From eb061be71bf34ec3f75fabe282089e5c80d80457 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 21 Aug 2024 12:25:27 -0400
Subject: [PATCH 01/69] Django admin portfolio members section

---
 src/registrar/admin.py                        | 110 ++++++++++++++++--
 src/registrar/models/user.py                  |  43 +++++++
 .../admin/includes/detail_table_fieldset.html |  11 ++
 .../django/admin/portfolio_change_form.html   |   3 +-
 src/registrar/tests/test_admin.py             |  80 +++++++++++++
 src/registrar/tests/test_models.py            |  55 +++++++++
 6 files changed, 288 insertions(+), 14 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index 423c0a01b..12c5d8cf8 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -2867,11 +2867,7 @@ class PortfolioAdmin(ListHeaderAdmin):
     fieldsets = [
         # created_on is the created_at field, and portfolio_type is f"{organization_type} - {federal_type}"
         (None, {"fields": ["portfolio_type", "organization_name", "creator", "created_on", "notes"]}),
-        # TODO - uncomment in #2521
-        # ("Portfolio members", {
-        #     "classes": ("collapse", "closed"),
-        #     "fields": ["administrators", "members"]}
-        # ),
+        ("Portfolio members", {"fields": ["display_admins", "display_members"]}),
         ("Portfolio domains", {"classes": ("collapse", "closed"), "fields": ["domains", "domain_requests"]}),
         ("Type of organization", {"fields": ["organization_type", "federal_type"]}),
         (
@@ -2925,8 +2921,94 @@ class PortfolioAdmin(ListHeaderAdmin):
         "domain_requests",
         "suborganizations",
         "portfolio_type",
+        # Django admin doesn't allow methods to be directly listed in fieldsets. We can
+        # display the custom methods display_admins amd display_members in the admin form if
+        # they are readonly.
+        "display_admins",
+        "display_members",
     ]
 
+    def display_admins(self, obj):
+        """Get joined users who are Admin, unpack and return an HTML block.
+
+        'DJA readonly can't handle querysets, so we need to unpack and return html here.
+        Alternatively, we could return querysets in context but that would limit where this
+        data would display in a custom change form without extensive template customization.
+
+        Will be used in the field_readonly block"""
+        admins = [user for user in obj.user.all() if "Admin" in user.portfolio_role_summary]
+        if not admins:
+            return format_html("<p>No admins found.</p>")
+
+        admin_details = ""
+        for portfolio_admin in admins:
+            change_url = reverse("admin:registrar_user_change", args=[portfolio_admin.pk])
+            admin_details += "<address class='margin-bottom-2 dja-address-contact-list'>"
+            admin_details += f'<a href="{change_url}">{portfolio_admin}</a><br>'
+            admin_details += f"{portfolio_admin.title}<br>"
+            admin_details += f"{portfolio_admin.email}"
+            admin_details += "<div class='admin-icon-group admin-icon-group__clipboard-link'>"
+            admin_details += f"<input aria-hidden='true' class='display-none' value='{portfolio_admin.email}'>"
+            admin_details += (
+                "<button class='usa-button usa-button--unstyled padding-right-1 usa-button--icon"
+                + "button--clipboard copy-to-clipboard text-no-underline' type='button'>"
+            )
+            admin_details += "<svg class='usa-icon'>"
+            admin_details += "<use aria-hidden='true' xlink:href='/public/img/sprite.svg#content_copy'></use>"
+            admin_details += "</svg>"
+            admin_details += "<span class='padding-left-05'>Copy</span>"
+            admin_details += "</button>"
+            admin_details += "</div><br>"
+            admin_details += f"{portfolio_admin.phone}"
+            admin_details += "</address>"
+        return format_html(admin_details)
+
+    display_admins.short_description = "Administrators"  # type: ignore
+
+    def display_members(self, obj):
+        """Get joined users who have roles/perms that are not Admin, unpack and return an HTML block.
+
+        DJA readonly can't handle querysets, so we need to unpack and return html here.
+        Alternatively, we could return querysets in context but that would limit where this
+        data would display in a custom change form without extensive template customization.
+
+        Will be used in the after_help_text block."""
+        members = [user for user in obj.user.all() if "Admin" not in user.portfolio_role_summary]
+        if not members:
+            return format_html("<p>No members found.</p>")
+
+        member_details = (
+            "<table><thead><tr><th>Name</th><th>Title</th><th>Email</th>"
+            + "<th>Phone</th><th>Roles</th></tr></thead><tbody>"
+        )
+        for member in members:
+            full_name = (
+                f"{member.first_name} {member.middle_name} {member.last_name}"
+                if member.middle_name
+                else f"{member.first_name} {member.last_name}"
+            )
+            member_details += "<tr>"
+            member_details += f"<td>{full_name}</td>"
+            member_details += f"<td>{member.title}</td>"
+            member_details += f"<td>{member.email}</td>"
+            member_details += f"<td>{member.phone}</td>"
+            member_details += "<td>"
+            for role in member.portfolio_role_summary:
+                member_details += f"<span class='usa-tag'>{role}</span> "
+            member_details += "</td></tr>"
+        member_details += "</tbody></table>"
+        return format_html(member_details)
+
+    display_members.short_description = "Members"  # type: ignore
+
+    def display_members_summary(self, obj):
+        """Will be passed as context and used in the field_readonly block."""
+        members = [user for user in obj.user.all() if "Admin" not in user.portfolio_role_summary]
+        if not members:
+            return {}
+
+        return self.get_field_links_as_list(members, "user", separator=", ")
+
     def federal_type(self, obj: models.Portfolio):
         """Returns the federal_type field"""
         return BranchChoices.get_branch_label(obj.federal_type) if obj.federal_type else "-"
@@ -2977,7 +3059,7 @@ class PortfolioAdmin(ListHeaderAdmin):
     ]
 
     def get_field_links_as_list(
-        self, queryset, model_name, attribute_name=None, link_info_attribute=None, seperator=None
+        self, queryset, model_name, attribute_name=None, link_info_attribute=None, separator=None
     ):
         """
         Generate HTML links for items in a queryset, using a specified attribute for link text.
@@ -3009,14 +3091,14 @@ class PortfolioAdmin(ListHeaderAdmin):
                 if link_info_attribute:
                     link += f" ({self.value_of_attribute(item, link_info_attribute)})"
 
-                if seperator:
+                if separator:
                     links.append(link)
                 else:
                     links.append(f"<li>{link}</li>")
 
-        # If no seperator is specified, just return an unordered list.
-        if seperator:
-            return format_html(seperator.join(links)) if links else "-"
+        # If no separator is specified, just return an unordered list.
+        if separator:
+            return format_html(separator.join(links)) if links else "-"
         else:
             links = "".join(links)
             return format_html(f'<ul class="add-list-reset">{links}</ul>') if links else "-"
@@ -3059,8 +3141,12 @@ class PortfolioAdmin(ListHeaderAdmin):
         return readonly_fields
 
     def change_view(self, request, object_id, form_url="", extra_context=None):
-        """Add related suborganizations and domain groups"""
-        extra_context = {"skip_additional_contact_info": True}
+        """Add related suborganizations and domain groups.
+        Add the summary for the portfolio members field (list of members that link to change_forms)."""
+        obj = self.get_object(request, object_id)
+        extra_context = extra_context or {}
+        extra_context["skip_additional_contact_info"] = True
+        extra_context["display_members_summary"] = self.display_members_summary(obj)
         return super().change_view(request, object_id, form_url, extra_context)
 
     def save_model(self, request, obj, form, change):
diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index 81d3b9b61..a6026b63a 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -293,6 +293,49 @@ class User(AbstractUser):
     def has_edit_suborganization(self):
         return self._has_portfolio_permission(UserPortfolioPermissionChoices.EDIT_SUBORGANIZATION)
 
+    def has_edit_requests(self):
+        return self._has_portfolio_permission(UserPortfolioPermissionChoices.EDIT_REQUESTS)
+
+    @property
+    def portfolio_role_summary(self):
+        """Returns a list of roles based on the user's permissions."""
+        roles = []
+
+        # Define the conditions and their corresponding roles
+        conditions_roles = [
+            (self.has_edit_suborganization(), ["Admin"]),
+            (
+                self.has_view_all_domains_permission()
+                and self.has_domain_requests_portfolio_permission()
+                and self.has_edit_requests(),
+                ["View-only admin", "Domain requestor"],
+            ),
+            (
+                self.has_view_all_domains_permission() and self.has_domain_requests_portfolio_permission(),
+                ["View-only admin"],
+            ),
+            (
+                self.has_base_portfolio_permission()
+                and self.has_edit_requests()
+                and self.has_domains_portfolio_permission(),
+                ["Member", "Domain requestor", "Domain manager"],
+            ),
+            (self.has_base_portfolio_permission() and self.has_edit_requests(), ["Member", "Domain requestor"]),
+            (
+                self.has_base_portfolio_permission() and self.has_domains_portfolio_permission(),
+                ["Member", "Domain manager"],
+            ),
+            (self.has_base_portfolio_permission(), ["Member"]),
+        ]
+
+        # Evaluate conditions and add roles
+        for condition, role_list in conditions_roles:
+            if condition:
+                roles.extend(role_list)
+                break
+
+        return roles
+
     @classmethod
     def needs_identity_verification(cls, email, uuid):
         """A method used by our oidc classes to test whether a user needs email/uuid verification
diff --git a/src/registrar/templates/django/admin/includes/detail_table_fieldset.html b/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
index 683f33117..5da6c2ca2 100644
--- a/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
+++ b/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
@@ -137,6 +137,10 @@ This is using a custom implementation fieldset.html (see admin/fieldset.html)
             {% endfor %}
             {% endwith %}
         </div>
+    {% elif field.field.name == "display_admins" %}
+        <div class="readonly">{{ field.contents|safe }}</div>
+    {% elif field.field.name == "display_members" %}
+        <div class="readonly">{{ display_members_summary }}</div>
     {% else %}
         <div class="readonly">{{ field.contents }}</div>
     {% endif %}
@@ -240,6 +244,13 @@ This is using a custom implementation fieldset.html (see admin/fieldset.html)
             </details>
         {% endif %}
         {% endwith %}
+    {% elif field.field.name == "display_members" %}
+        <details class="margin-top-1 dja-detail-table" aria-role="button" open>
+            <summary class="padding-1 padding-left-0 dja-details-summary">Details</summary>
+            <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
+                {{ field.contents|safe }}
+            </div>
+        </details>
     {% elif field.field.name == "state_territory" %}
         <div class="flex-container margin-top-2">
             <span>
diff --git a/src/registrar/templates/django/admin/portfolio_change_form.html b/src/registrar/templates/django/admin/portfolio_change_form.html
index 9d59aae42..a2d70611c 100644
--- a/src/registrar/templates/django/admin/portfolio_change_form.html
+++ b/src/registrar/templates/django/admin/portfolio_change_form.html
@@ -14,8 +14,7 @@
         This is a placeholder for now.
 
         Disclaimer:
-        When extending the fieldset view - *make a new one* that extends from detail_table_fieldset.
-        For instance, "portfolio_fieldset.html".
+        When extending the fieldset view consider whether you need to make a new one that extends from detail_table_fieldset.
         detail_table_fieldset is used on multiple admin pages, so a change there can have unintended consequences.
         {% endcomment %}
         {% include "django/admin/includes/detail_table_fieldset.html" with original_object=original %}
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 827742ef1..7ef1a4a97 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -45,6 +45,7 @@ from registrar.models import (
 from registrar.models.portfolio_invitation import PortfolioInvitation
 from registrar.models.senior_official import SeniorOfficial
 from registrar.models.user_domain_role import UserDomainRole
+from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
 from registrar.models.verified_by_staff import VerifiedByStaff
 from .common import (
     MockDbForSharedTests,
@@ -2066,6 +2067,7 @@ class TestPortfolioAdmin(TestCase):
         DomainRequest.objects.all().delete()
         Domain.objects.all().delete()
         Portfolio.objects.all().delete()
+        User.objects.all().delete()
 
     @less_console_noise_decorator
     def test_created_on_display(self):
@@ -2121,3 +2123,81 @@ class TestPortfolioAdmin(TestCase):
         self.assertIn("request1.gov", domain_requests)
         self.assertIn("request2.gov", domain_requests)
         self.assertIn('<ul class="add-list-reset">', domain_requests)
+
+    @less_console_noise_decorator
+    def test_portfolio_members_display(self):
+        """Tests the custom portfolio members field, admin and member sections"""
+        admin_user_1 = User.objects.create(
+            username="testuser1",
+            first_name="Gerald",
+            last_name="Meoward",
+            title="Captain",
+            email="meaoward@gov.gov",
+            portfolio=self.portfolio,
+            portfolio_roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
+        )
+
+        admin_user_2 = User.objects.create(
+            username="testuser2",
+            first_name="Arnold",
+            last_name="Poopy",
+            title="Major",
+            email="poopy@gov.gov",
+            portfolio=self.portfolio,
+            portfolio_roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
+        )
+
+        admin_user_3 = User.objects.create(
+            username="testuser3",
+            first_name="Mad",
+            last_name="Max",
+            title="Road warrior",
+            email="madmax@gov.gov",
+            portfolio=self.portfolio,
+            portfolio_roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER],
+        )
+
+        admin_user_4 = User.objects.create(
+            username="testuser4",
+            first_name="Agent",
+            last_name="Smith",
+            title="Program",
+            email="thematrix@gov.gov",
+            portfolio=self.portfolio,
+            portfolio_additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+            ],
+        )
+
+        display_admins = self.admin.display_admins(self.portfolio)
+
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_1.pk}/change/">Gerald Meoward meaoward@gov.gov</a>',
+            display_admins,
+        )
+        self.assertIn("Captain", display_admins)
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_2.pk}/change/">Arnold Poopy poopy@gov.gov</a>', display_admins
+        )
+        self.assertIn("Major", display_admins)
+
+        display_members_summary = self.admin.display_members_summary(self.portfolio)
+
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_3.pk}/change/">Mad Max madmax@gov.gov</a>',
+            display_members_summary,
+        )
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_4.pk}/change/">Agent Smith thematrix@gov.gov</a>',
+            display_members_summary,
+        )
+
+        display_members = self.admin.display_members(self.portfolio)
+
+        self.assertIn("Mad Max", display_members)
+        self.assertIn("<span class='usa-tag'>Member</span>", display_members)
+        self.assertIn("Road warrior", display_members)
+        self.assertIn("Agent Smith", display_members)
+        self.assertIn("<span class='usa-tag'>Domain requestor</span>", display_members)
+        self.assertIn("Program", display_members)
diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index f4e998fff..5b9d0ade3 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1201,6 +1201,61 @@ class TestUser(TestCase):
         User.objects.all().delete()
         UserDomainRole.objects.all().delete()
 
+    @patch.object(User, "has_edit_suborganization", return_value=True)
+    def test_portfolio_role_summary_admin(self, mock_edit_suborganization):
+        # Test if the user is recognized as an Admin
+        self.assertEqual(self.user.portfolio_role_summary, ["Admin"])
+
+    @patch.multiple(
+        User,
+        has_view_all_domains_permission=lambda self: True,
+        has_domain_requests_portfolio_permission=lambda self: True,
+        has_edit_requests=lambda self: True,
+    )
+    def test_portfolio_role_summary_view_only_admin_and_domain_requestor(self):
+        # Test if the user has both 'View-only admin' and 'Domain requestor' roles
+        self.assertEqual(self.user.portfolio_role_summary, ["View-only admin", "Domain requestor"])
+
+    @patch.multiple(
+        User,
+        has_view_all_domains_permission=lambda self: True,
+        has_domain_requests_portfolio_permission=lambda self: True,
+    )
+    def test_portfolio_role_summary_view_only_admin(self):
+        # Test if the user is recognized as a View-only admin
+        self.assertEqual(self.user.portfolio_role_summary, ["View-only admin"])
+
+    @patch.multiple(
+        User,
+        has_base_portfolio_permission=lambda self: True,
+        has_edit_requests=lambda self: True,
+        has_domains_portfolio_permission=lambda self: True,
+    )
+    def test_portfolio_role_summary_member_domain_requestor_domain_manager(self):
+        # Test if the user has 'Member', 'Domain requestor', and 'Domain manager' roles
+        self.assertEqual(self.user.portfolio_role_summary, ["Member", "Domain requestor", "Domain manager"])
+
+    @patch.multiple(User, has_base_portfolio_permission=lambda self: True, has_edit_requests=lambda self: True)
+    def test_portfolio_role_summary_member_domain_requestor(self):
+        # Test if the user has 'Member' and 'Domain requestor' roles
+        self.assertEqual(self.user.portfolio_role_summary, ["Member", "Domain requestor"])
+
+    @patch.multiple(
+        User, has_base_portfolio_permission=lambda self: True, has_domains_portfolio_permission=lambda self: True
+    )
+    def test_portfolio_role_summary_member_domain_manager(self):
+        # Test if the user has 'Member' and 'Domain manager' roles
+        self.assertEqual(self.user.portfolio_role_summary, ["Member", "Domain manager"])
+
+    @patch.multiple(User, has_base_portfolio_permission=lambda self: True)
+    def test_portfolio_role_summary_member(self):
+        # Test if the user is recognized as a Member
+        self.assertEqual(self.user.portfolio_role_summary, ["Member"])
+
+    def test_portfolio_role_summary_empty(self):
+        # Test if the user has no roles
+        self.assertEqual(self.user.portfolio_role_summary, [])
+
     @less_console_noise_decorator
     def test_check_transition_domains_without_domains_on_login(self):
         """A user's on_each_login callback does not check transition domains.

From e82326346c5af4ac1b175418d21a229cc4634463 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 21 Aug 2024 12:43:38 -0400
Subject: [PATCH 02/69] clean up roles logic

---
 src/registrar/models/user.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index a6026b63a..8584bc0a1 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -318,12 +318,12 @@ class User(AbstractUser):
                 self.has_base_portfolio_permission()
                 and self.has_edit_requests()
                 and self.has_domains_portfolio_permission(),
-                ["Member", "Domain requestor", "Domain manager"],
+                ["Domain requestor", "Domain manager"],
             ),
-            (self.has_base_portfolio_permission() and self.has_edit_requests(), ["Member", "Domain requestor"]),
+            (self.has_base_portfolio_permission() and self.has_edit_requests(), ["Domain requestor"]),
             (
                 self.has_base_portfolio_permission() and self.has_domains_portfolio_permission(),
-                ["Member", "Domain manager"],
+                ["Domain manager"],
             ),
             (self.has_base_portfolio_permission(), ["Member"]),
         ]

From 1a4268dedd72b5cfedefd235af1d756497883a77 Mon Sep 17 00:00:00 2001
From: Matthew Spence <matthew.spence@cisa.dhs.gov>
Date: Thu, 22 Aug 2024 09:46:07 -0500
Subject: [PATCH 03/69] add new script to update first ready values

---
 .../commands/update_first_ready_values.py     | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 src/registrar/management/commands/update_first_ready_values.py

diff --git a/src/registrar/management/commands/update_first_ready_values.py b/src/registrar/management/commands/update_first_ready_values.py
new file mode 100644
index 000000000..9ee02109d
--- /dev/null
+++ b/src/registrar/management/commands/update_first_ready_values.py
@@ -0,0 +1,28 @@
+import logging
+from django.core.management import BaseCommand
+from registrar.management.commands.utility.terminal_helper import PopulateScriptTemplate, TerminalColors
+from registrar.models import Domain, TransitionDomain
+
+logger = logging.getLogger(__name__)
+
+class Command(BaseCommand, PopulateScriptTemplate):
+    help = "Loops through eachdomain object and populates the last_status_update and first_submitted_date"
+
+    def handle(self, **kwargs):
+        """Loops through each valid Domain object and updates it's first_ready value if they are out of sync"""
+        filter_conditions="state__in=[Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED]"
+        self.mass_update_records(Domain, filter_conditions, ["first_ready"])
+
+    def update_record(self, record: Domain):
+        """Defines how we update the first_read field"""
+        # if these are out of sync, update the 
+        if self.is_transition_domain(record) and record.first_ready != record.created_at:
+            record.first_ready = record.created_at
+
+        logger.info(
+            f"{TerminalColors.OKCYAN}Updating {record} => first_ready: " f"{record.first_ready}{TerminalColors.OKCYAN}"
+        )
+    
+    # check if a transition domain object for this domain name exists
+    def is_transition_domain(record: Domain):
+        return TransitionDomain.objects.filter(domain_name=record.name).exists()
\ No newline at end of file

From 48901a716d80f5f3bc5507d72a20100806bfc45c Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Thu, 22 Aug 2024 14:30:14 -0500
Subject: [PATCH 04/69] rewrite script and extend terminal helper for more
 context

---
 ..._ready_values.py => update_first_ready.py} | 21 +++--
 .../commands/utility/terminal_helper.py       | 77 ++++++++++++++++---
 2 files changed, 75 insertions(+), 23 deletions(-)
 rename src/registrar/management/commands/{update_first_ready_values.py => update_first_ready.py} (56%)

diff --git a/src/registrar/management/commands/update_first_ready_values.py b/src/registrar/management/commands/update_first_ready.py
similarity index 56%
rename from src/registrar/management/commands/update_first_ready_values.py
rename to src/registrar/management/commands/update_first_ready.py
index 9ee02109d..4803b70f8 100644
--- a/src/registrar/management/commands/update_first_ready_values.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -6,23 +6,22 @@ from registrar.models import Domain, TransitionDomain
 logger = logging.getLogger(__name__)
 
 class Command(BaseCommand, PopulateScriptTemplate):
-    help = "Loops through eachdomain object and populates the last_status_update and first_submitted_date"
+    help = "Loops through each domain object and populates the last_status_update and first_submitted_date"
 
     def handle(self, **kwargs):
-        """Loops through each valid Domain object and updates it's first_ready value if they are out of sync"""
-        filter_conditions="state__in=[Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED]"
-        self.mass_update_records(Domain, filter_conditions, ["first_ready"])
+        """Loops through each valid Domain object and updates it's first_ready value if it is out of sync"""
+        filter_conditions={"state__in":[Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED]}
+        self.mass_update_records(Domain, filter_conditions, ["first_ready"], verbose=True, custom_filter=self.should_update)
 
     def update_record(self, record: Domain):
-        """Defines how we update the first_read field"""
-        # if these are out of sync, update the 
-        if self.is_transition_domain(record) and record.first_ready != record.created_at:
-            record.first_ready = record.created_at
+        """Defines how we update the first_ready field"""
+        # update the first_ready value based on the creation date.
+        record.first_ready = record.created_at
 
         logger.info(
             f"{TerminalColors.OKCYAN}Updating {record} => first_ready: " f"{record.first_ready}{TerminalColors.OKCYAN}"
         )
     
-    # check if a transition domain object for this domain name exists
-    def is_transition_domain(record: Domain):
-        return TransitionDomain.objects.filter(domain_name=record.name).exists()
\ No newline at end of file
+    # check if a transition domain object for this domain name exists, and if so whether 
+    def should_update(self, record: Domain) -> bool:
+        return TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at
\ No newline at end of file
diff --git a/src/registrar/management/commands/utility/terminal_helper.py b/src/registrar/management/commands/utility/terminal_helper.py
index 2c69e1080..13d58191a 100644
--- a/src/registrar/management/commands/utility/terminal_helper.py
+++ b/src/registrar/management/commands/utility/terminal_helper.py
@@ -2,6 +2,7 @@ import logging
 import sys
 from abc import ABC, abstractmethod
 from django.core.paginator import Paginator
+from django.db.models import Model
 from typing import List
 from registrar.utility.enums import LogCode
 
@@ -75,28 +76,74 @@ class PopulateScriptTemplate(ABC):
     run_summary_header = None
 
     @abstractmethod
-    def update_record(self, record):
-        """Defines how we update each field. Must be defined before using mass_update_records."""
+    def update_record(self, record: Model):
+        """Defines how we update each field.
+
+        raises:
+            NotImplementedError: If not defined before calling mass_update_records.
+        """
         raise NotImplementedError
 
-    def mass_update_records(self, object_class, filter_conditions, fields_to_update, debug=True):
+    def mass_update_records(self, object_class: Model, filter_conditions, fields_to_update, debug=True, verbose=False, custom_filter=None):
         """Loops through each valid "object_class" object - specified by filter_conditions - and
         updates fields defined by fields_to_update using update_record.
 
-        You must define update_record before you can use this function.
+        Parameters:
+            object_class: The Django model class that you want to perform the bulk update on.
+                This should be the actual class, not a string of the class name.
+
+            filter_conditions: dictionary of valid Django Queryset filter conditions 
+                (e.g. {'verification_type__isnull'=True}).
+
+            fields_to_update: List of strings specifying which fields to update.
+                (e.g. ["first_ready_date", "last_submitted_date"])
+
+            debug: Whether to log script run summary in debug mode. 
+                Default: True.
+
+            verbose: Whether to print a detailed run summary *before* run confirmation. 
+                Default: False.
+
+            custom_filter: function taking in a single record and returning a boolean representing whether
+                the record should be included of the final record set. Used to allow for filters that can't be
+                represented by django queryset field lookups. Applied *after* filter_conditions.
+
+        Raises:
+            NotImplementedError: If you do not define update_record before using this function.
+            TypeError: If custom_filter is not Callable.
         """
 
         records = object_class.objects.filter(**filter_conditions)
+
+        # apply custom filter
+        if custom_filter:
+            to_exclude_pks = []
+            for record in records:
+                try:
+                    if not custom_filter(record):
+                        to_exclude_pks.append(record.pk)
+                except TypeError as e:
+                    logger.error(f"Error applying custom filter: {e}")
+                    sys.exit()
+            records=records.exclude(pk__in=to_exclude_pks)
+
         readable_class_name = self.get_class_name(object_class)
 
+        # for use in the execution prompt.
+        proposed_changes=f"""==Proposed Changes==
+            Number of {readable_class_name} objects to change: {len(records)}
+            These fields will be updated on each record: {fields_to_update}
+            """
+        
+        if verbose:
+            proposed_changes=f"""{proposed_changes}
+            These records will be updated: {list(records.all())}
+            """
+
         # Code execution will stop here if the user prompts "N"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
-            ==Proposed Changes==
-            Number of {readable_class_name} objects to change: {len(records)}
-            These fields will be updated on each record: {fields_to_update}
-            """,
+            prompt_message=proposed_changes,
             prompt_title=self.prompt_title,
         )
         logger.info("Updating...")
@@ -220,6 +267,9 @@ class TerminalHelper:
                 an answer is required of the user).
 
         The "answer" return value is True for "yes" or False for "no".
+
+        Raises:
+            ValueError: When "default" is not "yes", "no", or None.
         """
         valid = {"yes": True, "y": True, "ye": True, "no": False, "n": False}
         if default is None:
@@ -244,6 +294,7 @@ class TerminalHelper:
     @staticmethod
     def query_yes_no_exit(question: str, default="yes"):
         """Ask a yes/no question via raw_input() and return their answer.
+        Allows for answer "e" to exit.
 
         "question" is a string that is presented to the user.
         "default" is the presumed answer if the user just hits <Enter>.
@@ -251,6 +302,9 @@ class TerminalHelper:
                 an answer is required of the user).
 
