(request):
     """This page is available to anyone without logging in."""
     context = {}

From a334f7dc3ef02c2aaa2a8bdb7f9fa43d5ac9e60d Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Tue, 11 Feb 2025 10:06:24 -0500
Subject: [PATCH 25/81] wip

---
 src/registrar/config/urls.py                  |  29 +--
 src/registrar/decorators.py                   | 176 +++++++++++++-----
 src/registrar/registrar_middleware.py         |   8 +-
 src/registrar/templates/domain_add_user.html  |   6 +-
 src/registrar/templates/domain_detail.html    |  20 +-
 src/registrar/templates/domain_dns.html       |   8 +-
 src/registrar/templates/domain_dnssec.html    |   6 +-
 src/registrar/templates/domain_dsdata.html    |   6 +-
 .../templates/domain_nameservers.html         |   4 +-
 src/registrar/templates/domain_renewal.html   |   8 +-
 .../templates/domain_security_email.html      |   2 +-
 src/registrar/templates/domain_sidebar.html   |   8 +-
 .../templates/domain_suborganization.html     |   2 +-
 src/registrar/templates/domain_users.html     |   8 +-
 src/registrar/views/domain.py                 |  41 ++--
 src/registrar/views/domains_json.py           |   2 +-
 src/registrar/views/utility/error_views.py    |   8 +
 src/registrar/views/utility/mixins.py         |   4 +-
 .../views/utility/permission_views.py         |   1 +
 19 files changed, 216 insertions(+), 131 deletions(-)

diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index eb095c5ca..27ad01dc8 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -296,56 +296,56 @@ urlpatterns = [
         lambda r: always_404(r, "We forgot to include this link, sorry."),
         name="todo",
     ),
-    path("domain/<int:pk>", views.DomainView.as_view(), name="domain"),
-    path("domain/<int:pk>/prototype-dns", views.PrototypeDomainDNSRecordView.as_view(), name="prototype-domain-dns"),
-    path("domain/<int:pk>/users", views.DomainUsersView.as_view(), name="domain-users"),
+    path("domain/<int:domain_pk>", views.DomainView.as_view(), name="domain"),
+    path("domain/<int:domain_pk>/prototype-dns", views.PrototypeDomainDNSRecordView.as_view(), name="prototype-domain-dns"),
+    path("domain/<int:domain_pk>/users", views.DomainUsersView.as_view(), name="domain-users"),
     path(
-        "domain/<int:pk>/dns",
+        "domain/<int:domain_pk>/dns",
         views.DomainDNSView.as_view(),
         name="domain-dns",
     ),
     path(
-        "domain/<int:pk>/dns/nameservers",
+        "domain/<int:domain_pk>/dns/nameservers",
         views.DomainNameserversView.as_view(),
         name="domain-dns-nameservers",
     ),
     path(
-        "domain/<int:pk>/dns/dnssec",
+        "domain/<int:domain_pk>/dns/dnssec",
         views.DomainDNSSECView.as_view(),
         name="domain-dns-dnssec",
     ),
     path(
-        "domain/<int:pk>/dns/dnssec/dsdata",
+        "domain/<int:domain_pk>/dns/dnssec/dsdata",
         views.DomainDsDataView.as_view(),
         name="domain-dns-dnssec-dsdata",
     ),
     path(
-        "domain/<int:pk>/org-name-address",
+        "domain/<int:domain_pk>/org-name-address",
         views.DomainOrgNameAddressView.as_view(),
         name="domain-org-name-address",
     ),
     path(
-        "domain/<int:pk>/suborganization",
+        "domain/<int:domain_pk>/suborganization",
         views.DomainSubOrganizationView.as_view(),
         name="domain-suborganization",
     ),
     path(
-        "domain/<int:pk>/senior-official",
+        "domain/<int:domain_pk>/senior-official",
         views.DomainSeniorOfficialView.as_view(),
         name="domain-senior-official",
     ),
     path(
-        "domain/<int:pk>/security-email",
+        "domain/<int:domain_pk>/security-email",
         views.DomainSecurityEmailView.as_view(),
         name="domain-security-email",
     ),
     path(
-        "domain/<int:pk>/renewal",
+        "domain/<int:domain_pk>/renewal",
         views.DomainRenewalView.as_view(),
         name="domain-renewal",
     ),
     path(
-        "domain/<int:pk>/users/add",
+        "domain/<int:domain_pk>/users/add",
         views.DomainAddUserView.as_view(),
         name="domain-users-add",
     ),
@@ -370,7 +370,7 @@ urlpatterns = [
         name="domain-request-delete",
     ),
     path(
-        "domain/<int:pk>/users/<int:user_pk>/delete",
+        "domain/<int:domain_pk>/users/<int:user_pk>/delete",
         views.DomainDeleteUserView.as_view(http_method_names=["post"]),
         name="domain-user-delete",
     ),
@@ -392,6 +392,7 @@ urlpatterns = [
 # This way, we can share a view for djangooidc, and other pages as we see fit.
 handler500 = "registrar.views.utility.error_views.custom_500_error_view"
 handler403 = "registrar.views.utility.error_views.custom_403_error_view"
+handler404 = "registrar.views.utility.error_views.custom_404_error_view"
 
 # we normally would guard these with `if settings.DEBUG` but tests run with
 # DEBUG = False even when these apps have been loaded because settings.DEBUG
diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 08214f89c..177dfab62 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -1,15 +1,14 @@
-from functools import wraps
-from django.http import JsonResponse
-from django.core.exceptions import ObjectDoesNotExist
-
-from registrar.models.domain import Domain
-from registrar.models.user_domain_role import UserDomainRole
+import functools
+from django.core.exceptions import PermissionDenied
+from django.utils.decorators import method_decorator
+from registrar.models import DomainInformation, DomainRequest, UserDomainRole
 
 # Constants for clarity
 ALL = "all"
 IS_SUPERUSER = "is_superuser"
 IS_STAFF = "is_staff"
 IS_DOMAIN_MANAGER = "is_domain_manager"
+IS_STAFF_MANAGING_DOMAIN = "is_staff_managing_domain"
 
 def grant_access(*rules):
     """
@@ -20,53 +19,128 @@ def grant_access(*rules):
     @grant_access(IS_DOMAIN_MANAGER)
     """
 
-    def decorator(view_func):
-        view_func.has_explicit_access = True  # Mark as explicitly access-controlled
-        existing_rules = getattr(view_func, "_access_rules", set())
-        existing_rules.update(rules)  # Support multiple rules in one call
-        view_func._access_rules = existing_rules  # Store rules on the function
+    def decorator(view):
+        if isinstance(view, type):  # If decorating a class-based view (CBV)
+            original_dispatch = view.dispatch  # save original dispatch method
 
-        @wraps(view_func)
-        def wrapper(request, *args, **kwargs):
-            user = request.user
-
-            # Skip authentication if @login_not_required is applied
-            if getattr(view_func, "login_not_required", False):
-                return view_func(request, *args, **kwargs)
-
-            # Allow everyone if `ALL` is in rules
-            if ALL in view_func._access_rules:
-                return view_func(request, *args, **kwargs)
+            @method_decorator(grant_access(*rules))  # apply the decorator to dispatch
+            def wrapped_dispatch(self, request, *args, **kwargs):
+                if not _user_has_permission(request.user, request, rules, **kwargs):
+                    raise PermissionDenied
+                return original_dispatch(self, request, *args, **kwargs)
             
-            # Ensure user is authenticated
-            if not user.is_authenticated:
-                return JsonResponse({"error": "Authentication required"}, status=403)
+            view.dispatch = wrapped_dispatch  # replace dispatch with wrapped version
+            return view
 
-            conditions_met = []
+        else:  # If decorating a function-based view (FBV)
+            view.has_explicit_access = True
+            existing_rules = getattr(view, "_access_rules", set())
+            existing_rules.update(rules)
+            view._access_rules = existing_rules
 
-            if IS_STAFF in view_func._access_rules:
-                conditions_met.append(user.is_staff)
-
-            if not any(conditions_met) and IS_SUPERUSER in view_func._access_rules:
-                conditions_met.append(user.is_superuser)
-
-            if not any(conditions_met) and IS_DOMAIN_MANAGER in view_func._access_rules:
-                domain_id = kwargs.get('pk') or kwargs.get('domain_id')
-                if not domain_id:
-                    return JsonResponse({"error": "Domain ID missing"}, status=400)
-                try:
-                    domain = Domain.objects.get(pk=domain_id)
-                    has_permission = UserDomainRole.objects.filter(
-                        user=user, domain=domain
-                    ).exists()
-                    conditions_met.append(has_permission)
-                except ObjectDoesNotExist:
-                    return JsonResponse({"error": "Invalid Domain"}, status=404)
-
-            if not any(conditions_met):
-                return JsonResponse({"error": "Access Denied"}, status=403)
-
-            return view_func(request, *args, **kwargs)
-
-        return wrapper
+            @functools.wraps(view)
+            def wrapper(request, *args, **kwargs):
+                if not _user_has_permission(request.user, request, rules, **kwargs):
+                    raise PermissionDenied
+                return view(request, *args, **kwargs)
+            
+            return wrapper
+        
     return decorator
+    
+
+def _user_has_permission(user, request, rules, **kwargs):
+    """
+    Checks if the user meets the permission requirements.
+    """
+
+    # Skip authentication if @login_not_required is applied
+    if getattr(request, "login_not_required", False):
+        return True
+
+    # Allow everyone if `ALL` is in rules
+    if ALL in rules:
+        return True
+
+    # Ensure user is authenticated
+    if not user.is_authenticated:
+        return False
+
+    conditions_met = []
+
+    if IS_STAFF in rules:
+        conditions_met.append(user.is_staff)
+
+    if not any(conditions_met) and IS_SUPERUSER in rules:
+        conditions_met.append(user.is_superuser)
+
+    if not any(conditions_met) and IS_DOMAIN_MANAGER in rules:
+        domain_id = kwargs.get('domain_pk')
+        # Check UserDomainRole directly instead of fetching Domain
+        has_permission = UserDomainRole.objects.filter(user=user, domain_id=domain_id).exists()
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and IS_STAFF_MANAGING_DOMAIN in rules:
+        domain_id = kwargs.get('domain_pk')
+        has_permission = _can_access_other_user_domains(request, domain_id)
+        conditions_met.append(has_permission)
+
+    return any(conditions_met)
+
+
+def _can_access_other_user_domains(request, domain_pk):
+    """Checks to see if an authorized user (staff or superuser)
+    can access a domain that they did not create or were invited to.
+    """
+
+    # Check if the request user is permissioned...
+    user_is_analyst_or_superuser = request.user.has_perm(
+        "registrar.analyst_access_permission"
+    ) or request.user.has_perm("registrar.full_access_permission")
+
+    if not user_is_analyst_or_superuser:
+        return False
+
+    # Check if the user is attempting a valid edit action.
+    # In other words, if the analyst/admin did not click
+    # the 'Manage Domain' button in /admin,
+    # then they cannot access this page.
+    session = request.session
+    can_do_action = (
+        "analyst_action" in session
+        and "analyst_action_location" in session
+        and session["analyst_action_location"] == domain_pk
+    )
+
+    if not can_do_action:
+        return False
+
+    # Analysts may manage domains, when they are in these statuses:
+    valid_domain_statuses = [
+        DomainRequest.DomainRequestStatus.APPROVED,
+        DomainRequest.DomainRequestStatus.IN_REVIEW,
+        DomainRequest.DomainRequestStatus.REJECTED,
+        DomainRequest.DomainRequestStatus.ACTION_NEEDED,
+        # Edge case - some domains do not have
+        # a status or DomainInformation... aka a status of 'None'.
+        # It is necessary to access those to correct errors.
+        None,
+    ]
+
+    requested_domain = DomainInformation.objects.filter(domain_id=domain_pk).first()
+
+    # if no domain information or domain request exist, the user
+    # should be able to manage the domain; however, if domain information
+    # and domain request exist, and domain request is not in valid status,
+    # user should not be able to manage domain
+    if (
+        requested_domain
+        and requested_domain.domain_request
+        and requested_domain.domain_request.status not in valid_domain_statuses
+    ):
+        return False
+
+    # Valid session keys exist,
+    # the user is permissioned,
+    # and it is in a valid status
+    return True
diff --git a/src/registrar/registrar_middleware.py b/src/registrar/registrar_middleware.py
index c23fb0515..e3dcbe788 100644
--- a/src/registrar/registrar_middleware.py
+++ b/src/registrar/registrar_middleware.py
@@ -6,9 +6,9 @@ import logging
 import re
 from urllib.parse import parse_qs
 from django.conf import settings
+from django.core.exceptions import PermissionDenied
 from django.urls import reverse
 from django.http import HttpResponseRedirect
-from django.http import JsonResponse
 from django.urls import resolve
 from registrar.models import User
 from waffle.decorators import flag_is_active
@@ -182,7 +182,7 @@ class RestrictAccessMiddleware:
     def __init__(self, get_response):
         self.get_response = get_response
         self.ignored_paths = [re.compile(pattern) for pattern in getattr(settings, "LOGIN_REQUIRED_IGNORE_PATHS", [])]
-
+    
     def __call__(self, request):
         # Allow requests that match LOGIN_REQUIRED_IGNORE_PATHS
         if any(pattern.match(request.path) for pattern in self.ignored_paths):
@@ -194,7 +194,7 @@ class RestrictAccessMiddleware:
             view_func = resolver_match.func
             app_name = resolver_match.app_name  # Get app name of resolved view
         except Exception:
-            return JsonResponse({"error": "Not Found"}, status=404)
+            return self.get_response(request)
 
         # Auto-allow Django's built-in admin views (but NOT custom /admin/* views)
         if app_name == "admin":
@@ -206,6 +206,6 @@ class RestrictAccessMiddleware:
         
         # Enforce explicit access fules for other views
         if not getattr(view_func, "has_explicit_access", False):
-            return JsonResponse({"error": "Access Denied"}, status=403)
+            raise PermissionDenied
 
         return self.get_response(request)
\ No newline at end of file
diff --git a/src/registrar/templates/domain_add_user.html b/src/registrar/templates/domain_add_user.html
index 04565f61e..abc549a82 100644
--- a/src/registrar/templates/domain_add_user.html
+++ b/src/registrar/templates/domain_add_user.html
@@ -16,10 +16,10 @@
           <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
         </li>
         <li class="usa-breadcrumb__list-item">
-          <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+          <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
         </li>
         <li class="usa-breadcrumb__list-item">
-          <a href="{% url 'domain-users' pk=domain.id %}" class="usa-breadcrumb__link"><span>Domain managers</span></a>
+          <a href="{% url 'domain-users' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>Domain managers</span></a>
         </li>
         <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
           <span>Add a domain manager</span>
@@ -27,7 +27,7 @@
       </ol>
     </nav>
     {% else %}
-    {% url 'domain-users' pk=domain.id as url %}
+    {% url 'domain-users' domain_pk=domain.id as url %}
     <nav class="usa-breadcrumb padding-top-0" aria-label="Domain manager breadcrumb">
       <ol class="usa-breadcrumb__list">
         <li class="usa-breadcrumb__list-item">
diff --git a/src/registrar/templates/domain_detail.html b/src/registrar/templates/domain_detail.html
index 758c43366..0d38da909 100644
--- a/src/registrar/templates/domain_detail.html
+++ b/src/registrar/templates/domain_detail.html
@@ -48,11 +48,11 @@
             <p class="margin-y-0 text-primary-darker">
               {% if has_domain_renewal_flag and domain.is_expired and is_domain_manager %}
                 This domain has expired, but it is still online. 
-                {% url 'domain-renewal' pk=domain.id as url %}
+                {% url 'domain-renewal' domain_pk=domain.id as url %}
                 <a href="{{ url }}" class="usa-link">Renew to maintain access.</a>
               {% elif has_domain_renewal_flag and domain.is_expiring and is_domain_manager %}
                 This domain will expire soon. 
-                {% url 'domain-renewal' pk=domain.id as url %}
+                {% url 'domain-renewal' domain_pk=domain.id as url %}
                 <a href="{{ url }}" class="usa-link">Renew to maintain access.</a>
               {% elif has_domain_renewal_flag and domain.is_expiring and is_portfolio_user %}
                 This domain will expire soon. Contact one of the listed domain managers to renew the domain.
@@ -82,7 +82,7 @@
     {% endif %}
 
 
-    {% url 'domain-dns-nameservers' pk=domain.id as url %}
+    {% url 'domain-dns-nameservers' domain_pk=domain.id as url %}
     {% if domain.nameservers|length > 0 %}
       {% include "includes/summary_item.html" with title='DNS name servers' domains='true' value=domain.nameservers list='true' edit_link=url editable=is_editable %}
     {% else %}
@@ -95,7 +95,7 @@
       {% endif %}
     {% endif %}
     
-    {% url 'domain-dns-dnssec' pk=domain.id as url %}
+    {% url 'domain-dns-dnssec' domain_pk=domain.id as url %}
     {% if domain.dnssecdata is not None %}
       {% include "includes/summary_item.html" with title='DNSSEC' value='Enabled' edit_link=url editable=is_editable %}
     {% else %}
@@ -104,26 +104,26 @@
 
     {% if portfolio %}
       {% if has_any_domains_portfolio_permission and has_edit_portfolio_permission %}
-        {% url 'domain-suborganization' pk=domain.id as url %}
+        {% url 'domain-suborganization' domain_pk=domain.id as url %}
         {% include "includes/summary_item.html" with title='Suborganization' value=domain.domain_info.sub_organization edit_link=url editable=is_editable|and:has_edit_portfolio_permission %}
     {% elif has_any_domains_portfolio_permission and has_view_portfolio_permission %}
-        {% url 'domain-suborganization' pk=domain.id as url %}
+        {% url 'domain-suborganization' domain_pk=domain.id as url %}
         {% include "includes/summary_item.html" with title='Suborganization' value=domain.domain_info.sub_organization edit_link=url editable=is_editable|and:has_view_portfolio_permission view_button=True %}
         {% endif %}
     {% else %}
-      {% url 'domain-org-name-address' pk=domain.id as url %}
+      {% url 'domain-org-name-address' domain_pk=domain.id as url %}
       {% include "includes/summary_item.html" with title='Organization' value=domain.domain_info address='true' edit_link=url editable=is_editable %}
-      {% url 'domain-senior-official' pk=domain.id as url %}
+      {% url 'domain-senior-official' domain_pk=domain.id as url %}
       {% include "includes/summary_item.html" with title='Senior official' value=domain.domain_info.senior_official contact='true' edit_link=url editable=is_editable %}
     {% endif %}
 
-    {% url 'domain-security-email' pk=domain.id as url %}
+    {% url 'domain-security-email' domain_pk=domain.id as url %}
     {% if security_email is not None and security_email not in hidden_security_emails%}
       {% include "includes/summary_item.html" with title='Security email' value=security_email edit_link=url editable=is_editable %}
     {% else %}
       {% include "includes/summary_item.html" with title='Security email' value='None provided' edit_link=url editable=is_editable %}
     {% endif %}
-    {% url 'domain-users' pk=domain.id as url %}
+    {% url 'domain-users' domain_pk=domain.id as url %}
     {% if portfolio %}
       {% include "includes/summary_item.html" with title='Domain managers' domain_permissions=True value=domain edit_link=url editable=is_editable %}
     {% else %}
diff --git a/src/registrar/templates/domain_dns.html b/src/registrar/templates/domain_dns.html
index c8ece2e32..80faa15f2 100644
--- a/src/registrar/templates/domain_dns.html
+++ b/src/registrar/templates/domain_dns.html
@@ -13,7 +13,7 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>DNS</span>
@@ -30,14 +30,14 @@
   <p>You can enter your name servers, as well as other DNS-related information, in the following sections:</p>
   
 
-  {% url 'domain-dns-nameservers' pk=domain.id as url %}
+  {% url 'domain-dns-nameservers' domain_pk=domain.id as url %}
 <ul class="usa-list">
 <li><a href="{{ url }}">Name servers</a></li>
 
-  {% url 'domain-dns-dnssec' pk=domain.id as url %}
+  {% url 'domain-dns-dnssec' domain_pk=domain.id as url %}
   <li><a href="{{ url }}">DNSSEC</a></li>
   {% if dns_prototype_flag and is_valid_domain %}
-    <li><a href="{% url 'prototype-domain-dns' pk=domain.id %}">Prototype DNS record creator</a></li>
+    <li><a href="{% url 'prototype-domain-dns' domain_pk=domain.id %}">Prototype DNS record creator</a></li>
   {% endif %}
 </ul>
 
diff --git a/src/registrar/templates/domain_dnssec.html b/src/registrar/templates/domain_dnssec.html
index 3beb2548e..e26c8768d 100644
--- a/src/registrar/templates/domain_dnssec.html
+++ b/src/registrar/templates/domain_dnssec.html
@@ -14,10 +14,10 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain-dns' pk=domain.id %}" class="usa-breadcrumb__link"><span>DNS</span></a>
+        <a href="{% url 'domain-dns' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>DNS</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>DNSSEC</span>
@@ -69,7 +69,7 @@
           <p class="margin-y-0">It is strongly recommended that you only enable DNSSEC if you know how to set it up properly at your hosting service. If you make a mistake, it could cause your domain name to stop working.</p>
         </div>
       </div>
-      <a href="{% url 'domain-dns-dnssec-dsdata' pk=domain.id %}" class="usa-button">Enable DNSSEC</a>
+      <a href="{% url 'domain-dns-dnssec-dsdata' domain_pk=domain.id %}" class="usa-button">Enable DNSSEC</a>
     </div>
     {% endif %}
   </form>
diff --git a/src/registrar/templates/domain_dsdata.html b/src/registrar/templates/domain_dsdata.html
index 36eb811e3..95e8e3d5f 100644
--- a/src/registrar/templates/domain_dsdata.html
+++ b/src/registrar/templates/domain_dsdata.html
@@ -18,13 +18,13 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain-dns' pk=domain.id %}" class="usa-breadcrumb__link"><span>DNS</span></a>
+        <a href="{% url 'domain-dns' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>DNS</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain-dns-dnssec' pk=domain.id %}" class="usa-breadcrumb__link"><span>DNSSEC</span></a>
+        <a href="{% url 'domain-dns-dnssec' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>DNSSEC</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>DS data</span>
diff --git a/src/registrar/templates/domain_nameservers.html b/src/registrar/templates/domain_nameservers.html
index ad8d61592..1b1a59c9e 100644
--- a/src/registrar/templates/domain_nameservers.html
+++ b/src/registrar/templates/domain_nameservers.html
@@ -19,10 +19,10 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain-dns' pk=domain.id %}" class="usa-breadcrumb__link"><span>DNS</span></a>
+        <a href="{% url 'domain-dns' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>DNS</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>DNS name servers</span>
diff --git a/src/registrar/templates/domain_renewal.html b/src/registrar/templates/domain_renewal.html
index 703c2358f..8af43c6eb 100644
--- a/src/registrar/templates/domain_renewal.html
+++ b/src/registrar/templates/domain_renewal.html
@@ -24,7 +24,7 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{domain.name}}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{domain.name}}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>Renewal Form</span>
@@ -63,14 +63,14 @@
       {% endif %}
     {% endif %}
 
-    {% url 'domain-security-email' pk=domain.id as url %}
+    {% url 'domain-security-email' domain_pk=domain.id as url %}
     {% if security_email is not None and security_email not in hidden_security_emails%}
       {% include "includes/summary_item.html" with title='Security email' value=security_email custom_text_for_value_none='We strongly recommend that you provide a security email. This email will allow the public to report observed or suspected security issues on your domain.' edit_link=url editable=is_editable %}
     {% else %}
       {% include "includes/summary_item.html" with title='Security email' value='None provided' custom_text_for_value_none='We strongly recommend that you provide a security email. This email will allow the public to report observed or suspected security issues on your domain.' edit_link=url editable=is_editable %}
     {% endif %}
 
-    {% url 'domain-users' pk=domain.id as url %}
+    {% url 'domain-users' domain_pk=domain.id as url %}
     {% if portfolio %}
       {% include "includes/summary_item.html" with title='Domain managers' domain_permissions=True value=domain edit_link=url editable=is_editable %}
     {% else %}
@@ -91,7 +91,7 @@
         Acknowledgement of .gov domain requirements </h3>          
         </legend>
     
-        <form method="post" action="{% url 'domain-renewal' pk=domain.id %}"> 
+        <form method="post" action="{% url 'domain-renewal' domain_pk=domain.id %}"> 
           {% csrf_token %}
           <div class="usa-checkbox">
 
diff --git a/src/registrar/templates/domain_security_email.html b/src/registrar/templates/domain_security_email.html
index 38a5a43c5..e74ecf709 100644
--- a/src/registrar/templates/domain_security_email.html
+++ b/src/registrar/templates/domain_security_email.html
@@ -16,7 +16,7 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>Security email</span>
diff --git a/src/registrar/templates/domain_sidebar.html b/src/registrar/templates/domain_sidebar.html
index 5946b6859..6d0a23889 100644
--- a/src/registrar/templates/domain_sidebar.html
+++ b/src/registrar/templates/domain_sidebar.html
@@ -17,14 +17,14 @@
       {% endif %}    
 
       <li class="usa-sidenav__item">
-        {% url 'domain-dns' pk=domain.id as url %}
+        {% url 'domain-dns' domain_pk=domain.id as url %}
         <a href="{{ url }}" {% if request.path|startswith:url %}class="usa-current"{% endif %}">
           DNS
         </a>
         {% if request.path|startswith:url %}
         <ul class="usa-sidenav__sublist">
           <li class="usa-sidenav__item">
-            {% url 'domain-dns-nameservers' pk=domain.id as url %} 
+            {% url 'domain-dns-nameservers' domain_pk=domain.id as url %} 
             <a href="{{ url }}"
               {% if request.path == url %}class="usa-current"{% endif %}
             >
@@ -33,7 +33,7 @@
           </li>
 
           <li class="usa-sidenav__item">
-            {% url 'domain-dns-dnssec' pk=domain.id as url %}
+            {% url 'domain-dns-dnssec' domain_pk=domain.id as url %}
             <a href="{{ url }}"
               {% if request.path|startswith:url %}class="usa-current"{% endif %}
             >
@@ -43,7 +43,7 @@
               {% if domain.dnssecdata is not None or request.path|startswith:url and request.path|endswith:'dsdata' %}
               <ul class="usa-sidenav__sublist">
                 <li class="usa-sidenav__item">
-                  {% url 'domain-dns-dnssec-dsdata' pk=domain.id as url %}
+                  {% url 'domain-dns-dnssec-dsdata' domain_pk=domain.id as url %}
                   <a href="{{ url }}"
                     {% if request.path == url %}class="usa-current"{% endif %}
                   >
diff --git a/src/registrar/templates/domain_suborganization.html b/src/registrar/templates/domain_suborganization.html
index 1c3b8e588..b9e4734ff 100644
--- a/src/registrar/templates/domain_suborganization.html
+++ b/src/registrar/templates/domain_suborganization.html
@@ -16,7 +16,7 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
         </li>
         <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
         </li>
         <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>Suborganization</span>
diff --git a/src/registrar/templates/domain_users.html b/src/registrar/templates/domain_users.html
index c6e6baa93..984b4160b 100644
--- a/src/registrar/templates/domain_users.html
+++ b/src/registrar/templates/domain_users.html
@@ -13,7 +13,7 @@
         <a href="{% url 'domains' %}" class="usa-breadcrumb__link"><span>Domains</span></a>
       </li>
       <li class="usa-breadcrumb__list-item">
-        <a href="{% url 'domain' pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
+        <a href="{% url 'domain' domain_pk=domain.id %}" class="usa-breadcrumb__link"><span>{{ domain.name }}</span></a>
       </li>
       <li class="usa-breadcrumb__list-item usa-current" aria-current="page">
         <span>Domain managers</span>
@@ -93,7 +93,7 @@
                 {% include 'includes/modal.html' with modal_heading="Are you sure you want to remove yourself as a domain manager?" modal_description="You will no longer be able to manage the domain <strong>"|add:domain_name|add:"</strong>."|safe modal_button_id="user-delete-button-"|add:counter_str|safe modal_button_text="Yes, remove myself" modal_button_class="usa-button--secondary" %}
               {% endwith %}
             </div>
-            <form method="POST" id="user-delete-form-{{ forloop.counter }}" action="{% url "domain-user-delete" pk=domain.id user_pk=item.permission.user.id %}" >
+            <form method="POST" id="user-delete-form-{{ forloop.counter }}" action="{% url "domain-user-delete" domain_pk=domain.id user_pk=item.permission.user.id %}" >
               {% csrf_token %}
             </form>
           {% else %}
@@ -108,7 +108,7 @@
                 {% include 'includes/modal.html' with modal_heading="Are you sure you want to remove " heading_value=email|add:"?" modal_description="<strong>"|add:email|add:"</strong> will no longer be able to manage the domain <strong>"|add:domain_name|add:"</strong>."|safe modal_button_id="user-delete-button-"|add:counter_str|safe modal_button_text="Yes, remove domain manager" modal_button_class="usa-button--secondary" %}
               {% endwith %}
             </div>
-            <form method="POST" id="user-delete-form-{{ forloop.counter }}" action="{% url "domain-user-delete" pk=domain.id user_pk=item.permission.user.id %}">
+            <form method="POST" id="user-delete-form-{{ forloop.counter }}" action="{% url "domain-user-delete" domain_pk=domain.id user_pk=item.permission.user.id %}">
               {% csrf_token %}
             </form>
           {% endif %}
@@ -123,7 +123,7 @@
       ></div>
   {% endif %}
 
-  <a class="usa-button usa-button--unstyled usa-button--with-icon" href="{% url 'domain-users-add' pk=domain.id %}">
+  <a class="usa-button usa-button--unstyled usa-button--with-icon" href="{% url 'domain-users-add' domain_pk=domain.id %}">
     <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
       <use xlink:href="{%static 'img/sprite.svg'%}#add_circle"></use>
     </svg><span class="margin-left-05">Add a domain manager</span>
diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py
index 089bbe1a9..03860dc02 100644
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@@ -15,6 +15,7 @@ from django.shortcuts import redirect, render, get_object_or_404
 from django.urls import reverse
 from django.views.generic.edit import FormMixin
 from django.conf import settings
+from registrar.decorators import IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN, grant_access
 from registrar.forms.domain import DomainSuborganizationForm, DomainRenewalForm
 from registrar.models import (
     Domain,
@@ -95,7 +96,7 @@ class DomainBaseView(DomainPermissionView):
         self.session = request.session
         # domain:private_key is the session key to use for
         # caching the domain in the session
-        domain_pk = "domain:" + str(self.kwargs.get("pk"))
+        domain_pk = "domain:" + str(self.kwargs.get("domain_pk"))
         cached_domain = self.session.get(domain_pk)
 
         if cached_domain:
@@ -108,7 +109,7 @@ class DomainBaseView(DomainPermissionView):
         """
         update domain in the session cache
         """
-        domain_pk = "domain:" + str(self.kwargs.get("pk"))
+        domain_pk = "domain:" + str(self.kwargs.get("domain_pk"))
         self.session[domain_pk] = self.object
 
 
@@ -256,7 +257,7 @@ class DomainFormBaseView(DomainBaseView, FormMixin):
                 exc_info=True,
             )
 
-
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainView(DomainBaseView):
     """Domain detail overview page."""
 
@@ -310,7 +311,7 @@ class DomainView(DomainBaseView):
         self.object = self.get_object()
         self._update_session_with_domain()
 
-
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainRenewalView(DomainBaseView):
     """Domain detail overview page."""
 
@@ -344,9 +345,9 @@ class DomainRenewalView(DomainBaseView):
             and (requested_domain.is_expiring() or requested_domain.is_expired())
         )
 
-    def post(self, request, pk):
+    def post(self, request, domain_pk):
 
-        domain = get_object_or_404(Domain, id=pk)
+        domain = get_object_or_404(Domain, id=domain_pk)
 
         form = DomainRenewalForm(request.POST)
 
@@ -363,7 +364,7 @@ class DomainRenewalView(DomainBaseView):
                         "This domain has not been renewed for one year, "
                         "please email help@get.gov if this problem persists.",
                     )
-            return HttpResponseRedirect(reverse("domain", kwargs={"pk": pk}))
+            return HttpResponseRedirect(reverse("domain", kwargs={"domain_pk": domain_pk}))
 
         # if not valid, render the template with error messages
         # passing editable, has_domain_renewal_flag, and is_editable for re-render
@@ -379,7 +380,7 @@ class DomainRenewalView(DomainBaseView):
             },
         )
 
-
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainOrgNameAddressView(DomainFormBaseView):
     """Organization view"""
 
@@ -396,7 +397,7 @@ class DomainOrgNameAddressView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the overview page for the domain."""
-        return reverse("domain-org-name-address", kwargs={"pk": self.object.pk})
+        return reverse("domain-org-name-address", kwargs={"domain_pk": self.object.pk})
 
     def form_valid(self, form):
         """The form is valid, save the organization name and mailing address."""
@@ -455,7 +456,7 @@ class DomainSubOrganizationView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the overview page for the domain."""
-        return reverse("domain-suborganization", kwargs={"pk": self.object.pk})
+        return reverse("domain-suborganization", kwargs={"domain_pk": self.object.pk})
 
     def form_valid(self, form):
         """The form is valid, save the organization name and mailing address."""
@@ -494,7 +495,7 @@ class DomainSeniorOfficialView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the overview page for the domain."""
-        return reverse("domain-senior-official", kwargs={"pk": self.object.pk})
+        return reverse("domain-senior-official", kwargs={"domain_pk": self.object.pk})
 
     def form_valid(self, form):
         """The form is valid, save the senior official."""
@@ -587,7 +588,7 @@ class PrototypeDomainDNSRecordView(DomainFormBaseView):
         return True
 
     def get_success_url(self):
-        return reverse("prototype-domain-dns", kwargs={"pk": self.object.pk})
+        return reverse("prototype-domain-dns", kwargs={"domain_pk": self.object.pk})
 
     def find_by_name(self, items, name):
         """Find an item by name in a list of dictionaries."""
@@ -764,7 +765,7 @@ class DomainNameserversView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the nameservers page for the domain."""
-        return reverse("domain-dns-nameservers", kwargs={"pk": self.object.pk})
+        return reverse("domain-dns-nameservers", kwargs={"domain_pk": self.object.pk})
 
     def get_context_data(self, **kwargs):
         """Adjust context from FormMixin for formsets."""
@@ -885,7 +886,7 @@ class DomainDNSSECView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the DNSSEC page for the domain."""
-        return reverse("domain-dns-dnssec", kwargs={"pk": self.object.pk})
+        return reverse("domain-dns-dnssec", kwargs={"domain_pk": self.object.pk})
 
     def post(self, request, *args, **kwargs):
         """Form submission posts to this view."""
@@ -936,7 +937,7 @@ class DomainDsDataView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the DS data page for the domain."""
-        return reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.object.pk})
+        return reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.object.pk})
 
     def get_context_data(self, **kwargs):
         """Adjust context from FormMixin for formsets."""
@@ -1042,7 +1043,7 @@ class DomainSecurityEmailView(DomainFormBaseView):
 
     def get_success_url(self):
         """Redirect to the security email page for the domain."""
-        return reverse("domain-security-email", kwargs={"pk": self.object.pk})
+        return reverse("domain-security-email", kwargs={"domain_pk": self.object.pk})
 
     def form_valid(self, form):
         """The form is valid, call setter in model."""
@@ -1199,7 +1200,7 @@ class DomainAddUserView(DomainFormBaseView):
     form_class = DomainAddUserForm
 
     def get_success_url(self):
-        return reverse("domain-users", kwargs={"pk": self.object.pk})
+        return reverse("domain-users", kwargs={"domain_pk": self.object.pk})
 
     def form_valid(self, form):
         """Add the specified user to this domain."""
@@ -1304,7 +1305,7 @@ class DomainInvitationCancelView(SuccessMessageMixin, DomainInvitationPermission
             return HttpResponseRedirect(self.get_success_url())
 
     def get_success_url(self):
-        return reverse("domain-users", kwargs={"pk": self.object.domain.id})
+        return reverse("domain-users", kwargs={"domain_pk": self.object.domain.id})
 
     def get_success_message(self, cleaned_data):
         return f"Canceled invitation to {self.object.email}."
@@ -1317,13 +1318,13 @@ class DomainDeleteUserView(UserDomainRolePermissionDeleteView):
 
     def get_object(self, queryset=None):
         """Custom get_object definition to grab a UserDomainRole object from a domain_id and user_id"""
-        domain_id = self.kwargs.get("pk")
+        domain_id = self.kwargs.get("domain_pk")
         user_id = self.kwargs.get("user_pk")
         return UserDomainRole.objects.get(domain=domain_id, user=user_id)
 
     def get_success_url(self):
         """Refreshes the page after a delete is successful"""
-        return reverse("domain-users", kwargs={"pk": self.object.domain.id})
+        return reverse("domain-users", kwargs={"domain_pk": self.object.domain.id})
 
     def get_success_message(self):
         """Returns confirmation content for the deletion event"""
diff --git a/src/registrar/views/domains_json.py b/src/registrar/views/domains_json.py
index e0081450d..f23fdd3b4 100644
--- a/src/registrar/views/domains_json.py
+++ b/src/registrar/views/domains_json.py
@@ -143,7 +143,7 @@ def serialize_domain(domain, request):
         "state": domain.state,
         "state_display": domain.state_display(request),
         "get_state_help_text": domain.get_state_help_text(),
-        "action_url": reverse("domain", kwargs={"pk": domain.id}),
+        "action_url": reverse("domain", kwargs={"domain_pk": domain.id}),
         "action_label": ("View" if view_only else "Manage"),
         "svg_icon": ("visibility" if view_only else "settings"),
         "domain_info__sub_organization": suborganization_name,
diff --git a/src/registrar/views/utility/error_views.py b/src/registrar/views/utility/error_views.py
index 3e69d307d..bc6536b2b 100644
--- a/src/registrar/views/utility/error_views.py
+++ b/src/registrar/views/utility/error_views.py
@@ -35,3 +35,11 @@ def custom_403_error_view(request, exception=None, context=None):
     if context is None:
         context = {}
     return render(request, "403.html", context=context, status=403)
+
+
+def custom_404_error_view(request, exception=None, context=None):
+    """Used to redirect 404 errors to a custom view"""
+    print("this is called")
+    if context is None:
+        context = {}
+    return render(request, "404.html", context=context, status=404)
\ No newline at end of file
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 8a4666372..f03c83ee1 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -203,7 +203,7 @@ class DomainPermission(PermissionsLoginMixin):
         """Check if this user has access to this domain.
 
         The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["pk"]
+        up from the domain's primary key in self.kwargs["domain_pk"]
         """
 
         if not self.request.user.is_authenticated:
@@ -212,7 +212,7 @@ class DomainPermission(PermissionsLoginMixin):
         if self.request.user.is_restricted():
             return False
 
-        pk = self.kwargs["pk"]
+        pk = self.kwargs["domain_pk"]
         # If pk is none then something went very wrong...
         if pk is None:
             raise ValueError("Primary key is None")
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index 3234ea701..b430845f4 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -39,6 +39,7 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
 
     # DetailView property for what model this is viewing
     model = Domain
+    pk_url_kwarg = "domain_pk"
     # variable name in template context for the model object
     context_object_name = "domain"
 

From 3f2ceb81e8c95f41f4ec036e04ebc50f24b00202 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Tue, 11 Feb 2025 11:38:45 -0500
Subject: [PATCH 26/81] decorators on domain views

---
 src/registrar/config/urls.py               |  6 ++-
 src/registrar/decorators.py                | 63 ++++++++++++++++++----
 src/registrar/registrar_middleware.py      | 12 ++---
 src/registrar/views/domain.py              | 25 ++++++++-
 src/registrar/views/index.py               |  1 +
 src/registrar/views/utility/error_views.py |  2 +-
 6 files changed, 90 insertions(+), 19 deletions(-)

diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index 27ad01dc8..cf440256e 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -297,7 +297,11 @@ urlpatterns = [
         name="todo",
     ),
     path("domain/<int:domain_pk>", views.DomainView.as_view(), name="domain"),
-    path("domain/<int:domain_pk>/prototype-dns", views.PrototypeDomainDNSRecordView.as_view(), name="prototype-domain-dns"),
+    path(
+        "domain/<int:domain_pk>/prototype-dns",
+        views.PrototypeDomainDNSRecordView.as_view(),
+        name="prototype-domain-dns",
+    ),
     path("domain/<int:domain_pk>/users", views.DomainUsersView.as_view(), name="domain-users"),
     path(
         "domain/<int:domain_pk>/dns",
diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 177dfab62..ff8da3eed 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -1,7 +1,7 @@
 import functools
 from django.core.exceptions import PermissionDenied
 from django.utils.decorators import method_decorator
-from registrar.models import DomainInformation, DomainRequest, UserDomainRole
+from registrar.models import Domain, DomainInformation, DomainRequest, UserDomainRole
 
 # Constants for clarity
 ALL = "all"
@@ -9,6 +9,11 @@ IS_SUPERUSER = "is_superuser"
 IS_STAFF = "is_staff"
 IS_DOMAIN_MANAGER = "is_domain_manager"
 IS_STAFF_MANAGING_DOMAIN = "is_staff_managing_domain"
+IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER = "is_portfolio_member_and_domain_manager"
+IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER = "is_domain_manager_and_not_portfolio_member"
+HAS_PORTFOLIO_DOMAINS_VIEW_ALL = "has_portfolio_domains_view_all"
+# HAS_PORTFOLIO_DOMAINS_VIEW_MANAGED = "has_portfolio_domains_view_managed"
+
 
 def grant_access(*rules):
     """
@@ -28,7 +33,7 @@ def grant_access(*rules):
                 if not _user_has_permission(request.user, request, rules, **kwargs):
                     raise PermissionDenied
                 return original_dispatch(self, request, *args, **kwargs)
-            
+
             view.dispatch = wrapped_dispatch  # replace dispatch with wrapped version
             return view
 
@@ -43,11 +48,11 @@ def grant_access(*rules):
                 if not _user_has_permission(request.user, request, rules, **kwargs):
                     raise PermissionDenied
                 return view(request, *args, **kwargs)
-            
+
             return wrapper
-        
+
     return decorator
-    
+
 
 def _user_has_permission(user, request, rules, **kwargs):
     """
@@ -75,19 +80,45 @@ def _user_has_permission(user, request, rules, **kwargs):
         conditions_met.append(user.is_superuser)
 
     if not any(conditions_met) and IS_DOMAIN_MANAGER in rules:
-        domain_id = kwargs.get('domain_pk')
-        # Check UserDomainRole directly instead of fetching Domain
-        has_permission = UserDomainRole.objects.filter(user=user, domain_id=domain_id).exists()
+        domain_id = kwargs.get("domain_pk")
+        has_permission = _is_domain_manager(user, domain_id)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and IS_STAFF_MANAGING_DOMAIN in rules:
-        domain_id = kwargs.get('domain_pk')
+        domain_id = kwargs.get("domain_pk")
         has_permission = _can_access_other_user_domains(request, domain_id)
         conditions_met.append(has_permission)
 
+    if not any(conditions_met) and HAS_PORTFOLIO_DOMAINS_VIEW_ALL in rules:
+        domain_id = kwargs.get("domain_pk")
+        has_permission = _can_access_domain_via_portfolio_view_all_domains(request, domain_id)
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER in rules:
+        domain_id = kwargs.get("domain_pk")
+        has_permission = _is_domain_manager(user, domain_id) and _is_portfolio_member(request)
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER in rules:
+        domain_id = kwargs.get("domain_pk")
+        has_permission = _is_domain_manager(user, domain_id) and not _is_portfolio_member(request)
+        conditions_met.append(has_permission)
+
     return any(conditions_met)
 
 
+def _is_domain_manager(user, domain_pk):
+    """Checks to see if the user is a domain manager of the
+    domain with domain_pk."""
+    return UserDomainRole.objects.filter(user=user, domain_id=domain_pk).exists()
+
+
+def _is_portfolio_member(request):
+    """Checks to see if the user in the request is a member of the
+    portfolio in the request's session."""
+    return request.user.is_org_user(request)
+
+
 def _can_access_other_user_domains(request, domain_pk):
     """Checks to see if an authorized user (staff or superuser)
     can access a domain that they did not create or were invited to.
@@ -144,3 +175,17 @@ def _can_access_other_user_domains(request, domain_pk):
     # the user is permissioned,
     # and it is in a valid status
     return True
+
+
+def _can_access_domain_via_portfolio_view_all_domains(request, domain_pk):
+    """Returns whether the user in the request can access the domain
+    via portfolio view all domains permission."""
+    # NOTE: determine if in practice this ever needs to be called on its own
+    # or if it can be combined with view_managed_domains
+    portfolio = request.session.get("portfolio")
+    if request.user.has_view_all_domains_portfolio_permission(portfolio):
+        if Domain.objects.filter(id=domain_pk).exists():
+            domain = Domain.objects.get(id=domain_pk)
+            if domain.domain_info.portfolio == portfolio:
+                return True
+    return False
diff --git a/src/registrar/registrar_middleware.py b/src/registrar/registrar_middleware.py
index e3dcbe788..efef79063 100644
--- a/src/registrar/registrar_middleware.py
+++ b/src/registrar/registrar_middleware.py
@@ -177,17 +177,17 @@ class CheckPortfolioMiddleware:
 
 
 class RestrictAccessMiddleware:
-    """ Middleware that blocks all views unless explicitly permitted """
+    """Middleware that blocks all views unless explicitly permitted"""
 
     def __init__(self, get_response):
         self.get_response = get_response
         self.ignored_paths = [re.compile(pattern) for pattern in getattr(settings, "LOGIN_REQUIRED_IGNORE_PATHS", [])]
-    
+
     def __call__(self, request):
         # Allow requests that match LOGIN_REQUIRED_IGNORE_PATHS
         if any(pattern.match(request.path) for pattern in self.ignored_paths):
             return self.get_response(request)
-        
+
         # Try to resolve the view function
         try:
             resolver_match = resolve(request.path_info)
@@ -199,13 +199,13 @@ class RestrictAccessMiddleware:
         # Auto-allow Django's built-in admin views (but NOT custom /admin/* views)
         if app_name == "admin":
             return self.get_response(request)
-        
+
         # Skip access restriction if the view explicitly allows unauthenticated access
         if getattr(view_func, "login_required", True) is False:
             return self.get_response(request)
-        
+
         # Enforce explicit access fules for other views
         if not getattr(view_func, "has_explicit_access", False):
             raise PermissionDenied
 
-        return self.get_response(request)
\ No newline at end of file
+        return self.get_response(request)
diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py
index 03860dc02..d56bbb7f8 100644
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@@ -15,7 +15,14 @@ from django.shortcuts import redirect, render, get_object_or_404
 from django.urls import reverse
 from django.views.generic.edit import FormMixin
 from django.conf import settings
-from registrar.decorators import IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN, grant_access
+from registrar.decorators import (
+    HAS_PORTFOLIO_DOMAINS_VIEW_ALL,
+    IS_DOMAIN_MANAGER,
+    IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER,
+    IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER,
+    IS_STAFF_MANAGING_DOMAIN,
+    grant_access,
+)
 from registrar.forms.domain import DomainSuborganizationForm, DomainRenewalForm
 from registrar.models import (
     Domain,
@@ -257,7 +264,8 @@ class DomainFormBaseView(DomainBaseView, FormMixin):
                 exc_info=True,
             )
 
-@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
+
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN, HAS_PORTFOLIO_DOMAINS_VIEW_ALL)
 class DomainView(DomainBaseView):
     """Domain detail overview page."""
 
@@ -311,6 +319,7 @@ class DomainView(DomainBaseView):
         self.object = self.get_object()
         self._update_session_with_domain()
 
+
 @grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainRenewalView(DomainBaseView):
     """Domain detail overview page."""
@@ -380,6 +389,7 @@ class DomainRenewalView(DomainBaseView):
             },
         )
 
+
 @grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainOrgNameAddressView(DomainFormBaseView):
     """Organization view"""
@@ -422,6 +432,7 @@ class DomainOrgNameAddressView(DomainFormBaseView):
             return super().has_permission()
 
 
+@grant_access(IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER)
 class DomainSubOrganizationView(DomainFormBaseView):
     """Suborganization view"""
 
@@ -468,6 +479,7 @@ class DomainSubOrganizationView(DomainFormBaseView):
         return super().form_valid(form)
 
 
+@grant_access(IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER)
 class DomainSeniorOfficialView(DomainFormBaseView):
     """Domain senior official editing view."""
 
@@ -525,6 +537,7 @@ class DomainSeniorOfficialView(DomainFormBaseView):
             return super().has_permission()
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainDNSView(DomainBaseView):
     """DNS Information View."""
 
@@ -741,6 +754,7 @@ class PrototypeDomainDNSRecordView(DomainFormBaseView):
         return super().post(request)
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainNameserversView(DomainFormBaseView):
     """Domain nameserver editing view."""
 
@@ -868,6 +882,7 @@ class DomainNameserversView(DomainFormBaseView):
         return super().form_valid(formset)
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainDNSSECView(DomainFormBaseView):
     """Domain DNSSEC editing view."""
 
@@ -905,6 +920,7 @@ class DomainDNSSECView(DomainFormBaseView):
         return self.form_valid(form)
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainDsDataView(DomainFormBaseView):
     """Domain DNSSEC ds data editing view."""
 
@@ -1023,6 +1039,7 @@ class DomainDsDataView(DomainFormBaseView):
             return super().form_valid(formset)
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainSecurityEmailView(DomainFormBaseView):
     """Domain security email editing view."""
 
@@ -1094,6 +1111,7 @@ class DomainSecurityEmailView(DomainFormBaseView):
         return redirect(self.get_success_url())
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainUsersView(DomainBaseView):
     """Domain managers page in the domain details."""
 
@@ -1189,6 +1207,7 @@ class DomainUsersView(DomainBaseView):
         return context
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainAddUserView(DomainFormBaseView):
     """Inside of a domain's user management, a form for adding users.
 
@@ -1286,6 +1305,7 @@ class DomainAddUserView(DomainFormBaseView):
         messages.success(self.request, f"Added user {email}.")
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainInvitationCancelView(SuccessMessageMixin, DomainInvitationPermissionCancelView):
     object: DomainInvitation
     fields = []
@@ -1311,6 +1331,7 @@ class DomainInvitationCancelView(SuccessMessageMixin, DomainInvitationPermission
         return f"Canceled invitation to {self.object.email}."
 
 
+@grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainDeleteUserView(UserDomainRolePermissionDeleteView):
     """Inside of a domain's user management, a form for deleting users."""
 
diff --git a/src/registrar/views/index.py b/src/registrar/views/index.py
index d9ff9b209..097bf2c89 100644
--- a/src/registrar/views/index.py
+++ b/src/registrar/views/index.py
@@ -2,6 +2,7 @@ from django.shortcuts import render
 
 from registrar.decorators import grant_access, ALL
 
+
 @grant_access(ALL)
 def index(request):
     """This page is available to anyone without logging in."""
diff --git a/src/registrar/views/utility/error_views.py b/src/registrar/views/utility/error_views.py
index bc6536b2b..4f9635d09 100644
--- a/src/registrar/views/utility/error_views.py
+++ b/src/registrar/views/utility/error_views.py
@@ -42,4 +42,4 @@ def custom_404_error_view(request, exception=None, context=None):
     print("this is called")
     if context is None:
         context = {}
-    return render(request, "404.html", context=context, status=404)
\ No newline at end of file
+    return render(request, "404.html", context=context, status=404)

From bd071a0fb32e5b40cbe292358d1f50f5a9344cee Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Tue, 11 Feb 2025 12:22:40 -0500
Subject: [PATCH 27/81] cleaning up domainpermission

---
 src/registrar/decorators.py           |  4 ++++
 src/registrar/views/utility/mixins.py | 24 ------------------------
 2 files changed, 4 insertions(+), 24 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index ff8da3eed..5bb80bf18 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -70,6 +70,10 @@ def _user_has_permission(user, request, rules, **kwargs):
     # Ensure user is authenticated
     if not user.is_authenticated:
         return False
+    
+    # Ensure user is not restricted
+    if user.is_restricted():
+        return False
 
     conditions_met = []
 
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index f03c83ee1..23bcff162 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -205,39 +205,15 @@ class DomainPermission(PermissionsLoginMixin):
         The user is in self.request.user and the domain needs to be looked
         up from the domain's primary key in self.kwargs["domain_pk"]
         """
-
-        if not self.request.user.is_authenticated:
-            return False
-
-        if self.request.user.is_restricted():
-            return False
-
         pk = self.kwargs["domain_pk"]
-        # If pk is none then something went very wrong...
-        if pk is None:
-            raise ValueError("Primary key is None")
 
         # test if domain in editable state
         if not self.in_editable_state(pk):
             return False
 
-        if self.can_access_other_user_domains(pk):
-            return True
-
-        # user needs to have a role on the domain
-        if not UserDomainRole.objects.filter(user=self.request.user, domain__id=pk).exists():
-            return self.can_access_domain_via_portfolio(pk)
-
         # if we need to check more about the nature of role, do it here.
         return True
 
-    def can_access_domain_via_portfolio(self, pk):
-        """Most views should not allow permission to portfolio users.
-        If particular views allow access to the domain pages, they will need to override
-        this function.
-        """
-        return False
-
     def in_editable_state(self, pk):
         """Is the domain in an editable state"""
 

From 4e95c77725a716d375cc6d097a56e35c4993ed8a Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Tue, 11 Feb 2025 11:54:12 -0700
Subject: [PATCH 28/81] cleanup html

---
 src/registrar/templates/admin/analytics.html | 479 +++++++++----------
 1 file changed, 239 insertions(+), 240 deletions(-)

diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 91248f502..ca3501eec 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -1,6 +1,7 @@
 {% extends "admin/base_site.html" %}
 {% load static %}
 {% load i18n %}
+
 {% block content_title %}<h1>Registrar Analytics</h1>{% endblock %}
 
 {% block breadcrumbs %}
@@ -14,251 +15,249 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
   <span>{% trans "Analytics Dashboard" %}</span>
 </div>
 {% endblock %}
+
 {% block content %}
-<div id="content-main" class="custom-admin-template">
-<div class="grid-row grid-gap-2">
-	<div class="tablet:grid-col-6 margin-top-2">
-		<div class="module height-full">
-			<h2>At a glance</h2>
-			<div class="padding-top-2 padding-x-2">
-				<ul>
-					<li>User Count: {{ data.user_count }}</li>
-					<li>Domain Count: {{ data.domain_count }}</li>
-					<li>Domains in READY state: {{ data.ready_domain_count }}</li>
-					<li>Domain applications (last 30 days): {{ data.last_30_days_applications }}</li>
-					<li>Approved applications (last 30 days): {{ data.last_30_days_approved_applications }}</li>
-					<li>Average approval time for applications (last 30 days): {{ data.average_application_approval_time_last_30_days }}</li>
-				</ul>
-			</div>
-		</div>
-	</div>
-	<div class="tablet:grid-col-6 margin-top-2">
-		<div class="module height-full">
-			<h2>Current domains</h2>
-			<div class="padding-top-2 padding-x-2">
-				<ul class="usa-button-group wrapped-button-group">
-					<li class="usa-button-group__item">
-						<a href="{% url 'export_data_type' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">All domain metadata</span>
-						</a>
-					</li>
-					<li class="usa-button-group__item">
-						<a href="{% url 'export_data_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">Current full</span>
-						</a>
-					</li>
-					<li class="usa-button-group__item">
-						<a href="{% url 'export_data_federal' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">Current federal</span>
-						</a>
-					</li>
-					<li class="usa-button-group__item">
-						<a href="{% url 'export_data_domain_requests_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">All domain requests metadata</span>
-						</a>
-					</li>
-				</ul>
-			</div>
-		</div>
-	</div>
-</div>
-<div class="grid-row grid-gap-2 margin-top-2">
-	<div class="grid-col">
-		<div class="module">
-			<h2>Growth reports</h2>
-			<div class="padding-2">
-				{% comment %} 
-				Inputs of type date suck for accessibility.
-				We'll need to replace those guys with a django form once we figure out how to hook one onto this page.
-				See the commit "Review for ticket #999"
-				{% endcomment %}
-				<div class="display-flex flex-align-baseline margin-top-1 margin-bottom-2">
-					<div class="margin-right-1">
-						<label for="start">Start date:</label>
-						<input type="date" id="start" name="start" value="2018-07-22" min="2018-01-01" />
-					</div>
-					<div>
-						<label for="end">End date:</label>
-						<input type="date" id="end" name="end" value="2023-12-01" min="2023-12-01" />
-					</div>
-				</div>
-				<ul class="usa-button-group">
-					<li class="usa-button-group__item">
-						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">Domain growth</span>
-						</button>
-					</li>
-					<li class="usa-button-group__item">
-						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">Request growth</span>
-						</button>
-					</li>
-					<li class="usa-button-group__item">
-						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">Managed domains</span>
-						</button>
-					</li>
-					<li class="usa-button-group__item">
-						<button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
-							</svg>
-							<span class="margin-left-05">Unmanaged domains</span>
-						</button>
-					</li>
-					<li class="usa-button-group__item">
-						<button class="usa-button usa-button--dja exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
-							<svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
-								<use xlink:href="{%static 'img/sprite.svg'%}#assessment"></use>
-							</svg>
-							<span class="margin-left-05">Update charts</span>
-						</button>
-					</li>
-				</ul>
-        <div class="analytics-dashboard-charts margin-top-2">
-          {% comment %} Managed/Unmanaged domains {% endcomment %}
-          <div class="chart-1 grid-col">
-            <canvas id="myChart1" width="400" height="200"
-              aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
-              role="img"
-              data-list-one="{{ data.managed_domains.start_date_count }}"
-              data-list-two="{{ data.managed_domains.end_date_count }}"
-              >
-              <h2>Chart: Managed domains</h2>
-              <p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
-            </canvas>
-          </div>
-          <div class="details-1 grid-col margin-bottom-2">
-            <details class="dja-detail-table" aria-role="button" closed>
-              <summary class="dja-details-summary">Details for managed domains</summary>
-              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                {% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
-              </div>
-            </details>
-          </div>
-          <div class="chart-2 grid-col">
-            <canvas id="myChart2" width="400" height="200"
-              aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
-              role="img"
-              data-list-one="{{ data.unmanaged_domains.start_date_count }}"
-              data-list-two="{{ data.unmanaged_domains.end_date_count }}"
-              >
-              <h2>Chart: Unmanaged domains</h2>
-              <p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
-            </canvas>
-          </div>
-          <div class="details-2 grid-col margin-bottom-2">
-            <details class="dja-detail-table" aria-role="button" closed>
-              <summary class="dja-details-summary">Details for unmanaged domains</summary>
-              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                {% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
-              </div>
-            </details>
-          </div>
 
-          {% comment %} Deleted/Ready domains {% endcomment %}
-          <div class="chart-3 grid-col">
-            <canvas id="myChart3" width="400" height="200"
-              aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
-              role="img" 
-              data-list-one="{{ data.deleted_domains.start_date_count }}"
-              data-list-two="{{ data.deleted_domains.end_date_count }}"
-              >
-              <h2>Chart: Deleted domains</h2>
-              <p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
-            </canvas>
-          </div>
-          <div class="details-3 grid-col margin-bottom-2">
-            <details class="dja-detail-table" aria-role="button" closed>
-              <summary class="dja-details-summary">Details for deleted domains</summary>
-              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                {% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
-              </div>
-            </details>
-          </div>
-          <div class="chart-4 grid-col">
-            <canvas id="myChart4" width="400" height="200"
-              aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
-              role="img" 
-              data-list-one="{{ data.ready_domains.start_date_count }}"
-              data-list-two="{{ data.ready_domains.end_date_count }}"
-              >
-              <h2>Chart: Ready domains</h2>
-              <p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
-            </canvas>
-          </div>
-          <div class="details-4 grid-col margin-bottom-2">
-            <details class="dja-detail-table" aria-role="button" closed>
-              <summary class="dja-details-summary">Details for ready domains</summary>
-              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                {% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
-              </div>
-            </details>
-          </div>
+  <div id="content-main" class="custom-admin-template">
 
-          {% comment %} Requests {% endcomment %}
-          <div class="chart-5 grid-col">
-            <canvas id="myChart5" width="400" height="200"
-              aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
-              role="img" 
-              data-list-one="{{ data.submitted_requests.start_date_count }}"
-              data-list-two="{{ data.submitted_requests.end_date_count }}"
-              >
-              <h2>Chart: Submitted requests</h2>
-              <p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
-            </canvas>
-          </div>
-          <div class="details-5 grid-col margin-bottom-2">
-            <details class="dja-detail-table" aria-role="button" closed>
-              <summary class="dja-details-summary">Details for submitted requests</summary>
-              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                {% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
-              </div>
-            </details>
-          </div>
-          <div class="chart-6 grid-col">
-            <canvas id="myChart6" width="400" height="200"
-              aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
-              role="img" 
-              data-list-one="{{ data.requests.start_date_count }}"
-              data-list-two="{{ data.requests.end_date_count }}"
-              >
-              <h2>Chart: All requests</h2>
-              <p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
-            </canvas>
-          </div>
-          <div class="details-6 grid-col margin-bottom-2">
-            <details class="dja-detail-table" aria-role="button" closed>
-              <summary class="dja-details-summary">Details for all requests</summary>
-              <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
-                {% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
-              </div>
-            </details>
+    <div class="grid-row grid-gap-2">
+      <div class="tablet:grid-col-6 margin-top-2">
+        <div class="module height-full">
+          <h2>At a glance</h2>
+          <div class="padding-top-2 padding-x-2">
+            <ul>
+              <li>User Count: {{ data.user_count }}</li>
+              <li>Domain Count: {{ data.domain_count }}</li>
+              <li>Domains in READY state: {{ data.ready_domain_count }}</li>
+              <li>Domain applications (last 30 days): {{ data.last_30_days_applications }}</li>
+              <li>Approved applications (last 30 days): {{ data.last_30_days_approved_applications }}</li>
+              <li>Average approval time for applications (last 30 days): {{ data.average_application_approval_time_last_30_days }}</li>
+            </ul>
           </div>
         </div>
+      </div>
+      <div class="tablet:grid-col-6 margin-top-2">
+      <div class="module height-full">
+        <h2>Current domains</h2>
+        <div class="padding-top-2 padding-x-2">
+          <ul class="usa-button-group wrapped-button-group">
+            <li class="usa-button-group__item">
+                <a href="{% url 'export_data_type' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+                  <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                    <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                  </svg><span class="margin-left-05">All domain metadata</span>
+                </a>
+            </li>
+            <li class="usa-button-group__item">
+              <a href="{% url 'export_data_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                </svg><span class="margin-left-05">Current full</span>
+              </a>
+            </li>
+            <li class="usa-button-group__item">
+                <a href="{% url 'export_data_federal' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+                  <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                    <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                  </svg><span class="margin-left-05">Current federal</span>
+                </a>
+            </li>
+            <li class="usa-button-group__item">
+              <a href="{% url 'export_data_domain_requests_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                </svg><span class="margin-left-05">All domain requests metadata</span>
+              </a>
+            </li>
+          </ul>
+        </div>
+      </div>
+    </div>
+  </div>
+  
+  <div class="grid-row grid-gap-2 margin-top-2">
+    <div class="grid-col">
+      <div class="module">
+        <h2>Growth reports</h2>
+        <div class="padding-2">
+          {% comment %} 
+              Inputs of type date suck for accessibility.
+              We'll need to replace those guys with a django form once we figure out how to hook one onto this page.
+              See the commit "Review for ticket #999"
+          {% endcomment %}
+          <div class="display-flex flex-align-baseline margin-top-1 margin-bottom-2">
+              <div class="margin-right-1">
+                  <label for="start">Start date:</label>
+                  <input type="date" id="start" name="start" value="2018-07-22" min="2018-01-01" />
+              </div>
+              <div>
+                  <label for="end">End date:</label>
+                  <input type="date" id="end" name="end" value="2023-12-01" min="2023-12-01" />
+              </div>
+          </div>
+          <ul class="usa-button-group">
+            <li class="usa-button-group__item">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                </svg><span class="margin-left-05">Domain growth</span>
+              </button>
+            </li>
+            <li class="usa-button-group__item">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                </svg><span class="margin-left-05">Request growth</span>
+              </button>
+            </li>
+            <li class="usa-button-group__item">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                </svg><span class="margin-left-05">Managed domains</span>
+              </button>
+            </li>
+            <li class="usa-button-group__item">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
+                </svg><span class="margin-left-05">Unmanaged domains</span>
+              </button>
+            </li>
+            <li class="usa-button-group__item">
+              <button class="usa-button usa-button--dja exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+                  <use xlink:href="{%static 'img/sprite.svg'%}#assessment"></use>
+                </svg><span class="margin-left-05">Update charts</span>
+              </button>
+            </li>
+          </ul>
+
+		<div class="analytics-dashboard-charts margin-top-2">
+			{% comment %} Managed/Unmanaged domains {% endcomment %}
+			<div class="chart-1 grid-col">
+				<canvas id="myChart1" width="400" height="200"
+				aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
+				role="img"
+				data-list-one="{{ data.managed_domains.start_date_count }}"
+				data-list-two="{{ data.managed_domains.end_date_count }}"
+				>
+				<h2>Chart: Managed domains</h2>
+				<p>{{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}</p>
+				</canvas>
+			</div>
+			<div class="details-1 grid-col margin-bottom-2">
+				<details class="dja-detail-table" aria-role="button" closed>
+				<summary class="dja-details-summary">Details for managed domains</summary>
+				<div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+					{% include "admin/analytics_graph_table.html" with data=data property_name="managed_domains" %}
+				</div>
+				</details>
+			</div>
+			<div class="chart-2 grid-col">
+				<canvas id="myChart2" width="400" height="200"
+				aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
+				role="img"
+				data-list-one="{{ data.unmanaged_domains.start_date_count }}"
+				data-list-two="{{ data.unmanaged_domains.end_date_count }}"
+				>
+				<h2>Chart: Unmanaged domains</h2>
+				<p>{{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}</p>
+				</canvas>
+			</div>
+			<div class="details-2 grid-col margin-bottom-2">
+				<details class="dja-detail-table" aria-role="button" closed>
+				<summary class="dja-details-summary">Details for unmanaged domains</summary>
+				<div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+					{% include "admin/analytics_graph_table.html" with data=data property_name="unmanaged_domains" %}
+				</div>
+				</details>
+			</div>
+
+			{% comment %} Deleted/Ready domains {% endcomment %}
+			<div class="chart-3 grid-col">
+				<canvas id="myChart3" width="400" height="200"
+				aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
+				role="img" 
+				data-list-one="{{ data.deleted_domains.start_date_count }}"
+				data-list-two="{{ data.deleted_domains.end_date_count }}"
+				>
+				<h2>Chart: Deleted domains</h2>
+				<p>{{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}</p>
+				</canvas>
+			</div>
+			<div class="details-3 grid-col margin-bottom-2">
+				<details class="dja-detail-table" aria-role="button" closed>
+				<summary class="dja-details-summary">Details for deleted domains</summary>
+				<div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+					{% include "admin/analytics_graph_table.html" with data=data property_name="deleted_domains" %}
+				</div>
+				</details>
+			</div>
+			<div class="chart-4 grid-col">
+				<canvas id="myChart4" width="400" height="200"
+				aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
+				role="img" 
+				data-list-one="{{ data.ready_domains.start_date_count }}"
+				data-list-two="{{ data.ready_domains.end_date_count }}"
+				>
+				<h2>Chart: Ready domains</h2>
+				<p>{{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}</p>
+				</canvas>
+			</div>
+			<div class="details-4 grid-col margin-bottom-2">
+				<details class="dja-detail-table" aria-role="button" closed>
+				<summary class="dja-details-summary">Details for ready domains</summary>
+				<div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+					{% include "admin/analytics_graph_table.html" with data=data property_name="ready_domains" %}
+				</div>
+				</details>
+			</div>
+
+			{% comment %} Requests {% endcomment %}
+			<div class="chart-5 grid-col">
+				<canvas id="myChart5" width="400" height="200"
+				aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
+				role="img" 
+				data-list-one="{{ data.submitted_requests.start_date_count }}"
+				data-list-two="{{ data.submitted_requests.end_date_count }}"
+				>
+				<h2>Chart: Submitted requests</h2>
+				<p>{{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}</p>
+				</canvas>
+			</div>
+			<div class="details-5 grid-col margin-bottom-2">
+				<details class="dja-detail-table" aria-role="button" closed>
+				<summary class="dja-details-summary">Details for submitted requests</summary>
+				<div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+					{% include "admin/analytics_graph_table.html" with data=data property_name="submitted_requests" %}
+				</div>
+				</details>
+			</div>
+			<div class="chart-6 grid-col">
+				<canvas id="myChart6" width="400" height="200"
+				aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
+				role="img" 
+				data-list-one="{{ data.requests.start_date_count }}"
+				data-list-two="{{ data.requests.end_date_count }}"
+				>
+				<h2>Chart: All requests</h2>
+				<p>{{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}</p>
+				</canvas>
+			</div>
+			<div class="details-6 grid-col margin-bottom-2">
+				<details class="dja-detail-table" aria-role="button" closed>
+				<summary class="dja-details-summary">Details for all requests</summary>
+				<div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+					{% include "admin/analytics_graph_table.html" with data=data property_name="requests" %}
+				</div>
+				</details>
 			</div>
 		</div>
-	</div>
+
+        </div>
+      </div>
+    </div>
+  </div>
 </div>
-{% endblock %}
\ No newline at end of file
+{% endblock %}

