zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-31 23:16:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/main' into nl/2470-update-action-needed-email

Browse source
This commit is contained in:
CocoByte 2024-08-15 10:20:07 -06:00
commit 7735f07546
No known key found for this signature in database
GPG key ID: BBFAA2526384C97F
38 changed files with 666 additions and 168 deletions
Download patch file Download diff file Expand all files Collapse all files

41
src/registrar/admin.py
View file

@ -493,6 +493,8 @@ class CustomLogEntryAdmin(LogEntryAdmin):
# return super().change_view(request, object_id, form_url, extra_context=extra_context)
# TODO #2571 - this should be refactored. This is shared among every class that inherits this,
# and it breaks the senior_official field because it exists both as model "Contact" and "SeniorOfficial".
class AdminSortFields:
_name_sort = ["first_name", "last_name", "email"]
@ -555,15 +557,16 @@ class AuditedAdmin(admin.ModelAdmin):
)
)
def formfield_for_manytomany(self, db_field, request, **kwargs):
def formfield_for_manytomany(self, db_field, request, use_admin_sort_fields=True, **kwargs):
"""customize the behavior of formfields with manytomany relationships. the customized
behavior includes sorting of objects in lists as well as customizing helper text"""
# Define a queryset. Note that in the super of this,
# a new queryset will only be generated if one does not exist.
# Thus, the order in which we define queryset matters.
queryset = AdminSortFields.get_queryset(db_field)
if queryset:
if queryset and use_admin_sort_fields:
kwargs["queryset"] = queryset
formfield = super().formfield_for_manytomany(db_field, request, **kwargs)
@ -574,7 +577,7 @@ class AuditedAdmin(admin.ModelAdmin):
)
return formfield
def formfield_for_foreignkey(self, db_field, request, **kwargs):
def formfield_for_foreignkey(self, db_field, request, use_admin_sort_fields=True, **kwargs):
"""Customize the behavior of formfields with foreign key relationships. This will customize
the behavior of selects. Customized behavior includes sorting of objects in list."""
@ -582,7 +585,7 @@ class AuditedAdmin(admin.ModelAdmin):
# a new queryset will only be generated if one does not exist.
# Thus, the order in which we define queryset matters.
queryset = AdminSortFields.get_queryset(db_field)
if queryset:
if queryset and use_admin_sort_fields:
kwargs["queryset"] = queryset
return super().formfield_for_foreignkey(db_field, request, **kwargs)
@ -1544,6 +1547,17 @@ class DomainInformationAdmin(ListHeaderAdmin, ImportExportModelAdmin):
# Get the filtered values
return super().changelist_view(request, extra_context=extra_context)
def formfield_for_foreignkey(self, db_field, request, **kwargs):
"""Customize the behavior of formfields with foreign key relationships. This will customize
the behavior of selects. Customized behavior includes sorting of objects in list."""
# TODO #2571
# Remove this check on senior_official if this underlying model changes from
# "Contact" to "SeniorOfficial" or if we refactor AdminSortFields.
# Removing this will cause the list on django admin to return SeniorOffical
# objects rather than Contact objects.
use_sort = db_field.name != "senior_official"
return super().formfield_for_foreignkey(db_field, request, use_admin_sort_fields=use_sort, **kwargs)
class DomainRequestResource(FsmModelResource):
"""defines how each field in the referenced model should be mapped to the corresponding fields in the
@ -2211,6 +2225,17 @@ class DomainRequestAdmin(ListHeaderAdmin, ImportExportModelAdmin):
return None
def formfield_for_foreignkey(self, db_field, request, **kwargs):
"""Customize the behavior of formfields with foreign key relationships. This will customize
the behavior of selects. Customized behavior includes sorting of objects in list."""
# TODO #2571
# Remove this check on senior_official if this underlying model changes from
# "Contact" to "SeniorOfficial" or if we refactor AdminSortFields.
# Removing this will cause the list on django admin to return SeniorOffical
# objects rather than Contact objects.
use_sort = db_field.name != "senior_official"
return super().formfield_for_foreignkey(db_field, request, use_admin_sort_fields=use_sort, **kwargs)
class TransitionDomainAdmin(ListHeaderAdmin):
"""Custom transition domain admin class."""
@ -2260,6 +2285,7 @@ class DomainInformationInline(admin.StackedInline):
def formfield_for_manytomany(self, db_field, request, **kwargs):
"""customize the behavior of formfields with manytomany relationships. the customized
behavior includes sorting of objects in lists as well as customizing helper text"""
queryset = AdminSortFields.get_queryset(db_field)
if queryset:
kwargs["queryset"] = queryset
@ -2274,8 +2300,12 @@ class DomainInformationInline(admin.StackedInline):
def formfield_for_foreignkey(self, db_field, request, **kwargs):
"""Customize the behavior of formfields with foreign key relationships. This will customize
the behavior of selects. Customized behavior includes sorting of objects in list."""
# Remove this check on senior_official if this underlying model changes from
# "Contact" to "SeniorOfficial" or if we refactor AdminSortFields.
# Removing this will cause the list on django admin to return SeniorOffical
# objects rather than Contact objects.
queryset = AdminSortFields.get_queryset(db_field)
if queryset:
if queryset and db_field.name != "senior_official":
kwargs["queryset"] = queryset
return super().formfield_for_foreignkey(db_field, request, **kwargs)
@ -2848,6 +2878,7 @@ class PortfolioAdmin(ListHeaderAdmin):
autocomplete_fields = [
"creator",
"federal_agency",
"senior_official",
]
def change_view(self, request, object_id, form_url="", extra_context=None):

