Merge pull request #438 from cisagov/jon/425

Removed Security Email Forms/Data

src/.pa11yci

@@ -14,7 +14,6 @@
         "http://app:8080/register/purpose/",
         "http://app:8080/register/your_contact/",
         "http://app:8080/register/other_contacts/",
-        "http://app:8080/register/security_email/",
         "http://app:8080/register/anything_else/",
         "http://app:8080/register/requirements/",
         "http://app:8080/register/review/",

src/registrar/config/urls.py

@@ -36,7 +36,6 @@ for step, view in [
     (Step.YOUR_CONTACT, views.YourContact),
     (Step.OTHER_CONTACTS, views.OtherContacts),
     (Step.NO_OTHER_CONTACTS, views.NoOtherContacts),
-    (Step.SECURITY_EMAIL, views.SecurityEmail),
     (Step.ANYTHING_ELSE, views.AnythingElse),
     (Step.REQUIREMENTS, views.Requirements),
     (Step.REVIEW, views.Review),

src/registrar/fixtures.py

@@ -89,7 +89,6 @@ class DomainApplicationFixture:
     #     "zipcode": None,
     #     "urbanization": None,
     #     "purpose": None,
-    #     "security_email": None,
     #     "anything_else": None,
     #     "is_policy_acknowledged": None,
     #     "authorizing_official": None,
@@ -152,7 +151,6 @@ class DomainApplicationFixture:
         da.zipcode = app["zipcode"] if "zipcode" in app else fake.postalcode()
         da.urbanization = app["urbanization"] if "urbanization" in app else None
         da.purpose = app["purpose"] if "purpose" in app else fake.paragraph()
-        da.security_email = app["security_email"] if "security_email" in app else None
         da.anything_else = app["anything_else"] if "anything_else" in app else None
         da.is_policy_acknowledged = (
             app["is_policy_acknowledged"] if "is_policy_acknowledged" in app else True

src/registrar/forms/application_wizard.py

@@ -672,18 +672,6 @@ class NoOtherContactsForm(RegistrarForm):
     )
 
 
-class SecurityEmailForm(RegistrarForm):
-    security_email = forms.EmailField(
-        required=False,
-        label="Security email for public use",
-        error_messages={
-            "invalid": (
-                "Enter an email address in the required format, like name@example.com."
-            )
-        },
-    )
-
-
 class AnythingElseForm(RegistrarForm):
     anything_else = forms.CharField(
         required=False,

src/registrar/migrations/0011_remove_domainapplication_security_email.py

@@ -0,0 +1,16 @@
+# Generated by Django 4.1.6 on 2023-02-27 18:35
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("registrar", "0010_domainapplication_no_other_contacts_rationale"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="domainapplication",
+            name="security_email",
+        ),
+    ]

src/registrar/models/domain_application.py

@@ -440,13 +440,6 @@ class DomainApplication(TimeStampedModel):
         help_text="Reason for listing no additional contacts",
     )
 
-    security_email = models.CharField(
-        max_length=320,
-        null=True,
-        blank=True,
-        help_text="Security email for public use",
-    )
-
     anything_else = models.TextField(
         null=True,
         blank=True,

src/registrar/templates/application_review.html

@@ -86,9 +86,6 @@
           {% if step == Step.NO_OTHER_CONTACTS %}
             {{ application.no_other_contacts_rationale|default:"Incomplete" }}
           {% endif %}
-          {% if step == Step.SECURITY_EMAIL %}
-            {{ application.security_email|default:"None" }}
-          {% endif %}
           {% if step == Step.ANYTHING_ELSE %}
             {{ application.anything_else|default:"No" }}
           {% endif %}

src/registrar/templates/application_security_email.html

@@ -1,14 +0,0 @@
-{% extends 'application_form.html' %}
-{% load field_helpers %}
-
-{% block form_instructions %}
-  <p>We strongly recommend that you provide a security email. This email will allow the
-  public to report observed or suspected security issues on your domain.
-  <strong>Security emails are made public.</strong> We recommend using an alias, like
-  security@&lt;domain.gov&gt;.</p>
-{% endblock %}
-
-
-{% block form_fields %}
-  {% input_with_errors forms.0.security_email %}
-{% endblock %}

src/registrar/tests/test_forms.py

@@ -9,7 +9,6 @@ from registrar.forms.application_wizard import (
     OrganizationContactForm,
     YourContactForm,
     OtherContactsForm,
-    SecurityEmailForm,
     RequirementsForm,
     TribalGovernmentForm,
 )
@@ -117,19 +116,6 @@ class TestFormValidation(TestCase):
             form.errors["phone"][0].startswith("Enter a valid phone number")
         )
 