From aeb22e99a01d87e0f2a1af61fb70b2b935e2a705 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Tue, 11 Feb 2025 12:53:09 -0700
Subject: [PATCH 29/81] Update package-lock.json

---
 src/package-lock.json | 1028 +++++++++++++++++++++++------------------
 1 file changed, 566 insertions(+), 462 deletions(-)

diff --git a/src/package-lock.json b/src/package-lock.json
index 5caff976c..eb2d6b7af 100644
--- a/src/package-lock.json
+++ b/src/package-lock.json
@@ -53,9 +53,9 @@
       }
     },
     "node_modules/@babel/compat-data": {
-      "version": "7.26.2",
-      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.2.tgz",
-      "integrity": "sha512-Z0WgzSEa+aUcdiJuCIqgujCshpMWgUpgOxXotrYPSA53hA3qopNaqcJpyr0hVb1FeWdnqFA35/fUtXgBK8srQg==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.26.8.tgz",
+      "integrity": "sha512-oH5UPLMWR3L2wEFLnFJ1TZXqHufiTKAiLfqw5zkhS4dKXLJ10yVztfil/twG8EDTA4F/tvVNw9nOl4ZMslB8rQ==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -63,22 +63,23 @@
       }
     },
     "node_modules/@babel/core": {
-      "version": "7.26.0",
-      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.0.tgz",
-      "integrity": "sha512-i1SLeK+DzNnQ3LL/CswPCa/E5u4lh1k6IAEphON8F+cXt0t9euTshDru0q7/IqMa1PMPz5RnHuHscF8/ZJsStg==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.26.8.tgz",
+      "integrity": "sha512-l+lkXCHS6tQEc5oUpK28xBOZ6+HwaH7YwoYQbLFiYb4nS2/l1tKnZEtEWkD0GuiYdvArf9qBS0XlQGXzPMsNqQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@ampproject/remapping": "^2.2.0",
-        "@babel/code-frame": "^7.26.0",
-        "@babel/generator": "^7.26.0",
-        "@babel/helper-compilation-targets": "^7.25.9",
+        "@babel/code-frame": "^7.26.2",
+        "@babel/generator": "^7.26.8",
+        "@babel/helper-compilation-targets": "^7.26.5",
         "@babel/helper-module-transforms": "^7.26.0",
-        "@babel/helpers": "^7.26.0",
-        "@babel/parser": "^7.26.0",
-        "@babel/template": "^7.25.9",
-        "@babel/traverse": "^7.25.9",
-        "@babel/types": "^7.26.0",
+        "@babel/helpers": "^7.26.7",
+        "@babel/parser": "^7.26.8",
+        "@babel/template": "^7.26.8",
+        "@babel/traverse": "^7.26.8",
+        "@babel/types": "^7.26.8",
+        "@types/gensync": "^1.0.0",
         "convert-source-map": "^2.0.0",
         "debug": "^4.1.0",
         "gensync": "^1.0.0-beta.2",
@@ -94,14 +95,14 @@
       }
     },
     "node_modules/@babel/generator": {
-      "version": "7.26.2",
-      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.2.tgz",
-      "integrity": "sha512-zevQbhbau95nkoxSq3f/DC/SC+EEOUZd3DYqfSkMhY2/wfSeaHV1Ew4vk8e+x8lja31IbyuUa2uQ3JONqKbysw==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.8.tgz",
+      "integrity": "sha512-ef383X5++iZHWAXX0SXQR6ZyQhw/0KtTkrTz61WXRhFM6dhpHulO/RJz79L8S6ugZHJkOOkUrUdxgdF2YiPFnA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/parser": "^7.26.2",
-        "@babel/types": "^7.26.0",
+        "@babel/parser": "^7.26.8",
+        "@babel/types": "^7.26.8",
         "@jridgewell/gen-mapping": "^0.3.5",
         "@jridgewell/trace-mapping": "^0.3.25",
         "jsesc": "^3.0.2"
@@ -123,28 +124,14 @@
         "node": ">=6.9.0"
       }
     },
-    "node_modules/@babel/helper-builder-binary-assignment-operator-visitor": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-builder-binary-assignment-operator-visitor/-/helper-builder-binary-assignment-operator-visitor-7.25.9.tgz",
-      "integrity": "sha512-C47lC7LIDCnz0h4vai/tpNOI95tCd5ZT3iBt/DBH5lXKHZsyNQv18yf1wIIg2ntiQNgmAvA+DgZ82iW8Qdym8g==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "@babel/traverse": "^7.25.9",
-        "@babel/types": "^7.25.9"
-      },
-      "engines": {
-        "node": ">=6.9.0"
-      }
-    },
     "node_modules/@babel/helper-compilation-targets": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.25.9.tgz",
-      "integrity": "sha512-j9Db8Suy6yV/VHa4qzrj9yZfZxhLWQdVnRlXxmKLYlhWUVB1sB2G5sxuWYXk/whHD9iW76PmNzxZ4UCnTQTVEQ==",
+      "version": "7.26.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.26.5.tgz",
+      "integrity": "sha512-IXuyn5EkouFJscIDuFF5EsiSolseme1s0CZB+QxVugqJLYmKdxI1VfIBOst0SUu4rnk2Z7kqTwmoO1lp3HIfnA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/compat-data": "^7.25.9",
+        "@babel/compat-data": "^7.26.5",
         "@babel/helper-validator-option": "^7.25.9",
         "browserslist": "^4.24.0",
         "lru-cache": "^5.1.1",
@@ -177,14 +164,14 @@
       }
     },
     "node_modules/@babel/helper-create-regexp-features-plugin": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.25.9.tgz",
-      "integrity": "sha512-ORPNZ3h6ZRkOyAa/SaHU+XsLZr0UQzRwuDQ0cczIA17nAzZ+85G5cVkOJIj7QavLZGSe8QXUmNFxSZzjcZF9bw==",
+      "version": "7.26.3",
+      "resolved": "https://registry.npmjs.org/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.26.3.tgz",
+      "integrity": "sha512-G7ZRb40uUgdKOQqPLjfD12ZmGA54PzqDFUv2BKImnC9QIfGhIHKvVML0oN8IUiDq4iRqpq74ABpvOaerfWdong==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@babel/helper-annotate-as-pure": "^7.25.9",
-        "regexpu-core": "^6.1.1",
+        "regexpu-core": "^6.2.0",
         "semver": "^6.3.1"
       },
       "engines": {
@@ -271,9 +258,9 @@
       }
     },
     "node_modules/@babel/helper-plugin-utils": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.25.9.tgz",
-      "integrity": "sha512-kSMlyUVdWe25rEsRGviIgOWnoT/nfABVWlqt9N19/dIPWViAOW2s9wznP5tURbs/IDuNk4gPy3YdYRgH3uxhBw==",
+      "version": "7.26.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.26.5.tgz",
+      "integrity": "sha512-RS+jZcRdZdRFzMyr+wcsaqOmld1/EqTghfaBGQQd/WnRdzdlvSZ//kF7U8VQTxf1ynZ4cjUcYgjVGx13ewNPMg==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -299,15 +286,15 @@
       }
     },
     "node_modules/@babel/helper-replace-supers": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.25.9.tgz",
-      "integrity": "sha512-IiDqTOTBQy0sWyeXyGSC5TBJpGFXBkRynjBeXsvbhQFKj2viwJC76Epz35YLU1fpe/Am6Vppb7W7zM4fPQzLsQ==",
+      "version": "7.26.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.26.5.tgz",
+      "integrity": "sha512-bJ6iIVdYX1YooY2X7w1q6VITt+LnUILtNk7zT78ykuwStx8BauCzxvFqFaHjOpW1bVnSUM1PN1f0p5P21wHxvg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@babel/helper-member-expression-to-functions": "^7.25.9",
         "@babel/helper-optimise-call-expression": "^7.25.9",
-        "@babel/traverse": "^7.25.9"
+        "@babel/traverse": "^7.26.5"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -316,20 +303,6 @@
         "@babel/core": "^7.0.0"
       }
     },
-    "node_modules/@babel/helper-simple-access": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.25.9.tgz",
-      "integrity": "sha512-c6WHXuiaRsJTyHYLJV75t9IqsmTbItYfdj99PnzYGQZkYKvan5/2jKJ7gu31J3/BJ/A18grImSPModuyG/Eo0Q==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "@babel/traverse": "^7.25.9",
-        "@babel/types": "^7.25.9"
-      },
-      "engines": {
-        "node": ">=6.9.0"
-      }
-    },
     "node_modules/@babel/helper-skip-transparent-expression-wrappers": {
       "version": "7.25.9",
       "resolved": "https://registry.npmjs.org/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.25.9.tgz",
@@ -390,27 +363,27 @@
       }
     },
     "node_modules/@babel/helpers": {
-      "version": "7.26.0",
-      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.0.tgz",
-      "integrity": "sha512-tbhNuIxNcVb21pInl3ZSjksLCvgdZy9KwJ8brv993QtIVKJBBkYXz4q4ZbAv31GdnC+R90np23L5FbEBlthAEw==",
+      "version": "7.26.7",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.7.tgz",
+      "integrity": "sha512-8NHiL98vsi0mbPQmYAGWwfcFaOy4j2HY49fXJCfuDcdE7fMIsH9a7GdaeXpIBsbT7307WU8KCMp5pUVDNL4f9A==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@babel/template": "^7.25.9",
-        "@babel/types": "^7.26.0"
+        "@babel/types": "^7.26.7"
       },
       "engines": {
         "node": ">=6.9.0"
       }
     },
     "node_modules/@babel/parser": {
-      "version": "7.26.2",
-      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.2.tgz",
-      "integrity": "sha512-DWMCZH9WA4Maitz2q21SRKHo9QXZxkDsbNZoVD62gusNtNBBqDg9i7uOhASfTfIGNzW+O+r7+jAlM8dwphcJKQ==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.8.tgz",
+      "integrity": "sha512-TZIQ25pkSoaKEYYaHbbxkfL36GNsQ6iFiBbeuzAkLnXayKR1yP1zFe+NxuZWWsUyvt8icPU9CCq0sgWGXR1GEw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/types": "^7.26.0"
+        "@babel/types": "^7.26.8"
       },
       "bin": {
         "parser": "bin/babel-parser.js"
@@ -582,15 +555,15 @@
       }
     },
     "node_modules/@babel/plugin-transform-async-generator-functions": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.25.9.tgz",
-      "integrity": "sha512-RXV6QAzTBbhDMO9fWwOmwwTuYaiPbggWQ9INdZqAYeSHyG7FzQ+nOZaUUjNwKv9pV3aE4WFqFm1Hnbci5tBCAw==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.26.8.tgz",
+      "integrity": "sha512-He9Ej2X7tNf2zdKMAGOsmg2MrFc+hfoAhd3po4cWfo/NWjzEAKa0oQruj1ROVUdl0e6fb6/kE/G3SSxE0lRJOg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-plugin-utils": "^7.25.9",
+        "@babel/helper-plugin-utils": "^7.26.5",
         "@babel/helper-remap-async-to-generator": "^7.25.9",
-        "@babel/traverse": "^7.25.9"
+        "@babel/traverse": "^7.26.8"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -618,13 +591,13 @@
       }
     },
     "node_modules/@babel/plugin-transform-block-scoped-functions": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.25.9.tgz",
-      "integrity": "sha512-toHc9fzab0ZfenFpsyYinOX0J/5dgJVA2fm64xPewu7CoYHWEivIWKxkK2rMi4r3yQqLnVmheMXRdG+k239CgA==",
+      "version": "7.26.5",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.26.5.tgz",
+      "integrity": "sha512-chuTSY+hq09+/f5lMj8ZSYgCFpppV2CbYrhNFJ1BFoXpiWPnnAb7R0MqrafCpN8E1+YRrtM1MXZHJdIx8B6rMQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-plugin-utils": "^7.25.9"
+        "@babel/helper-plugin-utils": "^7.26.5"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -804,13 +777,12 @@
       }
     },
     "node_modules/@babel/plugin-transform-exponentiation-operator": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.25.9.tgz",
-      "integrity": "sha512-KRhdhlVk2nObA5AYa7QMgTMTVJdfHprfpAk4DjZVtllqRg9qarilstTKEhpVjyt+Npi8ThRyiV8176Am3CodPA==",
+      "version": "7.26.3",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.26.3.tgz",
+      "integrity": "sha512-7CAHcQ58z2chuXPWblnn1K6rLDnDWieghSOEmqQsrBenH0P9InCUtOJYD89pvngljmZlJcz3fcmgYsXFNGa1ZQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-builder-binary-assignment-operator-visitor": "^7.25.9",
         "@babel/helper-plugin-utils": "^7.25.9"
       },
       "engines": {
@@ -953,15 +925,14 @@
       }
     },
     "node_modules/@babel/plugin-transform-modules-commonjs": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.25.9.tgz",
-      "integrity": "sha512-dwh2Ol1jWwL2MgkCzUSOvfmKElqQcuswAZypBSUsScMXvgdT8Ekq5YA6TtqpTVWH+4903NmboMuH1o9i8Rxlyg==",
+      "version": "7.26.3",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.26.3.tgz",
+      "integrity": "sha512-MgR55l4q9KddUDITEzEFYn5ZsGDXMSsU9E+kh7fjRXTIC3RHqfCo8RPRbyReYJh44HQ/yomFkqbOFohXvDCiIQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-module-transforms": "^7.25.9",
-        "@babel/helper-plugin-utils": "^7.25.9",
-        "@babel/helper-simple-access": "^7.25.9"
+        "@babel/helper-module-transforms": "^7.26.0",
+        "@babel/helper-plugin-utils": "^7.25.9"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -1040,13 +1011,13 @@
       }
     },
     "node_modules/@babel/plugin-transform-nullish-coalescing-operator": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-nullish-coalescing-operator/-/plugin-transform-nullish-coalescing-operator-7.25.9.tgz",
-      "integrity": "sha512-ENfftpLZw5EItALAD4WsY/KUWvhUlZndm5GC7G3evUsVeSJB6p0pBeLQUnRnBCBx7zV0RKQjR9kCuwrsIrjWog==",
+      "version": "7.26.6",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-nullish-coalescing-operator/-/plugin-transform-nullish-coalescing-operator-7.26.6.tgz",
+      "integrity": "sha512-CKW8Vu+uUZneQCPtXmSBUC6NCAUdya26hWCElAWh5mVSlSRsmiCPUUDKb3Z0szng1hiAJa098Hkhg9o4SE35Qw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-plugin-utils": "^7.25.9"
+        "@babel/helper-plugin-utils": "^7.26.5"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -1306,13 +1277,13 @@
       }
     },
     "node_modules/@babel/plugin-transform-template-literals": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.25.9.tgz",
-      "integrity": "sha512-o97AE4syN71M/lxrCtQByzphAdlYluKPDBzDVzMmfCobUjjhAryZV0AIpRPrxN0eAkxXO6ZLEScmt+PNhj2OTw==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.26.8.tgz",
+      "integrity": "sha512-OmGDL5/J0CJPJZTHZbi2XpO0tyT2Ia7fzpW5GURwdtp2X3fMmN8au/ej6peC/T33/+CRiIpA8Krse8hFGVmT5Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-plugin-utils": "^7.25.9"
+        "@babel/helper-plugin-utils": "^7.26.5"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -1322,13 +1293,13 @@
       }
     },
     "node_modules/@babel/plugin-transform-typeof-symbol": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.25.9.tgz",
-      "integrity": "sha512-v61XqUMiueJROUv66BVIOi0Fv/CUuZuZMl5NkRoCVxLAnMexZ0A3kMe7vvZ0nulxMuMp0Mk6S5hNh48yki08ZA==",
+      "version": "7.26.7",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.26.7.tgz",
+      "integrity": "sha512-jfoTXXZTgGg36BmhqT3cAYK5qkmqvJpvNrPhaK/52Vgjhw4Rq29s9UqpWWV0D6yuRmgiFH/BUVlkl96zJWqnaw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-plugin-utils": "^7.25.9"
+        "@babel/helper-plugin-utils": "^7.26.5"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -1405,15 +1376,15 @@
       }
     },
     "node_modules/@babel/preset-env": {
-      "version": "7.26.0",
-      "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.26.0.tgz",
-      "integrity": "sha512-H84Fxq0CQJNdPFT2DrfnylZ3cf5K43rGfWK4LJGPpjKHiZlk0/RzwEus3PDDZZg+/Er7lCA03MVacueUuXdzfw==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.26.8.tgz",
+      "integrity": "sha512-um7Sy+2THd697S4zJEfv/U5MHGJzkN2xhtsR3T/SWRbVSic62nbISh51VVfU9JiO/L/Z97QczHTaFVkOU8IzNg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/compat-data": "^7.26.0",
-        "@babel/helper-compilation-targets": "^7.25.9",
-        "@babel/helper-plugin-utils": "^7.25.9",
+        "@babel/compat-data": "^7.26.8",
+        "@babel/helper-compilation-targets": "^7.26.5",
+        "@babel/helper-plugin-utils": "^7.26.5",
         "@babel/helper-validator-option": "^7.25.9",
         "@babel/plugin-bugfix-firefox-class-in-computed-class-key": "^7.25.9",
         "@babel/plugin-bugfix-safari-class-field-initializer-scope": "^7.25.9",
@@ -1425,9 +1396,9 @@
         "@babel/plugin-syntax-import-attributes": "^7.26.0",
         "@babel/plugin-syntax-unicode-sets-regex": "^7.18.6",
         "@babel/plugin-transform-arrow-functions": "^7.25.9",
-        "@babel/plugin-transform-async-generator-functions": "^7.25.9",
+        "@babel/plugin-transform-async-generator-functions": "^7.26.8",
         "@babel/plugin-transform-async-to-generator": "^7.25.9",
-        "@babel/plugin-transform-block-scoped-functions": "^7.25.9",
+        "@babel/plugin-transform-block-scoped-functions": "^7.26.5",
         "@babel/plugin-transform-block-scoping": "^7.25.9",
         "@babel/plugin-transform-class-properties": "^7.25.9",
         "@babel/plugin-transform-class-static-block": "^7.26.0",
@@ -1438,7 +1409,7 @@
         "@babel/plugin-transform-duplicate-keys": "^7.25.9",
         "@babel/plugin-transform-duplicate-named-capturing-groups-regex": "^7.25.9",
         "@babel/plugin-transform-dynamic-import": "^7.25.9",
-        "@babel/plugin-transform-exponentiation-operator": "^7.25.9",
+        "@babel/plugin-transform-exponentiation-operator": "^7.26.3",
         "@babel/plugin-transform-export-namespace-from": "^7.25.9",
         "@babel/plugin-transform-for-of": "^7.25.9",
         "@babel/plugin-transform-function-name": "^7.25.9",
@@ -1447,12 +1418,12 @@
         "@babel/plugin-transform-logical-assignment-operators": "^7.25.9",
         "@babel/plugin-transform-member-expression-literals": "^7.25.9",
         "@babel/plugin-transform-modules-amd": "^7.25.9",
-        "@babel/plugin-transform-modules-commonjs": "^7.25.9",
+        "@babel/plugin-transform-modules-commonjs": "^7.26.3",
         "@babel/plugin-transform-modules-systemjs": "^7.25.9",
         "@babel/plugin-transform-modules-umd": "^7.25.9",
         "@babel/plugin-transform-named-capturing-groups-regex": "^7.25.9",
         "@babel/plugin-transform-new-target": "^7.25.9",
-        "@babel/plugin-transform-nullish-coalescing-operator": "^7.25.9",
+        "@babel/plugin-transform-nullish-coalescing-operator": "^7.26.6",
         "@babel/plugin-transform-numeric-separator": "^7.25.9",
         "@babel/plugin-transform-object-rest-spread": "^7.25.9",
         "@babel/plugin-transform-object-super": "^7.25.9",
@@ -1468,17 +1439,17 @@
         "@babel/plugin-transform-shorthand-properties": "^7.25.9",
         "@babel/plugin-transform-spread": "^7.25.9",
         "@babel/plugin-transform-sticky-regex": "^7.25.9",
-        "@babel/plugin-transform-template-literals": "^7.25.9",
-        "@babel/plugin-transform-typeof-symbol": "^7.25.9",
+        "@babel/plugin-transform-template-literals": "^7.26.8",
+        "@babel/plugin-transform-typeof-symbol": "^7.26.7",
         "@babel/plugin-transform-unicode-escapes": "^7.25.9",
         "@babel/plugin-transform-unicode-property-regex": "^7.25.9",
         "@babel/plugin-transform-unicode-regex": "^7.25.9",
         "@babel/plugin-transform-unicode-sets-regex": "^7.25.9",
         "@babel/preset-modules": "0.1.6-no-external-plugins",
         "babel-plugin-polyfill-corejs2": "^0.4.10",
-        "babel-plugin-polyfill-corejs3": "^0.10.6",
+        "babel-plugin-polyfill-corejs3": "^0.11.0",
         "babel-plugin-polyfill-regenerator": "^0.6.1",
-        "core-js-compat": "^3.38.1",
+        "core-js-compat": "^3.40.0",
         "semver": "^6.3.1"
       },
       "engines": {
@@ -1504,9 +1475,9 @@
       }
     },
     "node_modules/@babel/runtime": {
-      "version": "7.26.0",
-      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.26.0.tgz",
-      "integrity": "sha512-FDSOghenHTiToteC/QRlv2q3DhPZ/oOXTBoirfWNx1Cx3TMVcGWQtMMmQcSvb/JjpNeGzx8Pq/b4fKEJuWm1sw==",
+      "version": "7.26.7",
+      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.26.7.tgz",
+      "integrity": "sha512-AOPI3D+a8dXnja+iwsUqGRjr1BbZIe771sXdapOtYI531gSqpi92vXivKcq2asu/DFpdl1ceFAKZyRzK2PCVcQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -1517,32 +1488,32 @@
       }
     },
     "node_modules/@babel/template": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.25.9.tgz",
-      "integrity": "sha512-9DGttpmPvIxBb/2uwpVo3dqJ+O6RooAFOS+lB+xDqoE2PVCE8nfoHMdZLpfCQRLwvohzXISPZcgxt80xLfsuwg==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.26.8.tgz",
+      "integrity": "sha512-iNKaX3ZebKIsCvJ+0jd6embf+Aulaa3vNBqZ41kM7iTWjx5qzWKXGHiJUW3+nTpQ18SG11hdF8OAzKrpXkb96Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/code-frame": "^7.25.9",
-        "@babel/parser": "^7.25.9",
-        "@babel/types": "^7.25.9"
+        "@babel/code-frame": "^7.26.2",
+        "@babel/parser": "^7.26.8",
+        "@babel/types": "^7.26.8"
       },
       "engines": {
         "node": ">=6.9.0"
       }
     },
     "node_modules/@babel/traverse": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.9.tgz",
-      "integrity": "sha512-ZCuvfwOwlz/bawvAuvcj8rrithP2/N55Tzz342AkTvq4qaWbGfmCk/tKhNaV2cthijKrPAA8SRJV5WWe7IBMJw==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.26.8.tgz",
+      "integrity": "sha512-nic9tRkjYH0oB2dzr/JoGIm+4Q6SuYeLEiIiZDwBscRMYFJ+tMAz98fuel9ZnbXViA2I0HVSSRRK8DW5fjXStA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/code-frame": "^7.25.9",
-        "@babel/generator": "^7.25.9",
-        "@babel/parser": "^7.25.9",
-        "@babel/template": "^7.25.9",
-        "@babel/types": "^7.25.9",
+        "@babel/code-frame": "^7.26.2",
+        "@babel/generator": "^7.26.8",
+        "@babel/parser": "^7.26.8",
+        "@babel/template": "^7.26.8",
+        "@babel/types": "^7.26.8",
         "debug": "^4.3.1",
         "globals": "^11.1.0"
       },
@@ -1551,9 +1522,9 @@
       }
     },
     "node_modules/@babel/types": {
-      "version": "7.26.0",
-      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.0.tgz",
-      "integrity": "sha512-Z/yiTPj+lDVnF7lWeKCIJzaIkI0vYO87dMpZ4bg4TDrFe4XXLFWL1TbXU27gBP3QccxV9mZICCrnjnYlJjXHOA==",
+      "version": "7.26.8",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.8.tgz",
+      "integrity": "sha512-eUuWapzEGWFEpHFxgEaBG8e3n6S8L3MSu0oda755rOfabWPnh0Our1AozNFVUxGFIhbKgd1ksprsoDGMinTOTA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -1568,13 +1539,15 @@
       "version": "2.2.3",
       "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-2.2.3.tgz",
       "integrity": "sha512-tFQoXHJdkEOSwj5tRIZSPNUuXK3RaR7T1nUrPgbYX1pUbvqqaaZAsfo+NXBPsz5rZMSKVFrgK1WL8Q/MSLvprg==",
-      "dev": true
+      "dev": true,
+      "license": "(Apache-2.0 AND BSD-3-Clause)"
     },
     "node_modules/@gulpjs/messages": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/@gulpjs/messages/-/messages-1.1.0.tgz",
       "integrity": "sha512-Ys9sazDatyTgZVb4xPlDufLweJ/Os2uHWOv+Caxvy2O85JcnT4M3vc73bi8pdLWlv3fdWQz3pdI9tVwo8rQQSg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=10.13.0"
       }
@@ -1584,6 +1557,7 @@
       "resolved": "https://registry.npmjs.org/@gulpjs/to-absolute-glob/-/to-absolute-glob-4.0.0.tgz",
       "integrity": "sha512-kjotm7XJrJ6v+7knhPaRgaT6q8F8K2jiafwYdNHLzmV0uGLuZY43FK6smNSHUPrhq5kX2slCUy+RGG/xGqmIKA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "is-negated-glob": "^1.0.0"
       },
@@ -1592,9 +1566,9 @@
       }
     },
     "node_modules/@jridgewell/gen-mapping": {
-      "version": "0.3.5",
-      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz",
-      "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==",
+      "version": "0.3.8",
+      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.8.tgz",
+      "integrity": "sha512-imAbBGkb+ebQyxKgzv5Hu2nmROxoDOXHh80evxdoXNOrvAnVx7zimzc1Oo5h9RlfV4vPXaE2iM5pOFbvOCClWA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -1694,9 +1668,9 @@
       }
     },
     "node_modules/@parcel/watcher": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher/-/watcher-2.5.0.tgz",
-      "integrity": "sha512-i0GV1yJnm2n3Yq1qw6QrUrd/LI9bE8WEBOTtOkpCXHHdyN3TAGgqAK/DAT05z4fq2x04cARXt2pDmjWjL92iTQ==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher/-/watcher-2.5.1.tgz",
+      "integrity": "sha512-dfUnCxiN9H4ap84DvD2ubjw+3vUNpstxa0TneY/Paat8a3R4uQZDLSvWjmznAY/DoahqTHl9V46HF/Zs3F29pg==",
       "hasInstallScript": true,
       "license": "MIT",
       "optional": true,
@@ -1714,25 +1688,25 @@
         "url": "https://opencollective.com/parcel"
       },
       "optionalDependencies": {
-        "@parcel/watcher-android-arm64": "2.5.0",
-        "@parcel/watcher-darwin-arm64": "2.5.0",
-        "@parcel/watcher-darwin-x64": "2.5.0",
-        "@parcel/watcher-freebsd-x64": "2.5.0",
-        "@parcel/watcher-linux-arm-glibc": "2.5.0",
-        "@parcel/watcher-linux-arm-musl": "2.5.0",
-        "@parcel/watcher-linux-arm64-glibc": "2.5.0",
-        "@parcel/watcher-linux-arm64-musl": "2.5.0",
-        "@parcel/watcher-linux-x64-glibc": "2.5.0",
-        "@parcel/watcher-linux-x64-musl": "2.5.0",
-        "@parcel/watcher-win32-arm64": "2.5.0",
-        "@parcel/watcher-win32-ia32": "2.5.0",
-        "@parcel/watcher-win32-x64": "2.5.0"
+        "@parcel/watcher-android-arm64": "2.5.1",
+        "@parcel/watcher-darwin-arm64": "2.5.1",
+        "@parcel/watcher-darwin-x64": "2.5.1",
+        "@parcel/watcher-freebsd-x64": "2.5.1",
+        "@parcel/watcher-linux-arm-glibc": "2.5.1",
+        "@parcel/watcher-linux-arm-musl": "2.5.1",
+        "@parcel/watcher-linux-arm64-glibc": "2.5.1",
+        "@parcel/watcher-linux-arm64-musl": "2.5.1",
+        "@parcel/watcher-linux-x64-glibc": "2.5.1",
+        "@parcel/watcher-linux-x64-musl": "2.5.1",
+        "@parcel/watcher-win32-arm64": "2.5.1",
+        "@parcel/watcher-win32-ia32": "2.5.1",
+        "@parcel/watcher-win32-x64": "2.5.1"
       }
     },
     "node_modules/@parcel/watcher-android-arm64": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-android-arm64/-/watcher-android-arm64-2.5.0.tgz",
-      "integrity": "sha512-qlX4eS28bUcQCdribHkg/herLe+0A9RyYC+mm2PXpncit8z5b3nSqGVzMNR3CmtAOgRutiZ02eIJJgP/b1iEFQ==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-android-arm64/-/watcher-android-arm64-2.5.1.tgz",
+      "integrity": "sha512-KF8+j9nNbUN8vzOFDpRMsaKBHZ/mcjEjMToVMJOhTozkDonQFFrRcfdLWn6yWKCmJKmdVxSgHiYvTCef4/qcBA==",
       "cpu": [
         "arm64"
       ],
@@ -1750,9 +1724,9 @@
       }
     },
     "node_modules/@parcel/watcher-darwin-arm64": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-darwin-arm64/-/watcher-darwin-arm64-2.5.0.tgz",
-      "integrity": "sha512-hyZ3TANnzGfLpRA2s/4U1kbw2ZI4qGxaRJbBH2DCSREFfubMswheh8TeiC1sGZ3z2jUf3s37P0BBlrD3sjVTUw==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-darwin-arm64/-/watcher-darwin-arm64-2.5.1.tgz",
+      "integrity": "sha512-eAzPv5osDmZyBhou8PoF4i6RQXAfeKL9tjb3QzYuccXFMQU0ruIc/POh30ePnaOyD1UXdlKguHBmsTs53tVoPw==",
       "cpu": [
         "arm64"
       ],
@@ -1770,9 +1744,9 @@
       }
     },
     "node_modules/@parcel/watcher-darwin-x64": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-darwin-x64/-/watcher-darwin-x64-2.5.0.tgz",
-      "integrity": "sha512-9rhlwd78saKf18fT869/poydQK8YqlU26TMiNg7AIu7eBp9adqbJZqmdFOsbZ5cnLp5XvRo9wcFmNHgHdWaGYA==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-darwin-x64/-/watcher-darwin-x64-2.5.1.tgz",
+      "integrity": "sha512-1ZXDthrnNmwv10A0/3AJNZ9JGlzrF82i3gNQcWOzd7nJ8aj+ILyW1MTxVk35Db0u91oD5Nlk9MBiujMlwmeXZg==",
       "cpu": [
         "x64"
       ],
@@ -1790,9 +1764,9 @@
       }
     },
     "node_modules/@parcel/watcher-freebsd-x64": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-freebsd-x64/-/watcher-freebsd-x64-2.5.0.tgz",
-      "integrity": "sha512-syvfhZzyM8kErg3VF0xpV8dixJ+RzbUaaGaeb7uDuz0D3FK97/mZ5AJQ3XNnDsXX7KkFNtyQyFrXZzQIcN49Tw==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-freebsd-x64/-/watcher-freebsd-x64-2.5.1.tgz",
+      "integrity": "sha512-SI4eljM7Flp9yPuKi8W0ird8TI/JK6CSxju3NojVI6BjHsTyK7zxA9urjVjEKJ5MBYC+bLmMcbAWlZ+rFkLpJQ==",
       "cpu": [
         "x64"
       ],
@@ -1810,9 +1784,9 @@
       }
     },
     "node_modules/@parcel/watcher-linux-arm-glibc": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm-glibc/-/watcher-linux-arm-glibc-2.5.0.tgz",
-      "integrity": "sha512-0VQY1K35DQET3dVYWpOaPFecqOT9dbuCfzjxoQyif1Wc574t3kOSkKevULddcR9znz1TcklCE7Ht6NIxjvTqLA==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm-glibc/-/watcher-linux-arm-glibc-2.5.1.tgz",
+      "integrity": "sha512-RCdZlEyTs8geyBkkcnPWvtXLY44BCeZKmGYRtSgtwwnHR4dxfHRG3gR99XdMEdQ7KeiDdasJwwvNSF5jKtDwdA==",
       "cpu": [
         "arm"
       ],
@@ -1830,9 +1804,9 @@
       }
     },
     "node_modules/@parcel/watcher-linux-arm-musl": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm-musl/-/watcher-linux-arm-musl-2.5.0.tgz",
-      "integrity": "sha512-6uHywSIzz8+vi2lAzFeltnYbdHsDm3iIB57d4g5oaB9vKwjb6N6dRIgZMujw4nm5r6v9/BQH0noq6DzHrqr2pA==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm-musl/-/watcher-linux-arm-musl-2.5.1.tgz",
+      "integrity": "sha512-6E+m/Mm1t1yhB8X412stiKFG3XykmgdIOqhjWj+VL8oHkKABfu/gjFj8DvLrYVHSBNC+/u5PeNrujiSQ1zwd1Q==",
       "cpu": [
         "arm"
       ],
@@ -1850,9 +1824,9 @@
       }
     },
     "node_modules/@parcel/watcher-linux-arm64-glibc": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm64-glibc/-/watcher-linux-arm64-glibc-2.5.0.tgz",
-      "integrity": "sha512-BfNjXwZKxBy4WibDb/LDCriWSKLz+jJRL3cM/DllnHH5QUyoiUNEp3GmL80ZqxeumoADfCCP19+qiYiC8gUBjA==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm64-glibc/-/watcher-linux-arm64-glibc-2.5.1.tgz",
+      "integrity": "sha512-LrGp+f02yU3BN9A+DGuY3v3bmnFUggAITBGriZHUREfNEzZh/GO06FF5u2kx8x+GBEUYfyTGamol4j3m9ANe8w==",
       "cpu": [
         "arm64"
       ],
@@ -1870,9 +1844,9 @@
       }
     },
     "node_modules/@parcel/watcher-linux-arm64-musl": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm64-musl/-/watcher-linux-arm64-musl-2.5.0.tgz",
-      "integrity": "sha512-S1qARKOphxfiBEkwLUbHjCY9BWPdWnW9j7f7Hb2jPplu8UZ3nes7zpPOW9bkLbHRvWM0WDTsjdOTUgW0xLBN1Q==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-arm64-musl/-/watcher-linux-arm64-musl-2.5.1.tgz",
+      "integrity": "sha512-cFOjABi92pMYRXS7AcQv9/M1YuKRw8SZniCDw0ssQb/noPkRzA+HBDkwmyOJYp5wXcsTrhxO0zq1U11cK9jsFg==",
       "cpu": [
         "arm64"
       ],
@@ -1890,9 +1864,9 @@
       }
     },
     "node_modules/@parcel/watcher-linux-x64-glibc": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-x64-glibc/-/watcher-linux-x64-glibc-2.5.0.tgz",
-      "integrity": "sha512-d9AOkusyXARkFD66S6zlGXyzx5RvY+chTP9Jp0ypSTC9d4lzyRs9ovGf/80VCxjKddcUvnsGwCHWuF2EoPgWjw==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-x64-glibc/-/watcher-linux-x64-glibc-2.5.1.tgz",
+      "integrity": "sha512-GcESn8NZySmfwlTsIur+49yDqSny2IhPeZfXunQi48DMugKeZ7uy1FX83pO0X22sHntJ4Ub+9k34XQCX+oHt2A==",
       "cpu": [
         "x64"
       ],
@@ -1910,9 +1884,9 @@
       }
     },
     "node_modules/@parcel/watcher-linux-x64-musl": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-x64-musl/-/watcher-linux-x64-musl-2.5.0.tgz",
-      "integrity": "sha512-iqOC+GoTDoFyk/VYSFHwjHhYrk8bljW6zOhPuhi5t9ulqiYq1togGJB5e3PwYVFFfeVgc6pbz3JdQyDoBszVaA==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-linux-x64-musl/-/watcher-linux-x64-musl-2.5.1.tgz",
+      "integrity": "sha512-n0E2EQbatQ3bXhcH2D1XIAANAcTZkQICBPVaxMeaCVBtOpBZpWJuf7LwyWPSBDITb7In8mqQgJ7gH8CILCURXg==",
       "cpu": [
         "x64"
       ],
@@ -1930,9 +1904,9 @@
       }
     },
     "node_modules/@parcel/watcher-win32-arm64": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-win32-arm64/-/watcher-win32-arm64-2.5.0.tgz",
-      "integrity": "sha512-twtft1d+JRNkM5YbmexfcH/N4znDtjgysFaV9zvZmmJezQsKpkfLYJ+JFV3uygugK6AtIM2oADPkB2AdhBrNig==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-win32-arm64/-/watcher-win32-arm64-2.5.1.tgz",
+      "integrity": "sha512-RFzklRvmc3PkjKjry3hLF9wD7ppR4AKcWNzH7kXR7GUe0Igb3Nz8fyPwtZCSquGrhU5HhUNDr/mKBqj7tqA2Vw==",
       "cpu": [
         "arm64"
       ],
@@ -1950,9 +1924,9 @@
       }
     },
     "node_modules/@parcel/watcher-win32-ia32": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-win32-ia32/-/watcher-win32-ia32-2.5.0.tgz",
-      "integrity": "sha512-+rgpsNRKwo8A53elqbbHXdOMtY/tAtTzManTWShB5Kk54N8Q9mzNWV7tV+IbGueCbcj826MfWGU3mprWtuf1TA==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-win32-ia32/-/watcher-win32-ia32-2.5.1.tgz",
+      "integrity": "sha512-c2KkcVN+NJmuA7CGlaGD1qJh1cLfDnQsHjE89E60vUEMlqduHGCdCLJCID5geFVM0dOtA3ZiIO8BoEQmzQVfpQ==",
       "cpu": [
         "ia32"
       ],
@@ -1970,9 +1944,9 @@
       }
     },
     "node_modules/@parcel/watcher-win32-x64": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/@parcel/watcher-win32-x64/-/watcher-win32-x64-2.5.0.tgz",
-      "integrity": "sha512-lPrxve92zEHdgeff3aiu4gDOIt4u7sJYha6wbdEZDCDUhtjTsOMiaJzG5lMY4GkWH8p0fMmO2Ppq5G5XXG+DQw==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/@parcel/watcher-win32-x64/-/watcher-win32-x64-2.5.1.tgz",
+      "integrity": "sha512-9lHBdJITeNR++EvSQVUcaZoWupyHfXe1jZvGZ06O/5MflPcuPLtEphScIBL+AiCWBO46tDSHzWyD0uDmmZqsgA==",
       "cpu": [
         "x64"
       ],
@@ -2025,6 +1999,13 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/@types/gensync": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/@types/gensync/-/gensync-1.0.4.tgz",
+      "integrity": "sha512-C3YYeRQWp2fmq9OryX+FoDy8nXS6scQ7dPptD8LnFDAUNcKWJjXQKDNJD3HVm+kOUsXhTOkpi69vI4EuAr95bA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@types/json-schema": {
       "version": "7.0.15",
       "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz",
@@ -2033,9 +2014,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "22.10.1",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz",
-      "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==",
+      "version": "22.13.1",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.1.tgz",
+      "integrity": "sha512-jK8uzQlrvXqEU91UxiK5J7pKHyzgnI1Qnl0QDHIgVGuolJhRb9EEl28Cj9b3rGR8B2lhFCtvIm5os8lFnO/1Ew==",
       "devOptional": true,
       "license": "MIT",
       "dependencies": {
@@ -2068,6 +2049,7 @@
       "resolved": "https://registry.npmjs.org/@uswds/compile/-/compile-1.2.1.tgz",
       "integrity": "sha512-ODMGF97l8x+eJYp/7U1cB0CnalC5nb+1xEkP0sasG2bJyNqX9U+r7te0YNEURleIfrBOyxGVHVBBAw0gqS0htQ==",
       "dev": true,
+      "license": "SEE LICENSE IN LICENSE.md",
       "dependencies": {
         "autoprefixer": "10.4.20",
         "del": "6.1.1",
@@ -2272,6 +2254,19 @@
       "dev": true,
       "license": "Apache-2.0"
     },
+    "node_modules/acorn": {
+      "version": "8.14.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
+      "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "acorn": "bin/acorn"
+      },
+      "engines": {
+        "node": ">=0.4.0"
+      }
+    },
     "node_modules/agent-base": {
       "version": "6.0.2",
       "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz",
@@ -2387,6 +2382,7 @@
       "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
       "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "color-convert": "^2.0.1"
       },
@@ -2412,6 +2408,7 @@
       "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz",
       "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==",
       "dev": true,
+      "license": "ISC",
       "dependencies": {
         "normalize-path": "^3.0.0",
         "picomatch": "^2.0.4"
@@ -2445,6 +2442,7 @@
       "resolved": "https://registry.npmjs.org/array-each/-/array-each-1.0.1.tgz",
       "integrity": "sha512-zHjL5SZa68hkKHBFBK6DJCTtr9sfTCPCaph/L7tMSLcTFgy+zX7E+6q5UArbtOtMBCtxdICpfTCspRse+ywyXA==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -2454,6 +2452,7 @@
       "resolved": "https://registry.npmjs.org/array-slice/-/array-slice-1.1.0.tgz",
       "integrity": "sha512-B1qMD3RBP7O8o0H2KbrXDyB0IccejMF15+87Lvlor12ONPRHP6gTjXMNkt/d3ZuOGbAe66hFmaCfECI24Ufp6w==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -2501,6 +2500,7 @@
       "resolved": "https://registry.npmjs.org/async-done/-/async-done-2.0.0.tgz",
       "integrity": "sha512-j0s3bzYq9yKIVLKGE/tWlCpa3PfFLcrDZLTSVdnnCTGagXuXBJO4SsY9Xdk/fQBirCkH4evW5xOeJXqlAQFdsw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "end-of-stream": "^1.4.4",
         "once": "^1.4.0",
@@ -2515,6 +2515,7 @@
       "resolved": "https://registry.npmjs.org/async-settle/-/async-settle-2.0.0.tgz",
       "integrity": "sha512-Obu/KE8FurfQRN6ODdHN9LuXqwC+JFIM9NRyZqJJ4ZfLJmIYN9Rg0/kb+wF70VV5+fJusTMQlJ1t5rF7J/ETdg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "async-done": "^2.0.0"
       },
@@ -2541,6 +2542,7 @@
           "url": "https://github.com/sponsors/ai"
         }
       ],
+      "license": "MIT",
       "dependencies": {
         "browserslist": "^4.23.3",
         "caniuse-lite": "^1.0.30001646",
@@ -2572,7 +2574,8 @@
       "version": "1.6.7",
       "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.7.tgz",
       "integrity": "sha512-OnAYlL5b7LEkALw87fUVafQw5rVR9RjwGd4KUwNQ6DrrNmaVaUCgLipfVlzrPQ4tWOR9P0IXGNOx50jYCCdSJg==",
-      "dev": true
+      "dev": true,
+      "license": "Apache-2.0"
     },
     "node_modules/babel-loader": {
       "version": "9.2.1",
@@ -2608,14 +2611,14 @@
       }
     },
     "node_modules/babel-plugin-polyfill-corejs3": {
-      "version": "0.10.6",
-      "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.10.6.tgz",
-      "integrity": "sha512-b37+KR2i/khY5sKmWNVQAnitvquQbNdWy6lJdsr0kmquCKEEUgMKK4SboVM3HtfnZilfjr4MMQ7vY58FVWDtIA==",
+      "version": "0.11.1",
+      "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.11.1.tgz",
+      "integrity": "sha512-yGCqvBT4rwMczo28xkH/noxJ6MZ4nJfkVYdoDaC/utLtWrXxv27HVrzAeSbqR8SxDsp46n0YF47EbHoixy6rXQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-define-polyfill-provider": "^0.6.2",
-        "core-js-compat": "^3.38.0"
+        "@babel/helper-define-polyfill-provider": "^0.6.3",
+        "core-js-compat": "^3.40.0"
       },
       "peerDependencies": {
         "@babel/core": "^7.4.0 || ^8.0.0-0 <8.0.0"
@@ -2639,6 +2642,7 @@
       "resolved": "https://registry.npmjs.org/bach/-/bach-2.0.1.tgz",
       "integrity": "sha512-A7bvGMGiTOxGMpNupYl9HQTf0FFDNF4VCmks4PJpFyN1AX2pdKuxuwdvUz2Hu388wcgp+OvGFNsumBfFNkR7eg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "async-done": "^2.0.0",
         "async-settle": "^2.0.0",
@@ -2655,10 +2659,11 @@
       "license": "MIT"
     },
     "node_modules/bare-events": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.0.tgz",
-      "integrity": "sha512-/E8dDe9dsbLyh2qrZ64PEPadOQ0F4gbl1sUJOrmph7xOiIxfY8vwab/4bFLh4Y88/Hk/ujKcrQKc+ps0mv873A==",
+      "version": "2.5.4",
+      "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.5.4.tgz",
+      "integrity": "sha512-+gFfDkR8pj4/TrWCGUGWmJIkBwuxPS5F+a5yWjOHQt2hHvNZd5YLzadjmDUtFmMM4y429bnKLa8bYBMHcYdnQA==",
       "dev": true,
+      "license": "Apache-2.0",
       "optional": true
     },
     "node_modules/base64-js": {
@@ -2701,6 +2706,7 @@
       "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz",
       "integrity": "sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=8"
       },
@@ -2773,6 +2779,7 @@
       "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
       "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
       "devOptional": true,
+      "license": "MIT",
       "dependencies": {
         "fill-range": "^7.1.1"
       },
@@ -2781,9 +2788,9 @@
       }
     },
     "node_modules/browserslist": {
-      "version": "4.24.2",
-      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.2.tgz",
-      "integrity": "sha512-ZIc+Q62revdMcqC6aChtW4jz3My3klmCO1fEmINZY/8J3EpBg5/A/D0AKmBveUh6pgoeycoMkVMko84tuYS+Gg==",
+      "version": "4.24.4",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.4.tgz",
+      "integrity": "sha512-KDi1Ny1gSePi1vm0q4oxSF8b4DR44GF4BbmS2YdhPLOEqd8pDviZOGH/GsmRwoWJ2+5Lr085X7naowMwKHDG1A==",
       "dev": true,
       "funding": [
         {
@@ -2801,9 +2808,9 @@
       ],
       "license": "MIT",
       "dependencies": {
-        "caniuse-lite": "^1.0.30001669",
-        "electron-to-chromium": "^1.5.41",
-        "node-releases": "^2.0.18",
+        "caniuse-lite": "^1.0.30001688",
+        "electron-to-chromium": "^1.5.73",
+        "node-releases": "^2.0.19",
         "update-browserslist-db": "^1.1.1"
       },
       "bin": {
@@ -2861,9 +2868,9 @@
       "license": "MIT"
     },
     "node_modules/caniuse-lite": {
-      "version": "1.0.30001685",
-      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001685.tgz",
-      "integrity": "sha512-e/kJN1EMyHQzgcMEEgoo+YTCO1NGCmIYHk5Qk8jT6AazWemS5QFKJ5ShCJlH3GZrNIdZofcNCEwZqbMjjKzmnA==",
+      "version": "1.0.30001699",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001699.tgz",
+      "integrity": "sha512-b+uH5BakXZ9Do9iK+CkDmctUSEqZl+SP056vc5usa0PL+ev5OHw003rZXcnjNDv3L8P5j6rwT6C0BPKSikW08w==",
       "dev": true,
       "funding": [
         {
@@ -2886,6 +2893,7 @@
       "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz",
       "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "ansi-styles": "^4.1.0",
         "supports-color": "^7.1.0"
@@ -2897,18 +2905,6 @@
         "url": "https://github.com/chalk/chalk?sponsor=1"
       }
     },
-    "node_modules/chalk/node_modules/supports-color": {
-      "version": "7.2.0",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
-      "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
-      "dev": true,
-      "dependencies": {
-        "has-flag": "^4.0.0"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
     "node_modules/check-types": {
       "version": "11.2.3",
       "resolved": "https://registry.npmjs.org/check-types/-/check-types-11.2.3.tgz",
@@ -2962,6 +2958,7 @@
       "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.6.0.tgz",
       "integrity": "sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "anymatch": "~3.1.2",
         "braces": "~3.0.2",
@@ -3018,6 +3015,7 @@
       "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz",
       "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==",
       "dev": true,
+      "license": "ISC",
       "dependencies": {
         "string-width": "^4.2.0",
         "strip-ansi": "^6.0.0",
@@ -3068,6 +3066,7 @@
       "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
       "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "color-name": "~1.1.4"
       },
@@ -3079,7 +3078,8 @@
       "version": "1.1.4",
       "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
       "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/color-support": {
       "version": "1.1.3",
@@ -3095,7 +3095,8 @@
       "version": "0.5.2",
       "resolved": "https://registry.npmjs.org/colorjs.io/-/colorjs.io-0.5.2.tgz",
       "integrity": "sha512-twmVoizEW7ylZSN32OgKdXRmo1qg+wT5/6C3xu5b9QsWzSFAhHLn2xd8ro0diCsKfCj1RdaTP/nrcW+vAoQPIw==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/commander": {
       "version": "6.2.1",
@@ -3131,6 +3132,7 @@
       "resolved": "https://registry.npmjs.org/copy-props/-/copy-props-4.0.0.tgz",
       "integrity": "sha512-bVWtw1wQLzzKiYROtvNlbJgxgBYt2bMJpkCbKmXM3xyijvcjjWXEk5nyrrT3bgJ7ODb19ZohE2T0Y3FgNPyoTw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "each-props": "^3.0.0",
         "is-plain-object": "^5.0.0"
@@ -3140,13 +3142,13 @@
       }
     },
     "node_modules/core-js-compat": {
-      "version": "3.39.0",
-      "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.39.0.tgz",
-      "integrity": "sha512-VgEUx3VwlExr5no0tXlBt+silBvhTryPwCXRI2Id1PN8WTKu7MreethvddqOubrYxkFdv/RnYrqlv1sFNAUelw==",
+      "version": "3.40.0",
+      "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.40.0.tgz",
+      "integrity": "sha512-0XEDpr5y5mijvw8Lbc6E5AkjrHfp7eEoPlu36SWeAbcL8fn1G1ANe8DBlo2XoNN89oVpxWwOjYIPVzR4ZvsKCQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "browserslist": "^4.24.2"
+        "browserslist": "^4.24.3"
       },
       "funding": {
         "type": "opencollective",
@@ -3218,9 +3220,9 @@
       }
     },
     "node_modules/debug": {
-      "version": "4.3.7",
-      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz",
-      "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==",
+      "version": "4.4.0",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
+      "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
       "license": "MIT",
       "dependencies": {
         "ms": "^2.1.3"
@@ -3262,6 +3264,7 @@
       "resolved": "https://registry.npmjs.org/detect-file/-/detect-file-1.0.0.tgz",
       "integrity": "sha512-DtCOLG98P007x7wiiOmfI0fi3eIKyWiLTGJ2MDnVi/E04lWGbf+JzrRHMm0rgIIZJGtHpKpbVgLWHrv8xXpc3Q==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -3340,9 +3343,9 @@
       }
     },
     "node_modules/domutils": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz",
-      "integrity": "sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==",
+      "version": "3.2.2",
+      "resolved": "https://registry.npmjs.org/domutils/-/domutils-3.2.2.tgz",
+      "integrity": "sha512-6kZKyUajlDuqlHKVX1w7gyslj9MPIXzIFiz/rGu35uC1wMi+kMhQwGhl4lt9unC9Vb9INnY9Z3/ZA3+FhASLaw==",
       "license": "BSD-2-Clause",
       "dependencies": {
         "dom-serializer": "^2.0.0",
@@ -3358,6 +3361,7 @@
       "resolved": "https://registry.npmjs.org/each-props/-/each-props-3.0.0.tgz",
       "integrity": "sha512-IYf1hpuWrdzse/s/YJOrFmU15lyhSzxelNVAHTEG3DtP4QsLTWZUzcUL3HMXmKQxXpa4EIrBPpwRgj0aehdvAw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "is-plain-object": "^5.0.0",
         "object.defaults": "^1.1.0"
@@ -3367,9 +3371,9 @@
       }
     },
     "node_modules/electron-to-chromium": {
-      "version": "1.5.68",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.68.tgz",
-      "integrity": "sha512-FgMdJlma0OzUYlbrtZ4AeXjKxKPk6KT8WOP8BjcqxWtlg8qyJQjRzPJzUtUn5GBg1oQ26hFs7HOOHJMYiJRnvQ==",
+      "version": "1.5.97",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.97.tgz",
+      "integrity": "sha512-HKLtaH02augM7ZOdYRuO19rWDeY+QSJ1VxnXFa/XDFLf07HvM90pALIJFgrO+UVaajI3+aJMMpojoUTLZyQ7JQ==",
       "dev": true,
       "license": "ISC"
     },
@@ -3386,7 +3390,8 @@
       "version": "8.0.0",
       "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
       "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/encoding-sniffer": {
       "version": "0.2.0",
@@ -3411,9 +3416,9 @@
       }
     },
     "node_modules/enhanced-resolve": {
-      "version": "5.17.1",
-      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.17.1.tgz",
-      "integrity": "sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==",
+      "version": "5.18.1",
+      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.1.tgz",
+      "integrity": "sha512-ZSW3ma5GkcQBIpwZTSRAI8N71Uuwgs93IezB7mf7R60tC8ZbJideoDNKjHn2O9KIlx6rkGTTEk1xUCK2E1Y2Yg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3462,9 +3467,9 @@
       }
     },
     "node_modules/es-module-lexer": {
-      "version": "1.5.4",
-      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.5.4.tgz",
-      "integrity": "sha512-MVNK56NiMrOwitFB7cqDwq0CQutbw+0BvLshJSse0MUNU+y1FC3bUS/AQg7oUng+/wKrrki7JfmwtVHkVfPLlw==",
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.6.0.tgz",
+      "integrity": "sha512-qqnD1yMU6tk/jnaMosogGySTZP8YtUgAffA9nMN+E/rjxcfRQ6IEk7IiozUjgxKoFHBGjTLnrHB/YC45r/59EQ==",
       "dev": true,
       "license": "MIT"
     },
@@ -3560,6 +3565,7 @@
       "resolved": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-2.0.2.tgz",
       "integrity": "sha512-A5EmesHW6rfnZ9ysHQjPdJRni0SRar0tjtG5MNtm9n5TUvsYU8oozprtRD4AqHxcZWWlVuAmQo2nWKfN9oyjTw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "homedir-polyfill": "^1.0.1"
       },
@@ -3571,7 +3577,22 @@
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
       "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/extend-shallow": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz",
+      "integrity": "sha512-BwY5b5Ql4+qZoefgMj2NUmx+tehVTH/Kf4k1ZEtOHNFcm2wSxMRo992l6X3TIgni2eZVTZ85xMOjF31fwZAj6Q==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "assign-symbols": "^1.0.0",
+        "is-extendable": "^1.0.1"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
     },
     "node_modules/extract-zip": {
       "version": "2.0.1",
@@ -3620,12 +3641,13 @@
       "version": "1.3.2",
       "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz",
       "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/fast-glob": {
-      "version": "3.3.2",
-      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz",
-      "integrity": "sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==",
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.3.tgz",
+      "integrity": "sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3633,7 +3655,7 @@
         "@nodelib/fs.walk": "^1.2.3",
         "glob-parent": "^5.1.2",
         "merge2": "^1.3.0",
-        "micromatch": "^4.0.4"
+        "micromatch": "^4.0.8"
       },
       "engines": {
         "node": ">=8.6.0"
@@ -3651,15 +3673,26 @@
       "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-3.0.0.tgz",
       "integrity": "sha512-hKKNajm46uNmTlhHSyZkmToAc56uZJwYq7yrciZjqOxnlfQwERDQJmHPUp7m1m9wx8vgOe8IaCKZ5Kv2k1DdCQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "fastest-levenshtein": "^1.0.7"
       }
     },
     "node_modules/fast-uri": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.3.tgz",
-      "integrity": "sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==",
+      "version": "3.0.6",
+      "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.6.tgz",
+      "integrity": "sha512-Atfo14OibSv5wAp4VWNsFYE1AchQRTv9cBGWET4pZWHzYshFSS9NQI6I57rdKn9croWVMbYFbLhJ+yJvmZIIHw==",
       "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/fastify"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/fastify"
+        }
+      ],
       "license": "BSD-3-Clause"
     },
     "node_modules/fastest-levenshtein": {
@@ -3667,14 +3700,15 @@
       "resolved": "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz",
       "integrity": "sha512-eRnCtTTtGZFpQCwhJiUOuxPQWRXVKYDn0b2PeHfXL6/Zi53SLAzAHfVhVWK2AryC/WH05kGfxhFIPvTF0SXQzg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 4.9.1"
       }
     },
     "node_modules/fastq": {
-      "version": "1.17.1",
-      "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.17.1.tgz",
-      "integrity": "sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==",
+      "version": "1.19.0",
+      "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.19.0.tgz",
+      "integrity": "sha512-7SFSRCNjBQIZH/xZR3iy5iQYR8aGBE0h3VG6/cwlbrpdciNYBMotQav8c1XI3HjHH+NikUpP53nPdlZSdWmFzA==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
@@ -3704,6 +3738,7 @@
       "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
       "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
       "devOptional": true,
+      "license": "MIT",
       "dependencies": {
         "to-regex-range": "^5.0.1"
       },
@@ -3750,6 +3785,7 @@
       "resolved": "https://registry.npmjs.org/findup-sync/-/findup-sync-5.0.0.tgz",
       "integrity": "sha512-MzwXju70AuyflbgeOhzvQWAvvQdo1XL0A9bVvlXsYcFEBM87WR4OakL4OfZq+QRmr+duJubio+UtNQCPsVESzQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "detect-file": "^1.0.0",
         "is-glob": "^4.0.3",
@@ -3765,6 +3801,7 @@
       "resolved": "https://registry.npmjs.org/fined/-/fined-2.0.0.tgz",
       "integrity": "sha512-OFRzsL6ZMHz5s0JrsEr+TpdGNCtrVtnuG3x1yzGNiQHT0yaDnXAj8V/lWcpJVrnoDpcwXcASxAZYbuXda2Y82A==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "expand-tilde": "^2.0.2",
         "is-plain-object": "^5.0.0",
@@ -3781,6 +3818,7 @@
       "resolved": "https://registry.npmjs.org/flagged-respawn/-/flagged-respawn-2.0.0.tgz",
       "integrity": "sha512-Gq/a6YCi8zexmGHMuJwahTGzXlAZAOsbCVKduWXC6TlLCjjFRlExMJc4GC2NYPYZ0r/brw9P7CpRgQmlPVeOoA==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -3790,6 +3828,7 @@
       "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz",
       "integrity": "sha512-7EwmXrOjyL+ChxMhmG5lnW9MPt1aIeZEwKhQzoBUdTV0N3zuwWDZYVJatDvZ2OyzPUvdIAZDsCetk3coyMfcnQ==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -3799,6 +3838,7 @@
       "resolved": "https://registry.npmjs.org/for-own/-/for-own-1.0.0.tgz",
       "integrity": "sha512-0OABksIGrxKK8K4kynWkQ7y1zounQxP+CWnyclVwj81KW3vlLlGUx57DKGcP/LH216GzqnstnPocF16Nxs0Ycg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "for-in": "^1.0.1"
       },
@@ -3811,6 +3851,7 @@
       "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.3.7.tgz",
       "integrity": "sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": "*"
       },
@@ -3830,6 +3871,7 @@
       "resolved": "https://registry.npmjs.org/fs-mkdirp-stream/-/fs-mkdirp-stream-2.0.1.tgz",
       "integrity": "sha512-UTOY+59K6IA94tec8Wjqm0FSh5OVudGNB0NL/P6fB3HiE3bYOY3VYBGijsnOHNkQSwC1FKkU77pmq7xp9CskLw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "graceful-fs": "^4.2.8",
         "streamx": "^2.12.0"
@@ -3850,6 +3892,7 @@
       "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
       "dev": true,
       "hasInstallScript": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "darwin"
@@ -3882,6 +3925,7 @@
       "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
       "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==",
       "dev": true,
+      "license": "ISC",
       "engines": {
         "node": "6.* || 8.* || >= 10.*"
       }
@@ -3940,6 +3984,7 @@
       "resolved": "https://registry.npmjs.org/glob-stream/-/glob-stream-8.0.2.tgz",
       "integrity": "sha512-R8z6eTB55t3QeZMmU1C+Gv+t5UnNRkA55c5yo67fAVfxODxieTwsjNG7utxS/73NdP1NbDgCrhVEg2h00y4fFw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "@gulpjs/to-absolute-glob": "^4.0.0",
         "anymatch": "^3.1.3",
@@ -3959,6 +4004,7 @@
       "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz",
       "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==",
       "dev": true,
+      "license": "ISC",
       "dependencies": {
         "is-glob": "^4.0.3"
       },
@@ -3978,6 +4024,7 @@
       "resolved": "https://registry.npmjs.org/glob-watcher/-/glob-watcher-6.0.0.tgz",
       "integrity": "sha512-wGM28Ehmcnk2NqRORXFOTOR064L4imSw3EeOqU5bIwUf62eXGwg89WivH6VMahL8zlQHeodzvHpXplrqzrz3Nw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "async-done": "^2.0.0",
         "chokidar": "^3.5.3"
@@ -3991,6 +4038,7 @@
       "resolved": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz",
       "integrity": "sha512-sKzpEkf11GpOFuw0Zzjzmt4B4UZwjOcG757PPvrfhxcLFbq0wpsgpOqxpxtxFiCG4DtG93M6XRVbF2oGdev7bg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "global-prefix": "^1.0.1",
         "is-windows": "^1.0.1",
@@ -4005,6 +4053,7 @@
       "resolved": "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz",
       "integrity": "sha512-5lsx1NUDHtSjfg0eHlmYvZKv8/nVqX4ckFbM+FrGcQ+04KWcWFo9P5MxPZYSzUvyzmdTbI7Eix8Q4IbELDqzKg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "expand-tilde": "^2.0.2",
         "homedir-polyfill": "^1.0.1",
@@ -4052,6 +4101,7 @@
       "resolved": "https://registry.npmjs.org/glogg/-/glogg-2.2.0.tgz",
       "integrity": "sha512-eWv1ds/zAlz+M1ioHsyKJomfY7jbDDPpwSkv14KQj89bycx1nvK5/2Cj/T9g7kzJcX5Bc7Yv22FjfBZS/jl94A==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "sparkles": "^2.1.0"
       },
@@ -4071,6 +4121,7 @@
       "resolved": "https://registry.npmjs.org/gulp/-/gulp-5.0.0.tgz",
       "integrity": "sha512-S8Z8066SSileaYw1S2N1I64IUc/myI2bqe2ihOBzO6+nKpvNSg7ZcWJt/AwF8LC/NVN+/QZ560Cb/5OPsyhkhg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "glob-watcher": "^6.0.0",
         "gulp-cli": "^3.0.0",
@@ -4089,6 +4140,7 @@
       "resolved": "https://registry.npmjs.org/gulp-cli/-/gulp-cli-3.0.0.tgz",
       "integrity": "sha512-RtMIitkT8DEMZZygHK2vEuLPqLPAFB4sntSxg4NoDta7ciwGZ18l7JuhCTiS5deOJi2IoK0btE+hs6R4sfj7AA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "@gulpjs/messages": "^1.1.0",
         "chalk": "^4.1.2",
@@ -4195,6 +4247,7 @@
       "resolved": "https://registry.npmjs.org/gulplog/-/gulplog-2.2.0.tgz",
       "integrity": "sha512-V2FaKiOhpR3DRXZuYdRLn/qiY0yI5XmqbTKrYbdemJ+xOh2d2MOweI/XFgMzd/9+1twdvMwllnZbWZNJ+BOm4A==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "glogg": "^2.2.0"
       },
@@ -4229,6 +4282,7 @@
       "resolved": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz",
       "integrity": "sha512-eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "parse-passwd": "^1.0.0"
       },
@@ -4365,13 +4419,15 @@
       "version": "1.3.8",
       "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz",
       "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==",
-      "dev": true
+      "dev": true,
+      "license": "ISC"
     },
     "node_modules/interpret": {
       "version": "3.1.1",
       "resolved": "https://registry.npmjs.org/interpret/-/interpret-3.1.1.tgz",
       "integrity": "sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=10.13.0"
       }
@@ -4390,6 +4446,7 @@
       "resolved": "https://registry.npmjs.org/is-absolute/-/is-absolute-1.0.0.tgz",
       "integrity": "sha512-dOWoqflvcydARa360Gvv18DZ/gRuHKi2NU/wU5X1ZFzdYfH29nkiNZsF3mp4OJ3H4yo9Mx8A/uAGNzpzPN3yBA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "is-relative": "^1.0.0",
         "is-windows": "^1.0.1"
@@ -4403,6 +4460,7 @@
       "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz",
       "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "binary-extensions": "^2.0.0"
       },
@@ -4411,9 +4469,9 @@
       }
     },
     "node_modules/is-core-module": {
-      "version": "2.15.1",
-      "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz",
-      "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==",
+      "version": "2.16.1",
+      "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.16.1.tgz",
+      "integrity": "sha512-UfoeMA6fIJ8wTYFEUjelnaGI67v6+N7qXJEvQuIGa99l4xsCruSYOVSQ0uPANn4dAzm8lkYPaKLrrijLq7x23w==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -4426,6 +4484,32 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/is-extendable": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz",
+      "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "is-plain-object": "^2.0.4"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-extendable/node_modules/is-plain-object": {
+      "version": "2.0.4",
+      "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz",
+      "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "isobject": "^3.0.1"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/is-extglob": {
       "version": "2.1.1",
       "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
@@ -4441,6 +4525,7 @@
       "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
       "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=8"
       }
@@ -4463,6 +4548,7 @@
       "resolved": "https://registry.npmjs.org/is-negated-glob/-/is-negated-glob-1.0.0.tgz",
       "integrity": "sha512-czXVVn/QEmgvej1f50BZ648vUI+em0xqMq2Sn+QncCLN4zj1UAxlT+kw/6ggQTOaZPd1HqKQGEqbpQVtJucWug==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -4472,6 +4558,7 @@
       "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
       "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
       "devOptional": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.12.0"
       }
@@ -4501,6 +4588,7 @@
       "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-5.0.0.tgz",
       "integrity": "sha512-VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -4510,6 +4598,7 @@
       "resolved": "https://registry.npmjs.org/is-relative/-/is-relative-1.0.0.tgz",
       "integrity": "sha512-Kw/ReK0iqwKeu0MITLFuj0jbPAmEiOsIwyIXvvbfa6QfmN9pkD1M+8pdk7Rl/dTKbH34/XBFMbgD4iMJhLQbGA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "is-unc-path": "^1.0.0"
       },
@@ -4522,6 +4611,7 @@
       "resolved": "https://registry.npmjs.org/is-unc-path/-/is-unc-path-1.0.0.tgz",
       "integrity": "sha512-mrGpVd0fs7WWLfVsStvgF6iEJnbjDFZh9/emhRDcGWTduTfNHd9CHeUwH3gYIjdbwo4On6hunkztwOaAw0yllQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "unc-path-regex": "^0.1.2"
       },
@@ -4534,6 +4624,7 @@
       "resolved": "https://registry.npmjs.org/is-valid-glob/-/is-valid-glob-1.0.0.tgz",
       "integrity": "sha512-AhiROmoEFDSsjx8hW+5sGwgKVIORcXnrlAx/R0ZSeaPw70Vw0CqkGBBhHGL58Uox2eXnU1AnvXJl1XlyedO5bA==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -4543,6 +4634,7 @@
       "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz",
       "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -4558,7 +4650,8 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
       "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==",
-      "dev": true
+      "dev": true,
+      "license": "ISC"
     },
     "node_modules/isobject": {
       "version": "3.0.1",
@@ -4602,6 +4695,22 @@
         "node": ">= 10.13.0"
       }
     },
+    "node_modules/jest-worker/node_modules/supports-color": {
+      "version": "8.1.1",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
+      "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "has-flag": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/supports-color?sponsor=1"
+      }
+    },
     "node_modules/js-tokens": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
@@ -4610,9 +4719,9 @@
       "license": "MIT"
     },
     "node_modules/jsesc": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz",
-      "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.1.0.tgz",
+      "integrity": "sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -4679,6 +4788,7 @@
       "resolved": "https://registry.npmjs.org/last-run/-/last-run-2.0.0.tgz",
       "integrity": "sha512-j+y6WhTLN4Itnf9j5ZQos1BGPCS8DAwmgMroR3OzfxAsBxam0hMw7J8M3KqZl0pLQJ1jNnwIexg5DYpC/ctwEQ==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -4688,6 +4798,7 @@
       "resolved": "https://registry.npmjs.org/lead/-/lead-4.0.0.tgz",
       "integrity": "sha512-DpMa59o5uGUWWjruMp71e6knmwKU3jRBBn1kjuLWN9EeIOxNeSAwvHf03WIl8g/ZMR2oSQC9ej3yeLBwdDc/pg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=10.13.0"
       }
@@ -4697,6 +4808,7 @@
       "resolved": "https://registry.npmjs.org/liftoff/-/liftoff-5.0.0.tgz",
       "integrity": "sha512-a5BQjbCHnB+cy+gsro8lXJ4kZluzOijzJ1UVVfyJYZC+IP2pLv1h4+aysQeKuTmyO8NAqfyQAk4HWaP/HjcKTg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "extend": "^3.0.2",
         "findup-sync": "^5.0.0",
@@ -4756,6 +4868,7 @@
       "version": "4.5.0",
       "resolved": "https://registry.npmjs.org/lodash.clone/-/lodash.clone-4.5.0.tgz",
       "integrity": "sha512-GhrVeweiTD6uTmmn5hV/lzgCQhccwReIVRLHp7LT4SopOjqEZ5BbX8b5WWEtAKasjmy8hR7ZPwsYlxRCku5odg==",
+      "deprecated": "This package is deprecated. Use structuredClone instead.",
       "dev": true,
       "license": "MIT"
     },
@@ -4795,6 +4908,7 @@
       "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz",
       "integrity": "sha512-8y/eV9QQZCiyn1SprXSrCmqJN0yNRATe+PO8ztwqrvrbdRLA3eYJF0yaR0YayLWkMbsQSKWS9N2gPcGEc4UsZg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -4918,6 +5032,7 @@
       "resolved": "https://registry.npmjs.org/mute-stdout/-/mute-stdout-2.0.0.tgz",
       "integrity": "sha512-32GSKM3Wyc8dg/p39lWPKYu8zci9mJFzV1Np9Of0ZEpe6Fhssn/FbI7ywAMd40uX+p3ZKh3T5EeCFv81qS3HmQ==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -4976,9 +5091,9 @@
       }
     },
     "node_modules/node-releases": {
-      "version": "2.0.18",
-      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz",
-      "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==",
+      "version": "2.0.19",
+      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.19.tgz",
+      "integrity": "sha512-xxOWJsBKtzAq7DY0J+DTzuz58K8e7sJbdgwkbMWQe8UYB6ekmsQ45q0M/tJDsGaZmbC+l7n57UV8Hl5tHxO9uw==",
       "dev": true,
       "license": "MIT"
     },
@@ -5000,6 +5115,7 @@
       "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
       "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -5009,6 +5125,7 @@
       "resolved": "https://registry.npmjs.org/normalize-range/-/normalize-range-0.1.2.tgz",
       "integrity": "sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -5018,6 +5135,7 @@
       "resolved": "https://registry.npmjs.org/now-and-later/-/now-and-later-3.0.0.tgz",
       "integrity": "sha512-pGO4pzSdaxhWTGkfSfHx3hVzJVslFPwBp2Myq9MYN/ChfJZF87ochMAXnvz6/58RJSf5ik2q9tXprBBrk2cpcg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "once": "^1.4.0"
       },
@@ -5051,6 +5169,7 @@
       "resolved": "https://registry.npmjs.org/object.defaults/-/object.defaults-1.1.0.tgz",
       "integrity": "sha512-c/K0mw/F11k4dEUBMW8naXUuBuhxRCfG7W+yFy8EcijU/rSmazOUd1XAEEe6bC0OuXY4HUKjTJv7xbxIMqdxrA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "array-each": "^1.0.1",
         "array-slice": "^1.0.0",
@@ -5066,6 +5185,7 @@
       "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz",
       "integrity": "sha512-tqa/UMy/CCoYmj+H5qc07qvSL9dqcs/WZENZ1JbtWBlATP+iVOe778gE6MSijnyCnORzDuX6hU+LA4SZ09YjFQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "isobject": "^3.0.1"
       },
@@ -5240,6 +5360,7 @@
       "resolved": "https://registry.npmjs.org/parse-filepath/-/parse-filepath-1.0.2.tgz",
       "integrity": "sha512-FwdRXKCohSVeXqwtYonZTXtbGJKrn+HNyWDYVcp5yuJlesTwNH4rsmRZ+GrKAPJ5bLpRxESMeS+Rl0VCHRvB2Q==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "is-absolute": "^1.0.0",
         "map-cache": "^0.2.0",
@@ -5264,6 +5385,7 @@
       "resolved": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz",
       "integrity": "sha512-1Y1A//QUXEZK7YKz+rD9WydcE1+EuPr6ZBgKecAB8tmoW6UFv0NREVJe1p+jRxtThkcbbKkfwIbWJe/IeE6m2Q==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -5336,6 +5458,7 @@
       "resolved": "https://registry.npmjs.org/path-root/-/path-root-0.1.1.tgz",
       "integrity": "sha512-QLcPegTHF11axjfojBIoDygmS2E3Lf+8+jI6wOVmNVenrKSo3mFdSGiIgdSHenczw3wPtlVMQaFVwGmM7BJdtg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "path-root-regex": "^0.1.0"
       },
@@ -5348,6 +5471,7 @@
       "resolved": "https://registry.npmjs.org/path-root-regex/-/path-root-regex-0.1.2.tgz",
       "integrity": "sha512-4GlJ6rZDhQZFE0DPVKh0e9jmZ5egZfxTkp7bcRDuPlJXbAwhxcl2dINPUAsjLdejqaLsCeg8axcLjIbvBjN4pQ==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -5450,46 +5574,6 @@
         "node": ">= 0.10"
       }
     },
-    "node_modules/plugin-error/node_modules/extend-shallow": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz",
-      "integrity": "sha512-BwY5b5Ql4+qZoefgMj2NUmx+tehVTH/Kf4k1ZEtOHNFcm2wSxMRo992l6X3TIgni2eZVTZ85xMOjF31fwZAj6Q==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "assign-symbols": "^1.0.0",
-        "is-extendable": "^1.0.1"
-      },
-      "engines": {
-        "node": ">=0.10.0"
-      }
-    },
-    "node_modules/plugin-error/node_modules/is-extendable": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz",
-      "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "is-plain-object": "^2.0.4"
-      },
-      "engines": {
-        "node": ">=0.10.0"
-      }
-    },
-    "node_modules/plugin-error/node_modules/is-plain-object": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz",
-      "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "isobject": "^3.0.1"
-      },
-      "engines": {
-        "node": ">=0.10.0"
-      }
-    },
     "node_modules/postcss": {
       "version": "8.4.49",
       "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz",
@@ -5509,6 +5593,7 @@
           "url": "https://github.com/sponsors/ai"
         }
       ],
+      "license": "MIT",
       "dependencies": {
         "nanoid": "^3.3.7",
         "picocolors": "^1.1.1",
@@ -5569,7 +5654,8 @@
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz",
       "integrity": "sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/prepend-http": {
       "version": "3.0.1",
@@ -5761,12 +5847,6 @@
       ],
       "license": "MIT"
     },
-    "node_modules/queue-tick": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/queue-tick/-/queue-tick-1.0.1.tgz",
-      "integrity": "sha512-kJt5qhMxoszgU/62PLP1CJytzd2NKetjSRnyuj31fDd3Rlcz3fzlFdFLD1SItunPwyqEOkca6GbV612BWfaBag==",
-      "dev": true
-    },
     "node_modules/randombytes": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz",
@@ -5798,6 +5878,7 @@
       "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz",
       "integrity": "sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "picomatch": "^2.2.1"
       },
@@ -5822,6 +5903,7 @@
       "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.8.0.tgz",
       "integrity": "sha512-/vxpCXddiX8NGfGO/mTafwjq4aFa/71pvamip0++IQk3zG8cbCj0fifNPrjjF1XMXUne91jL9OoxmdykoEtifQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "resolve": "^1.20.0"
       },
@@ -5904,6 +5986,19 @@
         "regjsparser": "bin/parser"
       }
     },
+    "node_modules/regjsparser/node_modules/jsesc": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz",
+      "integrity": "sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "jsesc": "bin/jsesc"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
     "node_modules/remove-trailing-separator": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz",
@@ -5926,6 +6021,7 @@
       "resolved": "https://registry.npmjs.org/replace-homedir/-/replace-homedir-2.0.0.tgz",
       "integrity": "sha512-bgEuQQ/BHW0XkkJtawzrfzHFSN70f/3cNOiHa2QsYxqrjaC30X1k74FJ6xswVBP0sr0SpGIdVFuPwfrYziVeyw==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -5947,6 +6043,7 @@
       "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
       "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -5962,19 +6059,22 @@
       }
     },
     "node_modules/resolve": {
-      "version": "1.22.8",
-      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz",
-      "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==",
+      "version": "1.22.10",
+      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.10.tgz",
+      "integrity": "sha512-NPRy+/ncIMeDlTAsuqwKIiferiawhefFJtkNSW0qZJEqMEb+qBt/77B/jGeeek+F0uOeN05CDa6HXbbIgtVX4w==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "is-core-module": "^2.13.0",
+        "is-core-module": "^2.16.0",
         "path-parse": "^1.0.7",
         "supports-preserve-symlinks-flag": "^1.0.0"
       },
       "bin": {
         "resolve": "bin/resolve"
       },
+      "engines": {
+        "node": ">= 0.4"
+      },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
@@ -5984,6 +6084,7 @@
       "resolved": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-1.0.1.tgz",
       "integrity": "sha512-R7uiTjECzvOsWSfdM0QKFNBVFcK27aHOUwdvK53BcW8zqnGdYp0Fbj82cy54+2A4P2tFM22J5kRfe1R+lM/1yg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "expand-tilde": "^2.0.0",
         "global-modules": "^1.0.0"
@@ -6003,6 +6104,7 @@
       "resolved": "https://registry.npmjs.org/resolve-options/-/resolve-options-2.0.0.tgz",
       "integrity": "sha512-/FopbmmFOQCfsCx77BRFdKOniglTiHumLgwvd6IDPihy1GKkadZbgQJBcTb2lMzSR1pndzd96b1nZrreZ7+9/A==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "value-or-function": "^4.0.0"
       },
@@ -6084,9 +6186,9 @@
       "license": "MIT"
     },
     "node_modules/sass": {
-      "version": "1.81.0",
-      "resolved": "https://registry.npmjs.org/sass/-/sass-1.81.0.tgz",
-      "integrity": "sha512-Q4fOxRfhmv3sqCLoGfvrC9pRV8btc0UtqL9mN6Yrv6Qi9ScL55CVH1vlPP863ISLEEMNLLuu9P+enCeGHlnzhA==",
+      "version": "1.84.0",
+      "resolved": "https://registry.npmjs.org/sass/-/sass-1.84.0.tgz",
+      "integrity": "sha512-XDAbhEPJRxi7H0SxrnOpiXFQoUJHwkR2u3Zc4el+fK/Tt5Hpzw5kkQ59qVDfvdaUq6gCrEZIbySFBM2T9DNKHg==",
       "license": "MIT",
       "dependencies": {
         "chokidar": "^4.0.0",
@@ -6108,6 +6210,7 @@
       "resolved": "https://registry.npmjs.org/sass-embedded/-/sass-embedded-1.83.0.tgz",
       "integrity": "sha512-/8cYZeL39evUqe0o//193na51Q1VWZ61qhxioQvLJwOtWIrX+PgNhCyD8RSuTtmzc4+6+waFZf899bfp/MCUwA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "@bufbuild/protobuf": "^2.0.0",
         "buffer-builder": "^0.2.0",
@@ -6155,6 +6258,7 @@
         "arm"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "android"
@@ -6171,6 +6275,7 @@
         "arm64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "android"
@@ -6187,6 +6292,7 @@
         "ia32"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "android"
@@ -6203,6 +6309,7 @@
         "riscv64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "android"
@@ -6219,6 +6326,7 @@
         "x64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "android"
@@ -6235,6 +6343,7 @@
         "arm64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "darwin"
@@ -6251,6 +6360,7 @@
         "x64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "darwin"
@@ -6267,6 +6377,7 @@
         "arm"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6283,6 +6394,7 @@
         "arm64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6299,6 +6411,7 @@
         "ia32"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6315,6 +6428,7 @@
         "arm"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6331,6 +6445,7 @@
         "arm64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6347,6 +6462,7 @@
         "ia32"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6363,6 +6479,7 @@
         "riscv64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6379,6 +6496,7 @@
         "x64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6395,6 +6513,7 @@
         "riscv64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6411,6 +6530,7 @@
         "x64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "linux"
@@ -6427,6 +6547,7 @@
         "arm64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "win32"
@@ -6443,6 +6564,7 @@
         "ia32"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "win32"
@@ -6459,6 +6581,7 @@
         "x64"
       ],
       "dev": true,
+      "license": "MIT",
       "optional": true,
       "os": [
         "win32"
@@ -6467,6 +6590,22 @@
         "node": ">=14.0.0"
       }
     },
+    "node_modules/sass-embedded/node_modules/supports-color": {
+      "version": "8.1.1",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
+      "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "has-flag": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/supports-color?sponsor=1"
+      }
+    },
     "node_modules/sass-loader": {
       "version": "12.6.0",
       "resolved": "https://registry.npmjs.org/sass-loader/-/sass-loader-12.6.0.tgz",
@@ -6507,9 +6646,9 @@
       }
     },
     "node_modules/sass/node_modules/chokidar": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-4.0.1.tgz",
-      "integrity": "sha512-n8enUVCED/KVRQlab1hr3MVpcVMvxtZjmEa956u+4YijlmQED223XMSYj2tLuKvr4jcCTzNNMpQDUer72MMmzA==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-4.0.3.tgz",
+      "integrity": "sha512-Qgzu8kfBvo+cA4962jnP1KkS6Dop5NS6g7R5LFYJr4b8Ub94PPQXUksCw9PvXoeXPRRddRNC5C1JQUR2SMGtnA==",
       "license": "MIT",
       "dependencies": {
         "readdirp": "^4.0.1"
@@ -6522,12 +6661,12 @@
       }
     },
     "node_modules/sass/node_modules/readdirp": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-4.0.2.tgz",
-      "integrity": "sha512-yDMz9g+VaZkqBYS/ozoBJwaBhTbZo3UNYQHNRw1D3UFQB8oHB4uS/tAODO+ZLjGWmUbKnIlOWO+aaIiAxrUWHA==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-4.1.1.tgz",
+      "integrity": "sha512-h80JrZu/MHUZCyHu5ciuoI0+WxsCxzxJTILn6Fs8rxSnFPh+UVHYfeIxK1nVGugMqkfC4vJcBOYbkfkwYK0+gw==",
       "license": "MIT",
       "engines": {
-        "node": ">= 14.16.0"
+        "node": ">= 14.18.0"
       },
       "funding": {
         "type": "individual",
@@ -6535,9 +6674,9 @@
       }
     },
     "node_modules/schema-utils": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.2.0.tgz",
-      "integrity": "sha512-L0jRsrPpjdckP3oPug3/VxNKt2trR8TcabrM6FOAAlvC/9Phcmm+cuAgTlxBqdBR1WJx7Naj9WHw+aOmheSVbw==",
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.0.tgz",
+      "integrity": "sha512-Gf9qqc58SpCA/xdziiHz35F4GNIWYWZrEshUc/G/r5BnLph6xpKuLeoJoQuj5WfBIx/eQLf+hmVPYHaxJu7V2g==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -6547,7 +6686,7 @@
         "ajv-keywords": "^5.1.0"
       },
       "engines": {
-        "node": ">= 12.13.0"
+        "node": ">= 10.13.0"
       },
       "funding": {
         "type": "opencollective",
@@ -6555,9 +6694,9 @@
       }
     },
     "node_modules/semver": {
-      "version": "7.6.3",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
-      "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==",
+      "version": "7.7.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.1.tgz",
+      "integrity": "sha512-hlq8tAfn0m/61p4BVRcPzIGr6LKiMwo4VM6dGi6pt4qcRkmNzTcWq6eCEjEh+qXjkMDvPlOFFSGwQjoEa6gyMA==",
       "license": "ISC",
       "bin": {
         "semver": "bin/semver.js"
@@ -6571,6 +6710,7 @@
       "resolved": "https://registry.npmjs.org/semver-greatest-satisfied-range/-/semver-greatest-satisfied-range-2.0.0.tgz",
       "integrity": "sha512-lH3f6kMbwyANB7HuOWRMlLCa2itaCrZJ+SAqqkSZrZKO/cAsk2EOyaKHUtNkVLFyFW9pct22SFesFp3Z7zpA0g==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "sver": "^1.8.3"
       },
@@ -6599,9 +6739,9 @@
       }
     },
     "node_modules/source-map": {
-      "version": "0.6.1",
-      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
-      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+      "version": "0.5.7",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz",
+      "integrity": "sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==",
       "dev": true,
       "license": "BSD-3-Clause",
       "engines": {
@@ -6628,11 +6768,22 @@
         "source-map": "^0.6.0"
       }
     },
+    "node_modules/source-map-support/node_modules/source-map": {
+      "version": "0.6.1",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+      "dev": true,
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/sparkles": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/sparkles/-/sparkles-2.1.0.tgz",
       "integrity": "sha512-r7iW1bDw8R/cFifrD3JnQJX0K1jqT0kprL48BiBpLZLJPmAm34zsVBsK5lc7HirZYZqMW65dOXZgbAGt/I6frg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -6642,6 +6793,7 @@
       "resolved": "https://registry.npmjs.org/stream-composer/-/stream-composer-1.0.2.tgz",
       "integrity": "sha512-bnBselmwfX5K10AH6L4c8+S5lgZMWI7ZYrz2rvYjCPB2DIMC4Ig8OpxGpNJSxRZ58oti7y1IcNvjBAz9vW5m4w==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "streamx": "^2.13.2"
       }
@@ -6650,16 +6802,17 @@
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/stream-exhaust/-/stream-exhaust-1.0.2.tgz",
       "integrity": "sha512-b/qaq/GlBK5xaq1yrK9/zFcyRSTNxmcZwFLGSTG0mXgZl/4Z6GgiyYOXOvY7N3eEvFRAG1bkDRz5EPGSvPYQlw==",
-      "dev": true
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/streamx": {
-      "version": "2.21.1",
-      "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.21.1.tgz",
-      "integrity": "sha512-PhP9wUnFLa+91CPy3N6tiQsK+gnYyUNuk15S3YG/zjYE7RuPeCjJngqnzpC31ow0lzBHQ+QGO4cNJnd0djYUsw==",
+      "version": "2.22.0",
+      "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.22.0.tgz",
+      "integrity": "sha512-sLh1evHOzBy/iWRiR6d1zRcLao4gGZr3C1kzNz4fopCOKJb6xD9ub8Mpi9Mr1R6id5o43S+d93fI48UC5uM9aw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "fast-fifo": "^1.3.2",
-        "queue-tick": "^1.0.1",
         "text-decoder": "^1.1.0"
       },
       "optionalDependencies": {
@@ -6680,6 +6833,7 @@
       "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
       "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "emoji-regex": "^8.0.0",
         "is-fullwidth-code-point": "^3.0.0",
@@ -6703,19 +6857,16 @@
       }
     },
     "node_modules/supports-color": {
-      "version": "8.1.1",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
-      "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
+      "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "has-flag": "^4.0.0"
       },
       "engines": {
-        "node": ">=10"
-      },
-      "funding": {
-        "url": "https://github.com/chalk/supports-color?sponsor=1"
+        "node": ">=8"
       }
     },
     "node_modules/supports-preserve-symlinks-flag": {
@@ -6736,6 +6887,7 @@
       "resolved": "https://registry.npmjs.org/sver/-/sver-1.8.4.tgz",
       "integrity": "sha512-71o1zfzyawLfIWBOmw8brleKyvnbn73oVHNCsu51uPMz/HWiKkkXsI31JjHW5zqXEqnPYkIiHd8ZmL7FCimLEA==",
       "dev": true,
+      "license": "MIT",
       "optionalDependencies": {
         "semver": "^6.3.0"
       }
@@ -6745,6 +6897,7 @@
       "resolved": "https://registry.npmjs.org/sync-child-process/-/sync-child-process-1.0.2.tgz",
       "integrity": "sha512-8lD+t2KrrScJ/7KXCSyfhT3/hRq78rC0wBFqNJXv3mZyn6hW2ypM05JmlSvtqRbeq6jqA94oHbxAr2vYsJ8vDA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "sync-message-port": "^1.0.0"
       },
@@ -6757,6 +6910,7 @@
       "resolved": "https://registry.npmjs.org/sync-message-port/-/sync-message-port-1.1.3.tgz",
       "integrity": "sha512-GTt8rSKje5FilG+wEdfCkOcLL7LWqpMlr2c3LRuKt/YXxcJ52aGSbGBAdI4L3aaqfrBt6y711El53ItyH1NWzg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=16.0.0"
       }
@@ -6772,9 +6926,9 @@
       }
     },
     "node_modules/tar-fs": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
-      "integrity": "sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng==",
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.2.tgz",
+      "integrity": "sha512-EsaAXwxmx8UB7FRKqeozqEPop69DXcmYwTQwXvyAPF352HJsPdkVhvTaDPYqfNgruveJIJy3TA2l+2zj8LJIJA==",
       "license": "MIT",
       "dependencies": {
         "chownr": "^1.1.1",
@@ -6818,14 +6972,15 @@
       "resolved": "https://registry.npmjs.org/teex/-/teex-1.0.1.tgz",
       "integrity": "sha512-eYE6iEI62Ni1H8oIa7KlDU6uQBtqr4Eajni3wX7rpfXD8ysFx8z0+dri+KWEPWpBsxXfxu58x/0jvTVT1ekOSg==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "streamx": "^2.12.5"
       }
     },
     "node_modules/terser": {
-      "version": "5.36.0",
-      "resolved": "https://registry.npmjs.org/terser/-/terser-5.36.0.tgz",
-      "integrity": "sha512-IYV9eNMuFAV4THUspIRXkLakHnV6XO7FEdtKjf/mDyrnqUg9LnlOn6/RwRvM9SZjR4GUq8Nk8zj67FzVARr74w==",
+      "version": "5.38.2",
+      "resolved": "https://registry.npmjs.org/terser/-/terser-5.38.2.tgz",
+      "integrity": "sha512-w8CXxxbFA5zfNsR/i8HZq5bvn18AK0O9jj7hyo1YqkovLxEFa0uP0LCVGZRqiRaKRFxXhELBp8SteeAjEnfeJg==",
       "dev": true,
       "license": "BSD-2-Clause",
       "dependencies": {
@@ -6842,17 +6997,17 @@
       }
     },
     "node_modules/terser-webpack-plugin": {
-      "version": "5.3.10",
-      "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.10.tgz",
-      "integrity": "sha512-BKFPWlPDndPs+NGGCr1U59t0XScL5317Y0UReNrHaw9/FwhPENlq6bfgs+4yPfyP51vqC1bQ4rp1EfXW5ZSH9w==",
+      "version": "5.3.11",
+      "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.11.tgz",
+      "integrity": "sha512-RVCsMfuD0+cTt3EwX8hSl2Ks56EbFHWmhluwcqoPKtBnfjiT6olaq7PRIRfhyU8nnC2MrnDrBLfrD/RGE+cVXQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@jridgewell/trace-mapping": "^0.3.20",
+        "@jridgewell/trace-mapping": "^0.3.25",
         "jest-worker": "^27.4.5",
-        "schema-utils": "^3.1.1",
-        "serialize-javascript": "^6.0.1",
-        "terser": "^5.26.0"
+        "schema-utils": "^4.3.0",
+        "serialize-javascript": "^6.0.2",
+        "terser": "^5.31.1"
       },
       "engines": {
         "node": ">= 10.13.0"
@@ -6876,72 +7031,6 @@
         }
       }
     },
-    "node_modules/terser-webpack-plugin/node_modules/ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "fast-deep-equal": "^3.1.1",
-        "fast-json-stable-stringify": "^2.0.0",
-        "json-schema-traverse": "^0.4.1",
-        "uri-js": "^4.2.2"
-      },
-      "funding": {
-        "type": "github",
-        "url": "https://github.com/sponsors/epoberezkin"
-      }
-    },
-    "node_modules/terser-webpack-plugin/node_modules/ajv-keywords": {
-      "version": "3.5.2",
-      "resolved": "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-3.5.2.tgz",
-      "integrity": "sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==",
-      "dev": true,
-      "license": "MIT",
-      "peerDependencies": {
-        "ajv": "^6.9.1"
-      }
-    },
-    "node_modules/terser-webpack-plugin/node_modules/json-schema-traverse": {
-      "version": "0.4.1",
-      "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
-      "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
-      "dev": true,
-      "license": "MIT"
-    },
-    "node_modules/terser-webpack-plugin/node_modules/schema-utils": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz",
-      "integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "@types/json-schema": "^7.0.8",
-        "ajv": "^6.12.5",
-        "ajv-keywords": "^3.5.2"
-      },
-      "engines": {
-        "node": ">= 10.13.0"
-      },
-      "funding": {
-        "type": "opencollective",
-        "url": "https://opencollective.com/webpack"
-      }
-    },
-    "node_modules/terser/node_modules/acorn": {
-      "version": "8.14.0",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
-      "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
-      "dev": true,
-      "license": "MIT",
-      "bin": {
-        "acorn": "bin/acorn"
-      },
-      "engines": {
-        "node": ">=0.4.0"
-      }
-    },
     "node_modules/terser/node_modules/commander": {
       "version": "2.20.3",
       "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz",
@@ -6954,6 +7043,7 @@
       "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz",
       "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==",
       "dev": true,
+      "license": "Apache-2.0",
       "dependencies": {
         "b4a": "^1.6.4"
       }
@@ -6992,6 +7082,7 @@
       "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
       "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
       "devOptional": true,
+      "license": "MIT",
       "dependencies": {
         "is-number": "^7.0.0"
       },
@@ -7004,6 +7095,7 @@
       "resolved": "https://registry.npmjs.org/to-through/-/to-through-3.0.0.tgz",
       "integrity": "sha512-y8MN937s/HVhEoBU1SxfHC+wxCHkV1a9gW8eAdTadYh/bGyesZIVcbjI+mSpFbSVwQici/XjBjuUyri1dnXwBw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "streamx": "^2.12.5"
       },
@@ -7045,6 +7137,7 @@
       "resolved": "https://registry.npmjs.org/unc-path-regex/-/unc-path-regex-0.1.2.tgz",
       "integrity": "sha512-eXL4nmJT7oCpkZsHZUOJo8hcX3GbsiDOa0Qu9F646fi8dT3XuSVopVqAcEiVzSKKH7UoDti23wNX3qGFxcW5Qg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -7054,6 +7147,7 @@
       "resolved": "https://registry.npmjs.org/undertaker/-/undertaker-2.0.0.tgz",
       "integrity": "sha512-tO/bf30wBbTsJ7go80j0RzA2rcwX6o7XPBpeFcb+jzoeb4pfMM2zUeSDIkY1AWqeZabWxaQZ/h8N9t35QKDLPQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "bach": "^2.0.1",
         "fast-levenshtein": "^3.0.0",
@@ -7069,6 +7163,7 @@
       "resolved": "https://registry.npmjs.org/undertaker-registry/-/undertaker-registry-2.0.0.tgz",
       "integrity": "sha512-+hhVICbnp+rlzZMgxXenpvTxpuvA67Bfgtt+O9WOE5jo7w/dyiF1VmoZVIHvP2EkUjsyKyTwYKlLhA+j47m1Ew==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -7134,9 +7229,9 @@
       }
     },
     "node_modules/update-browserslist-db": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.1.tgz",
-      "integrity": "sha512-R8UzCaa9Az+38REPiJ1tXlImTJXlVfgHZsglwBD/k6nj76ctsH1E3q4doGrukiLQd3sGQYu56r5+lo5r94l29A==",
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.2.tgz",
+      "integrity": "sha512-PPypAm5qvlD7XMZC3BujecnaOxwhrtoFR+Dqkk5Aa/6DssiH0ibKoketaj9w8LP7Bont1rYeoV5plxD7RTEPRg==",
       "dev": true,
       "funding": [
         {
@@ -7155,7 +7250,7 @@
       "license": "MIT",
       "dependencies": {
         "escalade": "^3.2.0",
-        "picocolors": "^1.1.0"
+        "picocolors": "^1.1.1"
       },
       "bin": {
         "update-browserslist-db": "cli.js"
@@ -7185,6 +7280,7 @@
       "resolved": "https://registry.npmjs.org/v8flags/-/v8flags-4.0.1.tgz",
       "integrity": "sha512-fcRLaS4H/hrZk9hYwbdRM35D0U8IYMfEClhXxCivOojl+yTRAZH3Zy2sSy6qVCiGbV9YAtPssP6jaChqC9vPCg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -7194,6 +7290,7 @@
       "resolved": "https://registry.npmjs.org/value-or-function/-/value-or-function-4.0.0.tgz",
       "integrity": "sha512-aeVK81SIuT6aMJfNo9Vte8Dw0/FZINGBV8BfCraGtqVxIeLAEhJyoWs8SmvRVmXfGss2PmmOwZCuBPbZR+IYWg==",
       "dev": true,
+      "license": "MIT",
       "engines": {
         "node": ">= 10.13.0"
       }
@@ -7228,6 +7325,7 @@
       "resolved": "https://registry.npmjs.org/vinyl-contents/-/vinyl-contents-2.0.0.tgz",
       "integrity": "sha512-cHq6NnGyi2pZ7xwdHSW1v4Jfnho4TEGtxZHw01cmnc8+i7jgR6bRnED/LbrKan/Q7CvVLbnvA5OepnhbpjBZ5Q==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "bl": "^5.0.0",
         "vinyl": "^3.0.0"
@@ -7241,6 +7339,7 @@
       "resolved": "https://registry.npmjs.org/bl/-/bl-5.1.0.tgz",
       "integrity": "sha512-tv1ZJHLfTDnXE6tMHv73YgSJaWR2AFuPwMntBe7XL/GBFHnT0CLnsHMogfk5+GzCDC5ZWarSCYaIGATZt9dNsQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "buffer": "^6.0.3",
         "inherits": "^2.0.4",
@@ -7266,6 +7365,7 @@
           "url": "https://feross.org/support"
         }
       ],
+      "license": "MIT",
       "dependencies": {
         "base64-js": "^1.3.1",
         "ieee754": "^1.2.1"
@@ -7276,6 +7376,7 @@
       "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
       "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "inherits": "^2.0.3",
         "string_decoder": "^1.1.1",
@@ -7290,6 +7391,7 @@
       "resolved": "https://registry.npmjs.org/vinyl/-/vinyl-3.0.0.tgz",
       "integrity": "sha512-rC2VRfAVVCGEgjnxHUnpIVh3AGuk62rP3tqVrn+yab0YH7UULisC085+NYH+mnqf3Wx4SpSi1RQMwudL89N03g==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "clone": "^2.1.2",
         "clone-stats": "^1.0.0",
@@ -7306,6 +7408,7 @@
       "resolved": "https://registry.npmjs.org/vinyl-fs/-/vinyl-fs-4.0.0.tgz",
       "integrity": "sha512-7GbgBnYfaquMk3Qu9g22x000vbYkOex32930rBnc3qByw6HfMEAoELjCjoJv4HuEQxHAurT+nvMHm6MnJllFLw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "fs-mkdirp-stream": "^2.0.1",
         "glob-stream": "^8.0.0",
@@ -7331,6 +7434,7 @@
       "resolved": "https://registry.npmjs.org/vinyl/-/vinyl-3.0.0.tgz",
       "integrity": "sha512-rC2VRfAVVCGEgjnxHUnpIVh3AGuk62rP3tqVrn+yab0YH7UULisC085+NYH+mnqf3Wx4SpSi1RQMwudL89N03g==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "clone": "^2.1.2",
         "clone-stats": "^1.0.0",
@@ -7347,6 +7451,7 @@
       "resolved": "https://registry.npmjs.org/vinyl-sourcemap/-/vinyl-sourcemap-2.0.0.tgz",
       "integrity": "sha512-BAEvWxbBUXvlNoFQVFVHpybBbjW1r03WhohJzJDSfgrrK5xVYIDTan6xN14DlyImShgDRv2gl9qhM6irVMsV0Q==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "convert-source-map": "^2.0.0",
         "graceful-fs": "^4.2.10",
@@ -7364,6 +7469,7 @@
       "resolved": "https://registry.npmjs.org/vinyl/-/vinyl-3.0.0.tgz",
       "integrity": "sha512-rC2VRfAVVCGEgjnxHUnpIVh3AGuk62rP3tqVrn+yab0YH7UULisC085+NYH+mnqf3Wx4SpSi1RQMwudL89N03g==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "clone": "^2.1.2",
         "clone-stats": "^1.0.0",
@@ -7385,16 +7491,6 @@
         "source-map": "^0.5.1"
       }
     },
-    "node_modules/vinyl-sourcemaps-apply/node_modules/source-map": {
-      "version": "0.5.7",
-      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz",
-      "integrity": "sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==",
-      "dev": true,
-      "license": "BSD-3-Clause",
-      "engines": {
-        "node": ">=0.10.0"
-      }
-    },
     "node_modules/vinyl/node_modules/replace-ext": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/replace-ext/-/replace-ext-1.0.1.tgz",
@@ -7426,17 +7522,17 @@
       "license": "BSD-2-Clause"
     },
     "node_modules/webpack": {
-      "version": "5.96.1",
-      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.96.1.tgz",
-      "integrity": "sha512-l2LlBSvVZGhL4ZrPwyr8+37AunkcYj5qh8o6u2/2rzoPc8gxFJkLj1WxNgooi9pnoc06jh0BjuXnamM4qlujZA==",
+      "version": "5.97.1",
+      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.97.1.tgz",
+      "integrity": "sha512-EksG6gFY3L1eFMROS/7Wzgrii5mBAFe4rIr3r2BTfo7bcc+DWwFZ4OJ/miOuHJO/A85HwyI4eQ0F6IKXesO7Fg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@types/eslint-scope": "^3.7.7",
         "@types/estree": "^1.0.6",
-        "@webassemblyjs/ast": "^1.12.1",
-        "@webassemblyjs/wasm-edit": "^1.12.1",
-        "@webassemblyjs/wasm-parser": "^1.12.1",
+        "@webassemblyjs/ast": "^1.14.1",
+        "@webassemblyjs/wasm-edit": "^1.14.1",
+        "@webassemblyjs/wasm-parser": "^1.14.1",
         "acorn": "^8.14.0",
         "browserslist": "^4.24.0",
         "chrome-trace-event": "^1.0.2",
@@ -7505,17 +7601,20 @@
         "webpack": "^5.21.2"
       }
     },
-    "node_modules/webpack/node_modules/acorn": {
-      "version": "8.14.0",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
-      "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
+    "node_modules/webpack-stream/node_modules/supports-color": {
+      "version": "8.1.1",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
+      "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==",
       "dev": true,
       "license": "MIT",
-      "bin": {
-        "acorn": "bin/acorn"
+      "dependencies": {
+        "has-flag": "^4.0.0"
       },
       "engines": {
-        "node": ">=0.4.0"
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/supports-color?sponsor=1"
       }
     },
     "node_modules/webpack/node_modules/ajv": {
@@ -7607,6 +7706,7 @@
       "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz",
       "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==",
       "dev": true,
+      "license": "ISC",
       "dependencies": {
         "isexe": "^2.0.0"
       },
@@ -7625,6 +7725,7 @@
       "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
       "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "ansi-styles": "^4.0.0",
         "string-width": "^4.1.0",
@@ -7669,6 +7770,7 @@
       "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",
       "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==",
       "dev": true,
+      "license": "ISC",
       "engines": {
         "node": ">=10"
       }
@@ -7695,6 +7797,7 @@
       "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz",
       "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "cliui": "^7.0.2",
         "escalade": "^3.1.1",
@@ -7723,6 +7826,7 @@
       "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz",
       "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==",
       "dev": true,
+      "license": "ISC",
       "engines": {
         "node": ">=10"
       }

