zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-21 10:16:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'main' into za/additional-data-transferred-domains

Browse source
This commit is contained in:
zandercymatics 2023-11-09 11:22:25 -07:00
commit ca1e29a226
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
19 changed files with 148 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

37
src/registrar/migrations/0044_create_groups_v04.py Normal file
View file

@ -0,0 +1,37 @@
# This migration creates the create_full_access_group and create_cisa_analyst_group groups
# It is dependent on 0035 (which populates ContentType and Permissions)
# If permissions on the groups need changing, edit CISA_ANALYST_GROUP_PERMISSIONS
# in the user_group model then:
# [NOT RECOMMENDED]
# step 1: docker-compose exec app ./manage.py migrate --fake registrar 0035_contenttypes_permissions
# step 2: docker-compose exec app ./manage.py migrate registrar 0036_create_groups
# step 3: fake run the latest migration in the migrations list
# [RECOMMENDED]
# Alternatively:
# step 1: duplicate the migration that loads data
# step 2: docker-compose exec app ./manage.py migrate
from django.db import migrations
from registrar.models import UserGroup
from typing import Any
# For linting: RunPython expects a function reference,
# so let's give it one
def create_groups(apps, schema_editor) -> Any:
UserGroup.create_cisa_analyst_group(apps, schema_editor)
UserGroup.create_full_access_group(apps, schema_editor)
class Migration(migrations.Migration):
dependencies = [
("registrar", "0043_domain_expiration_date"),
]
operations = [
migrations.RunPython(
create_groups,
reverse_code=migrations.RunPython.noop,
atomic=True,
),
]

2
src/registrar/templates/401.html
View file

@ -26,7 +26,7 @@
Would you like to <a href="{% url 'login' %}"> try logging in again?</a>
</p>
<p>
If you'd like help with this error <a href="{% public_site_url 'contact/' %}"> contact us </a>.
If you'd like help with this error <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact/' %}">contact us</a>.
</p>
{% if log_identifier %}

2
src/registrar/templates/403.html
View file

@ -26,7 +26,7 @@
Would you like to <a href="{% url 'login' %}"> try logging in again</a>?
</p>
<p>
If you'd like help with this error <a href="{% public_site_url 'contact' %}"> contact us </a>.
If you'd like help with this error <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact' %}">contact us</a>.
</p>
{% if log_identifier %}

2
src/registrar/templates/404.html
View file

@ -15,7 +15,7 @@
{% translate "Status 404" %}
</h2>
<p> Try going to the <a href="/">homepage</a>. If you cant find what youre looking for, <a href="{% public_site_url 'contact' %}"> contact us </a>.
<p> Try going to the <a href="/">homepage</a>. If you cant find what youre looking for, <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact' %}">contact us</a>.
</p>
</div>

2
src/registrar/templates/500.html
View file

@ -19,7 +19,7 @@
{% else %}
<p>
Sorry! Try waiting a few minutes and then reloading the page.
<a href="{% public_site_url 'contact' %}"> contact us </a> if you need help.
<a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact' %}"> Contact us</a> if you need help.
</p>
{% endif %}

2
src/registrar/templates/application_authorizing_official.html
View file

@ -12,7 +12,7 @@
{% include "includes/ao_example.html" %}
</div>
<p>We typically dont reach out to the authorizing official, but if contact is necessary, our practice is to coordinate first with you, the requestor. Read more about <a href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
<p>We typically dont reach out to the authorizing official, but if contact is necessary, our practice is to coordinate first with you, the requestor. Read more about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
{% endblock %}

2
src/registrar/templates/application_dotgov_domain.html
View file

@ -2,7 +2,7 @@
{% load static field_helpers url_helpers %}
{% block form_instructions %}
<p>Before requesting a .gov domain, <a href="{% public_site_url 'domains/choosing' %}">please make sure it
<p>Before requesting a .gov domain, <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/choosing' %}">please make sure it
meets our naming requirements</a>. Your domain name must:
<ul class="usa-list">
<li>Be available </li>

2
src/registrar/templates/application_purpose.html
View file

@ -8,7 +8,7 @@ domain name or for mainly internal use.</p>
<p>Describe the reason for your domain request. Explain how you plan to use this domain.
Who is your intended audience? Will you use it for a website and/or email? Are you moving
your website from another top-level domain (like .com or .org)?
Read about <a href="{% public_site_url 'domains/requirements/' %}">activities that are prohibited on .gov domains.</a></p>
Read about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/requirements/' %}">activities that are prohibited on .gov domains.</a></p>
{% endblock %}

