From 7bac5185b07af4b2ba1463186aa0a4ad838f6fa1 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Sat, 25 Nov 2023 06:06:37 -0500 Subject: [PATCH 01/17] updated check availability message in api and in form; modified js to display html rather than text --- src/api/views.py | 10 ++++++++-- src/registrar/assets/js/get-gov.js | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/api/views.py b/src/api/views.py index 2cb23a9b2..5e5365e58 100644 --- a/src/api/views.py +++ b/src/api/views.py @@ -2,6 +2,9 @@ from django.apps import apps from django.views.decorators.http import require_http_methods from django.http import JsonResponse +from django.utils.safestring import mark_safe + +from registrar.templatetags.url_helpers import public_site_url import requests @@ -18,8 +21,11 @@ DOMAIN_API_MESSAGES = { " For example, if you want www.city.gov, you would enter “city”" " (without the quotes).", "extra_dots": "Enter the .gov domain you want without any periods.", - "unavailable": "That domain isn’t available. Try entering another one." - " Contact us if you need help coming up with a domain.", + "unavailable": mark_safe( # nosec + "That domain isn’t available. " + "" + "Read more about choosing your .gov domain.".format(public_site_url("domains/choosing")) + ), "invalid": "Enter a domain using only letters, numbers, or hyphens (though we don't recommend using hyphens).", "success": "That domain is available!", "error": "Error finding domain availability.", diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js index b659b117e..4ef4efbba 100644 --- a/src/registrar/assets/js/get-gov.js +++ b/src/registrar/assets/js/get-gov.js @@ -115,7 +115,7 @@ function inlineToast(el, id, style, msg) { toast.className = `usa-alert usa-alert--${style} usa-alert--slim`; toastBody.classList.add("usa-alert__body"); p.classList.add("usa-alert__text"); - p.innerText = msg; + p.innerHTML = msg; toastBody.appendChild(p); toast.appendChild(toastBody); el.parentNode.insertBefore(toast, el.nextSibling); From 614da492dbb9f98cfe8121b710b21afc5971fc77 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Sat, 25 Nov 2023 07:45:46 -0500 Subject: [PATCH 02/17] added form level checking for duplicate entries in nameserver form --- src/registrar/forms/domain.py | 26 ++++++++++++++++++++++++++ src/registrar/utility/errors.py | 7 +++++-- 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/src/registrar/forms/domain.py b/src/registrar/forms/domain.py index ae83650cb..965880354 100644 --- a/src/registrar/forms/domain.py +++ b/src/registrar/forms/domain.py @@ -117,8 +117,34 @@ class DomainNameserverForm(forms.Form): self.add_error("ip", str(e)) +class BaseNameserverFormset(forms.BaseFormSet): + def clean(self): + """ + Check for duplicate entries in the formset. + """ + if any(self.errors): + # Don't bother validating the formset unless each form is valid on its own + return + + data = [] + duplicates = [] + + for form in self.forms: + if form.cleaned_data: + value = form.cleaned_data['server'] + if value in data: + form.add_error( + "server", + NameserverError(code=nsErrorCodes.DUPLICATE_HOST, nameserver=value), + ) + duplicates.append(value) + else: + data.append(value) + + NameserverFormset = formset_factory( DomainNameserverForm, + formset=BaseNameserverFormset, extra=1, max_num=13, validate_max=True, diff --git a/src/registrar/utility/errors.py b/src/registrar/utility/errors.py index 420c616cb..52b1ea1d3 100644 --- a/src/registrar/utility/errors.py +++ b/src/registrar/utility/errors.py @@ -68,7 +68,8 @@ class NameserverErrorCodes(IntEnum): - 4 TOO_MANY_HOSTS more than the max allowed host values - 5 MISSING_HOST host is missing for a nameserver - 6 INVALID_HOST host is invalid for a nameserver - - 7 BAD_DATA bad data input for nameserver + - 7 DUPLICATE_HOST host is a duplicate + - 8 BAD_DATA bad data input for nameserver """ MISSING_IP = 1 @@ -77,7 +78,8 @@ class NameserverErrorCodes(IntEnum): TOO_MANY_HOSTS = 4 MISSING_HOST = 5 INVALID_HOST = 6 - BAD_DATA = 7 + DUPLICATE_HOST = 7 + BAD_DATA = 8 class NameserverError(Exception): @@ -93,6 +95,7 @@ class NameserverError(Exception): NameserverErrorCodes.TOO_MANY_HOSTS: ("Too many hosts provided, you may not have more than 13 nameservers."), NameserverErrorCodes.MISSING_HOST: ("Name server must be provided to enter IP address."), NameserverErrorCodes.INVALID_HOST: ("Enter a name server in the required format, like ns1.example.com"), + NameserverErrorCodes.DUPLICATE_HOST: ("Remove duplicate entry"), NameserverErrorCodes.BAD_DATA: ( "There’s something wrong with the name server information you provided. " "If you need help email us at help@get.gov." From 952cc6f46bb9e45932590a764fd7c2ea718b71cb Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Sat, 25 Nov 2023 08:09:33 -0500 Subject: [PATCH 03/17] added test case --- src/registrar/tests/test_views.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 936c344f7..9f423e276 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1462,6 +1462,30 @@ class TestDomainNameservers(TestDomainOverview): status_code=200, ) + def test_domain_nameservers_form_submit_duplicate_host(self): + """Nameserver form catches error when host is duplicated. + + Uses self.app WebTest because we need to interact with forms. + """ + # initial nameservers page has one server with two ips + nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id})) + session_id = self.app.cookies[settings.SESSION_COOKIE_NAME] + self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) + # attempt to submit the form with duplicate host names of fake.host.com + nameservers_page.form["form-0-ip"] = "" + nameservers_page.form["form-1-server"] = "fake.host.com" + with less_console_noise(): # swallow log warning message + result = nameservers_page.form.submit() + # form submission was a post with an error, response should be a 200 + # error text appears twice, once at the top of the page, once around + # the required field. remove duplicate entry + self.assertContains( + result, + str(NameserverError(code=NameserverErrorCodes.DUPLICATE_HOST)), + count=2, + status_code=200, + ) + def test_domain_nameservers_form_submit_glue_record_not_allowed(self): """Nameserver form catches error when IP is present but host not subdomain. From b56b95ba086316c9c3a30e19a073f9e4e14810ba Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Sat, 25 Nov 2023 08:11:42 -0500 Subject: [PATCH 04/17] formatted for linter --- src/registrar/forms/domain.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/registrar/forms/domain.py b/src/registrar/forms/domain.py index 965880354..b8efdae49 100644 --- a/src/registrar/forms/domain.py +++ b/src/registrar/forms/domain.py @@ -131,7 +131,7 @@ class BaseNameserverFormset(forms.BaseFormSet): for form in self.forms: if form.cleaned_data: - value = form.cleaned_data['server'] + value = form.cleaned_data["server"] if value in data: form.add_error( "server", From 1f4fcf1225a5aa605b1c2b1a6d256dc3b94a0570 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Sat, 25 Nov 2023 10:04:24 -0500 Subject: [PATCH 05/17] fixed whitespace bug in ips in nameserver; created test case --- src/registrar/forms/domain.py | 1 + src/registrar/tests/common.py | 32 ++++++++++++++++++++------- src/registrar/tests/test_views.py | 36 +++++++++++++++++++++++++++++-- 3 files changed, 59 insertions(+), 10 deletions(-) diff --git a/src/registrar/forms/domain.py b/src/registrar/forms/domain.py index ae83650cb..9c09467cd 100644 --- a/src/registrar/forms/domain.py +++ b/src/registrar/forms/domain.py @@ -67,6 +67,7 @@ class DomainNameserverForm(forms.Form): ip = cleaned_data.get("ip", None) # remove ANY spaces in the ip field ip = ip.replace(" ", "") + cleaned_data["ip"] = ip domain = cleaned_data.get("domain", "") ip_list = self.extract_ip_list(ip) diff --git a/src/registrar/tests/common.py b/src/registrar/tests/common.py index 9a062106f..8a971474d 100644 --- a/src/registrar/tests/common.py +++ b/src/registrar/tests/common.py @@ -859,15 +859,9 @@ class MockEppLib(TestCase): case commands.UpdateDomain: return self.mockUpdateDomainCommands(_request, cleaned) case commands.CreateHost: - return MagicMock( - res_data=[self.mockDataHostChange], - code=ErrorCode.COMMAND_COMPLETED_SUCCESSFULLY, - ) + return self.mockCreateHostCommands(_request, cleaned) case commands.UpdateHost: - return MagicMock( - res_data=[self.mockDataHostChange], - code=ErrorCode.COMMAND_COMPLETED_SUCCESSFULLY, - ) + return self.mockUpdateHostCommands(_request, cleaned) case commands.DeleteHost: return MagicMock( res_data=[self.mockDataHostChange], @@ -882,6 +876,28 @@ class MockEppLib(TestCase): case _: return MagicMock(res_data=[self.mockDataInfoHosts]) + def mockCreateHostCommands(self, _request, cleaned): + test_ws_ip = common.Ip(addr="1.1. 