From 07cc070c13f0b681717352286fba397aebc54c44 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Tue, 11 Feb 2025 13:04:40 -0700
Subject: [PATCH 30/81] test 2

---
 src/.pa11yci          | 28 ++++++++++++++--------------
 src/package-lock.json |  2 +-
 src/package.json      |  2 +-
 3 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/src/.pa11yci b/src/.pa11yci
index 571d0b1c8..ed382a38a 100644
--- a/src/.pa11yci
+++ b/src/.pa11yci
@@ -8,20 +8,20 @@
         "http://localhost:8080/health/",
         "http://localhost:8080/request/",
         "http://localhost:8080/request/start",
-        "http://localhost:8080/request/organization/",
-        "http://localhost:8080/request/org_federal/",
-        "http://localhost:8080/request/org_election/",
-        "http://localhost:8080/request/org_contact/",
-        "http://localhost:8080/request/senior_official/",
-        "http://localhost:8080/request/current_sites/",
-        "http://localhost:8080/request/dotgov_domain/",
-        "http://localhost:8080/request/purpose/",
-        "http://localhost:8080/request/your_contact/",
-        "http://localhost:8080/request/other_contacts/",
-        "http://localhost:8080/request/anything_else/",
-        "http://localhost:8080/request/requirements/",
-        "http://localhost:8080/request/finished/",
-        "http://localhost:8080/request/requesting_entity/",
+        "http://localhost:8080/request/1/organization/",
+        "http://localhost:8080/request/1/org_federal/",
+        "http://localhost:8080/request/1/org_election/",
+        "http://localhost:8080/request/1/org_contact/",
+        "http://localhost:8080/request/1/senior_official/",
+        "http://localhost:8080/request/1/current_sites/",
+        "http://localhost:8080/request/1/dotgov_domain/",
+        "http://localhost:8080/request/1/purpose/",
+        "http://localhost:8080/request/1/your_contact/",
+        "http://localhost:8080/request/1/other_contacts/",
+        "http://localhost:8080/request/1/anything_else/",
+        "http://localhost:8080/request/1/requirements/",
+        "http://localhost:8080/request/1/finished/",
+        "http://localhost:8080/request/1/requesting_entity/",
         "http://localhost:8080/user-profile/",
         "http://localhost:8080/members/",
         "http://localhost:8080/members/new-member"
diff --git a/src/package-lock.json b/src/package-lock.json
index eb2d6b7af..0f2a8c38b 100644
--- a/src/package-lock.json
+++ b/src/package-lock.json
@@ -10,7 +10,7 @@
       "license": "ISC",
       "dependencies": {
         "@uswds/uswds": "3.8.1",
-        "pa11y-ci": "^3.0.1",
+        "pa11y-ci": "^3.1.0",
         "sass": "^1.54.8"
       },
       "devDependencies": {
diff --git a/src/package.json b/src/package.json
index d915b2384..9c50c93e1 100644
--- a/src/package.json
+++ b/src/package.json
@@ -11,7 +11,7 @@
   "license": "ISC",
   "dependencies": {
     "@uswds/uswds": "3.8.1",
-    "pa11y-ci": "^3.0.1",
+    "pa11y-ci": "^3.1.0",
     "sass": "^1.54.8"
   },
   "devDependencies": {

From bb05f6f4657c1d6aaab06e3658b128ee86f744a8 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Tue, 11 Feb 2025 12:50:40 -0800
Subject: [PATCH 31/81] Add logic for getting envs and adding it to email
 subject and body

---
 src/registrar/config/settings.py              |  1 +
 .../templates/emails/domain_invitation.txt    |  2 +-
 .../emails/domain_invitation_subject.txt      |  2 +-
 ...n_manager_deleted_notification_subject.txt |  2 +-
 .../emails/domain_manager_notification.txt    |  2 +-
 .../domain_manager_notification_subject.txt   |  2 +-
 .../emails/domain_request_withdrawn.txt       |  2 +-
 .../domain_request_withdrawn_subject.txt      |  2 +-
 .../templates/emails/metadata_body.txt        |  2 +-
 .../templates/emails/metadata_subject.txt     |  2 +-
 .../portfolio_admin_addition_notification.txt |  2 +-
 ...io_admin_addition_notification_subject.txt |  2 +-
 .../portfolio_admin_removal_notification.txt  |  2 +-
 ...lio_admin_removal_notification_subject.txt |  2 +-
 .../templates/emails/portfolio_invitation.txt |  2 +-
 .../emails/portfolio_invitation_subject.txt   |  2 +-
 .../emails/status_change_approved.txt         |  2 +-
 .../emails/status_change_approved_subject.txt |  2 +-
 .../emails/status_change_subject.txt          |  2 +-
 .../emails/submission_confirmation.txt        |  2 +-
 .../submission_confirmation_subject.txt       |  2 +-
 .../emails/transition_domain_invitation.txt   |  2 +-
 .../transition_domain_invitation_subject.txt  |  2 +-
 .../emails/update_to_approved_domain.txt      |  4 ++--
 .../update_to_approved_domain_subject.txt     |  2 +-
 src/registrar/utility/email.py                | 19 +++++++++++++++++++
 26 files changed, 45 insertions(+), 25 deletions(-)

diff --git a/src/registrar/config/settings.py b/src/registrar/config/settings.py
index 78439188e..fa4c2d8dc 100644
--- a/src/registrar/config/settings.py
+++ b/src/registrar/config/settings.py
@@ -107,6 +107,7 @@ DEBUG = env_debug
 # Controls production specific feature toggles
 IS_PRODUCTION = env_is_production
 SECRET_ENCRYPT_METADATA = secret_encrypt_metadata
+BASE_URL = env_base_url
 
 # Applications are modular pieces of code.
 # They are provided by Django, by third-parties, or by yourself.
diff --git a/src/registrar/templates/emails/domain_invitation.txt b/src/registrar/templates/emails/domain_invitation.txt
index a077bff26..270786a7a 100644
--- a/src/registrar/templates/emails/domain_invitation.txt
+++ b/src/registrar/templates/emails/domain_invitation.txt
@@ -4,7 +4,7 @@ Hi,{% if requested_user and requested_user.first_name %} {{ requested_user.first
 {{ requestor_email }} has invited you to manage:
 {% for domain in domains %}{{ domain.name }}
 {% endfor %}
-To manage domain information, visit the .gov registrar <https://manage.get.gov>.
+To manage domain information, visit the .gov registrar <{{ manage_url }}>.
 
 ----------------------------------------------------------------
 {% if not requested_user %}
diff --git a/src/registrar/templates/emails/domain_invitation_subject.txt b/src/registrar/templates/emails/domain_invitation_subject.txt
index 9663346d0..9f15c38b4 100644
--- a/src/registrar/templates/emails/domain_invitation_subject.txt
+++ b/src/registrar/templates/emails/domain_invitation_subject.txt
@@ -1 +1 @@
-You've been invited to manage {% if domains|length > 1 %}.gov domains{% else %}{{ domains.0.name }}{% endif %}
\ No newline at end of file
+{{ prefix }}You've been invited to manage {% if domains|length > 1 %}.gov domains{% else %}{{ domains.0.name }}{% endif %}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt b/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt
index c84a20f18..7376bdb86 100644
--- a/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt
+++ b/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt
@@ -1 +1 @@
-A domain manager was removed from {{ domain.name }}
\ No newline at end of file
+{{ prefix }}A domain manager was removed from {{ domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_manager_notification.txt b/src/registrar/templates/emails/domain_manager_notification.txt
index c253937e4..18e682329 100644
--- a/src/registrar/templates/emails/domain_manager_notification.txt
+++ b/src/registrar/templates/emails/domain_manager_notification.txt
@@ -15,7 +15,7 @@ The person who received the invitation will become a domain manager once they lo
 associated with the invited email address.
 
 If you need to cancel this invitation or remove the domain manager, you can do that by going to 
-this domain in the .gov registrar <https://manage.get.gov/>.
+this domain in the .gov registrar <{{ manage_url }}.
 
 
 WHY DID YOU RECEIVE THIS EMAIL? 
diff --git a/src/registrar/templates/emails/domain_manager_notification_subject.txt b/src/registrar/templates/emails/domain_manager_notification_subject.txt
index 0e9918de0..8560cb9fa 100644
--- a/src/registrar/templates/emails/domain_manager_notification_subject.txt
+++ b/src/registrar/templates/emails/domain_manager_notification_subject.txt
@@ -1 +1 @@
-A domain manager was invited to {{ domain.name }}
\ No newline at end of file
+{{ prefix }}A domain manager was invited to {{ domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_request_withdrawn.txt b/src/registrar/templates/emails/domain_request_withdrawn.txt
index fbdf5b4f1..fe026027b 100644
--- a/src/registrar/templates/emails/domain_request_withdrawn.txt
+++ b/src/registrar/templates/emails/domain_request_withdrawn.txt
@@ -11,7 +11,7 @@ STATUS: Withdrawn
 ----------------------------------------------------------------
 
 YOU CAN EDIT YOUR WITHDRAWN REQUEST
-You can edit and resubmit this request by signing in to the registrar <https://manage.get.gov/>.
+You can edit and resubmit this request by signing in to the registrar <{{ manage_url }}>.
 
 
 SOMETHING WRONG?
diff --git a/src/registrar/templates/emails/domain_request_withdrawn_subject.txt b/src/registrar/templates/emails/domain_request_withdrawn_subject.txt
index 51b2c745a..cc146643a 100644
--- a/src/registrar/templates/emails/domain_request_withdrawn_subject.txt
+++ b/src/registrar/templates/emails/domain_request_withdrawn_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/metadata_body.txt b/src/registrar/templates/emails/metadata_body.txt
index adf0a186c..a0a3682b7 100644
--- a/src/registrar/templates/emails/metadata_body.txt
+++ b/src/registrar/templates/emails/metadata_body.txt
@@ -1 +1 @@
-An export of all .gov metadata.
+{{ prefix }}An export of all .gov metadata.
diff --git a/src/registrar/templates/emails/metadata_subject.txt b/src/registrar/templates/emails/metadata_subject.txt
index 5fdece7ef..c19b4c26e 100644
--- a/src/registrar/templates/emails/metadata_subject.txt
+++ b/src/registrar/templates/emails/metadata_subject.txt
@@ -1,2 +1,2 @@
-Domain metadata - {{current_date_str}}
+{{ prefix }}Domain metadata - {{current_date_str}}
 
diff --git a/src/registrar/templates/emails/portfolio_admin_addition_notification.txt b/src/registrar/templates/emails/portfolio_admin_addition_notification.txt
index b8953aa67..9e6da3985 100644
--- a/src/registrar/templates/emails/portfolio_admin_addition_notification.txt
+++ b/src/registrar/templates/emails/portfolio_admin_addition_notification.txt
@@ -16,7 +16,7 @@ The person who received the invitation will become an admin once they log in to
 associated with the invited email address.
 
 If you need to cancel this invitation or remove the admin, you can do that by going to 
-the Members section for your organization <https://manage.get.gov/>.
+the Members section for your organization <{{ manage_url }}>.
 
 
 WHY DID YOU RECEIVE THIS EMAIL? 
diff --git a/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt b/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt
index 3d6b2a140..ee5987512 100644
--- a/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt
+++ b/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt
@@ -1 +1 @@
-An admin was invited to your .gov organization
\ No newline at end of file
+{{ prefix }}An admin was invited to your .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/portfolio_admin_removal_notification.txt b/src/registrar/templates/emails/portfolio_admin_removal_notification.txt
index 6a536aa49..bf0338c03 100644
--- a/src/registrar/templates/emails/portfolio_admin_removal_notification.txt
+++ b/src/registrar/templates/emails/portfolio_admin_removal_notification.txt
@@ -8,7 +8,7 @@ REMOVED BY: {{ requestor_email }}
 REMOVED ON: {{date}}
 ADMIN REMOVED: {{ removed_email_address }}
 
-You can view this update by going to the Members section for your .gov organization <https://manage.get.gov/>.
+You can view this update by going to the Members section for your .gov organization <{{ manage_url }}>.
 
 ----------------------------------------------------------------
 
diff --git a/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt b/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
index e250b17f8..030d27ae7 100644
--- a/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
+++ b/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
@@ -1 +1 @@
-An admin was removed from your .gov organization
\ No newline at end of file
+{{ prefix}}An admin was removed from your .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/portfolio_invitation.txt b/src/registrar/templates/emails/portfolio_invitation.txt
index 775b74c7c..893da153d 100644
--- a/src/registrar/templates/emails/portfolio_invitation.txt
+++ b/src/registrar/templates/emails/portfolio_invitation.txt
@@ -3,7 +3,7 @@ Hi.
 
 {{ requestor_email }} has invited you to {{ portfolio.organization_name }}.
 
-You can view this organization on the .gov registrar <https://manage.get.gov>.
+You can view this organization on the .gov registrar <{{ manage_url }}>.
 
 ----------------------------------------------------------------
 
diff --git a/src/registrar/templates/emails/portfolio_invitation_subject.txt b/src/registrar/templates/emails/portfolio_invitation_subject.txt
index 552bb2bec..de9080196 100644
--- a/src/registrar/templates/emails/portfolio_invitation_subject.txt
+++ b/src/registrar/templates/emails/portfolio_invitation_subject.txt
@@ -1 +1 @@
-You’ve been invited to a .gov organization
\ No newline at end of file
+{{ prefix }}You’ve been invited to a .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/status_change_approved.txt b/src/registrar/templates/emails/status_change_approved.txt
index 821e89e42..635b36cbd 100644
--- a/src/registrar/templates/emails/status_change_approved.txt
+++ b/src/registrar/templates/emails/status_change_approved.txt
@@ -8,7 +8,7 @@ REQUESTED BY: {{ domain_request.creator.email }}
 REQUEST RECEIVED ON: {{ domain_request.last_submitted_date|date }}
 STATUS: Approved
 
-You can manage your approved domain on the .gov registrar <https://manage.get.gov>.
+You can manage your approved domain on the .gov registrar <{{ manage_url }}>.
 
 ----------------------------------------------------------------
 
diff --git a/src/registrar/templates/emails/status_change_approved_subject.txt b/src/registrar/templates/emails/status_change_approved_subject.txt
index 51b2c745a..cc146643a 100644
--- a/src/registrar/templates/emails/status_change_approved_subject.txt
+++ b/src/registrar/templates/emails/status_change_approved_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/status_change_subject.txt b/src/registrar/templates/emails/status_change_subject.txt
index 51b2c745a..cc146643a 100644
--- a/src/registrar/templates/emails/status_change_subject.txt
+++ b/src/registrar/templates/emails/status_change_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/submission_confirmation.txt b/src/registrar/templates/emails/submission_confirmation.txt
index d9d01ec3e..afbde48d5 100644
--- a/src/registrar/templates/emails/submission_confirmation.txt
+++ b/src/registrar/templates/emails/submission_confirmation.txt
@@ -20,7 +20,7 @@ During our review, we’ll verify that:
 - You work at the organization and/or can make requests on its behalf 
 - Your requested domain meets our naming requirements 
 {% endif %}
-We’ll email you if we have questions. We’ll also email you as soon as we complete our review. You can check the status of your request at any time on the registrar. <https://manage.get.gov>.
+We’ll email you if we have questions. We’ll also email you as soon as we complete our review. You can check the status of your request at any time on the registrar. <{{ manage_url }}>.
 
 
 NEED TO MAKE CHANGES?
diff --git a/src/registrar/templates/emails/submission_confirmation_subject.txt b/src/registrar/templates/emails/submission_confirmation_subject.txt
index 51b2c745a..cc146643a 100644
--- a/src/registrar/templates/emails/submission_confirmation_subject.txt
+++ b/src/registrar/templates/emails/submission_confirmation_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/transition_domain_invitation.txt b/src/registrar/templates/emails/transition_domain_invitation.txt
index b6773d9e9..dc812edf3 100644
--- a/src/registrar/templates/emails/transition_domain_invitation.txt
+++ b/src/registrar/templates/emails/transition_domain_invitation.txt
@@ -31,7 +31,7 @@ CHECK YOUR .GOV DOMAIN CONTACTS
 
 This is a good time to check who has access to your .gov domain{% if domains|length > 1 %}s{% endif %}. The admin, technical, and billing contacts listed for your domain{% if domains|length > 1 %}s{% endif %} in our old system also received this email. In our new registrar, these contacts are all considered “domain managers.” We no longer have the admin, technical, and billing roles, and you aren’t limited to three domain managers like in the old system. 
 
-    1. Once you have your Login.gov account, sign in to the new registrar at <https://manage.get.gov>.
+    1. Once you have your Login.gov account, sign in to the new registrar at <{{ manage_url }}>.
     2. Click the “Manage” link next to your .gov domain, then click on “Domain managers” to see who has access to your domain. 
     3. If any of these users should not have access to your domain, let us know in a reply to this email.
 
diff --git a/src/registrar/templates/emails/transition_domain_invitation_subject.txt b/src/registrar/templates/emails/transition_domain_invitation_subject.txt
index 526c7714b..b162341d9 100644
--- a/src/registrar/templates/emails/transition_domain_invitation_subject.txt
+++ b/src/registrar/templates/emails/transition_domain_invitation_subject.txt
@@ -1 +1 @@
-(Action required) Manage your .gov domain{% if domains|length > 1 %}s{% endif %} in the new registrar
\ No newline at end of file
+{{ prefix }}(Action required) Manage your .gov domain{% if domains|length > 1 %}s{% endif %} in the new registrar
\ No newline at end of file
diff --git a/src/registrar/templates/emails/update_to_approved_domain.txt b/src/registrar/templates/emails/update_to_approved_domain.txt
index 99f86ea54..fb0a442cb 100644
--- a/src/registrar/templates/emails/update_to_approved_domain.txt
+++ b/src/registrar/templates/emails/update_to_approved_domain.txt
@@ -1,4 +1,4 @@
-{% autoescape off %}{# In a text file, we don't want to have HTML entities escaped #}
+ {% autoescape off %}{# In a text file, we don't want to have HTML entities escaped #}
 
 Hi,
 An update was made to a domain you manage.
@@ -8,7 +8,7 @@ UPDATED BY: {{user}}
 UPDATED ON: {{date}}
 INFORMATION UPDATED: {{changes}}
 
-You can view this update in the .gov registrar <https://manage.get.gov/>.
+You can view this update in the .gov registrar <{{ manage_url }}>.
 