         The "answer" return value is True for "yes" or False for "no".
+
+        Raises:
+            ValueError: When "default" is not "yes", "no", or None.
         """
         valid = {
             "yes": True,
@@ -317,9 +371,8 @@ class TerminalHelper:
                 case _:
                     logger.info(print_statement)
 
-    # TODO - "info_to_inspect" should be refactored to "prompt_message"
     @staticmethod
-    def prompt_for_execution(system_exit_on_terminate: bool, info_to_inspect: str, prompt_title: str) -> bool:
+    def prompt_for_execution(system_exit_on_terminate: bool, prompt_message: str, prompt_title: str) -> bool:
         """Create to reduce code complexity.
         Prompts the user to inspect the given string
         and asks if they wish to proceed.
@@ -340,7 +393,7 @@ class TerminalHelper:
             =====================================================
             *** IMPORTANT:  VERIFY THE FOLLOWING LOOKS CORRECT ***
 
-            {info_to_inspect}
+            {prompt_message}
             {TerminalColors.FAIL}
             Proceed? (Y = proceed, N = {action_description_for_selecting_no})
             {TerminalColors.ENDC}"""

From 4026e9be8601ec63f9d1aa29a001ef6c3c3cd31d Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Thu, 22 Aug 2024 15:47:21 -0500
Subject: [PATCH 05/69] minor changes

---
 src/registrar/management/commands/update_first_ready.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index 4803b70f8..aaf04e2a7 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -16,7 +16,7 @@ class Command(BaseCommand, PopulateScriptTemplate):
     def update_record(self, record: Domain):
         """Defines how we update the first_ready field"""
         # update the first_ready value based on the creation date.
-        record.first_ready = record.created_at
+        record.first_ready = record.created_at.date()
 
         logger.info(
             f"{TerminalColors.OKCYAN}Updating {record} => first_ready: " f"{record.first_ready}{TerminalColors.OKCYAN}"
@@ -24,4 +24,4 @@ class Command(BaseCommand, PopulateScriptTemplate):
     
     # check if a transition domain object for this domain name exists, and if so whether 
     def should_update(self, record: Domain) -> bool:
-        return TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at
\ No newline at end of file
+        return TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date()
\ No newline at end of file

From a7c801739d7ff19c379a6d5306e127eaa6725db1 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 16:33:10 -0400
Subject: [PATCH 06/69] new view, transfer and delete logic, modal, combobox

---
 src/registrar/admin.py                        |   2 +
 src/registrar/assets/js/get-gov-admin.js      |  62 +++--
 src/registrar/assets/sass/_theme/_admin.scss  |  56 ++++-
 src/registrar/config/settings.py              |   3 +-
 src/registrar/config/urls.py                  |   2 +
 src/registrar/templates/admin/analytics.html  |  20 +-
 .../templates/admin/transfer_user.html        | 229 ++++++++++++++++++
 .../django/admin/user_change_form.html        |  15 ++
 src/registrar/views/transfer_user.py          | 158 ++++++++++++
 9 files changed, 492 insertions(+), 55 deletions(-)
 create mode 100644 src/registrar/templates/admin/transfer_user.html
 create mode 100644 src/registrar/views/transfer_user.py

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index 3ad5e3ea0..4a34ac0f8 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -41,6 +41,8 @@ from django.core.exceptions import ObjectDoesNotExist
 from django.contrib.admin.widgets import FilteredSelectMultiple
 from django.utils.html import format_html
 from django.utils.translation import gettext_lazy as _
+from django.shortcuts import get_object_or_404, render
+from django.urls import path
 
 logger = logging.getLogger(__name__)
 
diff --git a/src/registrar/assets/js/get-gov-admin.js b/src/registrar/assets/js/get-gov-admin.js
index 01c93abf6..6c302836f 100644
--- a/src/registrar/assets/js/get-gov-admin.js
+++ b/src/registrar/assets/js/get-gov-admin.js
@@ -172,40 +172,39 @@ function addOrRemoveSessionBoolean(name, add){
 ** To perform data operations on this - we need to use jQuery rather than vanilla js. 
 */
 (function (){
-    let selector = django.jQuery("#id_investigator")
-    let assignSelfButton = document.querySelector("#investigator__assign_self");
-    if (!selector || !assignSelfButton) {
-        return;
-    }
-
-    let currentUserId = assignSelfButton.getAttribute("data-user-id");
-    let currentUserName = assignSelfButton.getAttribute("data-user-name");
-    if (!currentUserId || !currentUserName){
-        console.error("Could not assign current user: no values found.")
-        return;
-    }
-
-    // Hook a click listener to the "Assign to me" button.
-    // Logic borrowed from here: https://select2.org/programmatic-control/add-select-clear-items#create-if-not-exists
-    assignSelfButton.addEventListener("click", function() {
-        if (selector.find(`option[value='${currentUserId}']`).length) {
-            // Select the value that is associated with the current user.
-            selector.val(currentUserId).trigger("change");
-        } else { 
-            // Create a DOM Option that matches the desired user. Then append it and select it.
-            let userOption = new Option(currentUserName, currentUserId, true, true);
-            selector.append(userOption).trigger("change");
+    if (document.getElementById("id_investigator") && django && django.jQuery) {
+        let selector = django.jQuery("#id_investigator")
+        let assignSelfButton = document.querySelector("#investigator__assign_self");
+        if (!selector || !assignSelfButton) {
+            return;
         }
-    });
 
-    // Listen to any change events, and hide the parent container if investigator has a value.
-    selector.on('change', function() {
-        // The parent container has display type flex.
-        assignSelfButton.parentElement.style.display = this.value === currentUserId ? "none" : "flex";
-    });
-    
-    
+        let currentUserId = assignSelfButton.getAttribute("data-user-id");
+        let currentUserName = assignSelfButton.getAttribute("data-user-name");
+        if (!currentUserId || !currentUserName){
+            console.error("Could not assign current user: no values found.")
+            return;
+        }
 
+        // Hook a click listener to the "Assign to me" button.
+        // Logic borrowed from here: https://select2.org/programmatic-control/add-select-clear-items#create-if-not-exists
+        assignSelfButton.addEventListener("click", function() {
+            if (selector.find(`option[value='${currentUserId}']`).length) {
+                // Select the value that is associated with the current user.
+                selector.val(currentUserId).trigger("change");
+            } else { 
+                // Create a DOM Option that matches the desired user. Then append it and select it.
+                let userOption = new Option(currentUserName, currentUserId, true, true);
+                selector.append(userOption).trigger("change");
+            }
+        });
+
+        // Listen to any change events, and hide the parent container if investigator has a value.
+        selector.on('change', function() {
+            // The parent container has display type flex.
+            assignSelfButton.parentElement.style.display = this.value === currentUserId ? "none" : "flex";
+        });
+    }
 })();
 
 /** An IIFE for pages in DjangoAdmin that use a clipboard button
@@ -215,7 +214,6 @@ function addOrRemoveSessionBoolean(name, add){
     function copyToClipboardAndChangeIcon(button) {
         // Assuming the input is the previous sibling of the button
         let input = button.previousElementSibling;
-        let userId = input.getAttribute("user-id")
         // Copy input value to clipboard
         if (input) {
             navigator.clipboard.writeText(input.value).then(function() {
diff --git a/src/registrar/assets/sass/_theme/_admin.scss b/src/registrar/assets/sass/_theme/_admin.scss
index 8ca6b5465..40aef1121 100644
--- a/src/registrar/assets/sass/_theme/_admin.scss
+++ b/src/registrar/assets/sass/_theme/_admin.scss
@@ -120,7 +120,7 @@ html[data-theme="light"] {
     body.dashboard,
     body.change-list,
     body.change-form,
-    .analytics {
+    .custom-admin-template, dt {
         color: var(--body-fg);
     }
     .usa-table td {
@@ -149,7 +149,7 @@ html[data-theme="dark"] {
     body.dashboard,
     body.change-list,
     body.change-form,
-    .analytics {
+    .custom-admin-template, dt {
         color: var(--body-fg);
     }
     .usa-table td {
@@ -160,7 +160,7 @@ html[data-theme="dark"] {
     // Remove when dark mode successfully applies to Django delete page.
     .delete-confirmation .content a:not(.button)  {
         color: color('primary');
-    }
+    } 
 }
 
 
@@ -364,14 +364,40 @@ input.admin-confirm-button {
         list-style-type: none;
         line-height: normal;
     }
-    .button {
-        display: inline-block;
-        padding: 10px 8px;
-        line-height: normal;
-    }
-    a.button:active, a.button:focus {
-        text-decoration: none;
-    }
+}
+
+// This block resolves some of the issues we're seeing on buttons due to css
+// conflicts between DJ and USWDS
+a.button,
+.usa-button {
+    display: inline-block;
+    padding: 10px 15px;
+    font-size: 14px;
+    line-height: 16.1px;
+    font-kerning: auto;
+    font-family: inherit;
+    font-weight: normal;
+}
+.button svg,
+.button span,
+.usa-button svg,
+.usa-button span {
+    vertical-align: middle;
+}
+.usa-button:not(.usa-button--unstyled, .usa-button--outline, .usa-modal__close, .usa-button--secondary) {
+    background: var(--button-bg);
+}
+.usa-button span {
+    font-size: 14px;
+}
+.usa-button:not(.usa-button--unstyled, .usa-button--outline, .usa-modal__close, .usa-button--secondary):hover {
+    background: var(--button-hover-bg);
+}
+a.button:active, a.button:focus {
+    text-decoration: none;
+}
+.usa-modal {
+    font-family: inherit;
 }
 
 .module--custom {
@@ -732,7 +758,7 @@ div.dja__model-description{
 
     li {
         list-style-type: disc;
-        font-family: Source Sans Pro Web,Helvetica Neue,Helvetica,Roboto,Arial,sans-serif;
+        font-family: family('sans');
     }
 
     a, a:link, a:visited {
@@ -852,3 +878,9 @@ ul.add-list-reset {
     padding: 0 !important;
     margin: 0 !important;
 }
+
+// Fix the combobox when deployed outside admin (eg user transfer)
+.submit-row .select2,
+.submit-row .select2 span {
+    margin-top: 0;
+}
\ No newline at end of file
diff --git a/src/registrar/config/settings.py b/src/registrar/config/settings.py
index 73aecad7a..d1f8d2384 100644
--- a/src/registrar/config/settings.py
+++ b/src/registrar/config/settings.py
@@ -357,13 +357,14 @@ CSP_FORM_ACTION = allowed_sources
 # and inline with a nonce, as well as allowing connections back to their domain.
 # Note: If needed, we can embed chart.js instead of using the CDN
 CSP_DEFAULT_SRC = ("'self'",)
-CSP_STYLE_SRC = ["'self'", "https://www.ssa.gov/accessibility/andi/andi.css"]
+CSP_STYLE_SRC = ["'self'", "https://www.ssa.gov/accessibility/andi/andi.css", "https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css"]
 CSP_SCRIPT_SRC_ELEM = [
     "'self'",
     "https://www.googletagmanager.com/",
     "https://cdn.jsdelivr.net/npm/chart.js",
     "https://www.ssa.gov",
     "https://ajax.googleapis.com",
+    "https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js"
 ]
 CSP_CONNECT_SRC = ["'self'", "https://www.google-analytics.com/", "https://www.ssa.gov/accessibility/andi/andi.js"]
 CSP_INCLUDE_NONCE_IN = ["script-src-elem", "style-src"]
diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index 59f52cd95..ee32930f1 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -24,6 +24,7 @@ from registrar.views.report_views import (
 
 from registrar.views.domain_request import Step
 from registrar.views.domain_requests_json import get_domain_requests_json
+from registrar.views.transfer_user import TransferUserView
 from registrar.views.utility.api_views import get_senior_official_from_federal_agency_json
 from registrar.views.domains_json import get_domains_json
 from registrar.views.utility import always_404
@@ -129,6 +130,7 @@ urlpatterns = [
         AnalyticsView.as_view(),
         name="analytics",
     ),
+    path('admin/registrar/user/<int:user_id>/transfer/', TransferUserView.as_view(), name='transfer_user'),
     path(
         "admin/api/get-senior-official-from-federal-agency-json/",
         get_senior_official_from_federal_agency_json,
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 13db3b60a..2729d883d 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -5,7 +5,7 @@
 
 {% block content %}
 
-  <div id="content-main" class="analytics">
+  <div id="content-main" class="custom-admin-template">
 
     <div class="grid-row grid-gap-2">
       <div class="tablet:grid-col-6 margin-top-2">
@@ -29,28 +29,28 @@
         <div class="padding-top-2 padding-x-2">
           <ul class="usa-button-group wrapped-button-group">
             <li class="usa-button-group__item">
-                <a href="{% url 'export_data_type' %}" class="button text-no-wrap" role="button">
+                <a href="{% url 'export_data_type' %}" class="usa-button text-no-wrap" role="button">
                   <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                     <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                   </svg><span class="margin-left-05">All domain metadata</span>
                 </a>
             </li>
             <li class="usa-button-group__item">
-              <a href="{% url 'export_data_full' %}" class="button text-no-wrap" role="button">
+              <a href="{% url 'export_data_full' %}" class="usa-button text-no-wrap" role="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Current full</span>
               </a>
             </li>
             <li class="usa-button-group__item">
-                <a href="{% url 'export_data_federal' %}" class="button text-no-wrap" role="button">
+                <a href="{% url 'export_data_federal' %}" class="usa-button text-no-wrap" role="button">
                   <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                     <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                   </svg><span class="margin-left-05">Current federal</span>
                 </a>
             </li>
             <li class="usa-button-group__item">
-              <a href="{% url 'export_data_domain_requests_full' %}" class="button text-no-wrap" role="button">
+              <a href="{% url 'export_data_domain_requests_full' %}" class="usa-button text-no-wrap" role="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">All domain requests metadata</span>
@@ -84,35 +84,35 @@
           </div>
           <ul class="usa-button-group">
             <li class="usa-button-group__item">
-              <button class="button exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
+              <button class="usa-button exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Domain growth</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="button exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
+              <button class="usa-button exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Request growth</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="button exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
+              <button class="usa-button exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Managed domains</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="button exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
+              <button class="usa-button exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Unmanaged domains</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="button exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
+              <button class="usa-button exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#assessment"></use>
                 </svg><span class="margin-left-05">Update charts</span>
diff --git a/src/registrar/templates/admin/transfer_user.html b/src/registrar/templates/admin/transfer_user.html
new file mode 100644
index 000000000..a73106979
--- /dev/null
+++ b/src/registrar/templates/admin/transfer_user.html
@@ -0,0 +1,229 @@
+{% extends 'admin/base_site.html' %}
+{% load i18n static %}
+
+{% block content_title %}<h1>Transfer user</h1>{% endblock %}
+
+{% block extrastyle %}
+
+{{ block.super }}
+
+{% endblock %}  
+
+{% block extrahead %}
+    {{ block.super }}
+    <!-- Making the user select a combobox: -->
+    <!-- Load Django Admin's base JavaScript. This is NEEDED because select2 relies on it. -->                         
+    <script src="{% static 'admin/js/vendor/jquery/jquery.min.js' %}"></script>
+    
+    <!-- Include Select2 JavaScript. Since this view technically falls outside of admin, this is needed. -->
+    <script src="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js"></script>
+    <script type="application/javascript" src="{% static 'js/get-gov-admin-extra.js' %}" defer></script>
+
+    <link href="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css" rel="stylesheet" />
+{% endblock %}
+
+{% block breadcrumbs %}
+    <div class="breadcrumbs">
+        <a href="{% url 'admin:index' %}">{% trans 'Home' %}</a>
+        &rsaquo; <a href="{% url 'admin:app_list' 'registrar' %}">{% trans 'Registrar' %}</a>
+        &rsaquo; <a href="{% url 'admin:registrar_user_changelist' %}">{% trans 'Users' %}</a>
+        &rsaquo; <a href="{% url 'admin:registrar_user_change' current_user.pk %}">{{ current_user.first_name }} {{ current_user.last_name }}</a>
+        &rsaquo; {% trans 'Transfer User' %}
+    </div>
+{% endblock %}
+
+{% block content %}
+<div id="content-main" class="custom-admin-template">
+
+    <div class="module padding-4 display-flex flex-row flex-justify submit-row">
+
+        <div class="desktop:flex-align-center">
+            <form method="GET" action="{% url 'transfer_user' current_user.pk %}">
+                <label for="selected_user" class="text-middle">Select user to transfer data from:</label>
+                <select name="selected_user" id="selected_user" class="admin-combobox margin-top-0" onchange="this.form.submit()">
+                    <option value="">Select a user</option>
+                    {% for user in other_users %}
+                        <option value="{{ user.pk }}" {% if selected_user and user.pk == selected_user.pk %}selected{% endif %}>
+                            {{ user.first_name }} {{ user.last_name }}
+                        </option>
+                    {% endfor %}
+                </select>
+                <input type="submit" value="Preview" class="usa-button">
+            </form>
+        </div>
+        <div class="desktop:flex-align-center">
+            {% if selected_user %}
+                <a class="usa-button" href="#transfer-and-delete" aria-controls="transfer-and-delete" data-open-modal>
+                    Transfer and delete old user
+                </a>
+            {% endif %}
+        </div>
+    </div>
+
+    <div class="grid-row grid-gap-2">
+        <div class="tablet:grid-col-6 margin-top-2">
+            <div class="module height-full">
+                <h2>User to receive data</h2>
+                <div class="padding-top-2 padding-x-2">
+                    <dl>
+                        <dt>Username:</dt>
+                        <dd>{{ current_user.username }}</dd>
+                        <dt>Created at:</dt>
+                        <dd>{{ current_user.created_at }}</dd>
+                        <dt>Last login:</dt>
+                        <dd>{{ current_user.last_login }}</dd>
+                        <dt>First name:</dt>
+                        <dd>{{ current_user.first_name }}</dd>
+                        <dt>Middle name:</dt>
+                        <dd>{{ current_user.middle_name }}</dd>
+                        <dt>Last name:</dt>
+                        <dd>{{ current_user.last_name }}</dd>
+                        <dt>Title:</dt>
+                        <dd>{{ current_user.title }}</dd>
+                        <dt>Email:</dt>
+                        <dd>{{ current_user.email }}</dd>
+                        <dt>Phone:</dt>
+                        <dd>{{ current_user.phone }}</dd>
+                        <dt>Domains:</dt>
+                        <dd>
+                            {% if current_user_domains %}
+                                <ul>
+                                    {% for domain in current_user_domains %}
+                                        <li>{{ domain }}</li>
+                                    {% endfor %}
+                                </ul>
+                            {% else %}
+                                None
+                            {% endif %}
+                        </dd>
+                        <dt>Domain requests:</dt>
+                        <dd>
+                            {% if current_user_domain_requests %}
+                                <ul>
+                                    {% for request in current_user_domain_requests %}
+                                        <li>{{ request }}</li>
+                                    {% endfor %}
+                                </ul>
+                            {% else %}
+                                None
+                            {% endif %}
+                        </dd>
+                    </dl>
+                </div>
+            </div>
+        </div>
+
+        <div class="tablet:grid-col-6 margin-top-2">
+            <div class="module height-full">
+                <h2>User to lose data and be deleted</h2>
+                <div class="padding-top-2 padding-x-2">
+                    {% if selected_user %}
+                        <dl>
+                            <dt>Username:</dt>
+                            <dd>{{ selected_user.username }}</dd>
+                            <dt>Created at:</dt>
+                            <dd>{{ selected_user.created_at }}</dd>
+                            <dt>Last login:</dt>
+                            <dd>{{ selected_user.last_login }}</dd>
+                            <dt>First name:</dt>
+                            <dd>{{ selected_user.first_name }}</dd>
+                            <dt>Middle name:</dt>
+                            <dd>{{ selected_user.middle_name }}</dd>
+                            <dt>Last name:</dt>
+                            <dd>{{ selected_user.last_name }}</dd>
+                            <dt>Title:</dt>
+                            <dd>{{ selected_user.title }}</dd>
+                            <dt>Email:</dt>
+                            <dd>{{ selected_user.email }}</dd>
+                            <dt>Phone:</dt>
+                            <dd>{{ selected_user.phone }}</dd>
+                            <dt>Domains:</dt>
+                            <dd>
+                                {% if selected_user_domains %}
+                                    <ul>
+                                        {% for domain in selected_user_domains %}
+                                            <li>{{ domain }}</li>
+                                        {% endfor %}
+                                    </ul>
+                                {% else %}
+                                    None
+                                {% endif %}
+                            </dd>
+                            <dt>Domain requests:</dt>
+                            <dd>
+                                {% if selected_user_domain_requests %}
+                                    <ul>
+                                        {% for request in selected_user_domain_requests %}
+                                            <li>{{ request }}</li>
+                                        {% endfor %}
+                                    </ul>
+                                {% else %}
+                                    None
+                                {% endif %}
+                            </dd>
+                        </dl>
+                    {% else %}
+                        <p>No user selected yet.</p>
+                    {% endif %}
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div
+    class="usa-modal"
+    id="transfer-and-delete"
+    aria-labelledby="This action will delete {{ selected_user }}"
+    aria-describedby="This action will delete {{ selected_user }}"
+    >
+        <div class="usa-modal__content">
+            <div class="usa-modal__main">
+                <h2 class="usa-modal__heading" id="transfer-and-delete-heading">
+                    This action will delete {{ selected_user }}
+                </h2>
+                <div class="usa-prose">
+                    {% if selected_user != logged_in_user %}
+                        <p>But you know what you're doing, right?</p>
+                    {% else %}
+                        <p>Don't do it!</p>
+                    {% endif %}
+                </div>
+
+                <div class="usa-modal__footer">
+                    <ul class="usa-button-group">
+                        {% if selected_user != logged_in_user %}
+                            <li class="usa-button-group__item">
+                                <form method="POST" action="{% url 'transfer_user' current_user.pk %}">
+                                    {% csrf_token %}
+                                    <input type="hidden" name="selected_user" value="{{ selected_user.pk }}">
+                                    <input type="submit" class="usa-button" value="Transfer and delete old user">
+                                </form>
+                            </li>
+                        {% endif %}
+                        <li class="usa-button-group__item">
+                            <button
+                            type="button"
+                            class="usa-button usa-button--unstyled padding-105 text-center"
+                            name="_cancel_domain_request_ineligible"
+                            data-close-modal
+                            >
+                                Cancel
+                            </button>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+            <button
+            type="button"
+            class="usa-button usa-modal__close"
+            aria-label="Close this window"
+            data-close-modal
+            >
+                <svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
+                    <use xlink:href="{%static 'img/sprite.svg'%}#close"></use>
+                </svg>
+            </button>
+        </div>
+</div>
+{% endblock %}
\ No newline at end of file
diff --git a/src/registrar/templates/django/admin/user_change_form.html b/src/registrar/templates/django/admin/user_change_form.html
index 005d67aec..c0ddd8caf 100644
--- a/src/registrar/templates/django/admin/user_change_form.html
+++ b/src/registrar/templates/django/admin/user_change_form.html
@@ -1,6 +1,21 @@
 {% extends 'django/admin/email_clipboard_change_form.html' %}
 {% load i18n static %}
 
+
+{% block field_sets %}
+    <div class="display-flex flex-row flex-justify submit-row">
+        <div class="desktop:flex-align-self-end">
+            <a href="{% url 'transfer_user' original.pk %}" class="button">
+                Transfer data from old account
+            </a>
+        </div>
+    </div>
+
+    {% for fieldset in adminform %}
+        {% include "django/admin/includes/domain_fieldset.html" with state_help_message=state_help_message %}
+    {% endfor %}
+{% endblock %}
+
 {% block after_related_objects %}
     <div class="module aligned padding-3">
         <h2>Associated requests and domains</h2>
diff --git a/src/registrar/views/transfer_user.py b/src/registrar/views/transfer_user.py
new file mode 100644
index 000000000..5e367f04d
--- /dev/null
+++ b/src/registrar/views/transfer_user.py
@@ -0,0 +1,158 @@
+import logging
+
+from django.shortcuts import render, get_object_or_404, redirect
+from django.views import View
+from registrar.models.domain import Domain
+from registrar.models.domain_information import DomainInformation
+from registrar.models.domain_request import DomainRequest
+from registrar.models.portfolio import Portfolio
+from registrar.models.user import User
+from django.contrib.admin import site
+from django.contrib import messages
+
+from registrar.models.user_domain_role import UserDomainRole
+from registrar.models.verified_by_staff import VerifiedByStaff
+
+logger = logging.getLogger(__name__)
+
+class TransferUserView(View):
+    """Transfer user methods that set up the transfer_user template and handle the forms on it."""
+
+    JOINS = [
+        (DomainRequest, 'creator'),
+        (DomainInformation, 'creator'),
+        (Portfolio, 'creator'),
+        (DomainRequest, 'investigator'),
+        (UserDomainRole, 'user'),
+        (VerifiedByStaff, 'requestor'),
+    ]
+
+    USER_FIELDS = ['portfolio', 'portfolio_roles', 'portfolio_additional_permissions']
+
+    def get(self, request, user_id):
+        """current_user referes to the 'source' user where the button that redirects to this view was clicked.
+        other_users exclude current_user and populate a dropdown, selected_user is the selection in the dropdown.
+        
+        This also querries the relevant domains and domain requests, and the admin context needed for the sidenav."""
+
+        current_user = get_object_or_404(User, pk=user_id)
+        other_users = User.objects.exclude(pk=user_id).order_by('first_name', 'last_name')  # Exclude the current user from the dropdown
+
+        # Get the default admin site context, needed for the sidenav
+        admin_context = site.each_context(request)
+
+        context = {
+            'current_user': current_user,
+            'other_users': other_users,
+            'logged_in_user': request.user,
+            **admin_context,  # Include the admin context
+            'current_user_domains': self.get_domains(current_user),
+            'current_user_domain_requests': self.get_domain_requests(current_user)
+        }
+
+        selected_user_id = request.GET.get('selected_user')
+        if selected_user_id:
+            selected_user = get_object_or_404(User, pk=selected_user_id)
+            context['selected_user'] = selected_user
+            context['selected_user_domains'] = self.get_domains(selected_user)
+            context['selected_user_domain_requests'] = self.get_domain_requests(selected_user)
+
+        return render(request, 'admin/transfer_user.html', context)
+
+    def post(self, request, user_id):
+        """This handles the transfer from selected_user to current_user then deletes selected_user.
+        
+        NOTE: We have a ticket to refactor this into a more solid lookup for related fields in #2645"""
+
+        current_user = get_object_or_404(User, pk=user_id)
+        selected_user_id = request.POST.get('selected_user')
+        selected_user = get_object_or_404(User, pk=selected_user_id)
+
+        try:
+            change_logs = []
+
+            # Transfer specific fields
+            self.transfer_user_fields_and_log(selected_user, current_user, change_logs)
+
+            # Perform the updates and log the changes
+            for model_class, field_name in self.JOINS:
+                self.update_joins_and_log(model_class, field_name, selected_user, current_user, change_logs)
+
+            # Success message if any related objects were updated
+            if change_logs:
+                success_message = f"Data transferred successfully for the following objects: {change_logs}"
+                messages.success(request, success_message)
+
+            selected_user.delete()
+            messages.success(request, f"Deleted {selected_user} {selected_user.username}")
+
+        except Exception as e:
+            messages.error(request, f"An error occurred during the transfer: {e}")
+
+        return redirect('admin:registrar_user_change', object_id=user_id)
+
+    @classmethod
+    def update_joins_and_log(cls, model_class, field_name, old_user, new_user, change_logs):
+        """
+        Helper function to update the user join fields for a given model and log the changes.
+        """
+
+        filter_kwargs = {field_name: old_user}
+        updated_objects = model_class.objects.filter(**filter_kwargs)
+
+        for obj in updated_objects:
+            # Check for duplicate UserDomainRole before updating
+            if model_class == UserDomainRole:
+                if model_class.objects.filter(user=new_user, domain=obj.domain).exists():
+                    continue  # Skip the update to avoid a duplicate
+
+            # Update the field on the object and save it
+            setattr(obj, field_name, new_user)
+            obj.save()
+
+            # Log the change
+            cls.log_change(obj, field_name, old_user, new_user, change_logs)
+
+    @classmethod
+    def transfer_user_fields_and_log(cls, old_user, new_user, change_logs):
+        """
+        Transfers portfolio fields from the old_user to the new_user.
+        Logs the changes for each transferred field.
+
+        NOTE: This will be refactored in #2644
+        """
+
+        for field in cls.USER_FIELDS:
+            old_value = getattr(old_user, field, None)
+
+            if old_value:
+                setattr(new_user, field, old_value)
+                cls.log_change(new_user, field, old_value, old_value, change_logs)
+
+        new_user.save()
+
+    @classmethod
+    def log_change(cls, obj, field_name, old_value, new_value, change_logs):
+        """Logs the change for a specific field on an object"""
+        log_entry = f'Changed {field_name} from "{old_value}" to "{new_value}" on {obj}'
+        
+        logger.info(log_entry)
+
+        # Collect the related object for the success message
+        change_logs.append(log_entry)
+
+    @classmethod
+    def get_domains(cls, user):
+        """A simplified version of domains_json"""
+        user_domain_roles = UserDomainRole.objects.filter(user=user)
+        domain_ids = user_domain_roles.values_list("domain_id", flat=True)
+        domains = Domain.objects.filter(id__in=domain_ids)
+
+        return domains
+    
+    @classmethod
+    def get_domain_requests(cls, user):
+        """A simplified version of domain_requests_json"""
+        domain_requests = DomainRequest.objects.filter(creator=user)
+
+        return domain_requests
\ No newline at end of file

From c1df03d831c48c1d4cbb25afe2fa806ee687da5c Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 21:15:42 -0400
Subject: [PATCH 07/69] test and lint

---
 src/registrar/admin.py               |   2 -
 src/registrar/config/settings.py     |   8 +-
 src/registrar/config/urls.py         |   2 +-
 src/registrar/tests/test_admin.py    | 225 ++++++++++++++++++++++++++-
 src/registrar/views/__init__.py      |   1 +
 src/registrar/views/transfer_user.py |  82 +++++-----
 6 files changed, 274 insertions(+), 46 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index 4a34ac0f8..3ad5e3ea0 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -41,8 +41,6 @@ from django.core.exceptions import ObjectDoesNotExist
 from django.contrib.admin.widgets import FilteredSelectMultiple
 from django.utils.html import format_html
 from django.utils.translation import gettext_lazy as _
-from django.shortcuts import get_object_or_404, render
-from django.urls import path
 
 logger = logging.getLogger(__name__)
 
diff --git a/src/registrar/config/settings.py b/src/registrar/config/settings.py
index d1f8d2384..7965424bc 100644
--- a/src/registrar/config/settings.py
+++ b/src/registrar/config/settings.py
@@ -357,14 +357,18 @@ CSP_FORM_ACTION = allowed_sources
 # and inline with a nonce, as well as allowing connections back to their domain.
 # Note: If needed, we can embed chart.js instead of using the CDN
 CSP_DEFAULT_SRC = ("'self'",)
-CSP_STYLE_SRC = ["'self'", "https://www.ssa.gov/accessibility/andi/andi.css", "https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css"]
+CSP_STYLE_SRC = [
+    "'self'",
+    "https://www.ssa.gov/accessibility/andi/andi.css",
+    "https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css",
+]
 CSP_SCRIPT_SRC_ELEM = [
     "'self'",
     "https://www.googletagmanager.com/",
     "https://cdn.jsdelivr.net/npm/chart.js",
     "https://www.ssa.gov",
     "https://ajax.googleapis.com",
-    "https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js"
+    "https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js",
 ]
 CSP_CONNECT_SRC = ["'self'", "https://www.google-analytics.com/", "https://www.ssa.gov/accessibility/andi/andi.js"]
 CSP_INCLUDE_NONCE_IN = ["script-src-elem", "style-src"]
diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index ee32930f1..0a8e00350 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -130,7 +130,7 @@ urlpatterns = [
         AnalyticsView.as_view(),
         name="analytics",
     ),
-    path('admin/registrar/user/<int:user_id>/transfer/', TransferUserView.as_view(), name='transfer_user'),
+    path("admin/registrar/user/<int:user_id>/transfer/", TransferUserView.as_view(), name="transfer_user"),
     path(
         "admin/api/get-senior-official-from-federal-agency-json/",
         get_senior_official_from_federal_agency_json,
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 827742ef1..f051325a6 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -45,6 +45,7 @@ from registrar.models import (
 from registrar.models.portfolio_invitation import PortfolioInvitation
 from registrar.models.senior_official import SeniorOfficial
 from registrar.models.user_domain_role import UserDomainRole
+from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
 from registrar.models.verified_by_staff import VerifiedByStaff
 from .common import (
     MockDbForSharedTests,
@@ -60,7 +61,8 @@ from .common import (
 )
 from django.contrib.sessions.backends.db import SessionStore
 from django.contrib.auth import get_user_model
-from unittest.mock import patch, Mock
+from unittest.mock import ANY, patch, Mock
+from django_webtest import WebTest  # type: ignore
 