1.1") + addrs_submitted = getattr(_request, "addrs", []) + if test_ws_ip in addrs_submitted: + raise RegistryError(code=ErrorCode.PARAMETER_VALUE_RANGE_ERROR) + else: + return MagicMock( + res_data=[self.mockDataHostChange], + code=ErrorCode.COMMAND_COMPLETED_SUCCESSFULLY, + ) + + def mockUpdateHostCommands(self, _request, cleaned): + test_ws_ip = common.Ip(addr="1.1. 1.1") + addrs_submitted = getattr(_request, "addrs", []) + if test_ws_ip in addrs_submitted: + raise RegistryError(code=ErrorCode.PARAMETER_VALUE_RANGE_ERROR) + else: + return MagicMock( + res_data=[self.mockDataHostChange], + code=ErrorCode.COMMAND_COMPLETED_SUCCESSFULLY, + ) + def mockUpdateDomainCommands(self, _request, cleaned): if getattr(_request, "name", None) == "dnssec-invalid.gov": raise RegistryError(code=ErrorCode.PARAMETER_VALUE_RANGE_ERROR) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 936c344f7..39b23b546 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1462,6 +1462,38 @@ class TestDomainNameservers(TestDomainOverview): status_code=200, ) + def test_domain_nameservers_form_submit_whitespace(self): + """Nameserver form removes whitespace from ip. + + Uses self.app WebTest because we need to interact with forms. + """ + nameserver1 = "ns1.igorville.gov" + nameserver2 = "ns2.igorville.gov" + valid_ip = "1.1. 1.1" + # initial nameservers page has one server with two ips + # have to throw an error in order to test that the whitespace has been stripped from ip + nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id})) + session_id = self.app.cookies[settings.SESSION_COOKIE_NAME] + self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) + # attempt to submit the form without one host and an ip with whitespace + nameservers_page.form["form-0-server"] = nameserver1 + nameservers_page.form["form-1-ip"] = valid_ip + nameservers_page.form["form-1-server"] = nameserver2 + with less_console_noise(): # swallow log warning message + result = nameservers_page.form.submit() + # form submission was a post with an ip address which has been stripped of whitespace, + # response should be a 302 to success page + self.assertEqual(result.status_code, 302) + self.assertEqual( + result["Location"], + reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id}), + ) + self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) + page = result.follow() + # in the event of a generic nameserver error from registry error, there will be a 302 + # with an error message displayed, so need to follow 302 and test for success message + self.assertContains(page, "The name servers for this domain have been updated") + def test_domain_nameservers_form_submit_glue_record_not_allowed(self): """Nameserver form catches error when IP is present but host not subdomain. @@ -1553,7 +1585,7 @@ class TestDomainNameservers(TestDomainOverview): """ nameserver1 = "ns1.igorville.gov" nameserver2 = "ns2.igorville.gov" - invalid_ip = "127.0.0.1" + valid_ip = "127.0.0.1" # initial nameservers page has one server with two ips nameservers_page = self.app.get(reverse("domain-dns-nameservers", kwargs={"pk": self.domain.id})) session_id = self.app.cookies[settings.SESSION_COOKIE_NAME] @@ -1562,7 +1594,7 @@ class TestDomainNameservers(TestDomainOverview): # only one has ips nameservers_page.form["form-0-server"] = nameserver1 nameservers_page.form["form-1-server"] = nameserver2 - nameservers_page.form["form-1-ip"] = invalid_ip + nameservers_page.form["form-1-ip"] = valid_ip with less_console_noise(): # swallow log warning message result = nameservers_page.form.submit() # form submission was a successful post, response should be a 302 From 22a21b5bf4a9af428c3349de94ec8cc8674c9b81 