 Get help with managing your .gov domain <https://get.gov/help/domain-management/>.
 
diff --git a/src/registrar/templates/emails/update_to_approved_domain_subject.txt b/src/registrar/templates/emails/update_to_approved_domain_subject.txt
index cf4c9a14c..d952999a0 100644
--- a/src/registrar/templates/emails/update_to_approved_domain_subject.txt
+++ b/src/registrar/templates/emails/update_to_approved_domain_subject.txt
@@ -1 +1 @@
-An update was made to {{domain}}
\ No newline at end of file
+{{ prefix }}An update was made to {{domain}}
\ No newline at end of file
diff --git a/src/registrar/utility/email.py b/src/registrar/utility/email.py
index 40601cdc7..535096b10 100644
--- a/src/registrar/utility/email.py
+++ b/src/registrar/utility/email.py
@@ -3,6 +3,7 @@
 import boto3
 import logging
 import textwrap
+import re
 from datetime import datetime
 from django.apps import apps
 from django.conf import settings
@@ -48,6 +49,24 @@ def send_templated_email(  # noqa
         No valid recipient addresses are provided
     """
 
+    if context is None:
+        context = {}
+
+    env_base_url = settings.BASE_URL
+    # The regular expresstion is to get both http (localhost) and https (everything else)
+    env_name = re.sub(r"^https?://", "", env_base_url).split(".")[0]
+    # To add to subject lines ie [GETGOV-RH]
+    prefix = f"[{env_name.upper()}] " if not settings.IS_PRODUCTION else ""
+    # For email links
+    manage_url = env_base_url if not settings.IS_PRODUCTION else "https://manage.get.gov"
+
+    # Adding to context
+    context.update(
+        {
+            "prefix": prefix,
+            "manage_url": manage_url,
+        }
+    )
     # by default assume we can send to all addresses (prod has no whitelist)
     sendable_cc_addresses = cc_addresses
 

From 6269cc56e36535c66d60b158b46e4d9f76055d46 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Tue, 11 Feb 2025 18:35:38 -0500
Subject: [PATCH 32/81] added decorators for domain requests, ignored __debug,
 update domain request pks

---
 src/registrar/config/urls.py                  |  14 +-
 src/registrar/decorators.py                   |  43 +++++-
 src/registrar/registrar_middleware.py         |   5 +
 .../templates/domain_request_form.html        |   2 +-
 .../templates/domain_request_sidebar.html     |   2 +-
 .../domain_request_withdraw_confirmation.html |   4 +-
 .../portfolio_request_review_steps.html       |   2 +-
 .../includes/request_review_steps.html        |   2 +-
 .../includes/request_status_manage.html       |   2 +-
 src/registrar/views/domain_request.py         |  92 ++++++-------
 src/registrar/views/domain_requests_json.py   |   6 +-
 src/registrar/views/portfolios.py             |   5 +-
 src/registrar/views/utility/__init__.py       |   4 -
 src/registrar/views/utility/mixins.py         | 123 ------------------
 .../views/utility/permission_views.py         |  95 +-------------
 15 files changed, 112 insertions(+), 289 deletions(-)

diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index cf440256e..665f2cd82 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -68,7 +68,7 @@ for step, view in [
     (PortfolioDomainRequestStep.REQUESTING_ENTITY, views.RequestingEntity),
     (PortfolioDomainRequestStep.ADDITIONAL_DETAILS, views.PortfolioAdditionalDetails),
 ]:
-    domain_request_urls.append(path(f"<int:id>/{step}/", view.as_view(), name=step))
+    domain_request_urls.append(path(f"<int:domain_request_pk>/{step}/", view.as_view(), name=step))
 
 
 urlpatterns = [
@@ -260,27 +260,27 @@ urlpatterns = [
         name="export_data_type_user",
     ),
     path(
-        "domain-request/<int:id>/edit/",
+        "domain-request/<int:domain_request_pk>/edit/",
         views.DomainRequestWizard.as_view(),
         name=views.DomainRequestWizard.EDIT_URL_NAME,
     ),
     path(
-        "domain-request/<int:pk>",
+        "domain-request/<int:domain_request_pk>",
         views.DomainRequestStatus.as_view(),
         name="domain-request-status",
     ),
     path(
-        "domain-request/viewonly/<int:pk>",
+        "domain-request/viewonly/<int:domain_request_pk>",
         views.PortfolioDomainRequestStatusViewOnly.as_view(),
         name="domain-request-status-viewonly",
     ),
     path(
-        "domain-request/<int:pk>/withdraw",
+        "domain-request/<int:domain_request_pk>/withdraw",
         views.DomainRequestWithdrawConfirmation.as_view(),
         name="domain-request-withdraw-confirmation",
     ),
     path(
-        "domain-request/<int:pk>/withdrawconfirmed",
+        "domain-request/<int:domain_request_pk>/withdrawconfirmed",
         views.DomainRequestWithdrawn.as_view(),
         name="domain-request-withdrawn",
     ),
@@ -369,7 +369,7 @@ urlpatterns = [
         name="invitation-cancel",
     ),
     path(
-        "domain-request/<int:pk>/delete",
+        "domain-request/<int:domain_request_pk>/delete",
         views.DomainRequestDeleteView.as_view(http_method_names=["post"]),
         name="domain-request-delete",
     ),
diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 5bb80bf18..cd19bcc95 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -8,10 +8,14 @@ ALL = "all"
 IS_SUPERUSER = "is_superuser"
 IS_STAFF = "is_staff"
 IS_DOMAIN_MANAGER = "is_domain_manager"
+IS_DOMAIN_REQUEST_CREATOR = "is_domain_request_creator"
 IS_STAFF_MANAGING_DOMAIN = "is_staff_managing_domain"
 IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER = "is_portfolio_member_and_domain_manager"
 IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER = "is_domain_manager_and_not_portfolio_member"
 HAS_PORTFOLIO_DOMAINS_VIEW_ALL = "has_portfolio_domains_view_all"
+HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM = "has_portfolio_domain_requests_any_perm"
+HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL = "has_portfolio_domain_requests_view_all"
+HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT = "has_portfolio_domain_requests_edit"
 # HAS_PORTFOLIO_DOMAINS_VIEW_MANAGED = "has_portfolio_domains_view_managed"
 
 
@@ -70,7 +74,7 @@ def _user_has_permission(user, request, rules, **kwargs):
     # Ensure user is authenticated
     if not user.is_authenticated:
         return False
-    
+
     # Ensure user is not restricted
     if user.is_restricted():
         return False
@@ -108,15 +112,52 @@ def _user_has_permission(user, request, rules, **kwargs):
         has_permission = _is_domain_manager(user, domain_id) and not _is_portfolio_member(request)
         conditions_met.append(has_permission)
 
+    if not any(conditions_met) and IS_DOMAIN_REQUEST_CREATOR in rules:
+        domain_request_id = kwargs.get("domain_request_pk")
+        has_permission = _is_domain_request_creator(user, domain_request_id)
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM in rules:
+        has_permission = user.is_org_user(request) and user.has_any_requests_portfolio_permission(
+            request.session.get("portfolio")
+        )
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL in rules:
+        has_permission = user.is_org_user(request) and user.has_view_all_domain_requests_portfolio_permission(
+            request.session.get("portfolio")
+        )
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT in rules:
+        domain_request_id = kwargs.get("domain_request_pk")
+        has_permission = _has_portfolio_domain_requests_edit(user, request, domain_request_id)
+        print(has_permission)
+        conditions_met.append(has_permission)
+
     return any(conditions_met)
 
 
+def _has_portfolio_domain_requests_edit(user, request, domain_request_id):
+    if domain_request_id and not _is_domain_request_creator(user, domain_request_id):
+        return False
+    return user.is_org_user(request) and user.has_edit_request_portfolio_permission(request.session.get("portfolio"))
+    
+
 def _is_domain_manager(user, domain_pk):
     """Checks to see if the user is a domain manager of the
     domain with domain_pk."""
     return UserDomainRole.objects.filter(user=user, domain_id=domain_pk).exists()
 
 
+def _is_domain_request_creator(user, domain_request_pk):
+    """Checks to see if the user is the creator of a domain request
+    with domain_request_pk."""
+    if domain_request_pk:
+        return DomainRequest.objects.filter(creator=user, id=domain_request_pk).exists()
+    return True
+
+
 def _is_portfolio_member(request):
     """Checks to see if the user in the request is a member of the
     portfolio in the request's session."""
diff --git a/src/registrar/registrar_middleware.py b/src/registrar/registrar_middleware.py
index efef79063..8d4518e94 100644
--- a/src/registrar/registrar_middleware.py
+++ b/src/registrar/registrar_middleware.py
@@ -184,6 +184,11 @@ class RestrictAccessMiddleware:
         self.ignored_paths = [re.compile(pattern) for pattern in getattr(settings, "LOGIN_REQUIRED_IGNORE_PATHS", [])]
 
     def __call__(self, request):
+
+        # Allow Django Debug Toolbar requests
+        if request.path.startswith("/__debug__/"):
+            return self.get_response(request)
+
         # Allow requests that match LOGIN_REQUIRED_IGNORE_PATHS
         if any(pattern.match(request.path) for pattern in self.ignored_paths):
             return self.get_response(request)
diff --git a/src/registrar/templates/domain_request_form.html b/src/registrar/templates/domain_request_form.html
index d8b020cc1..2142372e8 100644
--- a/src/registrar/templates/domain_request_form.html
+++ b/src/registrar/templates/domain_request_form.html
@@ -36,7 +36,7 @@
             </ol>
           </nav>
         {% elif steps.prev %}
-        <a href="{% namespaced_url 'domain-request' steps.prev id=domain_request_id  %}" class="breadcrumb__back">
+        <a href="{% namespaced_url 'domain-request' steps.prev domain_request_pk=domain_request_id  %}" class="breadcrumb__back">
           <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
             <use xlink:href="{%static 'img/sprite.svg'%}#arrow_back"></use>
           </svg><span class="margin-left-05">Previous step</span>
diff --git a/src/registrar/templates/domain_request_sidebar.html b/src/registrar/templates/domain_request_sidebar.html
index 1af54bb24..e7a0a307c 100644
--- a/src/registrar/templates/domain_request_sidebar.html
+++ b/src/registrar/templates/domain_request_sidebar.html
@@ -15,7 +15,7 @@
               </svg>
             {% endif %}
           {% endif %}
-        <a href="{% namespaced_url 'domain-request' this_step id=domain_request_id %}" 
+        <a href="{% namespaced_url 'domain-request' this_step domain_request_pk=domain_request_id %}" 
            {% if this_step == steps.current %}
            class="usa-current"
            {% else %}
diff --git a/src/registrar/templates/domain_request_withdraw_confirmation.html b/src/registrar/templates/domain_request_withdraw_confirmation.html
index 525c6784a..cd1bcc3bb 100644
--- a/src/registrar/templates/domain_request_withdraw_confirmation.html
+++ b/src/registrar/templates/domain_request_withdraw_confirmation.html
@@ -17,8 +17,8 @@
 
     <p>If you withdraw your request, we won't review it. Once you withdraw your request, you can edit it and submit it again. </p>
 
-    <p><a href="{% url 'domain-request-withdrawn' DomainRequest.id %}" class="usa-button withdraw">Withdraw request</a>  
-      <a href="{% url 'domain-request-status' DomainRequest.id %}">Cancel</a></p>
+    <p><a href="{% url 'domain-request-withdrawn' domain_request_pk=DomainRequest.id %}" class="usa-button withdraw">Withdraw request</a>  
+      <a href="{% url 'domain-request-status' domain_request_pk=DomainRequest.id %}">Cancel</a></p>
 
     </div>
   </div>
diff --git a/src/registrar/templates/includes/portfolio_request_review_steps.html b/src/registrar/templates/includes/portfolio_request_review_steps.html
index 89c8e652a..53ad36a3f 100644
--- a/src/registrar/templates/includes/portfolio_request_review_steps.html
+++ b/src/registrar/templates/includes/portfolio_request_review_steps.html
@@ -4,7 +4,7 @@
 {% for step in steps %}
 <section class="summary-item margin-top-3">
     {% if is_editable %}
-        {% namespaced_url 'domain-request' step id=domain_request_id as domain_request_url %}
+        {% namespaced_url 'domain-request' step domain_request_pk=domain_request_id as domain_request_url %}
     {% endif %}
 
     {% if step == Step.REQUESTING_ENTITY %}
diff --git a/src/registrar/templates/includes/request_review_steps.html b/src/registrar/templates/includes/request_review_steps.html
index f1b13f890..5e00c2160 100644
--- a/src/registrar/templates/includes/request_review_steps.html
+++ b/src/registrar/templates/includes/request_review_steps.html
@@ -4,7 +4,7 @@
 {% for step in steps %}
 <section class="summary-item margin-top-3">
     {% if is_editable %}
-        {% namespaced_url 'domain-request' step id=domain_request_id as domain_request_url %}
+        {% namespaced_url 'domain-request' step domain_request_pk=domain_request_id as domain_request_url %}
     {% endif %}
 
     {% if step == Step.ORGANIZATION_TYPE %}
diff --git a/src/registrar/templates/includes/request_status_manage.html b/src/registrar/templates/includes/request_status_manage.html
index d96adedf6..f616522a7 100644
--- a/src/registrar/templates/includes/request_status_manage.html
+++ b/src/registrar/templates/includes/request_status_manage.html
@@ -114,7 +114,7 @@
 
             {% block modify_request %}
             {% if DomainRequest.is_withdrawable %}
-                <p><a href="{% url 'domain-request-withdraw-confirmation' pk=DomainRequest.id %}" class="usa-button usa-button--outline withdraw_outline">
+                <p><a href="{% url 'domain-request-withdraw-confirmation' domain_request_pk=DomainRequest.id %}" class="usa-button usa-button--outline withdraw_outline">
                     Withdraw request</a>
                 </p>
             {% endif %}
diff --git a/src/registrar/views/domain_request.py b/src/registrar/views/domain_request.py
index 3248c1368..bcefbbc77 100644
--- a/src/registrar/views/domain_request.py
+++ b/src/registrar/views/domain_request.py
@@ -5,28 +5,27 @@ from django.shortcuts import redirect, render
 from django.urls import resolve, reverse
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
-from django.views.generic import TemplateView
+from django.views.generic import DeleteView, DetailView, TemplateView
 from django.contrib import messages
+from registrar.decorators import (
+    HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT,
+    HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL,
+    IS_DOMAIN_REQUEST_CREATOR,
+    grant_access,
+)
 from registrar.forms import domain_request_wizard as forms
 from registrar.forms.utility.wizard_form_helper import request_step_list
 from registrar.models import DomainRequest
 from registrar.models.contact import Contact
 from registrar.models.user import User
 from registrar.views.utility import StepsHelper
-from registrar.views.utility.permission_views import DomainRequestPermissionDeleteView
 from registrar.utility.enums import Step, PortfolioDomainRequestStep
 
-from .utility import (
-    DomainRequestPermissionView,
-    DomainRequestPermissionWithdrawView,
-    DomainRequestWizardPermissionView,
-    DomainRequestPortfolioViewonlyView,
-)
-
 logger = logging.getLogger(__name__)
 
 
-class DomainRequestWizard(DomainRequestWizardPermissionView, TemplateView):
+@grant_access(IS_DOMAIN_REQUEST_CREATOR, HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT)
+class DomainRequestWizard(TemplateView):
     """
     A common set of methods and configuration.
 
@@ -51,7 +50,7 @@ class DomainRequestWizard(DomainRequestWizardPermissionView, TemplateView):
     # NB: this is included here for reference. Do not change it without
     # also changing the many places it is hardcoded in the HTML templates
     URL_NAMESPACE = "domain-request"
-    # name for accessing /domain-request/<id>/edit
+    # name for accessing /domain-request/<domain_request_pk>/edit
     EDIT_URL_NAME = "edit-domain-request"
     NEW_URL_NAME = "start"
     FINISHED_URL_NAME = "finished"
@@ -174,7 +173,7 @@ class DomainRequestWizard(DomainRequestWizardPermissionView, TemplateView):
 
     def has_pk(self):
         """Does this wizard know about a DomainRequest database record?"""
-        return bool(self.kwargs.get("id") is not None)
+        return bool(self.kwargs.get("domain_request_pk") is not None)
 
     def get_step_enum(self):
         """Determines which step enum we should use for the wizard"""
@@ -209,11 +208,11 @@ class DomainRequestWizard(DomainRequestWizardPermissionView, TemplateView):
             try:
                 self._domain_request = DomainRequest.objects.get(
                     creator=creator,
-                    pk=self.kwargs.get("id"),
+                    pk=self.kwargs.get("domain_request_pk"),
                 )
                 return self._domain_request
             except DomainRequest.DoesNotExist:
-                logger.debug("DomainRequest id %s did not have a DomainRequest" % id)
+                logger.debug("DomainRequest id %s did not have a DomainRequest" % self.kwargs.get("domain_request_pk"))
 
         # If a user is creating a request, we assume that perms are handled upstream
         if self.request.user.is_org_user(self.request):
@@ -292,10 +291,10 @@ class DomainRequestWizard(DomainRequestWizardPermissionView, TemplateView):
 
         current_url = resolve(request.path_info).url_name
 
-        # if user visited via an "edit" url, associate the id of the
+        # if user visited via an "edit" url, associate the pk of the
         # domain request they are trying to edit to this wizard instance
         # and remove any prior wizard data from their session
-        if current_url == self.EDIT_URL_NAME and "id" in kwargs:
+        if current_url == self.EDIT_URL_NAME and "domain_request_pk" in kwargs:
             del self.storage
 
         # if accessing this class directly, redirect to either to an acknowledgement
@@ -474,7 +473,7 @@ class DomainRequestWizard(DomainRequestWizardPermissionView, TemplateView):
 
     def goto(self, step):
         self.steps.current = step
-        return redirect(reverse(f"{self.URL_NAMESPACE}:{step}", kwargs={"id": self.domain_request.id}))
+        return redirect(reverse(f"{self.URL_NAMESPACE}:{step}", kwargs={"domain_request_pk": self.domain_request.id}))
 
     def goto_next_step(self):
         """Redirects to the next step."""
@@ -823,23 +822,12 @@ class Finished(DomainRequestWizard):
         return render(self.request, self.template_name, context)
 
 
-class DomainRequestStatus(DomainRequestPermissionView):
+@grant_access(IS_DOMAIN_REQUEST_CREATOR, HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT)
+class DomainRequestStatus(DetailView):
     template_name = "domain_request_status.html"
-
-    def has_permission(self):
-        """
-        Override of the base has_permission class to account for portfolio permissions
-        """
-        has_base_perms = super().has_permission()
-        if not has_base_perms:
-            return False
-
-        if self.request.user.is_org_user(self.request):
-            portfolio = self.request.session.get("portfolio")
-            if not self.request.user.has_edit_request_portfolio_permission(portfolio):
-                return False
-
-        return True
+    model = DomainRequest
+    pk_url_kwarg = "domain_request_pk"
+    context_object_name = "DomainRequest"
 
     def get_context_data(self, **kwargs):
         """Context override to add a step list to the context"""
@@ -854,19 +842,27 @@ class DomainRequestStatus(DomainRequestPermissionView):
         return context
 
 
-class DomainRequestWithdrawConfirmation(DomainRequestPermissionWithdrawView):
+@grant_access(IS_DOMAIN_REQUEST_CREATOR)
+class DomainRequestWithdrawConfirmation(DetailView):
     """This page will ask user to confirm if they want to withdraw
 
-    The DomainRequestPermissionView restricts access so that only the
+    Access is restricted so that only the
     `creator` of the domain request may withdraw it.
     """
 
-    template_name = "domain_request_withdraw_confirmation.html"
+    template_name = "domain_request_withdraw_confirmation.html"    # DetailView property for what model this is viewing
+    model = DomainRequest
+    pk_url_kwarg = "domain_request_pk"
+    context_object_name = "DomainRequest"
 
 
-class DomainRequestWithdrawn(DomainRequestPermissionWithdrawView):
+@grant_access(IS_DOMAIN_REQUEST_CREATOR)
+class DomainRequestWithdrawn(DetailView):
     # this view renders no template
     template_name = ""
+    model = DomainRequest
+    pk_url_kwarg = "domain_request_pk"
+    context_object_name = "DomainRequest"
 
     def get(self, *args, **kwargs):
         """View class that does the actual withdrawing.
@@ -874,7 +870,7 @@ class DomainRequestWithdrawn(DomainRequestPermissionWithdrawView):
         If user click on withdraw confirm button, this view updates the status
         to withdraw and send back to homepage.
         """
-        domain_request = DomainRequest.objects.get(id=self.kwargs["pk"])
+        domain_request = DomainRequest.objects.get(id=self.kwargs["domain_request_pk"])
         domain_request.withdraw()
         domain_request.save()
         if self.request.user.is_org_user(self.request):
@@ -883,28 +879,22 @@ class DomainRequestWithdrawn(DomainRequestPermissionWithdrawView):
             return HttpResponseRedirect(reverse("home"))
 
 
-class DomainRequestDeleteView(DomainRequestPermissionDeleteView):
+@grant_access(IS_DOMAIN_REQUEST_CREATOR, HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT)
+class DomainRequestDeleteView(DeleteView):
     """Delete view for home that allows the end user to delete DomainRequests"""
 
     object: DomainRequest  # workaround for type mismatch in DeleteView
+    model = DomainRequest
+    pk_url_kwarg = "domain_request_pk"
 
     def has_permission(self):
         """Custom override for has_permission to exclude all statuses, except WITHDRAWN and STARTED"""
-        has_perm = super().has_permission()
-        if not has_perm:
-            return False
 
         status = self.get_object().status
         valid_statuses = [DomainRequest.DomainRequestStatus.WITHDRAWN, DomainRequest.DomainRequestStatus.STARTED]
         if status not in valid_statuses:
             return False
 
-        # Portfolio users cannot delete their requests if they aren't permissioned to do so
-        if self.request.user.is_org_user(self.request):
-            portfolio = self.request.session.get("portfolio")
-            if not self.request.user.has_edit_request_portfolio_permission(portfolio):
-                return False
-
         return True
 
     def get_success_url(self):
@@ -989,8 +979,12 @@ class DomainRequestDeleteView(DomainRequestPermissionDeleteView):
 
 
 # region Portfolio views
-class PortfolioDomainRequestStatusViewOnly(DomainRequestPortfolioViewonlyView):
+@grant_access(HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL)
+class PortfolioDomainRequestStatusViewOnly(DetailView):
     template_name = "portfolio_domain_request_status_viewonly.html"
+    model = DomainRequest
+    pk_url_kwarg = "domain_request_pk"
+    context_object_name = "DomainRequest"
 
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
diff --git a/src/registrar/views/domain_requests_json.py b/src/registrar/views/domain_requests_json.py
index b6a9d1072..4e475321c 100644
--- a/src/registrar/views/domain_requests_json.py
+++ b/src/registrar/views/domain_requests_json.py
@@ -155,9 +155,9 @@ def serialize_domain_request(request, domain_request, user):
 
     # Map the action label to corresponding URLs and icons
     action_url_map = {
-        "Edit": reverse("edit-domain-request", kwargs={"id": domain_request.id}),
-        "Manage": reverse("domain-request-status", kwargs={"pk": domain_request.id}),
-        "View": reverse("domain-request-status-viewonly", kwargs={"pk": domain_request.id}),
+        "Edit": reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.id}),
+        "Manage": reverse("domain-request-status", kwargs={"domain_request_pk": domain_request.id}),
+        "View": reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": domain_request.id}),
     }
 
     svg_icon_map = {"Edit": "edit", "Manage": "settings", "View": "visibility"}
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index 0f93ec8e1..9f864324f 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -6,6 +6,7 @@ from django.shortcuts import get_object_or_404, redirect, render
 from django.urls import reverse
 from django.utils.safestring import mark_safe
 from django.contrib import messages
+from registrar.decorators import HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM, grant_access
 from registrar.forms import portfolio as portfolioForms
 from registrar.models import Portfolio, User
 from registrar.models.domain import Domain
@@ -25,7 +26,6 @@ from registrar.utility.errors import MissingEmailError
 from registrar.utility.enums import DefaultUserValues
 from registrar.views.utility.mixins import PortfolioMemberPermission
 from registrar.views.utility.permission_views import (
-    PortfolioDomainRequestsPermissionView,
     PortfolioDomainsPermissionView,
     PortfolioBasePermissionView,
     NoPortfolioDomainsPermissionView,
@@ -58,7 +58,8 @@ class PortfolioDomainsView(PortfolioDomainsPermissionView, View):
         return render(request, "portfolio_domains.html", context)
 
 
-class PortfolioDomainRequestsView(PortfolioDomainRequestsPermissionView, View):
+@grant_access(HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM)
+class PortfolioDomainRequestsView(View):
 
     template_name = "portfolio_requests.html"
 
diff --git a/src/registrar/views/utility/__init__.py b/src/registrar/views/utility/__init__.py
index 6798eb4ee..4a33c9944 100644
--- a/src/registrar/views/utility/__init__.py
+++ b/src/registrar/views/utility/__init__.py
@@ -3,11 +3,7 @@ from .always_404 import always_404
 
 from .permission_views import (
     DomainPermissionView,
-    DomainRequestPermissionView,
-    DomainRequestPermissionWithdrawView,
-    DomainRequestWizardPermissionView,
     PortfolioMembersPermission,
-    DomainRequestPortfolioViewonlyView,
     DomainInvitationPermissionCancelView,
 )
 from .api_views import get_senior_official_from_federal_agency_json
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 23bcff162..682d9ffcb 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -286,51 +286,6 @@ class DomainPermission(PermissionsLoginMixin):
         return True
 
 
-class DomainRequestPermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to domain request if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to this domain request.
-
-        The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["pk"]
-        """
-        if not self.request.user.is_authenticated:
-            return False
-
-        # user needs to be the creator of the domain request
-        # this query is empty if there isn't a domain request with this
-        # id and this user as creator
-        if not DomainRequest.objects.filter(creator=self.request.user, id=self.kwargs["pk"]).exists():
-            return False
-
-        return True
-
-
-class DomainRequestPortfolioViewonlyPermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to domain request if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to this domain request.
-
-        The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["pk"]
-        """
-        if not self.request.user.is_authenticated:
-            return False
-
-        if not self.request.user.is_org_user(self.request):
-            return False
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_view_all_requests_portfolio_permission(portfolio):
-            return False
-
-        return True
-
-
 class UserDeleteDomainRolePermission(PermissionsLoginMixin):
     """Permission mixin for UserDomainRole if user
     has access, otherwise 403"""
@@ -365,67 +320,6 @@ class UserDeleteDomainRolePermission(PermissionsLoginMixin):
         return True
 
 
-class DomainRequestPermissionWithdraw(PermissionsLoginMixin):
-    """Permission mixin that redirects to withdraw action on domain request
-    if user has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to withdraw this domain request."""
-        if not self.request.user.is_authenticated:
-            return False
-
-        # user needs to be the creator of the domain request
-        # this query is empty if there isn't a domain request with this
-        # id and this user as creator
-        if not DomainRequest.objects.filter(creator=self.request.user, id=self.kwargs["pk"]).exists():
-            return False
-
-        # Restricted users should not be able to withdraw domain requests
-        if self.request.user.is_restricted():
-            return False
-
-        return True
-
-
-class DomainRequestWizardPermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to start or edit domain request if
-    user has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has permission to start or edit a domain request.
-
-        The user is in self.request.user
-        """
-
-        if not self.request.user.is_authenticated:
-            return False
-
-        # The user has an ineligible flag
-        if self.request.user.is_restricted():
-            return False
-
-        # If the user is an org user and doesn't have add/edit perms, forbid this
-        if self.request.user.is_org_user(self.request):
-            portfolio = self.request.session.get("portfolio")
-            if not self.request.user.has_edit_request_portfolio_permission(portfolio):
-                return False
-
-        # user needs to be the creator of the domain request to edit it.
-        id = self.kwargs.get("id") if hasattr(self, "kwargs") else None
-        if not id:
-            domain_request_wizard = self.request.session.get("wizard_domain_request")
-            if domain_request_wizard:
-                id = domain_request_wizard.get("domain_request_id")
-
-        # If no id is provided, we can assume that the user is starting a new request.
-        # If one IS provided, check that they are the original creator of it.
-        if id:
-            if not DomainRequest.objects.filter(creator=self.request.user, id=id).exists():
-                return False
-
-        return True
-
-
 class DomainInvitationPermission(PermissionsLoginMixin):
     """Permission mixin that redirects to domain invitation if user has
     access, otherwise 403"
@@ -496,23 +390,6 @@ class PortfolioDomainsPermission(PortfolioBasePermission):
         return super().has_permission()
 
 
-class PortfolioDomainRequestsPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio domain request pages if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to domain requests for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_any_requests_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
-
-
 class PortfolioMembersPermission(PortfolioBasePermission):
     """Permission mixin that allows access to portfolio members pages if user
     has access, otherwise 403"""
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index b430845f4..41d620d42 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -2,18 +2,14 @@
 
 import abc  # abstract base class
 
-from django.views.generic import DetailView, DeleteView, TemplateView, UpdateView
-from registrar.models import Domain, DomainRequest, DomainInvitation, Portfolio
+from django.views.generic import DetailView, DeleteView, UpdateView
+from registrar.models import Domain, DomainInvitation, Portfolio
 from registrar.models.user import User
 from registrar.models.user_domain_role import UserDomainRole
 
 from .mixins import (
     DomainPermission,
-    DomainRequestPermission,
-    DomainRequestPermissionWithdraw,
     DomainInvitationPermission,
-    DomainRequestWizardPermission,
-    PortfolioDomainRequestsPermission,
     PortfolioDomainsPermission,
     PortfolioMemberDomainsPermission,
     PortfolioMemberDomainsEditPermission,
@@ -23,7 +19,6 @@ from .mixins import (
     PortfolioBasePermission,
     PortfolioMembersPermission,
     PortfolioMemberPermission,
-    DomainRequestPortfolioViewonlyPermission,
 )
 import logging
 
@@ -86,77 +81,6 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
         raise NotImplementedError
 
 
-class DomainRequestPermissionView(DomainRequestPermission, DetailView, abc.ABC):
-    """Abstract base view for domain requests that enforces permissions
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = DomainRequest
-    # variable name in template context for the model object
-    context_object_name = "DomainRequest"
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError
-
-
-class DomainRequestPortfolioViewonlyView(DomainRequestPortfolioViewonlyPermission, DetailView, abc.ABC):
-    """Abstract base view for domain requests that enforces permissions
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = DomainRequest
-    # variable name in template context for the model object
-    context_object_name = "DomainRequest"
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError
-
-
-class DomainRequestPermissionWithdrawView(DomainRequestPermissionWithdraw, DetailView, abc.ABC):
-    """Abstract base view for domain request withdraw function
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = DomainRequest
-    # variable name in template context for the model object
-    context_object_name = "DomainRequest"
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError
-
-
-class DomainRequestWizardPermissionView(DomainRequestWizardPermission, TemplateView, abc.ABC):
-    """Abstract base view for the domain request form that enforces permissions
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError
-
-
 class DomainInvitationPermissionCancelView(DomainInvitationPermission, UpdateView, abc.ABC):
     """Abstract view for cancelling a DomainInvitation."""
 
@@ -164,13 +88,6 @@ class DomainInvitationPermissionCancelView(DomainInvitationPermission, UpdateVie
     object: DomainInvitation
 
 
-class DomainRequestPermissionDeleteView(DomainRequestPermission, DeleteView, abc.ABC):
-    """Abstract view for deleting a DomainRequest."""
-
-    model = DomainRequest
-    object: DomainRequest
-
-
 class UserDomainRolePermissionDeleteView(UserDeleteDomainRolePermission, DeleteView, abc.ABC):
     """Abstract base view for deleting a UserDomainRole.
 
@@ -242,14 +159,6 @@ class NoPortfolioDomainsPermissionView(PortfolioBasePermissionView, abc.ABC):
     """
 
 
-class PortfolioDomainRequestsPermissionView(PortfolioDomainRequestsPermission, PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for portfolio domain request views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
 class PortfolioMembersPermissionView(PortfolioMembersPermission, PortfolioBasePermissionView, abc.ABC):
     """Abstract base view for portfolio members views that enforces permissions.
 

From 40737cbcf7beb4e0d1af167e0e2898c0410eb7cb Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Tue, 11 Feb 2025 23:47:55 -0500
Subject: [PATCH 33/81] wip

---
 src/registrar/decorators.py                   | 14 ++++++++++-
 .../includes/domain_sidenav_item.html         |  2 +-
 src/registrar/views/domain.py                 |  7 ++++--
 src/registrar/views/domain_request.py         |  2 +-
 src/registrar/views/domain_requests_json.py   | 20 +++++++--------
 src/registrar/views/portfolios.py             | 18 ++++++++-----
 src/registrar/views/utility/mixins.py         | 17 -------------
 .../views/utility/permission_views.py         | 25 ++++++-------------
 8 files changed, 49 insertions(+), 56 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index cd19bcc95..fe71342cc 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -10,8 +10,10 @@ IS_STAFF = "is_staff"
 IS_DOMAIN_MANAGER = "is_domain_manager"
 IS_DOMAIN_REQUEST_CREATOR = "is_domain_request_creator"
 IS_STAFF_MANAGING_DOMAIN = "is_staff_managing_domain"
+IS_PORTFOLIO_MEMBER = "is_portfolio_member"
 IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER = "is_portfolio_member_and_domain_manager"
 IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER = "is_domain_manager_and_not_portfolio_member"
+HAS_PORTFOLIO_DOMAINS_ANY_PERM = "has_portfolio_domains_any_perm"
 HAS_PORTFOLIO_DOMAINS_VIEW_ALL = "has_portfolio_domains_view_all"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM = "has_portfolio_domain_requests_any_perm"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL = "has_portfolio_domain_requests_view_all"
@@ -97,11 +99,21 @@ def _user_has_permission(user, request, rules, **kwargs):
         has_permission = _can_access_other_user_domains(request, domain_id)
         conditions_met.append(has_permission)
 
+    if not any(conditions_met) and IS_PORTFOLIO_MEMBER in rules:
+        has_permission = user.is_org_user(request)
+        conditions_met.append(has_permission)
+
     if not any(conditions_met) and HAS_PORTFOLIO_DOMAINS_VIEW_ALL in rules:
         domain_id = kwargs.get("domain_pk")
         has_permission = _can_access_domain_via_portfolio_view_all_domains(request, domain_id)
         conditions_met.append(has_permission)
 
+    if not any(conditions_met) and HAS_PORTFOLIO_DOMAINS_ANY_PERM in rules:
+        has_permission = user.is_org_user(request) and user.has_any_domains_portfolio_permission(
+            request.session.get("portfolio")
+        )
+        conditions_met.append(has_permission)
+
     if not any(conditions_met) and IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER in rules:
         domain_id = kwargs.get("domain_pk")
         has_permission = _is_domain_manager(user, domain_id) and _is_portfolio_member(request)
@@ -142,7 +154,7 @@ def _has_portfolio_domain_requests_edit(user, request, domain_request_id):
     if domain_request_id and not _is_domain_request_creator(user, domain_request_id):
         return False
     return user.is_org_user(request) and user.has_edit_request_portfolio_permission(request.session.get("portfolio"))
-    
+
 
 def _is_domain_manager(user, domain_pk):
     """Checks to see if the user is a domain manager of the
diff --git a/src/registrar/templates/includes/domain_sidenav_item.html b/src/registrar/templates/includes/domain_sidenav_item.html
index 206e49c05..715f76865 100644
--- a/src/registrar/templates/includes/domain_sidenav_item.html
+++ b/src/registrar/templates/includes/domain_sidenav_item.html
@@ -1,6 +1,6 @@
 <li class="usa-sidenav__item">
     {% if url_name %}
-      {% url url_name pk=domain.id as url %}
+      {% url url_name domain_pk=domain.id as url %}
     {% endif %}
     <a href="{{ url }}"
       {% if request.path == url %}class="usa-current"{% endif %}
diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py
index d56bbb7f8..31f715d18 100644
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@@ -13,6 +13,7 @@ from django.contrib.messages.views import SuccessMessageMixin
 from django.http import HttpResponseRedirect
 from django.shortcuts import redirect, render, get_object_or_404
 from django.urls import reverse
+from django.views.generic import DeleteView
 from django.views.generic.edit import FormMixin
 from django.conf import settings
 from registrar.decorators import (
@@ -1332,10 +1333,12 @@ class DomainInvitationCancelView(SuccessMessageMixin, DomainInvitationPermission
 
 
 @grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
-class DomainDeleteUserView(UserDomainRolePermissionDeleteView):
+class DomainDeleteUserView(DeleteView):
     """Inside of a domain's user management, a form for deleting users."""
 
-    object: UserDomainRole  # workaround for type mismatch in DeleteView
+    object: UserDomainRole
+    model = UserDomainRole
+    context_object_name = "userdomainrole"
 
     def get_object(self, queryset=None):
         """Custom get_object definition to grab a UserDomainRole object from a domain_id and user_id"""
diff --git a/src/registrar/views/domain_request.py b/src/registrar/views/domain_request.py
index bcefbbc77..23596f2ad 100644
--- a/src/registrar/views/domain_request.py
+++ b/src/registrar/views/domain_request.py
@@ -850,7 +850,7 @@ class DomainRequestWithdrawConfirmation(DetailView):
     `creator` of the domain request may withdraw it.
     """
 
-    template_name = "domain_request_withdraw_confirmation.html"    # DetailView property for what model this is viewing
+    template_name = "domain_request_withdraw_confirmation.html"  # DetailView property for what model this is viewing
     model = DomainRequest
     pk_url_kwarg = "domain_request_pk"
     context_object_name = "DomainRequest"
diff --git a/src/registrar/views/domain_requests_json.py b/src/registrar/views/domain_requests_json.py
index 4e475321c..fb0702a58 100644
--- a/src/registrar/views/domain_requests_json.py
+++ b/src/registrar/views/domain_requests_json.py
@@ -15,20 +15,20 @@ def get_domain_requests_json(request):
     If we are on the portfolio requests page, limit the response to only those requests associated with
     the given portfolio."""
 
-    domain_request_ids = get_domain_request_ids_from_request(request)
+    domain_request_ids = _get_domain_request_ids_from_request(request)
 
     objects = DomainRequest.objects.filter(id__in=domain_request_ids)
     unfiltered_total = objects.count()
 
-    objects = apply_search(objects, request)
-    objects = apply_status_filter(objects, request)
-    objects = apply_sorting(objects, request)
+    objects = _apply_search(objects, request)
+    objects = _apply_status_filter(objects, request)
+    objects = _apply_sorting(objects, request)
 
     paginator = Paginator(objects, 10)
     page_number = request.GET.get("page", 1)
     page_obj = paginator.get_page(page_number)
     domain_requests = [
-        serialize_domain_request(request, domain_request, request.user) for domain_request in page_obj.object_list
+        _serialize_domain_request(request, domain_request, request.user) for domain_request in page_obj.object_list
     ]
 
     return JsonResponse(
@@ -44,7 +44,7 @@ def get_domain_requests_json(request):
     )
 
 
-def get_domain_request_ids_from_request(request):
+def _get_domain_request_ids_from_request(request):
     """Get domain request ids from request.
 
     If portfolio specified, return domain request ids associated with portfolio.
@@ -63,7 +63,7 @@ def get_domain_request_ids_from_request(request):
     return domain_requests.values_list("id", flat=True)
 
 
-def apply_search(queryset, request):
+def _apply_search(queryset, request):
     search_term = request.GET.get("search_term")
     is_portfolio = request.GET.get("portfolio")
 
@@ -91,7 +91,7 @@ def apply_search(queryset, request):
     return queryset
 
 
-def apply_status_filter(queryset, request):
+def _apply_status_filter(queryset, request):
     status_param = request.GET.get("status")
     if status_param:
         status_list = status_param.split(",")
@@ -106,7 +106,7 @@ def apply_status_filter(queryset, request):
     return queryset
 
 
-def apply_sorting(queryset, request):
+def _apply_sorting(queryset, request):
     sort_by = request.GET.get("sort_by", "id")  # Default to 'id'
     order = request.GET.get("order", "asc")  # Default to 'asc'
 
@@ -119,7 +119,7 @@ def apply_sorting(queryset, request):
     return queryset.order_by(sort_by)
 
 
-def serialize_domain_request(request, domain_request, user):
+def _serialize_domain_request(request, domain_request, user):
 
     deletable_statuses = [
         DomainRequest.DomainRequestStatus.STARTED,
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index 9f864324f..dc1357585 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -6,7 +6,12 @@ from django.shortcuts import get_object_or_404, redirect, render
 from django.urls import reverse
 from django.utils.safestring import mark_safe
 from django.contrib import messages
-from registrar.decorators import HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM, grant_access
+from registrar.decorators import (
+    HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM,
+    HAS_PORTFOLIO_DOMAINS_ANY_PERM,
+    IS_PORTFOLIO_MEMBER,
+    grant_access,
+)
 from registrar.forms import portfolio as portfolioForms
 from registrar.models import Portfolio, User
 from registrar.models.domain import Domain
@@ -26,9 +31,7 @@ from registrar.utility.errors import MissingEmailError
 from registrar.utility.enums import DefaultUserValues
 from registrar.views.utility.mixins import PortfolioMemberPermission
 from registrar.views.utility.permission_views import (
-    PortfolioDomainsPermissionView,
     PortfolioBasePermissionView,
-    NoPortfolioDomainsPermissionView,
     PortfolioMemberDomainsPermissionView,
     PortfolioMemberDomainsEditPermissionView,
     PortfolioMemberEditPermissionView,
@@ -45,7 +48,8 @@ from registrar.views.utility.invitation_helper import get_org_membership
 logger = logging.getLogger(__name__)
 
 
-class PortfolioDomainsView(PortfolioDomainsPermissionView, View):
+@grant_access(HAS_PORTFOLIO_DOMAINS_ANY_PERM)
+class PortfolioDomainsView(View):
 
     template_name = "portfolio_domains.html"
 
@@ -685,7 +689,8 @@ class PortfolioInvitedMemberDomainsEditView(PortfolioMemberDomainsEditPermission
         ).update(status=DomainInvitation.DomainInvitationStatus.CANCELED)
 
 
-class PortfolioNoDomainsView(NoPortfolioDomainsPermissionView, View):
+@grant_access(IS_PORTFOLIO_MEMBER)
+class PortfolioNoDomainsView(View):
     """Some users have access to the underlying portfolio, but not any domains.
     This is a custom view which explains that to the user - and denotes who to contact.
     """
@@ -714,7 +719,8 @@ class PortfolioNoDomainsView(NoPortfolioDomainsPermissionView, View):
         return context
 
 
-class PortfolioNoDomainRequestsView(NoPortfolioDomainsPermissionView, View):
+@grant_access(IS_PORTFOLIO_MEMBER)
+class PortfolioNoDomainRequestsView(View):
     """Some users have access to the underlying portfolio, but not any domain requests.
     This is a custom view which explains that to the user - and denotes who to contact.
     """
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 682d9ffcb..ad0794edd 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -373,23 +373,6 @@ class PortfolioBasePermission(PermissionsLoginMixin):
         return self.request.user.is_org_user(self.request)
 
 
-class PortfolioDomainsPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio domain pages if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to domains for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_any_domains_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
-
-
 class PortfolioMembersPermission(PortfolioBasePermission):
     """Permission mixin that allows access to portfolio members pages if user
     has access, otherwise 403"""
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index 41d620d42..b2b56666f 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -10,7 +10,6 @@ from registrar.models.user_domain_role import UserDomainRole
 from .mixins import (
     DomainPermission,
     DomainInvitationPermission,
-    PortfolioDomainsPermission,
     PortfolioMemberDomainsPermission,
     PortfolioMemberDomainsEditPermission,
     PortfolioMemberEditPermission,
@@ -74,6 +73,13 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
 
         return False
 
+    def can_access_domain_via_portfolio(self, pk):
+        """Most views should not allow permission to portfolio users.
+        If particular views allow access to the domain pages, they will need to override
+        this function.
+        """
+        return False
+
     # Abstract property enforces NotImplementedError on an attribute.
     @property
     @abc.abstractmethod
@@ -142,23 +148,6 @@ class PortfolioBasePermissionView(PortfolioBasePermission, DetailView, abc.ABC):
         raise NotImplementedError
 
 
-class PortfolioDomainsPermissionView(PortfolioDomainsPermission, PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for portfolio domains views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
-class NoPortfolioDomainsPermissionView(PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for a user without access to the
-    portfolio domains views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
 class PortfolioMembersPermissionView(PortfolioMembersPermission, PortfolioBasePermissionView, abc.ABC):
     """Abstract base view for portfolio members views that enforces permissions.
 

From e4021b76c1a0d0786d3d89a7b4d8874d01c12252 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 08:16:16 -0500
Subject: [PATCH 34/81] additional cleanup of permission views and mixins,
 handling of domain invitations and user domain roles in decorators

---
 src/registrar/config/urls.py                  |   2 +-
 src/registrar/decorators.py                   |  72 +++++---
 src/registrar/templates/domain_users.html     |   2 +-
 src/registrar/views/domain.py                 | 154 ++++++++++++++++--
 src/registrar/views/utility/__init__.py       |   2 -
 src/registrar/views/utility/mixins.py         | 153 -----------------
 .../views/utility/permission_views.py         |  94 +----------
 7 files changed, 196 insertions(+), 283 deletions(-)

diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index 665f2cd82..12efe5a9f 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -364,7 +364,7 @@ urlpatterns = [
         name="user-profile",
     ),
     path(
-        "invitation/<int:pk>/cancel",
+        "invitation/<int:domain_invitation_pk>/cancel",
         views.DomainInvitationCancelView.as_view(http_method_names=["post"]),
         name="invitation-cancel",
     ),
diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index fe71342cc..237985f02 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -1,7 +1,7 @@
 import functools
 from django.core.exceptions import PermissionDenied
 from django.utils.decorators import method_decorator
-from registrar.models import Domain, DomainInformation, DomainRequest, UserDomainRole
+from registrar.models import Domain, DomainInformation, DomainInvitation, DomainRequest, UserDomainRole
 
 # Constants for clarity
 ALL = "all"
@@ -18,7 +18,6 @@ HAS_PORTFOLIO_DOMAINS_VIEW_ALL = "has_portfolio_domains_view_all"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM = "has_portfolio_domain_requests_any_perm"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL = "has_portfolio_domain_requests_view_all"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT = "has_portfolio_domain_requests_edit"
-# HAS_PORTFOLIO_DOMAINS_VIEW_MANAGED = "has_portfolio_domains_view_managed"
 
 
 def grant_access(*rules):
@@ -90,13 +89,11 @@ def _user_has_permission(user, request, rules, **kwargs):
         conditions_met.append(user.is_superuser)
 
     if not any(conditions_met) and IS_DOMAIN_MANAGER in rules:
-        domain_id = kwargs.get("domain_pk")
-        has_permission = _is_domain_manager(user, domain_id)
+        has_permission = _is_domain_manager(user, **kwargs)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and IS_STAFF_MANAGING_DOMAIN in rules:
-        domain_id = kwargs.get("domain_pk")
-        has_permission = _can_access_other_user_domains(request, domain_id)
+        has_permission = _is_staff_managing_domain(request, **kwargs)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and IS_PORTFOLIO_MEMBER in rules:
@@ -115,13 +112,11 @@ def _user_has_permission(user, request, rules, **kwargs):
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER in rules:
-        domain_id = kwargs.get("domain_pk")
-        has_permission = _is_domain_manager(user, domain_id) and _is_portfolio_member(request)
+        has_permission = _is_domain_manager(user, **kwargs) and _is_portfolio_member(request)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER in rules:
-        domain_id = kwargs.get("domain_pk")
-        has_permission = _is_domain_manager(user, domain_id) and not _is_portfolio_member(request)
+        has_permission = _is_domain_manager(user, **kwargs) and not _is_portfolio_member(request)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and IS_DOMAIN_REQUEST_CREATOR in rules:
@@ -156,10 +151,24 @@ def _has_portfolio_domain_requests_edit(user, request, domain_request_id):
     return user.is_org_user(request) and user.has_edit_request_portfolio_permission(request.session.get("portfolio"))
 
 
-def _is_domain_manager(user, domain_pk):
-    """Checks to see if the user is a domain manager of the
-    domain with domain_pk."""
-    return UserDomainRole.objects.filter(user=user, domain_id=domain_pk).exists()
+def _is_domain_manager(user, **kwargs):
+    """
+    Determines if the given user is a domain manager for a specified domain.
+
+    - First, it checks if 'domain_pk' is present in the URL parameters.
+    - If 'domain_pk' exists, it verifies if the user has a domain role for that domain.
+    - If 'domain_pk' is absent, it checks for 'domain_invitation_pk' to determine if the user has domain permissions through an invitation.
+
+    Returns:
+        bool: True if the user is a domain manager, False otherwise.
+    """
+    domain_id = kwargs.get("domain_pk")
+    if domain_id:
+        return UserDomainRole.objects.filter(user=user, domain_id=domain_id).exists()
+    domain_invitation_id = kwargs.get("domain_invitation_pk")
+    if domain_invitation_id:
+        return DomainInvitation.objects.filter(id=domain_invitation_id, domain__permissions__user=user).exists()
+    return False
 
 
 def _is_domain_request_creator(user, domain_request_pk):
@@ -176,10 +185,35 @@ def _is_portfolio_member(request):
     return request.user.is_org_user(request)
 
 
-def _can_access_other_user_domains(request, domain_pk):
-    """Checks to see if an authorized user (staff or superuser)
-    can access a domain that they did not create or were invited to.
+def _is_staff_managing_domain(request, **kwargs):
     """
+    Determines whether a staff user (analyst or superuser) has permission to manage a domain
+    that they did not create or were not invited to.
+
+    The function enforces:
+    1. **User Authorization** - The user must have `analyst_access_permission` or `full_access_permission`.
+    2. **Valid Session Context** - The user must have explicitly selected the domain for management
+       via an 'analyst action' (e.g., by clicking 'Manage Domain' in the admin interface).
+    3. **Domain Status Check** - Only domains in specific statuses (e.g., APPROVED, IN_REVIEW, etc.)
+       can be managed, except in cases where the domain lacks a status due to errors.
+
+    Process:
+    - First, the function retrieves the `domain_pk` from the URL parameters.
+    - If `domain_pk` is not provided, it attempts to resolve the domain via `domain_invitation_pk`.
+    - It checks if the user has the required permissions.
+    - It verifies that the user has an active 'analyst action' session for the domain.
+    - Finally, it ensures that the domain is in a status that allows management.
+
+    Returns:
+        bool: True if the user is allowed to manage the domain, False otherwise.
+    """
+
+    domain_id = kwargs.get("domain_pk")
+    if not domain_id:
+        domain_invitation_id = kwargs.get("domain_invitation_pk")
+        domain_invitation = DomainInvitation.objects.filter(id=domain_invitation_id).first()
+        if domain_invitation:
+            domain_id = domain_invitation.domain_id
 
     # Check if the request user is permissioned...
     user_is_analyst_or_superuser = request.user.has_perm(
@@ -197,7 +231,7 @@ def _can_access_other_user_domains(request, domain_pk):
     can_do_action = (
         "analyst_action" in session
         and "analyst_action_location" in session
-        and session["analyst_action_location"] == domain_pk
+        and session["analyst_action_location"] == domain_id
     )
 
     if not can_do_action:
@@ -215,7 +249,7 @@ def _can_access_other_user_domains(request, domain_pk):
         None,
     ]
 
-    requested_domain = DomainInformation.objects.filter(domain_id=domain_pk).first()
+    requested_domain = DomainInformation.objects.filter(domain_id=domain_id).first()
 
     # if no domain information or domain request exist, the user
     # should be able to manage the domain; however, if domain information
diff --git a/src/registrar/templates/domain_users.html b/src/registrar/templates/domain_users.html
index 984b4160b..4c5dbc728 100644
--- a/src/registrar/templates/domain_users.html
+++ b/src/registrar/templates/domain_users.html
@@ -154,7 +154,7 @@
           {% if not portfolio %}<td data-label="Status">{{ invitation.domain_invitation.status|title }}</td>{% endif %}
           <td>
             {% if invitation.domain_invitation.status == invitation.domain_invitation.DomainInvitationStatus.INVITED %}
-            <form method="POST" action="{% url "invitation-cancel" pk=invitation.domain_invitation.id %}">
+            <form method="POST" action="{% url "invitation-cancel" domain_invitation_pk=invitation.domain_invitation.id %}">
               {% csrf_token %}<input type="submit" class="usa-button--unstyled text-no-underline cursor-pointer" value="Cancel">
             </form>
             {% endif %}
diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py
index 31f715d18..7a76284a4 100644
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@@ -1,10 +1,3 @@
-"""Views for a single Domain.
-
-Authorization is handled by the `DomainPermissionView`. To ensure that only
-authorized users can see information on a domain, every view here should
-inherit from `DomainPermissionView` (or DomainInvitationPermissionCancelView).
-"""
-
 from datetime import date
 import logging
 import requests
@@ -13,7 +6,7 @@ from django.contrib.messages.views import SuccessMessageMixin
 from django.http import HttpResponseRedirect
 from django.shortcuts import redirect, render, get_object_or_404
 from django.urls import reverse
-from django.views.generic import DeleteView
+from django.views.generic import DeleteView, DetailView, UpdateView
 from django.views.generic.edit import FormMixin
 from django.conf import settings
 from registrar.decorators import (
@@ -49,7 +42,6 @@ from registrar.utility.errors import (
     SecurityEmailErrorCodes,
 )
 from registrar.models.utility.contact_error import ContactError
-from registrar.views.utility.permission_views import UserDomainRolePermissionDeleteView
 from registrar.utility.waffle import flag_is_active_for_user
 from registrar.views.utility.invitation_helper import (
     get_org_membership,
@@ -76,19 +68,22 @@ from epplibwrapper import (
 
 from ..utility.email import send_templated_email, EmailSendingError
 from ..utility.email_invitations import send_domain_invitation_email, send_portfolio_invitation_email
-from .utility import DomainPermissionView, DomainInvitationPermissionCancelView
 from django import forms
 
 logger = logging.getLogger(__name__)
 
 
-class DomainBaseView(DomainPermissionView):
+class DomainBaseView(DetailView):
     """
     Base View for the Domain. Handles getting and setting the domain
     in session cache on GETs. Also provides methods for getting
     and setting the domain in cache
     """
 
+    model = Domain
+    pk_url_kwarg = "domain_pk"
+    context_object_name = "domain"
+
     def get(self, request, *args, **kwargs):
         self._get_domain(request)
         context = self.get_context_data(object=self.object)
@@ -120,6 +115,134 @@ class DomainBaseView(DomainPermissionView):
         domain_pk = "domain:" + str(self.kwargs.get("domain_pk"))
         self.session[domain_pk] = self.object
 
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        user = self.request.user
+        context["is_analyst_or_superuser"] = user.has_perm("registrar.analyst_access_permission") or user.has_perm(
+            "registrar.full_access_permission"
+        )
+        context["is_domain_manager"] = UserDomainRole.objects.filter(user=user, domain=self.object).exists()
+        context["is_portfolio_user"] = self.can_access_domain_via_portfolio(self.object.pk)
+        context["is_editable"] = self.is_editable()
+        # Stored in a variable for the linter
+        action = "analyst_action"
+        action_location = "analyst_action_location"
+        # Flag to see if an analyst is attempting to make edits
+        if action in self.request.session:
+            context[action] = self.request.session[action]
+        if action_location in self.request.session:
+            context[action_location] = self.request.session[action_location]
+
+        return context
+
+    def is_editable(self):
+        """Returns whether domain is editable in the context of the view"""
+        domain_editable = self.object.is_editable()
+        if not domain_editable:
+            return False
+
+        # if user is domain manager or analyst or admin, return True
+        if (
+            self.can_access_other_user_domains(self.object.id)
+            or UserDomainRole.objects.filter(user=self.request.user, domain=self.object).exists()
+        ):
+            return True
+
+        return False
+
+    def can_access_domain_via_portfolio(self, pk):
+        """Most views should not allow permission to portfolio users.
+        If particular views allow access to the domain pages, they will need to override
+        this function.
+        """
+        return False
+
+    def has_permission(self):
+        """Check if this user has access to this domain.
+
+        The user is in self.request.user and the domain needs to be looked
+        up from the domain's primary key in self.kwargs["domain_pk"]
+        """
+        pk = self.kwargs["domain_pk"]
+
+        # test if domain in editable state
+        if not self.in_editable_state(pk):
+            return False
+
+        # if we need to check more about the nature of role, do it here.
+        return True
+
+    def in_editable_state(self, pk):
+        """Is the domain in an editable state"""
+
+        requested_domain = None
+        if Domain.objects.filter(id=pk).exists():
+            requested_domain = Domain.objects.get(id=pk)
+
+        # if domain is editable return true
+        if requested_domain and requested_domain.is_editable():
+            return True
+        return False
+
+    def can_access_other_user_domains(self, pk):
+        """Checks to see if an authorized user (staff or superuser)
+        can access a domain that they did not create or was invited to.
+        """
+
+        # Check if the user is permissioned...
+        user_is_analyst_or_superuser = self.request.user.has_perm(
+            "registrar.analyst_access_permission"
+        ) or self.request.user.has_perm("registrar.full_access_permission")
+
+        if not user_is_analyst_or_superuser:
+            return False
+
+        # Check if the user is attempting a valid edit action.
+        # In other words, if the analyst/admin did not click
+        # the 'Manage Domain' button in /admin,
+        # then they cannot access this page.
+        session = self.request.session
+        can_do_action = (
+            "analyst_action" in session
+            and "analyst_action_location" in session
+            and session["analyst_action_location"] == pk
+        )
+
+        if not can_do_action:
+            return False
+
+        # Analysts may manage domains, when they are in these statuses:
+        valid_domain_statuses = [
+            DomainRequest.DomainRequestStatus.APPROVED,
+            DomainRequest.DomainRequestStatus.IN_REVIEW,
+            DomainRequest.DomainRequestStatus.REJECTED,
+            DomainRequest.DomainRequestStatus.ACTION_NEEDED,
+            # Edge case - some domains do not have
+            # a status or DomainInformation... aka a status of 'None'.
+            # It is necessary to access those to correct errors.
+            None,
+        ]
+
+        requested_domain = None
+        if DomainInformation.objects.filter(id=pk).exists():
+            requested_domain = DomainInformation.objects.get(id=pk)
+
+        # if no domain information or domain request exist, the user
+        # should be able to manage the domain; however, if domain information
+        # and domain request exist, and domain request is not in valid status,
+        # user should not be able to manage domain
+        if (
+            requested_domain
+            and requested_domain.domain_request
+            and requested_domain.domain_request.status not in valid_domain_statuses
+        ):
+            return False
+
+        # Valid session keys exist,
+        # the user is permissioned,
+        # and it is in a valid status
+        return True
+
 
 class DomainFormBaseView(DomainBaseView, FormMixin):
     """
@@ -433,7 +556,7 @@ class DomainOrgNameAddressView(DomainFormBaseView):
             return super().has_permission()
 
 
-@grant_access(IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER)
+@grant_access(IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
 class DomainSubOrganizationView(DomainFormBaseView):
     """Suborganization view"""
 
@@ -480,7 +603,7 @@ class DomainSubOrganizationView(DomainFormBaseView):
         return super().form_valid(form)
 
 
-@grant_access(IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER)
+@grant_access(IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER, IS_STAFF_MANAGING_DOMAIN)
 class DomainSeniorOfficialView(DomainFormBaseView):
     """Domain senior official editing view."""
 
@@ -1307,8 +1430,9 @@ class DomainAddUserView(DomainFormBaseView):
 
 
 @grant_access(IS_DOMAIN_MANAGER, IS_STAFF_MANAGING_DOMAIN)
-class DomainInvitationCancelView(SuccessMessageMixin, DomainInvitationPermissionCancelView):
-    object: DomainInvitation
+class DomainInvitationCancelView(SuccessMessageMixin, UpdateView):
+    model = DomainInvitation
+    pk_url_kwarg = "domain_invitation_pk"
     fields = []
 
     def post(self, request, *args, **kwargs):
diff --git a/src/registrar/views/utility/__init__.py b/src/registrar/views/utility/__init__.py
index 4a33c9944..f80774ef3 100644
--- a/src/registrar/views/utility/__init__.py
+++ b/src/registrar/views/utility/__init__.py
@@ -2,8 +2,6 @@ from .steps_helper import StepsHelper
 from .always_404 import always_404
 
 from .permission_views import (
-    DomainPermissionView,
     PortfolioMembersPermission,
-    DomainInvitationPermissionCancelView,
 )
 from .api_views import get_senior_official_from_federal_agency_json
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index ad0794edd..23895cb5c 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -1,14 +1,6 @@
 """Permissions-related mixin classes."""
 
 from django.contrib.auth.mixins import PermissionRequiredMixin
-
-from registrar.models import (
-    Domain,
-    DomainRequest,
-    DomainInvitation,
-    DomainInformation,
-    UserDomainRole,
-)
 import logging
 
 
@@ -195,151 +187,6 @@ class PortfolioReportsPermission(PermissionsLoginMixin):
         return self.request.user.is_org_user(self.request)
 
 
-class DomainPermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to domain if user has access,
-    otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to this domain.
-
-        The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["domain_pk"]
-        """
-        pk = self.kwargs["domain_pk"]
-
-        # test if domain in editable state
-        if not self.in_editable_state(pk):
-            return False
-
-        # if we need to check more about the nature of role, do it here.
-        return True
-
-    def in_editable_state(self, pk):
-        """Is the domain in an editable state"""
-
-        requested_domain = None
-        if Domain.objects.filter(id=pk).exists():
-            requested_domain = Domain.objects.get(id=pk)
-
-        # if domain is editable return true
-        if requested_domain and requested_domain.is_editable():
-            return True
-        return False
-
-    def can_access_other_user_domains(self, pk):
-        """Checks to see if an authorized user (staff or superuser)
-        can access a domain that they did not create or was invited to.
-        """
-
-        # Check if the user is permissioned...
-        user_is_analyst_or_superuser = self.request.user.has_perm(
-            "registrar.analyst_access_permission"
-        ) or self.request.user.has_perm("registrar.full_access_permission")
-
-        if not user_is_analyst_or_superuser:
-            return False
-
-        # Check if the user is attempting a valid edit action.
-        # In other words, if the analyst/admin did not click
-        # the 'Manage Domain' button in /admin,
-        # then they cannot access this page.
-        session = self.request.session
-        can_do_action = (
-            "analyst_action" in session
-            and "analyst_action_location" in session
-            and session["analyst_action_location"] == pk
-        )
-
-        if not can_do_action:
-            return False
-
-        # Analysts may manage domains, when they are in these statuses:
-        valid_domain_statuses = [
-            DomainRequest.DomainRequestStatus.APPROVED,
-            DomainRequest.DomainRequestStatus.IN_REVIEW,
-            DomainRequest.DomainRequestStatus.REJECTED,
-            DomainRequest.DomainRequestStatus.ACTION_NEEDED,
-            # Edge case - some domains do not have
-            # a status or DomainInformation... aka a status of 'None'.
-            # It is necessary to access those to correct errors.
-            None,
-        ]
-
-        requested_domain = None
-        if DomainInformation.objects.filter(id=pk).exists():
-            requested_domain = DomainInformation.objects.get(id=pk)
-
-        # if no domain information or domain request exist, the user
-        # should be able to manage the domain; however, if domain information
-        # and domain request exist, and domain request is not in valid status,
-        # user should not be able to manage domain
-        if (
-            requested_domain
-            and requested_domain.domain_request
-            and requested_domain.domain_request.status not in valid_domain_statuses
-        ):
-            return False
-
-        # Valid session keys exist,
-        # the user is permissioned,
-        # and it is in a valid status
-        return True
-
-
-class UserDeleteDomainRolePermission(PermissionsLoginMixin):
-    """Permission mixin for UserDomainRole if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to this domain request.
-
-        The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["pk"]
-        """
-        domain_pk = self.kwargs["pk"]
-        user_pk = self.kwargs["user_pk"]
-
-        if not self.request.user.is_authenticated:
-            return False
-
-        # Check if the UserDomainRole object exists, then check
-        # if the user requesting the delete has permissions to do so
-        has_delete_permission = UserDomainRole.objects.filter(
-            user=user_pk,
-            domain=domain_pk,
-            domain__permissions__user=self.request.user,
-        ).exists()
-
-        user_is_analyst_or_superuser = self.request.user.has_perm(
-            "registrar.analyst_access_permission"
-        ) or self.request.user.has_perm("registrar.full_access_permission")
-
-        if not (has_delete_permission or user_is_analyst_or_superuser):
-            return False
-
-        return True
-
-
-class DomainInvitationPermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to domain invitation if user has
-    access, otherwise 403"
-
-    A user has access to a domain invitation if they have a role on the
-    associated domain.
-    """
-
-    def has_permission(self):
-        """Check if this user has a role on the domain of this invitation."""
-        if not self.request.user.is_authenticated:
-            return False
-
-        if not DomainInvitation.objects.filter(
-            id=self.kwargs["pk"], domain__permissions__user=self.request.user
-        ).exists():
-            return False
-        return True
-
-
 class UserProfilePermission(PermissionsLoginMixin):
     """Permission mixin that redirects to user profile if user
     has access, otherwise 403"""
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index b2b56666f..02a2b029b 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -2,18 +2,14 @@
 
 import abc  # abstract base class
 
-from django.views.generic import DetailView, DeleteView, UpdateView
-from registrar.models import Domain, DomainInvitation, Portfolio
+from django.views.generic import DetailView
+from registrar.models import Portfolio
 from registrar.models.user import User
-from registrar.models.user_domain_role import UserDomainRole
 
 from .mixins import (
-    DomainPermission,
-    DomainInvitationPermission,
     PortfolioMemberDomainsPermission,
     PortfolioMemberDomainsEditPermission,
     PortfolioMemberEditPermission,
-    UserDeleteDomainRolePermission,
     UserProfilePermission,
     PortfolioBasePermission,
     PortfolioMembersPermission,
@@ -24,92 +20,6 @@ import logging
 logger = logging.getLogger(__name__)
 
 
-class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
-    """Abstract base view for domains that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = Domain
-    pk_url_kwarg = "domain_pk"
-    # variable name in template context for the model object
-    context_object_name = "domain"
-
-    # Adds context information for user permissions
-    def get_context_data(self, **kwargs):
-        context = super().get_context_data(**kwargs)
-        user = self.request.user
-        context["is_analyst_or_superuser"] = user.has_perm("registrar.analyst_access_permission") or user.has_perm(
-            "registrar.full_access_permission"
-        )
-        context["is_domain_manager"] = UserDomainRole.objects.filter(user=user, domain=self.object).exists()
-        context["is_portfolio_user"] = self.can_access_domain_via_portfolio(self.object.pk)
-        context["is_editable"] = self.is_editable()
-        # Stored in a variable for the linter
-        action = "analyst_action"
-        action_location = "analyst_action_location"
-        # Flag to see if an analyst is attempting to make edits
-        if action in self.request.session:
-            context[action] = self.request.session[action]
-        if action_location in self.request.session:
-            context[action_location] = self.request.session[action_location]
-
-        return context
-
-    def is_editable(self):
-        """Returns whether domain is editable in the context of the view"""
-        domain_editable = self.object.is_editable()
-        if not domain_editable:
-            return False
-
-        # if user is domain manager or analyst or admin, return True
-        if (
-            self.can_access_other_user_domains(self.object.id)
-            or UserDomainRole.objects.filter(user=self.request.user, domain=self.object).exists()
-        ):
-            return True
-
-        return False
-
-    def can_access_domain_via_portfolio(self, pk):
-        """Most views should not allow permission to portfolio users.
-        If particular views allow access to the domain pages, they will need to override
-        this function.
-        """
-        return False
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError
-
-
-class DomainInvitationPermissionCancelView(DomainInvitationPermission, UpdateView, abc.ABC):
-    """Abstract view for cancelling a DomainInvitation."""
-
-    model = DomainInvitation
-    object: DomainInvitation
-
-
-class UserDomainRolePermissionDeleteView(UserDeleteDomainRolePermission, DeleteView, abc.ABC):
-    """Abstract base view for deleting a UserDomainRole.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = UserDomainRole
-    # workaround for type mismatch in DeleteView
-    object: UserDomainRole
-
-    # variable name in template context for the model object
-    context_object_name = "userdomainrole"
-
-
 class UserProfilePermissionView(UserProfilePermission, DetailView, abc.ABC):
     """Abstract base view for user profile view that enforces permissions.
 

From 908e71e3ae1d6de82cb42ce6e2282c9d44937178 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 09:53:55 -0500
Subject: [PATCH 35/81] portfolio member permissions

---
 src/registrar/decorators.py                   |  18 +++
 src/registrar/views/member_domains_json.py    |  27 ++---
 src/registrar/views/portfolio_members_json.py |   7 +-
 src/registrar/views/portfolios.py             |  89 +++++++++------
 src/registrar/views/utility/__init__.py       |   3 -
 src/registrar/views/utility/mixins.py         | 107 ------------------
 .../views/utility/permission_views.py         |  67 -----------
 7 files changed, 90 insertions(+), 228 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 237985f02..98a37c62c 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -18,6 +18,8 @@ HAS_PORTFOLIO_DOMAINS_VIEW_ALL = "has_portfolio_domains_view_all"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM = "has_portfolio_domain_requests_any_perm"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL = "has_portfolio_domain_requests_view_all"
 HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT = "has_portfolio_domain_requests_edit"
+HAS_PORTFOLIO_MEMBERS_ANY_PERM = "has_portfolio_members_any_perm"
+HAS_PORTFOLIO_MEMBERS_EDIT = "has_portfolio_members_edit"
 
 
 def grant_access(*rules):
@@ -142,6 +144,22 @@ def _user_has_permission(user, request, rules, **kwargs):
         print(has_permission)
         conditions_met.append(has_permission)
 
+    if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_ANY_PERM in rules:
+        portfolio = request.session.get("portfolio")
+        has_permission = user.is_org_user(request) and (
+            user.has_view_members_portfolio_permission(portfolio) or
+            user.has_edit_members_portfolio_permission(portfolio)
+        )
+        conditions_met.append(has_permission)
+
+    if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_EDIT in rules:
+        portfolio = request.session.get("portfolio")
+        has_permission = (
+            user.is_org_user(request) and
+            user.has_edit_members_portfolio_permission(portfolio)
+        )
+        conditions_met.append(has_permission)
+
     return any(conditions_met)
 
 
diff --git a/src/registrar/views/member_domains_json.py b/src/registrar/views/member_domains_json.py
index 3d24336bb..40b7bea74 100644
--- a/src/registrar/views/member_domains_json.py
+++ b/src/registrar/views/member_domains_json.py
@@ -4,37 +4,38 @@ from django.http import JsonResponse
 from django.core.paginator import Paginator
 from django.shortcuts import get_object_or_404
 from django.views import View
+from registrar.decorators import HAS_PORTFOLIO_MEMBERS_ANY_PERM, grant_access
 from registrar.models import UserDomainRole, Domain, DomainInformation, User
 from django.urls import reverse
 from django.db.models import Q
 
 from registrar.models.domain_invitation import DomainInvitation
-from registrar.views.utility.mixins import PortfolioMemberDomainsPermission
 
 logger = logging.getLogger(__name__)
 
 
-class PortfolioMemberDomainsJson(PortfolioMemberDomainsPermission, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioMemberDomainsJson(View):
 
     def get(self, request):
         """Given the current request,
         get all domains that are associated with the portfolio, or
         associated with the member/invited member"""
 
-        domain_ids = self.get_domain_ids_from_request(request)
+        domain_ids = self._get_domain_ids_from_request(request)
 
         objects = Domain.objects.filter(id__in=domain_ids).select_related("domain_info__sub_organization")
         unfiltered_total = objects.count()
 
-        objects = self.apply_search(objects, request)
-        objects = self.apply_sorting(objects, request)
+        objects = self._apply_search(objects, request)
+        objects = self._apply_sorting(objects, request)
 
-        paginator = Paginator(objects, self.get_page_size(request))
+        paginator = Paginator(objects, self._get_page_size(request))
         page_number = request.GET.get("page")
         page_obj = paginator.get_page(page_number)
 
         member_id = request.GET.get("member_id")
-        domains = [self.serialize_domain(domain, member_id, request.user) for domain in page_obj.object_list]
+        domains = [self._serialize_domain(domain, member_id, request.user) for domain in page_obj.object_list]
 
         return JsonResponse(
             {
@@ -48,7 +49,7 @@ class PortfolioMemberDomainsJson(PortfolioMemberDomainsPermission, View):
             }
         )
 
-    def get_page_size(self, request):
+    def _get_page_size(self, request):
         """Gets the page size.
 