128
src/registrar/assets/js/get-gov-admin.js
View file

@ -523,9 +523,18 @@ function initializeWidgetOnList(list, parentId) {
var actionNeededEmailFooter = document.querySelector("#action-needed-email-footer")
let emailWasSent = document.getElementById("action-needed-email-sent");
let actionNeededEmailData = document.getElementById('action-needed-emails-data').textContent;
let actionNeededEmailsJson = JSON.parse(actionNeededEmailData);
let emailData = document.getElementById('action-needed-emails-data');
if (!emailData) {
return;
}
let actionNeededEmailData = emailData.textContent;
if(!actionNeededEmailData) {
return;
}
let actionNeededEmailsJson = JSON.parse(actionNeededEmailData);
const domainRequestId = actionNeededReasonDropdown ? document.querySelector("#domain_request_id").value : null
const emailSentSessionVariableName = `actionNeededEmailSent-${domainRequestId}`;
const oldDropdownValue = actionNeededReasonDropdown ? actionNeededReasonDropdown.value : null;
@ -818,3 +827,118 @@ function initializeWidgetOnList(list, parentId) {
});
}
})();
/** An IIFE for dynamically changing some fields on the portfolio admin model
*/
(function dynamicPortfolioFields(){
document.addEventListener('DOMContentLoaded', function() {
let isPortfolioPage = document.getElementById("portfolio_form");
if (!isPortfolioPage) {
return;
}
// $ symbolically denotes that this is using jQuery
let $federalAgency = django.jQuery("#id_federal_agency");
let organizationType = document.getElementById("id_organization_type");
if ($federalAgency && organizationType) {
// Execute this function once on load
handleFederalAgencyChange($federalAgency, organizationType);
// Attach the change event listener
$federalAgency.on("change", function() {
handleFederalAgencyChange($federalAgency, organizationType);
});
}
// Handle dynamically hiding the urbanization field
let urbanizationField = document.querySelector(".field-urbanization");
let stateTerritory = document.getElementById("id_state_territory");
if (urbanizationField && stateTerritory) {
// Execute this function once on load
handleStateTerritoryChange(stateTerritory, urbanizationField);
// Attach the change event listener for state/territory
stateTerritory.addEventListener("change", function() {
handleStateTerritoryChange(stateTerritory, urbanizationField);
});
}
});
function handleFederalAgencyChange(federalAgency, organizationType) {
// Set the org type to federal if an agency is selected
let selectedText = federalAgency.find("option:selected").text();
// There isn't a federal senior official associated with null records
if (!selectedText) {
return;
}
if (selectedText !== "Non-Federal Agency") {
if (organizationType.value !== "federal") {
organizationType.value = "federal";
}
}else {
if (organizationType.value === "federal") {
organizationType.value = "";
}
}
// Get the associated senior official with this federal agency
let $seniorOfficial = django.jQuery("#id_senior_official");
if (!$seniorOfficial) {
console.log("Could not find the senior official field");
return;
}
let seniorOfficialApi = document.getElementById("senior_official_from_agency_json_url").value;
fetch(`${seniorOfficialApi}?agency_name=${selectedText}`)
.then(response => {
const statusCode = response.status;
return response.json().then(data => ({ statusCode, data }));
})
.then(({ statusCode, data }) => {
if (data.error) {
// Clear the field if the SO doesn't exist.
if (statusCode === 404) {
$seniorOfficial.val("").trigger("change");
console.warn("Record not found: " + data.error);
}else {
console.error("Error in AJAX call: " + data.error);
}
return;
}
let seniorOfficialId = data.id;
let seniorOfficialName = [data.first_name, data.last_name].join(" ");
if (!seniorOfficialId || !seniorOfficialName || !seniorOfficialName.trim()){
// Clear the field if the SO doesn't exist
$seniorOfficial.val("").trigger("change");
return;
}
// Add the senior official to the dropdown.
// This format supports select2 - if we decide to convert this field in the future.
if ($seniorOfficial.find(`option[value='${seniorOfficialId}']`).length) {
// Select the value that is associated with the current Senior Official.
$seniorOfficial.val(seniorOfficialId).trigger("change");
} else {
// Create a DOM Option that matches the desired Senior Official. Then append it and select it.
let userOption = new Option(seniorOfficialName, seniorOfficialId, true, true);
$seniorOfficial.append(userOption).trigger("change");
}
})
.catch(error => console.error("Error fetching senior official: ", error));
}
function handleStateTerritoryChange(stateTerritory, urbanizationField) {
let selectedValue = stateTerritory.value;
if (selectedValue === "PR") {
showElement(urbanizationField)
} else {
hideElement(urbanizationField)
}
}
})();

25
src/registrar/assets/js/get-gov.js
View file

@ -1183,8 +1183,19 @@ document.addEventListener('DOMContentLoaded', function() {
* @param {*} portfolio - the portfolio id
*/
function loadDomains(page, sortBy = currentSortBy, order = currentOrder, scroll = scrollToTable, status = currentStatus, searchTerm = currentSearchTerm, portfolio = portfolioValue) {
// fetch json of page of domais, given params
let baseUrl = document.getElementById("get_domains_json_url");
if (!baseUrl) {
return;
}
let baseUrlValue = baseUrl.innerHTML;
if (!baseUrlValue) {
return;
}
// fetch json of page of domains, given params
let url = `/get-domains-json/?page=${page}&sort_by=${sortBy}&order=${order}&status=${status}&search_term=${searchTerm}`
let url = `${baseUrlValue}?page=${page}&sort_by=${sortBy}&order=${order}&status=${status}&search_term=${searchTerm}`
if (portfolio)
url += `&portfolio=${portfolio}`
@ -1524,7 +1535,17 @@ document.addEventListener('DOMContentLoaded', function() {
*/
function loadDomainRequests(page, sortBy = currentSortBy, order = currentOrder, scroll = scrollToTable, searchTerm = currentSearchTerm) {
// fetch json of page of domain requests, given params
fetch(`/get-domain-requests-json/?page=${page}&sort_by=${sortBy}&order=${order}&search_term=${searchTerm}`)
let baseUrl = document.getElementById("get_domain_requests_json_url");
if (!baseUrl) {
return;
}
let baseUrlValue = baseUrl.innerHTML;
if (!baseUrlValue) {
return;
}
fetch(`${baseUrlValue}?page=${page}&sort_by=${sortBy}&order=${order}&search_term=${searchTerm}`)
.then(response => response.json())
.then(data => {
if (data.error) {