 import logging
 
@@ -2121,3 +2123,224 @@ class TestPortfolioAdmin(TestCase):
         self.assertIn("request1.gov", domain_requests)
         self.assertIn("request2.gov", domain_requests)
         self.assertIn('<ul class="add-list-reset">', domain_requests)
+
+
+class TestTransferUser(WebTest):
+    """User transfer custom admin page"""
+
+    # csrf checks do not work well with WebTest.
+    # We disable them here.
+    csrf_checks = False
+
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.site = AdminSite()
+        cls.superuser = create_superuser()
+        cls.admin = PortfolioAdmin(model=Portfolio, admin_site=cls.site)
+        cls.factory = RequestFactory()
+
+    def setUp(self):
+        self.app.set_user(self.superuser)
+        self.user1, _ = User.objects.get_or_create(
+            username="madmax", first_name="Max", last_name="Rokatanski", title="Road warrior"
+        )
+        self.user2, _ = User.objects.get_or_create(
+            username="furiosa", first_name="Furiosa", last_name="Jabassa", title="Imperator"
+        )
+
+    def tearDown(self):
+        Suborganization.objects.all().delete()
+        DomainInformation.objects.all().delete()
+        DomainRequest.objects.all().delete()
+        Domain.objects.all().delete()
+        Portfolio.objects.all().delete()
+        UserDomainRole.objects.all().delete()
+
+    @less_console_noise_decorator
+    def test_transfer_user_shows_current_and_selected_user_information(self):
+        """Assert we pull the current user info and display it on the transfer page"""
+        completed_domain_request(user=self.user1, name="wasteland.gov")
+        domain_request = completed_domain_request(
+            user=self.user1, name="citadel.gov", status=DomainRequest.DomainRequestStatus.SUBMITTED
+        )
+        domain_request.status = DomainRequest.DomainRequestStatus.APPROVED
+        domain_request.save()
+
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+
+        self.assertContains(user_transfer_page, "madmax")
+        self.assertContains(user_transfer_page, "Max")
+        self.assertContains(user_transfer_page, "Rokatanski")
+        self.assertContains(user_transfer_page, "Road warrior")
+        self.assertContains(user_transfer_page, "wasteland.gov")
+        self.assertContains(user_transfer_page, "citadel.gov")
+
+        select_form = user_transfer_page.forms[0]
+        select_form["selected_user"] = str(self.user2.id)
+        preview_result = select_form.submit()
+
+        self.assertContains(preview_result, "furiosa")
+        self.assertContains(preview_result, "Furiosa")
+        self.assertContains(preview_result, "Jabassa")
+        self.assertContains(preview_result, "Imperator")
+
+    @less_console_noise_decorator
+    def test_transfer_user_transfers_portfolio_roles_and_permissions_and_portfolio_creator(self):
+        """Assert that a portfolio gets copied over
+        NOTE: Should be revised for #2644"""
+        portfolio = Portfolio.objects.create(organization_name="Citadel", creator=self.user2)
+        self.user2.portfolio = portfolio
+        self.user2.portfolio_roles = [UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        self.user2.portfolio_additional_permissions = [
+            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+            UserPortfolioPermissionChoices.EDIT_PORTFOLIO,
+        ]
+        self.user2.save()
+
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+
+        submit_form = user_transfer_page.forms[1]
+        submit_form["selected_user"] = self.user2.pk
+        submit_form.submit()
+
+        self.user1.refresh_from_db()
+        portfolio.refresh_from_db()
+
+        self.assertEquals(portfolio.creator, self.user1)
+        self.assertEquals(self.user1.portfolio, portfolio)
+        self.assertEquals(self.user1.portfolio_roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN])
+        self.assertEquals(
+            self.user1.portfolio_additional_permissions,
+            [UserPortfolioPermissionChoices.VIEW_PORTFOLIO, UserPortfolioPermissionChoices.EDIT_PORTFOLIO],
+        )
+
+    @less_console_noise_decorator
+    def test_transfer_user_transfers_domain_request_creator_and_investigator(self):
+        """Assert that domain request fields get transferred"""
+        domain_request = completed_domain_request(user=self.user2, name="wasteland.gov", investigator=self.user2)
+
+        self.assertEquals(domain_request.creator, self.user2)
+        self.assertEquals(domain_request.investigator, self.user2)
+
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+        submit_form = user_transfer_page.forms[1]
+        submit_form["selected_user"] = self.user2.pk
+        submit_form.submit()
+        domain_request.refresh_from_db()
+
+        self.assertEquals(domain_request.creator, self.user1)
+        self.assertEquals(domain_request.investigator, self.user1)
+
+    @less_console_noise_decorator
+    def test_transfer_user_transfers_domain_information_creator(self):
+        """Assert that domain fields get transferred"""
+        domain_information, _ = DomainInformation.objects.get_or_create(creator=self.user2)
+
+        self.assertEquals(domain_information.creator, self.user2)
+
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+        submit_form = user_transfer_page.forms[1]
+        submit_form["selected_user"] = self.user2.pk
+        submit_form.submit()
+        domain_information.refresh_from_db()
+
+        self.assertEquals(domain_information.creator, self.user1)
+
+    @less_console_noise_decorator
+    def test_transfer_user_transfers_domain_role(self):
+        """Assert that user domain role get transferred"""
+        domain_1, _ = Domain.objects.get_or_create(name="chrome.gov", state=Domain.State.READY)
+        domain_2, _ = Domain.objects.get_or_create(name="v8.gov", state=Domain.State.READY)
+        user_domain_role1, _ = UserDomainRole.objects.get_or_create(
+            user=self.user2, domain=domain_1, role=UserDomainRole.Roles.MANAGER
+        )
+        user_domain_role2, _ = UserDomainRole.objects.get_or_create(
+            user=self.user2, domain=domain_2, role=UserDomainRole.Roles.MANAGER
+        )
+
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+        submit_form = user_transfer_page.forms[1]
+        submit_form["selected_user"] = self.user2.pk
+        submit_form.submit()
+        user_domain_role1.refresh_from_db()
+        user_domain_role2.refresh_from_db()
+
+        self.assertEquals(user_domain_role1.user, self.user1)
+        self.assertEquals(user_domain_role2.user, self.user1)
+
+    @less_console_noise_decorator
+    def test_transfer_user_transfers_verified_by_staff_requestor(self):
+        """Assert that verified by staff creator gets transferred"""
+        vip, _ = VerifiedByStaff.objects.get_or_create(requestor=self.user2, email="immortan.joe@citadel.com")
+
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+        submit_form = user_transfer_page.forms[1]
+        submit_form["selected_user"] = self.user2.pk
+        submit_form.submit()
+        vip.refresh_from_db()
+
+        self.assertEquals(vip.requestor, self.user1)
+
+    @less_console_noise_decorator
+    def test_transfer_user_deletes_old_user(self):
+        """Assert that the slected user gets deleted"""
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+        submit_form = user_transfer_page.forms[1]
+        submit_form["selected_user"] = self.user2.pk
+        submit_form.submit()
+        # Refresh user2 from the database and check if it still exists
+        with self.assertRaises(User.DoesNotExist):
+            self.user2.refresh_from_db()
+
+    @less_console_noise_decorator
+    def test_transfer_user_throws_transfer_and_delete_success_messages(self):
+        """Test that success messages for data transfer and user deletion are displayed."""
+        # Ensure the setup for VerifiedByStaff
+        VerifiedByStaff.objects.get_or_create(requestor=self.user2, email="immortan.joe@citadel.com")
+
+        # Access the transfer user page
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+
+        with patch("django.contrib.messages.success") as mock_success_message:
+
+            # Fill the form with the selected user and submit
+            submit_form = user_transfer_page.forms[1]
+            submit_form["selected_user"] = self.user2.pk
+            after_submit = submit_form.submit().follow()
+
+            self.assertContains(after_submit, "<h1>Change user</h1>")
+
+            mock_success_message.assert_any_call(
+                ANY,
+                (
+                    "Data transferred successfully for the following objects: ['Changed requestor "
+                    + 'from "Furiosa Jabassa " to "Max Rokatanski " on immortan.joe@citadel.com\']'
+                ),
+            )
+
+            mock_success_message.assert_any_call(ANY, f"Deleted {self.user2} {self.user2.username}")
+
+    @less_console_noise_decorator
+    def test_transfer_user_throws_error_message(self):
+        """Test that an error message is thrown if the transfer fails."""
+        with patch(
+            "registrar.views.TransferUserView.transfer_user_fields_and_log", side_effect=Exception("Simulated Error")
+        ):
+            with patch("django.contrib.messages.error") as mock_error:
+                # Access the transfer user page
+                user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+
+                # Fill the form with the selected user and submit
+                submit_form = user_transfer_page.forms[1]
+                submit_form["selected_user"] = self.user2.pk
+                submit_form.submit().follow()
+
+                # Assert that the error message was called with the correct argument
+                mock_error.assert_called_once_with(ANY, "An error occurred during the transfer: Simulated Error")
+
+    @less_console_noise_decorator
+    def test_transfer_user_modal(self):
+        """Assert modal on page"""
+        user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
+        self.assertContains(user_transfer_page, "But you know what you're doing, right?")
diff --git a/src/registrar/views/__init__.py b/src/registrar/views/__init__.py
index f6e87dd07..2b830d958 100644
--- a/src/registrar/views/__init__.py
+++ b/src/registrar/views/__init__.py
@@ -19,3 +19,4 @@ from .user_profile import UserProfileView, FinishProfileSetupView
 from .health import *
 from .index import *
 from .portfolios import *
+from .transfer_user import TransferUserView
diff --git a/src/registrar/views/transfer_user.py b/src/registrar/views/transfer_user.py
index 5e367f04d..cc901d5ab 100644
--- a/src/registrar/views/transfer_user.py
+++ b/src/registrar/views/transfer_user.py
@@ -15,57 +15,60 @@ from registrar.models.verified_by_staff import VerifiedByStaff
 
 logger = logging.getLogger(__name__)
 
+
 class TransferUserView(View):
     """Transfer user methods that set up the transfer_user template and handle the forms on it."""
 
     JOINS = [
-        (DomainRequest, 'creator'),
-        (DomainInformation, 'creator'),
-        (Portfolio, 'creator'),
-        (DomainRequest, 'investigator'),
-        (UserDomainRole, 'user'),
-        (VerifiedByStaff, 'requestor'),
+        (DomainRequest, "creator"),
+        (DomainInformation, "creator"),
+        (Portfolio, "creator"),
+        (DomainRequest, "investigator"),
+        (UserDomainRole, "user"),
+        (VerifiedByStaff, "requestor"),
     ]
 
-    USER_FIELDS = ['portfolio', 'portfolio_roles', 'portfolio_additional_permissions']
+    USER_FIELDS = ["portfolio", "portfolio_roles", "portfolio_additional_permissions"]
 
     def get(self, request, user_id):
         """current_user referes to the 'source' user where the button that redirects to this view was clicked.
         other_users exclude current_user and populate a dropdown, selected_user is the selection in the dropdown.
-        
+
         This also querries the relevant domains and domain requests, and the admin context needed for the sidenav."""
 
         current_user = get_object_or_404(User, pk=user_id)
-        other_users = User.objects.exclude(pk=user_id).order_by('first_name', 'last_name')  # Exclude the current user from the dropdown
+        other_users = User.objects.exclude(pk=user_id).order_by(
+            "first_name", "last_name"
+        )  # Exclude the current user from the dropdown
 
         # Get the default admin site context, needed for the sidenav
         admin_context = site.each_context(request)
 
         context = {
-            'current_user': current_user,
-            'other_users': other_users,
-            'logged_in_user': request.user,
+            "current_user": current_user,
+            "other_users": other_users,
+            "logged_in_user": request.user,
             **admin_context,  # Include the admin context
-            'current_user_domains': self.get_domains(current_user),
-            'current_user_domain_requests': self.get_domain_requests(current_user)
+            "current_user_domains": self.get_domains(current_user),
+            "current_user_domain_requests": self.get_domain_requests(current_user),
         }
 
-        selected_user_id = request.GET.get('selected_user')
+        selected_user_id = request.GET.get("selected_user")
         if selected_user_id:
             selected_user = get_object_or_404(User, pk=selected_user_id)
-            context['selected_user'] = selected_user
-            context['selected_user_domains'] = self.get_domains(selected_user)
-            context['selected_user_domain_requests'] = self.get_domain_requests(selected_user)
+            context["selected_user"] = selected_user
+            context["selected_user_domains"] = self.get_domains(selected_user)
+            context["selected_user_domain_requests"] = self.get_domain_requests(selected_user)
 
-        return render(request, 'admin/transfer_user.html', context)
+        return render(request, "admin/transfer_user.html", context)
 
     def post(self, request, user_id):
         """This handles the transfer from selected_user to current_user then deletes selected_user.
-        
+
         NOTE: We have a ticket to refactor this into a more solid lookup for related fields in #2645"""
 
         current_user = get_object_or_404(User, pk=user_id)
-        selected_user_id = request.POST.get('selected_user')
+        selected_user_id = request.POST.get("selected_user")
         selected_user = get_object_or_404(User, pk=selected_user_id)
 
         try:
@@ -89,53 +92,52 @@ class TransferUserView(View):
         except Exception as e:
             messages.error(request, f"An error occurred during the transfer: {e}")
 
-        return redirect('admin:registrar_user_change', object_id=user_id)
+        return redirect("admin:registrar_user_change", object_id=user_id)
 
     @classmethod
-    def update_joins_and_log(cls, model_class, field_name, old_user, new_user, change_logs):
+    def update_joins_and_log(cls, model_class, field_name, selected_user, current_user, change_logs):
         """
         Helper function to update the user join fields for a given model and log the changes.
         """
 
-        filter_kwargs = {field_name: old_user}
+        filter_kwargs = {field_name: selected_user}
         updated_objects = model_class.objects.filter(**filter_kwargs)
 
         for obj in updated_objects:
             # Check for duplicate UserDomainRole before updating
             if model_class == UserDomainRole:
-                if model_class.objects.filter(user=new_user, domain=obj.domain).exists():
+                if model_class.objects.filter(user=current_user, domain=obj.domain).exists():
                     continue  # Skip the update to avoid a duplicate
 
             # Update the field on the object and save it
-            setattr(obj, field_name, new_user)
+            setattr(obj, field_name, current_user)
             obj.save()
 
             # Log the change
-            cls.log_change(obj, field_name, old_user, new_user, change_logs)
+            cls.log_change(obj, field_name, selected_user, current_user, change_logs)
 
     @classmethod
-    def transfer_user_fields_and_log(cls, old_user, new_user, change_logs):
+    def transfer_user_fields_and_log(cls, selected_user, current_user, change_logs):
         """
-        Transfers portfolio fields from the old_user to the new_user.
+        Transfers portfolio fields from the selected_user to the current_user.
         Logs the changes for each transferred field.
 
         NOTE: This will be refactored in #2644
         """
-
         for field in cls.USER_FIELDS:
-            old_value = getattr(old_user, field, None)
+            field_value = getattr(selected_user, field, None)
 
-            if old_value:
-                setattr(new_user, field, old_value)
-                cls.log_change(new_user, field, old_value, old_value, change_logs)
+            if field_value:
+                setattr(current_user, field, field_value)
+                cls.log_change(current_user, field, field_value, field_value, change_logs)
 
-        new_user.save()
+        current_user.save()
 
     @classmethod
-    def log_change(cls, obj, field_name, old_value, new_value, change_logs):
+    def log_change(cls, obj, field_name, field_value, new_value, change_logs):
         """Logs the change for a specific field on an object"""
-        log_entry = f'Changed {field_name} from "{old_value}" to "{new_value}" on {obj}'
-        
+        log_entry = f'Changed {field_name} from "{field_value}" to "{new_value}" on {obj}'
+
         logger.info(log_entry)
 
         # Collect the related object for the success message
@@ -149,10 +151,10 @@ class TransferUserView(View):
         domains = Domain.objects.filter(id__in=domain_ids)
 
         return domains
-    
+
     @classmethod
     def get_domain_requests(cls, user):
         """A simplified version of domain_requests_json"""
         domain_requests = DomainRequest.objects.filter(creator=user)
 
-        return domain_requests
\ No newline at end of file
+        return domain_requests

From 778ad4de6f331ef919d42c30ac1c38a740353f99 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 21:39:36 -0400
Subject: [PATCH 08/69] accessibility fix

---
 src/registrar/assets/sass/_theme/_admin.scss     | 5 ++++-
 src/registrar/templates/admin/transfer_user.html | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_admin.scss b/src/registrar/assets/sass/_theme/_admin.scss
index 40aef1121..b948e2934 100644
--- a/src/registrar/assets/sass/_theme/_admin.scss
+++ b/src/registrar/assets/sass/_theme/_admin.scss
@@ -883,4 +883,7 @@ ul.add-list-reset {
 .submit-row .select2,
 .submit-row .select2 span {
     margin-top: 0;
-}
\ No newline at end of file
+}
+.transfer-user-selector .select2-selection__placeholder {
+    color: #3d4551!important;
+}
diff --git a/src/registrar/templates/admin/transfer_user.html b/src/registrar/templates/admin/transfer_user.html
index a73106979..eee1d1140 100644
--- a/src/registrar/templates/admin/transfer_user.html
+++ b/src/registrar/templates/admin/transfer_user.html
@@ -38,7 +38,7 @@
     <div class="module padding-4 display-flex flex-row flex-justify submit-row">
 
         <div class="desktop:flex-align-center">
-            <form method="GET" action="{% url 'transfer_user' current_user.pk %}">
+            <form class="transfer-user-selector" method="GET" action="{% url 'transfer_user' current_user.pk %}">
                 <label for="selected_user" class="text-middle">Select user to transfer data from:</label>
                 <select name="selected_user" id="selected_user" class="admin-combobox margin-top-0" onchange="this.form.submit()">
                     <option value="">Select a user</option>
@@ -226,4 +226,4 @@
             </button>
         </div>
 </div>
-{% endblock %}
\ No newline at end of file
+{% endblock %}

From d07872bfa1697b077e7316e2b8a1b51eb7af674f Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 21:55:41 -0400
Subject: [PATCH 09/69] clean up tamplate and fix unit tests

---
 src/registrar/admin.py                                 |  2 +-
 .../django/admin/includes/detail_table_fieldset.html   | 10 ++++++++--
 src/registrar/tests/test_models.py                     |  6 +++---
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index 12c5d8cf8..e13353fe6 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -2975,7 +2975,7 @@ class PortfolioAdmin(ListHeaderAdmin):
         Will be used in the after_help_text block."""
         members = [user for user in obj.user.all() if "Admin" not in user.portfolio_role_summary]
         if not members:
-            return format_html("<p>No members found.</p>")
+            return ''
 
         member_details = (
             "<table><thead><tr><th>Name</th><th>Title</th><th>Email</th>"
diff --git a/src/registrar/templates/django/admin/includes/detail_table_fieldset.html b/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
index 5da6c2ca2..359897c04 100644
--- a/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
+++ b/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
@@ -140,7 +140,13 @@ This is using a custom implementation fieldset.html (see admin/fieldset.html)
     {% elif field.field.name == "display_admins" %}
         <div class="readonly">{{ field.contents|safe }}</div>
     {% elif field.field.name == "display_members" %}
-        <div class="readonly">{{ display_members_summary }}</div>
+        <div class="readonly">
+            {% if display_members_summary %}
+                {{ display_members_summary }}
+            {% else %}
+                <p>No members found.</p>
+            {% endif %}
+        </div>
     {% else %}
         <div class="readonly">{{ field.contents }}</div>
     {% endif %}
@@ -244,7 +250,7 @@ This is using a custom implementation fieldset.html (see admin/fieldset.html)
             </details>
         {% endif %}
         {% endwith %}
-    {% elif field.field.name == "display_members" %}
+    {% elif field.field.name == "display_members" and field.contents %}
         <details class="margin-top-1 dja-detail-table" aria-role="button" open>
             <summary class="padding-1 padding-left-0 dja-details-summary">Details</summary>
             <div class="grid-container margin-left-0 padding-left-0 padding-right-0 dja-details-contents">
diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index 5b9d0ade3..2ab53a1c7 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1233,19 +1233,19 @@ class TestUser(TestCase):
     )
     def test_portfolio_role_summary_member_domain_requestor_domain_manager(self):
         # Test if the user has 'Member', 'Domain requestor', and 'Domain manager' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["Member", "Domain requestor", "Domain manager"])
+        self.assertEqual(self.user.portfolio_role_summary, ["Domain requestor", "Domain manager"])
 
     @patch.multiple(User, has_base_portfolio_permission=lambda self: True, has_edit_requests=lambda self: True)
     def test_portfolio_role_summary_member_domain_requestor(self):
         # Test if the user has 'Member' and 'Domain requestor' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["Member", "Domain requestor"])
+        self.assertEqual(self.user.portfolio_role_summary, ["Domain requestor"])
 
     @patch.multiple(
         User, has_base_portfolio_permission=lambda self: True, has_domains_portfolio_permission=lambda self: True
     )
     def test_portfolio_role_summary_member_domain_manager(self):
         # Test if the user has 'Member' and 'Domain manager' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["Member", "Domain manager"])
+        self.assertEqual(self.user.portfolio_role_summary, ["Domain manager"])
 
     @patch.multiple(User, has_base_portfolio_permission=lambda self: True)
     def test_portfolio_role_summary_member(self):

From 4e0416e514da83748418851d05e64635b712cb9d Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 23:13:14 -0400
Subject: [PATCH 10/69] lint

---
 src/registrar/admin.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index e13353fe6..a5c7a16d3 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -2975,7 +2975,7 @@ class PortfolioAdmin(ListHeaderAdmin):
         Will be used in the after_help_text block."""
         members = [user for user in obj.user.all() if "Admin" not in user.portfolio_role_summary]
         if not members:
-            return ''
+            return ""
 
         member_details = (
             "<table><thead><tr><th>Name</th><th>Title</th><th>Email</th>"

From 875dc1d467ce94d1b49c2629d9f890bcd74cc79f Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 23:31:23 -0400
Subject: [PATCH 11/69] css fixes

---
 src/registrar/assets/sass/_theme/_admin.scss  | 25 +++++++++----------
 src/registrar/templates/admin/analytics.html  | 18 ++++++-------
 .../templates/admin/transfer_user.html        |  6 ++---
 3 files changed, 24 insertions(+), 25 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_admin.scss b/src/registrar/assets/sass/_theme/_admin.scss
index b948e2934..e6d3cf6fc 100644
--- a/src/registrar/assets/sass/_theme/_admin.scss
+++ b/src/registrar/assets/sass/_theme/_admin.scss
@@ -369,7 +369,7 @@ input.admin-confirm-button {
 // This block resolves some of the issues we're seeing on buttons due to css
 // conflicts between DJ and USWDS
 a.button,
-.usa-button {
+.usa-button--dja {
     display: inline-block;
     padding: 10px 15px;
     font-size: 14px;
@@ -380,17 +380,17 @@ a.button,
 }
 .button svg,
 .button span,
-.usa-button svg,
-.usa-button span {
+.usa-button--dja svg,
+.usa-button--dja span {
     vertical-align: middle;
 }
-.usa-button:not(.usa-button--unstyled, .usa-button--outline, .usa-modal__close, .usa-button--secondary) {
+.usa-button--dja:not(.usa-button--unstyled, .usa-button--outline, .usa-modal__close, .usa-button--secondary) {
     background: var(--button-bg);
 }
-.usa-button span {
+.usa-button--dja span {
     font-size: 14px;
 }
-.usa-button:not(.usa-button--unstyled, .usa-button--outline, .usa-modal__close, .usa-button--secondary):hover {
+.usa-button--dja:not(.usa-button--unstyled, .usa-button--outline, .usa-modal__close, .usa-button--secondary):hover {
     background: var(--button-hover-bg);
 }
 a.button:active, a.button:focus {
@@ -399,6 +399,12 @@ a.button:active, a.button:focus {
 .usa-modal {
     font-family: inherit;
 }
+// Targets the DJA buttom with a nested icon
+button .usa-icon,
+.button .usa-icon,
+.button--clipboard .usa-icon {
+    vertical-align: middle;      
+}
 
 .module--custom {
     a {
@@ -491,13 +497,6 @@ address.dja-address-contact-list {
     color: var(--link-fg);
 }
 
-// Targets the DJA buttom with a nested icon
-button .usa-icon,
-.button .usa-icon,
-.button--clipboard .usa-icon {
-    vertical-align: middle;      
-}
-
 .errors span.select2-selection {
     border: 1px solid var(--error-fg) !important;
 }
diff --git a/src/registrar/templates/admin/analytics.html b/src/registrar/templates/admin/analytics.html
index 2729d883d..7c1a09c78 100644
--- a/src/registrar/templates/admin/analytics.html
+++ b/src/registrar/templates/admin/analytics.html
@@ -29,28 +29,28 @@
         <div class="padding-top-2 padding-x-2">
           <ul class="usa-button-group wrapped-button-group">
             <li class="usa-button-group__item">
-                <a href="{% url 'export_data_type' %}" class="usa-button text-no-wrap" role="button">
+                <a href="{% url 'export_data_type' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
                   <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                     <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                   </svg><span class="margin-left-05">All domain metadata</span>
                 </a>
             </li>
             <li class="usa-button-group__item">
-              <a href="{% url 'export_data_full' %}" class="usa-button text-no-wrap" role="button">
+              <a href="{% url 'export_data_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Current full</span>
               </a>
             </li>
             <li class="usa-button-group__item">
-                <a href="{% url 'export_data_federal' %}" class="usa-button text-no-wrap" role="button">
+                <a href="{% url 'export_data_federal' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
                   <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                     <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                   </svg><span class="margin-left-05">Current federal</span>
                 </a>
             </li>
             <li class="usa-button-group__item">
-              <a href="{% url 'export_data_domain_requests_full' %}" class="usa-button text-no-wrap" role="button">
+              <a href="{% url 'export_data_domain_requests_full' %}" class="usa-button usa-button--dja text-no-wrap" role="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">All domain requests metadata</span>
@@ -84,35 +84,35 @@
           </div>
           <ul class="usa-button-group">
             <li class="usa-button-group__item">
-              <button class="usa-button exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_domains_growth' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Domain growth</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="usa-button exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_requests_growth' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Request growth</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="usa-button exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_managed_domains' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Managed domains</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="usa-button exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
+              <button class="usa-button usa-button--dja exportLink" data-export-url="{% url 'export_unmanaged_domains' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
                 </svg><span class="margin-left-05">Unmanaged domains</span>
               </button>
             </li>
             <li class="usa-button-group__item">
-              <button class="usa-button exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
+              <button class="usa-button usa-button--dja exportLink usa-button--secondary" data-export-url="{% url 'analytics' %}" type="button">
                 <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
                   <use xlink:href="{%static 'img/sprite.svg'%}#assessment"></use>
                 </svg><span class="margin-left-05">Update charts</span>
diff --git a/src/registrar/templates/admin/transfer_user.html b/src/registrar/templates/admin/transfer_user.html
index eee1d1140..ad643b2f4 100644
--- a/src/registrar/templates/admin/transfer_user.html
+++ b/src/registrar/templates/admin/transfer_user.html
@@ -48,12 +48,12 @@
                         </option>
                     {% endfor %}
                 </select>
-                <input type="submit" value="Preview" class="usa-button">
+                <input type="submit" value="Preview" class="usa-button usa-button--dja">
             </form>
         </div>
         <div class="desktop:flex-align-center">
             {% if selected_user %}
-                <a class="usa-button" href="#transfer-and-delete" aria-controls="transfer-and-delete" data-open-modal>
+                <a class="usa-button usa-button--dja" href="#transfer-and-delete" aria-controls="transfer-and-delete" data-open-modal>
                     Transfer and delete old user
                 </a>
             {% endif %}
@@ -197,7 +197,7 @@
                                 <form method="POST" action="{% url 'transfer_user' current_user.pk %}">
                                     {% csrf_token %}
                                     <input type="hidden" name="selected_user" value="{{ selected_user.pk }}">
-                                    <input type="submit" class="usa-button" value="Transfer and delete old user">
+                                    <input type="submit" class="usa-button usa-button--dja" value="Transfer and delete old user">
                                 </form>
                             </li>
                         {% endif %}

From 7ba93d05a2bd7a3b76d571d96c2383b8a0238c4e Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 23:50:40 -0400
Subject: [PATCH 12/69] add sample kwarg for url test

---
 src/registrar/tests/test_url_auth.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/registrar/tests/test_url_auth.py b/src/registrar/tests/test_url_auth.py
index 3a045498a..284ec7638 100644
--- a/src/registrar/tests/test_url_auth.py
+++ b/src/registrar/tests/test_url_auth.py
@@ -25,6 +25,7 @@ SAMPLE_KWARGS = {
     "domain": "whitehouse.gov",
     "user_pk": "1",
     "portfolio_id": "1",
+    "user_id": "1",
 }
 
 # Our test suite will ignore some namespaces.

From ec6e5873a4ace4b5e6da09b6f848d13911bf37b8 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 23 Aug 2024 23:56:55 -0400
Subject: [PATCH 13/69] zap exclusion

---
 src/zap.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/zap.conf b/src/zap.conf
index c97897aeb..c25406796 100644
--- a/src/zap.conf
+++ b/src/zap.conf
@@ -72,6 +72,7 @@
 10038	OUTOFSCOPE	http://app:8080/domains/
 10038	OUTOFSCOPE	http://app:8080/organization/
 10038	OUTOFSCOPE	http://app:8080/suborganization/
+10038	OUTOFSCOPE  http://app:8080/transfer/
 # This URL always returns 404, so include it as well.
 10038	OUTOFSCOPE	http://app:8080/todo
 # OIDC isn't configured in the test environment and DEBUG=True so this gives a 500 without CSP headers

From 04157ce404e8087608fdf509e51176b38abca980 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Sat, 24 Aug 2024 00:02:52 -0400
Subject: [PATCH 14/69] zap exclusion

---
 src/zap.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/zap.conf b/src/zap.conf
index c25406796..dd9ae1565 100644
--- a/src/zap.conf
+++ b/src/zap.conf
@@ -72,7 +72,7 @@
 10038	OUTOFSCOPE	http://app:8080/domains/
 10038	OUTOFSCOPE	http://app:8080/organization/
 10038	OUTOFSCOPE	http://app:8080/suborganization/
-10038	OUTOFSCOPE  http://app:8080/transfer/
+10038	OUTOFSCOPE	http://app:8080/transfer/
 # This URL always returns 404, so include it as well.
 10038	OUTOFSCOPE	http://app:8080/todo
 # OIDC isn't configured in the test environment and DEBUG=True so this gives a 500 without CSP headers

From e9895219bbc2146cea975aa55a6c9dd211facc5a Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Mon, 26 Aug 2024 16:47:20 -0400
Subject: [PATCH 15/69] Enhance zip field, change alignment on td

---
 src/registrar/assets/sass/_theme/_tables.scss           | 4 ++++
 src/registrar/templates/domain_org_name_address.html    | 2 +-
 src/registrar/templates/domain_request_org_contact.html | 2 +-
 src/registrar/templates/portfolio_organization.html     | 2 +-
 4 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index e78715da8..88c960e1a 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -1,5 +1,9 @@
 @use "uswds-core" as *;
 
+td {
+  vertical-align: top;
+}
+
 .dotgov-table--stacked {
   td, th {
     padding: units(1) units(2) units(2px) 0;
diff --git a/src/registrar/templates/domain_org_name_address.html b/src/registrar/templates/domain_org_name_address.html
index 1e6176aa0..a7eb02b59 100644
--- a/src/registrar/templates/domain_org_name_address.html
+++ b/src/registrar/templates/domain_org_name_address.html
@@ -42,7 +42,7 @@
 
     {% input_with_errors form.state_territory %}
 
-    {% with add_class="usa-input--small" %}
+    {% with add_class="usa-input--small" sublabel_text="Enter a zip code in the required format, like 12345 or 12345-6789." %}
       {% input_with_errors form.zipcode %}
     {% endwith %}
 
diff --git a/src/registrar/templates/domain_request_org_contact.html b/src/registrar/templates/domain_request_org_contact.html
index f145ee3bf..d4f3c2071 100644
--- a/src/registrar/templates/domain_request_org_contact.html
+++ b/src/registrar/templates/domain_request_org_contact.html
@@ -33,7 +33,7 @@
 