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Sat, 25 Nov 2023 10:22:34 -0500 Subject: [PATCH 06/17] format for linting --- src/registrar/tests/common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/registrar/tests/common.py b/src/registrar/tests/common.py index 8a971474d..d745669e5 100644 --- a/src/registrar/tests/common.py +++ b/src/registrar/tests/common.py @@ -897,7 +897,7 @@ class MockEppLib(TestCase): res_data=[self.mockDataHostChange], code=ErrorCode.COMMAND_COMPLETED_SUCCESSFULLY, ) - + def mockUpdateDomainCommands(self, _request, cleaned): if getattr(_request, "name", None) == "dnssec-invalid.gov": raise RegistryError(code=ErrorCode.PARAMETER_VALUE_RANGE_ERROR) From c2cd8ce5b656361265d534c84bbf77c1af7d038a Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Mon, 27 Nov 2023 20:30:21 -0500 Subject: [PATCH 07/17] updated test for debugging --- src/registrar/tests/test_views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 8493a3e75..6922b1b9a 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1222,8 +1222,10 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): def test_domain_detail_link_works(self): home_page = self.app.get("/") self.assertContains(home_page, "igorville.gov") + print(home_page) # click the "Edit" link detail_page = home_page.click("Manage", index=0) + print(detail_page) self.assertContains(detail_page, "igorville.gov") self.assertContains(detail_page, "Status") From 3ddc9260f2bd2c286175ca67c6e1df3f46071b0b Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Mon, 27 Nov 2023 20:38:11 -0500 Subject: [PATCH 08/17] updated test for debugging --- src/registrar/tests/test_views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 6922b1b9a..903027988 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1219,6 +1219,8 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): self.app.set_user(self.user.username) self.client.force_login(self.user) + +class TestDomainDetail(TestDomainOverview): def test_domain_detail_link_works(self): home_page = self.app.get("/") self.assertContains(home_page, "igorville.gov") From 2a31c5410baa62900d7e6de3fa6c12319299e12c Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Mon, 27 Nov 2023 20:44:34 -0500 Subject: [PATCH 09/17] updated test for debugging --- src/registrar/tests/test_views.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 903027988..13b219f20 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1231,7 +1231,7 @@ class TestDomainDetail(TestDomainOverview): self.assertContains(detail_page, "igorville.gov") self.assertContains(detail_page, "Status") - def test_domain_overview_blocked_for_ineligible_user(self): + def test_domain_detail_blocked_for_ineligible_user(self): """We could easily duplicate this test for all domain management views, but a single url test should be solid enough since all domain management pages share the same permissions class""" @@ -1243,7 +1243,7 @@ class TestDomainDetail(TestDomainOverview): response = self.client.get(reverse("domain", kwargs={"pk": self.domain.id})) self.assertEqual(response.status_code, 403) - def test_domain_overview_allowed_for_on_hold(self): + def test_domain_detail_allowed_for_on_hold(self): """Test that the domain overview page displays for on hold domain""" home_page = self.app.get("/") self.assertContains(home_page, "on-hold.gov") @@ -1252,7 +1252,7 @@ class TestDomainDetail(TestDomainOverview): detail_page = self.client.get(reverse("domain", kwargs={"pk": self.domain_on_hold.id})) self.assertNotContains(detail_page, "Edit") - def test_domain_see_just_nameserver(self): + def test_domain_detail_see_just_nameserver(self): home_page = self.app.get("/") self.assertContains(home_page, "justnameserver.com") @@ -1263,7 +1263,7 @@ class TestDomainDetail(TestDomainOverview): self.assertContains(detail_page, "ns1.justnameserver.com") self.assertContains(detail_page, "ns2.justnameserver.com") - def test_domain_see_nameserver_and_ip(self): + def test_domain_detail_see_nameserver_and_ip(self): home_page = self.app.get("/") self.assertContains(home_page, "nameserverwithip.gov") @@ -1279,7 +1279,7 @@ class TestDomainDetail(TestDomainOverview): self.assertContains(detail_page, "(1.2.3.4,") self.assertContains(detail_page, "2.3.4.5)") - def test_domain_with_no_information_or_application(self): + def test_domain_detail_with_no_information_or_application(self): """Test that domain management page returns 200 and displays error when no domain information or domain application exist""" # have to use staff user for this test From 4a3d261de1bd1cc3fba5ef75d83176f219a5b883 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Mon, 27 Nov 2023 20:47:51 -0500 Subject: [PATCH 10/17] removed redundant tests; removed debugging from test --- src/registrar/tests/test_views.