2
src/registrar/assets/sass/_theme/_register-form.scss
View file

@ -25,7 +25,7 @@
}
}
h3.register-form-review-header {
.register-form-review-header {
color: color('primary-dark');
margin-top: units(2);
margin-bottom: 0;

11
src/registrar/config/urls.py
View file

@ -24,6 +24,7 @@ from registrar.views.report_views import (
from registrar.views.domain_request import Step
from registrar.views.domain_requests_json import get_domain_requests_json
from registrar.views.utility.api_views import get_senior_official_from_federal_agency_json
from registrar.views.domains_json import get_domains_json
from registrar.views.utility import always_404
from api.views import available, get_current_federal, get_current_full
@ -74,6 +75,11 @@ urlpatterns = [
views.PortfolioOrganizationView.as_view(),
name="organization",
),
path(
"senior-official/",
views.PortfolioSeniorOfficialView.as_view(),
name="senior-official",
),
path(
"admin/logout/",
RedirectView.as_view(pattern_name="logout", permanent=False),
@ -123,6 +129,11 @@ urlpatterns = [
AnalyticsView.as_view(),
name="analytics",
),
path(
"admin/api/get-senior-official-from-federal-agency-json/",
get_senior_official_from_federal_agency_json,
name="get-senior-official-from-federal-agency-json",
),
path("admin/", admin.site.urls),
path(
"reports/export_data_type_user/",

28
src/registrar/forms/domain.py
View file

@ -358,10 +358,14 @@ class SeniorOfficialContactForm(ContactForm):
"""Form for updating senior official contacts."""
JOIN = "senior_official"
full_name = forms.CharField(label="Full name", required=False)
def __init__(self, disable_fields=False, *args, **kwargs):
super().__init__(*args, **kwargs)
if self.instance and self.instance.id:
self.fields["full_name"].initial = self.instance.get_formatted_name()
# Overriding bc phone not required in this form
self.fields["phone"] = forms.IntegerField(required=False)
@ -384,6 +388,12 @@ class SeniorOfficialContactForm(ContactForm):
if disable_fields:
DomainHelper.mass_disable_fields(fields=self.fields, disable_required=True, disable_maxlength=True)
def clean(self):
"""Clean override to remove unused fields"""
cleaned_data = super().clean()
cleaned_data.pop("full_name", None)
return cleaned_data
def save(self, commit=True):
"""
Override the save() method of the BaseModelForm.
@ -529,8 +539,7 @@ class DomainOrgNameAddressForm(forms.ModelForm):
elif self.is_tribal and not self._field_unchanged("organization_name"):
raise ValueError("organization_name cannot be modified when the generic_org_type is tribal")
else:
super().save()
super().save()
def _field_unchanged(self, field_name) -> bool:
"""
@ -542,6 +551,21 @@ class DomainOrgNameAddressForm(forms.ModelForm):
"""
old_value = self.initial.get(field_name, None)
new_value = self.cleaned_data.get(field_name, None)
field = self.fields[field_name]
# Check if the field has a queryset attribute before accessing it
if hasattr(field, "queryset") and isinstance(new_value, str):
try:
# Convert the string to the corresponding ID
new_value = field.queryset.get(name=new_value).id
except field.queryset.model.DoesNotExist:
pass # Handle the case where the object does not exist
elif hasattr(new_value, "id"):
# If new_value is a model instance, compare by ID.
new_value = new_value.id
return old_value == new_value

30
src/registrar/forms/portfolio.py
View file

@ -4,7 +4,7 @@ import logging
from django import forms
from django.core.validators import RegexValidator
from ..models import DomainInformation, Portfolio
from ..models import DomainInformation, Portfolio, SeniorOfficial
logger = logging.getLogger(__name__)
@ -67,3 +67,31 @@ class PortfolioOrgAddressForm(forms.ModelForm):
self.fields[field_name].required = True
self.fields["state_territory"].widget.attrs.pop("maxlength", None)
self.fields["zipcode"].widget.attrs.pop("maxlength", None)
class PortfolioSeniorOfficialForm(forms.ModelForm):
"""
Form for updating the portfolio senior official.
This form is readonly for now.
"""
JOIN = "senior_official"
full_name = forms.CharField(label="Full name", required=False)
class Meta:
model = SeniorOfficial
fields = [
"title",
"email",
]
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
if self.instance and self.instance.id:
self.fields["full_name"].initial = self.instance.get_formatted_name()
def clean(self):
"""Clean override to remove unused fields"""
cleaned_data = super().clean()
cleaned_data.pop("full_name", None)
return cleaned_data

15
src/registrar/management/commands/load_senior_official_table.py
View file

@ -35,7 +35,6 @@ class Command(BaseCommand):
Note:
- If the row is missing SO data - it will not be added.
- Given we can add the row, any blank first_name will be replaced with "-".
""", # noqa: W291
prompt_title="Do you wish to load records into the SeniorOfficial table?",
)
@ -64,7 +63,11 @@ class Command(BaseCommand):
# Clean the returned data
for key, value in so_kwargs.items():
if isinstance(value, str):
so_kwargs[key] = value.strip()
clean_string = value.strip()
if clean_string:
so_kwargs[key] = clean_string
else:
so_kwargs[key] = None
# Handle the federal_agency record seperately (db call)
agency_name = row.get("Agency").strip() if row.get("Agency") else None
@ -95,17 +98,11 @@ class Command(BaseCommand):
def create_senior_official(self, so_kwargs):
"""Creates a senior official object from kwargs but does not add it to the DB"""
# WORKAROUND: Placeholder value for first name,
# as not having these makes it impossible to access through DJA.
old_first_name = so_kwargs["first_name"]
if not so_kwargs["first_name"]:
so_kwargs["first_name"] = "-"
# Create a new SeniorOfficial object
new_so = SeniorOfficial(**so_kwargs)
# Store a variable for the console logger
if all([old_first_name, new_so.last_name]):
if all([new_so.first_name, new_so.last_name]):
record_display = new_so
else:
record_display = so_kwargs