     {% input_with_errors forms.0.state_territory %}
 
-    {% with add_class="usa-input--small" %}
+    {% with add_class="usa-input--small" sublabel_text="Enter a zip code in the required format, like 12345 or 12345-6789." %}
       {% input_with_errors forms.0.zipcode %}
     {% endwith %}
 
diff --git a/src/registrar/templates/portfolio_organization.html b/src/registrar/templates/portfolio_organization.html
index 51adba3d9..7fdce3908 100644
--- a/src/registrar/templates/portfolio_organization.html
+++ b/src/registrar/templates/portfolio_organization.html
@@ -41,7 +41,7 @@
                 {% input_with_errors form.address_line2 %}
                 {% input_with_errors form.city %}
                 {% input_with_errors form.state_territory %}
-                {% with add_class="usa-input--small" %}
+                {% with add_class="usa-input--small" sublabel_text="Enter a zip code in the required format, like 12345 or 12345-6789." %}
                     {% input_with_errors form.zipcode %}
                 {% endwith %}
                 <button type="submit" class="usa-button">

From 7dafc863c0f347edb6f2dda353834e53845eb0c8 Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Mon, 26 Aug 2024 16:14:17 -0500
Subject: [PATCH 16/69] build on the terminal helper a bit

---
 src/registrar/management/commands/update_first_ready.py      | 5 +++--
 src/registrar/management/commands/utility/terminal_helper.py | 4 +++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index aaf04e2a7..4808471ea 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -19,9 +19,10 @@ class Command(BaseCommand, PopulateScriptTemplate):
         record.first_ready = record.created_at.date()
 
         logger.info(
-            f"{TerminalColors.OKCYAN}Updating {record} => first_ready: " f"{record.first_ready}{TerminalColors.OKCYAN}"
+            f"{TerminalColors.OKCYAN}Updating {record} => first_ready: " f"{record.first_ready}{TerminalColors.ENDC}"
         )
     
-    # check if a transition domain object for this domain name exists, and if so whether 
+    # check if a transition domain object for this domain name exists, 
+    # and if so whether its first_ready value matches its created_at date
     def should_update(self, record: Domain) -> bool:
         return TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date()
\ No newline at end of file
diff --git a/src/registrar/management/commands/utility/terminal_helper.py b/src/registrar/management/commands/utility/terminal_helper.py
index 13d58191a..c045a2c25 100644
--- a/src/registrar/management/commands/utility/terminal_helper.py
+++ b/src/registrar/management/commands/utility/terminal_helper.py
@@ -188,7 +188,9 @@ class PopulateScriptTemplate(ABC):
         return f"{TerminalColors.FAIL}" f"Failed to update {record}" f"{TerminalColors.ENDC}"
 
     def should_skip_record(self, record) -> bool:  # noqa
-        """Defines the condition in which we should skip updating a record. Override as needed."""
+        """Defines the condition in which we should skip updating a record. Override as needed.
+        The difference between this and Custom_filter is that records matching these conditions
+        *will* be included in the run but will be skipped (and logged as such)."""
         # By default - don't skip
         return False
 

From f6e10b658522ffa00f3cf4fb86f5b75b47c2afa8 Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Tue, 27 Aug 2024 14:58:04 -0500
Subject: [PATCH 17/69] Add documentation and refactor custom filtering

---
 docs/developer/management_script_helpers.md   |  3 ++-
 docs/operations/data_migration.md             | 27 +++++++++++++++++++
 .../management/commands/clean_tables.py       |  2 +-
 .../commands/extend_expiration_dates.py       |  2 +-
 .../commands/load_organization_data.py        |  4 +--
 .../commands/load_senior_official_table.py    |  2 +-
 .../commands/load_transition_domain.py        |  2 +-
 .../commands/patch_federal_agency_info.py     |  4 +--
 .../commands/populate_first_ready.py          |  2 +-
 .../commands/populate_organization_type.py    |  4 +--
 .../management/commands/update_first_ready.py | 16 +++++++----
 .../commands/utility/terminal_helper.py       | 26 +++++++-----------
 12 files changed, 61 insertions(+), 33 deletions(-)

diff --git a/docs/developer/management_script_helpers.md b/docs/developer/management_script_helpers.md
index 104e4dc13..a43bb16aa 100644
--- a/docs/developer/management_script_helpers.md
+++ b/docs/developer/management_script_helpers.md
@@ -62,4 +62,5 @@ The class provides the following optional configuration variables:
 The class also provides helper methods:
 - `get_class_name`: Returns a display-friendly class name for the terminal prompt
 - `get_failure_message`: Returns the message to display if a record fails to update
-- `should_skip_record`: Defines the condition for skipping a record (by default, no records are skipped)
\ No newline at end of file
+- `should_skip_record`: Defines the condition for skipping a record (by default, no records are skipped)
+- `custom_filter`: Allows for additional filters that cannot be expressed using django queryset field lookups
\ No newline at end of file
diff --git a/docs/operations/data_migration.md b/docs/operations/data_migration.md
index cd748b22d..75164bf9e 100644
--- a/docs/operations/data_migration.md
+++ b/docs/operations/data_migration.md
@@ -816,3 +816,30 @@ Example: `cf ssh getgov-za`
 |   | Parameter                  | Description                                                                        |
 |:-:|:-------------------------- |:-----------------------------------------------------------------------------------|
 | 1 | **federal_cio_csv_path**   | Specifies where the federal CIO csv is                                             |
+
+## Update First Ready Values
+This section outlines how to run the populate_first_ready script
+
+### Running on sandboxes
+
+#### Step 1: Login to CloudFoundry
+```cf login -a api.fr.cloud.gov --sso```
+
+#### Step 2: SSH into your environment
+```cf ssh getgov-{space}```
+
+Example: `cf ssh getgov-za`
+
+#### Step 3: Create a shell instance
+```/tmp/lifecycle/shell```
+
+#### Step 4: Running the script
+```./manage.py update_first_ready --debug```
+
+### Running locally
+```docker-compose exec app ./manage.py update_first_ready --debug```
+
+##### Optional parameters
+|   | Parameter                  | Description                                                                 |
+|:-:|:-------------------------- |:----------------------------------------------------------------------------|
+| 1 | **debug**                  | Increases logging detail. Defaults to False.                                |
diff --git a/src/registrar/management/commands/clean_tables.py b/src/registrar/management/commands/clean_tables.py
index 5d4439d95..66b3e772f 100644
--- a/src/registrar/management/commands/clean_tables.py
+++ b/src/registrar/management/commands/clean_tables.py
@@ -21,7 +21,7 @@ class Command(BaseCommand):
 
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect="""
+            prompt_message="""
             This script will delete all rows from the following tables:
              * Contact
              * Domain
diff --git a/src/registrar/management/commands/extend_expiration_dates.py b/src/registrar/management/commands/extend_expiration_dates.py
index cefc38b9e..ac083da1d 100644
--- a/src/registrar/management/commands/extend_expiration_dates.py
+++ b/src/registrar/management/commands/extend_expiration_dates.py
@@ -130,7 +130,7 @@ class Command(BaseCommand):
         """Asks if the user wants to proceed with this action"""
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Extension Amount==
             Period: {extension_amount} year(s)
 
diff --git a/src/registrar/management/commands/load_organization_data.py b/src/registrar/management/commands/load_organization_data.py
index 122795400..35cc248ee 100644
--- a/src/registrar/management/commands/load_organization_data.py
+++ b/src/registrar/management/commands/load_organization_data.py
@@ -64,7 +64,7 @@ class Command(BaseCommand):
         # Will sys.exit() when prompt is "n"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Master data file==
             domain_additional_filename: {org_args.domain_additional_filename}
 
@@ -84,7 +84,7 @@ class Command(BaseCommand):
         # Will sys.exit() when prompt is "n"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Master data file==
             domain_additional_filename: {org_args.domain_additional_filename}
 
diff --git a/src/registrar/management/commands/load_senior_official_table.py b/src/registrar/management/commands/load_senior_official_table.py
index 43f61d57a..cdbc607bf 100644
--- a/src/registrar/management/commands/load_senior_official_table.py
+++ b/src/registrar/management/commands/load_senior_official_table.py
@@ -27,7 +27,7 @@ class Command(BaseCommand):
 
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Proposed Changes==
             CSV: {federal_cio_csv_path}
 
diff --git a/src/registrar/management/commands/load_transition_domain.py b/src/registrar/management/commands/load_transition_domain.py
index 4132096c8..c2dd66f55 100644
--- a/src/registrar/management/commands/load_transition_domain.py
+++ b/src/registrar/management/commands/load_transition_domain.py
@@ -651,7 +651,7 @@ class Command(BaseCommand):
         title = "Do you wish to load additional data for TransitionDomains?"
         proceed = TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             !!! ENSURE THAT ALL FILENAMES ARE CORRECT BEFORE PROCEEDING
             ==Master data file==
             domain_additional_filename: {domain_additional_filename}
diff --git a/src/registrar/management/commands/patch_federal_agency_info.py b/src/registrar/management/commands/patch_federal_agency_info.py
index b286f1516..51a98ffaa 100644
--- a/src/registrar/management/commands/patch_federal_agency_info.py
+++ b/src/registrar/management/commands/patch_federal_agency_info.py
@@ -91,7 +91,7 @@ class Command(BaseCommand):
         # Code execution will stop here if the user prompts "N"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Proposed Changes==
             Number of DomainInformation objects to change: {len(human_readable_domain_names)}
             The following DomainInformation objects will be modified: {human_readable_domain_names}
@@ -148,7 +148,7 @@ class Command(BaseCommand):
         # Code execution will stop here if the user prompts "N"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==File location==
             current-full.csv filepath: {file_path}
 
diff --git a/src/registrar/management/commands/populate_first_ready.py b/src/registrar/management/commands/populate_first_ready.py
index 9636476c2..04468029a 100644
--- a/src/registrar/management/commands/populate_first_ready.py
+++ b/src/registrar/management/commands/populate_first_ready.py
@@ -31,7 +31,7 @@ class Command(BaseCommand):
         # Code execution will stop here if the user prompts "N"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Proposed Changes==
             Number of Domain objects to change: {len(domains)}
             """,
diff --git a/src/registrar/management/commands/populate_organization_type.py b/src/registrar/management/commands/populate_organization_type.py
index a7dd98b24..60d179cb8 100644
--- a/src/registrar/management/commands/populate_organization_type.py
+++ b/src/registrar/management/commands/populate_organization_type.py
@@ -54,7 +54,7 @@ class Command(BaseCommand):
         # Code execution will stop here if the user prompts "N"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Proposed Changes==
             Number of DomainRequest objects to change: {len(domain_requests)}
 
@@ -72,7 +72,7 @@ class Command(BaseCommand):
         # Code execution will stop here if the user prompts "N"
         TerminalHelper.prompt_for_execution(
             system_exit_on_terminate=True,
-            info_to_inspect=f"""
+            prompt_message=f"""
             ==Proposed Changes==
             Number of DomainInformation objects to change: {len(domain_infos)}
 
diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index 4808471ea..3c7a12928 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -1,5 +1,6 @@
 import logging
 from django.core.management import BaseCommand
+from django.db.models.manager import BaseManager
 from registrar.management.commands.utility.terminal_helper import PopulateScriptTemplate, TerminalColors
 from registrar.models import Domain, TransitionDomain
 
@@ -10,8 +11,8 @@ class Command(BaseCommand, PopulateScriptTemplate):
 
     def handle(self, **kwargs):
         """Loops through each valid Domain object and updates it's first_ready value if it is out of sync"""
-        filter_conditions={"state__in":[Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED]}
-        self.mass_update_records(Domain, filter_conditions, ["first_ready"], verbose=True, custom_filter=self.should_update)
+        filter_conditions={"state__in":[Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED, Domain.State.UNKNOWN]}
+        self.mass_update_records(Domain, filter_conditions, ["first_ready"], verbose=True)
 
     def update_record(self, record: Domain):
         """Defines how we update the first_ready field"""
@@ -23,6 +24,11 @@ class Command(BaseCommand, PopulateScriptTemplate):
         )
     
     # check if a transition domain object for this domain name exists, 
-    # and if so whether its first_ready value matches its created_at date
-    def should_update(self, record: Domain) -> bool:
-        return TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date()
\ No newline at end of file
+    # or if so whether its first_ready value matches its created_at date
+    def custom_filter(self, records: BaseManager[Domain]) -> BaseManager[Domain]:
+        to_include_pks = []
+        for record in records:
+            if  TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date():
+                to_include_pks.append(record.pk)
+        
+        return records.filter(pk__in=to_include_pks)
\ No newline at end of file
diff --git a/src/registrar/management/commands/utility/terminal_helper.py b/src/registrar/management/commands/utility/terminal_helper.py
index c045a2c25..8bb8a5723 100644
--- a/src/registrar/management/commands/utility/terminal_helper.py
+++ b/src/registrar/management/commands/utility/terminal_helper.py
@@ -3,6 +3,7 @@ import sys
 from abc import ABC, abstractmethod
 from django.core.paginator import Paginator
 from django.db.models import Model
+from django.db.models.manager import BaseManager
 from typing import List
 from registrar.utility.enums import LogCode
 
@@ -84,7 +85,7 @@ class PopulateScriptTemplate(ABC):
         """
         raise NotImplementedError
 
-    def mass_update_records(self, object_class: Model, filter_conditions, fields_to_update, debug=True, verbose=False, custom_filter=None):
+    def mass_update_records(self, object_class: Model, filter_conditions, fields_to_update, debug=True, verbose=False):
         """Loops through each valid "object_class" object - specified by filter_conditions - and
         updates fields defined by fields_to_update using update_record.
 
@@ -104,10 +105,6 @@ class PopulateScriptTemplate(ABC):
             verbose: Whether to print a detailed run summary *before* run confirmation. 
                 Default: False.
 
-            custom_filter: function taking in a single record and returning a boolean representing whether
-                the record should be included of the final record set. Used to allow for filters that can't be
-                represented by django queryset field lookups. Applied *after* filter_conditions.
-
         Raises:
             NotImplementedError: If you do not define update_record before using this function.
             TypeError: If custom_filter is not Callable.
@@ -116,16 +113,7 @@ class PopulateScriptTemplate(ABC):
         records = object_class.objects.filter(**filter_conditions)
 
         # apply custom filter
-        if custom_filter:
-            to_exclude_pks = []
-            for record in records:
-                try:
-                    if not custom_filter(record):
-                        to_exclude_pks.append(record.pk)
-                except TypeError as e:
-                    logger.error(f"Error applying custom filter: {e}")
-                    sys.exit()
-            records=records.exclude(pk__in=to_exclude_pks)
+        records=self.custom_filter(records)
 
         readable_class_name = self.get_class_name(object_class)
 
@@ -189,10 +177,16 @@ class PopulateScriptTemplate(ABC):
 
     def should_skip_record(self, record) -> bool:  # noqa
         """Defines the condition in which we should skip updating a record. Override as needed.
-        The difference between this and Custom_filter is that records matching these conditions
+        The difference between this and custom_filter is that records matching these conditions
         *will* be included in the run but will be skipped (and logged as such)."""
         # By default - don't skip
         return False
+    
+    def custom_filter(self, records: BaseManager[Model]) -> BaseManager[Model]:
+        """Override to define filters that can't be represented by django queryset field lookups. 
+        Applied to individual records *after* filter_conditions. True means """
+        return records
+
 
 
 class TerminalHelper:

From febd9566cee185af682fb9aec871b8e246218d52 Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Tue, 27 Aug 2024 15:25:44 -0500
Subject: [PATCH 18/69] linter fixes

---
 .../management/commands/update_first_ready.py      | 14 ++++++++------
 .../management/commands/utility/terminal_helper.py | 14 ++++++--------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index 3c7a12928..632635180 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -4,14 +4,16 @@ from django.db.models.manager import BaseManager
 from registrar.management.commands.utility.terminal_helper import PopulateScriptTemplate, TerminalColors
 from registrar.models import Domain, TransitionDomain
 
+
 logger = logging.getLogger(__name__)
 
+
 class Command(BaseCommand, PopulateScriptTemplate):
     help = "Loops through each domain object and populates the last_status_update and first_submitted_date"
 
     def handle(self, **kwargs):
         """Loops through each valid Domain object and updates it's first_ready value if it is out of sync"""
-        filter_conditions={"state__in":[Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED, Domain.State.UNKNOWN]}
+        filter_conditions = {"state__in": [Domain.State.READY, Domain.State.ON_HOLD, Domain.State.DELETED]}
         self.mass_update_records(Domain, filter_conditions, ["first_ready"], verbose=True)
 
     def update_record(self, record: Domain):
@@ -22,13 +24,13 @@ class Command(BaseCommand, PopulateScriptTemplate):
         logger.info(
             f"{TerminalColors.OKCYAN}Updating {record} => first_ready: " f"{record.first_ready}{TerminalColors.ENDC}"
         )
-    
-    # check if a transition domain object for this domain name exists, 
+
+    # check if a transition domain object for this domain name exists,
     # or if so whether its first_ready value matches its created_at date
     def custom_filter(self, records: BaseManager[Domain]) -> BaseManager[Domain]:
         to_include_pks = []
         for record in records:
-            if  TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date():
+            if TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date(): #noqa
                 to_include_pks.append(record.pk)
-        
-        return records.filter(pk__in=to_include_pks)
\ No newline at end of file
+
+        return records.filter(pk__in=to_include_pks)
diff --git a/src/registrar/management/commands/utility/terminal_helper.py b/src/registrar/management/commands/utility/terminal_helper.py
index 8bb8a5723..450fbd27a 100644
--- a/src/registrar/management/commands/utility/terminal_helper.py
+++ b/src/registrar/management/commands/utility/terminal_helper.py
@@ -99,7 +99,7 @@ class PopulateScriptTemplate(ABC):
             fields_to_update: List of strings specifying which fields to update.
                 (e.g. ["first_ready_date", "last_submitted_date"])
 
-            debug: Whether to log script run summary in debug mode. 
+            debug: Whether to log script run summary in debug mode.
                 Default: True.
 
             verbose: Whether to print a detailed run summary *before* run confirmation. 
@@ -118,13 +118,13 @@ class PopulateScriptTemplate(ABC):
         readable_class_name = self.get_class_name(object_class)
 
         # for use in the execution prompt.
-        proposed_changes=f"""==Proposed Changes==
+        proposed_changes = f"""==Proposed Changes==
             Number of {readable_class_name} objects to change: {len(records)}
             These fields will be updated on each record: {fields_to_update}
             """
-        
+
         if verbose:
-            proposed_changes=f"""{proposed_changes}
+            proposed_changes = f"""{proposed_changes}
             These records will be updated: {list(records.all())}
             """
 
@@ -181,14 +181,12 @@ class PopulateScriptTemplate(ABC):
         *will* be included in the run but will be skipped (and logged as such)."""
         # By default - don't skip
         return False
-    
+
     def custom_filter(self, records: BaseManager[Model]) -> BaseManager[Model]:
-        """Override to define filters that can't be represented by django queryset field lookups. 
+        """Override to define filters that can't be represented by django queryset field lookups.
         Applied to individual records *after* filter_conditions. True means """
         return records
 
-
-
 class TerminalHelper:
     @staticmethod
     def log_script_run_summary(

From 6aa5986441cd491c2eef1dff43a71ee78ffe85e4 Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Wed, 28 Aug 2024 09:31:01 -0500
Subject: [PATCH 19/69] Linter fixes

---
 src/registrar/management/commands/update_first_ready.py  | 5 ++++-
 .../management/commands/utility/terminal_helper.py       | 9 +++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index 632635180..f1ebdd555 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -30,7 +30,10 @@ class Command(BaseCommand, PopulateScriptTemplate):
     def custom_filter(self, records: BaseManager[Domain]) -> BaseManager[Domain]:
         to_include_pks = []
         for record in records:
-            if TransitionDomain.objects.filter(domain_name=record.name).exists() and record.first_ready != record.created_at.date(): #noqa
+            if (
+                TransitionDomain.objects.filter(domain_name=record.name).exists()
+                and record.first_ready != record.created_at.date()
+            ):  # noqa
                 to_include_pks.append(record.pk)
 
         return records.filter(pk__in=to_include_pks)
diff --git a/src/registrar/management/commands/utility/terminal_helper.py b/src/registrar/management/commands/utility/terminal_helper.py
index 450fbd27a..0c7f8ebed 100644
--- a/src/registrar/management/commands/utility/terminal_helper.py
+++ b/src/registrar/management/commands/utility/terminal_helper.py
@@ -93,7 +93,7 @@ class PopulateScriptTemplate(ABC):
             object_class: The Django model class that you want to perform the bulk update on.
                 This should be the actual class, not a string of the class name.
 
-            filter_conditions: dictionary of valid Django Queryset filter conditions 
+            filter_conditions: dictionary of valid Django Queryset filter conditions
                 (e.g. {'verification_type__isnull'=True}).
 
             fields_to_update: List of strings specifying which fields to update.
@@ -102,7 +102,7 @@ class PopulateScriptTemplate(ABC):
             debug: Whether to log script run summary in debug mode.
                 Default: True.
 
-            verbose: Whether to print a detailed run summary *before* run confirmation. 
+            verbose: Whether to print a detailed run summary *before* run confirmation.
                 Default: False.
 
         Raises:
@@ -113,7 +113,7 @@ class PopulateScriptTemplate(ABC):
         records = object_class.objects.filter(**filter_conditions)
 
         # apply custom filter
-        records=self.custom_filter(records)
+        records = self.custom_filter(records)
 
         readable_class_name = self.get_class_name(object_class)
 
@@ -184,9 +184,10 @@ class PopulateScriptTemplate(ABC):
 
     def custom_filter(self, records: BaseManager[Model]) -> BaseManager[Model]:
         """Override to define filters that can't be represented by django queryset field lookups.
-        Applied to individual records *after* filter_conditions. True means """
+        Applied to individual records *after* filter_conditions. True means"""
         return records
 
+
 class TerminalHelper:
     @staticmethod
     def log_script_run_summary(

From 6f8406b4bce44d0e88aefeb022de0e45b8885d73 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 11:36:25 -0400
Subject: [PATCH 20/69] portfolio org title

---
 src/registrar/templates/portfolio_organization.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/portfolio_organization.html b/src/registrar/templates/portfolio_organization.html
index 7fdce3908..d5ecdfa4e 100644
--- a/src/registrar/templates/portfolio_organization.html
+++ b/src/registrar/templates/portfolio_organization.html
@@ -1,7 +1,7 @@
 {% extends 'portfolio_base.html' %}
 {% load static field_helpers%}
 
-{% block title %}Organization mailing address | {{ portfolio.name }} | {% endblock %}
+{% block title %}Organization mailing address | {{ portfolio.name }}{% endblock %}
 
 {% load static %}
 

From 9cd0e15f8ae38f981027b35b1a27a63f8fa4254d Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 12:51:23 -0400
Subject: [PATCH 21/69] wrap suborg in table cell

---
 src/registrar/assets/js/get-gov.js            | 2 +-
 src/registrar/assets/sass/_theme/_tables.scss | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index f3b41eb51..486b084f5 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -1229,7 +1229,7 @@ document.addEventListener('DOMContentLoaded', function() {
             if (!noPortfolioFlag) {
               markupForSuborganizationRow = `
                 <td>
-                    <span class="${suborganization ? 'ellipsis ellipsis--30 vertical-align-middle' : ''}" aria-label="${suborganization}" title="${suborganization}">${suborganization}</span>
+                    <span class="text-wrap" aria-label="${suborganization ? '' : 'None'}">${suborganization}</span>
                 </td>
               `
             }
diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index 88c960e1a..40204bfa6 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -1,6 +1,7 @@
 @use "uswds-core" as *;
 
-td {
+td,
+tr th {
   vertical-align: top;
 }
 

From d72b8f7b3e00ae13d1c4f1a876f286de894cb413 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 12:59:44 -0400
Subject: [PATCH 22/69] active state on org link in main nav

---
 src/registrar/assets/sass/_theme/_tables.scss         | 2 +-
 src/registrar/templates/includes/header_extended.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index 40204bfa6..44a6d135d 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -1,7 +1,7 @@
 @use "uswds-core" as *;
 
 td,
-tr th {
+th {
   vertical-align: top;
 }
 
diff --git a/src/registrar/templates/includes/header_extended.html b/src/registrar/templates/includes/header_extended.html
index 54ceb3a67..1b98235f3 100644
--- a/src/registrar/templates/includes/header_extended.html
+++ b/src/registrar/templates/includes/header_extended.html
@@ -45,7 +45,7 @@
             <li class="usa-nav__primary-item">
                 {% url 'organization' as url %}
                 <!-- Move the padding from the a to the span so that the descenders do not get cut off -->
-                <a href="{{ url }}" class="usa-nav-link padding-y-0">
+                <a href="{{ url }}" class="usa-nav-link padding-y-0 {% if request.path == '/organization/' %} usa-current{% endif %}">
                     <span class="ellipsis ellipsis--23 ellipsis--desktop-50 padding-y-1 desktop:padding-y-2">
                         {{ portfolio.organization_name }}
                     </span>

From 4d0f21e498302e074fd2365e48e4eb8e0e80fe1e Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:01:57 -0400
Subject: [PATCH 23/69] nav tab order

---
 .../templates/includes/header_extended.html   | 46 +++++++++----------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/src/registrar/templates/includes/header_extended.html b/src/registrar/templates/includes/header_extended.html
index 1b98235f3..d00c57e38 100644
--- a/src/registrar/templates/includes/header_extended.html
+++ b/src/registrar/templates/includes/header_extended.html
@@ -12,6 +12,29 @@
         <button type="button" class="usa-nav__close">
             <img src="{%static 'img/usa-icons/close.svg'%}" role="img" alt="Close" />
         </button>
+        <div class="usa-nav__secondary">
+            <ul class="usa-nav__secondary-links">
+                <li class="usa-nav__secondary-item">
+                    {% if user.is_authenticated %}
+                    <span class="ellipsis usa-nav__username">{{ user.email }}</span>
+                </li>
+                {% if has_profile_feature_flag %}
+                <li class="usa-nav__secondary-item">
+                    {% url 'user-profile' as user_profile_url %}
+                    {% url 'finish-user-profile-setup' as finish_setup_url %}
+                    <a class="usa-nav-link {% if path == user_profile_url or path == finish_setup_url %}usa-current{% endif %}" href="{{ user_profile_url }}">
+                        Your profile
+                    </a>
+                </li>
+                {% endif %}
+                <li class="usa-nav__secondary-item">
+                    <a class="usa-nav-link" href="{% url 'logout' %}">Sign out</a>
+                    {% else %}
+                    <a class="usa-nav-link" href="{% url 'login' %}">Sign in</a>
+                    {% endif %}
+                </li>
+            </ul>
+        </div>
         <ul class="usa-nav__primary usa-accordion">
             <li class="usa-nav__primary-item">
                 {% if has_domains_portfolio_permission %}
@@ -52,29 +75,6 @@
                 </a>
             </li>
         </ul>
-        <div class="usa-nav__secondary">
-            <ul class="usa-nav__secondary-links">
-                <li class="usa-nav__secondary-item">
-                    {% if user.is_authenticated %}
-                    <span class="ellipsis usa-nav__username">{{ user.email }}</span>
-                </li>
-                {% if has_profile_feature_flag %}
-                <li class="usa-nav__secondary-item">
-                    {% url 'user-profile' as user_profile_url %}
-                    {% url 'finish-user-profile-setup' as finish_setup_url %}
-                    <a class="usa-nav-link {% if path == user_profile_url or path == finish_setup_url %}usa-current{% endif %}" href="{{ user_profile_url }}">
-                        Your profile
-                    </a>
-                </li>
-                {% endif %}
-                <li class="usa-nav__secondary-item">
-                    <a class="usa-nav-link" href="{% url 'logout' %}">Sign out</a>
-                    {% else %}
-                    <a class="usa-nav-link" href="{% url 'login' %}">Sign in</a>
-                    {% endif %}
-                </li>
-            </ul>
-        </div>
     </div>
     </nav>
     {% endblock %}

From b33d71f7be770deeb2cc91dc813ae5f02ed772a0 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:05:35 -0400
Subject: [PATCH 24/69] fix skip nav on portfolio pages

---
 src/registrar/templates/no_portfolio_domains.html      | 2 ++
 src/registrar/templates/portfolio_base.html            | 2 +-
 src/registrar/templates/portfolio_domains.html         | 2 ++
 src/registrar/templates/portfolio_organization.html    | 2 +-
 src/registrar/templates/portfolio_requests.html        | 2 ++
 src/registrar/templates/portfolio_senior_official.html | 2 +-
 6 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/registrar/templates/no_portfolio_domains.html b/src/registrar/templates/no_portfolio_domains.html
index d9a20b7dd..24612a627 100644
--- a/src/registrar/templates/no_portfolio_domains.html
+++ b/src/registrar/templates/no_portfolio_domains.html
@@ -5,6 +5,7 @@
 {% block title %} Domains | {% endblock %}
 
 {% block portfolio_content %}
+<div id="main-content">
     <h1 id="domains-header">Domains</h1>
     <section class="section--outlined">
         <div class="section--outlined__header margin-bottom-3">
@@ -27,4 +28,5 @@
             {% endif %}
         </div>
     </section>
+</div>
 {% endblock %}
diff --git a/src/registrar/templates/portfolio_base.html b/src/registrar/templates/portfolio_base.html
index 2da33884c..843a34eb9 100644
--- a/src/registrar/templates/portfolio_base.html
+++ b/src/registrar/templates/portfolio_base.html
@@ -4,7 +4,7 @@
   <div id="wrapper" class="dashboard--portfolio">
       {% block content %}
         
-        <main id="main-content" class="grid-container">
+        <main class="grid-container">
             {% if user.is_authenticated %}
             {# the entire logged in page goes here #}
             
diff --git a/src/registrar/templates/portfolio_domains.html b/src/registrar/templates/portfolio_domains.html
index 84bbc1cf6..e54d0e2a8 100644
--- a/src/registrar/templates/portfolio_domains.html
+++ b/src/registrar/templates/portfolio_domains.html
@@ -5,6 +5,8 @@
 {% block title %} Domains | {% endblock %}
 
 {% block portfolio_content %}
+<div id="main-content">
     <h1 id="domains-header">Domains</h1>
     {% include "includes/domains_table.html" with portfolio=portfolio user_domain_count=user_domain_count %}
+</div>
 {% endblock %}
diff --git a/src/registrar/templates/portfolio_organization.html b/src/registrar/templates/portfolio_organization.html
index d5ecdfa4e..4ae035ad4 100644
--- a/src/registrar/templates/portfolio_organization.html
+++ b/src/registrar/templates/portfolio_organization.html
@@ -17,7 +17,7 @@
         {% include 'portfolio_organization_sidebar.html' %}
     </div>
 