2
src/registrar/templates/application_tribal_government.html
View file

@ -7,7 +7,7 @@
{% with sublabel_text="Please include the entire name of your tribe as recognized by the Bureau of Indian Affairs." %}
{% with link_text="Bureau of Indian Affairs" %}
{% with link_href="https://www.federalregister.gov/documents/2023/01/12/2023-00504/indian-entities-recognized-by-and-eligible-to-receive-services-from-the-united-states-bureau-of" %}
{% with target_blank="true" %}
{% with external_link="true" target_blank="true" %}
{% input_with_errors forms.0.tribe_name %}
{% endwith %}
{% endwith %}

2
src/registrar/templates/domain_authorizing_official.html
View file

@ -10,7 +10,7 @@
<h1>Authorizing official</h1>
<p>Your authorizing official is the person within your organization who can
authorize domain requests. This person must be in a role of significant, executive responsibility within the organization. Read more about <a class="usa-link" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
authorize domain requests. This person must be in a role of significant, executive responsibility within the organization. Read more about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
{% include "includes/required_fields.html" %}

83
src/registrar/templates/domain_base.html
View file

@ -16,49 +16,60 @@
</div>
<div class="grid-row grid-gap">
<div class="tablet:grid-col-3">
{% include 'domain_sidebar.html' %}
{% if domain.domain_info %}
{% include 'domain_sidebar.html' %}
{% endif %}
</div>
<div class="tablet:grid-col-9">
<main id="main-content" class="grid-container">
{% if is_analyst_or_superuser and analyst_action == 'edit' and analyst_action_location == domain.pk %}
<div class="usa-alert usa-alert--warning margin-bottom-2">
<div class="usa-alert__body">
<h4 class="usa-alert__heading larger-font-sizing">Attention!</h4>
<p class="usa-alert__text ">
You are making changes to a registrants domain. When finished making changes, close this tab and inform the registrant of your updates.
</p>
</div>
</div>
{% else %}
<a href="{% url 'home' %}" class="breadcrumb__back">
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
<use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
</svg>
<p class="margin-left-05 margin-top-0 margin-bottom-0 line-height-sans-1">
Back to manage your domains
</p>
</a>
{% endif %}
{# messages block is under the back breadcrumb link #}
{% if messages %}
{% for message in messages %}
<div class="usa-alert usa-alert--{{ message.tags }} usa-alert--slim margin-bottom-3">
{% if not domain.domain_info %}
<div class="usa-alert usa-alert--error margin-bottom-2">
<div class="usa-alert__body">
{{ message }}
<h4 class="usa-alert__heading larger-font-sizing">Domain missing domain information</h4>
<p class="usa-alert__text ">
You are attempting to manage a domain, {{ domain.name }}, which does not have a domain information object. Please correct this in the admin by editing the domain, and adding domain information, as appropriate.
</p>
</div>
</div>
{% endfor %}
</div>
{% else %}
{% if is_analyst_or_superuser and analyst_action == 'edit' and analyst_action_location == domain.pk %}
<div class="usa-alert usa-alert--warning margin-bottom-2">
<div class="usa-alert__body">
<h4 class="usa-alert__heading larger-font-sizing">Attention!</h4>
<p class="usa-alert__text ">
You are making changes to a registrants domain. When finished making changes, close this tab and inform the registrant of your updates.
</p>
</div>
</div>
{% else %}
<a href="{% url 'home' %}" class="breadcrumb__back">
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
<use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
</svg>
<p class="margin-left-05 margin-top-0 margin-bottom-0 line-height-sans-1">
Back to manage your domains
</p>
</a>
{% endif %}
{# messages block is under the back breadcrumb link #}
{% if messages %}
{% for message in messages %}
<div class="usa-alert usa-alert--{{ message.tags }} usa-alert--slim margin-bottom-3">
<div class="usa-alert__body">
{{ message }}
</div>
</div>
{% endfor %}
{% endif %}
{% block domain_content %}
<h1 class="break-word">{{ domain.name }}</h1>
{% endblock %} {# domain_content #}
{% endif %}
{% block domain_content %}
<h1 class="break-word">{{ domain.name }}</h1>
{% endblock %} {# domain_content #}
</main>
</div>
</div>