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 13b219f20..88771ebab 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1224,10 +1224,8 @@ class TestDomainDetail(TestDomainOverview): def test_domain_detail_link_works(self): home_page = self.app.get("/") self.assertContains(home_page, "igorville.gov") - print(home_page) # click the "Edit" link detail_page = home_page.click("Manage", index=0) - print(detail_page) self.assertContains(detail_page, "igorville.gov") self.assertContains(detail_page, "Status") From 29962570a7b2936a3f420b2b82b763c14f1e8820 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Mon, 27 Nov 2023 21:02:31 -0500 Subject: [PATCH 11/17] fixed redundancy in test cases --- src/registrar/tests/test_views.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index d6bad9cdf..d2fdbc14f 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1219,6 +1219,8 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): self.app.set_user(self.user.username) self.client.force_login(self.user) + +class TestDomainDetail(TestDomainOverview): def test_domain_detail_link_works(self): home_page = self.app.get("/") self.assertContains(home_page, "igorville.gov") @@ -1227,7 +1229,7 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): self.assertContains(detail_page, "igorville.gov") self.assertContains(detail_page, "Status") - def test_domain_overview_blocked_for_ineligible_user(self): + def test_domain_detail_blocked_for_ineligible_user(self): """We could easily duplicate this test for all domain management views, but a single url test should be solid enough since all domain management pages share the same permissions class""" @@ -1239,7 +1241,7 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): response = self.client.get(reverse("domain", kwargs={"pk": self.domain.id})) self.assertEqual(response.status_code, 403) - def test_domain_overview_allowed_for_on_hold(self): + def test_domain_detail_allowed_for_on_hold(self): """Test that the domain overview page displays for on hold domain""" home_page = self.app.get("/") self.assertContains(home_page, "on-hold.gov") @@ -1248,7 +1250,7 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): detail_page = self.client.get(reverse("domain", kwargs={"pk": self.domain_on_hold.id})) self.assertNotContains(detail_page, "Edit") - def test_domain_see_just_nameserver(self): + def test_domain_detail_see_just_nameserver(self): home_page = self.app.get("/") self.assertContains(home_page, "justnameserver.com") @@ -1259,7 +1261,7 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): self.assertContains(detail_page, "ns1.justnameserver.com") self.assertContains(detail_page, "ns2.justnameserver.com") - def test_domain_see_nameserver_and_ip(self): + def test_domain_detail_see_nameserver_and_ip(self): home_page = self.app.get("/") self.assertContains(home_page, "nameserverwithip.gov") @@ -1275,7 +1277,7 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest): self.assertContains(detail_page, "(1.2.3.4,") self.assertContains(detail_page, "2.3.4.5)") - def test_domain_with_no_information_or_application(self): + def test_domain_detail_with_no_information_or_application(self): """Test that domain management page returns 200 and displays error when no domain information or domain application exist""" # have to use staff user for this test From 80880a4ca1d8f6cc9a440ffcb73c90d57a0e70d8 Mon Sep 17 00:00:00 2001 From: Michelle Rago <60157596+michelle-rago@users.noreply.github.com> Date: Tue, 28 Nov 2023 11:00:33 -0500 Subject: [PATCH 12/17] Update success message for org name and mailing address (#1387) Update domain.py --- src/registrar/views/domain.