-    <div class="tablet:grid-col-9">
+    <div class="tablet:grid-col-9" id="main-content">
 
         <h1>Organization</h1>
 
diff --git a/src/registrar/templates/portfolio_requests.html b/src/registrar/templates/portfolio_requests.html
index 8c698ec83..37d69f174 100644
--- a/src/registrar/templates/portfolio_requests.html
+++ b/src/registrar/templates/portfolio_requests.html
@@ -5,6 +5,7 @@
 {% block title %} Domain requests | {% endblock %}
 
 {% block portfolio_content %}
+<div id="main-content">
     <h1 id="domain-requests-header">Domain requests</h1>
 
     {% comment %}
@@ -20,4 +21,5 @@
     </p>
     
     {% include "includes/domain_requests_table.html" with portfolio=portfolio %}
+</div>
 {% endblock %}
diff --git a/src/registrar/templates/portfolio_senior_official.html b/src/registrar/templates/portfolio_senior_official.html
index 5c47e1645..26a081295 100644
--- a/src/registrar/templates/portfolio_senior_official.html
+++ b/src/registrar/templates/portfolio_senior_official.html
@@ -17,7 +17,7 @@
         {% include 'portfolio_organization_sidebar.html' %}
     </div>
 
-    <div class="tablet:grid-col-9">
+    <div class="tablet:grid-col-9" id="main-content">
         {% include "includes/senior_official.html" with can_edit=False %}
     </div>
 </div>

From 4d28754b63f1e724572cc6ff9a6d598e4b85451f Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:06:50 -0400
Subject: [PATCH 25/69] fix senior official title

---
 src/registrar/templates/portfolio_senior_official.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/portfolio_senior_official.html b/src/registrar/templates/portfolio_senior_official.html
index 26a081295..6793587bd 100644
--- a/src/registrar/templates/portfolio_senior_official.html
+++ b/src/registrar/templates/portfolio_senior_official.html
@@ -1,7 +1,7 @@
 {% extends 'portfolio_base.html' %}
 {% load static field_helpers%}
 
-{% block title %}Senior Official | {{ portfolio.name }} | {% endblock %}
+{% block title %}Senior Official | {{ portfolio.name }}{% endblock %}
 
 {% load static %}
 

From b2ab1495ab5c8ed341f1d51134fa728a8044bb45 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:09:02 -0400
Subject: [PATCH 26/69] fix senior official case

---
 src/registrar/forms/domain.py                          | 2 +-
 src/registrar/templates/includes/senior_official.html  | 2 +-
 src/registrar/templates/portfolio_senior_official.html | 2 +-
 src/registrar/tests/test_api.py                        | 2 +-
 src/registrar/views/utility/api_views.py               | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/registrar/forms/domain.py b/src/registrar/forms/domain.py
index a7a006788..84fcbe973 100644
--- a/src/registrar/forms/domain.py
+++ b/src/registrar/forms/domain.py
@@ -417,7 +417,7 @@ class SeniorOfficialContactForm(ContactForm):
             # This action should be blocked by the UI, as the text fields are readonly.
             # If they get past this point, we forbid it this way.
             # This could be malicious, so lets reserve information for the backend only.
-            raise ValueError("Senior Official cannot be modified for federal or tribal domains.")
+            raise ValueError("Senior official cannot be modified for federal or tribal domains.")
         elif db_so.has_more_than_one_join("information_senior_official"):
             # Handle the case where the domain information object is available and the SO Contact
             # has more than one joined object.
diff --git a/src/registrar/templates/includes/senior_official.html b/src/registrar/templates/includes/senior_official.html
index fda97b6a9..98afa4dec 100644
--- a/src/registrar/templates/includes/senior_official.html
+++ b/src/registrar/templates/includes/senior_official.html
@@ -4,7 +4,7 @@
     {% include "includes/form_errors.html" with form=form %}
 {% endif %}
 
-<h1>Senior Official</h1>
+<h1>Senior official</h1>
 
 <p>
     Your senior official is a person within your organization who can authorize domain requests.
diff --git a/src/registrar/templates/portfolio_senior_official.html b/src/registrar/templates/portfolio_senior_official.html
index 6793587bd..51ef83be5 100644
--- a/src/registrar/templates/portfolio_senior_official.html
+++ b/src/registrar/templates/portfolio_senior_official.html
@@ -1,7 +1,7 @@
 {% extends 'portfolio_base.html' %}
 {% load static field_helpers%}
 
-{% block title %}Senior Official | {{ portfolio.name }}{% endblock %}
+{% block title %}Senior official | {{ portfolio.name }}{% endblock %}
 
 {% load static %}
 
diff --git a/src/registrar/tests/test_api.py b/src/registrar/tests/test_api.py
index 0025bc902..f6a14aad9 100644
--- a/src/registrar/tests/test_api.py
+++ b/src/registrar/tests/test_api.py
@@ -64,4 +64,4 @@ class GetSeniorOfficialJsonTest(TestCase):
         response = self.client.get(self.api_url, {"agency_name": "Non-Federal Agency"})
         self.assertEqual(response.status_code, 404)
         data = response.json()
-        self.assertEqual(data["error"], "Senior Official not found")
+        self.assertEqual(data["error"], "Senior official not found")
diff --git a/src/registrar/views/utility/api_views.py b/src/registrar/views/utility/api_views.py
index 2c9414d1d..1e87e12e5 100644
--- a/src/registrar/views/utility/api_views.py
+++ b/src/registrar/views/utility/api_views.py
@@ -33,4 +33,4 @@ def get_senior_official_from_federal_agency_json(request):
 
         return JsonResponse(so_dict)
     else:
-        return JsonResponse({"error": "Senior Official not found"}, status=404)
+        return JsonResponse({"error": "Senior official not found"}, status=404)

From 539824cfa389675635afbb12c32049085f364e94 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:14:39 -0400
Subject: [PATCH 27/69] Fix double id bug on combobox

---
 src/registrar/templates/django/forms/widgets/combobox.html | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/registrar/templates/django/forms/widgets/combobox.html b/src/registrar/templates/django/forms/widgets/combobox.html
index 107c2e14e..7ff31945b 100644
--- a/src/registrar/templates/django/forms/widgets/combobox.html
+++ b/src/registrar/templates/django/forms/widgets/combobox.html
@@ -7,7 +7,9 @@ for now we just carry the attribute to both the parent element and the select.
 
 <div class="usa-combo-box"     
 {% for name, value in widget.attrs.items %}
-    {{ name }}="{{ value }}"
+    {% if name != 'id' %}
+        {{ name }}="{{ value }}"
+    {% endif %}
 {% endfor %}
 >
     {% include "django/forms/widgets/select.html" %}

From f1b93b729b23942a8b04cab31b46500cc88ed4d8 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:38:31 -0400
Subject: [PATCH 28/69] customize backgrounds on portfolio templates

---
 src/registrar/assets/sass/_theme/_base.scss     | 5 ++++-
 src/registrar/templates/portfolio_base.html     | 8 +++-----
 src/registrar/templates/portfolio_domains.html  | 4 ++++
 src/registrar/templates/portfolio_requests.html | 4 ++++
 4 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_base.scss b/src/registrar/assets/sass/_theme/_base.scss
index 9f8a0cbb6..ec145365a 100644
--- a/src/registrar/assets/sass/_theme/_base.scss
+++ b/src/registrar/assets/sass/_theme/_base.scss
@@ -33,10 +33,13 @@ body {
 }
 
 #wrapper.dashboard--portfolio {
-  background-color: color('gray-1');
   padding-top: units(4)!important;
 }
 
+#wrapper.dashboard--grey-1 {
+  background-color: color('gray-1');
+}
+
 
 .section--outlined {
   background-color: color('white');
diff --git a/src/registrar/templates/portfolio_base.html b/src/registrar/templates/portfolio_base.html
index 843a34eb9..f6b97afbc 100644
--- a/src/registrar/templates/portfolio_base.html
+++ b/src/registrar/templates/portfolio_base.html
@@ -1,8 +1,8 @@
 {% extends "base.html" %}
 
 {% block wrapper %}
-  <div id="wrapper" class="dashboard--portfolio">
-      {% block content %}
+  <div id="wrapper" class="{% block wrapper_class %}dashboard--portfolio{% endblock %}">
+    {% block content %}
         
         <main class="grid-container">
             {% if user.is_authenticated %}
@@ -26,10 +26,8 @@
             {% endif %}
         </main>
 
-      {% endblock %}
-
+      {% endblock content%}
     <div role="complementary">{% block complementary %}{% endblock %}</div>
-
     {% block content_bottom %}{% endblock %}
   </div>
 {% endblock wrapper %}
diff --git a/src/registrar/templates/portfolio_domains.html b/src/registrar/templates/portfolio_domains.html
index e54d0e2a8..51011a1a6 100644
--- a/src/registrar/templates/portfolio_domains.html
+++ b/src/registrar/templates/portfolio_domains.html
@@ -4,6 +4,10 @@
 
 {% block title %} Domains | {% endblock %}
 
+{% block wrapper_class %}
+  {{ block.super }} dashboard--grey-1
+{% endblock %}
+
 {% block portfolio_content %}
 <div id="main-content">
     <h1 id="domains-header">Domains</h1>
diff --git a/src/registrar/templates/portfolio_requests.html b/src/registrar/templates/portfolio_requests.html
index 37d69f174..9f97a25aa 100644
--- a/src/registrar/templates/portfolio_requests.html
+++ b/src/registrar/templates/portfolio_requests.html
@@ -4,6 +4,10 @@
 
 {% block title %} Domain requests | {% endblock %}
 
+{% block wrapper_class %}
+  {{ block.super }} dashboard--grey-1
+{% endblock %}
+
 {% block portfolio_content %}
 <div id="main-content">
     <h1 id="domain-requests-header">Domain requests</h1>

From 0c57dc55e7db1288de21710d75058b1f590c12a5 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 13:43:03 -0400
Subject: [PATCH 29/69] Fix unit test

---
 src/registrar/tests/test_views_domain.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/tests/test_views_domain.py b/src/registrar/tests/test_views_domain.py
index 3a90543a2..fc99adae9 100644
--- a/src/registrar/tests/test_views_domain.py
+++ b/src/registrar/tests/test_views_domain.py
@@ -1128,7 +1128,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
     def test_domain_senior_official(self):
         """Can load domain's senior official page."""
         page = self.client.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
-        self.assertContains(page, "Senior official", count=3)
+        self.assertContains(page, "Senior official", count=4)
 
     @less_console_noise_decorator
     def test_domain_senior_official_content(self):

From 5f21cd9ab89921939c14035d67b4500d1e890747 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 16:20:54 -0400
Subject: [PATCH 30/69] design review tweaks

---
 src/registrar/assets/sass/_theme/_admin.scss  |   4 +
 .../templates/admin/transfer_user.html        | 114 +++++++++---------
 src/registrar/tests/test_admin.py             |   2 +-
 3 files changed, 64 insertions(+), 56 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_admin.scss b/src/registrar/assets/sass/_theme/_admin.scss
index e6d3cf6fc..a91cdef03 100644
--- a/src/registrar/assets/sass/_theme/_admin.scss
+++ b/src/registrar/assets/sass/_theme/_admin.scss
@@ -886,3 +886,7 @@ ul.add-list-reset {
 .transfer-user-selector .select2-selection__placeholder {
     color: #3d4551!important;
 }
+
+.dl-dja dt {
+    font-size: 14px;
+}
diff --git a/src/registrar/templates/admin/transfer_user.html b/src/registrar/templates/admin/transfer_user.html
index ad643b2f4..4e5b4f535 100644
--- a/src/registrar/templates/admin/transfer_user.html
+++ b/src/registrar/templates/admin/transfer_user.html
@@ -48,7 +48,7 @@
                         </option>
                     {% endfor %}
                 </select>
-                <input type="submit" value="Preview" class="usa-button usa-button--dja">
+                <input type="submit" value="Select and preview" class="usa-button usa-button--dja">
             </form>
         </div>
         <div class="desktop:flex-align-center">
@@ -61,64 +61,13 @@
     </div>
 
     <div class="grid-row grid-gap-2">
-        <div class="tablet:grid-col-6 margin-top-2">
-            <div class="module height-full">
-                <h2>User to receive data</h2>
-                <div class="padding-top-2 padding-x-2">
-                    <dl>
-                        <dt>Username:</dt>
-                        <dd>{{ current_user.username }}</dd>
-                        <dt>Created at:</dt>
-                        <dd>{{ current_user.created_at }}</dd>
-                        <dt>Last login:</dt>
-                        <dd>{{ current_user.last_login }}</dd>
-                        <dt>First name:</dt>
-                        <dd>{{ current_user.first_name }}</dd>
-                        <dt>Middle name:</dt>
-                        <dd>{{ current_user.middle_name }}</dd>
-                        <dt>Last name:</dt>
-                        <dd>{{ current_user.last_name }}</dd>
-                        <dt>Title:</dt>
-                        <dd>{{ current_user.title }}</dd>
-                        <dt>Email:</dt>
-                        <dd>{{ current_user.email }}</dd>
-                        <dt>Phone:</dt>
-                        <dd>{{ current_user.phone }}</dd>
-                        <dt>Domains:</dt>
-                        <dd>
-                            {% if current_user_domains %}
-                                <ul>
-                                    {% for domain in current_user_domains %}
-                                        <li>{{ domain }}</li>
-                                    {% endfor %}
-                                </ul>
-                            {% else %}
-                                None
-                            {% endif %}
-                        </dd>
-                        <dt>Domain requests:</dt>
-                        <dd>
-                            {% if current_user_domain_requests %}
-                                <ul>
-                                    {% for request in current_user_domain_requests %}
-                                        <li>{{ request }}</li>
-                                    {% endfor %}
-                                </ul>
-                            {% else %}
-                                None
-                            {% endif %}
-                        </dd>
-                    </dl>
-                </div>
-            </div>
-        </div>
 
         <div class="tablet:grid-col-6 margin-top-2">
             <div class="module height-full">
-                <h2>User to lose data and be deleted</h2>
+                <h2>User to transfer data from</h2>
                 <div class="padding-top-2 padding-x-2">
                     {% if selected_user %}
-                        <dl>
+                        <dl class="dl-dja">
                             <dt>Username:</dt>
                             <dd>{{ selected_user.username }}</dd>
                             <dt>Created at:</dt>
@@ -137,6 +86,7 @@
                             <dd>{{ selected_user.email }}</dd>
                             <dt>Phone:</dt>
                             <dd>{{ selected_user.phone }}</dd>
+                            <h3 class="font-heading-md">Data that will get transferred:</h3>
                             <dt>Domains:</dt>
                             <dd>
                                 {% if selected_user_domains %}
@@ -168,6 +118,60 @@
                 </div>
             </div>
         </div>
+
+        <div class="tablet:grid-col-6 margin-top-2">
+            <div class="module height-full">
+                <h2>User to receive data</h2>
+                <div class="padding-top-2 padding-x-2">
+                    <dl class="dl-dja">
+                        <dt>Username:</dt>
+                        <dd>{{ current_user.username }}</dd>
+                        <dt>Created at:</dt>
+                        <dd>{{ current_user.created_at }}</dd>
+                        <dt>Last login:</dt>
+                        <dd>{{ current_user.last_login }}</dd>
+                        <dt>First name:</dt>
+                        <dd>{{ current_user.first_name }}</dd>
+                        <dt>Middle name:</dt>
+                        <dd>{{ current_user.middle_name }}</dd>
+                        <dt>Last name:</dt>
+                        <dd>{{ current_user.last_name }}</dd>
+                        <dt>Title:</dt>
+                        <dd>{{ current_user.title }}</dd>
+                        <dt>Email:</dt>
+                        <dd>{{ current_user.email }}</dd>
+                        <dt>Phone:</dt>
+                        <dd>{{ current_user.phone }}</dd>
+                        <h3 class="font-heading-md" aria-label="Data that will added to:">&nbsp;</h3>
+                        <dt>Domains:</dt>
+                        <dd>
+                            {% if current_user_domains %}
+                                <ul>
+                                    {% for domain in current_user_domains %}
+                                        <li>{{ domain }}</li>
+                                    {% endfor %}
+                                </ul>
+                            {% else %}
+                                None
+                            {% endif %}
+                        </dd>
+                        <dt>Domain requests:</dt>
+                        <dd>
+                            {% if current_user_domain_requests %}
+                                <ul>
+                                    {% for request in current_user_domain_requests %}
+                                        <li>{{ request }}</li>
+                                    {% endfor %}
+                                </ul>
+                            {% else %}
+                                None
+                            {% endif %}
+                        </dd>
+                    </dl>
+                </div>
+            </div>
+        </div>
+
     </div>
 </div>
 
@@ -184,7 +188,7 @@
                 </h2>
                 <div class="usa-prose">
                     {% if selected_user != logged_in_user %}
-                        <p>But you know what you're doing, right?</p>
+                        <p>This action cannot be undone.</p>
                     {% else %}
                         <p>Don't do it!</p>
                     {% endif %}
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index f051325a6..56fc91c5a 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -2343,4 +2343,4 @@ class TestTransferUser(WebTest):
     def test_transfer_user_modal(self):
         """Assert modal on page"""
         user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
-        self.assertContains(user_transfer_page, "But you know what you're doing, right?")
+        self.assertContains(user_transfer_page, "This action cannot be undone.")

From 0076f252fea821ead22f7032a5a1821485545610 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 16:48:49 -0400
Subject: [PATCH 31/69] fix unit test

---
 src/registrar/tests/test_admin.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 22a2ccea6..d34e81271 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -2119,9 +2119,6 @@ class TestPortfolioAdmin(TestCase):
 
         domain_requests = self.admin.domain_requests(self.portfolio)
         self.assertIn("2 domain requests", domain_requests)
-        self.assertIn("request1.gov", domain_requests)
-        self.assertIn("request2.gov", domain_requests)
-        self.assertIn('<ul class="add-list-reset">', domain_requests)
 
 
 class TestTransferUser(WebTest):

From dfdf5ae5550eb12f2f58c828210ccb0323541f15 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 17:24:40 -0400
Subject: [PATCH 32/69] combobox init js

---
 src/registrar/assets/js/get-gov-admin-extra.js | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 src/registrar/assets/js/get-gov-admin-extra.js

diff --git a/src/registrar/assets/js/get-gov-admin-extra.js b/src/registrar/assets/js/get-gov-admin-extra.js
new file mode 100644
index 000000000..da0288056
--- /dev/null
+++ b/src/registrar/assets/js/get-gov-admin-extra.js
@@ -0,0 +1,14 @@
+// Use Django's jQuery with Select2 to make the user select on the user transfer view a combobox
+(function($) {
+    $(document).ready(function() {
+        if ($) {
+            $("#selected_user").select2({
+                width: 'resolve',
+                placeholder: 'Select a user',
+                allowClear: true
+            });
+        } else {
+            console.error('jQuery is not available');
+        }
+    });
+})(window.jQuery);
\ No newline at end of file

From ed8541e1744a15af365803d459f57fb35eec54c3 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 28 Aug 2024 18:17:44 -0400
Subject: [PATCH 33/69] design tweaks

---
 src/registrar/assets/sass/_theme/_admin.scss     | 14 ++++++++++++++
 src/registrar/templates/admin/transfer_user.html | 11 +++++++----
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_admin.scss b/src/registrar/assets/sass/_theme/_admin.scss
index 88358f704..efb4f1763 100644
--- a/src/registrar/assets/sass/_theme/_admin.scss
+++ b/src/registrar/assets/sass/_theme/_admin.scss
@@ -405,6 +405,20 @@ a.button:active, a.button:focus {
 .usa-modal {
     font-family: inherit;
 }
+input[type=submit].button--dja-toolbar {
+    border: 1px solid var(--border-color);
+    font-size: 0.8125rem;
+    padding: 4px 8px;
+    margin: 0;
+    vertical-align: middle;
+    background: var(--body-bg);
+    box-shadow: 0 -15px 20px -10px rgba(0, 0, 0, 0.15) inset;
+    cursor: pointer;
+    color: var(--body-fg);
+}
+input[type=submit].button--dja-toolbar:focus, input[type=submit].button--dja-toolbar:hover {
+    border-color: var(--body-quiet-color);
+}
 // Targets the DJA buttom with a nested icon
 button .usa-icon,
 .button .usa-icon,
diff --git a/src/registrar/templates/admin/transfer_user.html b/src/registrar/templates/admin/transfer_user.html
index 4e5b4f535..e49565afc 100644
--- a/src/registrar/templates/admin/transfer_user.html
+++ b/src/registrar/templates/admin/transfer_user.html
@@ -48,13 +48,13 @@
                         </option>
                     {% endfor %}
                 </select>
-                <input type="submit" value="Select and preview" class="usa-button usa-button--dja">
+                <input type="submit" value="Select and preview" class="button--dja-toolbar">
             </form>
         </div>
         <div class="desktop:flex-align-center">
             {% if selected_user %}
                 <a class="usa-button usa-button--dja" href="#transfer-and-delete" aria-controls="transfer-and-delete" data-open-modal>
-                    Transfer and delete old user
+                    Transfer and delete user
                 </a>
             {% endif %}
         </div>
@@ -184,10 +184,13 @@
         <div class="usa-modal__content">
             <div class="usa-modal__main">
                 <h2 class="usa-modal__heading" id="transfer-and-delete-heading">
-                    This action will delete {{ selected_user }}
+                    Are you sure you want to transfer data and delete this user?
                 </h2>
                 <div class="usa-prose">
                     {% if selected_user != logged_in_user %}
+                        <p>Username: <b>{{ selected_user.username }}</b><br>
+                        Name: <b>{{ selected_user.first_name }} {{ selected_user.last_name }}</b><br>
+                        Email: <b>{{ selected_user.email }}</b></p>
                         <p>This action cannot be undone.</p>
                     {% else %}
                         <p>Don't do it!</p>
@@ -201,7 +204,7 @@
                                 <form method="POST" action="{% url 'transfer_user' current_user.pk %}">
                                     {% csrf_token %}
                                     <input type="hidden" name="selected_user" value="{{ selected_user.pk }}">
-                                    <input type="submit" class="usa-button usa-button--dja" value="Transfer and delete old user">
+                                    <input type="submit" class="usa-button usa-button--dja" value="Yes, transfer and delete user">
                                 </form>
                             </li>
                         {% endif %}

From fe898f3168ded5cddd858248e292eaa1c34ce5b8 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 00:12:03 -0400
Subject: [PATCH 34/69] Suborg title

---
 src/registrar/templates/domain_suborganization.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/domain_suborganization.html b/src/registrar/templates/domain_suborganization.html
index 42bb766a3..38e67c488 100644
--- a/src/registrar/templates/domain_suborganization.html
+++ b/src/registrar/templates/domain_suborganization.html
@@ -1,7 +1,7 @@
 {% extends "domain_base.html" %}
 {% load static field_helpers%}
 
-{% block title %}Suborganization{% endblock %}
+{% block title %}Suborganization{% if suborganization_name %} | suborganization_name{% endif %}{% endblock %}
 
 {% block domain_content %}
     {# this is right after the messages block in the parent template #}

From 4a9cf02918756f99b351ceb25c40df45dfa0c992 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 12:51:50 -0400
Subject: [PATCH 35/69] title on domain suborg

---
 src/registrar/templates/domain_suborganization.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/domain_suborganization.html b/src/registrar/templates/domain_suborganization.html
index 38e67c488..412878960 100644
--- a/src/registrar/templates/domain_suborganization.html
+++ b/src/registrar/templates/domain_suborganization.html
@@ -1,7 +1,7 @@
 {% extends "domain_base.html" %}
 {% load static field_helpers%}
 
-{% block title %}Suborganization{% if suborganization_name %} | suborganization_name{% endif %}{% endblock %}
+{% block title %}Suborganization{% if suborganization_name %} | suborganization_name{% endif %} | {% endblock %}
 
 {% block domain_content %}
     {# this is right after the messages block in the parent template #}

From 9ff733819f54dab0410794e7c9cc662f31c2fc9c Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 13:11:37 -0400
Subject: [PATCH 36/69] suborg table display tweaks

---
 src/registrar/assets/js/get-gov.js | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index 486b084f5..6141b504b 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -1220,7 +1220,7 @@ document.addEventListener('DOMContentLoaded', function() {
             const expirationDateFormatted = expirationDate ? expirationDate.toLocaleDateString('en-US', options) : '';
             const expirationDateSortValue = expirationDate ? expirationDate.getTime() : '';
             const actionUrl = domain.action_url;
-            const suborganization = domain.suborganization ? domain.suborganization : '';
+            const suborganization = domain.suborganization ? domain.suborganization : '⎯';
 
             const row = document.createElement('tr');
 
@@ -1229,7 +1229,7 @@ document.addEventListener('DOMContentLoaded', function() {
             if (!noPortfolioFlag) {
               markupForSuborganizationRow = `
                 <td>
-                    <span class="text-wrap" aria-label="${suborganization ? '' : 'None'}">${suborganization}</span>
+                    <span class="text-wrap" aria-label="${domain.suborganization ? suborganization : 'No suborganization'}">${suborganization}</span>
                 </td>
               `
             }
@@ -2043,11 +2043,19 @@ document.addEventListener('DOMContentLoaded', function() {
       // Due to the nature of how uswds works, this is slightly hacky.
 
       // Use a MutationObserver to watch for changes in the dropdown list
-      const dropdownList = document.querySelector(`#${input.id}--list`);
+      const dropdownList = comboBox.querySelector(`#${input.id}--list`);
+      // TODO: customize blank value
+      // const isSuborgComboBox = comboBox.querySelector('#id_sub_organization--list');
       const observer = new MutationObserver(function(mutations) {
           mutations.forEach(function(mutation) {
               if (mutation.type === "childList") {
-                  addBlankOption(clearInputButton, dropdownList, initialValue);
+                // TODO: customize blank value
+                // if (isSuborgComboBox) {
+                //   addBlankOption(clearInputButton, dropdownList, initialValue, 'No suborganization');
+                // } else {
+                //   addBlankOption(clearInputButton, dropdownList, initialValue);
+                // }
+                addBlankOption(clearInputButton, dropdownList, initialValue);
               }
           });
       });
@@ -2102,6 +2110,8 @@ document.addEventListener('DOMContentLoaded', function() {
     }
   }
 
+  // TODO: customize blank value
+  // function addBlankOption(clearInputButton, dropdownList, initialValue, customBlank) {
   function addBlankOption(clearInputButton, dropdownList, initialValue) {
     if (dropdownList && !dropdownList.querySelector('[data-value=""]') && !isTyping) {
         const blankOption = document.createElement("li");
@@ -2111,7 +2121,9 @@ document.addEventListener('DOMContentLoaded', function() {
         if (!initialValue){
           blankOption.classList.add("usa-combo-box__list-option--selected")
         }
-        blankOption.textContent = "---------";
+        // TODO: customize blank value
+        // customBlank ? blankOption.textContent = customBlank : blankOption.textContent = "---------";
+        blankOption.textContent = "⎯";
 
         dropdownList.insertBefore(blankOption, dropdownList.firstChild);
         blankOption.addEventListener("click", (e) => {

From 141037170dd8f22d2afa5fe49ba0c66d65d96d31 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:01:14 -0400
Subject: [PATCH 37/69] change border color on org tables

---
 src/registrar/assets/sass/_theme/_base.scss    | 18 +++++++++++-------
 src/registrar/templates/domain_users.html      |  4 ++--
 .../includes/domain_requests_table.html        |  2 +-
 .../templates/includes/domains_table.html      |  8 ++++----
 .../templates/no_portfolio_domains.html        |  4 ++--
 5 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_base.scss b/src/registrar/assets/sass/_theme/_base.scss
index ec145365a..71b1bfa27 100644
--- a/src/registrar/assets/sass/_theme/_base.scss
+++ b/src/registrar/assets/sass/_theme/_base.scss
@@ -41,7 +41,7 @@ body {
 }
 
 
-.section--outlined {
+.section-outlined {
   background-color: color('white');
   border: 1px solid color('base-lighter');
   border-radius: 4px;
@@ -75,9 +75,13 @@ body {
   }
 }
 
-.section--outlined__header--no-portfolio {
-  .section--outlined__search,
-  .section--outlined__utility-button {
+.section-outlined--border-base-light {
+  border: 1px solid color('base-light');
+}
+
+.section-outlined__header--no-portfolio {
+  .section-outlined__search,
+  .section-outlined__utility-button {
     margin-top: units(2);
   }
 
@@ -85,11 +89,11 @@ body {
     display: flex;
     column-gap: units(3);
 
-    .section--outlined__search,
-    .section--outlined__utility-button {
+    .section-outlined__search,
+    .section-outlined__utility-button {
       margin-top: 0;
     }
-    .section--outlined__search {
+    .section-outlined__search {
       flex-grow: 4;
       // Align right
       max-width: 383px;
diff --git a/src/registrar/templates/domain_users.html b/src/registrar/templates/domain_users.html
index 8e4f04fcd..412f4ee73 100644
--- a/src/registrar/templates/domain_users.html
+++ b/src/registrar/templates/domain_users.html
@@ -21,7 +21,7 @@
   </ul>
 
   {% if domain.permissions %}
-  <section class="section--outlined">
+  <section class="section-outlined">
   <table class="usa-table usa-table--borderless usa-table--stacked dotgov-table--stacked dotgov-table">
     <h2 class> Domain managers </h2>
     <caption class="sr-only">Domain managers</caption>
@@ -112,7 +112,7 @@
   </section>
 
