DNSSEC, or DNS Security Extensions, is an additional security layer to protect your website. Enabling DNSSEC ensures that when someone visits your domain, they can be certain that it’s connecting to the correct server, preventing potential hijacking or tampering with your domain's records.
diff --git a/src/registrar/templates/domain_dsdata.html b/src/registrar/templates/domain_dsdata.html index ba742ab09..0f60235e1 100644 --- a/src/registrar/templates/domain_dsdata.html +++ b/src/registrar/templates/domain_dsdata.html @@ -4,6 +4,32 @@ {% block title %}DS data | {{ domain.name }} | {% endblock %} {% block domain_content %} + + {% block breadcrumb %} + {% if portfolio %} + + + {% endif %} + {% endblock breadcrumb %} + {% if domain.dnssecdata is None %}diff --git a/src/registrar/templates/domain_users.html b/src/registrar/templates/domain_users.html index b8a622455..af292d9d5 100644 --- a/src/registrar/templates/domain_users.html +++ b/src/registrar/templates/domain_users.html @@ -4,6 +4,25 @@ {% block title %}Domain managers | {{ domain.name }} | {% endblock %} {% block domain_content %} + {% block breadcrumb %} + {% if portfolio %} + + + {% endif %} + {% endblock breadcrumb %} +
{{ value.permissions.0.user.email }}
+ {% else %} +{% if value %} diff --git a/src/registrar/tests/test_models.py b/src/registrar/tests/test_models.py index 0c1bdec2a..46604a44a 100644 --- a/src/registrar/tests/test_models.py +++ b/src/registrar/tests/test_models.py @@ -824,6 +824,15 @@ class TestUser(TestCase): cm.exception.message, "When portfolio roles or additional permissions are assigned, portfolio is required." ) + @less_console_noise_decorator + def test_user_with_admin_portfolio_role(self): + portfolio, _ = Portfolio.objects.get_or_create(creator=self.user, organization_name="Hotel California") + self.assertFalse(self.user.is_portfolio_admin(portfolio)) + UserPortfolioPermission.objects.get_or_create( + portfolio=portfolio, user=self.user, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] + ) + self.assertTrue(self.user.is_portfolio_admin(portfolio)) + @less_console_noise_decorator def test_get_active_requests_count_in_portfolio_returns_zero_if_no_portfolio(self): # There is no portfolio referenced in session so should return 0 diff --git a/src/registrar/tests/test_views_domain.py b/src/registrar/tests/test_views_domain.py index 678d5be82..25e8b0fb6 100644 --- a/src/registrar/tests/test_views_domain.py +++ b/src/registrar/tests/test_views_domain.py @@ -6,7 +6,7 @@ from django.urls import reverse from django.contrib.auth import get_user_model from waffle.testutils import override_flag from api.tests.common import less_console_noise_decorator -from registrar.models.utility.portfolio_helper import UserPortfolioRoleChoices +from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices from .common import MockEppLib, MockSESClient, create_user # type: ignore from django_webtest import WebTest # type: ignore import boto3_mocking # type: ignore @@ -142,6 +142,7 @@ class TestWithDomainPermissions(TestWithUser): def tearDown(self): try: UserDomainRole.objects.all().delete() + DomainInvitation.objects.all().delete() if hasattr(self.domain, "contacts"): self.domain.contacts.all().delete() DomainRequest.objects.all().delete() @@ -341,7 +342,7 @@ class TestDomainDetail(TestDomainOverview): detail_page = self.client.get(reverse("domain", kwargs={"pk": self.domain.id})) self.assertNotContains( - detail_page, "To manage information for this domain, you must add yourself as a domain manager." + detail_page, "If you need to make updates, contact one of the listed domain managers." ) @less_console_noise_decorator @@ -363,7 +364,12 @@ class TestDomainDetail(TestDomainOverview): DomainInformation.objects.get_or_create(creator=user, domain=domain, portfolio=portfolio) UserPortfolioPermission.objects.get_or_create( - user=user, portfolio=portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] + user=user, + portfolio=portfolio, + roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER], + additional_permissions=[ + UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS, + ], ) user.refresh_from_db() self.client.force_login(user) @@ -377,6 +383,45 @@ class TestDomainDetail(TestDomainOverview): ) # Check that user does not have option to Edit domain self.assertNotContains(detail_page, "Edit") + # Check that invited domain manager section not displayed when no invited domain managers + self.assertNotContains(detail_page, "Invited domain managers") + + @less_console_noise_decorator + @override_flag("organization_feature", active=True) + def test_domain_readonly_on_detail_page_for_org_admin_not_manager(self): + """Test that a domain, which is part of a portfolio, but for which the user is not a domain manager, + properly displays read only""" + + portfolio, _ = Portfolio.objects.get_or_create(organization_name="Test org", creator=self.user) + # need to create a different user than self.user because the user needs permission assignments + user = get_user_model().objects.create( + first_name="Test", + last_name="User", + email="bogus@example.gov", + phone="8003111234", + title="test title", + ) + domain, _ = Domain.objects.get_or_create(name="bogusdomain.gov") + DomainInformation.objects.get_or_create(creator=user, domain=domain, portfolio=portfolio) + + UserPortfolioPermission.objects.get_or_create( + user=user, portfolio=portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] + ) + # add a domain invitation + DomainInvitation.objects.get_or_create(email="invited@example.com", domain=domain) + user.refresh_from_db() + self.client.force_login(user) + detail_page = self.client.get(f"/domain/{domain.id}") + # Check that alert message displays properly + self.assertContains( + detail_page, + "If you need to make updates, contact one of the listed domain managers.", + ) + # Check that user does not have option to Edit domain + self.assertNotContains(detail_page, "Edit") + # Check that invited domain manager is displayed + self.assertContains(detail_page, "Invited domain managers") + self.assertContains(detail_page, "invited@example.com") class TestDomainManagers(TestDomainOverview):