         If member_only, need to return the entire result set every time, so need
@@ -65,7 +66,7 @@ class PortfolioMemberDomainsJson(PortfolioMemberDomainsPermission, View):
             # later
             return 1000
 
-    def get_domain_ids_from_request(self, request):
+    def _get_domain_ids_from_request(self, request):
         """Get domain ids from request.
 
         request.get.email - email address of invited member
@@ -100,13 +101,13 @@ class PortfolioMemberDomainsJson(PortfolioMemberDomainsPermission, View):
         logger.warning("Invalid search criteria, returning empty results list")
         return []
 
-    def apply_search(self, queryset, request):
+    def _apply_search(self, queryset, request):
         search_term = request.GET.get("search_term")
         if search_term:
             queryset = queryset.filter(Q(name__icontains=search_term))
         return queryset
 
-    def apply_sorting(self, queryset, request):
+    def _apply_sorting(self, queryset, request):
         # Get the sorting parameters from the request
         sort_by = request.GET.get("sort_by", "name")
         order = request.GET.get("order", "asc")
@@ -141,7 +142,7 @@ class PortfolioMemberDomainsJson(PortfolioMemberDomainsPermission, View):
 
         return queryset
 
-    def serialize_domain(self, domain, member_id, user):
+    def _serialize_domain(self, domain, member_id, user):
         suborganization_name = None
         try:
             domain_info = domain.domain_info
@@ -176,7 +177,7 @@ class PortfolioMemberDomainsJson(PortfolioMemberDomainsPermission, View):
             "state": domain.state,
             "state_display": domain.state_display(),
             "get_state_help_text": domain.get_state_help_text(),
-            "action_url": reverse("domain", kwargs={"pk": domain.id}),
+            "action_url": reverse("domain", kwargs={"domain_pk": domain.id}),
             "action_label": ("View" if view_only else "Manage"),
             "svg_icon": ("visibility" if view_only else "settings"),
             "domain_info__sub_organization": suborganization_name,
diff --git a/src/registrar/views/portfolio_members_json.py b/src/registrar/views/portfolio_members_json.py
index 29dc6a71c..ecdd24441 100644
--- a/src/registrar/views/portfolio_members_json.py
+++ b/src/registrar/views/portfolio_members_json.py
@@ -6,16 +6,17 @@ from django.contrib.postgres.aggregates import ArrayAgg
 from django.urls import reverse
 from django.views import View
 
+from registrar.decorators import HAS_PORTFOLIO_MEMBERS_ANY_PERM, grant_access
 from registrar.models.domain_invitation import DomainInvitation
 from registrar.models.portfolio_invitation import PortfolioInvitation
 from registrar.models.user_portfolio_permission import UserPortfolioPermission
 from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
-from registrar.views.utility.mixins import PortfolioMembersPermission
 from registrar.models.utility.orm_helper import ArrayRemoveNull
 from django.contrib.postgres.aggregates import StringAgg
 
 
-class PortfolioMembersJson(PortfolioMembersPermission, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioMembersJson(View):
 
     def get(self, request):
         """Fetch members (permissions and invitations) for the given portfolio."""
@@ -236,7 +237,7 @@ class PortfolioMembersJson(PortfolioMembersPermission, View):
             ),
             # split domain_info array values into ids to form urls, and names
             "domain_urls": [
-                reverse("domain", kwargs={"pk": domain_info.split(":")[0]}) for domain_info in domain_info_list
+                reverse("domain", kwargs={"domain_pk": domain_info.split(":")[0]}) for domain_info in domain_info_list
             ],
             "domain_names": [domain_info.split(":")[1] for domain_info in domain_info_list],
             "is_admin": is_admin,
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index dc1357585..f0c4841f1 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -5,20 +5,26 @@ from django.http import Http404, JsonResponse
 from django.shortcuts import get_object_or_404, redirect, render
 from django.urls import reverse
 from django.utils.safestring import mark_safe
+from django.views.generic import DetailView
 from django.contrib import messages
 from registrar.decorators import (
     HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM,
     HAS_PORTFOLIO_DOMAINS_ANY_PERM,
+    HAS_PORTFOLIO_MEMBERS_ANY_PERM,
+    HAS_PORTFOLIO_MEMBERS_EDIT,
     IS_PORTFOLIO_MEMBER,
     grant_access,
 )
 from registrar.forms import portfolio as portfolioForms
-from registrar.models import Portfolio, User
-from registrar.models.domain import Domain
-from registrar.models.domain_invitation import DomainInvitation
-from registrar.models.portfolio_invitation import PortfolioInvitation
-from registrar.models.user_domain_role import UserDomainRole
-from registrar.models.user_portfolio_permission import UserPortfolioPermission
+from registrar.models import (
+    Domain,
+    DomainInvitation,
+    Portfolio,
+    PortfolioInvitation,
+    User,
+    UserDomainRole,
+    UserPortfolioPermission
+)
 from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
 from registrar.utility.email import EmailSendingError
 from registrar.utility.email_invitations import (
@@ -29,15 +35,6 @@ from registrar.utility.email_invitations import (
 )
 from registrar.utility.errors import MissingEmailError
 from registrar.utility.enums import DefaultUserValues
-from registrar.views.utility.mixins import PortfolioMemberPermission
-from registrar.views.utility.permission_views import (
-    PortfolioBasePermissionView,
-    PortfolioMemberDomainsPermissionView,
-    PortfolioMemberDomainsEditPermissionView,
-    PortfolioMemberEditPermissionView,
-    PortfolioMemberPermissionView,
-    PortfolioMembersPermissionView,
-)
 from django.views.generic import View
 from django.views.generic.edit import FormMixin
 from django.db import IntegrityError
@@ -71,8 +68,10 @@ class PortfolioDomainRequestsView(View):
         return render(request, "portfolio_requests.html")
 
 
-class PortfolioMemberView(PortfolioMemberPermissionView, View):
-
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioMemberView(DetailView, View):
+    model = Portfolio
+    context_object_name = "portfolio"
     template_name = "portfolio_member.html"
 
     def get(self, request, pk):
@@ -113,7 +112,8 @@ class PortfolioMemberView(PortfolioMemberPermissionView, View):
         )
 
 
-class PortfolioMemberDeleteView(PortfolioMemberPermission, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioMemberDeleteView(View):
 
     def post(self, request, pk):
         """
@@ -190,8 +190,10 @@ class PortfolioMemberDeleteView(PortfolioMemberPermission, View):
             messages.warning(self.request, "Could not send email notification to existing organization admins.")
 
 
-class PortfolioMemberEditView(PortfolioMemberEditPermissionView, View):
-
+@grant_access(HAS_PORTFOLIO_MEMBERS_EDIT)
+class PortfolioMemberEditView(DetailView, View):
+    model = Portfolio
+    context_object_name = "portfolio"
     template_name = "portfolio_member_permissions.html"
     form_class = portfolioForms.PortfolioMemberForm
 
@@ -265,7 +267,8 @@ class PortfolioMemberEditView(PortfolioMemberEditPermissionView, View):
             messages.warning(self.request, "Could not send email notification to existing organization admins.")
 
 
-class PortfolioMemberDomainsView(PortfolioMemberDomainsPermissionView, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioMemberDomainsView(View):
 
     template_name = "portfolio_member_domains.html"
 
@@ -283,8 +286,10 @@ class PortfolioMemberDomainsView(PortfolioMemberDomainsPermissionView, View):
         )
 
 
-class PortfolioMemberDomainsEditView(PortfolioMemberDomainsEditPermissionView, View):
-
+@grant_access(HAS_PORTFOLIO_MEMBERS_EDIT)
+class PortfolioMemberDomainsEditView(DetailView, View):
+    model = Portfolio
+    context_object_name = "portfolio"
     template_name = "portfolio_member_domains_edit.html"
 
     def get(self, request, pk):
@@ -393,8 +398,10 @@ class PortfolioMemberDomainsEditView(PortfolioMemberDomainsEditPermissionView, V
             UserDomainRole.objects.filter(domain_id__in=removed_domain_ids, user=member).delete()
 
 
-class PortfolioInvitedMemberView(PortfolioMemberPermissionView, View):
-
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioInvitedMemberView(DetailView, View):
+    model = Portfolio
+    context_object_name = "portfolio"
     template_name = "portfolio_member.html"
     # form_class = PortfolioInvitedMemberForm
 
@@ -435,7 +442,8 @@ class PortfolioInvitedMemberView(PortfolioMemberPermissionView, View):
         )
 
 
-class PortfolioInvitedMemberDeleteView(PortfolioMemberPermission, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioInvitedMemberDeleteView(View):
 
     def post(self, request, pk):
         """
@@ -478,8 +486,10 @@ class PortfolioInvitedMemberDeleteView(PortfolioMemberPermission, View):
             messages.warning(self.request, "Could not send email notification to existing organization admins.")
 
 
-class PortfolioInvitedMemberEditView(PortfolioMemberEditPermissionView, View):
-
+@grant_access(HAS_PORTFOLIO_MEMBERS_EDIT)
+class PortfolioInvitedMemberEditView(DetailView, View):
+    model = Portfolio
+    context_object_name = "portfolio"
     template_name = "portfolio_member_permissions.html"
     form_class = portfolioForms.PortfolioInvitedMemberForm
 
@@ -547,7 +557,8 @@ class PortfolioInvitedMemberEditView(PortfolioMemberEditPermissionView, View):
             messages.warning(self.request, "Could not send email notification to existing organization admins.")
 
 
-class PortfolioInvitedMemberDomainsView(PortfolioMemberDomainsPermissionView, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioInvitedMemberDomainsView(View):
 
     template_name = "portfolio_member_domains.html"
 
@@ -562,9 +573,11 @@ class PortfolioInvitedMemberDomainsView(PortfolioMemberDomainsPermissionView, Vi
             },
         )
 
+@grant_access(HAS_PORTFOLIO_MEMBERS_EDIT)
+class PortfolioInvitedMemberDomainsEditView(DetailView, View):
 
-class PortfolioInvitedMemberDomainsEditView(PortfolioMemberDomainsEditPermissionView, View):
-
+    model = Portfolio
+    context_object_name = "portfolio"
     template_name = "portfolio_member_domains_edit.html"
 
     def get(self, request, pk):
@@ -749,7 +762,8 @@ class PortfolioNoDomainRequestsView(View):
         return context
 
 
-class PortfolioOrganizationView(PortfolioBasePermissionView, FormMixin):
+@grant_access(IS_PORTFOLIO_MEMBER)
+class PortfolioOrganizationView(DetailView, FormMixin):
     """
     View to handle displaying and updating the portfolio's organization details.
     """
@@ -811,7 +825,8 @@ class PortfolioOrganizationView(PortfolioBasePermissionView, FormMixin):
         return reverse("organization")
 
 
-class PortfolioSeniorOfficialView(PortfolioBasePermissionView, FormMixin):
+@grant_access(IS_PORTFOLIO_MEMBER)
+class PortfolioSeniorOfficialView(DetailView, FormMixin):
     """
     View to handle displaying and updating the portfolio's senior official details.
     For now, this view is readonly.
@@ -842,7 +857,8 @@ class PortfolioSeniorOfficialView(PortfolioBasePermissionView, FormMixin):
         return self.render_to_response(self.get_context_data(form=form))
 
 
-class PortfolioMembersView(PortfolioMembersPermissionView, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioMembersView(View):
 
     template_name = "portfolio_members.html"
 
@@ -851,10 +867,13 @@ class PortfolioMembersView(PortfolioMembersPermissionView, View):
         return render(request, "portfolio_members.html")
 
 
-class PortfolioAddMemberView(PortfolioMembersPermissionView, FormMixin):
+@grant_access(HAS_PORTFOLIO_MEMBERS_ANY_PERM)
+class PortfolioAddMemberView(DetailView, FormMixin):
 
     template_name = "portfolio_members_add_new.html"
     form_class = portfolioForms.PortfolioNewMemberForm
+    model = Portfolio
+    context_object_name = "portfolio"
 
     def get(self, request, *args, **kwargs):
         """Handle GET requests to display the form."""
diff --git a/src/registrar/views/utility/__init__.py b/src/registrar/views/utility/__init__.py
index f80774ef3..12fcc325d 100644
--- a/src/registrar/views/utility/__init__.py
+++ b/src/registrar/views/utility/__init__.py
@@ -1,7 +1,4 @@
 from .steps_helper import StepsHelper
 from .always_404 import always_404
 
-from .permission_views import (
-    PortfolioMembersPermission,
-)
 from .api_views import get_senior_official_from_federal_agency_json
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 23895cb5c..1762d4900 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -202,110 +202,3 @@ class UserProfilePermission(PermissionsLoginMixin):
             return False
 
         return True
-
-
-class PortfolioBasePermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to portfolio pages if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]
-        """
-        if not self.request.user.is_authenticated:
-            return False
-
-        return self.request.user.is_org_user(self.request)
-
-
-class PortfolioMembersPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio members pages if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to members for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_view_members_portfolio_permission(
-            portfolio
-        ) and not self.request.user.has_edit_members_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
-
-
-class PortfolioMemberPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio member or invited member pages if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to members or invited members for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_view_members_portfolio_permission(
-            portfolio
-        ) and not self.request.user.has_edit_members_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
-
-
-class PortfolioMemberEditPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio member or invited member pages if user
-    has access to edit, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to members or invited members for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_edit_members_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
-
-
-class PortfolioMemberDomainsPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio member or invited member domains pages if user
-    has access to edit, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to member or invited member domains for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_view_members_portfolio_permission(
-            portfolio
-        ) and not self.request.user.has_edit_members_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
-
-
-class PortfolioMemberDomainsEditPermission(PortfolioBasePermission):
-    """Permission mixin that allows access to portfolio member or invited member domains edit pages if user
-    has access to edit, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access to member or invited member domains for this portfolio.
-
-        The user is in self.request.user and the portfolio can be looked
-        up from the portfolio's primary key in self.kwargs["pk"]"""
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_edit_members_portfolio_permission(portfolio):
-            return False
-
-        return super().has_permission()
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index 02a2b029b..1961e1cdd 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -7,13 +7,7 @@ from registrar.models import Portfolio
 from registrar.models.user import User
 
 from .mixins import (
-    PortfolioMemberDomainsPermission,
-    PortfolioMemberDomainsEditPermission,
-    PortfolioMemberEditPermission,
     UserProfilePermission,
-    PortfolioBasePermission,
-    PortfolioMembersPermission,
-    PortfolioMemberPermission,
 )
 import logging
 
@@ -37,64 +31,3 @@ class UserProfilePermissionView(UserProfilePermission, DetailView, abc.ABC):
     @abc.abstractmethod
     def template_name(self):
         raise NotImplementedError
-
-
-class PortfolioBasePermissionView(PortfolioBasePermission, DetailView, abc.ABC):
-    """Abstract base view for portfolio views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = Portfolio
-    # variable name in template context for the model object
-    context_object_name = "portfolio"
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError
-
-
-class PortfolioMembersPermissionView(PortfolioMembersPermission, PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for portfolio members views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
-class PortfolioMemberPermissionView(PortfolioMemberPermission, PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for portfolio member views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
-class PortfolioMemberEditPermissionView(PortfolioMemberEditPermission, PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for portfolio member edit views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
-class PortfolioMemberDomainsPermissionView(PortfolioMemberDomainsPermission, PortfolioBasePermissionView, abc.ABC):
-    """Abstract base view for portfolio member domains views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-
-class PortfolioMemberDomainsEditPermissionView(
-    PortfolioMemberDomainsEditPermission, PortfolioBasePermissionView, abc.ABC
-):
-    """Abstract base view for portfolio member domains edit views that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """

From 4daac2bec03e452176c984f7ef4015609faf0a37 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 10:07:51 -0500
Subject: [PATCH 36/81] user profile permissions

---
 src/registrar/views/user_profile.py           |  7 ++--
 src/registrar/views/utility/mixins.py         | 17 ----------
 .../views/utility/permission_views.py         | 33 -------------------
 3 files changed, 5 insertions(+), 52 deletions(-)
 delete mode 100644 src/registrar/views/utility/permission_views.py

diff --git a/src/registrar/views/user_profile.py b/src/registrar/views/user_profile.py
index 2012d12ab..3434eedb3 100644
--- a/src/registrar/views/user_profile.py
+++ b/src/registrar/views/user_profile.py
@@ -5,22 +5,25 @@ import logging
 
 from django.contrib import messages
 from django.http import QueryDict
+from django.views.generic import DetailView
 from django.views.generic.edit import FormMixin
+from registrar.decorators import ALL, grant_access
 from registrar.forms.user_profile import UserProfileForm, FinishSetupProfileForm
 from django.urls import NoReverseMatch, reverse
 from registrar.models.user import User
 from registrar.models.utility.generic_helper import replace_url_queryparams
-from registrar.views.utility.permission_views import UserProfilePermissionView
 
 logger = logging.getLogger(__name__)
 
 
-class UserProfileView(UserProfilePermissionView, FormMixin):
+@grant_access(ALL)
+class UserProfileView(DetailView, FormMixin):
     """
     Base View for the User Profile. Handles getting and setting the User Profile
     """
 
     model = User
+    context_object_name = "user"
     template_name = "profile.html"
     form_class = UserProfileForm
     base_view_name = "user-profile"
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 1762d4900..d3ec95af5 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -185,20 +185,3 @@ class PortfolioReportsPermission(PermissionsLoginMixin):
             return False
 
         return self.request.user.is_org_user(self.request)
-
-
-class UserProfilePermission(PermissionsLoginMixin):
-    """Permission mixin that redirects to user profile if user
-    has access, otherwise 403"""
-
-    def has_permission(self):
-        """Check if this user has access.
-
-        If the user is authenticated, they have access
-        """
-
-        # Check if the user is authenticated
-        if not self.request.user.is_authenticated:
-            return False
-
-        return True
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
deleted file mode 100644
index 1961e1cdd..000000000
--- a/src/registrar/views/utility/permission_views.py
+++ /dev/null
@@ -1,33 +0,0 @@
-"""View classes that enforce authorization."""
-
-import abc  # abstract base class
-
-from django.views.generic import DetailView
-from registrar.models import Portfolio
-from registrar.models.user import User
-
-from .mixins import (
-    UserProfilePermission,
-)
-import logging
-
-logger = logging.getLogger(__name__)
-
-
-class UserProfilePermissionView(UserProfilePermission, DetailView, abc.ABC):
-    """Abstract base view for user profile view that enforces permissions.
-
-    This abstract view cannot be instantiated. Actual views must specify
-    `template_name`.
-    """
-
-    # DetailView property for what model this is viewing
-    model = User
-    # variable name in template context for the model object
-    context_object_name = "user"
-
-    # Abstract property enforces NotImplementedError on an attribute.
-    @property
-    @abc.abstractmethod
-    def template_name(self):
-        raise NotImplementedError

From 9ad7b7523b242cd982a973da5567807aa02e88c1 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 10:46:06 -0500
Subject: [PATCH 37/81] analytics, reports and transfer user

---
 src/registrar/decorators.py           |  9 +++++
 src/registrar/views/report_views.py   | 28 +++++++-------
 src/registrar/views/transfer_user.py  |  2 +
 src/registrar/views/utility/mixins.py | 54 +--------------------------
 4 files changed, 26 insertions(+), 67 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 98a37c62c..0f2c948b3 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -20,6 +20,7 @@ HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL = "has_portfolio_domain_requests_view_all
 HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT = "has_portfolio_domain_requests_edit"
 HAS_PORTFOLIO_MEMBERS_ANY_PERM = "has_portfolio_members_any_perm"
 HAS_PORTFOLIO_MEMBERS_EDIT = "has_portfolio_members_edit"
+HAS_PORTFOLIO_MEMBERS_VIEW = "has_portfolio_members_view"
 
 
 def grant_access(*rules):
@@ -160,6 +161,14 @@ def _user_has_permission(user, request, rules, **kwargs):
         )
         conditions_met.append(has_permission)
 
+    if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_VIEW in rules:
+        portfolio = request.session.get("portfolio")
+        has_permission = (
+            user.is_org_user(request) and
+            user.has_view_members_portfolio_permission(portfolio)
+        )
+        conditions_met.append(has_permission)
+
     return any(conditions_met)
 
 
diff --git a/src/registrar/views/report_views.py b/src/registrar/views/report_views.py
index 1b9198c79..d64586a2b 100644
--- a/src/registrar/views/report_views.py
+++ b/src/registrar/views/report_views.py
@@ -6,19 +6,17 @@ from django.shortcuts import render
 from django.contrib import admin
 from django.db.models import Avg, F
 
-from registrar.views.utility.mixins import DomainAndRequestsReportsPermission, PortfolioReportsPermission
+from registrar.decorators import ALL, HAS_PORTFOLIO_MEMBERS_VIEW, IS_STAFF, grant_access
 from .. import models
 import datetime
 from django.utils import timezone
-from django.contrib.admin.views.decorators import staff_member_required
-from django.utils.decorators import method_decorator
 from registrar.utility import csv_export
 import logging
 
 logger = logging.getLogger(__name__)
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class AnalyticsView(View):
     def get(self, request):
         thirty_days_ago = datetime.datetime.today() - datetime.timedelta(days=30)
@@ -152,7 +150,7 @@ class AnalyticsView(View):
         return render(request, "admin/analytics.html", context)
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataType(View):
     def get(self, request, *args, **kwargs):
         # match the CSV example with all the fields
@@ -162,7 +160,8 @@ class ExportDataType(View):
         return response
 
 
-class ExportDataTypeUser(DomainAndRequestsReportsPermission, View):
+@grant_access(ALL)
+class ExportDataTypeUser(View):
     """Returns a domain report for a given user on the request"""
 
     def get(self, request, *args, **kwargs):
@@ -173,7 +172,8 @@ class ExportDataTypeUser(DomainAndRequestsReportsPermission, View):
         return response
 
 
-class ExportMembersPortfolio(PortfolioReportsPermission, View):
+@grant_access(HAS_PORTFOLIO_MEMBERS_VIEW)
+class ExportMembersPortfolio(View):
     """Returns a members report for a given portfolio"""
 
     def get(self, request, *args, **kwargs):
@@ -201,7 +201,7 @@ class ExportMembersPortfolio(PortfolioReportsPermission, View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataFull(View):
     def get(self, request, *args, **kwargs):
         # Smaller export based on 1
@@ -211,7 +211,7 @@ class ExportDataFull(View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataFederal(View):
     def get(self, request, *args, **kwargs):
         # Federal only
@@ -221,7 +221,7 @@ class ExportDataFederal(View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDomainRequestDataFull(View):
     """Generates a downloaded report containing all Domain Requests (except started)"""
 
@@ -233,7 +233,7 @@ class ExportDomainRequestDataFull(View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataDomainsGrowth(View):
     def get(self, request, *args, **kwargs):
         start_date = request.GET.get("start_date", "")
@@ -246,7 +246,7 @@ class ExportDataDomainsGrowth(View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataRequestsGrowth(View):
     def get(self, request, *args, **kwargs):
         start_date = request.GET.get("start_date", "")
@@ -259,7 +259,7 @@ class ExportDataRequestsGrowth(View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataManagedDomains(View):
     def get(self, request, *args, **kwargs):
         start_date = request.GET.get("start_date", "")
@@ -271,7 +271,7 @@ class ExportDataManagedDomains(View):
         return response
 
 
-@method_decorator(staff_member_required, name="dispatch")
+@grant_access(IS_STAFF)
 class ExportDataUnmanagedDomains(View):
     def get(self, request, *args, **kwargs):
         start_date = request.GET.get("start_date", "")
diff --git a/src/registrar/views/transfer_user.py b/src/registrar/views/transfer_user.py
index f574b76d9..62cd0a9d2 100644
--- a/src/registrar/views/transfer_user.py
+++ b/src/registrar/views/transfer_user.py
@@ -4,6 +4,7 @@ from django.db.models import ForeignKey, OneToOneField, ManyToManyField, ManyToO
 
 from django.shortcuts import render, get_object_or_404, redirect
 from django.views import View
+from registrar.decorators import IS_STAFF, grant_access
 from registrar.models.domain import Domain
 from registrar.models.domain_request import DomainRequest
 from registrar.models.user import User
@@ -18,6 +19,7 @@ from registrar.utility.db_helpers import ignore_unique_violation
 logger = logging.getLogger(__name__)
 
 
+@grant_access(IS_STAFF)
 class TransferUserView(View):
     """Transfer user methods that set up the transfer_user template and handle the forms on it."""
 
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index d3ec95af5..eb58a5125 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -1,6 +1,4 @@
-"""Permissions-related mixin classes."""
-
-from django.contrib.auth.mixins import PermissionRequiredMixin
+"""Mixin classes."""
 import logging
 
 
@@ -135,53 +133,3 @@ class OrderableFieldsMixin:
         # Infer the column name in a similar manner to how Django does
         method.short_description = field.replace("_", " ")
         return method
-
-
-class PermissionsLoginMixin(PermissionRequiredMixin):
-    """Mixin that redirects to login page if not logged in, otherwise 403."""
-
-    def handle_no_permission(self):
-        self.raise_exception = self.request.user.is_authenticated
-        return super().handle_no_permission()
-
-
-class DomainAndRequestsReportsPermission(PermissionsLoginMixin):
-    """Permission mixin for domain and requests csv downloads"""
-
-    def has_permission(self):
-        """Check if this user has access to this domain.
-
-        The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["pk"]
-        """
-
-        if not self.request.user.is_authenticated:
-            return False
-
-        if self.request.user.is_restricted():
-            return False
-
-        return True
-
-
-class PortfolioReportsPermission(PermissionsLoginMixin):
-    """Permission mixin for portfolio csv downloads"""
-
-    def has_permission(self):
-        """Check if this user has access to this domain.
-
-        The user is in self.request.user and the domain needs to be looked
-        up from the domain's primary key in self.kwargs["pk"]
-        """
-
-        if not self.request.user.is_authenticated:
-            return False
-
-        if self.request.user.is_restricted():
-            return False
-
-        portfolio = self.request.session.get("portfolio")
-        if not self.request.user.has_view_members_portfolio_permission(portfolio):
-            return False
-
-        return self.request.user.is_org_user(self.request)

From 7a1348258d14d443b8f44392652ece8ea95e6169 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 10:50:42 -0500
Subject: [PATCH 38/81] remove superuser, and assign perm to transfer user

---
 src/registrar/decorators.py           | 18 ++++--------------
 src/registrar/views/portfolios.py     |  3 ++-
 src/registrar/views/utility/mixins.py |  1 +
 3 files changed, 7 insertions(+), 15 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 0f2c948b3..517985b6d 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -5,7 +5,6 @@ from registrar.models import Domain, DomainInformation, DomainInvitation, Domain
 
 # Constants for clarity
 ALL = "all"
-IS_SUPERUSER = "is_superuser"
 IS_STAFF = "is_staff"
 IS_DOMAIN_MANAGER = "is_domain_manager"
 IS_DOMAIN_REQUEST_CREATOR = "is_domain_request_creator"
@@ -88,9 +87,6 @@ def _user_has_permission(user, request, rules, **kwargs):
     if IS_STAFF in rules:
         conditions_met.append(user.is_staff)
 
-    if not any(conditions_met) and IS_SUPERUSER in rules:
-        conditions_met.append(user.is_superuser)
-
     if not any(conditions_met) and IS_DOMAIN_MANAGER in rules:
         has_permission = _is_domain_manager(user, **kwargs)
         conditions_met.append(has_permission)
@@ -148,25 +144,19 @@ def _user_has_permission(user, request, rules, **kwargs):
     if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_ANY_PERM in rules:
         portfolio = request.session.get("portfolio")
         has_permission = user.is_org_user(request) and (
-            user.has_view_members_portfolio_permission(portfolio) or
-            user.has_edit_members_portfolio_permission(portfolio)
+            user.has_view_members_portfolio_permission(portfolio)
+            or user.has_edit_members_portfolio_permission(portfolio)
         )
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_EDIT in rules:
         portfolio = request.session.get("portfolio")
-        has_permission = (
-            user.is_org_user(request) and
-            user.has_edit_members_portfolio_permission(portfolio)
-        )
+        has_permission = user.is_org_user(request) and user.has_edit_members_portfolio_permission(portfolio)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_VIEW in rules:
         portfolio = request.session.get("portfolio")
-        has_permission = (
-            user.is_org_user(request) and
-            user.has_view_members_portfolio_permission(portfolio)
-        )
+        has_permission = user.is_org_user(request) and user.has_view_members_portfolio_permission(portfolio)
         conditions_met.append(has_permission)
 
     return any(conditions_met)
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index f0c4841f1..41038443b 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -23,7 +23,7 @@ from registrar.models import (
     PortfolioInvitation,
     User,
     UserDomainRole,
-    UserPortfolioPermission
+    UserPortfolioPermission,
 )
 from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
 from registrar.utility.email import EmailSendingError
@@ -573,6 +573,7 @@ class PortfolioInvitedMemberDomainsView(View):
             },
         )
 
+
 @grant_access(HAS_PORTFOLIO_MEMBERS_EDIT)
 class PortfolioInvitedMemberDomainsEditView(DetailView, View):
 
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index eb58a5125..e228fbcd8 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -1,4 +1,5 @@
 """Mixin classes."""
+
 import logging
 
 

From 2a6d401e9b23c2c8d22bedf8282903b55f3ea6ee Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 10:00:32 -0700
Subject: [PATCH 39/81] Move get-gov-reports to src/

@rachidatecs see above ^
---
 src/registrar/assets/js/get-gov-reports.js    | 203 ------------------
 .../assets/src/js/getgov-admin/analytics.js   | 196 +++++++++++++++++
 .../src/js/getgov-admin/helpers-admin.js      |  10 +
 .../assets/src/js/getgov-admin/main.js        |   4 +
 src/registrar/templates/admin/analytics.html  |  14 +-
 src/registrar/templates/admin/base_site.html  |   1 -
 6 files changed, 217 insertions(+), 211 deletions(-)
 delete mode 100644 src/registrar/assets/js/get-gov-reports.js
 create mode 100644 src/registrar/assets/src/js/getgov-admin/analytics.js

diff --git a/src/registrar/assets/js/get-gov-reports.js b/src/registrar/assets/js/get-gov-reports.js
deleted file mode 100644
index 54cdc789a..000000000
--- a/src/registrar/assets/js/get-gov-reports.js
+++ /dev/null
@@ -1,203 +0,0 @@
-
-/** An IIFE for admin in DjangoAdmin to listen to clicks on the growth report export button,
- * attach the seleted start and end dates to a url that'll trigger the view, and finally
- * redirect to that url.
- * 
- * This function also sets the start and end dates to match the url params if they exist
-*/
-(function () {
-    // Function to get URL parameter value by name
-    function getParameterByName(name, url) {
-        if (!url) url = window.location.href;
-        name = name.replace(/[\[\]]/g, '\\$&');
-        var regex = new RegExp('[?&]' + name + '(=([^&#]*)|&|#|$)'),
-            results = regex.exec(url);
-        if (!results) return null;
-        if (!results[2]) return '';
-        return decodeURIComponent(results[2].replace(/\+/g, ' '));
-    }
-
-    // Get the current date in the format YYYY-MM-DD
-    let currentDate = new Date().toISOString().split('T')[0];
-
-    // Default the value of the start date input field to the current date
-    let startDateInput = document.getElementById('start');
-
-    // Default the value of the end date input field to the current date
-    let endDateInput = document.getElementById('end');
-
-    let exportButtons = document.querySelectorAll('.exportLink');
-
-    if (exportButtons.length > 0) {
-        // Check if start and end dates are present in the URL
-        let urlStartDate = getParameterByName('start_date');
-        let urlEndDate = getParameterByName('end_date');
-
-        // Set input values based on URL parameters or current date
-        startDateInput.value = urlStartDate || currentDate;
-        endDateInput.value = urlEndDate || currentDate;
-
-        exportButtons.forEach((btn) => {
-            btn.addEventListener('click', function () {
-                // Get the selected start and end dates
-                let startDate = startDateInput.value;
-                let endDate = endDateInput.value;
-                let exportUrl = btn.dataset.exportUrl;
-
-                // Build the URL with parameters
-                exportUrl += "?start_date=" + startDate + "&end_date=" + endDate;
-
-                // Redirect to the export URL
-                window.location.href = exportUrl;
-            });
-        });
-    }
-
-})();
-
-
-/** An IIFE to initialize the analytics page
-*/
-(function () {
-    const chartInstances = new Map();
-
-    /**
-     * Creates a diagonal stripe pattern for chart.js
-     * Inspired by https://stackoverflow.com/questions/28569667/fill-chart-js-bar-chart-with-diagonal-stripes-or-other-patterns
-     * and https://github.com/ashiguruma/patternomaly
-     * @param {string} backgroundColor - Background color of the pattern
-     * @param {string} [lineColor="white"] - Color of the diagonal lines
-     * @param {boolean} [rightToLeft=false] - Direction of the diagonal lines
-     * @param {number} [lineGap=1] - Gap between lines
-     * @returns {CanvasPattern} A canvas pattern object for use with backgroundColor
-     */
-    function createDiagonalPattern(backgroundColor, lineColor, rightToLeft=false, lineGap=1) {
-        // Define the canvas and the 2d context so we can draw on it
-        let shape = document.createElement("canvas");
-        shape.width = 20;
-        shape.height = 20;
-        let context = shape.getContext("2d");
-
-        // Fill with specified background color
-        context.fillStyle = backgroundColor;
-        context.fillRect(0, 0, shape.width, shape.height);
-
-        // Set stroke properties
-        context.strokeStyle = lineColor;
-        context.lineWidth = 2;
-
-        // Rotate canvas for a right-to-left pattern
-        if (rightToLeft) {
-            context.translate(shape.width, 0);
-            context.rotate(90 * Math.PI / 180);
-        };
-
-        // First diagonal line
-        let halfSize = shape.width / 2;
-        context.moveTo(halfSize - lineGap, -lineGap);
-        context.lineTo(shape.width + lineGap, halfSize + lineGap);
-
-        // Second diagonal line (x,y are swapped)
-        context.moveTo(-lineGap, halfSize - lineGap);
-        context.lineTo(halfSize + lineGap, shape.width + lineGap);
-
-        context.stroke();
-        return context.createPattern(shape, "repeat");
-    }
-
-    function createComparativeColumnChart(canvasId, title, labelOne, labelTwo) {
-        var canvas = document.getElementById(canvasId);
-        if (!canvas) {
-            return
-        }
-
-        var ctx = canvas.getContext("2d");
-
-        var listOne = JSON.parse(canvas.getAttribute('data-list-one'));
-        var listTwo = JSON.parse(canvas.getAttribute('data-list-two'));
-
-        var data = {
-            labels: ["Total", "Federal", "Interstate", "State/Territory", "Tribal", "County", "City", "Special District", "School District", "Election Board"],
-            datasets: [
-                {
-                    label: labelOne,
-                    backgroundColor: "rgba(255, 99, 132, 0.3)",
-                    borderColor: "rgba(255, 99, 132, 1)",
-                    borderWidth: 1,
-                    data: listOne,
-                    // Set this line style to be rightToLeft for visual distinction
-                    backgroundColor: createDiagonalPattern('rgba(255, 99, 132, 0.3)', 'white', true)
-                },
-                {
-                    label: labelTwo,
-                    backgroundColor: "rgba(75, 192, 192, 0.3)",
-                    borderColor: "rgba(75, 192, 192, 1)",
-                    borderWidth: 1,
-                    data: listTwo,
-                    backgroundColor: createDiagonalPattern('rgba(75, 192, 192, 0.3)', 'white')
-                },
-            ],
-        };
-
-        var options = {
-            responsive: true,
-            maintainAspectRatio: false,
-            plugins: {
-                legend: {
-                    position: 'top',
-                },
-                title: {
-                    display: true,
-                    text: title
-                }
-            },
-            scales: {
-                y: {
-                    beginAtZero: true,
-                },
-            },
-        };
-
-        if (chartInstances.has(canvasId)) {
-            chartInstances.get(canvasId).destroy();
-        }
-
-        const chart = new Chart(ctx, {
-            type: "bar",
-            data: data,
-            options: options,
-        });
-        
-        chartInstances.set(canvasId, chart);
-    }
-
-    function handleResize() {
-        // Debounce the resize handler
-        if (handleResize.timeout) {
-            clearTimeout(handleResize.timeout);
-        }
-        
-        handleResize.timeout = setTimeout(() => {
-            chartInstances.forEach((chart, canvasId) => {
-                if (chart && chart.canvas) {
-                    chart.resize();
-                }
-            });
-        }, 100);
-    }
-
-    function initComparativeColumnCharts() {
-        document.addEventListener("DOMContentLoaded", function () {
-            createComparativeColumnChart("myChart1", "Managed domains", "Start Date", "End Date");
-            createComparativeColumnChart("myChart2", "Unmanaged domains", "Start Date", "End Date");
-            createComparativeColumnChart("myChart3", "Deleted domains", "Start Date", "End Date");
-            createComparativeColumnChart("myChart4", "Ready domains", "Start Date", "End Date");
-            createComparativeColumnChart("myChart5", "Submitted requests", "Start Date", "End Date");
-            createComparativeColumnChart("myChart6", "All requests", "Start Date", "End Date");
-
-            window.addEventListener("resize", handleResize);
-        });
-    };
-
-    initComparativeColumnCharts();
-})();
diff --git a/src/registrar/assets/src/js/getgov-admin/analytics.js b/src/registrar/assets/src/js/getgov-admin/analytics.js
new file mode 100644
index 000000000..d2808f623
--- /dev/null
+++ b/src/registrar/assets/src/js/getgov-admin/analytics.js
@@ -0,0 +1,196 @@
+
+import { debounce } from '../getgov/helpers.js';
+import { getParameterByName } from './helpers-admin.js';
+
+
+/** This function also sets the start and end dates to match the url params if they exist
+*/
+function initAnalyticsExportButtons() {
+    // Get the current date in the format YYYY-MM-DD
+    let currentDate = new Date().toISOString().split('T')[0];
+
+    // Default the value of the start date input field to the current date
+    let startDateInput = document.getElementById('start');
+
+    // Default the value of the end date input field to the current date
+    let endDateInput = document.getElementById('end');
+
+    let exportButtons = document.querySelectorAll('.exportLink');
+
+    if (exportButtons.length > 0) {
+        // Check if start and end dates are present in the URL
+        let urlStartDate = getParameterByName('start_date');
+        let urlEndDate = getParameterByName('end_date');
+
+        // Set input values based on URL parameters or current date
+        startDateInput.value = urlStartDate || currentDate;
+        endDateInput.value = urlEndDate || currentDate;
+
+        exportButtons.forEach((btn) => {
+            btn.addEventListener('click', function () {
+                // Get the selected start and end dates
+                let startDate = startDateInput.value;
+                let endDate = endDateInput.value;
+                let exportUrl = btn.dataset.exportUrl;
+
+                // Build the URL with parameters
+                exportUrl += "?start_date=" + startDate + "&end_date=" + endDate;
+
+                // Redirect to the export URL
+                window.location.href = exportUrl;
+            });
+        });
+    }
+
+};
+
+/**
+     * Creates a diagonal stripe pattern for chart.js
+     * Inspired by https://stackoverflow.com/questions/28569667/fill-chart-js-bar-chart-with-diagonal-stripes-or-other-patterns
+     * and https://github.com/ashiguruma/patternomaly
+     * @param {string} backgroundColor - Background color of the pattern
+     * @param {string} [lineColor="white"] - Color of the diagonal lines
+     * @param {boolean} [rightToLeft=false] - Direction of the diagonal lines
+     * @param {number} [lineGap=1] - Gap between lines
+     * @returns {CanvasPattern} A canvas pattern object for use with backgroundColor
+     */
+function createDiagonalPattern(backgroundColor, lineColor, rightToLeft=false, lineGap=1) {
+    // Define the canvas and the 2d context so we can draw on it
+    let shape = document.createElement("canvas");
+    shape.width = 20;
+    shape.height = 20;
+    let context = shape.getContext("2d");
+
+    // Fill with specified background color
+    context.fillStyle = backgroundColor;
+    context.fillRect(0, 0, shape.width, shape.height);
+
+    // Set stroke properties
+    context.strokeStyle = lineColor;
+    context.lineWidth = 2;
+
+    // Rotate canvas for a right-to-left pattern
+    if (rightToLeft) {
+        context.translate(shape.width, 0);
+        context.rotate(90 * Math.PI / 180);
+    };
+
+    // First diagonal line
+    let halfSize = shape.width / 2;
+    context.moveTo(halfSize - lineGap, -lineGap);
+    context.lineTo(shape.width + lineGap, halfSize + lineGap);
+
+    // Second diagonal line (x,y are swapped)
+    context.moveTo(-lineGap, halfSize - lineGap);
+    context.lineTo(halfSize + lineGap, shape.width + lineGap);
+
+    context.stroke();
+    return context.createPattern(shape, "repeat");
+}
+
+function createComparativeColumnChart(canvasId, title, labelOne, labelTwo, chartInstances) {
+    var canvas = document.getElementById(canvasId);
+    if (!canvas) {
+        return
+    }
+
+    var ctx = canvas.getContext("2d");
+
+    var listOne = JSON.parse(canvas.getAttribute('data-list-one'));
+    var listTwo = JSON.parse(canvas.getAttribute('data-list-two'));
+
+    var data = {
+        labels: ["Total", "Federal", "Interstate", "State/Territory", "Tribal", "County", "City", "Special District", "School District", "Election Board"],
+        datasets: [
+            {
+                label: labelOne,
+                backgroundColor: "rgba(255, 99, 132, 0.3)",
+                borderColor: "rgba(255, 99, 132, 1)",
+                borderWidth: 1,
+                data: listOne,
+                // Set this line style to be rightToLeft for visual distinction
+                backgroundColor: createDiagonalPattern('rgba(255, 99, 132, 0.3)', 'white', true)
+            },
+            {
+                label: labelTwo,
+                backgroundColor: "rgba(75, 192, 192, 0.3)",
+                borderColor: "rgba(75, 192, 192, 1)",
+                borderWidth: 1,
+                data: listTwo,
+                backgroundColor: createDiagonalPattern('rgba(75, 192, 192, 0.3)', 'white')
+            },
+        ],
+    };
+
+    var options = {
+        responsive: true,
+        maintainAspectRatio: false,
+        plugins: {
+            legend: {
+                position: 'top',
+            },
+            title: {
+                display: true,
+                text: title
+            }
+        },
+        scales: {
+            y: {
+                beginAtZero: true,
+            },
+        },
+    };
+
+    if (chartInstances.has(canvasId)) {
+        chartInstances.get(canvasId).destroy();
+    }
+
+    const chart = new Chart(ctx, {
+        type: "bar",
+        data: data,
+        options: options,
+    });
+    
+    chartInstances.set(canvasId, chart);
+}
+
+function initComparativeColumnCharts(chartInstances) {
+    // Create charts
+    const charts = [
+        { id: "managed-domains-chart", title: "Managed domains" },
+        { id: "unmanaged-domains-chart", title: "Unmanaged domains" },
+        { id: "deleted-domains-chart", title: "Deleted domains" },
+        { id: "ready-domains-chart", title: "Ready domains" },
+        { id: "submitted-requests-chart", title: "Submitted requests" },
+        { id: "all-requests-chart", title: "All requests" }
+    ];
+    charts.forEach(chart => {
+        createComparativeColumnChart(
+            chart.id, 
+            chart.title, 
+            "Start Date", 
+            "End Date", 
+            chartInstances
+        );
+    });
+
+    // Add resize listener to each chart
+    window.addEventListener("resize", debounce(() => {
+        chartInstances.forEach((chart) => {
+            if (chart?.canvas) chart.resize();
+        });
+    }, 200));
+};
+
+/** An IIFE to initialize the analytics page
+*/
+export function initAnalyticsDashboard() {
+    const chartInstances = new Map();
+    const analyticsPageContainer = document.querySelector('.analytics-dashboard .analytics-dashboard-charts');
+    if (analyticsPageContainer) {
+        document.addEventListener("DOMContentLoaded", function () {
+            initAnalyticsExportButtons();
+            initComparativeColumnCharts(chartInstances);
+        });
+    }
+};
diff --git a/src/registrar/assets/src/js/getgov-admin/helpers-admin.js b/src/registrar/assets/src/js/getgov-admin/helpers-admin.js
index ff618a67d..8055e29d3 100644
--- a/src/registrar/assets/src/js/getgov-admin/helpers-admin.js
+++ b/src/registrar/assets/src/js/getgov-admin/helpers-admin.js
@@ -22,3 +22,13 @@ export function addOrRemoveSessionBoolean(name, add){
         sessionStorage.removeItem(name); 
     }
 }
+
+export function getParameterByName(name, url) {
+    if (!url) url = window.location.href;
+    name = name.replace(/[\[\]]/g, '\\$&');
+    var regex = new RegExp('[?&]' + name + '(=([^&#]*)|&|#|$)'),
+        results = regex.exec(url);
+    if (!results) return null;
+    if (!results[2]) return '';
+    return decodeURIComponent(results[2].replace(/\+/g, ' '));
+}
diff --git a/src/registrar/assets/src/js/getgov-admin/main.js b/src/registrar/assets/src/js/getgov-admin/main.js
index 64be572b2..5c6de20ab 100644
--- a/src/registrar/assets/src/js/getgov-admin/main.js
+++ b/src/registrar/assets/src/js/getgov-admin/main.js
@@ -15,6 +15,7 @@ import { initDomainFormTargetBlankButtons } from './domain-form.js';
 import { initDynamicPortfolioFields } from './portfolio-form.js';
 import { initDynamicDomainInformationFields } from './domain-information-form.js';
 import { initDynamicDomainFields } from './domain-form.js';
+import { initAnalyticsDashboard } from './analytics.js';
 
 // General
 initModals();
@@ -41,3 +42,6 @@ initDynamicPortfolioFields();
 
 // Domain information
 initDynamicDomainInformationFields();
+
+// Analytics dashboard
+initAnalyticsDashboard();
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index ca3501eec..d345aeb14 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -18,7 +18,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 
 {% block content %}
 
-  <div id="content-main" class="custom-admin-template">
+  <div id="content-main" class="custom-admin-template analytics-dashboard">
 
     <div class="grid-row grid-gap-2">
       <div class="tablet:grid-col-6 margin-top-2">
@@ -136,7 +136,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 		<div class="analytics-dashboard-charts margin-top-2">
 			{% comment %} Managed/Unmanaged domains {% endcomment %}
 			<div class="chart-1 grid-col">
-				<canvas id="myChart1" width="400" height="200"
+				<canvas id="managed-domains-chart" width="400" height="200"
 				aria-label="Chart: {{ data.managed_domains.end_date_count.0 }} managed domains for {{ data.end_date }}"
 				role="img"
 				data-list-one="{{ data.managed_domains.start_date_count }}"
@@ -155,7 +155,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 				</details>
 			</div>
 			<div class="chart-2 grid-col">
-				<canvas id="myChart2" width="400" height="200"
+				<canvas id="unmanaged-domains-chart" width="400" height="200"
 				aria-label="Chart: {{ data.unmanaged_domains.end_date_count.0 }} unmanaged domains for {{ data.end_date }}"
 				role="img"
 				data-list-one="{{ data.unmanaged_domains.start_date_count }}"
@@ -176,7 +176,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 
 			{% comment %} Deleted/Ready domains {% endcomment %}
 			<div class="chart-3 grid-col">
-				<canvas id="myChart3" width="400" height="200"
+				<canvas id="deleted-domains-chart" width="400" height="200"
 				aria-label="Chart: {{ data.deleted_domains.end_date_count.0 }} deleted domains for {{ data.end_date }}"
 				role="img" 
 				data-list-one="{{ data.deleted_domains.start_date_count }}"
@@ -195,7 +195,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 				</details>
 			</div>
 			<div class="chart-4 grid-col">
-				<canvas id="myChart4" width="400" height="200"
+				<canvas id="ready-domains-chart" width="400" height="200"
 				aria-label="Chart: {{ data.ready_domains.end_date_count.0 }} ready domains for {{ data.end_date }}"
 				role="img" 
 				data-list-one="{{ data.ready_domains.start_date_count }}"
@@ -216,7 +216,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 
 			{% comment %} Requests {% endcomment %}
 			<div class="chart-5 grid-col">
-				<canvas id="myChart5" width="400" height="200"
+				<canvas id="submitted-requests-chart" width="400" height="200"
 				aria-label="Chart: {{ data.submitted_requests.end_date_count.0 }} submitted requests for {{ data.end_date }}"
 				role="img" 
 				data-list-one="{{ data.submitted_requests.start_date_count }}"
@@ -235,7 +235,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
 				</details>
 			</div>
 			<div class="chart-6 grid-col">
-				<canvas id="myChart6" width="400" height="200"
+				<canvas id="all-requests-chart" width="400" height="200"
 				aria-label="Chart: {{ data.requests.end_date_count.0 }} requests for {{ data.end_date }}"
 				role="img" 
 				data-list-one="{{ data.requests.start_date_count }}"
diff --git a/src/registrar/templates/admin/base_site.html b/src/registrar/templates/admin/base_site.html
index b80917bb2..e5b3604b4 100644
--- a/src/registrar/templates/admin/base_site.html
+++ b/src/registrar/templates/admin/base_site.html
@@ -22,7 +22,6 @@
   <script src="{% static 'js/uswds.min.js' %}" defer></script>
   <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
   <script type="application/javascript" src="{% static 'js/getgov-admin.min.js' %}" defer></script>
-  <script type="application/javascript" src="{% static 'js/get-gov-reports.js' %}" defer></script>
   <script type="application/javascript" src="{% static 'js/dja-collapse.js' %}" defer></script>
 {% endblock %}
 

From b3a3dcad6dcfe15331f3da2dba69af58c450dce0 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 10:31:01 -0700
Subject: [PATCH 40/81] Cleanup + code simplification

---
 .../assets/src/js/getgov-admin/analytics.js   | 67 +++++++------------
 .../admin/analytics_graph_table.html          |  2 +-
 2 files changed, 27 insertions(+), 42 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov-admin/analytics.js b/src/registrar/assets/src/js/getgov-admin/analytics.js
index d2808f623..e2de7b247 100644
--- a/src/registrar/assets/src/js/getgov-admin/analytics.js
+++ b/src/registrar/assets/src/js/getgov-admin/analytics.js
@@ -41,7 +41,6 @@ function initAnalyticsExportButtons() {
             });
         });
     }
-
 };
 
 /**
@@ -88,8 +87,8 @@ function createDiagonalPattern(backgroundColor, lineColor, rightToLeft=false, li
     return context.createPattern(shape, "repeat");
 }
 
-function createComparativeColumnChart(canvasId, title, labelOne, labelTwo, chartInstances) {
-    var canvas = document.getElementById(canvasId);
+function createComparativeColumnChart(id, title, labelOne, labelTwo) {
+    var canvas = document.getElementById(id);
     if (!canvas) {
         return
     }
@@ -140,57 +139,43 @@ function createComparativeColumnChart(canvasId, title, labelOne, labelTwo, chart
             },
         },
     };
-
-    if (chartInstances.has(canvasId)) {
-        chartInstances.get(canvasId).destroy();
-    }
-
-    const chart = new Chart(ctx, {
+    return new Chart(ctx, {
         type: "bar",
         data: data,
         options: options,
     });
-    
-    chartInstances.set(canvasId, chart);
 }
 
-function initComparativeColumnCharts(chartInstances) {
-    // Create charts
-    const charts = [
-        { id: "managed-domains-chart", title: "Managed domains" },
-        { id: "unmanaged-domains-chart", title: "Unmanaged domains" },
-        { id: "deleted-domains-chart", title: "Deleted domains" },
-        { id: "ready-domains-chart", title: "Ready domains" },
-        { id: "submitted-requests-chart", title: "Submitted requests" },
-        { id: "all-requests-chart", title: "All requests" }
-    ];
-    charts.forEach(chart => {
-        createComparativeColumnChart(
-            chart.id, 
-            chart.title, 
-            "Start Date", 
-            "End Date", 
-            chartInstances
-        );
-    });
-
-    // Add resize listener to each chart
-    window.addEventListener("resize", debounce(() => {
-        chartInstances.forEach((chart) => {
-            if (chart?.canvas) chart.resize();
-        });
-    }, 200));
-};
-
 /** An IIFE to initialize the analytics page
 */
 export function initAnalyticsDashboard() {
-    const chartInstances = new Map();
     const analyticsPageContainer = document.querySelector('.analytics-dashboard .analytics-dashboard-charts');
     if (analyticsPageContainer) {
         document.addEventListener("DOMContentLoaded", function () {
             initAnalyticsExportButtons();
-            initComparativeColumnCharts(chartInstances);
+
+            // Create charts and store each instance of it
+            const chartInstances = new Map();
+            const charts = [
+                { id: "managed-domains-chart", title: "Managed domains" },
+                { id: "unmanaged-domains-chart", title: "Unmanaged domains" },
+                { id: "deleted-domains-chart", title: "Deleted domains" },
+                { id: "ready-domains-chart", title: "Ready domains" },
+                { id: "submitted-requests-chart", title: "Submitted requests" },
+                { id: "all-requests-chart", title: "All requests" }
+            ];
+            charts.forEach(chart => {
+                if (chartInstances.has(chart.id)) chartInstances.get(chart.id).destroy();
+                let chart = createComparativeColumnChart(...chart, "Start Date", "End Date");
+                chartInstances.set(chart.id, chart);
+            });
+
+            // Add resize listener to each chart
+            window.addEventListener("resize", debounce(() => {
+                chartInstances.forEach((chart) => {
+                    if (chart?.canvas) chart.resize();
+                });
+            }, 200));
         });
     }
 };
diff --git a/src/registrar/templates/admin/analytics_graph_table.html b/src/registrar/templates/admin/analytics_graph_table.html
index 88b538745..5f10da93a 100644
--- a/src/registrar/templates/admin/analytics_graph_table.html
+++ b/src/registrar/templates/admin/analytics_graph_table.html
@@ -23,4 +23,4 @@
             {% endfor %}
         {% endwith %}
     </tbody>
-</table>
\ No newline at end of file
+</table>

From 62a8a0c2a1e5fbd6cc72de262d0267c566a89681 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 10:34:38 -0700
Subject: [PATCH 41/81] Update analytics.js

---
 src/registrar/assets/src/js/getgov-admin/analytics.js | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov-admin/analytics.js b/src/registrar/assets/src/js/getgov-admin/analytics.js
index e2de7b247..7bf6a05b8 100644
--- a/src/registrar/assets/src/js/getgov-admin/analytics.js
+++ b/src/registrar/assets/src/js/getgov-admin/analytics.js
@@ -1,8 +1,6 @@
-
 import { debounce } from '../getgov/helpers.js';
 import { getParameterByName } from './helpers-admin.js';
 
-
 /** This function also sets the start and end dates to match the url params if they exist
 */
 function initAnalyticsExportButtons() {
@@ -94,7 +92,6 @@ function createComparativeColumnChart(id, title, labelOne, labelTwo) {
     }
 
     var ctx = canvas.getContext("2d");
-
     var listOne = JSON.parse(canvas.getAttribute('data-list-one'));
     var listTwo = JSON.parse(canvas.getAttribute('data-list-two'));
 

From 8a0fdc7ea637053c532d387d58c0afef0698551b Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 10:44:22 -0700
Subject: [PATCH 42/81] Update test_reports.py

---
 src/registrar/tests/test_reports.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/registrar/tests/test_reports.py b/src/registrar/tests/test_reports.py
index bab4f327b..18c98807d 100644
--- a/src/registrar/tests/test_reports.py
+++ b/src/registrar/tests/test_reports.py
@@ -1,4 +1,5 @@
 import io
+from unittest import skip
 from django.test import Client, RequestFactory
 from io import StringIO
 from registrar.models import (
@@ -819,6 +820,7 @@ class MemberExportTest(MockDbForIndividualTests, MockEppLib):
         super().setUp()
         self.factory = RequestFactory()
 
+    @skip("flaky test that needs to be refactored")
     @override_flag("organization_feature", active=True)
     @override_flag("organization_members", active=True)
     @less_console_noise_decorator

From 8acb36ef9ad15989608ab98dc15ba355f2f53761 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 10:46:14 -0700
Subject: [PATCH 43/81] remove unrelated changes

---
 src/.pa11yci | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/.pa11yci b/src/.pa11yci
index ed382a38a..571d0b1c8 100644
--- a/src/.pa11yci
+++ b/src/.pa11yci
@@ -8,20 +8,20 @@
         "http://localhost:8080/health/",
         "http://localhost:8080/request/",
         "http://localhost:8080/request/start",
-        "http://localhost:8080/request/1/organization/",
-        "http://localhost:8080/request/1/org_federal/",
-        "http://localhost:8080/request/1/org_election/",
-        "http://localhost:8080/request/1/org_contact/",
-        "http://localhost:8080/request/1/senior_official/",
-        "http://localhost:8080/request/1/current_sites/",
-        "http://localhost:8080/request/1/dotgov_domain/",
-        "http://localhost:8080/request/1/purpose/",
-        "http://localhost:8080/request/1/your_contact/",
-        "http://localhost:8080/request/1/other_contacts/",
-        "http://localhost:8080/request/1/anything_else/",
-        "http://localhost:8080/request/1/requirements/",
-        "http://localhost:8080/request/1/finished/",
-        "http://localhost:8080/request/1/requesting_entity/",
+        "http://localhost:8080/request/organization/",
+        "http://localhost:8080/request/org_federal/",
+        "http://localhost:8080/request/org_election/",
+        "http://localhost:8080/request/org_contact/",
+        "http://localhost:8080/request/senior_official/",
+        "http://localhost:8080/request/current_sites/",
+        "http://localhost:8080/request/dotgov_domain/",
+        "http://localhost:8080/request/purpose/",
+        "http://localhost:8080/request/your_contact/",
+        "http://localhost:8080/request/other_contacts/",
+        "http://localhost:8080/request/anything_else/",
+        "http://localhost:8080/request/requirements/",
+        "http://localhost:8080/request/finished/",
+        "http://localhost:8080/request/requesting_entity/",
         "http://localhost:8080/user-profile/",
         "http://localhost:8080/members/",
         "http://localhost:8080/members/new-member"

From c540a324c7df33c7011fcef4bebe158a43bf417a Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Wed, 12 Feb 2025 10:11:25 -0800
Subject: [PATCH 44/81] Add unit tests

---
 src/registrar/tests/test_emails.py | 76 ++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)

diff --git a/src/registrar/tests/test_emails.py b/src/registrar/tests/test_emails.py
index f39f11517..c79038668 100644
--- a/src/registrar/tests/test_emails.py
+++ b/src/registrar/tests/test_emails.py
@@ -108,6 +108,82 @@ class TestEmails(TestCase):
 
         self.assertEqual(["testy2@town.com", "mayor@igorville.gov"], kwargs["Destination"]["CcAddresses"])
 
+    @boto3_mocking.patching
+    @override_settings(IS_PRODUCTION=True, BASE_URL="manage.get.gov")
+    def test_email_production_subject_and_url_check(self):
+        """Test sending an email in production that:
+        1. Does not have a prefix in the email subject (no [MANAGE])
+        2. Uses the production URL in the email body of manage.get.gov still"""
+        with boto3_mocking.clients.handler_for("sesv2", self.mock_client_class):
+            send_templated_email(
+                "emails/update_to_approved_domain.txt",
+                "emails/update_to_approved_domain_subject.txt",
+                "doesnotexist@igorville.com",
+                context={"domain": "test", "user": "test", "date": 1, "changes": "test"},
+                bcc_address=None,
+                cc_addresses=["testy2@town.com", "mayor@igorville.gov"],
+            )
+
+        # check that an email was sent
+        self.assertTrue(self.mock_client.send_email.called)
+
+        # check the call sequence for the email
+        args, kwargs = self.mock_client.send_email.call_args
+        self.assertIn("Destination", kwargs)
+        self.assertIn("CcAddresses", kwargs["Destination"])
+
+        self.assertEqual(["testy2@town.com", "mayor@igorville.gov"], kwargs["Destination"]["CcAddresses"])
+
+        # Grab email subject
+        email_subject = kwargs["Content"]["Simple"]["Subject"]["Data"]
+
+        # Check that the subject does NOT contain a prefix for production
+        self.assertNotIn("[MANAGE]", email_subject)
+        self.assertIn("An update was made to", email_subject)
+
+        # Grab email body
+        email_body = kwargs["Content"]["Simple"]["Body"]["Text"]["Data"]
+
+        # Check that manage_url is correctly set for production
+        self.assertIn("https://manage.get.gov", email_body)
+
+    @boto3_mocking.patching
+    @override_settings(IS_PRODUCTION=False, BASE_URL="https://getgov-rh.app.cloud.gov")
+    def test_email_non_production_subject_and_url_check(self):
+        """Test sending an email in production that:
+        1. Does prefix in the email subject ([GETGOV-RH])
+        2. Uses the sandbox url in the email body (ie getgov-rh.app.cloud.gov)"""
+        with boto3_mocking.clients.handler_for("sesv2", self.mock_client_class):
+            send_templated_email(
+                "emails/update_to_approved_domain.txt",
+                "emails/update_to_approved_domain_subject.txt",
+                "doesnotexist@igorville.com",
+                context={"domain": "test", "user": "test", "date": 1, "changes": "test"},
+                bcc_address=None,
+                cc_addresses=["testy2@town.com", "mayor@igorville.gov"],
+            )
+
+        # check that an email was sent
+        self.assertTrue(self.mock_client.send_email.called)
+
+        # check the call sequence for the email
+        args, kwargs = self.mock_client.send_email.call_args
+        self.assertIn("Destination", kwargs)
+        self.assertIn("CcAddresses", kwargs["Destination"])
+        self.assertEqual(["testy2@town.com", "mayor@igorville.gov"], kwargs["Destination"]["CcAddresses"])
+
+        # Grab email subject
+        email_subject = kwargs["Content"]["Simple"]["Subject"]["Data"]
+
+        # Check that the subject DOES contain a prefix of the current sandbox
+        self.assertIn("[GETGOV-RH]", email_subject)
+
+        # Grab email body
+        email_body = kwargs["Content"]["Simple"]["Body"]["Text"]["Data"]
+
+        # Check that manage_url is correctly set of the sandbox
+        self.assertIn("https://getgov-rh.app.cloud.gov", email_body)
+
     @boto3_mocking.patching
     @less_console_noise_decorator
     def test_submission_confirmation(self):

From 0454e7295136eedc10a3190f09bc90b95ca899f2 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 11:23:37 -0700
Subject: [PATCH 45/81] fix typo

---
 src/registrar/assets/src/js/getgov-admin/analytics.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov-admin/analytics.js b/src/registrar/assets/src/js/getgov-admin/analytics.js
index 7bf6a05b8..a5488fa3d 100644
--- a/src/registrar/assets/src/js/getgov-admin/analytics.js
+++ b/src/registrar/assets/src/js/getgov-admin/analytics.js
@@ -163,8 +163,7 @@ export function initAnalyticsDashboard() {
             ];
             charts.forEach(chart => {
                 if (chartInstances.has(chart.id)) chartInstances.get(chart.id).destroy();
-                let chart = createComparativeColumnChart(...chart, "Start Date", "End Date");
-                chartInstances.set(chart.id, chart);
+                chartInstances.set(chart.id, createComparativeColumnChart(...chart, "Start Date", "End Date"));
             });
 
             // Add resize listener to each chart

From 0725ab8e59e59ac63267fe1d008998d7fd7ba26c Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Wed, 12 Feb 2025 10:31:53 -0800
Subject: [PATCH 46/81] Clean up the comments

---
 src/registrar/tests/test_emails.py | 2 +-
 src/registrar/utility/email.py     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/tests/test_emails.py b/src/registrar/tests/test_emails.py
index c79038668..2b7f89ac9 100644
--- a/src/registrar/tests/test_emails.py
+++ b/src/registrar/tests/test_emails.py
@@ -151,7 +151,7 @@ class TestEmails(TestCase):
     @override_settings(IS_PRODUCTION=False, BASE_URL="https://getgov-rh.app.cloud.gov")
     def test_email_non_production_subject_and_url_check(self):
         """Test sending an email in production that:
-        1. Does prefix in the email subject ([GETGOV-RH])
+        1. Does prefix in the email subject (ie [GETGOV-RH])
         2. Uses the sandbox url in the email body (ie getgov-rh.app.cloud.gov)"""
         with boto3_mocking.clients.handler_for("sesv2", self.mock_client_class):
             send_templated_email(
diff --git a/src/registrar/utility/email.py b/src/registrar/utility/email.py
index 535096b10..9323255af 100644
--- a/src/registrar/utility/email.py
+++ b/src/registrar/utility/email.py
@@ -57,7 +57,7 @@ def send_templated_email(  # noqa
     env_name = re.sub(r"^https?://", "", env_base_url).split(".")[0]
     # To add to subject lines ie [GETGOV-RH]
     prefix = f"[{env_name.upper()}] " if not settings.IS_PRODUCTION else ""
-    # For email links
+    # For email links ie getgov-rh.app.cloud.gov
     manage_url = env_base_url if not settings.IS_PRODUCTION else "https://manage.get.gov"
 
     # Adding to context

From 00732d0a64499224cc1e7da96ec35eba54970d51 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Wed, 12 Feb 2025 10:58:38 -0800
Subject: [PATCH 47/81] Fix carrot link

---
 src/registrar/templates/emails/domain_manager_notification.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/emails/domain_manager_notification.txt b/src/registrar/templates/emails/domain_manager_notification.txt
index 18e682329..b5096a9d8 100644
--- a/src/registrar/templates/emails/domain_manager_notification.txt
+++ b/src/registrar/templates/emails/domain_manager_notification.txt
@@ -15,7 +15,7 @@ The person who received the invitation will become a domain manager once they lo
 associated with the invited email address.
 
 If you need to cancel this invitation or remove the domain manager, you can do that by going to 
-this domain in the .gov registrar <{{ manage_url }}.
+this domain in the .gov registrar <{{ manage_url }}>.
 
 
 WHY DID YOU RECEIVE THIS EMAIL? 

From 16f0ae6f627417f9162c29bfa7b832396e4c5951 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Wed, 12 Feb 2025 11:00:13 -0800
Subject: [PATCH 48/81] Fix more spacing

---
 .../emails/portfolio_admin_removal_notification_subject.txt     | 2 +-
 src/registrar/templates/emails/update_to_approved_domain.txt    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt b/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
index 030d27ae7..9a45a8bbc 100644
--- a/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
+++ b/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
@@ -1 +1 @@
-{{ prefix}}An admin was removed from your .gov organization
\ No newline at end of file
+{{ prefix }}An admin was removed from your .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/update_to_approved_domain.txt b/src/registrar/templates/emails/update_to_approved_domain.txt
index fb0a442cb..070096f62 100644
--- a/src/registrar/templates/emails/update_to_approved_domain.txt
+++ b/src/registrar/templates/emails/update_to_approved_domain.txt
@@ -1,4 +1,4 @@
- {% autoescape off %}{# In a text file, we don't want to have HTML entities escaped #}
+{% autoescape off %}{# In a text file, we don't want to have HTML entities escaped #}
 
 Hi,
 An update was made to a domain you manage.