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py index 3aac32531..4d91ddc66 100644 --- a/src/registrar/views/domain.py +++ b/src/registrar/views/domain.py @@ -197,7 +197,7 @@ class DomainOrgNameAddressView(DomainFormBaseView): """The form is valid, save the organization name and mailing address.""" form.save() - messages.success(self.request, "The organization name and mailing address has been updated.") + messages.success(self.request, "The organization information has been updated.") # superclass has the redirect return super().form_valid(form) From e24bf1ae58ab935211db2e4e4f0004fcc745b805 Mon Sep 17 00:00:00 2001 From: Michelle Rago <60157596+michelle-rago@users.noreply.github.com> Date: Tue, 28 Nov 2023 11:00:58 -0500 Subject: [PATCH 13/17] Change "Active users" to "Domain managers" on domain managers page (#1407) --- src/registrar/templates/domain_users.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/registrar/templates/domain_users.html b/src/registrar/templates/domain_users.html index 8ee837708..0eecd35b3 100644 --- a/src/registrar/templates/domain_users.html +++ b/src/registrar/templates/domain_users.html @@ -25,8 +25,8 @@ {% if domain.permissions %}
-

Active users

- +

Domain managers

+ From bd6eabe9165f334183a1881b4e7f473365f87458 Mon Sep 17 00:00:00 2001 From: Rachid Mrad Date: Tue, 28 Nov 2023 12:17:47 -0500 Subject: [PATCH 14/17] Typo fixes in ops readme and rotate secrets --- docs/operations/README.md | 4 ++-- docs/operations/runbooks/rotate_application_secrets.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/operations/README.md b/docs/operations/README.md index 4c7f182bd..0629608dd 100644 --- a/docs/operations/README.md +++ b/docs/operations/README.md @@ -55,9 +55,9 @@ In the case where a bug fix or feature needs to be added outside of the normal c 1. Code will need to be branched NOT off of main, but off of the same commit as the most recent stable commit. This should be the one tagged with the most recent vX.XX.XX value. 2. After making the bug fix, the approved PR branch will not be merged yet, instead it will be tagged with a new release tag, incrementing the patch value from the last commit number. -3. If main and stable are on the the same commit then merge this branch into the staging using the staging release tag (staging-). +3. If main and stable are on the the same commit then merge this branch into staging using the staging release tag (staging-). 4. If staging is already ahead stable, you may need to create another branch that is based off of the current staging commit, merge in your code change and then tag that branch with the staging release. -5. Wait to merge your original branch until both deploys finish. Once they succeed then merge to main per the usual process. +5. Wait to merge your original branch until both deploys finish. Once they succeed then merge to main per the usual process. ## Serving static assets We are using [WhiteNoise](http://whitenoise.evans.io/en/stable/index.html) plugin to serve our static assets on cloud.gov. This plugin is added to the `MIDDLEWARE` list in our apps `settings.py`. diff --git a/docs/operations/runbooks/rotate_application_secrets.md b/docs/operations/runbooks/rotate_application_secrets.md index 78c402efe..a776e60b8 100644 --- a/docs/operations/runbooks/rotate_application_secrets.md +++ b/docs/operations/runbooks/rotate_application_secrets.md @@ -112,7 +112,7 @@ base64 -i client.key base64 -i client.crt ``` -You'll need to give the new certificate to the registry vendor _before_ rotating it in production. Once it has been accepted by the vender, make sure to update the kdbx file on Google Drive. +You'll need to give the new certificate to the registry vendor _before_ rotating it in production. Once it has been accepted by the vendor, make sure to update the kdbx file on Google Drive. ## REGISTRY_HOSTNAME From b6b251b287bd6b03c393ea428f0aaa697698026b Mon Sep 17 00:00:00 2001 From: Rachid Mrad Date: Tue, 28 Nov 2023 13:32:48 -0500 Subject: [PATCH 15/17] more minor typo fixes --- .../decisions/0024-production-release-cadence.md | 6 +++--- docs/django-admin/roles.md | 6 +++--- docs/operations/runbooks/update_python_dependencies.md | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/architecture/decisions/0024-production-release-cadence.md b/docs/architecture/decisions/0024-production-release-cadence.md index 1020d3506..85bfcdfe2 100644 --- a/docs/architecture/decisions/0024-production-release-cadence.md +++ b/docs/architecture/decisions/0024-production-release-cadence.md @@ -15,9 +15,9 @@ Going into our first production launch we need a plan describing what our releas **Option 1:** Releasing to stable/staging once a sprint Releasing once a sprint would mean that we release the past sprint's work to stable at the end of the current sprint. At the same point, the current sprint's work would be pushed to staging, thus making staging a full sprint ahead of stable. While this is more straight forward, it means our users would have to wait longer to see changes that weren't deemed critical. **Option 2:** Releasing to stable/staging once a week -Releasing once a week would follow the same flow but with code being released to staging one week before the same code is released to stable. This would make stable only one week behind staging and would allow us to roll out minor bug fixes and faster with greater speed. The negative side is that we have less time to see if errors occur on staging +Releasing once a week would follow the same flow but with code being released to staging one week before the same code is released to stable. This would make stable only one week behind staging and would allow us to roll out minor bug fixes faster. The negative side is that we have less time to see if errors occur on staging. -In both of the above scenarios the release date would fall on the same day of the week that the sprint starts, which is currently a Wednesday. Additionally, in both scenarios the release commits would eventually be tagged with both a staging and stable tag. Furthermore, critical bugs or features would be exempt from these restrictions based on the product owner's discretion. +In both of the above scenarios, the release date would fall on the same day of the week that the sprint starts which is currently a Wednesday. Additionally, in both scenarios the release commits would eventually be tagged with both a staging and stable tag. Furthermore, critical bugs or features would be exempt from these restrictions based on the product owner's discretion. ## Decision @@ -25,6 +25,6 @@ We decided to go with option 2 and release once a week once in production. This ## Consequences -Work not completed by end of the sprint will have to wait to be added to stable. Also, making quick fixes for bugs that are found on stable will be a little more complicated to fix. +Work not completed by end of the sprint will have to wait to be added to stable. Also, making quick fixes for bugs that are found on stable will be a little more complicated. When first going into production, staging and stable will start with the same code base. The following week a new release will be made to staging, but not stable as no code will have been on staging long enough to warrant another release. Thus just at the start of launch stable will be essentially frozen for 2 weeks, not one. diff --git a/docs/django-admin/roles.md b/docs/django-admin/roles.md index 6fc0d385e..c527bbfa5 100644 --- a/docs/django-admin/roles.md +++ b/docs/django-admin/roles.md @@ -19,7 +19,7 @@ To do this, do the following: 3. Click on their username, then scroll down to the `User Permissions` section. 4. Under `User Permissions`, see the `Groups` table which has a column for `Available groups` and `Chosen groups`. Select the permission you want from the `Available groups` column and click the right arrow to move it to the `Chosen groups`. Note, if you want this user to be an analyst select `cisa_analysts_group`, otherwise select the `full_access_group`. 