9
src/registrar/models/portfolio.py
View file

@ -110,3 +110,12 @@ class Portfolio(TimeStampedModel):
def __str__(self) -> str:
return f"{self.organization_name}"
def save(self, *args, **kwargs):
"""Save override for custom properties"""
# The urbanization field is only intended for the state_territory puerto rico
if self.state_territory != self.StateTerritoryChoices.PUERTO_RICO and self.urbanization:
self.urbanization = None
super().save(*args, **kwargs)

11
src/registrar/models/user.py
View file

@ -3,6 +3,7 @@ import logging
from django.contrib.auth.models import AbstractUser
from django.db import models
from django.db.models import Q
from django.forms import ValidationError
from registrar.models.domain_information import DomainInformation
from registrar.models.user_domain_role import UserDomainRole
@ -229,6 +230,16 @@ class User(AbstractUser):
def has_contact_info(self):
return bool(self.title or self.email or self.phone)
def clean(self):
"""Extends clean method to perform additional validation, which can raise errors in django admin."""
super().clean()
if self.portfolio is None and self._get_portfolio_permissions():
raise ValidationError("When portfolio roles or additional permissions are assigned, portfolio is required.")
if self.portfolio is not None and not self._get_portfolio_permissions():
raise ValidationError("When portfolio is assigned, portfolio roles or additional permissions are required.")
def _get_portfolio_permissions(self):
"""
Retrieve the permissions for the user's portfolio roles.

7
src/registrar/templates/django/admin/portfolio_change_form.html
View file

@ -1,6 +1,13 @@
{% extends 'django/admin/email_clipboard_change_form.html' %}
{% load i18n static %}
{% block content %}
{% comment %} Stores the json endpoint in a url for easier access {% endcomment %}
{% url 'get-senior-official-from-federal-agency-json' as url %}
<input id="senior_official_from_agency_json_url" class="display-none" value="{{url}}" />
{{ block.super }}
{% endblock content %}
{% block after_related_objects %}
<div class="module aligned padding-3">
<h2>Associated groups and suborganizations</h2>

2
src/registrar/templates/domain_base.html
View file

@ -54,7 +54,7 @@
{% block domain_content %}
<h1 class="break-word">{{ domain.name }}</h1>
<h1 class="break-word">Domain Overview</h1>
{% endblock %} {# domain_content #}
{% endif %}

11
src/registrar/templates/domain_detail.html
View file

@ -5,7 +5,7 @@
{% block domain_content %}
{{ block.super }}
<div class="margin-top-4 tablet:grid-col-10">
<h2 class="text-bold text-primary-dark">{{ domain.name }}</h2>
<div
class="usa-summary-box dotgov-status-box padding-bottom-0 margin-top-3 padding-left-2{% if not domain.is_expired %}{% if domain.state == domain.State.UNKNOWN or domain.state == domain.State.DNS_NEEDED %} dotgov-status-box--action-need{% endif %}{% endif %}"
role="region"
@ -57,13 +57,20 @@
{% include "includes/summary_item.html" with title='DNS name servers' domains='true' value=domain.nameservers list='true' edit_link=url editable=is_editable %}
{% else %}
{% if is_editable %}
<h2 class="margin-top-3"> DNS name servers </h2>
<h3 class="margin-top-3"> DNS name servers </h3>
<p> No DNS name servers have been added yet. Before your domain can be used well need information about your domain name servers.</p>
<a class="usa-button margin-bottom-1" href="{{url}}"> Add DNS name servers </a>
{% else %}
{% include "includes/summary_item.html" with title='DNS name servers' domains='true' value='' edit_link=url editable=is_editable %}
{% endif %}
{% endif %}
{% url 'domain-dns-dnssec' pk=domain.id as url %}
{% if domain.dnssecdata is not None %}
{% include "includes/summary_item.html" with title='DNSSEC' value='Enabled' edit_link=url editable=is_editable %}
{% else %}
{% include "includes/summary_item.html" with title='DNSSEC' value='Not Enabled' edit_link=url editable=is_editable %}
{% endif %}
{% if portfolio and has_domains_portfolio_permission and request.user.has_view_suborganization %}
{% url 'domain-suborganization' pk=domain.id as url %}

42
src/registrar/templates/domain_senior_official.html
View file

@ -4,45 +4,9 @@
{% block title %}Senior official | {{ domain.name }} | {% endblock %}
{% block domain_content %}
{# this is right after the messages block in the parent template #}
{% include "includes/form_errors.html" with form=form %}
<h1>Senior official</h1>
<p>Your senior official is a person within your organization who can
authorize domain requests. This person must be in a role of significant, executive responsibility within the organization. Read more about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-a-senior-official-within-your-organization' %}">who can serve as a senior official</a>.</p>
{% if generic_org_type == "federal" or generic_org_type == "tribal" %}
<p>
The senior official for your organization cant be updated here.
To suggest an update, email <a href="mailto:help@get.gov" class="usa-link">help@get.gov</a>.
</p>
{% include "includes/senior_official.html" with can_edit=False include_read_more_text=True %}
{% else %}
{% include "includes/required_fields.html" %}
{% include "includes/senior_official.html" with can_edit=True include_read_more_text=True %}
{% endif %}
<form class="usa-form usa-form--large" method="post" novalidate id="form-container">
{% csrf_token %}
{% if generic_org_type == "federal" or generic_org_type == "tribal" %}
{# If all fields are disabled, add SR content #}
<div class="usa-sr-only" aria-labelledby="id_first_name" id="sr-so-first-name">{{ form.first_name.value }}</div>
<div class="usa-sr-only" aria-labelledby="id_last_name" id="sr-so-last-name">{{ form.last_name.value }}</div>
<div class="usa-sr-only" aria-labelledby="id_title" id="sr-so-title">{{ form.title.value }}</div>
<div class="usa-sr-only" aria-labelledby="id_email" id="sr-so-email">{{ form.email.value }}</div>
{% endif %}
{% input_with_errors form.first_name %}
{% input_with_errors form.last_name %}
{% input_with_errors form.title %}
{% input_with_errors form.email %}
{% if generic_org_type != "federal" and generic_org_type != "tribal" %}
<button type="submit" class="usa-button">Save</button>
{% endif %}
</form>
{% endblock %} {# domain_content #}
{% endblock %}