-    def test_security_email_form_blank(self):
-        """Can leave the security_email field blank."""
-        form = SecurityEmailForm(data={})
-        self.assertEqual(len(form.errors), 0)
-
-    def test_security_email_form_invalid(self):
-        """Can leave the security_email field blank."""
-        form = SecurityEmailForm(data={"security_email": "boss@boss"})
-        self.assertEqual(
-            form.errors["security_email"],
-            ["Enter an email address in the required format, like name@example.com."],
-        )
-
     def test_requirements_form_blank(self):
         """Requirements box unchecked is an error."""
         form = RequirementsForm(data={})

src/registrar/tests/test_models.py

@@ -47,7 +47,6 @@ class TestDomainApplication(TestCase):
             requested_domain=domain,
             submitter=contact,
             purpose="Igorville rules!",
-            security_email="security@igorville.gov",
             anything_else="All of Igorville loves the dotgov program.",
             is_policy_acknowledged=True,
         )

src/registrar/tests/test_views.py

@@ -402,40 +402,13 @@ class DomainApplicationTests(TestWithUser, WebTest):
         other_contacts_result = other_contacts_form.submit()
 
         self.assertEquals(other_contacts_result.status_code, 302)
-        self.assertEquals(
-            other_contacts_result["Location"], "/register/security_email/"
-        )
-        num_pages_tested += 1
-
-        # ---- SECURITY EMAIL PAGE  ----
-        # Follow the redirect to the next form page
-        self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
-        security_email_page = other_contacts_result.follow()
-        security_email_form = security_email_page.form
-
-        security_email_form["security_email-security_email"] = "security@city.com"
-
-        # test saving the page
-        self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
-        result = security_email_page.form.submit("submit_button", value="save")
-        # should remain on the same page
-        self.assertEquals(result["Location"], "/register/security_email/")
-        # should see results in db
-        application = DomainApplication.objects.get()  # there's only one
-        self.assertEquals(application.security_email, "security@city.com")
-
-        # test next button
-        self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
-        security_email_result = security_email_form.submit()
-
-        self.assertEquals(security_email_result.status_code, 302)
-        self.assertEquals(security_email_result["Location"], "/register/anything_else/")
+        self.assertEquals(other_contacts_result["Location"], "/register/anything_else/")
         num_pages_tested += 1
 
         # ---- ANYTHING ELSE PAGE  ----
         # Follow the redirect to the next form page
         self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id)
-        anything_else_page = security_email_result.follow()
+        anything_else_page = other_contacts_result.follow()
         anything_else_form = anything_else_page.form
 
         anything_else_form["anything_else-anything_else"] = "Nothing else."
@@ -517,7 +490,6 @@ class DomainApplicationTests(TestWithUser, WebTest):
         self.assertContains(review_page, "Another Tester")
         self.assertContains(review_page, "testy2@town.com")
         self.assertContains(review_page, "(201) 555-5557")
-        self.assertContains(review_page, "security@city.com")
         self.assertContains(review_page, "Nothing else.")
 
         # test saving the page
@@ -1005,7 +977,6 @@ class DomainApplicationTests(TestWithUser, WebTest):
             organization_type="federal",
             federal_type="executive",
             purpose="Purpose of the site",
-            security_email="security@city.com",
             anything_else="No",
             is_policy_acknowledged=True,
             organization_name="Testorg",

src/registrar/views/application.py

@@ -38,7 +38,6 @@ class Step(StrEnum):
     YOUR_CONTACT = "your_contact"
     OTHER_CONTACTS = "other_contacts"
     NO_OTHER_CONTACTS = "no_other_contacts"
-    SECURITY_EMAIL = "security_email"
     ANYTHING_ELSE = "anything_else"
     REQUIREMENTS = "requirements"
     REVIEW = "review"
@@ -84,7 +83,6 @@ class ApplicationWizard(LoginRequiredMixin, TemplateView):
         Step.YOUR_CONTACT: _("Your contact information"),
         Step.OTHER_CONTACTS: _("Other employees from your organization"),
         Step.NO_OTHER_CONTACTS: _("No other employees from your organization?"),
-        Step.SECURITY_EMAIL: _("Security email for public use"),
         Step.ANYTHING_ELSE: _("Anything else we should know?"),
         Step.REQUIREMENTS: _(
             "Requirements for registration and operation of .gov domains"
@@ -438,11 +436,6 @@ class NoOtherContacts(ApplicationWizard):
     forms = [forms.NoOtherContactsForm]
 
 
-class SecurityEmail(ApplicationWizard):
-    template_name = "application_security_email.html"
-    forms = [forms.SecurityEmailForm]
-
-
 class AnythingElse(ApplicationWizard):
     template_name = "application_anything_else.html"
     forms = [forms.AnythingElseForm]