Merge branch 'main' into nmb/rbac

2025-08-05 17:28:31 +02:00 · 2023-03-06 12:03:53 -06:00 · 2023-03-06 12:03:53 -06:00 · bd897695d7
commit bd897695d7
parent 49b4f078e8 4202775cd0
2 changed files with 9 additions and 19 deletions
--- a/src/registrar/templates/includes/form_errors.html
+++ b/src/registrar/templates/includes/form_errors.html
@ -1,8 +1,3 @@
-{% comment %}
-This only shows non-field errors at the top of form pages.
-The individual field errors are not shown at the top of the
-page, they are shown on each individual field.
-{% endcomment %}
 {% if form.errors %}
  {% for error in form.non_field_errors %}
    <div class="usa-alert usa-alert--error usa-alert--slim margin-bottom-2">
@ -11,4 +6,13 @@ page, they are shown on each individual field.
    </div>
    </div>
  {% endfor %}
+  {% for field in form %}
+  {% for error in field.errors %}
+    <div class="usa-alert usa-alert--error usa-alert--slim margin-bottom-2">
+      <div class="usa-alert__body">
+        {{ error|escape }}
+      </div>
+    </div>
+  {% endfor %}
+{% endfor %}
 {% endif %}
--- a/src/registrar/views/application.py
+++ b/src/registrar/views/application.py
@ -7,7 +7,6 @@ from django.urls import resolve, reverse
 from django.utils.translation import gettext_lazy as _
 from django.views.generic import TemplateView
 from django.contrib import messages
-from django.utils.safestring import mark_safe

 from registrar.forms import application_wizard as forms
 from registrar.models import DomainApplication
@ -321,19 +320,6 @@ class ApplicationWizard(LoginRequiredMixin, TemplateView):
            # always save progress
            self.save(forms)
        else:
-            # unless there are errors
-            # no sec because this use of mark_safe does not introduce a cross-site
-            # scripting vulnerability because there is no untrusted content inside.
-            # It is only being used to pass a specific HTML entity into a template.
-            messages.warning(
-                request,
-                mark_safe(  # nosec
-                    "<b>We could not save all the fields.</b><br/> The highlighted "
-                    + "fields below <b>could not be saved</b> because they have "
-                    + "missing or invalid data. All other information on this page "
-                    + "has been saved."
-                ),
-            )
            context = self.get_context_data()
            context["forms"] = forms
            return render(request, self.template_name, context)