4
src/registrar/templates/emails/action_needed_reasons/already_has_domains.txt
View file

@ -47,5 +47,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
{% endautoescape %}
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

4
src/registrar/templates/emails/action_needed_reasons/bad_name.txt
View file

@ -30,5 +30,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
{% endautoescape %}
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

4
src/registrar/templates/emails/action_needed_reasons/eligibility_unclear.txt
View file

@ -31,5 +31,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
{% endautoescape %}
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

4
src/registrar/templates/emails/action_needed_reasons/questionable_senior_official.txt
View file

@ -32,5 +32,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
{% endautoescape %}
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

2
src/registrar/templates/emails/domain_invitation.txt
View file

@ -38,5 +38,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

2
src/registrar/templates/emails/domain_request_withdrawn.txt
View file

@ -26,5 +26,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

2
src/registrar/templates/emails/status_change_approved.txt
View file

@ -49,5 +49,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

2
src/registrar/templates/emails/status_change_rejected.txt
View file

@ -77,5 +77,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

2
src/registrar/templates/emails/submission_confirmation.txt
View file

@ -38,5 +38,5 @@ The .gov team
Contact us: <https://get.gov/contact/>
Learn about .gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

2
src/registrar/templates/emails/transition_domain_invitation.txt
View file

@ -60,5 +60,5 @@ The .gov team
Domain management <https://manage.get.gov>
Get.gov <https://get.gov>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <http://cisa.gov/>
The .gov registry is a part of the Cybersecurity and Infrastructure Security Agency (CISA) <https://cisa.gov/>
{% endautoescape %}

3
src/registrar/templates/includes/domain_requests_table.html
View file

@ -1,5 +1,8 @@
{% load static %}
{% comment %} Stores the json endpoint in a url for easier access {% endcomment %}
{% url 'get_domain_requests_json' as url %}
<span id="get_domain_requests_json_url" class="display-none">{{url}}</span>
<section class="section--outlined domain-requests" id="domain-requests">
<div class="grid-row">
{% if not has_domain_requests_portfolio_permission %}

5
src/registrar/templates/includes/domains_table.html
View file

@ -1,5 +1,10 @@
{% load static %}
{% comment %} Stores the json endpoint in a url for easier access {% endcomment %}
{% url 'get_domains_json' as url %}
<span id="get_domains_json_url" class="display-none">{{url}}</span>
<section class="section--outlined domains{% if not has_domains_portfolio_permission %} margin-top-0{% endif %}" id="domains">
<div class="section--outlined__header margin-bottom-3 {% if not has_domains_portfolio_permission %} section--outlined__header--no-portfolio justify-content-space-between{% else %} grid-row{% endif %}">
{% if not has_domains_portfolio_permission %}

49
src/registrar/templates/includes/senior_official.html Normal file
View file

@ -0,0 +1,49 @@
{% load static field_helpers url_helpers %}
{% if can_edit %}
{% include "includes/form_errors.html" with form=form %}
{% endif %}
<h1>Senior Official</h1>
<p>
Your senior official is a person within your organization who can authorize domain requests.
{% if include_read_more_text %}
This person must be in a role of significant, executive responsibility within the organization.
Read more about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-a-senior-official-within-your-organization' %}">who can serve as a senior official</a>.
{% endif %}
</p>
{% if can_edit %}
{% include "includes/required_fields.html" %}
{% else %}
<p>
The senior official for your organization cant be updated here.
To suggest an update, email <a href="mailto:help@get.gov" class="usa-link">help@get.gov</a>.
</p>
{% endif %}
{% if can_edit %}
<form class="usa-form usa-form--large" method="post" novalidate id="form-container">
{% csrf_token %}
{% input_with_errors form.first_name %}
{% input_with_errors form.last_name %}
{% input_with_errors form.title %}
{% input_with_errors form.email %}
<button type="submit" class="usa-button">Save</button>
</form>
{% elif not form.full_name.value and not form.title.value and not form.email.value %}
<h4>No senior official was found.</h4>
{% else %}
{% if form.full_name.value is not None %}
{% include "includes/input_read_only.html" with field=form.full_name %}
{% endif %}
{% if form.title.value is not None %}
{% include "includes/input_read_only.html" with field=form.title %}
{% endif %}
{% if form.email.value is not None %}
{% include "includes/input_read_only.html" with field=form.email %}
{% endif %}
{% endif %}

6
src/registrar/templates/includes/summary_item.html
View file

@ -7,7 +7,7 @@
{% if heading_level %}
<{{ heading_level }}
{% else %}
<h2
<h3
{% endif %}
class="summary-item__title
font-sans-md
@ -19,10 +19,10 @@
{% if heading_level %}
</{{ heading_level }}>
{% else %}
</h2>
</h3>
{% endif %}
{% if sub_header_text %}
<h3 class="register-form-review-header">{{ sub_header_text }}</h3>
<h4 class="register-form-review-header">{{ sub_header_text }}</h4>
{% endif %}
{% if address %}
{% include "includes/organization_address.html" with organization=value %}

4
src/registrar/templates/portfolio_organization_sidebar.html
View file

@ -13,7 +13,9 @@
</li>
<li class="usa-sidenav__item">
<a href="#"
{% url 'senior-official' as url %}
<a href="{{ url }}"
{% if request.path == url %}class="usa-current"{% endif %}
>
Senior official
</a>