From 53674dea6ab674ad6a491e73a2c7f7c85ef4b9b4 Mon Sep 17 00:00:00 2001
From: lizpearl <lizpearl@users.noreply.github.com>
Date: Wed, 12 Feb 2025 15:20:38 -0600
Subject: [PATCH 49/81] Add Jaxon to fixtures

---
 src/registrar/fixtures/fixtures_users.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/registrar/fixtures/fixtures_users.py b/src/registrar/fixtures/fixtures_users.py
index 876bc9fb5..fdaa1c135 100644
--- a/src/registrar/fixtures/fixtures_users.py
+++ b/src/registrar/fixtures/fixtures_users.py
@@ -171,6 +171,13 @@ class UserFixture:
             "email": "gina.summers@ecstech.com",
             "title": "Scrum Master",
         },
+        {
+            "username": "89f2db87-87a2-4778-a5ea-5b27b585b131",
+            "first_name": "Jaxon",
+            "last_name": "Silva",
+            "email": "jaxon.silva@cisa.dhs.gov",
+            "title": "Designer",
+        },
     ]
 
     STAFF = [

From e5b0e357aff43da6dccb320764cc07f778e0414a Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 12 Feb 2025 15:07:04 -0700
Subject: [PATCH 50/81] Add focus on button

---
 .../src/js/getgov/domain-request-form.js      | 41 ++++++++++++++++---
 .../domain_request_current_sites.html         |  2 +-
 2 files changed, 36 insertions(+), 7 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov/domain-request-form.js b/src/registrar/assets/src/js/getgov/domain-request-form.js
index d9b660a50..cfc224a14 100644
--- a/src/registrar/assets/src/js/getgov/domain-request-form.js
+++ b/src/registrar/assets/src/js/getgov/domain-request-form.js
@@ -2,11 +2,40 @@ import { submitForm } from './helpers.js';
 
 export function initDomainRequestForm() {
     document.addEventListener('DOMContentLoaded', function() {
-        const button = document.getElementById("domain-request-form-submit-button");
-        if (button) {
-            button.addEventListener("click", function () {
-                submitForm("submit-domain-request-form");
-            });
-        } 
+        initCurrentWebsites();
+        initReview();
     });
+}
+
+function initReview() {
+    const button = document.getElementById("domain-request-form-submit-button");
+    if (button) {
+        button.addEventListener("click", function () {
+            submitForm("submit-domain-request-form");
+        });
+    } 
+}
+
+function initCurrentWebsites() {
+    //register-form-step
+    const addAnotherSiteButton = document.getElementById("add-another-site-button");
+    if (addAnotherSiteButton) {
+        // Check for focus state in sessionStorage
+        const focusTarget = sessionStorage.getItem("lastFocusedElement");
+        if (focusTarget) {
+            document.querySelector(focusTarget)?.focus();
+        }
+        // Add form submit handler to store focus state
+        const form = document.querySelector("form");
+        if (form) {
+            form.addEventListener("submit", () => {
+                const activeElement = document.activeElement;
+                if (activeElement) {
+                    sessionStorage.setItem("lastFocusedElement", "#" + activeElement.id);
+                }
+            });
+        }
+        // We only want to do this action once, so we clear out the session
+        sessionStorage.removeItem("lastFocusedElement");
+    }
 }
\ No newline at end of file
diff --git a/src/registrar/templates/domain_request_current_sites.html b/src/registrar/templates/domain_request_current_sites.html
index 769906309..55c864d25 100644
--- a/src/registrar/templates/domain_request_current_sites.html
+++ b/src/registrar/templates/domain_request_current_sites.html
@@ -20,7 +20,7 @@
   {% endwith %} 
   {% endfor %}
 
-  <button type="submit" name="submit_button" value="save" class="usa-button usa-button--with-icon usa-button--unstyled">
+  <button id="add-another-site-button" type="submit" name="submit_button" value="save" class="usa-button usa-button--with-icon usa-button--unstyled">
     <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
       <use xlink:href="{%static 'img/sprite.svg'%}#add_circle"></use>
     </svg><span class="margin-left-05">Add another site</span>

From b170a47f465ae5b1d17b8ee8ab3f079c2ef7ad17 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 17:15:59 -0500
Subject: [PATCH 51/81] updating tests

---
 src/registrar/tests/test_admin_domain.py      |   2 +-
 src/registrar/tests/test_api.py               |   6 +-
 .../tests/test_management_scripts.py          | 643 +++++++++---------
 src/registrar/tests/test_models.py            |   2 +-
 src/registrar/tests/test_url_auth.py          |   3 +
 src/registrar/tests/test_views_domain.py      | 244 +++----
 src/registrar/views/domain.py                 |   6 +-
 src/registrar/views/utility/api_views.py      |  19 +-
 8 files changed, 469 insertions(+), 456 deletions(-)

diff --git a/src/registrar/tests/test_admin_domain.py b/src/registrar/tests/test_admin_domain.py
index 867bf1b82..f6807294c 100644
--- a/src/registrar/tests/test_admin_domain.py
+++ b/src/registrar/tests/test_admin_domain.py
@@ -223,7 +223,7 @@ class TestDomainAdminAsStaff(MockEppLib):
 
         self.assertEqual(domain.state, Domain.State.DELETED)
 
-    # @less_console_noise_decorator
+    @less_console_noise_decorator
     def test_deletion_is_unsuccessful(self):
         """
         Scenario: Domain deletion is unsuccessful
diff --git a/src/registrar/tests/test_api.py b/src/registrar/tests/test_api.py
index f0d5dbcec..ea4ee69cc 100644
--- a/src/registrar/tests/test_api.py
+++ b/src/registrar/tests/test_api.py
@@ -62,7 +62,7 @@ class GetSeniorOfficialJsonTest(TestCase):
         p = "password"
         self.client.login(username="testuser", password=p)
         response = self.client.get(self.api_url, {"agency_name": "Test Agency"})
-        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.status_code, 403)
 
     @less_console_noise_decorator
     def test_get_senior_official_json_not_found(self):
@@ -138,7 +138,7 @@ class GetPortfolioJsonTest(TestCase):
         """Test that an unauthenticated user receives a 403 with an error message."""
         self.client.force_login(self.user)
         response = self.client.get(self.api_url, {"id": self.portfolio.id})
-        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.status_code, 403)
 
     @less_console_noise_decorator
     def test_get_portfolio_json_not_found(self):
@@ -181,7 +181,7 @@ class GetFederalPortfolioTypeJsonTest(TestCase):
         p = "password"
         self.client.login(username="testuser", password=p)
         response = self.client.get(self.api_url, {"agency_name": "Test Agency", "organization_type": "federal"})
-        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.status_code, 403)
 
 
 class GetActionNeededEmailForUserJsonTest(TestCase):
diff --git a/src/registrar/tests/test_management_scripts.py b/src/registrar/tests/test_management_scripts.py
index fd53c21f8..668eeff0e 100644
--- a/src/registrar/tests/test_management_scripts.py
+++ b/src/registrar/tests/test_management_scripts.py
@@ -453,6 +453,7 @@ class TestPopulateFirstReady(TestCase):
         # Delete domains
         Domain.objects.all().delete()
 
+    @less_console_noise_decorator
     def run_populate_first_ready(self):
         """
         This method executes the populate_first_ready command.
@@ -460,103 +461,102 @@ class TestPopulateFirstReady(TestCase):
         The 'call_command' function from Django's management framework is then used to
         execute the populate_first_ready command with the specified arguments.
         """
-        with less_console_noise():
-            with patch(
-                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
-                return_value=True,
-            ):
-                call_command("populate_first_ready")
+        with patch(
+            "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
+            return_value=True,
+        ):
+            call_command("populate_first_ready")
 
+    @less_console_noise_decorator
     def test_populate_first_ready_state_ready(self):
         """
         Tests that the populate_first_ready works as expected for the state 'ready'
         """
-        with less_console_noise():
-            # Set the created at date
-            self.ready_domain.created_at = self.ready_at_date_tz_aware
-            self.ready_domain.save()
-            desired_domain = copy.deepcopy(self.ready_domain)
-            desired_domain.first_ready = self.ready_at_date
-            # Run the expiration date script
-            self.run_populate_first_ready()
-            self.assertEqual(desired_domain, self.ready_domain)
-            # Explicitly test the first_ready date
-            first_ready = Domain.objects.filter(name="fakeready.gov").get().first_ready
-            self.assertEqual(first_ready, self.ready_at_date)
+        # Set the created at date
+        self.ready_domain.created_at = self.ready_at_date_tz_aware
+        self.ready_domain.save()
+        desired_domain = copy.deepcopy(self.ready_domain)
+        desired_domain.first_ready = self.ready_at_date
+        # Run the expiration date script
+        self.run_populate_first_ready()
+        self.assertEqual(desired_domain, self.ready_domain)
+        # Explicitly test the first_ready date
+        first_ready = Domain.objects.filter(name="fakeready.gov").get().first_ready
+        self.assertEqual(first_ready, self.ready_at_date)
 
+    @less_console_noise_decorator
     def test_populate_first_ready_state_deleted(self):
         """
         Tests that the populate_first_ready works as expected for the state 'deleted'
         """
-        with less_console_noise():
-            # Set the created at date
-            self.deleted_domain.created_at = self.ready_at_date_tz_aware
-            self.deleted_domain.save()
-            desired_domain = copy.deepcopy(self.deleted_domain)
-            desired_domain.first_ready = self.ready_at_date
-            # Run the expiration date script
-            self.run_populate_first_ready()
-            self.assertEqual(desired_domain, self.deleted_domain)
-            # Explicitly test the first_ready date
-            first_ready = Domain.objects.filter(name="fakedeleted.gov").get().first_ready
-            self.assertEqual(first_ready, self.ready_at_date)
+        # Set the created at date
+        self.deleted_domain.created_at = self.ready_at_date_tz_aware
+        self.deleted_domain.save()
+        desired_domain = copy.deepcopy(self.deleted_domain)
+        desired_domain.first_ready = self.ready_at_date
+        # Run the expiration date script
+        self.run_populate_first_ready()
+        self.assertEqual(desired_domain, self.deleted_domain)
+        # Explicitly test the first_ready date
+        first_ready = Domain.objects.filter(name="fakedeleted.gov").get().first_ready
+        self.assertEqual(first_ready, self.ready_at_date)
 
+    @less_console_noise_decorator
     def test_populate_first_ready_state_dns_needed(self):
         """
         Tests that the populate_first_ready doesn't make changes when a domain's state  is 'dns_needed'
         """
-        with less_console_noise():
-            # Set the created at date
-            self.dns_needed_domain.created_at = self.ready_at_date_tz_aware
-            self.dns_needed_domain.save()
-            desired_domain = copy.deepcopy(self.dns_needed_domain)
-            desired_domain.first_ready = None
-            # Run the expiration date script
-            self.run_populate_first_ready()
-            current_domain = self.dns_needed_domain
-            # The object should largely be unaltered (does not test first_ready)
-            self.assertEqual(desired_domain, current_domain)
-            first_ready = Domain.objects.filter(name="fakedns.gov").get().first_ready
-            # Explicitly test the first_ready date
-            self.assertNotEqual(first_ready, self.ready_at_date)
-            self.assertEqual(first_ready, None)
+        # Set the created at date
+        self.dns_needed_domain.created_at = self.ready_at_date_tz_aware
+        self.dns_needed_domain.save()
+        desired_domain = copy.deepcopy(self.dns_needed_domain)
+        desired_domain.first_ready = None
+        # Run the expiration date script
+        self.run_populate_first_ready()
+        current_domain = self.dns_needed_domain
+        # The object should largely be unaltered (does not test first_ready)
+        self.assertEqual(desired_domain, current_domain)
+        first_ready = Domain.objects.filter(name="fakedns.gov").get().first_ready
+        # Explicitly test the first_ready date
+        self.assertNotEqual(first_ready, self.ready_at_date)
+        self.assertEqual(first_ready, None)
 
+    @less_console_noise_decorator
     def test_populate_first_ready_state_on_hold(self):
         """
         Tests that the populate_first_ready works as expected for the state 'on_hold'
         """
-        with less_console_noise():
-            self.hold_domain.created_at = self.ready_at_date_tz_aware
-            self.hold_domain.save()
-            desired_domain = copy.deepcopy(self.hold_domain)
-            desired_domain.first_ready = self.ready_at_date
-            # Run the update first ready_at script
-            self.run_populate_first_ready()
-            current_domain = self.hold_domain
-            self.assertEqual(desired_domain, current_domain)
-            # Explicitly test the first_ready date
-            first_ready = Domain.objects.filter(name="fakehold.gov").get().first_ready
-            self.assertEqual(first_ready, self.ready_at_date)
+        self.hold_domain.created_at = self.ready_at_date_tz_aware
+        self.hold_domain.save()
+        desired_domain = copy.deepcopy(self.hold_domain)
+        desired_domain.first_ready = self.ready_at_date
+        # Run the update first ready_at script
+        self.run_populate_first_ready()
+        current_domain = self.hold_domain
+        self.assertEqual(desired_domain, current_domain)
+        # Explicitly test the first_ready date
+        first_ready = Domain.objects.filter(name="fakehold.gov").get().first_ready
+        self.assertEqual(first_ready, self.ready_at_date)
 
+    @less_console_noise_decorator
     def test_populate_first_ready_state_unknown(self):
         """
         Tests that the populate_first_ready works as expected for the state 'unknown'
         """
-        with less_console_noise():
-            # Set the created at date
-            self.unknown_domain.created_at = self.ready_at_date_tz_aware
-            self.unknown_domain.save()
-            desired_domain = copy.deepcopy(self.unknown_domain)
-            desired_domain.first_ready = None
-            # Run the expiration date script
-            self.run_populate_first_ready()
-            current_domain = self.unknown_domain
-            # The object should largely be unaltered (does not test first_ready)
-            self.assertEqual(desired_domain, current_domain)
-            # Explicitly test the first_ready date
-            first_ready = Domain.objects.filter(name="fakeunknown.gov").get().first_ready
-            self.assertNotEqual(first_ready, self.ready_at_date)
-            self.assertEqual(first_ready, None)
+        # Set the created at date
+        self.unknown_domain.created_at = self.ready_at_date_tz_aware
+        self.unknown_domain.save()
+        desired_domain = copy.deepcopy(self.unknown_domain)
+        desired_domain.first_ready = None
+        # Run the expiration date script
+        self.run_populate_first_ready()
+        current_domain = self.unknown_domain
+        # The object should largely be unaltered (does not test first_ready)
+        self.assertEqual(desired_domain, current_domain)
+        # Explicitly test the first_ready date
+        first_ready = Domain.objects.filter(name="fakeunknown.gov").get().first_ready
+        self.assertNotEqual(first_ready, self.ready_at_date)
+        self.assertEqual(first_ready, None)
 
 
 class TestPatchAgencyInfo(TestCase):
@@ -577,10 +577,10 @@ class TestPatchAgencyInfo(TestCase):
         TransitionDomain.objects.all().delete()
 
     @patch("registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit", return_value=True)
+    @less_console_noise_decorator
     def call_patch_federal_agency_info(self, mock_prompt):
         """Calls the patch_federal_agency_info command and mimics a keypress"""
-        with less_console_noise():
-            call_command("patch_federal_agency_info", "registrar/tests/data/fake_current_full.csv", debug=True)
+        call_command("patch_federal_agency_info", "registrar/tests/data/fake_current_full.csv", debug=True)
 
 
 class TestExtendExpirationDates(MockEppLib):
@@ -636,6 +636,7 @@ class TestExtendExpirationDates(MockEppLib):
         User.objects.all().delete()
         UserDomainRole.objects.all().delete()
 
+    @less_console_noise_decorator
     def run_extend_expiration_dates(self):
         """
         This method executes the extend_expiration_dates command.
@@ -643,83 +644,83 @@ class TestExtendExpirationDates(MockEppLib):
         The 'call_command' function from Django's management framework is then used to
         execute the extend_expiration_dates command with the specified arguments.
         """
-        with less_console_noise():
-            with patch(
-                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
-                return_value=True,
-            ):
-                call_command("extend_expiration_dates")
+        with patch(
+            "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
+            return_value=True,
+        ):
+            call_command("extend_expiration_dates")
 
+    @less_console_noise_decorator
     def test_extends_expiration_date_correctly(self):
         """
         Tests that the extend_expiration_dates method extends dates as expected
         """
-        with less_console_noise():
-            desired_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
-            desired_domain.expiration_date = date(2024, 11, 15)
-            # Run the expiration date script
-            self.run_extend_expiration_dates()
-            current_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
-            self.assertEqual(desired_domain, current_domain)
-            # Explicitly test the expiration date
-            self.assertEqual(current_domain.expiration_date, date(2024, 11, 15))
+        desired_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
+        desired_domain.expiration_date = date(2024, 11, 15)
+        # Run the expiration date script
+        self.run_extend_expiration_dates()
+        current_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
+        self.assertEqual(desired_domain, current_domain)
+        # Explicitly test the expiration date
+        self.assertEqual(current_domain.expiration_date, date(2024, 11, 15))
 
+    @less_console_noise_decorator
     def test_extends_expiration_date_skips_non_current(self):
         """
         Tests that the extend_expiration_dates method correctly skips domains
         with an expiration date less than a certain threshold.
         """
-        with less_console_noise():
-            desired_domain = Domain.objects.filter(name="fake.gov").get()
-            desired_domain.expiration_date = date(2022, 5, 25)
-            # Run the expiration date script
-            self.run_extend_expiration_dates()
-            current_domain = Domain.objects.filter(name="fake.gov").get()
-            self.assertEqual(desired_domain, current_domain)
-            # Explicitly test the expiration date. The extend_expiration_dates script
-            # will skip all dates less than date(2023, 11, 15), meaning that this domain
-            # should not be affected by the change.
-            self.assertEqual(current_domain.expiration_date, date(2022, 5, 25))
+        desired_domain = Domain.objects.filter(name="fake.gov").get()
+        desired_domain.expiration_date = date(2022, 5, 25)
+        # Run the expiration date script
+        self.run_extend_expiration_dates()
+        current_domain = Domain.objects.filter(name="fake.gov").get()
+        self.assertEqual(desired_domain, current_domain)
+        # Explicitly test the expiration date. The extend_expiration_dates script
+        # will skip all dates less than date(2023, 11, 15), meaning that this domain
+        # should not be affected by the change.
+        self.assertEqual(current_domain.expiration_date, date(2022, 5, 25))
 
+    @less_console_noise_decorator
     def test_extends_expiration_date_skips_maximum_date(self):
         """
         Tests that the extend_expiration_dates method correctly skips domains
         with an expiration date more than a certain threshold.
         """
-        with less_console_noise():
-            desired_domain = Domain.objects.filter(name="fakemaximum.gov").get()
-            desired_domain.expiration_date = date(2024, 12, 31)
+        desired_domain = Domain.objects.filter(name="fakemaximum.gov").get()
+        desired_domain.expiration_date = date(2024, 12, 31)
 
-            # Run the expiration date script
-            self.run_extend_expiration_dates()
+        # Run the expiration date script
+        self.run_extend_expiration_dates()
 
-            current_domain = Domain.objects.filter(name="fakemaximum.gov").get()
-            self.assertEqual(desired_domain, current_domain)
+        current_domain = Domain.objects.filter(name="fakemaximum.gov").get()
+        self.assertEqual(desired_domain, current_domain)
 
-            # Explicitly test the expiration date. The extend_expiration_dates script
-            # will skip all dates less than date(2023, 11, 15), meaning that this domain
-            # should not be affected by the change.
-            self.assertEqual(current_domain.expiration_date, date(2024, 12, 31))
+        # Explicitly test the expiration date. The extend_expiration_dates script
+        # will skip all dates less than date(2023, 11, 15), meaning that this domain
+        # should not be affected by the change.
+        self.assertEqual(current_domain.expiration_date, date(2024, 12, 31))
 
+    @less_console_noise_decorator
     def test_extends_expiration_date_skips_non_ready(self):
         """
         Tests that the extend_expiration_dates method correctly skips domains not in the state "ready"
         """
-        with less_console_noise():
-            desired_domain = Domain.objects.filter(name="fakeneeded.gov").get()
-            desired_domain.expiration_date = date(2023, 11, 15)
+        desired_domain = Domain.objects.filter(name="fakeneeded.gov").get()
+        desired_domain.expiration_date = date(2023, 11, 15)
 
-            # Run the expiration date script
-            self.run_extend_expiration_dates()
+        # Run the expiration date script
+        self.run_extend_expiration_dates()
 
-            current_domain = Domain.objects.filter(name="fakeneeded.gov").get()
-            self.assertEqual(desired_domain, current_domain)
+        current_domain = Domain.objects.filter(name="fakeneeded.gov").get()
+        self.assertEqual(desired_domain, current_domain)
 
-            # Explicitly test the expiration date. The extend_expiration_dates script
-            # will skip all dates less than date(2023, 11, 15), meaning that this domain
-            # should not be affected by the change.
-            self.assertEqual(current_domain.expiration_date, date(2023, 11, 15))
+        # Explicitly test the expiration date. The extend_expiration_dates script
+        # will skip all dates less than date(2023, 11, 15), meaning that this domain
+        # should not be affected by the change.
+        self.assertEqual(current_domain.expiration_date, date(2023, 11, 15))
 
+    @less_console_noise_decorator
     def test_extends_expiration_date_idempotent(self):
         """
         Tests the idempotency of the extend_expiration_dates command.
@@ -727,21 +728,20 @@ class TestExtendExpirationDates(MockEppLib):
         Verifies that running the method multiple times does not change the expiration date
         of a domain beyond the initial extension.
         """
-        with less_console_noise():
-            desired_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
-            desired_domain.expiration_date = date(2024, 11, 15)
-            # Run the expiration date script
-            self.run_extend_expiration_dates()
-            current_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
-            self.assertEqual(desired_domain, current_domain)
-            # Explicitly test the expiration date
-            self.assertEqual(desired_domain.expiration_date, date(2024, 11, 15))
-            # Run the expiration date script again
-            self.run_extend_expiration_dates()
-            # The old domain shouldn't have changed
-            self.assertEqual(desired_domain, current_domain)
-            # Explicitly test the expiration date - should be the same
-            self.assertEqual(desired_domain.expiration_date, date(2024, 11, 15))
+        desired_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
+        desired_domain.expiration_date = date(2024, 11, 15)
+        # Run the expiration date script
+        self.run_extend_expiration_dates()
+        current_domain = Domain.objects.filter(name="waterbutpurple.gov").get()
+        self.assertEqual(desired_domain, current_domain)
+        # Explicitly test the expiration date
+        self.assertEqual(desired_domain.expiration_date, date(2024, 11, 15))
+        # Run the expiration date script again
+        self.run_extend_expiration_dates()
+        # The old domain shouldn't have changed
+        self.assertEqual(desired_domain, current_domain)
+        # Explicitly test the expiration date - should be the same
+        self.assertEqual(desired_domain.expiration_date, date(2024, 11, 15))
 
 
 class TestDiscloseEmails(MockEppLib):
@@ -753,6 +753,7 @@ class TestDiscloseEmails(MockEppLib):
         PublicContact.objects.all().delete()
         Domain.objects.all().delete()
 
+    @less_console_noise_decorator
     def run_disclose_security_emails(self):
         """
         This method executes the disclose_security_emails command.
@@ -760,44 +761,43 @@ class TestDiscloseEmails(MockEppLib):
         The 'call_command' function from Django's management framework is then used to
         execute the disclose_security_emails command.
         """
-        with less_console_noise():
-            with patch(
-                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
-                return_value=True,
-            ):
-                call_command("disclose_security_emails")
+        with patch(
+            "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
+            return_value=True,
+        ):
+            call_command("disclose_security_emails")
 
+    @less_console_noise_decorator
     def test_disclose_security_emails(self):
         """
         Tests that command disclose_security_emails runs successfully with
         appropriate EPP calll to UpdateContact.
         """
-        with less_console_noise():
-            domain, _ = Domain.objects.get_or_create(name="testdisclose.gov", state=Domain.State.READY)
-            expectedSecContact = PublicContact.get_default_security()
-            expectedSecContact.domain = domain
-            expectedSecContact.email = "123@mail.gov"
-            # set domain security email to 123@mail.gov instead of default email
-            domain.security_contact = expectedSecContact
-            self.run_disclose_security_emails()
+        domain, _ = Domain.objects.get_or_create(name="testdisclose.gov", state=Domain.State.READY)
+        expectedSecContact = PublicContact.get_default_security()
+        expectedSecContact.domain = domain
+        expectedSecContact.email = "123@mail.gov"
+        # set domain security email to 123@mail.gov instead of default email
+        domain.security_contact = expectedSecContact
+        self.run_disclose_security_emails()
 
-            # running disclose_security_emails sends EPP call UpdateContact with disclose
-            self.mockedSendFunction.assert_has_calls(
-                [
-                    call(
-                        commands.UpdateContact(
-                            id=domain.security_contact.registry_id,
-                            postal_info=domain._make_epp_contact_postal_info(contact=domain.security_contact),
-                            email=domain.security_contact.email,
-                            voice=domain.security_contact.voice,
-                            fax=domain.security_contact.fax,
-                            auth_info=common.ContactAuthInfo(pw="2fooBAR123fooBaz"),
-                            disclose=domain._disclose_fields(contact=domain.security_contact),
-                        ),
-                        cleaned=True,
-                    )
-                ]
-            )
+        # running disclose_security_emails sends EPP call UpdateContact with disclose
+        self.mockedSendFunction.assert_has_calls(
+            [
+                call(
+                    commands.UpdateContact(
+                        id=domain.security_contact.registry_id,
+                        postal_info=domain._make_epp_contact_postal_info(contact=domain.security_contact),
+                        email=domain.security_contact.email,
+                        voice=domain.security_contact.voice,
+                        fax=domain.security_contact.fax,
+                        auth_info=common.ContactAuthInfo(pw="2fooBAR123fooBaz"),
+                        disclose=domain._disclose_fields(contact=domain.security_contact),
+                    ),
+                    cleaned=True,
+                )
+            ]
+        )
 
 
 class TestCleanTables(TestCase):
@@ -812,17 +812,18 @@ class TestCleanTables(TestCase):
         self.logger_patcher.stop()
 
     @override_settings(IS_PRODUCTION=True)
+    @less_console_noise_decorator
     def test_command_logs_error_in_production(self):
         """Test that the handle method does not process in production"""
-        with less_console_noise():
-            with patch(
-                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
-                return_value=True,
-            ):
-                call_command("clean_tables")
-                self.logger_mock.error.assert_called_with("clean_tables cannot be run in production")
+        with patch(
+            "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
+            return_value=True,
+        ):
+            call_command("clean_tables")
+            self.logger_mock.error.assert_called_with("clean_tables cannot be run in production")
 
     @override_settings(IS_PRODUCTION=False)
+    @less_console_noise_decorator
     def test_command_cleans_tables(self):
         """test that the handle method functions properly to clean tables"""
 
@@ -890,61 +891,61 @@ class TestCleanTables(TestCase):
                     raise
 
     @override_settings(IS_PRODUCTION=False)
+    @less_console_noise_decorator
     def test_command_handles_nonexistent_model(self):
         """Test that exceptions for non existent models are handled properly within the handle method"""
-        with less_console_noise():
-            with patch("django.apps.apps.get_model", side_effect=LookupError):
-                with patch(
-                    "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
-                    return_value=True,
-                ):
-                    call_command("clean_tables")
-                    # Assert that the error message was logged for any of the table names
-                    self.logger_mock.error.assert_any_call("Model for table DomainInformation not found.")
-                    self.logger_mock.error.assert_any_call("Model for table DomainRequest not found.")
-                    self.logger_mock.error.assert_any_call("Model for table PublicContact not found.")
-                    self.logger_mock.error.assert_any_call("Model for table Domain not found.")
-                    self.logger_mock.error.assert_any_call("Model for table User not found.")
-                    self.logger_mock.error.assert_any_call("Model for table Contact not found.")
-                    self.logger_mock.error.assert_any_call("Model for table Website not found.")
-                    self.logger_mock.error.assert_any_call("Model for table DraftDomain not found.")
-                    self.logger_mock.error.assert_any_call("Model for table HostIp not found.")
-                    self.logger_mock.error.assert_any_call("Model for table Host not found.")
+        with patch("django.apps.apps.get_model", side_effect=LookupError):
+            with patch(
+                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
+                return_value=True,
+            ):
+                call_command("clean_tables")
+                # Assert that the error message was logged for any of the table names
+                self.logger_mock.error.assert_any_call("Model for table DomainInformation not found.")
+                self.logger_mock.error.assert_any_call("Model for table DomainRequest not found.")
+                self.logger_mock.error.assert_any_call("Model for table PublicContact not found.")
+                self.logger_mock.error.assert_any_call("Model for table Domain not found.")
+                self.logger_mock.error.assert_any_call("Model for table User not found.")
+                self.logger_mock.error.assert_any_call("Model for table Contact not found.")
+                self.logger_mock.error.assert_any_call("Model for table Website not found.")
+                self.logger_mock.error.assert_any_call("Model for table DraftDomain not found.")
+                self.logger_mock.error.assert_any_call("Model for table HostIp not found.")
+                self.logger_mock.error.assert_any_call("Model for table Host not found.")
 
     @override_settings(IS_PRODUCTION=False)
+    @less_console_noise_decorator
     def test_command_logs_other_exceptions(self):
         """Test that generic exceptions are handled properly in the handle method"""
-        with less_console_noise():
-            with patch("django.apps.apps.get_model") as get_model_mock:
-                model_mock = MagicMock()
-                get_model_mock.return_value = model_mock
+        with patch("django.apps.apps.get_model") as get_model_mock:
+            model_mock = MagicMock()
+            get_model_mock.return_value = model_mock
 
-                # Mock the values_list so that DomainInformation attempts a delete
-                pk_batches = [[1, 2, 3, 4, 5, 6], []]
+            # Mock the values_list so that DomainInformation attempts a delete
+            pk_batches = [[1, 2, 3, 4, 5, 6], []]
 
-                def values_list_side_effect(*args, **kwargs):
-                    if args == ("pk",) and kwargs.get("flat", False):
-                        return pk_batches.pop(0)
-                    return []
+            def values_list_side_effect(*args, **kwargs):
+                if args == ("pk",) and kwargs.get("flat", False):
+                    return pk_batches.pop(0)
+                return []
 
-                model_mock.objects.values_list.side_effect = values_list_side_effect
+            model_mock.objects.values_list.side_effect = values_list_side_effect
 
-                # Mock delete to raise a generic exception
-                model_mock.objects.filter.return_value.delete.side_effect = Exception("Mocked delete exception")
+            # Mock delete to raise a generic exception
+            model_mock.objects.filter.return_value.delete.side_effect = Exception("Mocked delete exception")
 
-                with patch(
-                    "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",
-                    return_value=True,
-                ):
-                    with self.assertRaises(Exception) as context:
-                        # Execute the command
-                        call_command("clean_tables")
+            with patch(
+                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",
+                return_value=True,
+            ):
+                with self.assertRaises(Exception) as context:
+                    # Execute the command
+                    call_command("clean_tables")
 
-                        # Check the exception message
-                        self.assertEqual(str(context.exception), "Custom delete error")
+                    # Check the exception message
+                    self.assertEqual(str(context.exception), "Custom delete error")
 
-                        # Assert that delete was called
-                        model_mock.objects.filter.return_value.delete.assert_called()
+                    # Assert that delete was called
+                    model_mock.objects.filter.return_value.delete.assert_called()
 
 
 class TestExportTables(MockEppLib):
@@ -1029,34 +1030,34 @@ class TestExportTables(MockEppLib):
             self.logger_mock.info.assert_any_call(f"Removed {table_name}_1.csv")
 
     @patch("registrar.management.commands.export_tables.getattr")
+    @less_console_noise_decorator
     def test_export_table_handles_missing_resource_class(self, mock_getattr):
         """Test that missing resource classes are handled properly in the handle method"""
-        with less_console_noise():
-            mock_getattr.side_effect = AttributeError
+        mock_getattr.side_effect = AttributeError
 
-            # Import the command to avoid any locale or gettext issues
-            command_class = import_string("registrar.management.commands.export_tables.Command")
-            command_instance = command_class()
-            command_instance.export_table("NonExistentTable")
+        # Import the command to avoid any locale or gettext issues
+        command_class = import_string("registrar.management.commands.export_tables.Command")
+        command_instance = command_class()
+        command_instance.export_table("NonExistentTable")
 
-            self.logger_mock.error.assert_called_with(
-                "Resource class NonExistentTableResource not found in registrar.admin"
-            )
+        self.logger_mock.error.assert_called_with(
+            "Resource class NonExistentTableResource not found in registrar.admin"
+        )
 
     @patch("registrar.management.commands.export_tables.getattr")
+    @less_console_noise_decorator
     def test_export_table_handles_generic_exception(self, mock_getattr):
         """Test that general exceptions in the handle method are handled correctly"""
-        with less_console_noise():
-            mock_resource_class = MagicMock()
-            mock_resource_class().export.side_effect = Exception("Test Exception")
-            mock_getattr.return_value = mock_resource_class
+        mock_resource_class = MagicMock()
+        mock_resource_class().export.side_effect = Exception("Test Exception")
+        mock_getattr.return_value = mock_resource_class
 
-            # Import the command to avoid any locale or gettext issues
-            command_class = import_string("registrar.management.commands.export_tables.Command")
-            command_instance = command_class()
-            command_instance.export_table("TestTable")
+        # Import the command to avoid any locale or gettext issues
+        command_class = import_string("registrar.management.commands.export_tables.Command")
+        command_instance = command_class()
+        command_instance.export_table("TestTable")
 
-            self.logger_mock.error.assert_called_with("Failed to export TestTable: Test Exception")
+        self.logger_mock.error.assert_called_with("Failed to export TestTable: Test Exception")
 
 
 class TestImportTables(TestCase):
@@ -1072,6 +1073,7 @@ class TestImportTables(TestCase):
     @patch("registrar.management.commands.import_tables.getattr")
     @patch("django.apps.apps.get_model")
     @patch("os.listdir")
+    @less_console_noise_decorator
     def test_handle(
         self,
         mock_listdir,
@@ -1086,105 +1088,104 @@ class TestImportTables(TestCase):
         mock_makedirs,
     ):
         """Test that the handle method properly imports tables"""
-        with less_console_noise():
-            # Mock os.makedirs to do nothing
-            mock_makedirs.return_value = None
+        # Mock os.makedirs to do nothing
+        mock_makedirs.return_value = None
 
-            # Mock os.path.exists to always return True
-            mock_path_exists.return_value = True
+        # Mock os.path.exists to always return True
+        mock_path_exists.return_value = True
 
-            # Mock the zipfile to have extractall return None
-            mock_zipfile_instance = mock_zipfile.return_value.__enter__.return_value
-            mock_zipfile_instance.extractall.return_value = None
+        # Mock the zipfile to have extractall return None
+        mock_zipfile_instance = mock_zipfile.return_value.__enter__.return_value
+        mock_zipfile_instance.extractall.return_value = None
 
-            # Check that the import_table function was called for each table
-            table_names = [
-                "User",
-                "Contact",
-                "Domain",
-                "DomainRequest",
-                "DomainInformation",
-                "UserDomainRole",
-                "DraftDomain",
-                "Website",
-                "HostIp",
-                "Host",
-                "PublicContact",
-            ]
+        # Check that the import_table function was called for each table
+        table_names = [
+            "User",
+            "Contact",
+            "Domain",
+            "DomainRequest",
+            "DomainInformation",
+            "UserDomainRole",
+            "DraftDomain",
+            "Website",
+            "HostIp",
+            "Host",
+            "PublicContact",
+        ]
 
-            # Mock directory listing
-            mock_listdir.side_effect = lambda path: [f"{table}_1.csv" for table in table_names]
+        # Mock directory listing
+        mock_listdir.side_effect = lambda path: [f"{table}_1.csv" for table in table_names]
 
-            # Mock the CSV file content
-            csv_content = b"mock_csv_data"
+        # Mock the CSV file content
+        csv_content = b"mock_csv_data"
 
-            # Mock the open function to return a mock file
-            mock_open.return_value.__enter__.return_value.read.return_value = csv_content
+        # Mock the open function to return a mock file
+        mock_open.return_value.__enter__.return_value.read.return_value = csv_content
 
-            # Mock the Dataset class and its load method to return a dataset
-            mock_dataset_instance = MagicMock(spec=tablib.Dataset)
-            with patch(
-                "registrar.management.commands.import_tables.tablib.Dataset.load", return_value=mock_dataset_instance
-            ):
-                # Mock the resource class and its import method
-                mock_resource_class = MagicMock()
-                mock_resource_instance = MagicMock()
-                mock_result = MagicMock()
-                mock_result.has_errors.return_value = False
-                mock_resource_instance.import_data.return_value = mock_result
-                mock_resource_class.return_value = mock_resource_instance
-                mock_getattr.return_value = mock_resource_class
+        # Mock the Dataset class and its load method to return a dataset
+        mock_dataset_instance = MagicMock(spec=tablib.Dataset)
+        with patch(
+            "registrar.management.commands.import_tables.tablib.Dataset.load", return_value=mock_dataset_instance
+        ):
+            # Mock the resource class and its import method
+            mock_resource_class = MagicMock()
+            mock_resource_instance = MagicMock()
+            mock_result = MagicMock()
+            mock_result.has_errors.return_value = False
+            mock_resource_instance.import_data.return_value = mock_result
+            mock_resource_class.return_value = mock_resource_instance
+            mock_getattr.return_value = mock_resource_class
 
-                # Call the command
-                call_command("import_tables")
+            # Call the command
+            call_command("import_tables")
 
-                # Check that os.makedirs was called once to create the tmp directory
-                mock_makedirs.assert_called_once_with("tmp", exist_ok=True)
+            # Check that os.makedirs was called once to create the tmp directory
+            mock_makedirs.assert_called_once_with("tmp", exist_ok=True)
 
-                # Check that os.path.exists was called once for the zip file
-                mock_path_exists.assert_any_call("tmp/exported_tables.zip")
+            # Check that os.path.exists was called once for the zip file
+            mock_path_exists.assert_any_call("tmp/exported_tables.zip")
 
-                # Check that pyzipper.AESZipFile was called once to open the zip file
-                mock_zipfile.assert_called_once_with("tmp/exported_tables.zip", "r")
+            # Check that pyzipper.AESZipFile was called once to open the zip file
+            mock_zipfile.assert_called_once_with("tmp/exported_tables.zip", "r")
 
-                # Check that extractall was called once to extract the zip file contents
-                mock_zipfile_instance.extractall.assert_called_once_with("tmp")
+            # Check that extractall was called once to extract the zip file contents
+            mock_zipfile_instance.extractall.assert_called_once_with("tmp")
 
-                # Check that os.path.exists was called for each table
-                for table_name in table_names:
-                    mock_path_exists.assert_any_call(f"{table_name}_1.csv")
+            # Check that os.path.exists was called for each table
+            for table_name in table_names:
+                mock_path_exists.assert_any_call(f"{table_name}_1.csv")
 
-                # Check that logger.info was called for each successful import
-                for table_name in table_names:
-                    mock_logger.info.assert_any_call(f"Successfully imported {table_name}_1.csv into {table_name}")
+            # Check that logger.info was called for each successful import
+            for table_name in table_names:
+                mock_logger.info.assert_any_call(f"Successfully imported {table_name}_1.csv into {table_name}")
 
-                # Check that logger.error was not called for resource class not found
-                mock_logger.error.assert_not_called()
+            # Check that logger.error was not called for resource class not found
+            mock_logger.error.assert_not_called()
 
-                # Check that os.remove was called for each CSV file
-                for table_name in table_names:
-                    mock_remove.assert_any_call(f"{table_name}_1.csv")
+            # Check that os.remove was called for each CSV file
+            for table_name in table_names:
+                mock_remove.assert_any_call(f"{table_name}_1.csv")
 
-                # Check that logger.info was called for each CSV file removal
-                for table_name in table_names:
-                    mock_logger.info.assert_any_call(f"Removed temporary file {table_name}_1.csv")
+            # Check that logger.info was called for each CSV file removal
+            for table_name in table_names:
+                mock_logger.info.assert_any_call(f"Removed temporary file {table_name}_1.csv")
 
     @patch("registrar.management.commands.import_tables.logger")
     @patch("registrar.management.commands.import_tables.os.makedirs")
     @patch("registrar.management.commands.import_tables.os.path.exists")
+    @less_console_noise_decorator
     def test_handle_zip_file_not_found(self, mock_path_exists, mock_makedirs, mock_logger):
         """Test the handle method when the zip file doesn't exist"""
-        with less_console_noise():
-            # Mock os.makedirs to do nothing
-            mock_makedirs.return_value = None
+        # Mock os.makedirs to do nothing
+        mock_makedirs.return_value = None
 
-            # Mock os.path.exists to return False
-            mock_path_exists.return_value = False
+        # Mock os.path.exists to return False
+        mock_path_exists.return_value = False
 
-            call_command("import_tables")
+        call_command("import_tables")
 
-            # Check that logger.error was called with the correct message
-            mock_logger.error.assert_called_once_with("Zip file tmp/exported_tables.zip does not exist.")
+        # Check that logger.error was called with the correct message
+        mock_logger.error.assert_called_once_with("Zip file tmp/exported_tables.zip does not exist.")
 
 
 class TestTransferFederalAgencyType(TestCase):
@@ -1254,6 +1255,7 @@ class TestTransferFederalAgencyType(TestCase):
             id__in=[self.amtrak.id, self.legislative_branch.id, self.library_of_congress.id, self.gov_admin.id]
         ).delete()
 
+    @less_console_noise_decorator
     def run_transfer_federal_agency_type(self):
         """
         This method executes the transfer_federal_agency_type command.
@@ -1261,12 +1263,11 @@ class TestTransferFederalAgencyType(TestCase):
         The 'call_command' function from Django's management framework is then used to
         execute the populate_first_ready command with the specified arguments.
         """
-        with less_console_noise():
-            with patch(
-                "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
-                return_value=True,
-            ):
-                call_command("transfer_federal_agency_type")
+        with patch(
+            "registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no_exit",  # noqa
+            return_value=True,
+        ):
+            call_command("transfer_federal_agency_type")
 
     @less_console_noise_decorator
     def test_transfer_federal_agency_type_script(self):
@@ -1628,6 +1629,7 @@ class TestCreateFederalPortfolio(TestCase):
         # Test the senior official
         self.assertEqual(portfolio.senior_official, self.senior_official)
 
+    @less_console_noise_decorator
     def test_create_multiple_portfolios_for_branch_judicial(self):
         """Tests creating all portfolios under a given branch"""
         federal_choice = DomainRequest.OrganizationChoices.FEDERAL
@@ -1655,6 +1657,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertTrue(all([creator == User.get_default_user() for creator in creators]))
         self.assertTrue(all([note == "Auto-generated record" for note in notes]))
 
+    @less_console_noise_decorator
     def test_create_multiple_portfolios_for_branch_legislative(self):
         """Tests creating all portfolios under a given branch"""
         federal_choice = DomainRequest.OrganizationChoices.FEDERAL
@@ -1682,6 +1685,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertTrue(all([creator == User.get_default_user() for creator in creators]))
         self.assertTrue(all([note == "Auto-generated record" for note in notes]))
 
+    @less_console_noise_decorator
     def test_script_adds_requested_suborganization_information(self):
         """Tests that the script adds the requested suborg fields for domain requests"""
         # Create a new domain request with some errant spacing
@@ -1710,6 +1714,7 @@ class TestCreateFederalPortfolio(TestCase):
             custom_suborg_request.suborganization_state_territory, DomainRequest.StateTerritoryChoices.TEXAS
         )
 
+    @less_console_noise_decorator
     def test_create_multiple_portfolios_for_branch_executive(self):
         """Tests creating all portfolios under a given branch"""
         federal_choice = DomainRequest.OrganizationChoices.FEDERAL
@@ -1772,6 +1777,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertEqual(expected_requests.count(), 2)
         self.assertEqual(expected_domain_infos.count(), 2)
 
+    @less_console_noise_decorator
     def test_handle_portfolio_requests(self):
         """Verify portfolio association with domain requests."""
         self.run_create_federal_portfolio(agency_name="Test Federal Agency", parse_requests=True)
@@ -1781,6 +1787,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertEqual(self.domain_request.portfolio.federal_agency, self.federal_agency)
         self.assertEqual(self.domain_request.sub_organization.name, "Testorg")
 
+    @less_console_noise_decorator
     def test_handle_portfolio_domains(self):
         """Check portfolio association with domain information."""
         self.run_create_federal_portfolio(agency_name="Test Federal Agency", parse_domains=True)
@@ -1790,6 +1797,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertEqual(self.domain_info.portfolio.federal_agency, self.federal_agency)
         self.assertEqual(self.domain_info.sub_organization.name, "Testorg")
 
+    @less_console_noise_decorator
     def test_handle_parse_both(self):
         """Ensure correct parsing of both requests and domains."""
         self.run_create_federal_portfolio(agency_name="Test Federal Agency", parse_requests=True, parse_domains=True)
@@ -1800,6 +1808,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertIsNotNone(self.domain_info.portfolio)
         self.assertEqual(self.domain_request.portfolio, self.domain_info.portfolio)
 
+    @less_console_noise_decorator
     def test_command_error_parse_options(self):
         """Verify error when bad parse options are provided."""
         # The command should enforce either --branch or --agency_name
@@ -1821,6 +1830,7 @@ class TestCreateFederalPortfolio(TestCase):
         ):
             self.run_create_federal_portfolio(agency_name="test")
 
+    @less_console_noise_decorator
     def test_command_error_agency_not_found(self):
         """Check error handling for non-existent agency."""
         expected_message = (
@@ -1830,6 +1840,7 @@ class TestCreateFederalPortfolio(TestCase):
         with self.assertRaisesRegex(CommandError, expected_message):
             self.run_create_federal_portfolio(agency_name="Non-existent Agency", parse_requests=True)
 
+    @less_console_noise_decorator
     def test_does_not_update_existing_portfolio(self):
         """Tests that an existing portfolio is not updated when"""
         # Create an existing portfolio
@@ -1854,6 +1865,7 @@ class TestCreateFederalPortfolio(TestCase):
         self.assertEqual(existing_portfolio.notes, "Old notes")
         self.assertEqual(existing_portfolio.creator, self.user)
 
+    @less_console_noise_decorator
     def test_skip_existing_portfolios(self):
         """Tests the skip_existing_portfolios to ensure that it doesn't add
         suborgs, domain requests, and domain info."""
@@ -2294,6 +2306,7 @@ class TestRemovePortfolios(TestCase):
         Portfolio.objects.all().delete()
         User.objects.all().delete()
 
+    @less_console_noise_decorator
     @patch("registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no")
     def test_delete_unlisted_portfolios(self, mock_query_yes_no):
         """Test that portfolios not on the allowed list are deleted."""
@@ -2311,6 +2324,7 @@ class TestRemovePortfolios(TestCase):
         self.assertFalse(Portfolio.objects.filter(organization_name="Test with suborg").exists())
         self.assertTrue(Portfolio.objects.filter(organization_name="Department of Veterans Affairs").exists())
 
+    @less_console_noise_decorator
     @patch("registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no")
     def test_delete_entries_with_related_objects(self, mock_query_yes_no):
         """Test deletion with related objects being handled properly."""
@@ -2334,6 +2348,7 @@ class TestRemovePortfolios(TestCase):
         # Check that the portfolio was deleted
         self.assertFalse(Portfolio.objects.filter(organization_name="Test with orphaned objects").exists())
 
+    @less_console_noise_decorator
     @patch("registrar.management.commands.utility.terminal_helper.TerminalHelper.query_yes_no")
     def test_delete_entries_with_suborganizations(self, mock_query_yes_no):
         """Test that suborganizations and their related objects are deleted along with the portfolio."""
diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index 4401b73e8..355f2e276 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -2100,7 +2100,7 @@ class TestDomainRequestIncomplete(TestCase):
         self.wizard = DomainRequestWizard()
         self.wizard._domain_request = self.domain_request
         self.wizard.request = Mock(user=self.user, session={})
-        self.wizard.kwargs = {"id": self.domain_request.id}
+        self.wizard.kwargs = {"domain_request_pk": self.domain_request.id}
 
         # We use both of these flags in the test. In the normal app these are generated normally.
         # The alternative syntax is adding the decorator to each test.
diff --git a/src/registrar/tests/test_url_auth.py b/src/registrar/tests/test_url_auth.py
index 1cd2d1384..17b13c233 100644
--- a/src/registrar/tests/test_url_auth.py
+++ b/src/registrar/tests/test_url_auth.py
@@ -18,6 +18,9 @@ from .common import less_console_noise
 # request on the view.
 SAMPLE_KWARGS = {
     "app_label": "registrar",
+    "domain_pk": "1",
+    "domain_request_pk": "1",
+    "domain_invitation_pk": "1",
     "pk": "1",
     "id": "1",
     "content_type_id": "2",
diff --git a/src/registrar/tests/test_views_domain.py b/src/registrar/tests/test_views_domain.py
index b84d284d8..d9aac8178 100644
--- a/src/registrar/tests/test_views_domain.py
+++ b/src/registrar/tests/test_views_domain.py
@@ -175,7 +175,7 @@ class TestDomainPermissions(TestWithDomainPermissions):
             "domain-security-email",
         ]:
             with self.subTest(view_name=view_name):
-                response = self.client.get(reverse(view_name, kwargs={"pk": self.domain.id}))
+                response = self.client.get(reverse(view_name, kwargs={"domain_pk": self.domain.id}))
                 self.assertEqual(response.status_code, 302)
 
     @less_console_noise_decorator
@@ -194,7 +194,7 @@ class TestDomainPermissions(TestWithDomainPermissions):
             "domain-security-email",
         ]:
             with self.subTest(view_name=view_name):
-                response = self.client.get(reverse(view_name, kwargs={"pk": self.domain.id}))
+                response = self.client.get(reverse(view_name, kwargs={"domain_pk": self.domain.id}))
                 self.assertEqual(response.status_code, 403)
 
     @less_console_noise_decorator
@@ -218,7 +218,7 @@ class TestDomainPermissions(TestWithDomainPermissions):
                 self.domain_deleted,
             ]:
                 with self.subTest(view_name=view_name, domain=domain):
-                    response = self.client.get(reverse(view_name, kwargs={"pk": domain.id}))
+                    response = self.client.get(reverse(view_name, kwargs={"domain_pk": domain.id}))
                     self.assertEqual(response.status_code, 403)
 
 
@@ -271,20 +271,20 @@ class TestDomainDetail(TestDomainOverview):
         with less_console_noise():
             self.user.status = User.RESTRICTED
             self.user.save()
-            response = self.client.get(reverse("domain", kwargs={"pk": self.domain.id}))
+            response = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain.id}))
             self.assertEqual(response.status_code, 403)
 
     def test_domain_detail_allowed_for_on_hold(self):
         """Test that the domain overview page displays for on hold domain"""
         with less_console_noise():
             # View domain overview page
-            detail_page = self.client.get(reverse("domain", kwargs={"pk": self.domain_on_hold.id}))
+            detail_page = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain_on_hold.id}))
             self.assertNotContains(detail_page, "Edit")
 
     def test_domain_detail_see_just_nameserver(self):
         with less_console_noise():
             # View nameserver on Domain Overview page
-            detail_page = self.app.get(reverse("domain", kwargs={"pk": self.domain_just_nameserver.id}))
+            detail_page = self.app.get(reverse("domain", kwargs={"domain_pk": self.domain_just_nameserver.id}))
 
             self.assertContains(detail_page, "justnameserver.com")
             self.assertContains(detail_page, "ns1.justnameserver.com")
@@ -293,7 +293,7 @@ class TestDomainDetail(TestDomainOverview):
     def test_domain_detail_see_nameserver_and_ip(self):
         with less_console_noise():
             # View nameserver on Domain Overview page
-            detail_page = self.app.get(reverse("domain", kwargs={"pk": self.domain_with_ip.id}))
+            detail_page = self.app.get(reverse("domain", kwargs={"domain_pk": self.domain_with_ip.id}))
 
             self.assertContains(detail_page, "nameserverwithip.gov")
 
@@ -321,7 +321,7 @@ class TestDomainDetail(TestDomainOverview):
             session["analyst_action_location"] = self.domain_no_information.id
             session.save()
 
-            detail_page = self.client.get(reverse("domain", kwargs={"pk": self.domain_no_information.id}))
+            detail_page = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain_no_information.id}))
 
             self.assertContains(detail_page, "noinformation.gov")
             self.assertContains(detail_page, "Domain missing domain information")
@@ -341,7 +341,7 @@ class TestDomainDetail(TestDomainOverview):
             session["analyst_action_location"] = self.domain.id
             session.save()
 
-            detail_page = self.client.get(reverse("domain", kwargs={"pk": self.domain.id}))
+            detail_page = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain.id}))
 
             self.assertNotContains(
                 detail_page, "If you need to make updates, contact one of the listed domain managers."
@@ -487,7 +487,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         ):
             self.assertEquals(self.domain_to_renew.state, Domain.State.UNKNOWN)
             detail_page = self.client.get(
-                reverse("domain", kwargs={"pk": self.domain_to_renew.id}),
+                reverse("domain", kwargs={"domain_pk": self.domain_to_renew.id}),
             )
             self.assertContains(detail_page, "Expiring soon")
 
@@ -530,7 +530,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
             Domain, "is_expired", self.custom_is_expired_false
         ):
             detail_page = self.client.get(
-                reverse("domain", kwargs={"pk": domain_to_renew2.id}),
+                reverse("domain", kwargs={"domain_pk": domain_to_renew2.id}),
             )
             self.assertContains(detail_page, "Contact one of the listed domain managers to renew the domain.")
 
@@ -551,7 +551,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
             Domain, "is_expired", self.custom_is_expired_false
         ):
             detail_page = self.client.get(
-                reverse("domain", kwargs={"pk": domain_to_renew3.id}),
+                reverse("domain", kwargs={"domain_pk": domain_to_renew3.id}),
             )
             self.assertContains(detail_page, "Renew to maintain access")
 
@@ -565,7 +565,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         ):
             # Grab the detail page
             detail_page = self.client.get(
-                reverse("domain", kwargs={"pk": self.domain_to_renew.id}),
+                reverse("domain", kwargs={"domain_pk": self.domain_to_renew.id}),
             )
 
             # Make sure we see the link as a domain manager
@@ -575,7 +575,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
             self.assertContains(detail_page, "Renewal form")
 
             # Grab link to the renewal page
-            renewal_form_url = reverse("domain-renewal", kwargs={"pk": self.domain_to_renew.id})
+            renewal_form_url = reverse("domain-renewal", kwargs={"domain_pk": self.domain_to_renew.id})
             self.assertContains(detail_page, f'href="{renewal_form_url}"')
 
             # Simulate clicking the link
@@ -595,7 +595,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         ):
             # Grab the detail page
             detail_page = self.client.get(
-                reverse("domain", kwargs={"pk": self.domain_to_renew.id}),
+                reverse("domain", kwargs={"domain_pk": self.domain_to_renew.id}),
             )
 
             # Make sure we see the link as a domain manager
@@ -605,7 +605,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
             self.assertContains(detail_page, "Renewal form")
 
             # Grab link to the renewal page
-            renewal_form_url = reverse("domain-renewal", kwargs={"pk": self.domain_to_renew.id})
+            renewal_form_url = reverse("domain-renewal", kwargs={"domain_pk": self.domain_to_renew.id})
             self.assertContains(detail_page, f'href="{renewal_form_url}"')
 
             # Simulate clicking the link
@@ -620,7 +620,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         Your Profile portion of the Renewal Form."""
         with less_console_noise():
             # Start on the Renewal page for the domain
-            renewal_page = self.app.get(reverse("domain-renewal", kwargs={"pk": self.domain_with_ip.id}))
+            renewal_page = self.app.get(reverse("domain-renewal", kwargs={"domain_pk": self.domain_with_ip.id}))
 
             # Verify we see "Your contact information" on the renewal form
             self.assertContains(renewal_page, "Your contact information")
@@ -640,7 +640,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         Security Email portion of the Renewal Form."""
         with less_console_noise():
             # Start on the Renewal page for the domain
-            renewal_page = self.app.get(reverse("domain-renewal", kwargs={"pk": self.domain_with_ip.id}))
+            renewal_page = self.app.get(reverse("domain-renewal", kwargs={"domain_pk": self.domain_with_ip.id}))
 
             # Verify we see "Security email" on the renewal form
             self.assertContains(renewal_page, "Security email")
@@ -649,7 +649,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
             self.assertContains(renewal_page, "We strongly recommend that you provide a security email.")
 