5. (Optional) If the user needs access to django admin (such as an analyst), then you will also need to make sure "Staff Status" is checked. This can be found in the same `User Permissions` section right below the checkbox for `Active`. -6. Click `Save` to apply all changes +6. Click `Save` to apply all changes. ## Removing a user group permission via django-admin @@ -30,7 +30,7 @@ If an employee was given the wrong permissions or has had a change in roles that 3. In this table, select the permission you want to remove from the `Chosen groups` and then click the left facing arrow to move the permission to `Available groups`. 4. Depending on the scenario you may now need to add the opposite permission group to the `Chosen groups` section, please see the section above for instructions on how to do that. 5. If the user should no longer see the admin page, you must ensure that under `User Permissions`, `Staff status` is NOT checked. -6. Click `Save` to apply all changes +6. Click `Save` to apply all changes. ## Editing group permissions through code @@ -40,4 +40,4 @@ We can edit and deploy new group permissions by: 2. Duplicating migration `0036_create_groups_01` and running migrations (append the name with a version number to help django detect the migration eg 0037_create_groups_02) -3. Making sure to update the dependency on the new migration with the previous migration \ No newline at end of file +3. Making sure to update the dependency on the new migration with the previous migration. \ No newline at end of file diff --git a/docs/operations/runbooks/update_python_dependencies.md b/docs/operations/runbooks/update_python_dependencies.md index 16475d3db..ea206bbde 100644 --- a/docs/operations/runbooks/update_python_dependencies.md +++ b/docs/operations/runbooks/update_python_dependencies.md @@ -3,7 +3,7 @@ 1. Check the [Pipfile](../../../src/Pipfile) for pinned dependencies and manually adjust the version numbers -1. Run +2. Run cd src docker-compose run app bash -c "pipenv lock && pipenv requirements > requirements.txt" @@ -14,6 +14,6 @@ The requirements.txt is used by Cloud.gov. It is needed to work around a bug in the CloudFoundry buildpack version of Pipenv that breaks on installing from a git repository. -1. (optional) Run `docker-compose stop` and `docker-compose build` to build a new image for local development with the updated dependencies. +3. (optional) Run `docker-compose stop` and `docker-compose build` to build a new image for local development with the updated dependencies. The reason for de-coupling the `build` and `lock` steps is to increase consistency between builds--a run of `build` will always get exactly the dependencies listed in `Pipfile.lock`, nothing more, nothing less. \ No newline at end of file From 89aa3534cf42192ee1cc249c91604031081f6e09 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Tue, 28 Nov 2023 17:10:20 -0500 Subject: [PATCH 16/17] fixed formatting of error message in javascript --- src/registrar/assets/js/get-gov.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js index 4ef4efbba..d069e8dc4 100644 --- a/src/registrar/assets/js/get-gov.js +++ b/src/registrar/assets/js/get-gov.js @@ -122,7 +122,7 @@ function inlineToast(el, id, style, msg) { } else { // update and show the existing message div toast.className = `usa-alert usa-alert--${style} usa-alert--slim`; - toast.querySelector("div p").innerText = msg; + toast.querySelector("div p").innerHTML = msg; makeVisible(toast); } } else { From f957c299b8e80ba8570535f54913880faa7eaf85 Mon Sep 17 00:00:00 2001 From: David Kennedy Date: Tue, 28 Nov 2023 17:12:12 -0500 Subject: [PATCH 17/17] added comment --- src/api/views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/api/views.py b/src/api/views.py index 5e5365e58..a9f8d7692 100644 --- a/src/api/views.py +++ b/src/api/views.py @@ -21,6 +21,8 @@ DOMAIN_API_MESSAGES = { " For example, if you want www.city.gov, you would enter “city”" " (without the quotes).", "extra_dots": "Enter the .gov domain you want without any periods.", + # message below is considered safe; no user input can be inserted into the message + # body; public_site_url() function reads from local app settings and therefore safe "unavailable": mark_safe( # nosec "That domain isn’t available. " ""
Domain usersDomain managers
Email