   {% if domain.invitations.exists %}
-  <section class="section--outlined">
+  <section class="section-outlined">
   <h2>Invitations</h2>
   <table class="usa-table usa-table--borderless usa-table--stacked dotgov-table--stacked dotgov-table">
       <caption class="sr-only">Domain invitations</caption>
diff --git a/src/registrar/templates/includes/domain_requests_table.html b/src/registrar/templates/includes/domain_requests_table.html
index 487c1cee5..9ad49c50d 100644
--- a/src/registrar/templates/includes/domain_requests_table.html
+++ b/src/registrar/templates/includes/domain_requests_table.html
@@ -3,7 +3,7 @@
 {% comment %} Stores the json endpoint in a url for easier access {% endcomment %}
 {% url 'get_domain_requests_json' as url %}
 <span id="get_domain_requests_json_url" class="display-none">{{url}}</span>
-<section class="section--outlined domain-requests" id="domain-requests">
+<section class="section-outlined domain-requests{% if portfolio %} section-outlined--border-base-light{% endif %}" id="domain-requests">
     <div class="grid-row">
       {% if not has_domain_requests_portfolio_permission %}
         <div class="mobile:grid-col-12 desktop:grid-col-6">
diff --git a/src/registrar/templates/includes/domains_table.html b/src/registrar/templates/includes/domains_table.html
index d3d7317f2..92217530d 100644
--- a/src/registrar/templates/includes/domains_table.html
+++ b/src/registrar/templates/includes/domains_table.html
@@ -5,8 +5,8 @@
 {% comment %} Stores the json endpoint in a url for easier access {% endcomment %}
 {% url 'get_domains_json' as url %}
 <span id="get_domains_json_url" class="display-none">{{url}}</span>
-<section class="section--outlined domains{% if not portfolio %} margin-top-0{% endif %}" id="domains">
-  <div class="section--outlined__header margin-bottom-3 {% if not portfolio %} section--outlined__header--no-portfolio justify-content-space-between{% else %} grid-row{% endif %}">
+<section class="section-outlined domains{% if not portfolio %} margin-top-0{% else %} section-outlined--border-base-light{% endif %}" id="domains">
+  <div class="section-outlined__header margin-bottom-3 {% if not portfolio %} section-outlined__header--no-portfolio justify-content-space-between{% else %} grid-row{% endif %}">
       {% if not portfolio %}
         <h2 id="domains-header" class="display-inline-block">Domains</h2>
         <span class="display-none" id="no-portfolio-js-flag"></span>
@@ -14,7 +14,7 @@
         <!-- Embedding the portfolio value in a data attribute -->
         <span id="portfolio-js-value" data-portfolio="{{ portfolio.id }}"></span>
       {% endif %}
-      <div class="section--outlined__search {% if portfolio %} mobile:grid-col-12 desktop:grid-col-6{% endif %}">
+      <div class="section-outlined__search {% if portfolio %} mobile:grid-col-12 desktop:grid-col-6{% endif %}">
         <section aria-label="Domains search component" class="margin-top-2">
           <form class="usa-search usa-search--small" method="POST" role="search">
             {% csrf_token %}
@@ -43,7 +43,7 @@
         </section>
       </div>
       {% if user_domain_count and user_domain_count > 0 %}
-      <div class="section--outlined__utility-button mobile-lg:padding-right-105 {% if portfolio %} mobile:grid-col-12 desktop:grid-col-6 desktop:padding-left-3{% endif %}">
+      <div class="section-outlined__utility-button mobile-lg:padding-right-105 {% if portfolio %} mobile:grid-col-12 desktop:grid-col-6 desktop:padding-left-3{% endif %}">
         <section aria-label="Domains report component" class="mobile-lg:margin-top-205">
           <a href="{% url 'export_data_type_user' %}" class="usa-button usa-button--unstyled" role="button">
             <svg class="usa-icon usa-icon--big margin-right-neg-4px" aria-hidden="true" focusable="false" role="img" width="24" height="24">
diff --git a/src/registrar/templates/no_portfolio_domains.html b/src/registrar/templates/no_portfolio_domains.html
index 24612a627..e9b0da306 100644
--- a/src/registrar/templates/no_portfolio_domains.html
+++ b/src/registrar/templates/no_portfolio_domains.html
@@ -7,8 +7,8 @@
 {% block portfolio_content %}
 <div id="main-content">
     <h1 id="domains-header">Domains</h1>
-    <section class="section--outlined">
-        <div class="section--outlined__header margin-bottom-3">
+    <section class="section-outlined">
+        <div class="section-outlined__header margin-bottom-3">
             <h2 id="domains-header" class="display-inline-block">You aren’t managing any domains.</h2>
             {% if portfolio_administrators %}
             <p>If you believe you should have access to a domain, reach out to your organization’s administrators.</p>

From b9175f582b862a656af215ecf924d17e853c41c6 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:05:25 -0400
Subject: [PATCH 38/69] Change section-outlined right padding from 16 to 32

---
 src/registrar/assets/sass/_theme/_base.scss | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/assets/sass/_theme/_base.scss b/src/registrar/assets/sass/_theme/_base.scss
index 71b1bfa27..af85fbc93 100644
--- a/src/registrar/assets/sass/_theme/_base.scss
+++ b/src/registrar/assets/sass/_theme/_base.scss
@@ -45,7 +45,7 @@ body {
   background-color: color('white');
   border: 1px solid color('base-lighter');
   border-radius: 4px;
-  padding: 0 units(2) units(3);
+  padding: 0 units(4) units(3) units(2);
   margin-top: units(3);
 
   &.margin-top-0 {

From 52fecffaf74c85130f0b640a2c6681d958b70602 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:10:35 -0400
Subject: [PATCH 39/69] Change table row border color

---
 src/registrar/assets/sass/_theme/_tables.scss | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index 44a6d135d..6c398f02b 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -17,7 +17,7 @@ th {
 
   tr {
     border-bottom: none;
-    border-top: 2px solid color('base-light');
+    border-top: 2px solid color('base-lighter');
     margin-top: units(2);
 
     &:first-child {
@@ -61,7 +61,7 @@ th {
     }
 
     td, th {
-      border-bottom: 1px solid color('base-light');
+      border-bottom: 1px solid color('base-lighter');
     }
 
     thead th {

From 102b435d9ec8a23698fa754882551b8de265cf4f Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:11:25 -0400
Subject: [PATCH 40/69] fix spacing between export and search on domains table

---
 src/registrar/templates/includes/domains_table.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/includes/domains_table.html b/src/registrar/templates/includes/domains_table.html
index 92217530d..f41489be6 100644
--- a/src/registrar/templates/includes/domains_table.html
+++ b/src/registrar/templates/includes/domains_table.html
@@ -44,7 +44,7 @@
       </div>
       {% if user_domain_count and user_domain_count > 0 %}
       <div class="section-outlined__utility-button mobile-lg:padding-right-105 {% if portfolio %} mobile:grid-col-12 desktop:grid-col-6 desktop:padding-left-3{% endif %}">
-        <section aria-label="Domains report component" class="mobile-lg:margin-top-205">
+        <section aria-label="Domains report component" class="margin-top-205">
           <a href="{% url 'export_data_type_user' %}" class="usa-button usa-button--unstyled" role="button">
             <svg class="usa-icon usa-icon--big margin-right-neg-4px" aria-hidden="true" focusable="false" role="img" width="24" height="24">
               <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>

From 9b422af635e4490dad22e7511dc920722b8d45fe Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:20:45 -0400
Subject: [PATCH 41/69] fix layout of sort icons

---
 src/registrar/assets/sass/_theme/_tables.scss | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index 6c398f02b..b456bbae4 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -45,7 +45,7 @@ th {
   width: 100%;
 
   th[data-sortable]:not([aria-sort]) .usa-table__header__button {
-    right: auto;
+    right: 10px;
   }
 
   tbody th {

From c6d1c8a0583cc74de1f0ff957ffa0185e9f5f2d0 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:23:41 -0400
Subject: [PATCH 42/69] fix layout of sort icons

---
 src/registrar/assets/sass/_theme/_tables.scss | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index b456bbae4..ab95e5c48 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -84,4 +84,12 @@ th {
       border-top: none;
     }
   }
+
+  @include at-media(tablet-lg) {
+
+    th[data-sortable]:not([aria-sort]) .usa-table__header__button {
+      right: auto;
+    }
+
+  }
 }

From 87bde33ca225f90e6b1437b6cdea4ab13717fc26 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 18:31:39 -0400
Subject: [PATCH 43/69] cleanup

---
 src/registrar/assets/sass/_theme/_tables.scss | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index ab95e5c48..9543c31d6 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -44,10 +44,6 @@ th {
 .dotgov-table {
   width: 100%;
 
-  th[data-sortable]:not([aria-sort]) .usa-table__header__button {
-    right: 10px;
-  }
-
   tbody th {
     word-break: break-word;
   }
@@ -86,10 +82,8 @@ th {
   }
 
   @include at-media(tablet-lg) {
-
     th[data-sortable]:not([aria-sort]) .usa-table__header__button {
       right: auto;
     }
-
   }
 }

From 8f609fef95bf73935fbfc3ff788eadfaad39e229 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 19:16:53 -0400
Subject: [PATCH 44/69] refactor icons in links and buttons

---
 src/registrar/assets/js/get-gov.js            |  6 +--
 src/registrar/assets/sass/_theme/_base.scss   |  4 ++
 .../assets/sass/_theme/_buttons.scss          | 40 ++++++++++++++-----
 src/registrar/assets/sass/_theme/_links.scss  | 14 -------
 src/registrar/templates/domain_dsdata.html    |  8 ++--
 .../templates/domain_nameservers.html         |  8 ++--
 .../templates/includes/toggleable_input.html  |  4 +-
 7 files changed, 47 insertions(+), 37 deletions(-)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index 6141b504b..2066ca1d0 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -1910,7 +1910,7 @@ document.addEventListener('DOMContentLoaded', function() {
 
         let editableFormGroup = button.parentElement.parentElement.parentElement;
         if (editableFormGroup){
-          let readonlyField = editableFormGroup.querySelector(".input-with-edit-button__readonly-field")
+          let readonlyField = editableFormGroup.querySelector(".toggleable_input__readonly-field")
           let inputField = document.getElementById(`id_${fieldName}`);
           if (!inputField || !readonlyField) {
             return;
@@ -1936,8 +1936,8 @@ document.addEventListener('DOMContentLoaded', function() {
                       // Keep the path before '#' and replace the part after '#' with 'invalid'
                       const newHref = parts[0] + '#error';
                       svg.setAttribute('xlink:href', newHref);
-                      fullNameField.classList.add("input-with-edit-button__error")
-                      label = fullNameField.querySelector(".input-with-edit-button__readonly-field")
+                      fullNameField.classList.add("toggleable_input__error")
+                      label = fullNameField.querySelector(".toggleable_input__readonly-field")
                       label.innerHTML = "Unknown";
                     }
                   }
diff --git a/src/registrar/assets/sass/_theme/_base.scss b/src/registrar/assets/sass/_theme/_base.scss
index af85fbc93..e3ab4d538 100644
--- a/src/registrar/assets/sass/_theme/_base.scss
+++ b/src/registrar/assets/sass/_theme/_base.scss
@@ -199,3 +199,7 @@ abbr[title] {
     max-width: 50ch;
   }
 }
+
+.margin-right-neg-4px {
+  margin-right: -4px;
+}
diff --git a/src/registrar/assets/sass/_theme/_buttons.scss b/src/registrar/assets/sass/_theme/_buttons.scss
index d246366d8..70313c273 100644
--- a/src/registrar/assets/sass/_theme/_buttons.scss
+++ b/src/registrar/assets/sass/_theme/_buttons.scss
@@ -124,10 +124,6 @@ a.withdraw:active {
   background-color: color('error-darker');
 }
 
-.usa-button--unstyled .usa-icon {
-  vertical-align: bottom;
-}
-
 a.usa-button--unstyled:visited {
   color: color('primary');
 }
@@ -162,14 +158,14 @@ a.usa-button--unstyled:visited {
   }
 }
 
-.input-with-edit-button {
+.toggleable_input {
   svg.usa-icon {
     width: 1.5em !important;
     height: 1.5em !important;
     color: #{$dhs-green};
     position: absolute;
   }
-  &.input-with-edit-button__error {
+  &.toggleable_input__error {
     svg.usa-icon {
       color: #{$dhs-red};
     }
@@ -205,12 +201,36 @@ a.usa-button--unstyled:visited {
   }
 }
 
+.dotgov-table a,
+.usa-link--icon,
+.usa-button--with-icon {
+    display: flex;
+    align-items: flex-start;
+    color: color('primary');
+    column-gap: units(.5);
+    align-items: center;
+}
+
+
+.dotgov-table a,
+.usa-link--icon {
+    &:visited {
+        color: color('primary');   
+    }
+}
+
+a .usa-icon,
+.usa-button--with-icon .usa-icon {
+  height: 1.2em;
+  width: 1.2em;
+}
+
+a .usa-icon {
+  margin-top: -.1rem;
+}
+
 .usa-icon.usa-icon--big {
   margin: 0;
   height: 1.5em;
   width: 1.5em;
-}
-
-.margin-right-neg-4px {
-  margin-right: -4px;
 }
\ No newline at end of file
diff --git a/src/registrar/assets/sass/_theme/_links.scss b/src/registrar/assets/sass/_theme/_links.scss
index fd1c3dee9..40d5fdd19 100644
--- a/src/registrar/assets/sass/_theme/_links.scss
+++ b/src/registrar/assets/sass/_theme/_links.scss
@@ -1,18 +1,4 @@
 @use "uswds-core" as *;
 
-.dotgov-table a,
-.usa-link--icon {
-    display: flex;
-    align-items: flex-start;
-    color: color('primary');
 
-    &:visited {
-        color: color('primary');   
-    }
-    .usa-icon {
-        // align icon with x height
-        margin-top: units(0.5);
-        margin-right: units(0.5);
-    }
-}
 
diff --git a/src/registrar/templates/domain_dsdata.html b/src/registrar/templates/domain_dsdata.html
index b62ad7ec5..1dd1e1abe 100644
--- a/src/registrar/templates/domain_dsdata.html
+++ b/src/registrar/templates/domain_dsdata.html
@@ -63,10 +63,10 @@
 
       <div class="grid-row margin-top-1">
         <div class="grid-col">
-          <button type="button" class="usa-button usa-button--unstyled display-block float-right-tablet delete-record">
+          <button type="button" class="usa-button usa-button--unstyled usa-button--with-icon float-right-tablet delete-record">
             <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
               <use xlink:href="{%static 'img/sprite.svg'%}#delete"></use>
-            </svg><span class="margin-left-05">Delete</span>
+            </svg>Delete
           </button>
         </div>
       </div>
@@ -74,10 +74,10 @@
     </fieldset>
     {% endfor %}
 
-    <button type="button" class="usa-button usa-button--unstyled display-block margin-bottom-2" id="add-form">
+    <button type="button" class="usa-button usa-button--unstyled usa-button--with-icon margin-bottom-2" id="add-form">
       <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
         <use xlink:href="{%static 'img/sprite.svg'%}#add_circle"></use>
-      </svg><span class="margin-left-05">Add new record</span>
+      </svg>Add new record
     </button>
 
     <button
diff --git a/src/registrar/templates/domain_nameservers.html b/src/registrar/templates/domain_nameservers.html
index d60be2de8..70eba6bc0 100644
--- a/src/registrar/templates/domain_nameservers.html
+++ b/src/registrar/templates/domain_nameservers.html
@@ -52,20 +52,20 @@
           {% endwith %}
         </div>
         <div class="tablet:grid-col-2">
-          <button type="button" class="usa-button usa-button--unstyled display-block delete-record margin-bottom-075">
+          <button type="button" class="usa-button usa-button--unstyled usa-button--with-icon delete-record margin-bottom-075">
             <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
               <use xlink:href="{%static 'img/sprite.svg'%}#delete"></use>
-            </svg><span class="margin-left-05">Delete</span>
+            </svg>Delete
           </button>
         </div>
       </div>
     </div>
     {% endfor %}
 
-    <button type="button" class="usa-button usa-button--unstyled display-block" id="add-form">
+    <button type="button" class="usa-button usa-button--unstyled usa-button--with-icon" id="add-form">
       <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
         <use xlink:href="{%static 'img/sprite.svg'%}#add_circle"></use>
-      </svg><span class="margin-left-05">Add another name server</span>
+      </svg>Add another name server
     </button>
 
     {% comment %} Work around USWDS' button margins to add some spacing between the submit and the 'add more'
diff --git a/src/registrar/templates/includes/toggleable_input.html b/src/registrar/templates/includes/toggleable_input.html
index 47db97f00..12e961888 100644
--- a/src/registrar/templates/includes/toggleable_input.html
+++ b/src/registrar/templates/includes/toggleable_input.html
@@ -1,6 +1,6 @@
 {% load static field_helpers url_helpers custom_filters %}
 
-<div id="{{field.name}}__edit-button-readonly" class="margin-top-2 margin-bottom-1 input-with-edit-button {% if not field.value and field.field.required %}input-with-edit-button__error{% endif %}">
+<div id="{{field.name}}__edit-button-readonly" class="margin-top-2 margin-bottom-1 toggleable_input {% if not field.value and field.field.required %}toggleable_input__error{% endif %}">
     <svg class="usa-icon" aria-hidden="true" focusable="false" role="img" width="24" height="24">
         {% if field.value or not field.field.required %}
             <use xlink:href="{%static 'img/sprite.svg'%}#check_circle"></use>
@@ -8,7 +8,7 @@
             <use xlink:href="{%static 'img/sprite.svg'%}#error"></use>
         {%endif %}
     </svg>
-    <div class="display-inline padding-left-05 margin-left-3 input-with-edit-button__readonly-field {% if not field.field.required %}text-base{% endif %}">
+    <div class="display-inline padding-left-05 margin-left-3 toggleable_input__readonly-field {% if not field.field.required %}text-base{% endif %}">
         {% if field.name != "phone" %}
         {{ field.value }}
         {% else %}

From 6cc89e7841668531379647592cba682af6dd2243 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 29 Aug 2024 19:23:16 -0400
Subject: [PATCH 45/69] double td padding right on desktop, edit h1 margin on
 org domains

---
 src/registrar/assets/sass/_theme/_tables.scss       | 2 +-
 src/registrar/templates/includes/domains_table.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_tables.scss b/src/registrar/assets/sass/_theme/_tables.scss
index 9543c31d6..d57b51117 100644
--- a/src/registrar/assets/sass/_theme/_tables.scss
+++ b/src/registrar/assets/sass/_theme/_tables.scss
@@ -73,7 +73,7 @@ th {
 
     td, th,
     .usa-tabel th{
-      padding: units(2) units(2) units(2) 0;
+      padding: units(2) units(4) units(2) 0;
     }
 
     thead tr:first-child th:first-child {
diff --git a/src/registrar/templates/includes/domains_table.html b/src/registrar/templates/includes/domains_table.html
index f41489be6..680ff8254 100644
--- a/src/registrar/templates/includes/domains_table.html
+++ b/src/registrar/templates/includes/domains_table.html
@@ -5,7 +5,7 @@
 {% comment %} Stores the json endpoint in a url for easier access {% endcomment %}
 {% url 'get_domains_json' as url %}
 <span id="get_domains_json_url" class="display-none">{{url}}</span>
-<section class="section-outlined domains{% if not portfolio %} margin-top-0{% else %} section-outlined--border-base-light{% endif %}" id="domains">
+<section class="section-outlined domains margin-top-0{% if portfolio %} section-outlined--border-base-light{% endif %}" id="domains">
   <div class="section-outlined__header margin-bottom-3 {% if not portfolio %} section-outlined__header--no-portfolio justify-content-space-between{% else %} grid-row{% endif %}">
       {% if not portfolio %}
         <h2 id="domains-header" class="display-inline-block">Domains</h2>

From 973fa0c30a0371461e7c14854fa5c80d33e0d4e5 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 10:33:24 -0400
Subject: [PATCH 46/69] tweak icon sizes

---
 src/registrar/assets/sass/_theme/_buttons.scss      | 10 +++++-----
 src/registrar/templates/includes/domains_table.html |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_buttons.scss b/src/registrar/assets/sass/_theme/_buttons.scss
index 70313c273..5c88eea10 100644
--- a/src/registrar/assets/sass/_theme/_buttons.scss
+++ b/src/registrar/assets/sass/_theme/_buttons.scss
@@ -221,13 +221,13 @@ a.usa-button--unstyled:visited {
 
 a .usa-icon,
 .usa-button--with-icon .usa-icon {
-  height: 1.2em;
-  width: 1.2em;
+  height: 1.3em;
+  width: 1.3em;
 }
 
-a .usa-icon {
-  margin-top: -.1rem;
-}
+// a .usa-icon {
+//   margin-top: -.1rem;
+// }
 
 .usa-icon.usa-icon--big {
   margin: 0;
diff --git a/src/registrar/templates/includes/domains_table.html b/src/registrar/templates/includes/domains_table.html
index 57eeef8d6..c00409ff8 100644
--- a/src/registrar/templates/includes/domains_table.html
+++ b/src/registrar/templates/includes/domains_table.html
@@ -45,8 +45,8 @@
       {% if user_domain_count and user_domain_count > 0 %}
       <div class="section-outlined__utility-button mobile-lg:padding-right-105 {% if portfolio %} mobile:grid-col-12 desktop:grid-col-6 desktop:padding-left-3{% endif %}">
         <section aria-label="Domains report component" class="margin-top-205">
-          <a href="{% url 'export_data_type_user' %}" class="usa-button usa-button--unstyled" role="button">
-            <svg class="usa-icon usa-icon--big margin-right-neg-4px" aria-hidden="true" focusable="false" role="img" width="24" height="24">
+          <a href="{% url 'export_data_type_user' %}" class="usa-button usa-button--unstyled usa-button--with-icon" role="button">
+            <svg class="usa-icon usa-icon--big" aria-hidden="true" focusable="false" role="img" width="24" height="24">
               <use xlink:href="{%static 'img/sprite.svg'%}#file_download"></use>
             </svg>Export as CSV
           </a>

From f16ceccea7f74d5ff09cb82ffc19e059ed209b97 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 10:33:52 -0400
Subject: [PATCH 47/69] cleanup

---
 src/registrar/assets/sass/_theme/_buttons.scss | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/registrar/assets/sass/_theme/_buttons.scss b/src/registrar/assets/sass/_theme/_buttons.scss
index 5c88eea10..12eee9926 100644
--- a/src/registrar/assets/sass/_theme/_buttons.scss
+++ b/src/registrar/assets/sass/_theme/_buttons.scss
@@ -225,12 +225,8 @@ a .usa-icon,
   width: 1.3em;
 }
 
-// a .usa-icon {
-//   margin-top: -.1rem;
-// }
-
 .usa-icon.usa-icon--big {
   margin: 0;
   height: 1.5em;
   width: 1.5em;
-}
\ No newline at end of file
+}

From 7d2c7a593e14cc8378776991113edcc5bb794cb3 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 10:58:38 -0400
Subject: [PATCH 48/69] cleanup

---
 src/registrar/assets/sass/_theme/_links.scss | 4 ----
 src/registrar/assets/sass/_theme/styles.scss | 1 -
 2 files changed, 5 deletions(-)
 delete mode 100644 src/registrar/assets/sass/_theme/_links.scss

diff --git a/src/registrar/assets/sass/_theme/_links.scss b/src/registrar/assets/sass/_theme/_links.scss
deleted file mode 100644
index 40d5fdd19..000000000
--- a/src/registrar/assets/sass/_theme/_links.scss
+++ /dev/null
@@ -1,4 +0,0 @@
-@use "uswds-core" as *;
-
-
-
diff --git a/src/registrar/assets/sass/_theme/styles.scss b/src/registrar/assets/sass/_theme/styles.scss
index f9df015b4..5616b7509 100644
--- a/src/registrar/assets/sass/_theme/styles.scss
+++ b/src/registrar/assets/sass/_theme/styles.scss
@@ -10,7 +10,6 @@
 --- Custom Styles ---------------------------------*/
 @forward "base";
 @forward "typography";
-@forward "links";
 @forward "lists";
 @forward "accordions";
 @forward "buttons";

From e1e812c5c71c7e814acc2b51744d89eae8d2b47f Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 11:51:24 -0400
Subject: [PATCH 49/69] Fix portfolio transfer

---
 src/registrar/models/user.py                  | 28 +------------
 .../templates/admin/transfer_user.html        | 24 +++++++++++
 src/registrar/tests/test_admin.py             | 41 +++++++++----------
 src/registrar/views/transfer_user.py          | 18 ++++++--
 4 files changed, 60 insertions(+), 51 deletions(-)

diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index a7ea1e14a..9cc1492d1 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -6,7 +6,7 @@ from django.db.models import Q
 from django.http import HttpRequest
 
 from registrar.models import DomainInformation, UserDomainRole
-from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
+from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices
 
 from .domain_invitation import DomainInvitation
 from .portfolio_invitation import PortfolioInvitation
@@ -64,32 +64,6 @@ class User(AbstractUser):
         # after they login.
         FIXTURE_USER = "fixture_user", "Created by fixtures"
 
-    PORTFOLIO_ROLE_PERMISSIONS = {
-        UserPortfolioRoleChoices.ORGANIZATION_ADMIN: [
-            UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            UserPortfolioPermissionChoices.VIEW_MEMBER,
-            UserPortfolioPermissionChoices.EDIT_MEMBER,
-            UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
-            UserPortfolioPermissionChoices.EDIT_REQUESTS,
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            UserPortfolioPermissionChoices.EDIT_PORTFOLIO,
-            # Domain: field specific permissions
-            UserPortfolioPermissionChoices.VIEW_SUBORGANIZATION,
-            UserPortfolioPermissionChoices.EDIT_SUBORGANIZATION,
-        ],
-        UserPortfolioRoleChoices.ORGANIZATION_ADMIN_READ_ONLY: [
-            UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            UserPortfolioPermissionChoices.VIEW_MEMBER,
-            UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            # Domain: field specific permissions
-            UserPortfolioPermissionChoices.VIEW_SUBORGANIZATION,
-        ],
-        UserPortfolioRoleChoices.ORGANIZATION_MEMBER: [
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-        ],
-    }
-
     # #### Constants for choice fields ####
     RESTRICTED = "restricted"
     STATUS_CHOICES = ((RESTRICTED, RESTRICTED),)
diff --git a/src/registrar/templates/admin/transfer_user.html b/src/registrar/templates/admin/transfer_user.html
index e49565afc..9e55346e7 100644
--- a/src/registrar/templates/admin/transfer_user.html
+++ b/src/registrar/templates/admin/transfer_user.html
@@ -111,6 +111,18 @@
                                     None
                                 {% endif %}
                             </dd>
+                            <dt>Portfolios:</dt>
+                            <dd>
+                                {% if selected_user_portfolios %}
+                                    <ul>
+                                        {% for portfolio in selected_user_portfolios %}
+                                            <li>{{ portfolio.portfolio }}</li>
+                                        {% endfor %}
+                                    </ul>
+                                {% else %}
+                                    None
+                                {% endif %}
+                            </dd>
                         </dl>
                     {% else %}
                         <p>No user selected yet.</p>
@@ -167,6 +179,18 @@
                                 None
                             {% endif %}
                         </dd>
+                        <dt>Portfolios:</dt>
+                        <dd>
+                            {% if current_user_portfolios %}
+                                <ul>
+                                    {% for portfolio in current_user_portfolios %}
+                                        <li>{{ portfolio.portfolio }}</li>
+                                    {% endfor %}
+                                </ul>
+                            {% else %}
+                                None
+                            {% endif %}
+                        </dd>
                     </dl>
                 </div>
             </div>
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index d34e81271..0293816fd 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -45,7 +45,8 @@ from registrar.models import (
 from registrar.models.portfolio_invitation import PortfolioInvitation
 from registrar.models.senior_official import SeniorOfficial
 from registrar.models.user_domain_role import UserDomainRole
-from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
+from registrar.models.user_portfolio_permission import UserPortfolioPermission
+from registrar.models.utility.portfolio_helper import UserPortfolioRoleChoices
 from registrar.models.verified_by_staff import VerifiedByStaff
 from .common import (
     MockDbForSharedTests,
@@ -2162,6 +2163,14 @@ class TestTransferUser(WebTest):
         )
         domain_request.status = DomainRequest.DomainRequestStatus.APPROVED
         domain_request.save()
+        portfolio1 = Portfolio.objects.create(organization_name="Hotel California", creator=self.user2)
+        UserPortfolioPermission.objects.create(
+            user=self.user1, portfolio=portfolio1, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
+        portfolio2 = Portfolio.objects.create(organization_name="Tokyo Hotel", creator=self.user2)
+        UserPortfolioPermission.objects.create(
+            user=self.user2, portfolio=portfolio2, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
 
         user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
 
@@ -2171,6 +2180,7 @@ class TestTransferUser(WebTest):
         self.assertContains(user_transfer_page, "Road warrior")
         self.assertContains(user_transfer_page, "wasteland.gov")
         self.assertContains(user_transfer_page, "citadel.gov")
+        self.assertContains(user_transfer_page, "Hotel California")
 
         select_form = user_transfer_page.forms[0]
         select_form["selected_user"] = str(self.user2.id)
@@ -2180,19 +2190,15 @@ class TestTransferUser(WebTest):
         self.assertContains(preview_result, "Furiosa")
         self.assertContains(preview_result, "Jabassa")
         self.assertContains(preview_result, "Imperator")
+        self.assertContains(preview_result, "Tokyo Hotel")
 
     @less_console_noise_decorator
-    def test_transfer_user_transfers_portfolio_roles_and_permissions_and_portfolio_creator(self):
-        """Assert that a portfolio gets copied over
-        NOTE: Should be revised for #2644"""
-        portfolio = Portfolio.objects.create(organization_name="Citadel", creator=self.user2)
-        self.user2.portfolio = portfolio
-        self.user2.portfolio_roles = [UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
-        self.user2.portfolio_additional_permissions = [
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            UserPortfolioPermissionChoices.EDIT_PORTFOLIO,
-        ]
-        self.user2.save()
+    def test_transfer_user_transfers_user_portfolio_roles(self):
+        """Assert that a portfolio user role gets transferred"""
+        portfolio = Portfolio.objects.create(organization_name="Hotel California", creator=self.user2)
+        user_portfolio_permission = UserPortfolioPermission.objects.create(
+            user=self.user2, portfolio=portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
 
         user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
 
@@ -2200,16 +2206,9 @@ class TestTransferUser(WebTest):
         submit_form["selected_user"] = self.user2.pk
         submit_form.submit()
 
-        self.user1.refresh_from_db()
-        portfolio.refresh_from_db()
+        user_portfolio_permission.refresh_from_db()
 
-        self.assertEquals(portfolio.creator, self.user1)
-        self.assertEquals(self.user1.portfolio, portfolio)
-        self.assertEquals(self.user1.portfolio_roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN])
-        self.assertEquals(
-            self.user1.portfolio_additional_permissions,
-            [UserPortfolioPermissionChoices.VIEW_PORTFOLIO, UserPortfolioPermissionChoices.EDIT_PORTFOLIO],
-        )
+        self.assertEquals(user_portfolio_permission.user, self.user1)
 
     @less_console_noise_decorator
     def test_transfer_user_transfers_domain_request_creator_and_investigator(self):
diff --git a/src/registrar/views/transfer_user.py b/src/registrar/views/transfer_user.py
index cc901d5ab..ac51cd20b 100644
--- a/src/registrar/views/transfer_user.py
+++ b/src/registrar/views/transfer_user.py
@@ -11,7 +11,9 @@ from django.contrib.admin import site
 from django.contrib import messages
 
 from registrar.models.user_domain_role import UserDomainRole
+from registrar.models.user_portfolio_permission import UserPortfolioPermission
 from registrar.models.verified_by_staff import VerifiedByStaff
+from typing import Any, List
 
 logger = logging.getLogger(__name__)
 
@@ -26,9 +28,12 @@ class TransferUserView(View):
         (DomainRequest, "investigator"),
         (UserDomainRole, "user"),
         (VerifiedByStaff, "requestor"),
+        (UserPortfolioPermission, "user"),
     ]
 
-    USER_FIELDS = ["portfolio", "portfolio_roles", "portfolio_additional_permissions"]
+    # Future-proofing in case joined fields get added on the user model side
+    # This was tested in the first portfolio model iteration and works
+    USER_FIELDS: List[Any] = []
 
     def get(self, request, user_id):
         """current_user referes to the 'source' user where the button that redirects to this view was clicked.
@@ -51,6 +56,7 @@ class TransferUserView(View):
             **admin_context,  # Include the admin context
             "current_user_domains": self.get_domains(current_user),
             "current_user_domain_requests": self.get_domain_requests(current_user),
+            "current_user_portfolios": self.get_portfolios(current_user),
         }
 
         selected_user_id = request.GET.get("selected_user")
@@ -59,6 +65,7 @@ class TransferUserView(View):
             context["selected_user"] = selected_user
             context["selected_user_domains"] = self.get_domains(selected_user)
             context["selected_user_domain_requests"] = self.get_domain_requests(selected_user)
+            context["selected_user_portfolios"] = self.get_portfolios(selected_user)
 
         return render(request, "admin/transfer_user.html", context)
 
@@ -121,8 +128,6 @@ class TransferUserView(View):
         """
         Transfers portfolio fields from the selected_user to the current_user.
         Logs the changes for each transferred field.
-
-        NOTE: This will be refactored in #2644
         """
         for field in cls.USER_FIELDS:
             field_value = getattr(selected_user, field, None)
@@ -158,3 +163,10 @@ class TransferUserView(View):
         domain_requests = DomainRequest.objects.filter(creator=user)
 
         return domain_requests
+
+    @classmethod
+    def get_portfolios(cls, user):
+        """Get portfolios"""
+        portfolios = UserPortfolioPermission.objects.filter(user=user)
+
+        return portfolios

From c4dc3802a8a7ce6fe3ee0194d9875c24706a0652 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 11:56:24 -0400
Subject: [PATCH 50/69] cleanup

---
 src/registrar/assets/js/get-gov-admin-extra.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/assets/js/get-gov-admin-extra.js b/src/registrar/assets/js/get-gov-admin-extra.js
index da0288056..14059267b 100644
--- a/src/registrar/assets/js/get-gov-admin-extra.js
+++ b/src/registrar/assets/js/get-gov-admin-extra.js
@@ -11,4 +11,4 @@
             console.error('jQuery is not available');
         }
     });
-})(window.jQuery);
\ No newline at end of file
+})(window.jQuery);

From 2af57c8aa8a9a258cf99bbd0c7a004aadf29adea Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 17:21:04 -0400
Subject: [PATCH 51/69] Revise for multiple portfolios

---
 src/registrar/admin.py                        | 35 +++++++++++++++----
 src/registrar/models/user.py                  | 30 ++++++++--------
 .../templates/admin/input_with_clipboard.html |  6 ++--
 src/registrar/tests/test_admin.py             | 25 +++++++++----
 4 files changed, 65 insertions(+), 31 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index e1bf25449..a47617c28 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -10,6 +10,7 @@ from django.http import HttpResponseRedirect
 from django.shortcuts import redirect
 from django_fsm import get_available_FIELD_transitions, FSMField
 from registrar.models.domain_information import DomainInformation
+from registrar.models.user_portfolio_permission import UserPortfolioPermission
 from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
 from waffle.decorators import flag_is_active
 from django.contrib import admin, messages
@@ -3008,6 +3009,28 @@ class PortfolioAdmin(ListHeaderAdmin):
         "creator",
     ]
 
+    def get_admin_users(self, obj):
+        # Filter UserPortfolioPermission objects related to the portfolio
+        admin_permissions = UserPortfolioPermission.objects.filter(
+            portfolio=obj, roles__contains=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
+
+        # Get the user objects associated with these permissions
+        admin_users = User.objects.filter(portfolio_permissions__in=admin_permissions)
+
+        return admin_users
+
+    def get_non_admin_users(self, obj):
+        # Filter UserPortfolioPermission objects related to the portfolio that do NOT have the "Admin" role
+        non_admin_permissions = UserPortfolioPermission.objects.filter(portfolio=obj).exclude(
+            roles__contains=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
+
+        # Get the user objects associated with these permissions
+        non_admin_users = User.objects.filter(portfolio_permissions__in=non_admin_permissions)
+
+        return non_admin_users
+
     def display_admins(self, obj):
         """Get joined users who are Admin, unpack and return an HTML block.
 