2
src/registrar/templates/domain_security_email.html
View file

@ -7,7 +7,7 @@
<h1>Security email</h1>
<p>We strongly recommend that you provide a security email. This email will allow the public to report observed or suspected security issues on your domain. Security emails are made public and included in the <a href="{% public_site_url 'about/data/' %}">.gov domain data</a> we provide.</p>
<p>We strongly recommend that you provide a security email. This email will allow the public to report observed or suspected security issues on your domain. Security emails are made public and included in the <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'about/data/' %}">.gov domain data</a> we provide.</p>
<p>A security contact should be capable of evaluating or triaging security reports for your entire domain. Use a team email address, not an individuals email. We recommend using an alias, like security@domain.gov.</p>

2
src/registrar/templates/includes/ao_example.html
View file

@ -44,7 +44,7 @@
<p>Domain requests from state legislatures and courts must be authorized by an agencys <strong>Chief Information Officer</strong> or <strong>highest-ranking executive</strong>.</p>
{% elif organization_type == 'tribal' %}
<p><strong>Domain requests from federally-recognized tribal governments must be authorized by the leader of the tribe</strong>, as recognized by the <a href="https://www.bia.gov/service/tribal-leaders-directory" class="usa-link">Bureau of Indian Affairs.</a></p>
<p><strong>Domain requests from federally-recognized tribal governments must be authorized by the leader of the tribe</strong>, as recognized by the <a class="usa-link usa-link--external" rel="noopener noreferrer" target="_blank" href="https://www.bia.gov/service/tribal-leaders-directory">Bureau of Indian Affairs</a>.</p>
<p><strong>Domain requests from state-recognized tribal governments must be authorized by the leader of the tribe</strong>, as determined by the states tribal recognition initiative.</p>
{% endif %}

6
src/registrar/templates/includes/domain_example.html
View file

@ -55,7 +55,7 @@
</ul>
{% elif organization_type == 'county' %}
<p>Most county .gov domains must include the two-letter state abbreviation or the full state name. County names that arent shared by any other city, county, parish, town, borough, village or equivalent in the U.S., at the time a domain is granted, can be requested without referring to the state. Counties can include “county” in their domain to distinguish it from other places with similar names. We use the <a href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureaus National Places Gazetteer Files</a> to determine if county names are unique.</p>
<p>Most county .gov domains must include the two-letter state abbreviation or the full state name. County names that arent shared by any other city, county, parish, town, borough, village or equivalent in the U.S., at the time a domain is granted, can be requested without referring to the state. Counties can include “county” in their domain to distinguish it from other places with similar names. We use the <a class="usa-link usa-link--external" rel="noopener noreferrer" target="_blank" href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureaus National Places Gazetteer Files</a> to determine if county names are unique.</p>
<p><strong>Examples:</strong></p>
<ul class="usa-list">
<li>AdamsCountyMS.gov</li>
@ -68,7 +68,7 @@
<p>Most city domains must include the two-letter state abbreviation or clearly spell out the state name. Using phrases like “City of” or “Town of” is optional.</p>
<p>Cities that meet one of the criteria below dont have to refer to their state in the domain name.
<ul class="usa-list">
<li>City names that are not shared by any other U.S. city, town, or village can be requested without referring to the state. We use the <a href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureaus National Places Gazetteer Files</a> to determine if names are unique.</li>
<li>City names that are not shared by any other U.S. city, town, or village can be requested without referring to the state. We use the <a class="usa-link usa-link--external" rel="noopener noreferrer" target="_blank" href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureaus National Places Gazetteer Files</a> to determine if names are unique.</li>
<li>Certain cities are so well-known that they may not require a state reference to communicate location. We use the list of U.S. “dateline cities” in the Associated Press Stylebook to make this determination.</li>
<li>The 50 largest cities, as measured by population according to the Census Bureau, can have .gov domain names that dont refer to their state.</li>
</ul>
@ -81,7 +81,7 @@
</p>
{% elif organization_type == 'special_district' %}
<p>Domain names must represent your organization or institutional name, not solely the services you provide. It also needs to include your two-letter state abbreviation or clearly spell out the state name unless <a href="{% public_site_url 'domains/choosing/#counties' %}">county or city exceptions apply</a>.</p>
<p>Domain names must represent your organization or institutional name, not solely the services you provide. It also needs to include your two-letter state abbreviation or clearly spell out the state name unless <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/choosing/#counties' %}">county or city exceptions apply</a>.</p>
<p><strong>Examples:</strong></p>
<ul class="usa-list">
<li>ElectionsShelbyTN.gov</li>