24
src/registrar/templates/portfolio_senior_official.html Normal file
View file

@ -0,0 +1,24 @@
{% extends 'portfolio_base.html' %}
{% load static field_helpers%}
{% block title %}Senior Official | {{ portfolio.name }} | {% endblock %}
{% load static %}
{% block portfolio_content %}
<div class="grid-row grid-gap">
<div class="tablet:grid-col-3">
<p class="font-body-md margin-top-0 margin-bottom-2
text-primary-darker text-semibold"
>
<span class="usa-sr-only"> Portfolio name:</span> {{ portfolio }}
</p>
{% include 'portfolio_organization_sidebar.html' %}
</div>
<div class="tablet:grid-col-9">
{% include "includes/senior_official.html" with can_edit=False %}
</div>
</div>
{% endblock %}

67
src/registrar/tests/test_api.py Normal file
View file

@ -0,0 +1,67 @@
from django.urls import reverse
from django.test import TestCase, Client
from registrar.models import FederalAgency, SeniorOfficial, User
from django.contrib.auth import get_user_model
from registrar.tests.common import create_superuser, create_user
class GetSeniorOfficialJsonTest(TestCase):
def setUp(self):
self.client = Client()
p = "password"
self.user = get_user_model().objects.create_user(username="testuser", password=p)
self.superuser = create_superuser()
self.analyst_user = create_user()
self.agency = FederalAgency.objects.create(agency="Test Agency")
self.senior_official = SeniorOfficial.objects.create(
first_name="John", last_name="Doe", title="Director", federal_agency=self.agency
)
self.api_url = reverse("get-senior-official-from-federal-agency-json")
def tearDown(self):
User.objects.all().delete()
SeniorOfficial.objects.all().delete()
FederalAgency.objects.all().delete()
def test_get_senior_official_json_authenticated_superuser(self):
"""Test that a superuser can fetch the senior official information."""
p = "adminpass"
self.client.login(username="superuser", password=p)
response = self.client.get(self.api_url, {"agency_name": "Test Agency"})
self.assertEqual(response.status_code, 200)
data = response.json()
self.assertEqual(data["id"], self.senior_official.id)
self.assertEqual(data["first_name"], "John")
self.assertEqual(data["last_name"], "Doe")
self.assertEqual(data["title"], "Director")
def test_get_senior_official_json_authenticated_analyst(self):
"""Test that an analyst user can fetch the senior official's information."""
p = "userpass"
self.client.login(username="staffuser", password=p)
response = self.client.get(self.api_url, {"agency_name": "Test Agency"})
self.assertEqual(response.status_code, 200)
data = response.json()
self.assertEqual(data["id"], self.senior_official.id)
self.assertEqual(data["first_name"], "John")
self.assertEqual(data["last_name"], "Doe")
self.assertEqual(data["title"], "Director")
def test_get_senior_official_json_unauthenticated(self):
"""Test that an unauthenticated user receives a 403 with an error message."""
p = "password"
self.client.login(username="testuser", password=p)
response = self.client.get(self.api_url, {"agency_name": "Test Agency"})
self.assertEqual(response.status_code, 302)
def test_get_senior_official_json_not_found(self):
"""Test that a request for a non-existent agency returns a 404 with an error message."""
p = "adminpass"
self.client.login(username="superuser", password=p)
response = self.client.get(self.api_url, {"agency_name": "Non-Federal Agency"})
self.assertEqual(response.status_code, 404)
data = response.json()
self.assertEqual(data["error"], "Senior Official not found")

87
src/registrar/tests/test_models.py
View file

@ -1,3 +1,4 @@
from django.forms import ValidationError
from django.test import TestCase
from django.db.utils import IntegrityError
from django.db import transaction
@ -1348,6 +1349,7 @@ class TestUser(TestCase):
self.user.phone = None
self.assertFalse(self.user.has_contact_info())
@less_console_noise_decorator
def test_has_portfolio_permission(self):
"""
0. Returns False when user does not have a permission
@ -1401,6 +1403,37 @@ class TestUser(TestCase):
Portfolio.objects.all().delete()
@less_console_noise_decorator
def test_user_with_portfolio_but_no_roles(self):
# Create an instance of User with a portfolio but no roles or additional permissions
portfolio, _ = Portfolio.objects.get_or_create(creator=self.user, organization_name="Hotel California")
self.user.portfolio = portfolio
self.user.portfolio_roles = []
# Test if the ValidationError is raised with the correct message
with self.assertRaises(ValidationError) as cm:
self.user.clean()
self.assertEqual(
cm.exception.message, "When portfolio is assigned, portfolio roles or additional permissions are required."
)
Portfolio.objects.all().delete()
@less_console_noise_decorator
def test_user_with_portfolio_roles_but_no_portfolio(self):
# Create an instance of User with a portfolio role but no portfolio
self.user.portfolio = None
self.user.portfolio_roles = [UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
# Test if the ValidationError is raised with the correct message
with self.assertRaises(ValidationError) as cm:
self.user.clean()
self.assertEqual(
cm.exception.message, "When portfolio roles or additional permissions are assigned, portfolio is required."
)
class TestContact(TestCase):
@less_console_noise_decorator
@ -2233,3 +2266,57 @@ class TestDomainRequestIncomplete(TestCase):
self.domain_request.generic_org_type = None
self.domain_request.save()
self.assertFalse(self.domain_request._form_complete(request))
class TestPortfolio(TestCase):
def setUp(self):
self.user, _ = User.objects.get_or_create(
username="intern@igorville.com", email="intern@igorville.com", first_name="Lava", last_name="World"
)
super().setUp()
def tearDown(self):
super().tearDown()
Portfolio.objects.all().delete()
User.objects.all().delete()
def test_urbanization_field_resets_when_not_puetro_rico(self):
"""The urbanization field should only be populated when the state is puetro rico.
Otherwise, this field should be empty."""
# Start out as PR, then change the field
portfolio = Portfolio.objects.create(
creator=self.user,
organization_name="Test Portfolio",
state_territory=DomainRequest.StateTerritoryChoices.PUERTO_RICO,
urbanization="test",
)
self.assertEqual(portfolio.urbanization, "test")
self.assertEqual(portfolio.state_territory, DomainRequest.StateTerritoryChoices.PUERTO_RICO)
portfolio.state_territory = DomainRequest.StateTerritoryChoices.ALABAMA
portfolio.save()
self.assertEqual(portfolio.urbanization, None)
self.assertEqual(portfolio.state_territory, DomainRequest.StateTerritoryChoices.ALABAMA)
def test_can_add_urbanization_field(self):
"""Ensures that you can populate the urbanization field when conditions are right"""
# Create a portfolio that cannot have this field
portfolio = Portfolio.objects.create(
creator=self.user,
organization_name="Test Portfolio",
state_territory=DomainRequest.StateTerritoryChoices.ALABAMA,
urbanization="test",
)
# Implicitly check if this gets cleared on create. It should.
self.assertEqual(portfolio.urbanization, None)
self.assertEqual(portfolio.state_territory, DomainRequest.StateTerritoryChoices.ALABAMA)
portfolio.state_territory = DomainRequest.StateTerritoryChoices.PUERTO_RICO
portfolio.urbanization = "test123"
portfolio.save()
self.assertEqual(portfolio.urbanization, "test123")
self.assertEqual(portfolio.state_territory, DomainRequest.StateTerritoryChoices.PUERTO_RICO)