@@ -3016,7 +3039,7 @@ class PortfolioAdmin(ListHeaderAdmin):
         data would display in a custom change form without extensive template customization.
 
         Will be used in the field_readonly block"""
-        admins = [user for user in obj.user.all() if "Admin" in user.portfolio_role_summary]
+        admins = self.get_admin_users(obj)
         if not admins:
             return format_html("<p>No admins found.</p>")
 
@@ -3030,13 +3053,13 @@ class PortfolioAdmin(ListHeaderAdmin):
             admin_details += "<div class='admin-icon-group admin-icon-group__clipboard-link'>"
             admin_details += f"<input aria-hidden='true' class='display-none' value='{portfolio_admin.email}'>"
             admin_details += (
-                "<button class='usa-button usa-button--unstyled padding-right-1 usa-button--icon"
+                "<button class='usa-button usa-button--unstyled padding-right-1 usa-button--icon padding-left-05"
                 + "button--clipboard copy-to-clipboard text-no-underline' type='button'>"
             )
             admin_details += "<svg class='usa-icon'>"
             admin_details += "<use aria-hidden='true' xlink:href='/public/img/sprite.svg#content_copy'></use>"
             admin_details += "</svg>"
-            admin_details += "<span class='padding-left-05'>Copy</span>"
+            admin_details += "Copy"
             admin_details += "</button>"
             admin_details += "</div><br>"
             admin_details += f"{portfolio_admin.phone}"
@@ -3053,7 +3076,7 @@ class PortfolioAdmin(ListHeaderAdmin):
         data would display in a custom change form without extensive template customization.
 
         Will be used in the after_help_text block."""
-        members = [user for user in obj.user.all() if "Admin" not in user.portfolio_role_summary]
+        members = self.get_non_admin_users(obj)
         if not members:
             return ""
 
@@ -3073,7 +3096,7 @@ class PortfolioAdmin(ListHeaderAdmin):
             member_details += f"<td>{member.email}</td>"
             member_details += f"<td>{member.phone}</td>"
             member_details += "<td>"
-            for role in member.portfolio_role_summary:
+            for role in member.portfolio_role_summary(obj):
                 member_details += f"<span class='usa-tag'>{role}</span> "
             member_details += "</td></tr>"
         member_details += "</tbody></table>"
@@ -3083,7 +3106,7 @@ class PortfolioAdmin(ListHeaderAdmin):
 
     def display_members_summary(self, obj):
         """Will be passed as context and used in the field_readonly block."""
-        members = [user for user in obj.user.all() if "Admin" not in user.portfolio_role_summary]
+        members = self.get_non_admin_users(obj)
         if not members:
             return {}
 
diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index 2c17b7b27..8d91c2a8c 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -245,39 +245,39 @@ class User(AbstractUser):
             return permission.portfolio
         return None
 
-    def has_edit_requests(self):
-        return self._has_portfolio_permission(UserPortfolioPermissionChoices.EDIT_REQUESTS)
+    def has_edit_requests(self, portfolio):
+        return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.EDIT_REQUESTS)
 
-    @property
-    def portfolio_role_summary(self):
+    def portfolio_role_summary(self, portfolio):
         """Returns a list of roles based on the user's permissions."""
         roles = []
 
         # Define the conditions and their corresponding roles
         conditions_roles = [
-            (self.has_edit_suborganization(), ["Admin"]),
+            (self.has_edit_suborganization(portfolio), ["Admin"]),
             (
-                self.has_view_all_domains_permission()
-                and self.has_domain_requests_portfolio_permission()
-                and self.has_edit_requests(),
+                self.has_view_all_domains_permission(portfolio)
+                and self.has_domain_requests_portfolio_permission(portfolio)
+                and self.has_edit_requests(portfolio),
                 ["View-only admin", "Domain requestor"],
             ),
             (
-                self.has_view_all_domains_permission() and self.has_domain_requests_portfolio_permission(),
+                self.has_view_all_domains_permission(portfolio)
+                and self.has_domain_requests_portfolio_permission(portfolio),
                 ["View-only admin"],
             ),
             (
-                self.has_base_portfolio_permission()
-                and self.has_edit_requests()
-                and self.has_domains_portfolio_permission(),
+                self.has_base_portfolio_permission(portfolio)
+                and self.has_edit_requests(portfolio)
+                and self.has_domains_portfolio_permission(portfolio),
                 ["Domain requestor", "Domain manager"],
             ),
-            (self.has_base_portfolio_permission() and self.has_edit_requests(), ["Domain requestor"]),
+            (self.has_base_portfolio_permission(portfolio) and self.has_edit_requests(portfolio), ["Domain requestor"]),
             (
-                self.has_base_portfolio_permission() and self.has_domains_portfolio_permission(),
+                self.has_base_portfolio_permission(portfolio) and self.has_domains_portfolio_permission(portfolio),
                 ["Domain manager"],
             ),
-            (self.has_base_portfolio_permission(), ["Member"]),
+            (self.has_base_portfolio_permission(portfolio), ["Member"]),
         ]
 
         # Evaluate conditions and add roles
diff --git a/src/registrar/templates/admin/input_with_clipboard.html b/src/registrar/templates/admin/input_with_clipboard.html
index ea2fbce33..5ad2b27f7 100644
--- a/src/registrar/templates/admin/input_with_clipboard.html
+++ b/src/registrar/templates/admin/input_with_clipboard.html
@@ -17,7 +17,7 @@ Template for an input field with a clipboard
             >
                 <use aria-hidden="true" xlink:href="{%static 'img/sprite.svg'%}#content_copy"></use>
             </svg>
-            <span>Copy</span>
+            Copy
         </div>
     </button>
 </div>
@@ -25,7 +25,7 @@ Template for an input field with a clipboard
 <div class="admin-icon-group admin-icon-group__clipboard-link">
     <input aria-hidden="true" class="display-none" value="{{ field.email }}" />
     <button 
-    class="usa-button usa-button--unstyled padding-right-1 usa-button--icon button--clipboard copy-to-clipboard text-no-underline" 
+    class="usa-button usa-button--unstyled padding-right-1 usa-button--icon button--clipboard copy-to-clipboard text-no-underline padding-left-05" 
     type="button"
     >
         <svg 
@@ -33,7 +33,7 @@ Template for an input field with a clipboard
         >
             <use aria-hidden="true" xlink:href="{%static 'img/sprite.svg'%}#content_copy"></use>
         </svg>
-        <span class="padding-left-05">Copy</span>
+        Copy
     </button>
 </div>
 {% endif %}
\ No newline at end of file
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 02cd6e0f6..93e611c1a 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -45,6 +45,7 @@ from registrar.models import (
 from registrar.models.portfolio_invitation import PortfolioInvitation
 from registrar.models.senior_official import SeniorOfficial
 from registrar.models.user_domain_role import UserDomainRole
+from registrar.models.user_portfolio_permission import UserPortfolioPermission
 from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
 from registrar.models.verified_by_staff import VerifiedByStaff
 from .common import (
@@ -2129,8 +2130,10 @@ class TestPortfolioAdmin(TestCase):
             last_name="Meoward",
             title="Captain",
             email="meaoward@gov.gov",
-            portfolio=self.portfolio,
-            portfolio_roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_1, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
         )
 
         admin_user_2 = User.objects.create(
@@ -2139,8 +2142,10 @@ class TestPortfolioAdmin(TestCase):
             last_name="Poopy",
             title="Major",
             email="poopy@gov.gov",
-            portfolio=self.portfolio,
-            portfolio_roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_2, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
         )
 
         admin_user_3 = User.objects.create(
@@ -2149,8 +2154,10 @@ class TestPortfolioAdmin(TestCase):
             last_name="Max",
             title="Road warrior",
             email="madmax@gov.gov",
-            portfolio=self.portfolio,
-            portfolio_roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER],
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_3, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
         )
 
         admin_user_4 = User.objects.create(
@@ -2159,8 +2166,12 @@ class TestPortfolioAdmin(TestCase):
             last_name="Smith",
             title="Program",
             email="thematrix@gov.gov",
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_4,
             portfolio=self.portfolio,
-            portfolio_additional_permissions=[
+            additional_permissions=[
                 UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
                 UserPortfolioPermissionChoices.EDIT_REQUESTS,
             ],

From ef2adaaf288e7a386ce67e2cbec0b5632ed8fcad Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 17:25:56 -0400
Subject: [PATCH 52/69] No additional members found

---
 .../templates/django/admin/includes/detail_table_fieldset.html  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/templates/django/admin/includes/detail_table_fieldset.html b/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
index da2753b4c..7eea7b72b 100644
--- a/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
+++ b/src/registrar/templates/django/admin/includes/detail_table_fieldset.html
@@ -144,7 +144,7 @@ This is using a custom implementation fieldset.html (see admin/fieldset.html)
             {% if display_members_summary %}
                 {{ display_members_summary }}
             {% else %}
-                <p>No members found.</p>
+                <p>No additional members found.</p>
             {% endif %}
         </div>
     {% else %}

From ca1c9bbb0424313425848f5e004b64968994112b Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 17:35:57 -0400
Subject: [PATCH 53/69] fix model tests?

---
 src/registrar/tests/test_models.py | 39 +++++++++++++++---------------
 1 file changed, 20 insertions(+), 19 deletions(-)

diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index 19f9d46c3..3510ff65e 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1308,6 +1308,7 @@ class TestUser(TestCase):
         self.domain, _ = Domain.objects.get_or_create(name="igorville.gov")
         self.user, _ = User.objects.get_or_create(email=self.email)
         self.factory = RequestFactory()
+        self.portfolio = Portfolio.objects.create(organization_name="Test Portfolio", creator=self.user)
 
     def tearDown(self):
         super().tearDown()
@@ -1325,57 +1326,57 @@ class TestUser(TestCase):
     @patch.object(User, "has_edit_suborganization", return_value=True)
     def test_portfolio_role_summary_admin(self, mock_edit_suborganization):
         # Test if the user is recognized as an Admin
-        self.assertEqual(self.user.portfolio_role_summary, ["Admin"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Admin"])
 
     @patch.multiple(
         User,
-        has_view_all_domains_permission=lambda self: True,
-        has_domain_requests_portfolio_permission=lambda self: True,
-        has_edit_requests=lambda self: True,
+        has_view_all_domains_permission=lambda self, portfolio: True,
+        has_domain_requests_portfolio_permission=lambda self, portfolio: True,
+        has_edit_requests=lambda self, portfolio: True,
     )
     def test_portfolio_role_summary_view_only_admin_and_domain_requestor(self):
         # Test if the user has both 'View-only admin' and 'Domain requestor' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["View-only admin", "Domain requestor"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["View-only admin", "Domain requestor"])
 
     @patch.multiple(
         User,
-        has_view_all_domains_permission=lambda self: True,
-        has_domain_requests_portfolio_permission=lambda self: True,
+        has_view_all_domains_permission=lambda self, portfolio: True,
+        has_domain_requests_portfolio_permission=lambda self, portfolio: True,
     )
     def test_portfolio_role_summary_view_only_admin(self):
         # Test if the user is recognized as a View-only admin
-        self.assertEqual(self.user.portfolio_role_summary, ["View-only admin"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["View-only admin"])
 
     @patch.multiple(
         User,
-        has_base_portfolio_permission=lambda self: True,
-        has_edit_requests=lambda self: True,
-        has_domains_portfolio_permission=lambda self: True,
+        has_base_portfolio_permission=lambda self, portfolio: True,
+        has_edit_requests=lambda self, portfolio: True,
+        has_domains_portfolio_permission=lambda self, portfolio: True,
     )
     def test_portfolio_role_summary_member_domain_requestor_domain_manager(self):
         # Test if the user has 'Member', 'Domain requestor', and 'Domain manager' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["Domain requestor", "Domain manager"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain requestor", "Domain manager"])
 
-    @patch.multiple(User, has_base_portfolio_permission=lambda self: True, has_edit_requests=lambda self: True)
+    @patch.multiple(User, has_base_portfolio_permission=lambda self, portfolio: True, has_edit_requests=lambda self, portfolio: True)
     def test_portfolio_role_summary_member_domain_requestor(self):
         # Test if the user has 'Member' and 'Domain requestor' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["Domain requestor"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain requestor"])
 
     @patch.multiple(
-        User, has_base_portfolio_permission=lambda self: True, has_domains_portfolio_permission=lambda self: True
+        User, has_base_portfolio_permission=lambda self, portfolio: True, has_domains_portfolio_permission=lambda self, portfolio: True
     )
     def test_portfolio_role_summary_member_domain_manager(self):
         # Test if the user has 'Member' and 'Domain manager' roles
-        self.assertEqual(self.user.portfolio_role_summary, ["Domain manager"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain manager"])
 
-    @patch.multiple(User, has_base_portfolio_permission=lambda self: True)
+    @patch.multiple(User, has_base_portfolio_permission=lambda self, portfolio: True)
     def test_portfolio_role_summary_member(self):
         # Test if the user is recognized as a Member
-        self.assertEqual(self.user.portfolio_role_summary, ["Member"])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Member"])
 
     def test_portfolio_role_summary_empty(self):
         # Test if the user has no roles
-        self.assertEqual(self.user.portfolio_role_summary, [])
+        self.assertEqual(self.user.portfolio_role_summary(self.portfolio), [])
 
     @less_console_noise_decorator
     def test_check_transition_domains_without_domains_on_login(self):

From e20bfa55678ee12c7ba897ecf52f4c3cad0ad84b Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 17:44:09 -0400
Subject: [PATCH 54/69] lint

---
 src/registrar/admin.py             | 6 +-----
 src/registrar/tests/test_models.py | 8 ++++++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index a47617c28..c8be04715 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -3085,11 +3085,7 @@ class PortfolioAdmin(ListHeaderAdmin):
             + "<th>Phone</th><th>Roles</th></tr></thead><tbody>"
         )
         for member in members:
-            full_name = (
-                f"{member.first_name} {member.middle_name} {member.last_name}"
-                if member.middle_name
-                else f"{member.first_name} {member.last_name}"
-            )
+            full_name = member.get_formatted_name()
             member_details += "<tr>"
             member_details += f"<td>{full_name}</td>"
             member_details += f"<td>{member.title}</td>"
diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index 3510ff65e..7983fed36 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1357,13 +1357,17 @@ class TestUser(TestCase):
         # Test if the user has 'Member', 'Domain requestor', and 'Domain manager' roles
         self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain requestor", "Domain manager"])
 
-    @patch.multiple(User, has_base_portfolio_permission=lambda self, portfolio: True, has_edit_requests=lambda self, portfolio: True)
+    @patch.multiple(
+        User, has_base_portfolio_permission=lambda self, portfolio: True, has_edit_requests=lambda self, portfolio: True
+    )
     def test_portfolio_role_summary_member_domain_requestor(self):
         # Test if the user has 'Member' and 'Domain requestor' roles
         self.assertEqual(self.user.portfolio_role_summary(self.portfolio), ["Domain requestor"])
 
     @patch.multiple(
-        User, has_base_portfolio_permission=lambda self, portfolio: True, has_domains_portfolio_permission=lambda self, portfolio: True
+        User,
+        has_base_portfolio_permission=lambda self, portfolio: True,
+        has_domains_portfolio_permission=lambda self, portfolio: True,
     )
     def test_portfolio_role_summary_member_domain_manager(self):
         # Test if the user has 'Member' and 'Domain manager' roles

From 79fbc5c54026c7516e39347a7d7be50d0f9a6263 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 30 Aug 2024 17:46:05 -0400
Subject: [PATCH 55/69] cleanup

---
 src/registrar/admin.py | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index c8be04715..fd32238f7 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -2943,11 +2943,6 @@ class PortfolioAdmin(ListHeaderAdmin):
         # created_on is the created_at field, and portfolio_type is f"{organization_type} - {federal_type}"
         (None, {"fields": ["portfolio_type", "organization_name", "creator", "created_on", "notes"]}),
         ("Portfolio members", {"fields": ["display_admins", "display_members"]}),
-        # TODO - uncomment in #2521
-        # ("Portfolio members", {
-        #     "classes": ("collapse", "closed"),
-        #     "fields": ["administrators", "members"]}
-        # ),
         ("Portfolio domains", {"fields": ["domains", "domain_requests"]}),
         ("Type of organization", {"fields": ["organization_type", "federal_type"]}),
         (
@@ -2995,15 +2990,14 @@ class PortfolioAdmin(ListHeaderAdmin):
     readonly_fields = [
         # This is the created_at field
         "created_on",
-        # Custom fields such as these must be defined as readonly.
+        # Django admin doesn't allow methods to be directly listed in fieldsets. We can
+        # display the custom methods display_admins amd display_members in the admin form if
+        # they are readonly.
         "federal_type",
         "domains",
         "domain_requests",
         "suborganizations",
         "portfolio_type",
-        # Django admin doesn't allow methods to be directly listed in fieldsets. We can
-        # display the custom methods display_admins amd display_members in the admin form if
-        # they are readonly.
         "display_admins",
         "display_members",
         "creator",

From dd1b92340401a462d22dbd9df2cdf383e3bd3029 Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Wed, 4 Sep 2024 13:41:26 -0400
Subject: [PATCH 56/69] wip

---
 src/registrar/context_processors.py           |  6 ++
 src/registrar/models/user.py                  | 56 ++++++++++---------
 .../models/user_portfolio_permission.py       |  6 +-
 .../models/utility/portfolio_helper.py        |  4 +-
 .../templates/includes/header_extended.html   |  6 +-
 5 files changed, 45 insertions(+), 33 deletions(-)

diff --git a/src/registrar/context_processors.py b/src/registrar/context_processors.py
index ea04dca80..beae164c3 100644
--- a/src/registrar/context_processors.py
+++ b/src/registrar/context_processors.py
@@ -69,6 +69,8 @@ def portfolio_permissions(request):
                 "has_domain_requests_portfolio_permission": request.user.has_domain_requests_portfolio_permission(
                     portfolio
                 ),
+                "has_view_members_portfolio_permission": request.user.has_view_members_portfolio_permission(portfolio),
+                "has_edit_members_portfolio_permission": request.user.has_edit_members_portfolio_permission(portfolio),
                 "has_view_suborganization": request.user.has_view_suborganization(portfolio),
                 "has_edit_suborganization": request.user.has_edit_suborganization(portfolio),
                 "portfolio": portfolio,
@@ -78,6 +80,8 @@ def portfolio_permissions(request):
             "has_base_portfolio_permission": False,
             "has_domains_portfolio_permission": False,
             "has_domain_requests_portfolio_permission": False,
+            "has_view_members_portfolio_permission": False,
+            "has_edit_members_portfolio_permission": False,
             "has_view_suborganization": False,
             "has_edit_suborganization": False,
             "portfolio": None,
@@ -90,6 +94,8 @@ def portfolio_permissions(request):
             "has_base_portfolio_permission": False,
             "has_domains_portfolio_permission": False,
             "has_domain_requests_portfolio_permission": False,
+            "has_view_members_portfolio_permission": False,
+            "has_edit_members_portfolio_permission": False,
             "has_view_suborganization": False,
             "has_edit_suborganization": False,
             "portfolio": None,
diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index a7ea1e14a..d68104566 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -64,32 +64,6 @@ class User(AbstractUser):
         # after they login.
         FIXTURE_USER = "fixture_user", "Created by fixtures"
 
-    PORTFOLIO_ROLE_PERMISSIONS = {
-        UserPortfolioRoleChoices.ORGANIZATION_ADMIN: [
-            UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            UserPortfolioPermissionChoices.VIEW_MEMBER,
-            UserPortfolioPermissionChoices.EDIT_MEMBER,
-            UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
-            UserPortfolioPermissionChoices.EDIT_REQUESTS,
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            UserPortfolioPermissionChoices.EDIT_PORTFOLIO,
-            # Domain: field specific permissions
-            UserPortfolioPermissionChoices.VIEW_SUBORGANIZATION,
-            UserPortfolioPermissionChoices.EDIT_SUBORGANIZATION,
-        ],
-        UserPortfolioRoleChoices.ORGANIZATION_ADMIN_READ_ONLY: [
-            UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            UserPortfolioPermissionChoices.VIEW_MEMBER,
-            UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            # Domain: field specific permissions
-            UserPortfolioPermissionChoices.VIEW_SUBORGANIZATION,
-        ],
-        UserPortfolioRoleChoices.ORGANIZATION_MEMBER: [
-            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-        ],
-    }
-
     # #### Constants for choice fields ####
     RESTRICTED = "restricted"
     STATUS_CHOICES = ((RESTRICTED, RESTRICTED),)
@@ -224,10 +198,40 @@ class User(AbstractUser):
         ) or self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_MANAGED_DOMAINS)
 
     def has_domain_requests_portfolio_permission(self, portfolio):
+        ## BEGIN
+        ## Note code below is to add organization_request feature
+        request = HttpRequest()
+        request.user = self
+        has_organization_requests_flag = flag_is_active(request, "organization_requests")
+        if not has_organization_requests_flag:
+            return False
+        ## END
         return self._has_portfolio_permission(
             portfolio, UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS
         ) or self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_CREATED_REQUESTS)
 
+    def has_view_members_portfolio_permission(self, portfolio):
+        ## BEGIN
+        ## Note code below is to add organization_request feature
+        request = HttpRequest()
+        request.user = self
+        has_organization_members_flag = flag_is_active(request, "organization_members")
+        if not has_organization_members_flag:
+            return False
+        ## END
+        return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_MEMBERS)
+
+    def has_edit_members_portfolio_permission(self, portfolio):
+                ## BEGIN
+        ## Note code below is to add organization_request feature
+        request = HttpRequest()
+        request.user = self
+        has_organization_members_flag = flag_is_active(request, "organization_members")
+        if not has_organization_members_flag:
+            return False
+        ## END
+        return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.EDIT_MEMBERS)
+
     def has_view_all_domains_permission(self, portfolio):
         """Determines if the current user can view all available domains in a given portfolio"""
         return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS)
diff --git a/src/registrar/models/user_portfolio_permission.py b/src/registrar/models/user_portfolio_permission.py
index bf1c3e566..0c2487df3 100644
--- a/src/registrar/models/user_portfolio_permission.py
+++ b/src/registrar/models/user_portfolio_permission.py
@@ -16,8 +16,8 @@ class UserPortfolioPermission(TimeStampedModel):
     PORTFOLIO_ROLE_PERMISSIONS = {
         UserPortfolioRoleChoices.ORGANIZATION_ADMIN: [
             UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            UserPortfolioPermissionChoices.VIEW_MEMBER,
-            UserPortfolioPermissionChoices.EDIT_MEMBER,
+            UserPortfolioPermissionChoices.VIEW_MEMBERS,
+            UserPortfolioPermissionChoices.EDIT_MEMBERS,
             UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
             UserPortfolioPermissionChoices.EDIT_REQUESTS,
             UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
@@ -28,7 +28,7 @@ class UserPortfolioPermission(TimeStampedModel):
         ],
         UserPortfolioRoleChoices.ORGANIZATION_ADMIN_READ_ONLY: [
             UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            UserPortfolioPermissionChoices.VIEW_MEMBER,
+            UserPortfolioPermissionChoices.VIEW_MEMBERS,
             UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
             UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
             # Domain: field specific permissions
diff --git a/src/registrar/models/utility/portfolio_helper.py b/src/registrar/models/utility/portfolio_helper.py
index 86aaa5e16..7afd32603 100644
--- a/src/registrar/models/utility/portfolio_helper.py
+++ b/src/registrar/models/utility/portfolio_helper.py
@@ -17,8 +17,8 @@ class UserPortfolioPermissionChoices(models.TextChoices):
     VIEW_ALL_DOMAINS = "view_all_domains", "View all domains and domain reports"
     VIEW_MANAGED_DOMAINS = "view_managed_domains", "View managed domains"
 
-    VIEW_MEMBER = "view_member", "View members"
-    EDIT_MEMBER = "edit_member", "Create and edit members"
+    VIEW_MEMBERS = "view_members", "View members"
+    EDIT_MEMBERS = "edit_members", "Create and edit members"
 
     VIEW_ALL_REQUESTS = "view_all_requests", "View all requests"
     VIEW_CREATED_REQUESTS = "view_created_requests", "View created requests"
diff --git a/src/registrar/templates/includes/header_extended.html b/src/registrar/templates/includes/header_extended.html
index 54ceb3a67..3bda2c326 100644
--- a/src/registrar/templates/includes/header_extended.html
+++ b/src/registrar/templates/includes/header_extended.html
@@ -23,11 +23,11 @@
                 Domains
                 </a>
             </li>
-            <li class="usa-nav__primary-item">
+            <!-- <li class="usa-nav__primary-item">
                 <a href="#" class="usa-nav-link">
                     Domain groups
                 </a>
-            </li>
+            </li> -->
 
             {% if has_domain_requests_portfolio_permission %}
                 <li class="usa-nav__primary-item">
@@ -37,11 +37,13 @@
                     </a>
                 </li>
             {% endif %}
+            {% if has_view_members_portfolio_permission %}
             <li class="usa-nav__primary-item">
                 <a href="#" class="usa-nav-link">
                     Members
                 </a>
             </li>
+            {% endif %}
             <li class="usa-nav__primary-item">
                 {% url 'organization' as url %}
                 <!-- Move the padding from the a to the span so that the descenders do not get cut off -->

From cba2b27d79122951ee67c680a62021a72beebe48 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 4 Sep 2024 13:44:45 -0400
Subject: [PATCH 57/69] escape dynamic values

---
 src/registrar/admin.py | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index 4b36c9589..e3bd5c9f7 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -3068,11 +3068,11 @@ class PortfolioAdmin(ListHeaderAdmin):
         for portfolio_admin in admins:
             change_url = reverse("admin:registrar_user_change", args=[portfolio_admin.pk])
             admin_details += "<address class='margin-bottom-2 dja-address-contact-list'>"
-            admin_details += f'<a href="{change_url}">{portfolio_admin}</a><br>'
-            admin_details += f"{portfolio_admin.title}<br>"
-            admin_details += f"{portfolio_admin.email}"
+            admin_details += f'<a href="{change_url}">{escape(portfolio_admin)}</a><br>'
+            admin_details += f"{escape(portfolio_admin.title)}<br>"
+            admin_details += f"{escape(portfolio_admin.email)}"
             admin_details += "<div class='admin-icon-group admin-icon-group__clipboard-link'>"
-            admin_details += f"<input aria-hidden='true' class='display-none' value='{portfolio_admin.email}'>"
+            admin_details += f"<input aria-hidden='true' class='display-none' value='{escape(portfolio_admin.email)}'>"
             admin_details += (
                 "<button class='usa-button usa-button--unstyled padding-right-1 usa-button--icon padding-left-05"
                 + "button--clipboard copy-to-clipboard text-no-underline' type='button'>"
@@ -3083,7 +3083,7 @@ class PortfolioAdmin(ListHeaderAdmin):
             admin_details += "Copy"
             admin_details += "</button>"
             admin_details += "</div><br>"
-            admin_details += f"{portfolio_admin.phone}"
+            admin_details += f"{escape(portfolio_admin.phone)}"
             admin_details += "</address>"
         return format_html(admin_details)
 