24
src/registrar/templates/includes/footer.html
View file

@ -27,11 +27,11 @@
<address class="usa-footer__address">
<div class="usa-footer__contact-info grid-row grid-gap-md">
<div class="grid-col-auto">
<a href="{% public_site_url 'help/' %}" class="usa-link"> Help </a>
<a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'help/' %}">Help </a>
</div>
<span class=""> | </span>
<div class="grid-col-auto">
<a href="{% public_site_url 'contact/' %}" class="usa-link">Contact us</a>
<a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact/' %}">Contact us</a>
</div>
</div>
</address>
@ -47,7 +47,7 @@
>
<div class="usa-identifier__container">
<div class="usa-identifier__logos">
<a href="https://www.cisa.gov" class="usa-identifier__logo"
<a rel="noopener noreferrer" target="_blank" href="https://www.cisa.gov" class="usa-identifier__logo"
><img
class="usa-identifier__logo-img"
src="{% static 'img/CISA_logo.png' %}"
@ -62,7 +62,7 @@
>
<p class="usa-identifier__identity-domain">get.gov</p>
<p class="usa-identifier__identity-disclaimer">
An official website of the <a href="https://www.cisa.gov" class="usa-link">Cybersecurity and Infrastructure Security Agency</a>
An official website of the <a rel="noopener noreferrer" target="_blank" href="https://www.cisa.gov" class="usa-link">Cybersecurity and Infrastructure Security Agency</a>
</p>
</section>
</div>
@ -74,35 +74,35 @@
<div class="usa-identifier__container">
<ul class="usa-identifier__required-links-list">
<li class="usa-identifier__required-links-item">
<a href="{% public_site_url 'about/' %}"
<a rel="noopener noreferrer" target="_blank" href="{% public_site_url 'about/' %}"
class="usa-identifier__required-link usa-link">About .gov</a>
</li>
<li class="usa-identifier__required-links-item">
<a
<a rel="noopener noreferrer" target="_blank"
href="https://github.com/cisagov/getgov"
class="usa-identifier__required-link usa-link usa-link--external"
>.gov on Github</a
>
</li>
<li class="usa-identifier__required-links-item">
<a href="{% public_site_url 'privacy-policy/' %}" class="usa-identifier__required-link usa-link">Privacy policy</a>
<a rel="noopener noreferrer" target="_blank" href="{% public_site_url 'privacy-policy/' %}" class="usa-identifier__required-link usa-link">Privacy policy</a>
</li>
<li class="usa-identifier__required-links-item">
<a href="https://www.dhs.gov/accessibility" class="usa-identifier__required-link usa-link usa-link--external"
<a rel="noopener noreferrer" target="_blank" href="https://www.dhs.gov/accessibility" class="usa-identifier__required-link usa-link usa-link--external"
>Accessibility</a
>
</li>
<li class="usa-identifier__required-links-item">
<a href="{% public_site_url 'vulnerability-disclosure-policy/' %}" class="usa-identifier__required-link usa-link"
<a rel="noopener noreferrer" target="_blank" href="{% public_site_url 'vulnerability-disclosure-policy/' %}" class="usa-identifier__required-link usa-link"
>Vulnerability disclosure policy</a>
</li>
<li class="usa-identifier__required-links-item">
<a href="https://www.cisa.gov/cisa-no-fear-act-reporting" class="usa-identifier__required-link usa-link"
<a rel="noopener noreferrer" target="_blank" href="https://www.cisa.gov/cisa-no-fear-act-reporting" class="usa-identifier__required-link usa-link"
>No FEAR Act data</a
>
</li>
<li class="usa-identifier__required-links-item">
<a href="https://www.dhs.gov/freedom-information-act-foia" class="usa-identifier__required-link usa-link usa-link--external"
<a rel="noopener noreferrer" target="_blank" href="https://www.dhs.gov/freedom-information-act-foia" class="usa-identifier__required-link usa-link usa-link--external"
>FOIA requests</a
>
</li>
@ -117,6 +117,6 @@
<div class="usa-identifier__usagov-description">
Looking for U.S. government information and services?
</div>
<a href="https://www.usa.gov/" class="usa-link usa-link--external">Visit USA.gov</a>
<a rel="noopener noreferrer" target="_blank" href="https://www.usa.gov/" class="usa-link usa-link--external">Visit USA.gov</a>
</div>
</section>