96
src/registrar/tests/test_views_domain.py
View file

@ -1128,7 +1128,7 @@ class TestDomainSeniorOfficial(TestDomainOverview):
def test_domain_senior_official(self):
"""Can load domain's senior official page."""
page = self.client.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
self.assertContains(page, "Senior official", count=14)
self.assertContains(page, "Senior official", count=3)
@less_console_noise_decorator
def test_domain_senior_official_content(self):
@ -1192,14 +1192,14 @@ class TestDomainSeniorOfficial(TestDomainOverview):
self.assertTrue("disabled" in form[field_name].attrs)
@less_console_noise_decorator
def test_domain_edit_senior_official_federal(self):
def test_domain_cannot_edit_senior_official_when_federal(self):
"""Tests that no edit can occur when the underlying domain is federal"""
# Set the org type to federal
self.domain_information.generic_org_type = DomainInformation.OrganizationChoices.FEDERAL
self.domain_information.save()
# Add an SO. We can do this at the model level, just not the form level.
# Add an SO
self.domain_information.senior_official = Contact(
first_name="Apple", last_name="Tester", title="CIO", email="nobody@igorville.gov"
)
@ -1207,49 +1207,13 @@ class TestDomainSeniorOfficial(TestDomainOverview):
self.domain_information.save()
so_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
# Test if the form is populating data correctly
so_form = so_page.forms[0]
test_cases = [
("first_name", "Apple"),
("last_name", "Tester"),
("title", "CIO"),
("email", "nobody@igorville.gov"),
]
self.assert_all_form_fields_have_expected_values(so_form, test_cases, test_for_disabled=True)
# Attempt to change data on each field. Because this domain is federal,
# this should not succeed.
so_form["first_name"] = "Orange"
so_form["last_name"] = "Smoothie"
so_form["title"] = "Cat"
so_form["email"] = "somebody@igorville.gov"
submission = so_form.submit()
# A 302 indicates this page underwent a redirect.
self.assertEqual(submission.status_code, 302)
followed_submission = submission.follow()
# Test the returned form for data accuracy. These values should be unchanged.
new_form = followed_submission.forms[0]
self.assert_all_form_fields_have_expected_values(new_form, test_cases, test_for_disabled=True)
# refresh domain information. Test these values in the DB.
self.domain_information.refresh_from_db()
# All values should be unchanged. These are defined manually for code clarity.
self.assertEqual("Apple", self.domain_information.senior_official.first_name)
self.assertEqual("Tester", self.domain_information.senior_official.last_name)
self.assertEqual("CIO", self.domain_information.senior_official.title)
self.assertEqual("nobody@igorville.gov", self.domain_information.senior_official.email)
self.assertContains(so_page, "Apple Tester")
self.assertContains(so_page, "CIO")
self.assertContains(so_page, "nobody@igorville.gov")
self.assertNotContains(so_page, "Save")
@less_console_noise_decorator
def test_domain_edit_senior_official_tribal(self):
def test_domain_cannot_edit_senior_official_tribal(self):
"""Tests that no edit can occur when the underlying domain is tribal"""
# Set the org type to federal
@ -1264,46 +1228,10 @@ class TestDomainSeniorOfficial(TestDomainOverview):
self.domain_information.save()
so_page = self.app.get(reverse("domain-senior-official", kwargs={"pk": self.domain.id}))
session_id = self.app.cookies[settings.SESSION_COOKIE_NAME]
self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
# Test if the form is populating data correctly
so_form = so_page.forms[0]
test_cases = [
("first_name", "Apple"),
("last_name", "Tester"),
("title", "CIO"),
("email", "nobody@igorville.gov"),
]
self.assert_all_form_fields_have_expected_values(so_form, test_cases, test_for_disabled=True)
# Attempt to change data on each field. Because this domain is federal,
# this should not succeed.
so_form["first_name"] = "Orange"
so_form["last_name"] = "Smoothie"
so_form["title"] = "Cat"
so_form["email"] = "somebody@igorville.gov"
submission = so_form.submit()
# A 302 indicates this page underwent a redirect.
self.assertEqual(submission.status_code, 302)
followed_submission = submission.follow()
# Test the returned form for data accuracy. These values should be unchanged.
new_form = followed_submission.forms[0]
self.assert_all_form_fields_have_expected_values(new_form, test_cases, test_for_disabled=True)
# refresh domain information. Test these values in the DB.
self.domain_information.refresh_from_db()
# All values should be unchanged. These are defined manually for code clarity.
self.assertEqual("Apple", self.domain_information.senior_official.first_name)
self.assertEqual("Tester", self.domain_information.senior_official.last_name)
self.assertEqual("CIO", self.domain_information.senior_official.title)
self.assertEqual("nobody@igorville.gov", self.domain_information.senior_official.email)
self.assertContains(so_page, "Apple Tester")
self.assertContains(so_page, "CIO")
self.assertContains(so_page, "nobody@igorville.gov")
self.assertNotContains(so_page, "Save")
@less_console_noise_decorator
def test_domain_edit_senior_official_creates_new(self):