             # Verify that the "Edit" button for Security email is there and links to correct URL
-            edit_button_url = reverse("domain-security-email", kwargs={"pk": self.domain_with_ip.id})
+            edit_button_url = reverse("domain-security-email", kwargs={"domain_pk": self.domain_with_ip.id})
             self.assertContains(renewal_page, f'href="{edit_button_url}"')
 
             # Simulate clicking on edit button
@@ -663,13 +663,13 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         Domain Manager portion of the Renewal Form."""
         with less_console_noise():
             # Start on the Renewal page for the domain
-            renewal_page = self.app.get(reverse("domain-renewal", kwargs={"pk": self.domain_with_ip.id}))
+            renewal_page = self.app.get(reverse("domain-renewal", kwargs={"domain_pk": self.domain_with_ip.id}))
 
             # Verify we see "Domain managers" on the renewal form
             self.assertContains(renewal_page, "Domain managers")
 
             # Verify that the "Edit" button for Domain managers is there and links to correct URL
-            edit_button_url = reverse("domain-users", kwargs={"pk": self.domain_with_ip.id})
+            edit_button_url = reverse("domain-users", kwargs={"domain_pk": self.domain_with_ip.id})
             self.assertContains(renewal_page, f'href="{edit_button_url}"')
 
             # Simulate clicking on edit button
@@ -683,7 +683,7 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         to access /renewal and that it should receive a 403."""
         with less_console_noise():
             # Start on the Renewal page for the domain
-            renewal_page = self.client.get(reverse("domain-renewal", kwargs={"pk": self.domain_not_expiring.id}))
+            renewal_page = self.client.get(reverse("domain-renewal", kwargs={"domain_pk": self.domain_not_expiring.id}))
             self.assertEqual(renewal_page.status_code, 403)
 
     @override_flag("domain_renewal", active=True)
@@ -692,14 +692,14 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         with patch.object(Domain, "is_expired", self.custom_is_expired_true), patch.object(
             Domain, "is_expired", self.custom_is_expired_true
         ):
-            renewal_page = self.client.get(reverse("domain-renewal", kwargs={"pk": self.domain_no_domain_manager.id}))
+            renewal_page = self.client.get(reverse("domain-renewal", kwargs={"domain_pk": self.domain_no_domain_manager.id}))
             self.assertEqual(renewal_page.status_code, 403)
 
     @override_flag("domain_renewal", active=True)
     def test_ack_checkbox_not_checked(self):
         """If user don't check the checkbox, user should receive an error message."""
         # Grab the renewal URL
-        renewal_url = reverse("domain-renewal", kwargs={"pk": self.domain_with_ip.id})
+        renewal_url = reverse("domain-renewal", kwargs={"domain_pk": self.domain_with_ip.id})
 
         # Test that the checkbox is not checked
         response = self.client.post(renewal_url, data={"submit_button": "next"})
@@ -713,17 +713,17 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         user should be redirected Domain Over page with an updated by 1 year expiration date"""
         # Grab the renewal URL
         with patch.object(Domain, "renew_domain", self.custom_renew_domain):
-            renewal_url = reverse("domain-renewal", kwargs={"pk": self.domain_with_ip.id})
+            renewal_url = reverse("domain-renewal", kwargs={"domain_pk": self.domain_with_ip.id})
 
             # Click the check, and submit
             response = self.client.post(renewal_url, data={"is_policy_acknowledged": "on", "submit_button": "next"})
 
             # Check that it redirects after a successfully submits
-            self.assertRedirects(response, reverse("domain", kwargs={"pk": self.domain_with_ip.id}))
+            self.assertRedirects(response, reverse("domain", kwargs={"domain_pk": self.domain_with_ip.id}))
 
             # Check for the updated expiration
             formatted_new_expiration_date = self.expiration_date_one_year_out().strftime("%b. %-d, %Y")
-            redirect_response = self.client.get(reverse("domain", kwargs={"pk": self.domain_with_ip.id}), follow=True)
+            redirect_response = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain_with_ip.id}), follow=True)
             self.assertContains(redirect_response, formatted_new_expiration_date)
 
 
@@ -766,7 +766,7 @@ class TestDomainManagers(TestDomainOverview):
 
     @less_console_noise_decorator
     def test_domain_managers(self):
-        response = self.client.get(reverse("domain-users", kwargs={"pk": self.domain.id}))
+        response = self.client.get(reverse("domain-users", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(response, "Domain managers")
         self.assertContains(response, "Add a domain manager")
         # assert that the non-portfolio view contains Role column and doesn't contain Admin
@@ -777,7 +777,7 @@ class TestDomainManagers(TestDomainOverview):
     @less_console_noise_decorator
     @override_flag("organization_feature", active=True)
     def test_domain_managers_portfolio_view(self):
-        response = self.client.get(reverse("domain-users", kwargs={"pk": self.domain.id}))
+        response = self.client.get(reverse("domain-users", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(response, "Domain managers")
         self.assertContains(response, "Add a domain manager")
         # assert that the portfolio view doesn't contain Role column and does contain Admin
@@ -787,7 +787,7 @@ class TestDomainManagers(TestDomainOverview):
 
     @less_console_noise_decorator
     def test_domain_user_add(self):
-        response = self.client.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        response = self.client.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(response, "Add a domain manager")
 
     @less_console_noise_decorator
@@ -796,7 +796,7 @@ class TestDomainManagers(TestDomainOverview):
         """Adding an existing user works."""
         get_user_model().objects.get_or_create(email="mayor@igorville.gov")
         user = User.objects.filter(email="mayor@igorville.gov").first()
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         add_page.form["email"] = "mayor@igorville.gov"
@@ -816,7 +816,7 @@ class TestDomainManagers(TestDomainOverview):
         self.assertEqual(success_result.status_code, 302)
         self.assertEqual(
             success_result["Location"],
-            reverse("domain-users", kwargs={"pk": self.domain.id}),
+            reverse("domain-users", kwargs={"domain_pk": self.domain.id}),
         )
 
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -832,7 +832,7 @@ class TestDomainManagers(TestDomainOverview):
         """Adding an existing user works and sends portfolio invitation when
         user is not member of portfolio."""
         get_user_model().objects.get_or_create(email="mayor@igorville.gov")
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         add_page.form["email"] = "mayor@igorville.gov"
@@ -844,7 +844,7 @@ class TestDomainManagers(TestDomainOverview):
         self.assertEqual(success_result.status_code, 302)
         self.assertEqual(
             success_result["Location"],
-            reverse("domain-users", kwargs={"pk": self.domain.id}),
+            reverse("domain-users", kwargs={"domain_pk": self.domain.id}),
         )
 
         # Verify that the invitation emails were sent
@@ -889,7 +889,7 @@ class TestDomainManagers(TestDomainOverview):
         self, mock_send_domain_email, mock_send_portfolio_email
     ):
         """Adding an email not associated with a user works and sends portfolio invitation."""
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         add_page.form["email"] = "notauser@igorville.gov"
@@ -901,7 +901,7 @@ class TestDomainManagers(TestDomainOverview):
         self.assertEqual(success_result.status_code, 302)
         self.assertEqual(
             success_result["Location"],
-            reverse("domain-users", kwargs={"pk": self.domain.id}),
+            reverse("domain-users", kwargs={"domain_pk": self.domain.id}),
         )
 
         # Verify that the invitation emails were sent
@@ -940,7 +940,7 @@ class TestDomainManagers(TestDomainOverview):
     ):
         """Adding an email not associated with a user works and sends portfolio invitation,
         and when domain managers email(s) fail to send, assert proper warning displayed."""
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         add_page.form["email"] = "notauser@igorville.gov"
@@ -954,7 +954,7 @@ class TestDomainManagers(TestDomainOverview):
         self.assertEqual(success_result.status_code, 302)
         self.assertEqual(
             success_result["Location"],
-            reverse("domain-users", kwargs={"pk": self.domain.id}),
+            reverse("domain-users", kwargs={"domain_pk": self.domain.id}),
         )
 
         # Verify that the invitation emails were sent
@@ -979,7 +979,7 @@ class TestDomainManagers(TestDomainOverview):
         UserPortfolioPermission.objects.get_or_create(
             user=other_user, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
         )
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         add_page.form["email"] = "mayor@igorville.gov"
@@ -991,7 +991,7 @@ class TestDomainManagers(TestDomainOverview):
         self.assertEqual(success_result.status_code, 302)
         self.assertEqual(
             success_result["Location"],
-            reverse("domain-users", kwargs={"pk": self.domain.id}),
+            reverse("domain-users", kwargs={"domain_pk": self.domain.id}),
         )
 
         # Verify that the invitation emails were sent
@@ -1027,7 +1027,7 @@ class TestDomainManagers(TestDomainOverview):
         user is not member of portfolio and send raises an error."""
         mock_send_portfolio_email.side_effect = EmailSendingError("Failed to send email.")
         get_user_model().objects.get_or_create(email="mayor@igorville.gov")
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         add_page.form["email"] = "mayor@igorville.gov"
@@ -1039,7 +1039,7 @@ class TestDomainManagers(TestDomainOverview):
         self.assertEqual(success_result.status_code, 302)
         self.assertEqual(
             success_result["Location"],
-            reverse("domain-users", kwargs={"pk": self.domain.id}),
+            reverse("domain-users", kwargs={"domain_pk": self.domain.id}),
         )
 
         # Verify that the invitation emails were sent
@@ -1070,7 +1070,7 @@ class TestDomainManagers(TestDomainOverview):
         """Removing a domain manager sends notification email to other domain managers."""
         self.manager, _ = User.objects.get_or_create(email="mayor@igorville.com", first_name="Hello", last_name="World")
         self.manager_domain_permission, _ = UserDomainRole.objects.get_or_create(user=self.manager, domain=self.domain)
-        self.client.post(reverse("domain-user-delete", kwargs={"pk": self.domain.id, "user_pk": self.manager.id}))
+        self.client.post(reverse("domain-user-delete", kwargs={"domain_pk": self.domain.id, "user_pk": self.manager.id}))
 
         # Verify that the notification emails were sent to domain manager
         mock_send_templated_email.assert_called_once_with(
@@ -1094,7 +1094,7 @@ class TestDomainManagers(TestDomainOverview):
 
         self.domain_information, _ = DomainInformation.objects.get_or_create(creator=self.user, domain=self.domain)
 
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         add_page.form["email"] = email_address
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1127,7 +1127,7 @@ class TestDomainManagers(TestDomainOverview):
 
         self.domain_information, _ = DomainInformation.objects.get_or_create(creator=self.user, domain=self.domain)
 
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         add_page.form["email"] = caps_email_address
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1159,7 +1159,7 @@ class TestDomainManagers(TestDomainOverview):
         mock_client = MagicMock()
         mock_client_instance = mock_client.return_value
         with boto3_mocking.clients.handler_for("sesv2", mock_client):
-            add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+            add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
             session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
             add_page.form["email"] = email_address
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1187,7 +1187,7 @@ class TestDomainManagers(TestDomainOverview):
         mock_client_instance = mock_client.return_value
 
         with boto3_mocking.clients.handler_for("sesv2", mock_client):
-            add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+            add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
             session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
             add_page.form["email"] = email_address
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1226,7 +1226,7 @@ class TestDomainManagers(TestDomainOverview):
         mock_client_instance = mock_client.return_value
 
         with boto3_mocking.clients.handler_for("sesv2", mock_client):
-            add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+            add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
             session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
             add_page.form["email"] = email_address
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1270,7 +1270,7 @@ class TestDomainManagers(TestDomainOverview):
         mock_client_instance = mock_client.return_value
 
         with boto3_mocking.clients.handler_for("sesv2", mock_client):
-            add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+            add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
             session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
             add_page.form["email"] = email_address
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1301,7 +1301,7 @@ class TestDomainManagers(TestDomainOverview):
         email_address = "mayor"
         self.domain_information, _ = DomainInformation.objects.get_or_create(creator=self.user, domain=self.domain)
 
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         add_page.form["email"] = email_address
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1325,7 +1325,7 @@ class TestDomainManagers(TestDomainOverview):
         self.domain_information, _ = DomainInformation.objects.get_or_create(creator=self.user, domain=self.domain)
 
         with patch("django.contrib.messages.error") as mock_error:
-            add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+            add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
             session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
             add_page.form["email"] = email_address
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -1344,7 +1344,7 @@ class TestDomainManagers(TestDomainOverview):
         """Posting to the delete view deletes an invitation."""
         email_address = "mayor@igorville.gov"
         invitation, _ = DomainInvitation.objects.get_or_create(domain=self.domain, email=email_address)
-        self.client.post(reverse("invitation-cancel", kwargs={"pk": invitation.id}))
+        self.client.post(reverse("invitation-cancel", kwargs={"domain_invitation_pk": invitation.id}))
         invitation = DomainInvitation.objects.get(id=invitation.id)
         self.assertEqual(invitation.status, DomainInvitation.DomainInvitationStatus.CANCELED)
 
@@ -1355,7 +1355,7 @@ class TestDomainManagers(TestDomainOverview):
         invitation, _ = DomainInvitation.objects.get_or_create(
             domain=self.domain, email=email_address, status=DomainInvitation.DomainInvitationStatus.RETRIEVED
         )
-        response = self.client.post(reverse("invitation-cancel", kwargs={"pk": invitation.id}), follow=True)
+        response = self.client.post(reverse("invitation-cancel", kwargs={"domain_invitation_pk": invitation.id}), follow=True)
         # Assert that an error message is displayed to the user
         self.assertContains(response, f"Invitation to {email_address} has already been retrieved.")
         # Assert that the Cancel link (form) is not displayed
@@ -1375,7 +1375,7 @@ class TestDomainManagers(TestDomainOverview):
         self.client.force_login(other_user)
         mock_client = MagicMock()
         with boto3_mocking.clients.handler_for("sesv2", mock_client):
-            result = self.client.post(reverse("invitation-cancel", kwargs={"pk": invitation.id}))
+            result = self.client.post(reverse("invitation-cancel", kwargs={"domain_invitation_pk": invitation.id}))
 
         self.assertEqual(result.status_code, 403)
 
@@ -1392,7 +1392,7 @@ class TestDomainManagers(TestDomainOverview):
         title = "title"
         User.objects.filter(email=email_address).delete()
 
-        add_page = self.app.get(reverse("domain-users-add", kwargs={"pk": self.domain.id}))
+        add_page = self.app.get(reverse("domain-users-add", kwargs={"domain_pk": self.domain.id}))
 
         self.domain_information, _ = DomainInformation.objects.get_or_create(creator=self.user, domain=self.domain)
 
@@ -1430,7 +1430,7 @@ class TestDomainManagers(TestDomainOverview):
         )
         UserDomainRole.objects.create(user=new_user_2, domain=self.domain, role=UserDomainRole.Roles.MANAGER)
         response = self.client.post(
-            reverse("domain-user-delete", kwargs={"pk": self.domain.id, "user_pk": new_user.id}), follow=True
+            reverse("domain-user-delete", kwargs={"domain_pk": self.domain.id, "user_pk": new_user.id}), follow=True
         )
         # Assert that a success message is displayed to the user
         self.assertContains(response, f"Removed {email_address} as a manager for this domain.")
@@ -1444,7 +1444,7 @@ class TestDomainManagers(TestDomainOverview):
         """Posting to the delete view attempts to delete a user domain role when there is only one manager."""
         # self.user is the only domain manager, so attempt to delete it
         response = self.client.post(
-            reverse("domain-user-delete", kwargs={"pk": self.domain.id, "user_pk": self.user.id}), follow=True
+            reverse("domain-user-delete", kwargs={"domain_pk": self.domain.id, "user_pk": self.user.id}), follow=True
         )
         # Assert that an error message is displayed to the user
         self.assertContains(response, "Domains must have at least one domain manager.")
@@ -1461,7 +1461,7 @@ class TestDomainManagers(TestDomainOverview):
         new_user = User.objects.create(email=email_address, username="mayor")
         UserDomainRole.objects.create(user=new_user, domain=self.domain, role=UserDomainRole.Roles.MANAGER)
         response = self.client.post(
-            reverse("domain-user-delete", kwargs={"pk": self.domain.id, "user_pk": self.user.id}), follow=True
+            reverse("domain-user-delete", kwargs={"domain_pk": self.domain.id, "user_pk": self.user.id}), follow=True
         )
         # Assert that a success message is displayed to the user
         self.assertContains(response, f"You are no longer managing the domain {self.domain}.")
@@ -1473,7 +1473,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
     @less_console_noise_decorator
     def test_domain_nameservers(self):
         """Can load domain's nameservers page."""
-        page = self.client.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        page = self.client.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(page, "DNS name servers")
 
     @less_console_noise_decorator
@@ -1483,7 +1483,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         Uses self.app WebTest because we need to interact with forms.
         """
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form with only one nameserver, should error
@@ -1506,7 +1506,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         Uses self.app WebTest because we need to interact with forms.
         """
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form without two hosts, both subdomains,
@@ -1531,7 +1531,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         Uses self.app WebTest because we need to interact with forms.
         """
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form without two hosts, both subdomains,
@@ -1555,7 +1555,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         Uses self.app WebTest because we need to interact with forms.
         """
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form with duplicate host names of fake.host.com
@@ -1583,7 +1583,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         valid_ip = "1.1. 1.1"
         valid_ip_2 = "2.2. 2.2"
         # have to throw an error in order to test that the whitespace has been stripped from ip
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form without one host and an ip with whitespace
@@ -1597,7 +1597,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(
             result["Location"],
-            reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}),
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}),
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         page = result.follow()
@@ -1616,7 +1616,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         nameserver2 = "ns2.igorville.com"
         valid_ip = "127.0.0.1"
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form without two hosts, both subdomains,
@@ -1644,7 +1644,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         nameserver = "ns2.igorville.gov"
         invalid_ip = "123"
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form without two hosts, both subdomains,
@@ -1671,7 +1671,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         nameserver = "invalid-nameserver.gov"
         valid_ip = "123.2.45.111"
         # initial nameservers page has one server with two ips
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # attempt to submit the form without two hosts, both subdomains,
@@ -1699,7 +1699,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         nameserver2 = "ns2.igorville.gov"
         valid_ip = "127.0.0.1"
         valid_ip_2 = "128.0.0.2"
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         nameservers_page.form["form-0-server"] = nameserver1
@@ -1711,7 +1711,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(
             result["Location"],
-            reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}),
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}),
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         page = result.follow()
@@ -1731,7 +1731,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         valid_ip = ""
         valid_ip_2 = "128.0.0.2"
         valid_ip_3 = "128.0.0.3"
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         nameservers_page.form["form-0-server"] = nameserver1
@@ -1746,7 +1746,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(
             result["Location"],
-            reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}),
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}),
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         nameservers_page = result.follow()
@@ -1772,7 +1772,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(
             result["Location"],
-            reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}),
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}),
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         nameservers_page = result.follow()
@@ -1797,7 +1797,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         valid_ip_3 = ""
         valid_ip_4 = ""
         nameservers_page = self.app.get(
-            reverse("domain-dns-nameservers", kwargs={"pk": self.domain_with_four_nameservers.id})
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain_with_four_nameservers.id})
         )
 
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
@@ -1821,7 +1821,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(
             result["Location"],
-            reverse("domain-dns-nameservers", kwargs={"pk": self.domain_with_four_nameservers.id}),
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain_with_four_nameservers.id}),
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         nameservers_page = result.follow()
@@ -1833,7 +1833,7 @@ class TestDomainNameservers(TestDomainOverview, MockEppLib):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # first two nameservers are required, so if we empty one out we should
@@ -1855,7 +1855,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
     @less_console_noise_decorator
     def test_domain_senior_official(self):
         """Can load domain's senior official page."""
-        page = self.client.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        page = self.client.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(page, "Senior official", count=4)
 
     @less_console_noise_decorator
@@ -1864,7 +1864,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
         self.domain_information.senior_official = Contact(first_name="Testy")
         self.domain_information.senior_official.save()
         self.domain_information.save()
-        page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(page, "Testy")
 
     @less_console_noise_decorator
@@ -1876,7 +1876,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
         )
         self.domain_information.senior_official.save()
         self.domain_information.save()
-        so_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        so_page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         so_form = so_page.forms[0]
@@ -1934,7 +1934,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
         self.domain_information.senior_official.save()
         self.domain_information.save()
 
-        so_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        so_page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(so_page, "Apple Tester")
         self.assertContains(so_page, "CIO")
         self.assertContains(so_page, "nobody@igorville.gov")
@@ -1955,7 +1955,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
         self.domain_information.senior_official.save()
         self.domain_information.save()
 
-        so_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        so_page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(so_page, "Apple Tester")
         self.assertContains(so_page, "CIO")
         self.assertContains(so_page, "nobody@igorville.gov")
@@ -1974,7 +1974,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
         self.domain_information.other_contacts.add(self.domain_information.senior_official)
         self.domain_information.save()
         # load the Senior Official in the web form
-        so_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        so_page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         so_form = so_page.forms[0]
@@ -2002,7 +2002,7 @@ class TestDomainOrganization(TestDomainOverview):
     @less_console_noise_decorator
     def test_domain_org_name_address(self):
         """Can load domain's org name and mailing address page."""
-        page = self.client.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        page = self.client.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
         # once on the sidebar, once in the page title, once as H1
         self.assertContains(page, "/org-name-address")
         self.assertContains(page, "Organization name and mailing address")
@@ -2013,7 +2013,7 @@ class TestDomainOrganization(TestDomainOverview):
         """Org name and address information appears on the page."""
         self.domain_information.organization_name = "Town of Igorville"
         self.domain_information.save()
-        page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(page, "Town of Igorville")
 
     @less_console_noise_decorator
@@ -2021,7 +2021,7 @@ class TestDomainOrganization(TestDomainOverview):
         """Submitting changes works on the org name address page."""
         self.domain_information.organization_name = "Town of Igorville"
         self.domain_information.save()
-        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         org_name_page.form["organization_name"] = "Not igorville"
@@ -2053,7 +2053,7 @@ class TestDomainOrganization(TestDomainOverview):
 
         self.assertEqual(self.domain_information.generic_org_type, tribal_org_type)
 
-        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
 
         form = org_name_page.forms[0]
         # Check the value of the input field
@@ -2110,7 +2110,7 @@ class TestDomainOrganization(TestDomainOverview):
 
         self.assertEqual(self.domain_information.generic_org_type, fed_org_type)
 
-        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
 
         form = org_name_page.forms[0]
         # Check the value of the input field
@@ -2172,7 +2172,7 @@ class TestDomainOrganization(TestDomainOverview):
 
         new_value = ("Department of State", "Department of State")
         self.client.post(
-            reverse("domain-org-name-address", kwargs={"pk": self.domain.id}),
+            reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}),
             {
                 "federal_agency": new_value,
             },
@@ -2214,7 +2214,7 @@ class TestDomainSuborganization(TestDomainOverview):
         self.assertEqual(self.domain_information.sub_organization, suborg)
 
         # Navigate to the suborganization page
-        page = self.app.get(reverse("domain-suborganization", kwargs={"pk": self.domain.id}))
+        page = self.app.get(reverse("domain-suborganization", kwargs={"domain_pk": self.domain.id}))
 
         # The page should contain the choices Vanilla and Chocolate
         self.assertContains(page, "Vanilla")
@@ -2272,7 +2272,7 @@ class TestDomainSuborganization(TestDomainOverview):
         self.assertEqual(self.domain_information.sub_organization, suborg)
 
         # Navigate to the suborganization page
-        page = self.app.get(reverse("domain-suborganization", kwargs={"pk": self.domain.id}))
+        page = self.app.get(reverse("domain-suborganization", kwargs={"domain_pk": self.domain.id}))
 
         # The page should display the readonly option
         self.assertContains(page, "Vanilla")
@@ -2311,7 +2311,7 @@ class TestDomainSuborganization(TestDomainOverview):
         self.user.refresh_from_db()
 
         # Navigate to the domain overview page
-        page = self.app.get(reverse("domain", kwargs={"pk": self.domain.id}))
+        page = self.app.get(reverse("domain", kwargs={"domain_pk": self.domain.id}))
 
         # Test for the title change
         self.assertContains(page, "Suborganization")
@@ -2340,7 +2340,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
             domain_contact, _ = Domain.objects.get_or_create(name="freeman.gov")
             # Add current user to this domain
             _ = UserDomainRole(user=self.user, domain=domain_contact, role="admin").save()
-            page = self.client.get(reverse("domain-security-email", kwargs={"pk": domain_contact.id}))
+            page = self.client.get(reverse("domain-security-email", kwargs={"domain_pk": domain_contact.id}))
 
             # Loads correctly
             self.assertContains(page, "Security email")
@@ -2355,7 +2355,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
             self.mockedSendFunction = self.mockSendPatch.start()
             self.mockedSendFunction.side_effect = self.mockSend
 
-            page = self.client.get(reverse("domain-security-email", kwargs={"pk": self.domain.id}))
+            page = self.client.get(reverse("domain-security-email", kwargs={"domain_pk": self.domain.id}))
 
             # Loads correctly
             self.assertContains(page, "Security email")
@@ -2365,7 +2365,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
     def test_domain_security_email(self):
         """Can load domain's security email page."""
         with less_console_noise():
-            page = self.client.get(reverse("domain-security-email", kwargs={"pk": self.domain.id}))
+            page = self.client.get(reverse("domain-security-email", kwargs={"domain_pk": self.domain.id}))
             self.assertContains(page, "Security email")
 
     def test_domain_security_email_form(self):
@@ -2373,7 +2373,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
         Uses self.app WebTest because we need to interact with forms.
         """
         with less_console_noise():
-            security_email_page = self.app.get(reverse("domain-security-email", kwargs={"pk": self.domain.id}))
+            security_email_page = self.app.get(reverse("domain-security-email", kwargs={"domain_pk": self.domain.id}))
             session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
             security_email_page.form["security_email"] = "mayor@igorville.gov"
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -2384,7 +2384,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
             self.assertEqual(result.status_code, 302)
             self.assertEqual(
                 result["Location"],
-                reverse("domain-security-email", kwargs={"pk": self.domain.id}),
+                reverse("domain-security-email", kwargs={"domain_pk": self.domain.id}),
             )
 
             self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -2427,7 +2427,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
             ]
             for test_name, data, expected_message in test_cases:
                 response = self.client.post(
-                    reverse("domain-security-email", kwargs={"pk": self.domain.id}),
+                    reverse("domain-security-email", kwargs={"domain_pk": self.domain.id}),
                     data=data,
                     follow=True,
                 )
@@ -2455,7 +2455,7 @@ class TestDomainSecurityEmail(TestDomainOverview):
         management pages share the same permissions class"""
         self.user.status = User.RESTRICTED
         self.user.save()
-        response = self.client.get(reverse("domain", kwargs={"pk": self.domain.id}))
+        response = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain.id}))
         self.assertEqual(response.status_code, 403)
 
 
@@ -2467,7 +2467,7 @@ class TestDomainDNSSEC(TestDomainOverview):
         """DNSSEC overview page loads when domain has no DNSSEC data
         and shows a 'Enable DNSSEC' button."""
 
-        page = self.client.get(reverse("domain-dns-dnssec", kwargs={"pk": self.domain.id}))
+        page = self.client.get(reverse("domain-dns-dnssec", kwargs={"domain_pk": self.domain.id}))
         self.assertContains(page, "Enable DNSSEC")
 
     @less_console_noise_decorator
@@ -2475,7 +2475,7 @@ class TestDomainDNSSEC(TestDomainOverview):
         """DNSSEC overview page loads when domain has DNSSEC data
         and the template contains a button to disable DNSSEC."""
 
-        page = self.client.get(reverse("domain-dns-dnssec", kwargs={"pk": self.domain_multdsdata.id}))
+        page = self.client.get(reverse("domain-dns-dnssec", kwargs={"domain_pk": self.domain_multdsdata.id}))
         self.assertContains(page, "Disable DNSSEC")
 
         # Prepare the data for the POST request
@@ -2483,7 +2483,7 @@ class TestDomainDNSSEC(TestDomainOverview):
             "disable_dnssec": "Disable DNSSEC",
         }
         updated_page = self.client.post(
-            reverse("domain-dns-dnssec", kwargs={"pk": self.domain.id}),
+            reverse("domain-dns-dnssec", kwargs={"domain_pk": self.domain.id}),
             post_data,
             follow=True,
         )
@@ -2497,7 +2497,7 @@ class TestDomainDNSSEC(TestDomainOverview):
         """DNSSEC Add DS data page loads when there is no
         domain DNSSEC data and shows a button to Add new record"""
 
-        page = self.client.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dnssec_none.id}))
+        page = self.client.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dnssec_none.id}))
         self.assertContains(page, "You have no DS data added")
         self.assertContains(page, "Add new record")
 
@@ -2506,13 +2506,13 @@ class TestDomainDNSSEC(TestDomainOverview):
         """DNSSEC Add DS data page loads when there is
         domain DNSSEC DS data and shows the data"""
 
-        page = self.client.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        page = self.client.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         self.assertContains(page, "DS data record 1")
 
     @less_console_noise_decorator
     def test_ds_data_form_modal(self):
         """When user clicks on save, a modal pops up."""
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         # Assert that a hidden trigger for the modal does not exist.
         # This hidden trigger will pop on the page when certain condition are met:
         # 1) Initial form contained DS data, 2) All data is deleted and form is
@@ -2521,7 +2521,7 @@ class TestDomainDNSSEC(TestDomainOverview):
         # Simulate a delete all data
         form_data = {}
         response = self.client.post(
-            reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}),
+            reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}),
             data=form_data,
         )
         self.assertEqual(response.status_code, 200)  # Adjust status code as needed
@@ -2534,7 +2534,7 @@ class TestDomainDNSSEC(TestDomainOverview):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         result = add_data_page.forms[0].submit()
@@ -2542,7 +2542,7 @@ class TestDomainDNSSEC(TestDomainOverview):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(
             result["Location"],
-            reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}),
+            reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}),
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         page = result.follow()
@@ -2554,7 +2554,7 @@ class TestDomainDNSSEC(TestDomainOverview):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # all four form fields are required, so will test with each blank
@@ -2577,7 +2577,7 @@ class TestDomainDNSSEC(TestDomainOverview):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # first two nameservers are required, so if we empty one out we should
@@ -2600,7 +2600,7 @@ class TestDomainDNSSEC(TestDomainOverview):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # first two nameservers are required, so if we empty one out we should
@@ -2623,7 +2623,7 @@ class TestDomainDNSSEC(TestDomainOverview):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # first two nameservers are required, so if we empty one out we should
@@ -2646,7 +2646,7 @@ class TestDomainDNSSEC(TestDomainOverview):
 
         Uses self.app WebTest because we need to interact with forms.
         """
-        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_dsdata.id}))
+        add_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain_dsdata.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
         # first two nameservers are required, so if we empty one out we should
@@ -2700,7 +2700,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
         self.domain_information.zipcode = "62052"
         self.domain_information.save()
 
-        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         org_name_page.form["organization_name"] = "Not igorville"
@@ -2741,7 +2741,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
         self.domain_information.portfolio = portfolio
         self.domain_information.save()
 
-        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         org_name_page.form["organization_name"] = "Not igorville"
@@ -2768,7 +2768,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
         self.domain_information.portfolio = portfolio
         self.domain_information.save()
 
-        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"pk": self.domain.id}))
+        org_name_page = self.app.get(reverse("domain-org-name-address", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         session = self.app.session
@@ -2790,7 +2790,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
     def test_notification_on_security_email_change(self):
         """Test that an email is sent when the security email is changed."""
 
-        security_email_page = self.app.get(reverse("domain-security-email", kwargs={"pk": self.domain.id}))
+        security_email_page = self.app.get(reverse("domain-security-email", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         security_email_page.form["security_email"] = "new_security@example.com"
@@ -2813,7 +2813,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
     def test_notification_on_dnssec_enable(self):
         """Test that an email is sent when DNSSEC is enabled."""
 
-        page = self.client.get(reverse("domain-dns-dnssec", kwargs={"pk": self.domain_multdsdata.id}))
+        page = self.client.get(reverse("domain-dns-dnssec", kwargs={"domain_pk": self.domain_multdsdata.id}))
         self.assertContains(page, "Disable DNSSEC")
 
         # Prepare the data for the POST request
@@ -2823,7 +2823,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
 
         with boto3_mocking.clients.handler_for("sesv2", self.mock_client_class):
             updated_page = self.client.post(
-                reverse("domain-dns-dnssec", kwargs={"pk": self.domain.id}),
+                reverse("domain-dns-dnssec", kwargs={"domain_pk": self.domain.id}),
                 post_data,
                 follow=True,
             )
@@ -2846,7 +2846,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
     def test_notification_on_ds_data_change(self):
         """Test that an email is sent when DS data is changed."""
 
-        ds_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain.id}))
+        ds_data_page = self.app.get(reverse("domain-dns-dnssec-dsdata", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         # Add DS data
@@ -2880,7 +2880,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
         )
         self.domain_information.save()
 
-        senior_official_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        senior_official_page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         senior_official_page.form["first_name"] = "New"
@@ -2917,7 +2917,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
         self.domain_information.portfolio = portfolio
         self.domain_information.save()
 
-        senior_official_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
+        senior_official_page = self.app.get(reverse("domain-senior-official", kwargs={"domain_pk": self.domain.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         senior_official_page.form["first_name"] = "New"
@@ -2936,7 +2936,7 @@ class TestDomainChangeNotifications(TestDomainOverview):
     def test_no_notification_when_dns_needed(self):
         """Test that an email is not sent when nameservers are changed while the state is DNS_NEEDED."""
 
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain_dns_needed.id}))
+        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain_dns_needed.id}))
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         # add nameservers
diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py
index 7a76284a4..1f0285314 100644
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@@ -2,6 +2,7 @@ from datetime import date
 import logging
 import requests
 from django.contrib import messages
+from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.contrib.messages.views import SuccessMessageMixin
 from django.http import HttpResponseRedirect
 from django.shortcuts import redirect, render, get_object_or_404
@@ -73,7 +74,7 @@ from django import forms
 logger = logging.getLogger(__name__)
 
 
-class DomainBaseView(DetailView):
+class DomainBaseView(PermissionRequiredMixin, DetailView):
     """
     Base View for the Domain. Handles getting and setting the domain
     in session cache on GETs. Also provides methods for getting
@@ -174,7 +175,6 @@ class DomainBaseView(DetailView):
 
     def in_editable_state(self, pk):
         """Is the domain in an editable state"""
-
         requested_domain = None
         if Domain.objects.filter(id=pk).exists():
             requested_domain = Domain.objects.get(id=pk)
@@ -1240,7 +1240,7 @@ class DomainUsersView(DomainBaseView):
     """Domain managers page in the domain details."""
 
     template_name = "domain_users.html"
-
+    
     def get_context_data(self, **kwargs):
         """The initial value for the form (which is a formset here)."""
         context = super().get_context_data(**kwargs)
diff --git a/src/registrar/views/utility/api_views.py b/src/registrar/views/utility/api_views.py
index aedfa757a..fbbe72f01 100644
--- a/src/registrar/views/utility/api_views.py
+++ b/src/registrar/views/utility/api_views.py
@@ -1,6 +1,7 @@
 import logging
 from django.http import JsonResponse
 from django.forms.models import model_to_dict
+from registrar.decorators import IS_STAFF, grant_access
 from registrar.models import FederalAgency, SeniorOfficial, DomainRequest
 from django.contrib.admin.views.decorators import staff_member_required
 from django.contrib.auth.decorators import login_required
@@ -11,8 +12,7 @@ from registrar.utility.constants import BranchChoices
 logger = logging.getLogger(__name__)
 
 
-@login_required
-@staff_member_required
+@grant_access(IS_STAFF)
 def get_senior_official_from_federal_agency_json(request):
     """Returns federal_agency information as a JSON"""
 
@@ -39,8 +39,7 @@ def get_senior_official_from_federal_agency_json(request):
         return JsonResponse({"error": "Senior Official not found"}, status=404)
 
 
-@login_required
-@staff_member_required
+@grant_access(IS_STAFF)
 def get_portfolio_json(request):
     """Returns portfolio information as a JSON"""
 
@@ -96,8 +95,7 @@ def get_portfolio_json(request):
     return JsonResponse(portfolio_dict)
 
 
-@login_required
-@staff_member_required
+@grant_access(IS_STAFF)
 def get_suborganization_list_json(request):
     """Returns suborganization list information for a portfolio as a JSON"""
 
@@ -119,8 +117,7 @@ def get_suborganization_list_json(request):
     return JsonResponse({"results": results, "pagination": {"more": False}})
 
 
-@login_required
-@staff_member_required
+@grant_access(IS_STAFF)
 def get_federal_and_portfolio_types_from_federal_agency_json(request):
     """Returns specific portfolio information as a JSON. Request must have
     both agency_name and organization_type."""
@@ -148,8 +145,7 @@ def get_federal_and_portfolio_types_from_federal_agency_json(request):
     return JsonResponse(response_data)
 
 
-@login_required
-@staff_member_required
+@grant_access(IS_STAFF)
 def get_action_needed_email_for_user_json(request):
     """Returns a default action needed email for a given user"""
 
@@ -173,8 +169,7 @@ def get_action_needed_email_for_user_json(request):
     return JsonResponse({"email": email}, status=200)
 
 
-@login_required
-@staff_member_required
+@grant_access(IS_STAFF)
 def get_rejection_email_for_user_json(request):
     """Returns a default rejection email for a given user"""
 

From 6537c93e63e71153451e8d9d5d9c4bf0cedfab8f Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 19:59:01 -0500
Subject: [PATCH 52/81] updated more tests

---
 src/registrar/decorators.py                    |  1 -
 src/registrar/tests/test_admin.py              |  2 --
 src/registrar/tests/test_url_auth.py           |  1 -
 src/registrar/tests/test_views_domains_json.py |  6 +++---
 src/registrar/tests/test_views_portfolio.py    | 12 ++++++------
 src/registrar/views/domain_request.py          | 11 +++++++++--
 src/registrar/views/utility/error_views.py     |  1 -
 7 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 517985b6d..37bdabccd 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -138,7 +138,6 @@ def _user_has_permission(user, request, rules, **kwargs):
     if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT in rules:
         domain_request_id = kwargs.get("domain_request_pk")
         has_permission = _has_portfolio_domain_requests_edit(user, request, domain_request_id)
-        print(has_permission)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_ANY_PERM in rules:
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 9447d211f..aadb85c66 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -3834,8 +3834,6 @@ class TestTransferUser(WebTest):
 
             self.assertContains(after_submit, "<h1>Change user</h1>")
 
-            print(mock_success_message.call_args_list)
-
             mock_success_message.assert_any_call(
                 ANY,
                 (
diff --git a/src/registrar/tests/test_url_auth.py b/src/registrar/tests/test_url_auth.py
index 17b13c233..7e0193e1d 100644
--- a/src/registrar/tests/test_url_auth.py
+++ b/src/registrar/tests/test_url_auth.py
@@ -85,7 +85,6 @@ def iter_sample_urls(urlconf):
         if not viewname:
             continue
         if viewname == "auth_user_password_change":
-            print(route)
             break
         named_groups = route.regex.groupindex.keys()
         kwargs = {}
diff --git a/src/registrar/tests/test_views_domains_json.py b/src/registrar/tests/test_views_domains_json.py
index fe63f27de..5ce308e74 100644
--- a/src/registrar/tests/test_views_domains_json.py
+++ b/src/registrar/tests/test_views_domains_json.py
@@ -104,7 +104,7 @@ class GetDomainsJsonTest(TestWithUser, WebTest):
             self.assertEqual(expected_domain.state_display(), state_displays[i])
             self.assertEqual(expected_domain.get_state_help_text(), get_state_help_texts[i])
 
-            self.assertEqual(reverse("domain", kwargs={"pk": expected_domain.id}), action_urls[i])
+            self.assertEqual(reverse("domain", kwargs={"domain_pk": expected_domain.id}), action_urls[i])
 
             # Check action_label
             action_label_expected = (
@@ -185,7 +185,7 @@ class GetDomainsJsonTest(TestWithUser, WebTest):
             self.assertEqual(expected_domain.state_display(), state_displays[i])
             self.assertEqual(expected_domain.get_state_help_text(), get_state_help_texts[i])
 
-            self.assertEqual(reverse("domain", kwargs={"pk": expected_domain.id}), action_urls[i])
+            self.assertEqual(reverse("domain", kwargs={"domain_pk": expected_domain.id}), action_urls[i])
 
             # Check action_label
             user_domain_role_exists = UserDomainRole.objects.filter(
@@ -272,7 +272,7 @@ class GetDomainsJsonTest(TestWithUser, WebTest):
             self.assertEqual(expected_domain.state_display(), state_displays[i])
             self.assertEqual(expected_domain.get_state_help_text(), get_state_help_texts[i])
 
-            self.assertEqual(reverse("domain", kwargs={"pk": expected_domain.id}), action_urls[i])
+            self.assertEqual(reverse("domain", kwargs={"domain_pk": expected_domain.id}), action_urls[i])
 
             # Check action_label
             user_domain_role_exists = UserDomainRole.objects.filter(
diff --git a/src/registrar/tests/test_views_portfolio.py b/src/registrar/tests/test_views_portfolio.py
index 097aa1879..9de6fbbf2 100644
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@@ -1320,7 +1320,7 @@ class TestPortfolio(WebTest):
 
         self.client.force_login(self.user)
         # Perform delete
-        response = self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request.pk}), follow=True)
+        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
 
         # Check that the response is 200
         self.assertEqual(response.status_code, 200)
@@ -1354,7 +1354,7 @@ class TestPortfolio(WebTest):
 
         self.client.force_login(self.user)
         # Attempt to delete
-        response = self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request.pk}), follow=True)
+        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
 
         # Check response is 403 Forbidden
         self.assertEqual(response.status_code, 403)
@@ -1389,7 +1389,7 @@ class TestPortfolio(WebTest):
 
         self.client.force_login(self.user)
         # Perform delete as self.user
-        response = self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request.pk}), follow=True)
+        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
 
         # Check response is 403 Forbidden
         self.assertEqual(response.status_code, 403)
@@ -3244,7 +3244,7 @@ class TestRequestingEntity(WebTest):
     def test_requesting_entity_page_errors(self):
         """Tests that we get the expected form errors on requesting entity"""
         domain_request = completed_domain_request(user=self.user, portfolio=self.portfolio)
-        response = self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk})).follow()
+        response = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})).follow()
         form = response.forms[0]
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -3334,7 +3334,7 @@ class TestRequestingEntity(WebTest):
 
         domain_request.submit()
 
-        response = self.app.get(reverse("domain-request-status-viewonly", kwargs={"pk": domain_request.pk}))
+        response = self.app.get(reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": domain_request.pk}))
         self.assertContains(response, "Requesting entity")
         self.assertContains(response, "moon")
         self.assertContains(response, "kepler, AL")
@@ -3359,7 +3359,7 @@ class TestRequestingEntity(WebTest):
 
         domain_request.submit()
 
-        response = self.app.get(reverse("domain-request-status", kwargs={"pk": domain_request.pk}))
+        response = self.app.get(reverse("domain-request-status", kwargs={"domain_request_pk": domain_request.pk}))
         self.assertContains(response, "Requesting entity")
         self.assertContains(response, "moon")
         self.assertContains(response, "kepler, AL")
diff --git a/src/registrar/views/domain_request.py b/src/registrar/views/domain_request.py
index 23596f2ad..7a0ce6d3c 100644
--- a/src/registrar/views/domain_request.py
+++ b/src/registrar/views/domain_request.py
@@ -1,12 +1,13 @@
 import logging
 from collections import defaultdict
+from django.contrib import messages
+from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.http import Http404, HttpResponse, HttpResponseRedirect
 from django.shortcuts import redirect, render
 from django.urls import resolve, reverse
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
 from django.views.generic import DeleteView, DetailView, TemplateView
-from django.contrib import messages
 from registrar.decorators import (
     HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT,
     HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL,
@@ -880,7 +881,7 @@ class DomainRequestWithdrawn(DetailView):
 
 
 @grant_access(IS_DOMAIN_REQUEST_CREATOR, HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT)
-class DomainRequestDeleteView(DeleteView):
+class DomainRequestDeleteView(PermissionRequiredMixin, DeleteView):
     """Delete view for home that allows the end user to delete DomainRequests"""
 
     object: DomainRequest  # workaround for type mismatch in DeleteView
@@ -895,6 +896,12 @@ class DomainRequestDeleteView(DeleteView):
         if status not in valid_statuses:
             return False
 
+        # Portfolio users cannot delete their requests if they aren't permissioned to do so
+        if self.request.user.is_org_user(self.request):
+            portfolio = self.request.session.get("portfolio")
+            if not self.request.user.has_edit_request_portfolio_permission(portfolio):
+                return False
+
         return True
 
     def get_success_url(self):
diff --git a/src/registrar/views/utility/error_views.py b/src/registrar/views/utility/error_views.py
index 4f9635d09..8e54170c9 100644
--- a/src/registrar/views/utility/error_views.py
+++ b/src/registrar/views/utility/error_views.py
@@ -39,7 +39,6 @@ def custom_403_error_view(request, exception=None, context=None):
 
 def custom_404_error_view(request, exception=None, context=None):
     """Used to redirect 404 errors to a custom view"""
-    print("this is called")
     if context is None:
         context = {}
     return render(request, "404.html", context=context, status=404)

From 86fbac82496800d47896b8c34efdc4fd394e6ec2 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 21:10:22 -0500
Subject: [PATCH 53/81] updated tests

---
 src/registrar/decorators.py                   |   2 +-
 src/registrar/tests/test_views.py             |  16 +--
 src/registrar/tests/test_views_request.py     | 116 +++++++++---------
 .../tests/test_views_requests_json.py         |   8 +-
 src/registrar/views/domain_request.py         |   4 +-
 5 files changed, 71 insertions(+), 75 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 37bdabccd..158139218 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -120,7 +120,7 @@ def _user_has_permission(user, request, rules, **kwargs):
 
     if not any(conditions_met) and IS_DOMAIN_REQUEST_CREATOR in rules:
         domain_request_id = kwargs.get("domain_request_pk")
-        has_permission = _is_domain_request_creator(user, domain_request_id)
+        has_permission = _is_domain_request_creator(user, domain_request_id) and not _is_portfolio_member(request)
         conditions_met.append(has_permission)
 
     if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM in rules:
diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py
index 2dfead13f..7521719f8 100644
--- a/src/registrar/tests/test_views.py
+++ b/src/registrar/tests/test_views.py
@@ -126,7 +126,7 @@ class TestEnvironmentVariablesEffects(TestCase):
         with patch.object(DomainNameserversView, "get_initial", side_effect=self.side_effect_raise_value_error):
             with self.assertRaises(ValueError):
                 contact_page_500 = self.client.get(
-                    reverse("domain-dns-nameservers", kwargs={"pk": fake_domain.id}),
+                    reverse("domain-dns-nameservers", kwargs={"domain_pk": fake_domain.id}),
                 )
 
                 # Check that a 500 response is returned
@@ -147,7 +147,7 @@ class TestEnvironmentVariablesEffects(TestCase):
         with patch.object(DomainNameserversView, "get_initial", side_effect=self.side_effect_raise_value_error):
             with self.assertRaises(ValueError):
                 contact_page_500 = self.client.get(
-                    reverse("domain-dns-nameservers", kwargs={"pk": fake_domain.id}),
+                    reverse("domain-dns-nameservers", kwargs={"domain_pk": fake_domain.id}),
                 )
 
                 # Check that a 500 response is returned
@@ -292,7 +292,7 @@ class HomeTests(TestWithUser):
         )
 
         # Trigger the delete logic
-        response = self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request.pk}), follow=True)
+        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
 
         self.assertNotContains(response, "igorville.gov")
 
@@ -309,7 +309,7 @@ class HomeTests(TestWithUser):
         )
 
         # Trigger the delete logic
-        response = self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request.pk}), follow=True)
+        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
 
         self.assertNotContains(response, "igorville.gov")
 
@@ -335,7 +335,7 @@ class HomeTests(TestWithUser):
 
                         # Trigger the delete logic
                         response = self.client.post(
-                            reverse("domain-request-delete", kwargs={"pk": domain_request.pk}), follow=True
+                            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
                         )
 
                         # Check for a 403 error - the end user should not be allowed to do this
@@ -392,7 +392,7 @@ class HomeTests(TestWithUser):
         self.assertTrue(igorville.exists())
 
         # Trigger the delete logic
-        self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request.pk}))
+        self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}))
 
         # igorville is now deleted
         igorville = DomainRequest.objects.filter(requested_domain__name="igorville.gov")
@@ -462,7 +462,7 @@ class HomeTests(TestWithUser):
         self.assertTrue(teaville.exists())
 
         # Trigger the delete logic
-        self.client.post(reverse("domain-request-delete", kwargs={"pk": domain_request_2.pk}))
+        self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request_2.pk}))
 
         teaville = DomainRequest.objects.filter(requested_domain__name="teaville.gov")
         self.assertFalse(teaville.exists())
@@ -935,7 +935,7 @@ class UserProfileTests(TestWithUser, WebTest):
     @less_console_noise_decorator
     def test_domain_detail_contains_your_profile(self):
         """Tests that the domain detail view contains 'your profile' rather than 'your contact information'"""
-        response = self.client.get(reverse("domain", args=[self.domain.pk]))
+        response = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain.pk}))
         self.assertContains(response, "Your profile")
         self.assertNotContains(response, "Your contact information")
 
diff --git a/src/registrar/tests/test_views_request.py b/src/registrar/tests/test_views_request.py
index f6eba2a56..d70300f9c 100644
--- a/src/registrar/tests/test_views_request.py
+++ b/src/registrar/tests/test_views_request.py
@@ -809,7 +809,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         # type_page = home_page.click("Edit")
 
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
-        url = reverse("edit-domain-request", kwargs={"id": domain_request.pk})
+        url = reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         # TODO: The following line results in a django error on middleware
@@ -1106,7 +1106,7 @@ class DomainRequestTests(TestWithUser, WebTest):
     def test_yes_no_contact_form_inits_blank_for_new_domain_request(self):
         """On the Other Contacts page, the yes/no form gets initialized with nothing selected for
         new domain requests"""
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": 0}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": 0}))
         other_contacts_form = other_contacts_page.forms[0]
         self.assertEquals(other_contacts_form["other_contacts-has_other_contacts"].value, None)
 
@@ -1114,7 +1114,7 @@ class DomainRequestTests(TestWithUser, WebTest):
     def test_yes_no_additional_form_inits_blank_for_new_domain_request(self):
         """On the Additional Details page, the yes/no form gets initialized with nothing selected for
         new domain requests"""
-        additional_details_page = self.app.get(reverse("domain-request:additional_details", kwargs={"id": 0}))
+        additional_details_page = self.app.get(reverse("domain-request:additional_details", kwargs={"domain_request_pk": 0}))
         additional_form = additional_details_page.forms[0]
 
         # Check the cisa representative yes/no field
@@ -1130,7 +1130,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         # Domain Request has other contacts by default
         domain_request = completed_domain_request(user=self.user)
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1138,7 +1138,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1155,7 +1155,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.save()
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1164,7 +1164,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.pk})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.pk})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1187,7 +1187,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.no_other_contacts_rationale = "Hello!"
         domain_request.save()
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1195,7 +1195,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1216,7 +1216,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.save()
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1225,7 +1225,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.pk})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.pk})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1256,7 +1256,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.assertEqual(domain_request.cisa_representative_email, "fake@faketown.gov")
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1265,7 +1265,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.pk})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.pk})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1320,7 +1320,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.assertEqual(domain_request.has_cisa_representative, None)
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1329,7 +1329,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.pk})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.pk})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1367,7 +1367,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         )
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1376,7 +1376,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.pk})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.pk})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1400,7 +1400,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request = completed_domain_request(name="cisareps.gov", user=self.user, has_anything_else=False)
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1409,7 +1409,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.pk})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.pk})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1439,7 +1439,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.assertEqual(domain_request.has_cisa_representative, None)
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1448,7 +1448,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         additional_details_page = self.app.get(
-            reverse("domain-request:additional_details", kwargs={"id": domain_request.id})
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": domain_request.id})
         )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
@@ -1472,7 +1472,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.no_other_contacts_rationale = "Hello!"
         domain_request.save()
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1480,7 +1480,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1520,7 +1520,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         # Domain request has other contacts by default
         domain_request = completed_domain_request(user=self.user)
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1528,7 +1528,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1604,7 +1604,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_info.other_contacts.set([other])
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1612,7 +1612,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1653,7 +1653,7 @@ class DomainRequestTests(TestWithUser, WebTest):
     @less_console_noise_decorator
     def test_if_yes_no_form_is_no_then_no_other_contacts_required(self):
         """Applicants with no other contacts have to give a reason."""
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": 0}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": 0}))
         other_contacts_form = other_contacts_page.forms[0]
         other_contacts_form["other_contacts-has_other_contacts"] = "False"
         response = other_contacts_page.forms[0].submit()
@@ -1669,7 +1669,7 @@ class DomainRequestTests(TestWithUser, WebTest):
     @less_console_noise_decorator
     def test_if_yes_no_form_is_yes_then_other_contacts_required(self):
         """Applicants with other contacts do not have to give a reason."""
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": 0}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": 0}))
         other_contacts_form = other_contacts_page.forms[0]
         other_contacts_form["other_contacts-has_other_contacts"] = "True"
         response = other_contacts_page.forms[0].submit()
@@ -1737,7 +1737,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.other_contacts.add(other2)
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1745,7 +1745,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.id}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1810,7 +1810,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.other_contacts.add(other)
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1818,7 +1818,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.id}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1887,7 +1887,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.other_contacts.add(other)
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1895,7 +1895,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.id}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1967,7 +1967,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         other_contact_pk = other.id
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -1975,7 +1975,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -2043,7 +2043,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         other_contact_pk = so.id
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -2051,7 +2051,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"id": domain_request.pk}))
+        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -2113,7 +2113,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         so_pk = so.id
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -2121,7 +2121,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        so_page = self.app.get(reverse("domain-request:senior_official", kwargs={"id": domain_request.pk}))
+        so_page = self.app.get(reverse("domain-request:senior_official", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         so_form = so_page.forms[0]
@@ -2182,7 +2182,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         so_pk = so.id
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -2190,7 +2190,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        so_page = self.app.get(reverse("domain-request:senior_official", kwargs={"id": domain_request.pk}))
+        so_page = self.app.get(reverse("domain-request:senior_official", kwargs={"domain_request_pk": domain_request.pk}))
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         so_form = so_page.forms[0]
@@ -2240,7 +2240,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         creator_pk = self.user.id
 
         # prime the form by visiting /edit
-        self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}))
+        self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}))
         # django-webtest does not handle cookie-based sessions well because it keeps
         # resetting the session key on each new request, thus destroying the concept
         # of a "session". We are going to do it manually, saving the session ID here
@@ -2539,7 +2539,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         new_domain_request_id = all_domain_requests.first().id
 
         # Skip to the current sites page
-        current_sites_page = self.app.get(reverse("domain-request:current_sites", kwargs={"id": new_domain_request_id}))
+        current_sites_page = self.app.get(reverse("domain-request:current_sites", kwargs={"domain_request_pk": new_domain_request_id}))
         # fill in the form field
         current_sites_form = current_sites_page.forms[0]
         self.assertIn("current_sites-0-website", current_sites_form.fields)
@@ -2614,7 +2614,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         domain_request.alternative_domains.add(alt)
 
         # prime the form by visiting /edit
-        url = reverse("edit-domain-request", kwargs={"id": domain_request.pk})
+        url = reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})
         response = self.client.get(url)
 
         # TODO: this is a sketch of each page in the wizard which needs to be tested
@@ -2724,7 +2724,7 @@ class DomainRequestTests(TestWithUser, WebTest):
         NOTE: This may be a moot point if we implement a more solid pattern in the
         future, like not a submit action at all on the review page."""
 
-        review_page = self.app.get(reverse("domain-request:review", kwargs={"id": 0}))
+        review_page = self.app.get(reverse("domain-request:review", kwargs={"domain_request_pk": 0}))
         self.assertContains(review_page, "toggle-submit-domain-request")
         self.assertContains(review_page, "Your request form is incomplete")
 
@@ -2742,7 +2742,7 @@ class DomainRequestTests(TestWithUser, WebTest):
 
         # This user should also be forbidden from editing existing ones
         domain_request = completed_domain_request(user=self.user)
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}), expect_errors=True)
+        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}), expect_errors=True)
         self.assertEqual(edit_page.status_code, 403)
 
         # Cleanup
@@ -2767,7 +2767,7 @@ class DomainRequestTests(TestWithUser, WebTest):
 
         # This user should also be allowed to edit existing ones
         domain_request = completed_domain_request(user=self.user)
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk})).follow()
+        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})).follow()
         self.assertEqual(edit_page.status_code, 200)
 
     def test_non_creator_access(self):
@@ -2776,14 +2776,14 @@ class DomainRequestTests(TestWithUser, WebTest):
         other_user = User.objects.create_user(username="other_user", password=p)
         domain_request = completed_domain_request(user=other_user)
 
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk}), expect_errors=True)
+        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}), expect_errors=True)
         self.assertEqual(edit_page.status_code, 403)
 
     def test_creator_access(self):
         """Tests that a user can edit a domain request they created"""
         domain_request = completed_domain_request(user=self.user)
 
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"id": domain_request.pk})).follow()
+        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})).follow()
         self.assertEqual(edit_page.status_code, 200)
 
 
@@ -2898,12 +2898,8 @@ class DomainRequestTestDifferentStatuses(TestWithUser, WebTest):
         domain_request = completed_domain_request(status=DomainRequest.DomainRequestStatus.SUBMITTED, user=self.user)
         domain_request.save()
 
-        detail_page = self.app.get(f"/domain-request/{domain_request.id}")
-        self.assertContains(detail_page, "city.gov")
-        self.assertContains(detail_page, "city1.gov")
-        self.assertContains(detail_page, "Chief Tester")
-        self.assertContains(detail_page, "testy@town.com")
-        self.assertContains(detail_page, "Status:")
+        detail_page = self.client.get(f"/domain-request/{domain_request.id}")
+        self.assertEqual(detail_page.status_code, 403)
         # Restricted user trying to withdraw results in 403 error
         with less_console_noise():
             for url_name in [
@@ -2911,7 +2907,7 @@ class DomainRequestTestDifferentStatuses(TestWithUser, WebTest):
                 "domain-request-withdrawn",
             ]:
                 with self.subTest(url_name=url_name):
-                    page = self.client.get(reverse(url_name, kwargs={"pk": domain_request.pk}))
+                    page = self.client.get(reverse(url_name, kwargs={"domain_request_pk": domain_request.pk}))
                     self.assertEqual(page.status_code, 403)
 
     @less_console_noise_decorator
@@ -2931,7 +2927,7 @@ class DomainRequestTestDifferentStatuses(TestWithUser, WebTest):
                 "domain-request-withdrawn",
             ]:
                 with self.subTest(url_name=url_name):
-                    page = self.client.get(reverse(url_name, kwargs={"pk": domain_request.pk}))
+                    page = self.client.get(reverse(url_name, kwargs={"domain_request_pk": domain_request.pk}))
                     self.assertEqual(page.status_code, 403)
 
     @less_console_noise_decorator
@@ -3206,7 +3202,7 @@ class TestDomainRequestWizard(TestWithUser, WebTest):
             self.assertContains(detail_page, "usa-current", count=2)
 
             # We default to the requesting entity page
-            expected_url = reverse("domain-request:portfolio_requesting_entity", kwargs={"id": domain_request.id})
+            expected_url = reverse("domain-request:portfolio_requesting_entity", kwargs={"domain_request_pk": domain_request.id})
             # This returns the entire url, thus "in"
             self.assertIn(expected_url, detail_page.request.url)
         else:
diff --git a/src/registrar/tests/test_views_requests_json.py b/src/registrar/tests/test_views_requests_json.py
index e25d76bf7..55d9141ab 100644
--- a/src/registrar/tests/test_views_requests_json.py
+++ b/src/registrar/tests/test_views_requests_json.py
@@ -199,14 +199,14 @@ class GetRequestsJsonTest(TestWithUser, WebTest):
 
             # Check action_url
             action_url_expected = (
-                reverse("edit-domain-request", kwargs={"id": self.domain_requests[i].id})
+                reverse("edit-domain-request", kwargs={"domain_request_pk": self.domain_requests[i].id})
                 if self.domain_requests[i].status
                 in [
                     DomainRequest.DomainRequestStatus.STARTED,
                     DomainRequest.DomainRequestStatus.ACTION_NEEDED,
                     DomainRequest.DomainRequestStatus.WITHDRAWN,
                 ]
-                else reverse("domain-request-status", kwargs={"pk": self.domain_requests[i].id})
+                else reverse("domain-request-status", kwargs={"domain_request_pk": self.domain_requests[i].id})
             )
             self.assertEqual(action_url_expected, action_urls[i])
 
@@ -342,7 +342,7 @@ class GetRequestsJsonTest(TestWithUser, WebTest):
                 # Test case where action is View
                 self.assertEqual("View", action_labels[i])
                 self.assertEqual(
-                    reverse("domain-request-status-viewonly", kwargs={"pk": expected_domain_request.id}), action_urls[i]
+                    reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": expected_domain_request.id}), action_urls[i]
                 )
                 self.assertEqual("visibility", svg_icons[i])
             elif status[i] in [
@@ -360,7 +360,7 @@ class GetRequestsJsonTest(TestWithUser, WebTest):
                 # Test case where action is Manage
                 self.assertEqual("Manage", action_labels[i])
                 self.assertEqual(
-                    reverse("domain-request-status", kwargs={"pk": expected_domain_request.id}), action_urls[i]
+                    reverse("domain-request-status", kwargs={"domain_request_pk": expected_domain_request.id}), action_urls[i]
                 )
                 self.assertEqual("settings", svg_icons[i])
 
diff --git a/src/registrar/views/domain_request.py b/src/registrar/views/domain_request.py
index 7a0ce6d3c..1d17e3047 100644
--- a/src/registrar/views/domain_request.py
+++ b/src/registrar/views/domain_request.py
@@ -843,7 +843,7 @@ class DomainRequestStatus(DetailView):
         return context
 
 
-@grant_access(IS_DOMAIN_REQUEST_CREATOR)
+@grant_access(IS_DOMAIN_REQUEST_CREATOR, HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT)
 class DomainRequestWithdrawConfirmation(DetailView):
     """This page will ask user to confirm if they want to withdraw
 
@@ -857,7 +857,7 @@ class DomainRequestWithdrawConfirmation(DetailView):
     context_object_name = "DomainRequest"
 
 
-@grant_access(IS_DOMAIN_REQUEST_CREATOR)
+@grant_access(IS_DOMAIN_REQUEST_CREATOR, HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT)
 class DomainRequestWithdrawn(DetailView):
     # this view renders no template
     template_name = ""

From 51dc7797b0aa813161a8be4a6b5bea5725ab1146 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 12 Feb 2025 21:30:21 -0500
Subject: [PATCH 54/81] updated code for readability

---
 src/djangooidc/views.py                       |   2 -
 src/registrar/decorators.py                   | 150 ++++++++----------
 .../tests/test_management_scripts.py          |   1 -
 src/registrar/tests/test_views.py             |  11 +-
 src/registrar/tests/test_views_domain.py      |  20 ++-
 src/registrar/tests/test_views_portfolio.py   |  20 ++-
 src/registrar/tests/test_views_request.py     |  76 ++++++---
 .../tests/test_views_requests_json.py         |   6 +-
 src/registrar/views/domain.py                 |   2 +-
 src/registrar/views/domain_requests_json.py   |   1 -
 src/registrar/views/domains_json.py           |   1 -
 src/registrar/views/utility/api_views.py      |   2 -
 12 files changed, 167 insertions(+), 125 deletions(-)

diff --git a/src/djangooidc/views.py b/src/djangooidc/views.py
index 984936a4c..815df4ecf 100644
--- a/src/djangooidc/views.py
+++ b/src/djangooidc/views.py
@@ -5,14 +5,12 @@ import logging
 from django.conf import settings
 from django.contrib.auth import logout as auth_logout
 from django.contrib.auth import authenticate, login
-from login_required import login_not_required
 from django.http import HttpResponseRedirect
 from django.shortcuts import redirect
 from urllib.parse import parse_qs, urlencode
 
 from djangooidc.oidc import Client
 from djangooidc import exceptions as o_e
-from registrar.decorators import grant_access
 from registrar.models import User
 from registrar.views.utility.error_views import custom_500_error_view, custom_401_error_view
 
diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 158139218..1147fe943 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -74,91 +74,74 @@ def _user_has_permission(user, request, rules, **kwargs):
     if ALL in rules:
         return True
 
-    # Ensure user is authenticated
-    if not user.is_authenticated:
+    # Ensure user is authenticated and not restricted
+    if not user.is_authenticated or user.is_restricted():
         return False
 
-    # Ensure user is not restricted
-    if user.is_restricted():
-        return False
+    # Define permission checks
+    permission_checks = [
+        (IS_STAFF, lambda: user.is_staff),
+        (IS_DOMAIN_MANAGER, lambda: _is_domain_manager(user, **kwargs)),
+        (IS_STAFF_MANAGING_DOMAIN, lambda: _is_staff_managing_domain(request, **kwargs)),
+        (IS_PORTFOLIO_MEMBER, lambda: user.is_org_user(request)),
+        (
+            HAS_PORTFOLIO_DOMAINS_VIEW_ALL,
+            lambda: _can_access_domain_via_portfolio_view_all_domains(request, kwargs.get("domain_pk")),
+        ),
+        (
+            HAS_PORTFOLIO_DOMAINS_ANY_PERM,
+            lambda: user.is_org_user(request)
+            and user.has_any_domains_portfolio_permission(request.session.get("portfolio")),
+        ),
+        (
+            IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER,
+            lambda: _is_domain_manager(user, **kwargs) and _is_portfolio_member(request),
+        ),
+        (
+            IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER,
+            lambda: _is_domain_manager(user, **kwargs) and not _is_portfolio_member(request),
+        ),
+        (
+            IS_DOMAIN_REQUEST_CREATOR,
+            lambda: _is_domain_request_creator(user, kwargs.get("domain_request_pk"))
+            and not _is_portfolio_member(request),
+        ),
+        (
+            HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM,
+            lambda: user.is_org_user(request)
+            and user.has_any_requests_portfolio_permission(request.session.get("portfolio")),
+        ),
+        (
+            HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL,
+            lambda: user.is_org_user(request)
+            and user.has_view_all_domain_requests_portfolio_permission(request.session.get("portfolio")),
+        ),
+        (
+            HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT,
+            lambda: _has_portfolio_domain_requests_edit(user, request, kwargs.get("domain_request_pk")),
+        ),
+        (
+            HAS_PORTFOLIO_MEMBERS_ANY_PERM,
+            lambda: user.is_org_user(request)
+            and (
+                user.has_view_members_portfolio_permission(request.session.get("portfolio"))
+                or user.has_edit_members_portfolio_permission(request.session.get("portfolio"))
+            ),
+        ),
+        (
+            HAS_PORTFOLIO_MEMBERS_EDIT,
+            lambda: user.is_org_user(request)
+            and user.has_edit_members_portfolio_permission(request.session.get("portfolio")),
+        ),
+        (
+            HAS_PORTFOLIO_MEMBERS_VIEW,
+            lambda: user.is_org_user(request)
+            and user.has_view_members_portfolio_permission(request.session.get("portfolio")),
+        ),
+    ]
 
-    conditions_met = []
-
-    if IS_STAFF in rules:
-        conditions_met.append(user.is_staff)
-
-    if not any(conditions_met) and IS_DOMAIN_MANAGER in rules:
-        has_permission = _is_domain_manager(user, **kwargs)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and IS_STAFF_MANAGING_DOMAIN in rules:
-        has_permission = _is_staff_managing_domain(request, **kwargs)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and IS_PORTFOLIO_MEMBER in rules:
-        has_permission = user.is_org_user(request)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_DOMAINS_VIEW_ALL in rules:
-        domain_id = kwargs.get("domain_pk")
-        has_permission = _can_access_domain_via_portfolio_view_all_domains(request, domain_id)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_DOMAINS_ANY_PERM in rules:
-        has_permission = user.is_org_user(request) and user.has_any_domains_portfolio_permission(
-            request.session.get("portfolio")
-        )
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and IS_PORTFOLIO_MEMBER_AND_DOMAIN_MANAGER in rules:
-        has_permission = _is_domain_manager(user, **kwargs) and _is_portfolio_member(request)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and IS_DOMAIN_MANAGER_AND_NOT_PORTFOLIO_MEMBER in rules:
-        has_permission = _is_domain_manager(user, **kwargs) and not _is_portfolio_member(request)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and IS_DOMAIN_REQUEST_CREATOR in rules:
-        domain_request_id = kwargs.get("domain_request_pk")
-        has_permission = _is_domain_request_creator(user, domain_request_id) and not _is_portfolio_member(request)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM in rules:
-        has_permission = user.is_org_user(request) and user.has_any_requests_portfolio_permission(
-            request.session.get("portfolio")
-        )
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_VIEW_ALL in rules:
-        has_permission = user.is_org_user(request) and user.has_view_all_domain_requests_portfolio_permission(
-            request.session.get("portfolio")
-        )
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_DOMAIN_REQUESTS_EDIT in rules:
-        domain_request_id = kwargs.get("domain_request_pk")
-        has_permission = _has_portfolio_domain_requests_edit(user, request, domain_request_id)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_ANY_PERM in rules:
-        portfolio = request.session.get("portfolio")
-        has_permission = user.is_org_user(request) and (
-            user.has_view_members_portfolio_permission(portfolio)
-            or user.has_edit_members_portfolio_permission(portfolio)
-        )
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_EDIT in rules:
-        portfolio = request.session.get("portfolio")
-        has_permission = user.is_org_user(request) and user.has_edit_members_portfolio_permission(portfolio)
-        conditions_met.append(has_permission)
-
-    if not any(conditions_met) and HAS_PORTFOLIO_MEMBERS_VIEW in rules:
-        portfolio = request.session.get("portfolio")
-        has_permission = user.is_org_user(request) and user.has_view_members_portfolio_permission(portfolio)
-        conditions_met.append(has_permission)
-
-    return any(conditions_met)
+    # Check conditions iteratively
+    return any(check() for rule, check in permission_checks if rule in rules)
 
 
 def _has_portfolio_domain_requests_edit(user, request, domain_request_id):
@@ -173,7 +156,8 @@ def _is_domain_manager(user, **kwargs):
 
     - First, it checks if 'domain_pk' is present in the URL parameters.
     - If 'domain_pk' exists, it verifies if the user has a domain role for that domain.
-    - If 'domain_pk' is absent, it checks for 'domain_invitation_pk' to determine if the user has domain permissions through an invitation.
+    - If 'domain_pk' is absent, it checks for 'domain_invitation_pk' to determine if the user
+      has domain permissions through an invitation.
 
     Returns:
         bool: True if the user is a domain manager, False otherwise.
diff --git a/src/registrar/tests/test_management_scripts.py b/src/registrar/tests/test_management_scripts.py
index 668eeff0e..17e4736c4 100644
--- a/src/registrar/tests/test_management_scripts.py
+++ b/src/registrar/tests/test_management_scripts.py
@@ -37,7 +37,6 @@ from epplibwrapper import commands, common
 
 from .common import (
     MockEppLib,
-    less_console_noise,
     completed_domain_request,
     MockSESClient,
     MockDbForIndividualTests,
diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py
index 7521719f8..3f5413e5a 100644
--- a/src/registrar/tests/test_views.py
+++ b/src/registrar/tests/test_views.py
@@ -292,7 +292,9 @@ class HomeTests(TestWithUser):
         )
 
         # Trigger the delete logic
-        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
+        response = self.client.post(
+            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
+        )
 
         self.assertNotContains(response, "igorville.gov")
 
@@ -309,7 +311,9 @@ class HomeTests(TestWithUser):
         )
 
         # Trigger the delete logic
-        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
+        response = self.client.post(
+            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
+        )
 
         self.assertNotContains(response, "igorville.gov")
 
@@ -335,7 +339,8 @@ class HomeTests(TestWithUser):
 
                         # Trigger the delete logic
                         response = self.client.post(
-                            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
+                            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}),
+                            follow=True,
                         )
 
                         # Check for a 403 error - the end user should not be allowed to do this
diff --git a/src/registrar/tests/test_views_domain.py b/src/registrar/tests/test_views_domain.py
index d9aac8178..676c4ef5f 100644
--- a/src/registrar/tests/test_views_domain.py
+++ b/src/registrar/tests/test_views_domain.py
@@ -692,7 +692,9 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
         with patch.object(Domain, "is_expired", self.custom_is_expired_true), patch.object(
             Domain, "is_expired", self.custom_is_expired_true
         ):
-            renewal_page = self.client.get(reverse("domain-renewal", kwargs={"domain_pk": self.domain_no_domain_manager.id}))
+            renewal_page = self.client.get(
+                reverse("domain-renewal", kwargs={"domain_pk": self.domain_no_domain_manager.id})
+            )
             self.assertEqual(renewal_page.status_code, 403)
 
     @override_flag("domain_renewal", active=True)
@@ -723,7 +725,9 @@ class TestDomainDetailDomainRenewal(TestDomainOverview):
 
             # Check for the updated expiration
             formatted_new_expiration_date = self.expiration_date_one_year_out().strftime("%b. %-d, %Y")
-            redirect_response = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain_with_ip.id}), follow=True)
+            redirect_response = self.client.get(
+                reverse("domain", kwargs={"domain_pk": self.domain_with_ip.id}), follow=True
+            )
             self.assertContains(redirect_response, formatted_new_expiration_date)
 
 
@@ -1070,7 +1074,9 @@ class TestDomainManagers(TestDomainOverview):
         """Removing a domain manager sends notification email to other domain managers."""
         self.manager, _ = User.objects.get_or_create(email="mayor@igorville.com", first_name="Hello", last_name="World")
         self.manager_domain_permission, _ = UserDomainRole.objects.get_or_create(user=self.manager, domain=self.domain)
-        self.client.post(reverse("domain-user-delete", kwargs={"domain_pk": self.domain.id, "user_pk": self.manager.id}))
+        self.client.post(
+            reverse("domain-user-delete", kwargs={"domain_pk": self.domain.id, "user_pk": self.manager.id})
+        )
 
         # Verify that the notification emails were sent to domain manager
         mock_send_templated_email.assert_called_once_with(
@@ -1355,7 +1361,9 @@ class TestDomainManagers(TestDomainOverview):
         invitation, _ = DomainInvitation.objects.get_or_create(
             domain=self.domain, email=email_address, status=DomainInvitation.DomainInvitationStatus.RETRIEVED
         )
-        response = self.client.post(reverse("invitation-cancel", kwargs={"domain_invitation_pk": invitation.id}), follow=True)
+        response = self.client.post(
+            reverse("invitation-cancel", kwargs={"domain_invitation_pk": invitation.id}), follow=True
+        )
         # Assert that an error message is displayed to the user
         self.assertContains(response, f"Invitation to {email_address} has already been retrieved.")
         # Assert that the Cancel link (form) is not displayed
@@ -2936,7 +2944,9 @@ class TestDomainChangeNotifications(TestDomainOverview):
     def test_no_notification_when_dns_needed(self):
         """Test that an email is not sent when nameservers are changed while the state is DNS_NEEDED."""
 