2
src/registrar/templates/includes/input_with_errors.html
View file

@ -37,7 +37,7 @@ error messages, if necessary.
{% with link_index=sublabel_text|find_index:link_text %}
{{ sublabel_text|slice:link_index }}
{% comment %} HTML will convert a new line into a space, resulting with a space before the fullstop in case link_text is at the end of sublabel_text, hence the unfortunate line below {% endcomment %}
<a {% if target_blank == "true" %}target="_blank" {% endif %}href="{{ link_href }}">{{ link_text }}</a>{% with sublabel_part_after=sublabel_text|slice_after:link_text %}{{ sublabel_part_after }}{% endwith %}
<a {% if external_link == "true" %}rel="noopener noreferrer" class="usa-link usa-link--external" {% endif %}{% if target_blank == "true" %}target="_blank" {% endif %}href="{{ link_href }}">{{ link_text }}</a>{% with sublabel_part_after=sublabel_text|slice_after:link_text %}{{ sublabel_part_after }}{% endwith %}
{% endwith %}
{% else %}
{{ sublabel_text }}

2
src/registrar/tests/common.py
View file

@ -453,7 +453,7 @@ def create_user():
p = "userpass"
user = User.objects.create_user(
username="staffuser",
email="user@example.com",
email="staff@example.com",
is_staff=True,
password=p,
)

28
src/registrar/tests/test_views.py
View file

@ -5,7 +5,7 @@ from django.conf import settings
from django.test import Client, TestCase
from django.urls import reverse
from django.contrib.auth import get_user_model
from .common import MockEppLib, completed_application # type: ignore
from .common import MockEppLib, completed_application, create_user # type: ignore
from django_webtest import WebTest # type: ignore
import boto3_mocking # type: ignore
@ -1105,6 +1105,9 @@ class TestWithDomainPermissions(TestWithUser):
self.domain_just_nameserver, _ = Domain.objects.get_or_create(
name="justnameserver.com"
)
self.domain_no_information, _ = Domain.objects.get_or_create(
name="noinformation.gov"
)
self.domain_dsdata, _ = Domain.objects.get_or_create(name="dnssec-dsdata.gov")
self.domain_multdsdata, _ = Domain.objects.get_or_create(
@ -1278,6 +1281,29 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest):
self.assertContains(detail_page, "(1.2.3.4,")
self.assertContains(detail_page, "2.3.4.5)")
def test_domain_with_no_information_or_application(self):
"""Test that domain management page returns 200 and displays error
when no domain information or domain application exist"""
# have to use staff user for this test
staff_user = create_user()
# staff_user.save()
self.client.force_login(staff_user)
# need to set the analyst_action and analyst_action_location
# in the session to emulate user clicking Manage Domain
# in the admin interface
session = self.client.session
session["analyst_action"] = "foo"
session["analyst_action_location"] = self.domain_no_information.id
session.save()
detail_page = self.client.get(
reverse("domain", kwargs={"pk": self.domain_no_information.id})
)
self.assertContains(detail_page, "noinformation.gov")
self.assertContains(detail_page, "Domain missing domain information")
class TestDomainManagers(TestDomainOverview):
def test_domain_managers(self):

11
src/registrar/views/utility/mixins.py
View file

@ -100,8 +100,15 @@ class DomainPermission(PermissionsLoginMixin):
if DomainInformation.objects.filter(id=pk).exists():
requested_domain = DomainInformation.objects.get(id=pk)
domain_application = requested_domain.domain_application
if domain_application.status not in valid_domain_statuses:
# if no domain information or application exist, the user
# should be able to manage the domain; however, if domain information
# and domain application exist, and application is not in valid status,
# user should not be able to manage domain
if (
requested_domain
and requested_domain.domain_application
and requested_domain.domain_application.status not in valid_domain_statuses
):
return False
# Valid session keys exist,