@@ -3108,13 +3108,13 @@ class PortfolioAdmin(ListHeaderAdmin):
         for member in members:
             full_name = member.get_formatted_name()
             member_details += "<tr>"
-            member_details += f"<td>{full_name}</td>"
-            member_details += f"<td>{member.title}</td>"
-            member_details += f"<td>{member.email}</td>"
-            member_details += f"<td>{member.phone}</td>"
+            member_details += f"<td>{escape(full_name)}</td>"
+            member_details += f"<td>{escape(member.title)}</td>"
+            member_details += f"<td>{escape(member.email)}</td>"
+            member_details += f"<td>{escape(member.phone)}</td>"
             member_details += "<td>"
             for role in member.portfolio_role_summary(obj):
-                member_details += f"<span class='usa-tag'>{role}</span> "
+                member_details += f"<span class='usa-tag'>{escape(role)}</span> "
             member_details += "</td></tr>"
         member_details += "</tbody></table>"
         return format_html(member_details)

From 39e6cb89330ed2a3e43c7c4ed9cdf797ef9179bd Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 4 Sep 2024 11:50:44 -0600
Subject: [PATCH 58/69] Add members

---
 src/registrar/views/utility/__init__.py         |  1 +
 src/registrar/views/utility/mixins.py           | 17 +++++++++++++++++
 src/registrar/views/utility/permission_views.py |  9 +++++++++
 3 files changed, 27 insertions(+)

diff --git a/src/registrar/views/utility/__init__.py b/src/registrar/views/utility/__init__.py
index 7219f4358..7e4e19085 100644
--- a/src/registrar/views/utility/__init__.py
+++ b/src/registrar/views/utility/__init__.py
@@ -7,5 +7,6 @@ from .permission_views import (
     DomainRequestPermissionWithdrawView,
     DomainInvitationPermissionDeleteView,
     DomainRequestWizardPermissionView,
+    PortfolioMembersPermission,
 )
 from .api_views import get_senior_official_from_federal_agency_json
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 6f0745f41..190d80981 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -454,3 +454,20 @@ class PortfolioDomainRequestsPermission(PortfolioBasePermission):
             return False
 
         return super().has_permission()
+
+
+class PortfolioMembersPermission(PortfolioBasePermission):
+    """Permission mixin that allows access to portfolio members pages if user
+    has access, otherwise 403"""
+
+    def has_permission(self):
+        """Check if this user has access to members for this portfolio.
+
+        The user is in self.request.user and the portfolio can be looked
+        up from the portfolio's primary key in self.kwargs["pk"]"""
+
+        portfolio = self.request.session.get("portfolio")
+        if not self.request.user.has_view_members(portfolio):
+            return False
+
+        return super().has_permission()
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index 0ff7d1676..734a6dbfe 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -18,6 +18,7 @@ from .mixins import (
     UserDeleteDomainRolePermission,
     UserProfilePermission,
     PortfolioBasePermission,
+    PortfolioMembersPermission,
 )
 import logging
 
@@ -229,3 +230,11 @@ class PortfolioDomainRequestsPermissionView(PortfolioDomainRequestsPermission, P
     This abstract view cannot be instantiated. Actual views must specify
     `template_name`.
     """
+
+
+class PortfolioMembersPermissionView(PortfolioMembersPermission, PortfolioBasePermissionView, abc.ABC):
+    """Abstract base view for portfolio domain request views that enforces permissions.
+
+    This abstract view cannot be instantiated. Actual views must specify
+    `template_name`.
+    """
\ No newline at end of file

From dbe438b6dcf4c0208a71da57e2060e85b6c2072e Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 4 Sep 2024 11:52:02 -0600
Subject: [PATCH 59/69] Update context_processors.py

---
 src/registrar/context_processors.py | 35 +++++++++++------------------
 1 file changed, 13 insertions(+), 22 deletions(-)

diff --git a/src/registrar/context_processors.py b/src/registrar/context_processors.py
index beae164c3..2ac22b2e0 100644
--- a/src/registrar/context_processors.py
+++ b/src/registrar/context_processors.py
@@ -60,6 +60,17 @@ def add_has_profile_feature_flag_to_context(request):
 
 def portfolio_permissions(request):
     """Make portfolio permissions for the request user available in global context"""
+    context = {
+        "has_base_portfolio_permission": False,
+        "has_domains_portfolio_permission": False,
+        "has_domain_requests_portfolio_permission": False,
+        "has_view_members_portfolio_permission": False,
+        "has_edit_members_portfolio_permission": False,
+        "has_view_suborganization": False,
+        "has_edit_suborganization": False,
+        "portfolio": None,
+        "has_organization_feature_flag": False,
+    }
     try:
         portfolio = request.session.get("portfolio")
         if portfolio:
@@ -76,28 +87,8 @@ def portfolio_permissions(request):
                 "portfolio": portfolio,
                 "has_organization_feature_flag": True,
             }
-        return {
-            "has_base_portfolio_permission": False,
-            "has_domains_portfolio_permission": False,
-            "has_domain_requests_portfolio_permission": False,
-            "has_view_members_portfolio_permission": False,
-            "has_edit_members_portfolio_permission": False,
-            "has_view_suborganization": False,
-            "has_edit_suborganization": False,
-            "portfolio": None,
-            "has_organization_feature_flag": False,
-        }
+        return context
 
     except AttributeError:
         # Handles cases where request.user might not exist
-        return {
-            "has_base_portfolio_permission": False,
-            "has_domains_portfolio_permission": False,
-            "has_domain_requests_portfolio_permission": False,
-            "has_view_members_portfolio_permission": False,
-            "has_edit_members_portfolio_permission": False,
-            "has_view_suborganization": False,
-            "has_edit_suborganization": False,
-            "portfolio": None,
-            "has_organization_feature_flag": False,
-        }
+        return context

From d802b51dc47d5abeb854dd111bb70af3e28798b2 Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Wed, 4 Sep 2024 14:38:58 -0400
Subject: [PATCH 60/69] unit tests and lint

---
 src/registrar/models/user.py                  | 20 ++--
 src/registrar/tests/test_views_portfolio.py   | 98 +++++++++++++++++++
 .../views/utility/permission_views.py         |  2 +-
 3 files changed, 109 insertions(+), 11 deletions(-)

diff --git a/src/registrar/models/user.py b/src/registrar/models/user.py
index d68104566..4b4659094 100644
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@@ -6,7 +6,7 @@ from django.db.models import Q
 from django.http import HttpRequest
 
 from registrar.models import DomainInformation, UserDomainRole
-from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
+from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices
 
 from .domain_invitation import DomainInvitation
 from .portfolio_invitation import PortfolioInvitation
@@ -198,38 +198,38 @@ class User(AbstractUser):
         ) or self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_MANAGED_DOMAINS)
 
     def has_domain_requests_portfolio_permission(self, portfolio):
-        ## BEGIN
-        ## Note code below is to add organization_request feature
+        # BEGIN
+        # Note code below is to add organization_request feature
         request = HttpRequest()
         request.user = self
         has_organization_requests_flag = flag_is_active(request, "organization_requests")
         if not has_organization_requests_flag:
             return False
-        ## END
+        # END
         return self._has_portfolio_permission(
             portfolio, UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS
         ) or self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_CREATED_REQUESTS)
 
     def has_view_members_portfolio_permission(self, portfolio):
-        ## BEGIN
-        ## Note code below is to add organization_request feature
+        # BEGIN
+        # Note code below is to add organization_request feature
         request = HttpRequest()
         request.user = self
         has_organization_members_flag = flag_is_active(request, "organization_members")
         if not has_organization_members_flag:
             return False
-        ## END
+        # END
         return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.VIEW_MEMBERS)
 
     def has_edit_members_portfolio_permission(self, portfolio):
-                ## BEGIN
-        ## Note code below is to add organization_request feature
+        # BEGIN
+        # Note code below is to add organization_request feature
         request = HttpRequest()
         request.user = self
         has_organization_members_flag = flag_is_active(request, "organization_members")
         if not has_organization_members_flag:
             return False
-        ## END
+        # END
         return self._has_portfolio_permission(portfolio, UserPortfolioPermissionChoices.EDIT_MEMBERS)
 
     def has_view_all_domains_permission(self, portfolio):
diff --git a/src/registrar/tests/test_views_portfolio.py b/src/registrar/tests/test_views_portfolio.py
index c5d1a9830..807c66cf7 100644
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@@ -230,6 +230,7 @@ class TestPortfolio(WebTest):
             self.assertContains(response, 'for="id_city"')
 
     @less_console_noise_decorator
+    @override_flag("organization_requests", active=True)
     def test_accessible_pages_when_user_does_not_have_permission(self):
         """Tests which pages are accessible when user does not have portfolio permissions"""
         self.app.set_user(self.user.username)
@@ -280,6 +281,7 @@ class TestPortfolio(WebTest):
             self.assertEquals(domain_request_page.status_code, 403)
 
     @less_console_noise_decorator
+    @override_flag("organization_requests", active=True)
     def test_accessible_pages_when_user_does_not_have_role(self):
         """Test that admin / memmber roles are associated with the right access"""
         self.app.set_user(self.user.username)
@@ -532,3 +534,99 @@ class TestPortfolio(WebTest):
         self.assertEqual(response.status_code, 200)
         self.assertContains(response, "Domain name")
         permission.delete()
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_requests", active=False)
+    def test_organization_requests_waffle_flag_off_hides_nav_link_and_restricts_permission(self):
+        """Setting the organization_requests waffle off hides the nav link and restricts access to the requests page"""
+        self.app.set_user(self.user.username)
+
+        UserPortfolioPermission.objects.get_or_create(
+            user=self.user,
+            portfolio=self.portfolio,
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.VIEW_CREATED_REQUESTS,
+                UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+            ],
+        )
+
+        home = self.app.get(reverse("home")).follow()
+
+        self.assertContains(home, "Hotel California")
+        self.assertNotContains(home, "Domain requests")
+
+        domain_requests = self.app.get(reverse("domain-requests"), expect_errors=True)
+        self.assertEqual(domain_requests.status_code, 403)
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_requests", active=True)
+    def test_organization_requests_waffle_flag_on_shows_nav_link_and_allows_permission(self):
+        """Setting the organization_requests waffle on shows the nav link and allows access to the requests page"""
+        self.app.set_user(self.user.username)
+
+        UserPortfolioPermission.objects.get_or_create(
+            user=self.user,
+            portfolio=self.portfolio,
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.VIEW_CREATED_REQUESTS,
+                UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+            ],
+        )
+
+        home = self.app.get(reverse("home")).follow()
+
+        self.assertContains(home, "Hotel California")
+        self.assertContains(home, "Domain requests")
+
+        domain_requests = self.app.get(reverse("domain-requests"))
+        self.assertEqual(domain_requests.status_code, 200)
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_members", active=False)
+    def test_organization_members_waffle_flag_off_hides_nav_link(self):
+        """Setting the organization_members waffle off hides the nav link"""
+        self.app.set_user(self.user.username)
+
+        UserPortfolioPermission.objects.get_or_create(
+            user=self.user,
+            portfolio=self.portfolio,
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.VIEW_CREATED_REQUESTS,
+                UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+            ],
+        )
+
+        home = self.app.get(reverse("home")).follow()
+
+        self.assertContains(home, "Hotel California")
+        self.assertNotContains(home, "Members")
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_members", active=True)
+    def test_organization_members_waffle_flag_on_shows_nav_link(self):
+        """Setting the organization_members waffle on shows the nav link"""
+        self.app.set_user(self.user.username)
+
+        UserPortfolioPermission.objects.get_or_create(
+            user=self.user,
+            portfolio=self.portfolio,
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.VIEW_MEMBERS,
+            ],
+        )
+
+        home = self.app.get(reverse("home")).follow()
+
+        self.assertContains(home, "Hotel California")
+        self.assertContains(home, "Members")
diff --git a/src/registrar/views/utility/permission_views.py b/src/registrar/views/utility/permission_views.py
index 734a6dbfe..e7031cf0d 100644
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@@ -237,4 +237,4 @@ class PortfolioMembersPermissionView(PortfolioMembersPermission, PortfolioBasePe
 
     This abstract view cannot be instantiated. Actual views must specify
     `template_name`.
-    """
\ No newline at end of file
+    """

From 684cf181c9852672a14eae7210eadc2051747ec9 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Wed, 4 Sep 2024 13:52:30 -0600
Subject: [PATCH 61/69] fixed sort button issue (thank you Rachid and Zander
 for the peer programming)

---
 src/registrar/templates/includes/domains_table.html | 2 +-
 src/registrar/views/domains_json.py                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/registrar/templates/includes/domains_table.html b/src/registrar/templates/includes/domains_table.html
index 48de2d98c..4112906eb 100644
--- a/src/registrar/templates/includes/domains_table.html
+++ b/src/registrar/templates/includes/domains_table.html
@@ -158,7 +158,7 @@
             <th data-sortable="expiration_date" scope="col" role="columnheader">Expires</th>
             <th data-sortable="state_display" scope="col" role="columnheader">Status</th>
             {% if portfolio and has_view_suborganization %}
-              <th data-sortable="suborganization" scope="col" role="columnheader">Suborganization</th>
+              <th data-sortable="domain_info__sub_organization" scope="col" role="columnheader">Suborganization</th>
             {% endif %}
             <th 
               scope="col" 
diff --git a/src/registrar/views/domains_json.py b/src/registrar/views/domains_json.py
index 06c211227..e72aac5fb 100644
--- a/src/registrar/views/domains_json.py
+++ b/src/registrar/views/domains_json.py
@@ -133,5 +133,5 @@ def serialize_domain(domain, user):
         "action_url": reverse("domain", kwargs={"pk": domain.id}),
         "action_label": ("View" if view_only else "Manage"),
         "svg_icon": ("visibility" if view_only else "settings"),
-        "suborganization": suborganization_name,
+        "domain_info__sub_organization": suborganization_name,
     }

From ecc5e863201192c83c0d6fac4ad0ee8a77f6da22 Mon Sep 17 00:00:00 2001
From: CocoByte <nicolle.leclair@gmail.com>
Date: Wed, 4 Sep 2024 14:23:34 -0600
Subject: [PATCH 62/69] (missed a file in last push)

---
 src/registrar/assets/js/get-gov.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index 70659b009..3913a3360 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -1220,7 +1220,7 @@ document.addEventListener('DOMContentLoaded', function() {
             const expirationDateFormatted = expirationDate ? expirationDate.toLocaleDateString('en-US', options) : '';
             const expirationDateSortValue = expirationDate ? expirationDate.getTime() : '';
             const actionUrl = domain.action_url;
-            const suborganization = domain.suborganization ? domain.suborganization : '';
+            const suborganization = domain.domain_info__sub_organization ? domain.domain_info__sub_organization : '';
 
             const row = document.createElement('tr');
 

From e5f2b83f6a34b200dcb9c6f6545bf620be31f6e9 Mon Sep 17 00:00:00 2001
From: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Date: Wed, 4 Sep 2024 15:34:54 -0600
Subject: [PATCH 63/69] Fix failing tests

---
 ...rtfolio_additional_permissions_and_more.py | 66 +++++++++++++++++++
 src/registrar/tests/test_models.py            |  6 +-
 2 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 src/registrar/migrations/0123_alter_portfolioinvitation_portfolio_additional_permissions_and_more.py

diff --git a/src/registrar/migrations/0123_alter_portfolioinvitation_portfolio_additional_permissions_and_more.py b/src/registrar/migrations/0123_alter_portfolioinvitation_portfolio_additional_permissions_and_more.py
new file mode 100644
index 000000000..c14a70ab0
--- /dev/null
+++ b/src/registrar/migrations/0123_alter_portfolioinvitation_portfolio_additional_permissions_and_more.py
@@ -0,0 +1,66 @@
+# Generated by Django 4.2.10 on 2024-09-04 21:29
+
+import django.contrib.postgres.fields
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("registrar", "0122_create_groups_v16"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="portfolioinvitation",
+            name="portfolio_additional_permissions",
+            field=django.contrib.postgres.fields.ArrayField(
+                base_field=models.CharField(
+                    choices=[
+                        ("view_all_domains", "View all domains and domain reports"),
+                        ("view_managed_domains", "View managed domains"),
+                        ("view_members", "View members"),
+                        ("edit_members", "Create and edit members"),
+                        ("view_all_requests", "View all requests"),
+                        ("view_created_requests", "View created requests"),
+                        ("edit_requests", "Create and edit requests"),
+                        ("view_portfolio", "View organization"),
+                        ("edit_portfolio", "Edit organization"),
+                        ("view_suborganization", "View suborganization"),
+                        ("edit_suborganization", "Edit suborganization"),
+                    ],
+                    max_length=50,
+                ),
+                blank=True,
+                help_text="Select one or more additional permissions.",
+                null=True,
+                size=None,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="userportfoliopermission",
+            name="additional_permissions",
+            field=django.contrib.postgres.fields.ArrayField(
+                base_field=models.CharField(
+                    choices=[
+                        ("view_all_domains", "View all domains and domain reports"),
+                        ("view_managed_domains", "View managed domains"),
+                        ("view_members", "View members"),
+                        ("edit_members", "Create and edit members"),
+                        ("view_all_requests", "View all requests"),
+                        ("view_created_requests", "View created requests"),
+                        ("edit_requests", "Create and edit requests"),
+                        ("view_portfolio", "View organization"),
+                        ("edit_portfolio", "Edit organization"),
+                        ("view_suborganization", "View suborganization"),
+                        ("edit_suborganization", "Edit suborganization"),
+                    ],
+                    max_length=50,
+                ),
+                blank=True,
+                help_text="Select one or more additional permissions.",
+                null=True,
+                size=None,
+            ),
+        ),
+    ]
diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index 3a1b21ee2..d0a3e0462 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1474,6 +1474,7 @@ class TestUser(TestCase):
         self.assertFalse(self.user.has_contact_info())
 
     @less_console_noise_decorator
+    @override_flag("organization_requests", active=True)
     def test_has_portfolio_permission(self):
         """
         0. Returns False when user does not have a permission
@@ -1495,7 +1496,10 @@ class TestUser(TestCase):
         portfolio_permission, _ = UserPortfolioPermission.objects.get_or_create(
             portfolio=portfolio,
             user=self.user,
-            additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS],
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS
+            ],
         )
 
         user_can_view_all_domains = self.user.has_domains_portfolio_permission(portfolio)

From a6b9d79fad37af6173f89942df95dd48d2df09ba Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Thu, 5 Sep 2024 12:07:57 -0400
Subject: [PATCH 64/69] cleanup comments

---
 src/registrar/assets/js/get-gov.js | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index 7b676eeb3..e6b5a039f 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -2044,17 +2044,9 @@ document.addEventListener('DOMContentLoaded', function() {
 
       // Use a MutationObserver to watch for changes in the dropdown list
       const dropdownList = comboBox.querySelector(`#${input.id}--list`);
-      // TODO: customize blank value
-      // const isSuborgComboBox = comboBox.querySelector('#id_sub_organization--list');
       const observer = new MutationObserver(function(mutations) {
           mutations.forEach(function(mutation) {
               if (mutation.type === "childList") {
-                // TODO: customize blank value
-                // if (isSuborgComboBox) {
-                //   addBlankOption(clearInputButton, dropdownList, initialValue, 'No suborganization');
-                // } else {
-                //   addBlankOption(clearInputButton, dropdownList, initialValue);
-                // }
                 addBlankOption(clearInputButton, dropdownList, initialValue);
               }
           });
@@ -2110,8 +2102,6 @@ document.addEventListener('DOMContentLoaded', function() {
     }
   }
 
-  // TODO: customize blank value
-  // function addBlankOption(clearInputButton, dropdownList, initialValue, customBlank) {
   function addBlankOption(clearInputButton, dropdownList, initialValue) {
     if (dropdownList && !dropdownList.querySelector('[data-value=""]') && !isTyping) {
         const blankOption = document.createElement("li");
@@ -2121,8 +2111,6 @@ document.addEventListener('DOMContentLoaded', function() {
         if (!initialValue){
           blankOption.classList.add("usa-combo-box__list-option--selected")
         }
-        // TODO: customize blank value
-        // customBlank ? blankOption.textContent = customBlank : blankOption.textContent = "---------";
         blankOption.textContent = "⎯";
 
         dropdownList.insertBefore(blankOption, dropdownList.firstChild);

From 49110461ef542f3a230f28cb3e11f32597f73cdc Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Thu, 5 Sep 2024 12:10:49 -0400
Subject: [PATCH 65/69] lint

---
 src/registrar/tests/test_models.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py
index d0a3e0462..827f349b9 100644
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@@ -1498,7 +1498,7 @@ class TestUser(TestCase):
             user=self.user,
             additional_permissions=[
                 UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-                UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS
+                UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
             ],
         )
 

From a2291d75ed149b6836cd1335da7fe4c3bdc3336a Mon Sep 17 00:00:00 2001
From: Matthew Spence <matthew.spence@cisa.dhs.gov>
Date: Fri, 6 Sep 2024 10:27:52 -0500
Subject: [PATCH 66/69] doc fixes

---
 docs/operations/data_migration.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/operations/data_migration.md b/docs/operations/data_migration.md
index 90080520b..4301ca878 100644
--- a/docs/operations/data_migration.md
+++ b/docs/operations/data_migration.md
@@ -834,10 +834,10 @@ Example: `cf ssh getgov-za`
 ```/tmp/lifecycle/shell```
 
 #### Step 4: Running the script
-```./manage.py populate_domain_request_dates```
+```./manage.py update_first_ready```
 
 ### Running locally
-```docker-compose exec app ./manage.py populate_domain_request_dates```
+```docker-compose exec app ./manage.py update_first_ready```
 
 ## Populate Domain Request Dates
 This section outlines how to run the populate_domain_request_dates script

From db593fcb6e7a9022ed73802b529f2a8050fcee5a Mon Sep 17 00:00:00 2001
From: Rachid Mrad <rachid.mrad@ecstech.com>
Date: Fri, 6 Sep 2024 13:57:28 -0400
Subject: [PATCH 67/69] merge cleanup

---
 src/registrar/tests/test_admin.py | 175 +++++++++++++++---------------
 1 file changed, 88 insertions(+), 87 deletions(-)

diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 93942e438..25d7e5fd2 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -2122,6 +2122,94 @@ class TestPortfolioAdmin(TestCase):
         domain_requests = self.admin.domain_requests(self.portfolio)
         self.assertIn("2 domain requests", domain_requests)
 
+    @less_console_noise_decorator
+    def test_portfolio_members_display(self):
+        """Tests the custom portfolio members field, admin and member sections"""
+        admin_user_1 = User.objects.create(
+            username="testuser1",
+            first_name="Gerald",
+            last_name="Meoward",
+            title="Captain",
+            email="meaoward@gov.gov",
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_1, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
+
+        admin_user_2 = User.objects.create(
+            username="testuser2",
+            first_name="Arnold",
+            last_name="Poopy",
+            title="Major",
+            email="poopy@gov.gov",
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_2, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
+        )
+
+        admin_user_3 = User.objects.create(
+            username="testuser3",
+            first_name="Mad",
+            last_name="Max",
+            title="Road warrior",
+            email="madmax@gov.gov",
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_3, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
+        )
+
+        admin_user_4 = User.objects.create(
+            username="testuser4",
+            first_name="Agent",
+            last_name="Smith",
+            title="Program",
+            email="thematrix@gov.gov",
+        )
+
+        UserPortfolioPermission.objects.all().create(
+            user=admin_user_4,
+            portfolio=self.portfolio,
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+            ],
+        )
+
+        display_admins = self.admin.display_admins(self.portfolio)
+
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_1.pk}/change/">Gerald Meoward meaoward@gov.gov</a>',
+            display_admins,
+        )
+        self.assertIn("Captain", display_admins)
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_2.pk}/change/">Arnold Poopy poopy@gov.gov</a>', display_admins
+        )
+        self.assertIn("Major", display_admins)
+
+        display_members_summary = self.admin.display_members_summary(self.portfolio)
+
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_3.pk}/change/">Mad Max madmax@gov.gov</a>',
+            display_members_summary,
+        )
+        self.assertIn(
+            f'<a href="/admin/registrar/user/{admin_user_4.pk}/change/">Agent Smith thematrix@gov.gov</a>',
+            display_members_summary,
+        )
+
+        display_members = self.admin.display_members(self.portfolio)
+
+        self.assertIn("Mad Max", display_members)
+        self.assertIn("<span class='usa-tag'>Member</span>", display_members)
+        self.assertIn("Road warrior", display_members)
+        self.assertIn("Agent Smith", display_members)
+        self.assertIn("<span class='usa-tag'>Domain requestor</span>", display_members)
+        self.assertIn("Program", display_members)
+
 
 class TestTransferUser(WebTest):
     """User transfer custom admin page"""
@@ -2340,90 +2428,3 @@ class TestTransferUser(WebTest):
         """Assert modal on page"""
         user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
         self.assertContains(user_transfer_page, "This action cannot be undone.")
-    @less_console_noise_decorator
-    def test_portfolio_members_display(self):
-        """Tests the custom portfolio members field, admin and member sections"""
-        admin_user_1 = User.objects.create(
-            username="testuser1",
-            first_name="Gerald",
-            last_name="Meoward",
-            title="Captain",
-            email="meaoward@gov.gov",
-        )
-
-        UserPortfolioPermission.objects.all().create(
-            user=admin_user_1, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
-        )
-
-        admin_user_2 = User.objects.create(
-            username="testuser2",
-            first_name="Arnold",
-            last_name="Poopy",
-            title="Major",
-            email="poopy@gov.gov",
-        )
-
-        UserPortfolioPermission.objects.all().create(
-            user=admin_user_2, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
-        )
-
-        admin_user_3 = User.objects.create(
-            username="testuser3",
-            first_name="Mad",
-            last_name="Max",
-            title="Road warrior",
-            email="madmax@gov.gov",
-        )
-
-        UserPortfolioPermission.objects.all().create(
-            user=admin_user_3, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
-        )
-
-        admin_user_4 = User.objects.create(
-            username="testuser4",
-            first_name="Agent",
-            last_name="Smith",
-            title="Program",
-            email="thematrix@gov.gov",
-        )
-
-        UserPortfolioPermission.objects.all().create(
-            user=admin_user_4,
-            portfolio=self.portfolio,
-            additional_permissions=[
-                UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-                UserPortfolioPermissionChoices.EDIT_REQUESTS,
-            ],
-        )
-
-        display_admins = self.admin.display_admins(self.portfolio)
-
-        self.assertIn(
-            f'<a href="/admin/registrar/user/{admin_user_1.pk}/change/">Gerald Meoward meaoward@gov.gov</a>',
-            display_admins,
-        )
-        self.assertIn("Captain", display_admins)
-        self.assertIn(
-            f'<a href="/admin/registrar/user/{admin_user_2.pk}/change/">Arnold Poopy poopy@gov.gov</a>', display_admins
-        )
-        self.assertIn("Major", display_admins)
-
-        display_members_summary = self.admin.display_members_summary(self.portfolio)
-
-        self.assertIn(
-            f'<a href="/admin/registrar/user/{admin_user_3.pk}/change/">Mad Max madmax@gov.gov</a>',
-            display_members_summary,
-        )
-        self.assertIn(
-            f'<a href="/admin/registrar/user/{admin_user_4.pk}/change/">Agent Smith thematrix@gov.gov</a>',
-            display_members_summary,
-        )
-
-        display_members = self.admin.display_members(self.portfolio)
-
-        self.assertIn("Mad Max", display_members)
-        self.assertIn("<span class='usa-tag'>Member</span>", display_members)
-        self.assertIn("Road warrior", display_members)
-        self.assertIn("Agent Smith", display_members)
-        self.assertIn("<span class='usa-tag'>Domain requestor</span>", display_members)
-        self.assertIn("Program", display_members)

From ffaf3b5a375364fc6e78977bc8600d5b00747ede Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Mon, 9 Sep 2024 10:00:34 -0500
Subject: [PATCH 68/69] fix linter errors

---
 src/registrar/management/commands/update_first_ready.py      | 2 +-
 src/registrar/management/commands/utility/terminal_helper.py | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index f1ebdd555..22320a3d3 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -27,7 +27,7 @@ class Command(BaseCommand, PopulateScriptTemplate):
 
     # check if a transition domain object for this domain name exists,
     # or if so whether its first_ready value matches its created_at date
-    def custom_filter(self, records: BaseManager[Domain]) -> BaseManager[Domain]:
+    def custom_filter(self, records):
         to_include_pks = []
         for record in records:
             if (
diff --git a/src/registrar/management/commands/utility/terminal_helper.py b/src/registrar/management/commands/utility/terminal_helper.py
index e69d54c07..fa7cde683 100644
--- a/src/registrar/management/commands/utility/terminal_helper.py
+++ b/src/registrar/management/commands/utility/terminal_helper.py
@@ -78,7 +78,7 @@ class PopulateScriptTemplate(ABC):
     run_summary_header = None
 
     @abstractmethod
-    def update_record(self, record: Model):
+    def update_record(self, record):
         """Defines how we update each field.
 
         raises:
@@ -86,7 +86,7 @@ class PopulateScriptTemplate(ABC):
         """
         raise NotImplementedError
 
-    def mass_update_records(self, object_class: Model, filter_conditions, fields_to_update, debug=True, verbose=False):
+    def mass_update_records(self, object_class, filter_conditions, fields_to_update, debug=True, verbose=False):
         """Loops through each valid "object_class" object - specified by filter_conditions - and
         updates fields defined by fields_to_update using update_record.
 

From 872f943220e43274a02cd202801de5b0bb5c825e Mon Sep 17 00:00:00 2001
From: matthewswspence <Matthewswspence@gmail.com>
Date: Mon, 9 Sep 2024 10:10:04 -0500
Subject: [PATCH 69/69] unused import

---
 src/registrar/management/commands/update_first_ready.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/registrar/management/commands/update_first_ready.py b/src/registrar/management/commands/update_first_ready.py
index 22320a3d3..0a4ea10a7 100644
--- a/src/registrar/management/commands/update_first_ready.py
+++ b/src/registrar/management/commands/update_first_ready.py
@@ -1,6 +1,5 @@
 import logging
 from django.core.management import BaseCommand
-from django.db.models.manager import BaseManager
 from registrar.management.commands.utility.terminal_helper import PopulateScriptTemplate, TerminalColors
 from registrar.models import Domain, TransitionDomain