-        nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain_dns_needed.id}))
+        nameservers_page = self.app.get(
+            reverse("domain-dns-nameservers", kwargs={"domain_pk": self.domain_dns_needed.id})
+        )
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
 
         # add nameservers
diff --git a/src/registrar/tests/test_views_portfolio.py b/src/registrar/tests/test_views_portfolio.py
index 9de6fbbf2..530908f1f 100644
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@@ -1320,7 +1320,9 @@ class TestPortfolio(WebTest):
 
         self.client.force_login(self.user)
         # Perform delete
-        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
+        response = self.client.post(
+            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
+        )
 
         # Check that the response is 200
         self.assertEqual(response.status_code, 200)
@@ -1354,7 +1356,9 @@ class TestPortfolio(WebTest):
 
         self.client.force_login(self.user)
         # Attempt to delete
-        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
+        response = self.client.post(
+            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
+        )
 
         # Check response is 403 Forbidden
         self.assertEqual(response.status_code, 403)
@@ -1389,7 +1393,9 @@ class TestPortfolio(WebTest):
 
         self.client.force_login(self.user)
         # Perform delete as self.user
-        response = self.client.post(reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True)
+        response = self.client.post(
+            reverse("domain-request-delete", kwargs={"domain_request_pk": domain_request.pk}), follow=True
+        )
 
         # Check response is 403 Forbidden
         self.assertEqual(response.status_code, 403)
@@ -3244,7 +3250,9 @@ class TestRequestingEntity(WebTest):
     def test_requesting_entity_page_errors(self):
         """Tests that we get the expected form errors on requesting entity"""
         domain_request = completed_domain_request(user=self.user, portfolio=self.portfolio)
-        response = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})).follow()
+        response = self.app.get(
+            reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})
+        ).follow()
         form = response.forms[0]
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
@@ -3334,7 +3342,9 @@ class TestRequestingEntity(WebTest):
 
         domain_request.submit()
 
-        response = self.app.get(reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": domain_request.pk}))
+        response = self.app.get(
+            reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.assertContains(response, "Requesting entity")
         self.assertContains(response, "moon")
         self.assertContains(response, "kepler, AL")
diff --git a/src/registrar/tests/test_views_request.py b/src/registrar/tests/test_views_request.py
index d70300f9c..6818759c5 100644
--- a/src/registrar/tests/test_views_request.py
+++ b/src/registrar/tests/test_views_request.py
@@ -1114,7 +1114,9 @@ class DomainRequestTests(TestWithUser, WebTest):
     def test_yes_no_additional_form_inits_blank_for_new_domain_request(self):
         """On the Additional Details page, the yes/no form gets initialized with nothing selected for
         new domain requests"""
-        additional_details_page = self.app.get(reverse("domain-request:additional_details", kwargs={"domain_request_pk": 0}))
+        additional_details_page = self.app.get(
+            reverse("domain-request:additional_details", kwargs={"domain_request_pk": 0})
+        )
         additional_form = additional_details_page.forms[0]
 
         # Check the cisa representative yes/no field
@@ -1138,7 +1140,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1195,7 +1199,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1480,7 +1486,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1528,7 +1536,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1612,7 +1622,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1745,7 +1757,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1818,7 +1832,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1895,7 +1911,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.id})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -1975,7 +1993,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -2051,7 +2071,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        other_contacts_page = self.app.get(reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk}))
+        other_contacts_page = self.app.get(
+            reverse("domain-request:other_contacts", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         other_contacts_form = other_contacts_page.forms[0]
@@ -2121,7 +2143,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        so_page = self.app.get(reverse("domain-request:senior_official", kwargs={"domain_request_pk": domain_request.pk}))
+        so_page = self.app.get(
+            reverse("domain-request:senior_official", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         so_form = so_page.forms[0]
@@ -2190,7 +2214,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
-        so_page = self.app.get(reverse("domain-request:senior_official", kwargs={"domain_request_pk": domain_request.pk}))
+        so_page = self.app.get(
+            reverse("domain-request:senior_official", kwargs={"domain_request_pk": domain_request.pk})
+        )
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
 
         so_form = so_page.forms[0]
@@ -2539,7 +2565,9 @@ class DomainRequestTests(TestWithUser, WebTest):
         new_domain_request_id = all_domain_requests.first().id
 
         # Skip to the current sites page
-        current_sites_page = self.app.get(reverse("domain-request:current_sites", kwargs={"domain_request_pk": new_domain_request_id}))
+        current_sites_page = self.app.get(
+            reverse("domain-request:current_sites", kwargs={"domain_request_pk": new_domain_request_id})
+        )
         # fill in the form field
         current_sites_form = current_sites_page.forms[0]
         self.assertIn("current_sites-0-website", current_sites_form.fields)
@@ -2742,7 +2770,9 @@ class DomainRequestTests(TestWithUser, WebTest):
 
         # This user should also be forbidden from editing existing ones
         domain_request = completed_domain_request(user=self.user)
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}), expect_errors=True)
+        edit_page = self.app.get(
+            reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}), expect_errors=True
+        )
         self.assertEqual(edit_page.status_code, 403)
 
         # Cleanup
@@ -2767,7 +2797,9 @@ class DomainRequestTests(TestWithUser, WebTest):
 
         # This user should also be allowed to edit existing ones
         domain_request = completed_domain_request(user=self.user)
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})).follow()
+        edit_page = self.app.get(
+            reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})
+        ).follow()
         self.assertEqual(edit_page.status_code, 200)
 
     def test_non_creator_access(self):
@@ -2776,14 +2808,18 @@ class DomainRequestTests(TestWithUser, WebTest):
         other_user = User.objects.create_user(username="other_user", password=p)
         domain_request = completed_domain_request(user=other_user)
 
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}), expect_errors=True)
+        edit_page = self.app.get(
+            reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}), expect_errors=True
+        )
         self.assertEqual(edit_page.status_code, 403)
 
     def test_creator_access(self):
         """Tests that a user can edit a domain request they created"""
         domain_request = completed_domain_request(user=self.user)
 
-        edit_page = self.app.get(reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})).follow()
+        edit_page = self.app.get(
+            reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk})
+        ).follow()
         self.assertEqual(edit_page.status_code, 200)
 
 
@@ -3202,7 +3238,9 @@ class TestDomainRequestWizard(TestWithUser, WebTest):
             self.assertContains(detail_page, "usa-current", count=2)
 
             # We default to the requesting entity page
-            expected_url = reverse("domain-request:portfolio_requesting_entity", kwargs={"domain_request_pk": domain_request.id})
+            expected_url = reverse(
+                "domain-request:portfolio_requesting_entity", kwargs={"domain_request_pk": domain_request.id}
+            )
             # This returns the entire url, thus "in"
             self.assertIn(expected_url, detail_page.request.url)
         else:
diff --git a/src/registrar/tests/test_views_requests_json.py b/src/registrar/tests/test_views_requests_json.py
index 55d9141ab..8f50e16bb 100644
--- a/src/registrar/tests/test_views_requests_json.py
+++ b/src/registrar/tests/test_views_requests_json.py
@@ -342,7 +342,8 @@ class GetRequestsJsonTest(TestWithUser, WebTest):
                 # Test case where action is View
                 self.assertEqual("View", action_labels[i])
                 self.assertEqual(
-                    reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": expected_domain_request.id}), action_urls[i]
+                    reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": expected_domain_request.id}),
+                    action_urls[i],
                 )
                 self.assertEqual("visibility", svg_icons[i])
             elif status[i] in [
@@ -360,7 +361,8 @@ class GetRequestsJsonTest(TestWithUser, WebTest):
                 # Test case where action is Manage
                 self.assertEqual("Manage", action_labels[i])
                 self.assertEqual(
-                    reverse("domain-request-status", kwargs={"domain_request_pk": expected_domain_request.id}), action_urls[i]
+                    reverse("domain-request-status", kwargs={"domain_request_pk": expected_domain_request.id}),
+                    action_urls[i],
                 )
                 self.assertEqual("settings", svg_icons[i])
 
diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py
index 1f0285314..d424bd978 100644
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@@ -1240,7 +1240,7 @@ class DomainUsersView(DomainBaseView):
     """Domain managers page in the domain details."""
 
     template_name = "domain_users.html"
-    
+
     def get_context_data(self, **kwargs):
         """The initial value for the form (which is a formset here)."""
         context = super().get_context_data(**kwargs)
diff --git a/src/registrar/views/domain_requests_json.py b/src/registrar/views/domain_requests_json.py
index fb0702a58..0533af66b 100644
--- a/src/registrar/views/domain_requests_json.py
+++ b/src/registrar/views/domain_requests_json.py
@@ -3,7 +3,6 @@ from django.core.paginator import Paginator
 from registrar.decorators import grant_access, ALL
 from registrar.models import DomainRequest
 from django.utils.dateformat import format
-from django.contrib.auth.decorators import login_required
 from django.urls import reverse
 from django.db.models import Q
 
diff --git a/src/registrar/views/domains_json.py b/src/registrar/views/domains_json.py
index f23fdd3b4..676115904 100644
--- a/src/registrar/views/domains_json.py
+++ b/src/registrar/views/domains_json.py
@@ -3,7 +3,6 @@ from django.http import JsonResponse
 from django.core.paginator import Paginator
 from registrar.decorators import grant_access, ALL
 from registrar.models import UserDomainRole, Domain, DomainInformation, User
-from django.contrib.auth.decorators import login_required
 from django.urls import reverse
 from django.db.models import Q
 
diff --git a/src/registrar/views/utility/api_views.py b/src/registrar/views/utility/api_views.py
index fbbe72f01..6d0a2b5ec 100644
--- a/src/registrar/views/utility/api_views.py
+++ b/src/registrar/views/utility/api_views.py
@@ -3,8 +3,6 @@ from django.http import JsonResponse
 from django.forms.models import model_to_dict
 from registrar.decorators import IS_STAFF, grant_access
 from registrar.models import FederalAgency, SeniorOfficial, DomainRequest
-from django.contrib.admin.views.decorators import staff_member_required
-from django.contrib.auth.decorators import login_required
 from registrar.utility.admin_helpers import get_action_needed_reason_default_email, get_rejection_reason_default_email
 from registrar.models.portfolio import Portfolio
 from registrar.utility.constants import BranchChoices

From 37c673100164f54012e8043c5558c9158bbf3fc9 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Thu, 13 Feb 2025 06:47:11 -0500
Subject: [PATCH 55/81] updated comments

---
 src/registrar/decorators.py           | 60 +++++++++++++++++----------
 src/registrar/registrar_middleware.py | 26 ++++++++----
 2 files changed, 56 insertions(+), 30 deletions(-)

diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py
index 1147fe943..7cb2792f4 100644
--- a/src/registrar/decorators.py
+++ b/src/registrar/decorators.py
@@ -24,37 +24,43 @@ HAS_PORTFOLIO_MEMBERS_VIEW = "has_portfolio_members_view"
 
 def grant_access(*rules):
     """
-    Allows multiple rules in a single decorator call:
-    @grant_access(IS_STAFF, IS_SUPERUSER, IS_DOMAIN_MANAGER)
-    or multiple stacked decorators:
-    @grant_access(IS_SUPERUSER)
-    @grant_access(IS_DOMAIN_MANAGER)
+    A decorator that enforces access control based on specified rules.
+
+    Usage:
+        - Multiple rules in a single decorator:
+          @grant_access(IS_STAFF, IS_SUPERUSER, IS_DOMAIN_MANAGER)
+
+        - Stacked decorators for separate rules:
+          @grant_access(IS_SUPERUSER)
+          @grant_access(IS_DOMAIN_MANAGER)
+
+    The decorator supports both function-based views (FBVs) and class-based views (CBVs).
     """
 
     def decorator(view):
-        if isinstance(view, type):  # If decorating a class-based view (CBV)
-            original_dispatch = view.dispatch  # save original dispatch method
+        if isinstance(view, type):  # Check if decorating a class-based view (CBV)
+            original_dispatch = view.dispatch  # Store the original dispatch method
 
-            @method_decorator(grant_access(*rules))  # apply the decorator to dispatch
+            @method_decorator(grant_access(*rules))  # Apply the decorator to dispatch
             def wrapped_dispatch(self, request, *args, **kwargs):
                 if not _user_has_permission(request.user, request, rules, **kwargs):
-                    raise PermissionDenied
+                    raise PermissionDenied  # Deny access if the user lacks permission
                 return original_dispatch(self, request, *args, **kwargs)
 
-            view.dispatch = wrapped_dispatch  # replace dispatch with wrapped version
+            view.dispatch = wrapped_dispatch  # Replace the dispatch method
             return view
 
         else:  # If decorating a function-based view (FBV)
-            view.has_explicit_access = True
-            existing_rules = getattr(view, "_access_rules", set())
-            existing_rules.update(rules)
-            view._access_rules = existing_rules
+            view.has_explicit_access = True  # Mark the view as having explicit access control
+            existing_rules = getattr(view, "_access_rules", set())  # Retrieve existing rules
+            existing_rules.update(rules)  # Merge with new rules
+            view._access_rules = existing_rules  # Store updated rules
 
             @functools.wraps(view)
             def wrapper(request, *args, **kwargs):
                 if not _user_has_permission(request.user, request, rules, **kwargs):
-                    raise PermissionDenied
-                return view(request, *args, **kwargs)
+                    raise PermissionDenied  # Deny access if the user lacks permission
+                return view(request, *args, **kwargs)  # Proceed with the original view
 
             return wrapper
 
@@ -63,7 +69,21 @@ def grant_access(*rules):
 
 def _user_has_permission(user, request, rules, **kwargs):
     """
-    Checks if the user meets the permission requirements.
+    Determines if the user meets the required permission rules.
+
+    This function evaluates a set of predefined permission rules to check whether a user has access
+    to a specific view. It supports various access control conditions, including staff status,
+    domain management roles, and portfolio-related permissions.
+
+    Parameters:
+        - user: The user requesting access.
+        - request: The HTTP request object.
+        - rules: A set of access control rules to evaluate.
+        - **kwargs: Additional keyword arguments used in specific permission checks.
+
+    Returns:
+        - True if the user satisfies any of the specified rules.
+        - False otherwise.
     """
 
     # Skip authentication if @login_not_required is applied
@@ -86,7 +106,7 @@ def _user_has_permission(user, request, rules, **kwargs):
         (IS_PORTFOLIO_MEMBER, lambda: user.is_org_user(request)),
         (
             HAS_PORTFOLIO_DOMAINS_VIEW_ALL,
-            lambda: _can_access_domain_via_portfolio_view_all_domains(request, kwargs.get("domain_pk")),
+            lambda: _has_portfolio_view_all_domains(request, kwargs.get("domain_pk")),
         ),
         (
             HAS_PORTFOLIO_DOMAINS_ANY_PERM,
@@ -268,11 +288,9 @@ def _is_staff_managing_domain(request, **kwargs):
     return True
 
 
-def _can_access_domain_via_portfolio_view_all_domains(request, domain_pk):
+def _has_portfolio_view_all_domains(request, domain_pk):
     """Returns whether the user in the request can access the domain
     via portfolio view all domains permission."""
-    # NOTE: determine if in practice this ever needs to be called on its own
-    # or if it can be combined with view_managed_domains
     portfolio = request.session.get("portfolio")
     if request.user.has_view_all_domains_portfolio_permission(portfolio):
         if Domain.objects.filter(id=domain_pk).exists():
diff --git a/src/registrar/registrar_middleware.py b/src/registrar/registrar_middleware.py
index 8d4518e94..8c9c79876 100644
--- a/src/registrar/registrar_middleware.py
+++ b/src/registrar/registrar_middleware.py
@@ -177,40 +177,48 @@ class CheckPortfolioMiddleware:
 
 
 class RestrictAccessMiddleware:
-    """Middleware that blocks all views unless explicitly permitted"""
+    """
+    Middleware that blocks access to all views unless explicitly permitted.
+
+    This middleware enforces authentication by default. Views must explicitly allow access
+    using access control mechanisms such as the `@grant_access` decorator. Exceptions are made
+    for Django admin views, explicitly ignored paths, and views that opt out of login requirements.
+    """
 
     def __init__(self, get_response):
         self.get_response = get_response
+        # Compile regex patterns from settings to identify paths that bypass login requirements
         self.ignored_paths = [re.compile(pattern) for pattern in getattr(settings, "LOGIN_REQUIRED_IGNORE_PATHS", [])]
 
     def __call__(self, request):
 
-        # Allow Django Debug Toolbar requests
+        # Allow requests to Django Debug Toolbar
         if request.path.startswith("/__debug__/"):
             return self.get_response(request)
 
-        # Allow requests that match LOGIN_REQUIRED_IGNORE_PATHS
+        # Allow requests matching configured ignored paths
         if any(pattern.match(request.path) for pattern in self.ignored_paths):
             return self.get_response(request)
 
-        # Try to resolve the view function
+        # Attempt to resolve the request path to a view function
         try:
             resolver_match = resolve(request.path_info)
             view_func = resolver_match.func
-            app_name = resolver_match.app_name  # Get app name of resolved view
+            app_name = resolver_match.app_name  # Get the app name of the resolved view
         except Exception:
+            # If resolution fails, allow the request to proceed (avoid blocking non-view routes)
             return self.get_response(request)
 
-        # Auto-allow Django's built-in admin views (but NOT custom /admin/* views)
+        # Automatically allow access to Django's built-in admin views (excluding custom /admin/* views)
         if app_name == "admin":
             return self.get_response(request)
 
-        # Skip access restriction if the view explicitly allows unauthenticated access
+        # Allow access if the view explicitly opts out of login requirements
         if getattr(view_func, "login_required", True) is False:
             return self.get_response(request)
 
-        # Enforce explicit access fules for other views
+        # Restrict access to views that do not explicitly declare access rules
         if not getattr(view_func, "has_explicit_access", False):
-            raise PermissionDenied
+            raise PermissionDenied  # Deny access if the view lacks explicit permission handling
 
         return self.get_response(request)

From efab9e495a29986f1e444b0dffb6289e3cc12e09 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Thu, 13 Feb 2025 06:51:33 -0500
Subject: [PATCH 56/81] removed unnecessary file

---
 src/registrar/utility/domain_cache_helper.py | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 src/registrar/utility/domain_cache_helper.py

diff --git a/src/registrar/utility/domain_cache_helper.py b/src/registrar/utility/domain_cache_helper.py
deleted file mode 100644
index e69de29bb..000000000

From 3245cded0e81597974496799eace8a3ee6835969 Mon Sep 17 00:00:00 2001
From: asaki222 <asaki444@gmail.com>
Date: Thu, 13 Feb 2025 10:58:40 -0500
Subject: [PATCH 57/81] updated naming for workflow

---
 .github/workflows/delete-and-recreate-db.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/delete-and-recreate-db.yaml b/.github/workflows/delete-and-recreate-db.yaml
index ecdf54bbc..e7cad783d 100644
--- a/.github/workflows/delete-and-recreate-db.yaml
+++ b/.github/workflows/delete-and-recreate-db.yaml
@@ -1,8 +1,8 @@
 # This workflow can be run from the CLI
 #     gh workflow run reset-db.yaml -f environment=ENVIRONMENT
 
-name: Reset database
-run-name: Reset database for ${{ github.event.inputs.environment }}
+name: Delete and Recreate database
+run-name: Delete and Recreate for ${{ github.event.inputs.environment }}
 
 on:
   workflow_dispatch:

From 71a9e9515d99d5e4481c1993379bbeb74c5b178f Mon Sep 17 00:00:00 2001
From: asaki222 <asaki444@gmail.com>
Date: Thu, 13 Feb 2025 11:09:32 -0500
Subject: [PATCH 58/81] updated the creds variable

---
 .github/workflows/delete-and-recreate-db.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/delete-and-recreate-db.yaml b/.github/workflows/delete-and-recreate-db.yaml
index e7cad783d..979f20826 100644
--- a/.github/workflows/delete-and-recreate-db.yaml
+++ b/.github/workflows/delete-and-recreate-db.yaml
@@ -53,7 +53,7 @@ jobs:
          sudo apt-get update
          sudo apt-get install cf8-cli
          cf api api.fr.cloud.gov
-         cf auth "$CF_USERNAME" "$CF_PASSWORD"
+         cf auth "$cf_username" "$cf_password"
          cf target -o cisa-dotgov -s $DESTINATION_ENVIRONMENT   
 
 

From c737daa8fd2f8d497edfb9c5499d74e66316dcd7 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Thu, 13 Feb 2025 10:28:49 -0800
Subject: [PATCH 59/81] Add prefix and manage url to the action needed reasons
 templates

---
 .../action_needed_reasons/already_has_domains_subject.txt       | 2 +-
 .../templates/emails/action_needed_reasons/bad_name.txt         | 2 +-
 .../templates/emails/action_needed_reasons/bad_name_subject.txt | 2 +-
 .../action_needed_reasons/eligibility_unclear_subject.txt       | 2 +-
 .../action_needed_reasons/questionable_senior_official.txt      | 2 +-
 .../questionable_senior_official_subject.txt                    | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt b/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt
index 7ca332ddd..b29b8040c 100644
--- a/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/action_needed_reasons/bad_name.txt b/src/registrar/templates/emails/action_needed_reasons/bad_name.txt
index ac563b549..40e5ed899 100644
--- a/src/registrar/templates/emails/action_needed_reasons/bad_name.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/bad_name.txt
@@ -17,7 +17,7 @@ Domains should uniquely identify a government organization and be clear to the g
 
 
 ACTION NEEDED
-First, we need you to identify a new domain name that meets our naming requirements for your type of organization. Then, log in to the registrar and update the name in your domain request. <https://manage.get.gov/> Once you submit your updated request, we’ll resume the adjudication process.
+First, we need you to identify a new domain name that meets our naming requirements for your type of organization. Then, log in to the registrar and update the name in your domain request. <{{ manage_url }}> Once you submit your updated request, we’ll resume the adjudication process.
 
 If you have questions or want to discuss potential domain names, reply to this email.
 
diff --git a/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt b/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt
index 7ca332ddd..b29b8040c 100644
--- a/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt b/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt
index 7ca332ddd..b29b8040c 100644
--- a/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official.txt b/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official.txt
index ef05e17d7..40d068cd9 100644
--- a/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official.txt
@@ -21,7 +21,7 @@ We expect a senior official to be someone in a role of significant, executive re
 ACTION NEEDED
 Reply to this email with a justification for naming {{ domain_request.senior_official.get_formatted_name }} as the senior official. If you have questions or comments, include those in your reply.
 
-Alternatively, you can log in to the registrar and enter a different senior official for this domain request. <https://manage.get.gov/> Once you submit your updated request, we’ll resume the adjudication process.
+Alternatively, you can log in to the registrar and enter a different senior official for this domain request. <{{ manage_url }}> Once you submit your updated request, we’ll resume the adjudication process.
 
 
 THANK YOU
diff --git a/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt b/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt
index 7ca332ddd..b29b8040c 100644
--- a/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt
@@ -1 +1 @@
-Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file

From 856b71b6ce70e429a77a1342e20ac41db8a75b42 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Thu, 13 Feb 2025 10:30:48 -0800
Subject: [PATCH 60/81] Add for transition domain inv email

---
 src/registrar/templates/emails/transition_domain_invitation.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/emails/transition_domain_invitation.txt b/src/registrar/templates/emails/transition_domain_invitation.txt
index dc812edf3..14dd626dd 100644
--- a/src/registrar/templates/emails/transition_domain_invitation.txt
+++ b/src/registrar/templates/emails/transition_domain_invitation.txt
@@ -57,7 +57,7 @@ THANK YOU
 The .gov team
 
 .Gov blog <https://get.gov/updates/> 
-Domain management <https://manage.get.gov>
+Domain management <{{ manage_url }}}>
 Get.gov <https://get.gov>
 
 The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>

From 986bcc235125f627c6458a4b36b5d40ad227e106 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Fri, 14 Feb 2025 06:56:56 -0500
Subject: [PATCH 61/81] fixed date in email

---
 src/registrar/utility/email_invitations.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/registrar/utility/email_invitations.py b/src/registrar/utility/email_invitations.py
index d206bf279..7ddab65f1 100644
--- a/src/registrar/utility/email_invitations.py
+++ b/src/registrar/utility/email_invitations.py
@@ -255,6 +255,7 @@ def send_portfolio_member_permission_update_email(requestor, permissions: UserPo
                 "portfolio": permissions.portfolio,
                 "requestor_email": requestor_email,
                 "permissions": permissions,
+                "date": date.today(),
             },
         )
     except EmailSendingError:

From 8020bd6f7461b71fa663fc5fff8c4a797eeed907 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Fri, 14 Feb 2025 08:02:47 -0800
Subject: [PATCH 62/81] Update for prefix to be in the subject dynamically

---
 .../already_has_domains_subject.txt                   |  2 +-
 .../emails/action_needed_reasons/bad_name_subject.txt |  2 +-
 .../eligibility_unclear_subject.txt                   |  2 +-
 .../questionable_senior_official_subject.txt          |  2 +-
 .../templates/emails/domain_invitation_subject.txt    |  2 +-
 .../domain_manager_deleted_notification_subject.txt   |  2 +-
 .../emails/domain_manager_notification_subject.txt    |  2 +-
 .../emails/domain_request_withdrawn_subject.txt       |  2 +-
 src/registrar/templates/emails/metadata_body.txt      |  2 +-
 src/registrar/templates/emails/metadata_subject.txt   |  2 +-
 .../portfolio_admin_addition_notification_subject.txt |  2 +-
 .../portfolio_admin_removal_notification_subject.txt  |  2 +-
 .../templates/emails/portfolio_invitation_subject.txt |  2 +-
 .../emails/status_change_approved_subject.txt         |  2 +-
 .../templates/emails/status_change_subject.txt        |  2 +-
 .../emails/submission_confirmation_subject.txt        |  2 +-
 .../emails/transition_domain_invitation_subject.txt   |  2 +-
 .../emails/update_to_approved_domain_subject.txt      |  2 +-
 src/registrar/utility/email.py                        | 11 +++++++----
 19 files changed, 25 insertions(+), 22 deletions(-)

diff --git a/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt b/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt
index b29b8040c..7ca332ddd 100644
--- a/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/already_has_domains_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt b/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt
index b29b8040c..7ca332ddd 100644
--- a/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/bad_name_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt b/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt
index b29b8040c..7ca332ddd 100644
--- a/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/eligibility_unclear_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt b/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt
index b29b8040c..7ca332ddd 100644
--- a/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt
+++ b/src/registrar/templates/emails/action_needed_reasons/questionable_senior_official_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
+Update on your .gov request: {{ domain_request.requested_domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_invitation_subject.txt b/src/registrar/templates/emails/domain_invitation_subject.txt
index 9f15c38b4..9663346d0 100644
--- a/src/registrar/templates/emails/domain_invitation_subject.txt
+++ b/src/registrar/templates/emails/domain_invitation_subject.txt
@@ -1 +1 @@
-{{ prefix }}You've been invited to manage {% if domains|length > 1 %}.gov domains{% else %}{{ domains.0.name }}{% endif %}
\ No newline at end of file
+You've been invited to manage {% if domains|length > 1 %}.gov domains{% else %}{{ domains.0.name }}{% endif %}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt b/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt
index 7376bdb86..c84a20f18 100644
--- a/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt
+++ b/src/registrar/templates/emails/domain_manager_deleted_notification_subject.txt
@@ -1 +1 @@
-{{ prefix }}A domain manager was removed from {{ domain.name }}
\ No newline at end of file
+A domain manager was removed from {{ domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_manager_notification_subject.txt b/src/registrar/templates/emails/domain_manager_notification_subject.txt
index 8560cb9fa..0e9918de0 100644
--- a/src/registrar/templates/emails/domain_manager_notification_subject.txt
+++ b/src/registrar/templates/emails/domain_manager_notification_subject.txt
@@ -1 +1 @@
-{{ prefix }}A domain manager was invited to {{ domain.name }}
\ No newline at end of file
+A domain manager was invited to {{ domain.name }}
\ No newline at end of file
diff --git a/src/registrar/templates/emails/domain_request_withdrawn_subject.txt b/src/registrar/templates/emails/domain_request_withdrawn_subject.txt
index cc146643a..51b2c745a 100644
--- a/src/registrar/templates/emails/domain_request_withdrawn_subject.txt
+++ b/src/registrar/templates/emails/domain_request_withdrawn_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
+Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/metadata_body.txt b/src/registrar/templates/emails/metadata_body.txt
index a0a3682b7..adf0a186c 100644
--- a/src/registrar/templates/emails/metadata_body.txt
+++ b/src/registrar/templates/emails/metadata_body.txt
@@ -1 +1 @@
-{{ prefix }}An export of all .gov metadata.
+An export of all .gov metadata.
diff --git a/src/registrar/templates/emails/metadata_subject.txt b/src/registrar/templates/emails/metadata_subject.txt
index c19b4c26e..5fdece7ef 100644
--- a/src/registrar/templates/emails/metadata_subject.txt
+++ b/src/registrar/templates/emails/metadata_subject.txt
@@ -1,2 +1,2 @@
-{{ prefix }}Domain metadata - {{current_date_str}}
+Domain metadata - {{current_date_str}}
 
diff --git a/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt b/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt
index ee5987512..3d6b2a140 100644
--- a/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt
+++ b/src/registrar/templates/emails/portfolio_admin_addition_notification_subject.txt
@@ -1 +1 @@
-{{ prefix }}An admin was invited to your .gov organization
\ No newline at end of file
+An admin was invited to your .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt b/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
index 9a45a8bbc..e250b17f8 100644
--- a/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
+++ b/src/registrar/templates/emails/portfolio_admin_removal_notification_subject.txt
@@ -1 +1 @@
-{{ prefix }}An admin was removed from your .gov organization
\ No newline at end of file
+An admin was removed from your .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/portfolio_invitation_subject.txt b/src/registrar/templates/emails/portfolio_invitation_subject.txt
index de9080196..552bb2bec 100644
--- a/src/registrar/templates/emails/portfolio_invitation_subject.txt
+++ b/src/registrar/templates/emails/portfolio_invitation_subject.txt
@@ -1 +1 @@
-{{ prefix }}You’ve been invited to a .gov organization
\ No newline at end of file
+You’ve been invited to a .gov organization
\ No newline at end of file
diff --git a/src/registrar/templates/emails/status_change_approved_subject.txt b/src/registrar/templates/emails/status_change_approved_subject.txt
index cc146643a..51b2c745a 100644
--- a/src/registrar/templates/emails/status_change_approved_subject.txt
+++ b/src/registrar/templates/emails/status_change_approved_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
+Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/status_change_subject.txt b/src/registrar/templates/emails/status_change_subject.txt
index cc146643a..51b2c745a 100644
--- a/src/registrar/templates/emails/status_change_subject.txt
+++ b/src/registrar/templates/emails/status_change_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
+Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/submission_confirmation_subject.txt b/src/registrar/templates/emails/submission_confirmation_subject.txt
index cc146643a..51b2c745a 100644
--- a/src/registrar/templates/emails/submission_confirmation_subject.txt
+++ b/src/registrar/templates/emails/submission_confirmation_subject.txt
@@ -1 +1 @@
-{{ prefix }}Update on your .gov request: {{ domain_request.requested_domain.name }}
+Update on your .gov request: {{ domain_request.requested_domain.name }}
diff --git a/src/registrar/templates/emails/transition_domain_invitation_subject.txt b/src/registrar/templates/emails/transition_domain_invitation_subject.txt
index b162341d9..526c7714b 100644
--- a/src/registrar/templates/emails/transition_domain_invitation_subject.txt
+++ b/src/registrar/templates/emails/transition_domain_invitation_subject.txt
@@ -1 +1 @@
-{{ prefix }}(Action required) Manage your .gov domain{% if domains|length > 1 %}s{% endif %} in the new registrar
\ No newline at end of file
+(Action required) Manage your .gov domain{% if domains|length > 1 %}s{% endif %} in the new registrar
\ No newline at end of file
diff --git a/src/registrar/templates/emails/update_to_approved_domain_subject.txt b/src/registrar/templates/emails/update_to_approved_domain_subject.txt
index d952999a0..cf4c9a14c 100644
--- a/src/registrar/templates/emails/update_to_approved_domain_subject.txt
+++ b/src/registrar/templates/emails/update_to_approved_domain_subject.txt
@@ -1 +1 @@
-{{ prefix }}An update was made to {{domain}}
\ No newline at end of file
+An update was made to {{domain}}
\ No newline at end of file
diff --git a/src/registrar/utility/email.py b/src/registrar/utility/email.py
index 9323255af..b4caf42a5 100644
--- a/src/registrar/utility/email.py
+++ b/src/registrar/utility/email.py
@@ -60,13 +60,19 @@ def send_templated_email(  # noqa
     # For email links ie getgov-rh.app.cloud.gov
     manage_url = env_base_url if not settings.IS_PRODUCTION else "https://manage.get.gov"
 
+    # Update the subject to have prefix here versus every email
+    subject_template = get_template(subject_template_name)
+    subject = subject_template.render(context=context)
+    subject = f"{prefix}{subject}"
+
     # Adding to context
     context.update(
         {
-            "prefix": prefix,
+            "subject": subject,
             "manage_url": manage_url,
         }
     )
+
     # by default assume we can send to all addresses (prod has no whitelist)
     sendable_cc_addresses = cc_addresses
 
@@ -89,9 +95,6 @@ def send_templated_email(  # noqa
     if email_body:
         email_body.strip().lstrip("\n")
 
-    subject_template = get_template(subject_template_name)
-    subject = subject_template.render(context=context)
-
     try:
         ses_client = boto3.client(
             "sesv2",

From 33bf1988f1700ca149403555e3125697199c9128 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Fri, 14 Feb 2025 08:28:50 -0800
Subject: [PATCH 63/81] Fix placement of where email subject is edited

---
 src/registrar/utility/email.py | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/src/registrar/utility/email.py b/src/registrar/utility/email.py
index b4caf42a5..39c7f21ac 100644
--- a/src/registrar/utility/email.py
+++ b/src/registrar/utility/email.py
@@ -60,18 +60,7 @@ def send_templated_email(  # noqa
     # For email links ie getgov-rh.app.cloud.gov
     manage_url = env_base_url if not settings.IS_PRODUCTION else "https://manage.get.gov"
 
-    # Update the subject to have prefix here versus every email
-    subject_template = get_template(subject_template_name)
-    subject = subject_template.render(context=context)
-    subject = f"{prefix}{subject}"
-
-    # Adding to context
-    context.update(
-        {
-            "subject": subject,
-            "manage_url": manage_url,
-        }
-    )
+    context["manage_url"] = manage_url
 
     # by default assume we can send to all addresses (prod has no whitelist)
     sendable_cc_addresses = cc_addresses
@@ -95,6 +84,13 @@ def send_templated_email(  # noqa
     if email_body:
         email_body.strip().lstrip("\n")
 
+    # Update the subject to have prefix here versus every email
+    subject_template = get_template(subject_template_name)
+    subject = subject_template.render(context=context)
+    subject = f"{prefix}{subject}"
+
+    context["subject"] = subject
+
     try:
         ses_client = boto3.client(
             "sesv2",

From c81c229be23e3883e445ecfaba3f7ff01b2ba347 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Fri, 14 Feb 2025 12:01:25 -0500
Subject: [PATCH 64/81] fixed test

---
 src/registrar/tests/test_email_invitations.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/registrar/tests/test_email_invitations.py b/src/registrar/tests/test_email_invitations.py
index 20ac4a565..981bca6dd 100644
--- a/src/registrar/tests/test_email_invitations.py
+++ b/src/registrar/tests/test_email_invitations.py
@@ -919,6 +919,7 @@ class TestSendPortfolioMemberPermissionUpdateEmail(unittest.TestCase):
                 "portfolio": permissions.portfolio,
                 "requestor_email": "requestor@example.com",
                 "permissions": permissions,
+                "date": date.today(),
             },
         )
         self.assertTrue(result)

From 7d8249923e88a0fa4571d6290e5409d792bb42eb Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Fri, 14 Feb 2025 09:17:28 -0800
Subject: [PATCH 65/81] Update comments

---
 src/registrar/utility/email.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/registrar/utility/email.py b/src/registrar/utility/email.py
index 39c7f21ac..797ad4aa9 100644
--- a/src/registrar/utility/email.py
+++ b/src/registrar/utility/email.py
@@ -53,11 +53,13 @@ def send_templated_email(  # noqa
         context = {}
 
     env_base_url = settings.BASE_URL
-    # The regular expresstion is to get both http (localhost) and https (everything else)
+    # The regular expression is to get both http (localhost) and https (everything else)
     env_name = re.sub(r"^https?://", "", env_base_url).split(".")[0]
-    # To add to subject lines ie [GETGOV-RH]
+    # If NOT in prod, add env to the subject line
+    # IE adds [GETGOV-RH] if we are in the -RH sandbox
     prefix = f"[{env_name.upper()}] " if not settings.IS_PRODUCTION else ""
-    # For email links ie getgov-rh.app.cloud.gov
+    # If NOT in prod, update instances of "manage.get.gov" links to point to
+    # current environment, ie "getgov-rh.app.cloud.gov"
     manage_url = env_base_url if not settings.IS_PRODUCTION else "https://manage.get.gov"
 
     context["manage_url"] = manage_url

From 026326b6eca501f9d00782c02ac7a947ac9338f6 Mon Sep 17 00:00:00 2001
From: Rebecca Hsieh <rebecca.hsieh@truss.works>
Date: Fri, 14 Feb 2025 11:15:14 -0800
Subject: [PATCH 66/81] Remove unneeded additional context udpate

---
 src/registrar/utility/email.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/registrar/utility/email.py b/src/registrar/utility/email.py
index 797ad4aa9..94e87a96b 100644
--- a/src/registrar/utility/email.py
+++ b/src/registrar/utility/email.py
@@ -91,8 +91,6 @@ def send_templated_email(  # noqa
     subject = subject_template.render(context=context)
     subject = f"{prefix}{subject}"
 
-    context["subject"] = subject
-
     try:
         ses_client = boto3.client(
             "sesv2",

From 16ed7546fd19db1963fc37bb0f260a690f06df9e Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Fri, 14 Feb 2025 12:35:00 -0700
Subject: [PATCH 67/81] Update analytics.js

---
 src/registrar/assets/src/js/getgov-admin/analytics.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/assets/src/js/getgov-admin/analytics.js b/src/registrar/assets/src/js/getgov-admin/analytics.js
index a5488fa3d..7524b726f 100644
--- a/src/registrar/assets/src/js/getgov-admin/analytics.js
+++ b/src/registrar/assets/src/js/getgov-admin/analytics.js
@@ -163,7 +163,7 @@ export function initAnalyticsDashboard() {
             ];
             charts.forEach(chart => {
                 if (chartInstances.has(chart.id)) chartInstances.get(chart.id).destroy();
-                chartInstances.set(chart.id, createComparativeColumnChart(...chart, "Start Date", "End Date"));
+                chartInstances.set(chart.id, createComparativeColumnChart(chart.id, chart.title, "Start Date", "End Date"));
             });
 
             // Add resize listener to each chart

From 62626636aeba4a03ff7520ffd4b66143e7090a06 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Sat, 15 Feb 2025 08:16:17 -0500
Subject: [PATCH 68/81] Viewer, all => Viewer

---
 src/registrar/assets/src/js/getgov/portfolio-member-page.js | 2 +-
 src/registrar/forms/portfolio.py                            | 2 +-
 src/registrar/models/portfolio_invitation.py                | 2 +-
 src/registrar/models/user_portfolio_permission.py           | 2 +-
 src/registrar/models/utility/portfolio_helper.py            | 4 ++--
 src/registrar/tests/test_views_portfolio.py                 | 2 +-
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov/portfolio-member-page.js b/src/registrar/assets/src/js/getgov/portfolio-member-page.js
index c96677ebc..95723fc7e 100644
--- a/src/registrar/assets/src/js/getgov/portfolio-member-page.js
+++ b/src/registrar/assets/src/js/getgov/portfolio-member-page.js
@@ -128,7 +128,7 @@ export function initAddNewMemberPageListeners() {
       });
     } else {
       // for admin users, the permissions are always the same
-      appendPermissionInContainer('Domains', 'Viewer, all', permissionDetailsContainer);
+      appendPermissionInContainer('Domains', 'Viewer', permissionDetailsContainer);
       appendPermissionInContainer('Domain requests', 'Creator', permissionDetailsContainer);
       appendPermissionInContainer('Members', 'Manager', permissionDetailsContainer);
     }
diff --git a/src/registrar/forms/portfolio.py b/src/registrar/forms/portfolio.py
index 3a9074b2d..9824ed68a 100644
--- a/src/registrar/forms/portfolio.py
+++ b/src/registrar/forms/portfolio.py
@@ -127,7 +127,7 @@ class BasePortfolioMemberForm(forms.ModelForm):
     domain_permissions = forms.ChoiceField(
         choices=[
             (UserPortfolioPermissionChoices.VIEW_MANAGED_DOMAINS.value, "Viewer, limited"),
-            (UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS.value, "Viewer, all"),
+            (UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS.value, "Viewer"),
         ],
         widget=forms.RadioSelect,
         required=False,
diff --git a/src/registrar/models/portfolio_invitation.py b/src/registrar/models/portfolio_invitation.py
index 045cf2de4..99febc92e 100644
--- a/src/registrar/models/portfolio_invitation.py
+++ b/src/registrar/models/portfolio_invitation.py
@@ -108,7 +108,7 @@ class PortfolioInvitation(TimeStampedModel):
         Returns a string representation of the user's domain access level.
 
         Uses the `get_domains_display` function to determine whether the user has
-        "Viewer, all" access (can view all domains) or "Viewer, limited" access.
+        "Viewer" access (can view all domains) or "Viewer, limited" access.
 
         Returns:
             str: The display name of the user's domain permissions.
diff --git a/src/registrar/models/user_portfolio_permission.py b/src/registrar/models/user_portfolio_permission.py
index 202fc2e8d..e077daa57 100644
--- a/src/registrar/models/user_portfolio_permission.py
+++ b/src/registrar/models/user_portfolio_permission.py
@@ -204,7 +204,7 @@ class UserPortfolioPermission(TimeStampedModel):
         Returns a string representation of the user's domain access level.
 
         Uses the `get_domains_display` function to determine whether the user has
-        "Viewer, all" access (can view all domains) or "Viewer, limited" access.
+        "Viewer" access (can view all domains) or "Viewer, limited" access.
 
         Returns:
             str: The display name of the user's domain permissions.
diff --git a/src/registrar/models/utility/portfolio_helper.py b/src/registrar/models/utility/portfolio_helper.py
index 00c5ce2b8..03733237e 100644
--- a/src/registrar/models/utility/portfolio_helper.py
+++ b/src/registrar/models/utility/portfolio_helper.py
@@ -105,7 +105,7 @@ def get_domains_display(roles, permissions):
     """
     Determines the display name for a user's domain viewing permissions.
 
-    - If the user has the VIEW_ALL_DOMAINS permission, return "Viewer, all".
+    - If the user has the VIEW_ALL_DOMAINS permission, return "Viewer".
     - Otherwise, return "Viewer, limited".
 
     Args:
@@ -118,7 +118,7 @@ def get_domains_display(roles, permissions):
     UserPortfolioPermission = apps.get_model("registrar.UserPortfolioPermission")
     all_permissions = UserPortfolioPermission.get_portfolio_permissions(roles, permissions)
     if UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS in all_permissions:
-        return "Viewer, all"
+        return "Viewer"
     else:
         return "Viewer, limited"
 
diff --git a/src/registrar/tests/test_views_portfolio.py b/src/registrar/tests/test_views_portfolio.py
index 65e0350ee..3ce1cfdfa 100644
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@@ -1063,7 +1063,7 @@ class TestPortfolio(WebTest):
         self.assertContains(response, "Invited")
         self.assertContains(response, portfolio_invitation.email)
         self.assertContains(response, "Admin")
-        self.assertContains(response, "Viewer, all")
+        self.assertContains(response, "Viewer")
         self.assertContains(response, "Creator")
         self.assertContains(response, "Manager")
         self.assertContains(

From 6a7499c5607f2c661b818456903f63f32ff460ea Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 16 Feb 2025 15:56:47 -0700
Subject: [PATCH 69/81] fixes

---
 src/registrar/templates/admin/change_list.html              | 2 +-
 .../templates/django/admin/multiple_choice_list_filter.html | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/registrar/templates/admin/change_list.html b/src/registrar/templates/admin/change_list.html
index 43e6fa5b5..24c10621e 100644
--- a/src/registrar/templates/admin/change_list.html
+++ b/src/registrar/templates/admin/change_list.html
@@ -61,7 +61,7 @@
         {% else %}<a href="{{ cl.add_facet_link }}" class="viewlink">{% translate "Show counts" %}</a>{% endif %}
         </h3>{% endif %}
         {% if cl.has_active_filters %}<div class="margin-2">
-        <a href="{{ cl.clear_all_filters_qs }}">&#10006; {% translate "Clear all filters" %}</a>
+        <a href="{{ cl.clear_all_filters_qs }}" role="link">&#10006; {% translate "Clear all filters" %}</a>
         </div>{% endif %}
     </div>{% endif %}
     {% for spec in cl.filter_specs %}{% admin_list_filter cl spec %}{% endfor %}
diff --git a/src/registrar/templates/django/admin/multiple_choice_list_filter.html b/src/registrar/templates/django/admin/multiple_choice_list_filter.html
index 2a61fee93..aedffef3f 100644
--- a/src/registrar/templates/django/admin/multiple_choice_list_filter.html
+++ b/src/registrar/templates/django/admin/multiple_choice_list_filter.html
@@ -2,7 +2,7 @@
 {% load static field_helpers url_helpers %}
 
 <details data-filter-title="{{ filter_title }}" open="">
-  <summary>
+  <summary aria-label="Show/hide {{ filter_title }} filters" role="button">
     {% blocktrans with filter_title=title %} By {{ filter_title }} {% endblocktrans %} 
   </summary>
   <ul class="mulitple-choice">
@@ -18,7 +18,7 @@
         {% if not choice.reset %}
             <li{% if choice.selected %} class="selected"{% endif %}">
               {% if choice.selected and choice.exclude_query_string %}
-                <a class="choice-filter choice-filter--checked" href="{{ choice.exclude_query_string|iriencode }}">{{ choice.display }}
+                <a role="menuitemcheckbox" class="choice-filter choice-filter--checked" href="{{ choice.exclude_query_string|iriencode }}">{{ choice.display }}
                   <svg class="usa-icon position-absolute z-0 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                     <use xlink:href="{%static 'img/sprite.svg'%}#check_box_outline_blank"></use>
                   </svg>
@@ -28,7 +28,7 @@
                 </a>
               {% endif %}
               {% if not choice.selected and choice.include_query_string %}
-                <a class="choice-filter" href="{{ choice.include_query_string|iriencode }}">{{ choice.display }}
+                <a role="menuitemcheckbox" class="choice-filter" href="{{ choice.include_query_string|iriencode }}">{{ choice.display }}
                   <svg class="usa-icon position-absolute z-0 left-0" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                     <use xlink:href="{%static 'img/sprite.svg'%}#check_box_outline_blank"></use>
                   </svg>

From 7988334df9068fcaf3bcb6bba3bd8c249e0d36d8 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 16 Feb 2025 18:41:47 -0700
Subject: [PATCH 70/81] fix bug in multi_choice_list_filter

---
 .../templates/django/admin/multiple_choice_list_filter.html   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/templates/django/admin/multiple_choice_list_filter.html b/src/registrar/templates/django/admin/multiple_choice_list_filter.html
index aedffef3f..c64fa1be1 100644
--- a/src/registrar/templates/django/admin/multiple_choice_list_filter.html
+++ b/src/registrar/templates/django/admin/multiple_choice_list_filter.html
@@ -1,8 +1,8 @@
 {% load i18n %}
 {% load static field_helpers url_helpers %}
 
-<details data-filter-title="{{ filter_title }}" open="">
-  <summary aria-label="Show/hide {{ filter_title }} filters" role="button">
+<details data-filter-title="{{ title }}" open="">
+  <summary aria-label="Show/hide {{ title }} filters" role="button">
     {% blocktrans with filter_title=title %} By {{ filter_title }} {% endblocktrans %} 
   </summary>
   <ul class="mulitple-choice">

From 1b7871c4063233d8a8b8e6f5f13164edf5393eb4 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 16 Feb 2025 18:56:20 -0700
Subject: [PATCH 71/81] stripped dead code

---
 src/registrar/models/user.py                 | 45 +--------------
 src/registrar/templatetags/custom_filters.py |  7 ---
 src/registrar/tests/test_models.py           | 61 --------------------
 3 files changed, 1 insertion(+), 112 deletions(-)

diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index 82a0465c5..d5476ab9a 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -269,7 +269,7 @@ class User(AbstractUser):
         return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.EDIT_REQUESTS)
 
     def is_portfolio_admin(self, portfolio):
-        return "Admin" in self.portfolio_role_summary(portfolio)
+        return self.has_edit_portfolio_permission(portfolio)
 
     def get_first_portfolio(self):
         permission = self.portfolio_permissions.first()
@@ -277,49 +277,6 @@ class User(AbstractUser):
             return permission.portfolio
         return None
 
-    def portfolio_role_summary(self, portfolio):
-        """Returns a list of roles based on the user's permissions."""
-        roles = []
-
-        # Define the conditions and their corresponding roles
-        conditions_roles = [
-            (self.has_edit_portfolio_permission(portfolio), ["Admin"]),
-            (
-                self.has_view_all_domains_portfolio_permission(portfolio)
-                and self.has_any_requests_portfolio_permission(portfolio)
-                and self.has_edit_request_portfolio_permission(portfolio),
-                ["View-only admin", "Domain requestor"],
-            ),
-            (
-                self.has_view_all_domains_portfolio_permission(portfolio)
-                and self.has_any_requests_portfolio_permission(portfolio),
-                ["View-only admin"],
-            ),
-            (
-                self.has_view_portfolio_permission(portfolio)
-                and self.has_edit_request_portfolio_permission(portfolio)
-                and self.has_any_domains_portfolio_permission(portfolio),
-                ["Domain requestor", "Domain manager"],
-            ),
-            (
-                self.has_view_portfolio_permission(portfolio) and self.has_edit_request_portfolio_permission(portfolio),
-                ["Domain requestor"],
-            ),
-            (
-                self.has_view_portfolio_permission(portfolio) and self.has_any_domains_portfolio_permission(portfolio),
-                ["Domain manager"],
-            ),
-            (self.has_view_portfolio_permission(portfolio), ["Member"]),
-        ]
-
-        # Evaluate conditions and add roles
-        for condition, role_list in conditions_roles:
-            if condition:
-                roles.extend(role_list)
-                break
-
-        return roles
-
     def get_portfolios(self):
         return self.portfolio_permissions.all()
 
diff --git a/src/registrar/templatetags/custom_filters.py b/src/registrar/templatetags/custom_filters.py
index d21678d58..c0204b4ca 100644
--- a/src/registrar/templatetags/custom_filters.py
+++ b/src/registrar/templatetags/custom_filters.py
@@ -251,13 +251,6 @@ def is_members_subpage(path):
     return get_url_name(path) in url_names
 
 
-@register.filter(name="portfolio_role_summary")
-def portfolio_role_summary(user, portfolio):
-    """Returns the value of user.portfolio_role_summary"""
-    if user and portfolio:
-        return user.portfolio_role_summary(portfolio)
-    else:
-        return []
 
 
 @register.filter(name="display_requesting_entity")
diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index 4401b73e8..cd2fe868d 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1191,67 +1191,6 @@ class TestUser(TestCase):
         User.objects.all().delete()
         UserDomainRole.objects.all().delete()
 
-    @patch.object(User, "has_edit_portfolio_permission", return_value=True)
-    def test_portfolio_role_summary_admin(self, mock_edit_org):
-        # Test if the user is recognized as an Admin
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Admin"])
-
-    @patch.multiple(
-        User,
-        has_view_all_domains_portfolio_permission=lambda self, portfolio: True,
-        has_any_requests_portfolio_permission=lambda self, portfolio: True,
-        has_edit_request_portfolio_permission=lambda self, portfolio: True,
-    )
-    def test_portfolio_role_summary_view_only_admin_and_domain_requestor(self):
-        # Test if the user has both 'View-only admin' and 'Domain requestor' roles
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["View-only admin", "Domain requestor"])
-
-    @patch.multiple(
-        User,
-        has_view_all_domains_portfolio_permission=lambda self, portfolio: True,
-        has_any_requests_portfolio_permission=lambda self, portfolio: True,
-    )
-    def test_portfolio_role_summary_view_only_admin(self):
-        # Test if the user is recognized as a View-only admin
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["View-only admin"])
-
-    @patch.multiple(
-        User,
-        has_view_portfolio_permission=lambda self, portfolio: True,
-        has_edit_request_portfolio_permission=lambda self, portfolio: True,
-        has_any_domains_portfolio_permission=lambda self, portfolio: True,
-    )
-    def test_portfolio_role_summary_member_domain_requestor_domain_manager(self):
-        # Test if the user has 'Member', 'Domain requestor', and 'Domain manager' roles
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain requestor", "Domain manager"])
-
-    @patch.multiple(
-        User,
-        has_view_portfolio_permission=lambda self, portfolio: True,
-        has_edit_request_portfolio_permission=lambda self, portfolio: True,
-    )
-    def test_portfolio_role_summary_member_domain_requestor(self):
-        # Test if the user has 'Member' and 'Domain requestor' roles
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain requestor"])
-
-    @patch.multiple(
-        User,
-        has_view_portfolio_permission=lambda self, portfolio: True,
-        has_any_domains_portfolio_permission=lambda self, portfolio: True,
-    )
-    def test_portfolio_role_summary_member_domain_manager(self):
-        # Test if the user has 'Member' and 'Domain manager' roles
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain manager"])
-
-    @patch.multiple(User, has_view_portfolio_permission=lambda self, portfolio: True)
-    def test_portfolio_role_summary_member(self):
-        # Test if the user is recognized as a Member
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Member"])
-
-    def test_portfolio_role_summary_empty(self):
-        # Test if the user has no roles
-        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), [])
-
     @patch("registrar.models.User._has_portfolio_permission")
     def test_has_view_portfolio_permission(self, mock_has_permission):
         mock_has_permission.return_value = True

From 70f5a655a8ae9a7b27aa778ecf68d9c1f401d815 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Sun, 16 Feb 2025 19:00:23 -0700
Subject: [PATCH 72/81] linted

---
 src/registrar/templatetags/custom_filters.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/registrar/templatetags/custom_filters.py b/src/registrar/templatetags/custom_filters.py
index c0204b4ca..ff73e6dc1 100644
--- a/src/registrar/templatetags/custom_filters.py
+++ b/src/registrar/templatetags/custom_filters.py
@@ -251,8 +251,6 @@ def is_members_subpage(path):
     return get_url_name(path) in url_names
 
 
-
-
 @register.filter(name="display_requesting_entity")
 def display_requesting_entity(domain_request):
     """Workaround for a newline issue in .txt files (our emails) as if statements

From a0d71bf9f2aca4193b230d0a079efef8c71215a0 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Tue, 18 Feb 2025 09:39:06 -0700
Subject: [PATCH 73/81] move skip to filters link up the DOM

---
 src/registrar/templates/admin/change_list.html | 1 -
 src/registrar/templates/base.html              | 1 +
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/admin/change_list.html b/src/registrar/templates/admin/change_list.html
index 7256f2af2..c5ee34f3e 100644
--- a/src/registrar/templates/admin/change_list.html
+++ b/src/registrar/templates/admin/change_list.html
@@ -38,7 +38,6 @@
         {% endif %}
     </h2>    
     
-    <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
 {% endblock %}
 
 {% comment %} Replace the Django ul markup with a div. We'll replace the li with a p in change_list_object_tools {% endcomment %}
diff --git a/src/registrar/templates/base.html b/src/registrar/templates/base.html
index dd6417ccb..e1c315bc8 100644
--- a/src/registrar/templates/base.html
+++ b/src/registrar/templates/base.html
@@ -70,6 +70,7 @@
 
 <body id="{% block body_id %}default{% endblock %}" class="{% block body_class %}section_front{% endblock %}">
   <a class="usa-skipnav" href="#main-content">Skip to main content</a>
+  <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
 
   {% if not IS_PRODUCTION %}
     {% include "includes/banner-non-production-alert.html" %}

From d2cdc95e9711101cf055409fa8f742f9f92284e0 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Tue, 18 Feb 2025 09:47:03 -0700
Subject: [PATCH 74/81] fix - wrong part of DOM!

---
 src/registrar/templates/admin/base_site.html | 2 ++
 src/registrar/templates/base.html            | 1 -
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/registrar/templates/admin/base_site.html b/src/registrar/templates/admin/base_site.html
index b80917bb2..45220ed96 100644
--- a/src/registrar/templates/admin/base_site.html
+++ b/src/registrar/templates/admin/base_site.html
@@ -49,6 +49,8 @@
     {% endwith %}
   {% endif %}
 
+  <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
+
   {# Djando update: this div will change to header #}
   <div id="header">
     <div id="branding">
diff --git a/src/registrar/templates/base.html b/src/registrar/templates/base.html
index e1c315bc8..dd6417ccb 100644
--- a/src/registrar/templates/base.html
+++ b/src/registrar/templates/base.html
@@ -70,7 +70,6 @@
 
 <body id="{% block body_id %}default{% endblock %}" class="{% block body_class %}section_front{% endblock %}">
   <a class="usa-skipnav" href="#main-content">Skip to main content</a>
-  <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
 
   {% if not IS_PRODUCTION %}
     {% include "includes/banner-non-production-alert.html" %}

From 4a4128d3a75bdfe456241922f30ff8f89a2c5482 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Tue, 18 Feb 2025 09:50:34 -0700
Subject: [PATCH 75/81] fix - hide skip link if no table is selected

---
 src/registrar/templates/admin/base_site.html | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/registrar/templates/admin/base_site.html b/src/registrar/templates/admin/base_site.html
index 45220ed96..0ef5cb878 100644
--- a/src/registrar/templates/admin/base_site.html
+++ b/src/registrar/templates/admin/base_site.html
@@ -49,7 +49,9 @@
     {% endwith %}
   {% endif %}
 
-  <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
+  {% if opts.model_name %}
+    <a class="usa-skipnav" href="#changelist-filter" aria-label="Skip to the filters section">Skip to filters</a>
+  {% endif %}
 
   {# Djando update: this div will change to header #}
   <div id="header">

From 3493b9a16f9056ad4b625ae909f9768b29956557 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Tue, 18 Feb 2025 10:30:30 -0700
Subject: [PATCH 76/81] Less specific selector

---
 src/registrar/assets/src/js/getgov-admin/analytics.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/assets/src/js/getgov-admin/analytics.js b/src/registrar/assets/src/js/getgov-admin/analytics.js
index 7524b726f..47bc81388 100644
--- a/src/registrar/assets/src/js/getgov-admin/analytics.js
+++ b/src/registrar/assets/src/js/getgov-admin/analytics.js
@@ -146,7 +146,7 @@ function createComparativeColumnChart(id, title, labelOne, labelTwo) {
 /** An IIFE to initialize the analytics page
 */
 export function initAnalyticsDashboard() {
-    const analyticsPageContainer = document.querySelector('.analytics-dashboard .analytics-dashboard-charts');
+    const analyticsPageContainer = document.querySelector('.analytics-dashboard-charts');
     if (analyticsPageContainer) {
         document.addEventListener("DOMContentLoaded", function () {
             initAnalyticsExportButtons();

From 0f0048fe335582ba9bc8984db2b56980e8073158 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Tue, 18 Feb 2025 10:34:50 -0700
Subject: [PATCH 77/81] fix button wrap

---
 src/registrar/templates/admin/analytics.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index d345aeb14..fdebff22c 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -95,7 +95,7 @@ https://github.com/django/django/blob/main/django/contrib/admin/templates/admin/
                   <input type="date" id="end" name="end" value="2023-12-01" min="2023-12-01" />
               </div>
           </div>
-          <ul class="usa-button-group">
+          <ul class="usa-button-group flex-wrap">
             <li class="usa-button-group__item">
               <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">

From 0890e0afd9482384a4f80b49c9b55b9d03d8e114 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 19 Feb 2025 12:11:51 -0500
Subject: [PATCH 78/81] Special alignment for the sort button on the checkbox
 column

---
 src/registrar/assets/src/sass/_theme/_tables.scss          | 7 +++++--
 .../templates/includes/member_domains_edit_table.html      | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_tables.scss b/src/registrar/assets/src/sass/_theme/_tables.scss
index d67b08041..c050f21f1 100644
--- a/src/registrar/assets/src/sass/_theme/_tables.scss
+++ b/src/registrar/assets/src/sass/_theme/_tables.scss
@@ -103,8 +103,8 @@ th {
     }
   }
   @include at-media(tablet-lg) {
-    th[data-sortable] .usa-table__header__button,
-    th[data-sortable] .usa-table__header__button:not([aria-sort]) {
+    th[data-sortable]:not(.left-align-sort-button) .usa-table__header__button,
+    th[data-sortable]:not(.left-align-sort-button) .usa-table__header__button:not([aria-sort]) {
       // position next to the copy
       right: auto;
       // slide left to mock a margin between the copy and the icon
@@ -112,6 +112,9 @@ th {
       // fix vertical alignment
       top: units(1.5);
     }
+    th[data-sortable].left-align-sort-button .usa-table__header__button {
+      left: 0;
+    }
   }
 
   // Currently the 'flash' when sort is clicked,
diff --git a/src/registrar/templates/includes/member_domains_edit_table.html b/src/registrar/templates/includes/member_domains_edit_table.html
index fd63e5aa7..a67919413 100644
--- a/src/registrar/templates/includes/member_domains_edit_table.html
+++ b/src/registrar/templates/includes/member_domains_edit_table.html
@@ -45,7 +45,7 @@
       <caption class="sr-only">member domains</caption>
       <thead>
         <tr>
-          <th data-sortable="checked" scope="col" role="columnheader" class="padding-right-105 width-6"><span class="sr-only">Assigned domains</span></th>
+          <th data-sortable="checked" scope="col" role="columnheader" class="padding-right-105 width-6 left-align-sort-button"><span class="sr-only">Assigned domains</span></th>
           <!-- We override default sort to be name/ascending in the JSON endpoint. We add the correct aria-sort attribute here to reflect that in the UI -->
           <th data-sortable="name" scope="col" role="columnheader" aria-sort="descending">Domains</th>
         </tr>

From c501eac13392b7cb7b9a88742a8e227b5d53681a Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 19 Feb 2025 12:13:39 -0500
Subject: [PATCH 79/81] simplify css selectors

---
 src/registrar/assets/src/sass/_theme/_tables.scss | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/registrar/assets/src/sass/_theme/_tables.scss b/src/registrar/assets/src/sass/_theme/_tables.scss
index c050f21f1..614d0348e 100644
--- a/src/registrar/assets/src/sass/_theme/_tables.scss
+++ b/src/registrar/assets/src/sass/_theme/_tables.scss
@@ -103,8 +103,7 @@ th {
     }
   }
   @include at-media(tablet-lg) {
-    th[data-sortable]:not(.left-align-sort-button) .usa-table__header__button,
-    th[data-sortable]:not(.left-align-sort-button) .usa-table__header__button:not([aria-sort]) {
+    th[data-sortable]:not(.left-align-sort-button) .usa-table__header__button {
       // position next to the copy
       right: auto;
       // slide left to mock a margin between the copy and the icon

From 0587cd795d9de3b62505f16b70628c2c90fc1469 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 19 Feb 2025 11:55:55 -0700
Subject: [PATCH 80/81] rename elements

---
 .../assets/src/js/getgov/domain-request-form.js       | 11 ++++++-----
 .../templates/domain_request_current_sites.html       |  2 +-
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov/domain-request-form.js b/src/registrar/assets/src/js/getgov/domain-request-form.js
index cfc224a14..498749589 100644
--- a/src/registrar/assets/src/js/getgov/domain-request-form.js
+++ b/src/registrar/assets/src/js/getgov/domain-request-form.js
@@ -2,12 +2,13 @@ import { submitForm } from './helpers.js';
 
 export function initDomainRequestForm() {
     document.addEventListener('DOMContentLoaded', function() {
-        initCurrentWebsites();
-        initReview();
+        // These are the request steps in DomainRequestWizard, such as current_websites or review
+        initRequestStepCurrentWebsites();
+        initRequestStepReview();
     });
 }
 
-function initReview() {
+function initRequestStepReview() {
     const button = document.getElementById("domain-request-form-submit-button");
     if (button) {
         button.addEventListener("click", function () {
@@ -16,9 +17,9 @@ function initReview() {
     } 
 }
 
-function initCurrentWebsites() {
+function initRequestStepCurrentWebsites() {
     //register-form-step
-    const addAnotherSiteButton = document.getElementById("add-another-site-button");
+    const addAnotherSiteButton = document.getElementById("submit-domain-request--site-button");
     if (addAnotherSiteButton) {
         // Check for focus state in sessionStorage
         const focusTarget = sessionStorage.getItem("lastFocusedElement");
diff --git a/src/registrar/templates/domain_request_current_sites.html b/src/registrar/templates/domain_request_current_sites.html
index 55c864d25..8eb5bb0d1 100644
--- a/src/registrar/templates/domain_request_current_sites.html
+++ b/src/registrar/templates/domain_request_current_sites.html
@@ -20,7 +20,7 @@
   {% endwith %} 
   {% endfor %}
 
-  <button id="add-another-site-button" type="submit" name="submit_button" value="save" class="usa-button usa-button--with-icon usa-button--unstyled">
+  <button id="submit-domain-request--site-button" type="submit" name="submit_button" value="save" class="usa-button usa-button--with-icon usa-button--unstyled">
     <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
       <use xlink:href="{%static 'img/sprite.svg'%}#add_circle"></use>
     </svg><span class="margin-left-05">Add another site</span>

From 73b6c494575a8fb951c08a014eb6f974c829f730 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 19 Feb 2025 14:41:33 -0700
Subject: [PATCH 81/81] Update domain-request-form.js

---
 src/registrar/assets/src/js/getgov/domain-request-form.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/registrar/assets/src/js/getgov/domain-request-form.js b/src/registrar/assets/src/js/getgov/domain-request-form.js
index 498749589..b49912fa4 100644
--- a/src/registrar/assets/src/js/getgov/domain-request-form.js
+++ b/src/registrar/assets/src/js/getgov/domain-request-form.js
@@ -3,12 +3,12 @@ import { submitForm } from './helpers.js';
 export function initDomainRequestForm() {
     document.addEventListener('DOMContentLoaded', function() {
         // These are the request steps in DomainRequestWizard, such as current_websites or review
-        initRequestStepCurrentWebsites();
-        initRequestStepReview();
+        initRequestStepCurrentWebsitesListener();
+        initRequestStepReviewListener();
     });
 }
 
-function initRequestStepReview() {
+function initRequestStepReviewListener() {
     const button = document.getElementById("domain-request-form-submit-button");
     if (button) {
         button.addEventListener("click", function () {
@@ -17,7 +17,7 @@ function initRequestStepReview() {
     } 
 }
 
-function initRequestStepCurrentWebsites() {
+function initRequestStepCurrentWebsitesListener() {
     //register-form-step
     const addAnotherSiteButton = document.getElementById("submit-domain-request--site-button");
     if (addAnotherSiteButton) {