32
src/registrar/tests/test_views_portfolio.py
View file

@ -1,7 +1,7 @@
from django.urls import reverse
from api.tests.common import less_console_noise_decorator
from registrar.config import settings
from registrar.models.portfolio import Portfolio
from registrar.models import Portfolio, SeniorOfficial
from django_webtest import WebTest # type: ignore
from registrar.models import (
DomainRequest,
@ -38,6 +38,36 @@ class TestPortfolio(WebTest):
User.objects.all().delete()
super().tearDown()
@less_console_noise_decorator
@override_flag("organization_feature", active=True)
def test_portfolio_senior_official(self):
"""Tests that the senior official page on portfolio contains the content we expect"""
self.app.set_user(self.user.username)
so = SeniorOfficial.objects.create(
first_name="Saturn", last_name="Enceladus", title="Planet/Moon", email="spacedivision@igorville.com"
)
self.portfolio.senior_official = so
self.portfolio.save()
self.portfolio.refresh_from_db()
self.user.portfolio = self.portfolio
self.user.portfolio_additional_permissions = [UserPortfolioPermissionChoices.VIEW_PORTFOLIO]
self.user.save()
self.user.refresh_from_db()
so_portfolio_page = self.app.get(reverse("senior-official"))
# Assert that we're on the right page
self.assertContains(so_portfolio_page, "Senior official")
self.assertContains(so_portfolio_page, "Saturn Enceladus")
self.assertContains(so_portfolio_page, "Planet/Moon")
self.assertContains(so_portfolio_page, "spacedivision@igorville.com")
self.assertNotContains(so_portfolio_page, "Save")
self.portfolio.delete()
so.delete()
@less_console_noise_decorator
def test_middleware_does_not_redirect_if_no_permission(self):
"""Test that user with no portfolio permission is not redirected when attempting to access home"""

33
src/registrar/views/portfolios.py
View file

@ -3,7 +3,7 @@ from django.http import Http404
from django.shortcuts import render
from django.urls import reverse
from django.contrib import messages
from registrar.forms.portfolio import PortfolioOrgAddressForm
from registrar.forms.portfolio import PortfolioOrgAddressForm, PortfolioSeniorOfficialForm
from registrar.models.portfolio import Portfolio
from registrar.views.utility.permission_views import (
PortfolioDomainRequestsPermissionView,
@ -97,3 +97,34 @@ class PortfolioOrganizationView(PortfolioBasePermissionView, FormMixin):
def get_success_url(self):
"""Redirect to the overview page for the portfolio."""
return reverse("organization")
class PortfolioSeniorOfficialView(PortfolioBasePermissionView, FormMixin):
"""
View to handle displaying and updating the portfolio's senior official details.
For now, this view is readonly.
"""
model = Portfolio
template_name = "portfolio_senior_official.html"
form_class = PortfolioSeniorOfficialForm
context_object_name = "portfolio"
def get_object(self, queryset=None):
"""Get the portfolio object based on the request user."""
portfolio = self.request.user.portfolio
if portfolio is None:
raise Http404("No organization found for this user")
return portfolio
def get_form_kwargs(self):
"""Include the instance in the form kwargs."""
kwargs = super().get_form_kwargs()
kwargs["instance"] = self.get_object().senior_official
return kwargs
def get(self, request, *args, **kwargs):
"""Handle GET requests to display the form."""
self.object = self.get_object()
form = self.get_form()
return self.render_to_response(self.get_context_data(form=form))

1
src/registrar/views/utility/__init__.py
View file

@ -8,3 +8,4 @@ from .permission_views import (
DomainInvitationPermissionDeleteView,
DomainRequestWizardPermissionView,
)
from .api_views import get_senior_official_from_federal_agency_json

36
src/registrar/views/utility/api_views.py Normal file
View file

@ -0,0 +1,36 @@
import logging
from django.http import JsonResponse
from django.forms.models import model_to_dict
from registrar.models import FederalAgency, SeniorOfficial
from django.contrib.admin.views.decorators import staff_member_required
from django.contrib.auth.decorators import login_required
logger = logging.getLogger(__name__)
@login_required
@staff_member_required
def get_senior_official_from_federal_agency_json(request):
"""Returns federal_agency information as a JSON"""
# This API is only accessible to admins and analysts
superuser_perm = request.user.has_perm("registrar.full_access_permission")
analyst_perm = request.user.has_perm("registrar.analyst_access_permission")
if not request.user.is_authenticated or not any([analyst_perm, superuser_perm]):
return JsonResponse({"error": "You do not have access to this resource"}, status=403)
agency_name = request.GET.get("agency_name")
agency = FederalAgency.objects.filter(agency=agency_name).first()
senior_official = SeniorOfficial.objects.filter(federal_agency=agency).first()
if agency and senior_official:
# Convert the agency object to a dictionary
so_dict = model_to_dict(senior_official)
# The phone number field isn't json serializable, so we
# convert this to a string first if it exists.
if "phone" in so_dict and so_dict.get("phone"):
so_dict["phone"] = str(so_dict["phone"])
return JsonResponse(so_dict)
else:
return JsonResponse({"error": "Senior Official not found"}, status=404)

1
src/zap.conf
View file

@ -71,6 +71,7 @@
10038 OUTOFSCOPE http://app:8080/domain_requests/
10038 OUTOFSCOPE http://app:8080/domains/
10038 OUTOFSCOPE http://app:8080/organization/
10038 OUTOFSCOPE http://app:8080/suborganization/
# This URL always returns 404, so include it as well.
10038 OUTOFSCOPE http://app:8080/todo
# OIDC isn't configured in the test environment and DEBUG=True so this gives a 500 without CSP headers