From 730d25ae7218d731590b322d4f419a7df6d4e4fb Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Thu, 30 Apr 2020 13:56:31 +0100 Subject: Add ability to disallow updates in a category. Add a tickbox to the category admin, and do not allow updates on reports made in those selected categories. --- t/app/controller/admin/bodies.t | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index c73a90da1..7ec7aed75 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -261,6 +261,17 @@ subtest 'open311 protection editing' => sub { is $contact->get_extra_metadata('open311_protect'), 1, 'Open311 protect flag set'; }; +subtest 'updates disabling' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + updates_disallowed => 1, + note => 'Disabling updates', + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('updates_disallowed'), 1, 'Updates disallowed flag set'; +}; + }; # END of override wrap -- cgit v1.2.3 From f6d807fd5217a19ac488f652d1f0853a7891231f Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Fri, 1 May 2020 15:42:01 +0100 Subject: Add way to disallow report reopening in a category Add a tickbox to the category admin, and do not allow reopening on reports made in the selected categories. --- t/app/controller/admin/bodies.t | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index 7ec7aed75..d3e4074f9 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -272,6 +272,17 @@ subtest 'updates disabling' => sub { is $contact->get_extra_metadata('updates_disallowed'), 1, 'Updates disallowed flag set'; }; +subtest 'reopen disabling' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + reopening_disallowed => 1, + note => 'Disabling reopening', + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('reopening_disallowed'), 1, 'Reopening disallowed flag set'; +}; + }; # END of override wrap -- cgit v1.2.3 From ecc5a7b9ca20418f1bdb45cdc3ce5b41a11f3593 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Wed, 15 Apr 2020 19:12:31 +0100 Subject: Add assigned_(users|categories)_only functionality Users with assigned_categories_only will only see staff features on a report page in their assigned categories. Users will only see staff features on a report page in a category with assigned_users_only if it is in their assigned categories. --- t/app/controller/admin/bodies.t | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index d3e4074f9..883386380 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -261,6 +261,16 @@ subtest 'open311 protection editing' => sub { is $contact->get_extra_metadata('open311_protect'), 1, 'Open311 protect flag set'; }; +subtest 'test assigned_users_only setting' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + assigned_users_only => 1, + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('assigned_users_only'), 1; +}; + subtest 'updates disabling' => sub { $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); $mech->submit_form_ok( { with_fields => { -- cgit v1.2.3 From 37306b9f6f4cb9b58c5e4a7bdc12e90dff879481 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Fri, 24 Apr 2020 17:35:50 +0100 Subject: Disable rename on unprotected Open311 categories. If you rename an Open311 category when it is not protected, it will only get reinstated/deleted by the Open311 populate script shortly after, and can cause issues due to the problem category renaming that occurs. --- t/app/controller/admin/bodies.t | 2 ++ 1 file changed, 2 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index d3e4074f9..74084afbf 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -210,6 +210,7 @@ subtest 'check open311 configuring' => sub { subtest 'check open311 devolved editing' => sub { $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->content_contains("name=\"category\"\n size=\"30\" value=\"test category\"\n readonly>", 'Cannot edit Open311 category name'); $mech->submit_form_ok( { with_fields => { send_method => 'Email', email => 'testing@example.org', @@ -217,6 +218,7 @@ subtest 'check open311 devolved editing' => sub { } } ); $mech->content_contains('Values updated'); $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->content_contains("name=\"category\"\n size=\"30\" value=\"test category\"\n required>", 'Can edit as now devolved'); $mech->submit_form_ok( { with_fields => { send_method => '', email => 'open311-code', -- cgit v1.2.3 From c80f13eeac448e99873b690411d7f6e83b07dd06 Mon Sep 17 00:00:00 2001 From: Struan Donald Date: Thu, 7 May 2020 15:10:46 +0100 Subject: admin interface for per category anonymous reporting Add an interface to enable a category to accept anonymous reports, plus the code to handle permitting this. It's only available on single body cobrand sites in the default configuration. --- t/app/controller/admin/bodies.t | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index 9f7b18cde..80ee22630 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -1,3 +1,13 @@ +package FixMyStreet::Cobrand::AnonAllowedByCategory; +use parent 'FixMyStreet::Cobrand::UKCouncils'; +sub council_url { 'anonbycategory' } +sub council_name { 'Aberdeen City Council' } +sub council_area { 'Aberdeen' } +sub council_area_id { 2650 } +sub anonymous_account { { email => 'anoncategory@example.org', name => 'Anonymous Category' } } + +package main; + use FixMyStreet::TestMech; my $mech = FixMyStreet::TestMech->new; @@ -295,8 +305,32 @@ subtest 'reopen disabling' => sub { is $contact->get_extra_metadata('reopening_disallowed'), 1, 'Reopening disallowed flag set'; }; +subtest 'allow anonymous reporting' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->content_lacks('Allow anonymous reports'); +}; }; # END of override wrap +FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + MAPIT_TYPES => [ 'UTA' ], + BASE_URL => 'http://www.example.org', + ALLOWED_COBRANDS => [ "fixmystreet", "anonallowedbycategory" ], +}, sub { + +subtest 'allow anonymous reporting' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + anonymous_allowed => 1, + note => 'Anonymous Allowed', + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('anonymous_allowed'), 1, 'Anonymous reports allowed flag set'; +}; + +}; + FixMyStreet::override_config { MAPIT_URL => 'http://mapit.uk/', -- cgit v1.2.3 From 9b7df4542b75f4463d0f3de0a8b68db32c2353a6 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Tue, 14 Jul 2020 14:51:43 +0100 Subject: [UK] Show message if site-wide update disallowed. --- t/app/controller/admin/bodies.t | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index 80ee22630..75db6f87c 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -413,4 +413,31 @@ subtest 'check log of the above' => sub { $mech->content_contains('Edited body Aberdeen City Council'); }; +subtest 'check update disallowed message' => sub { + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + ALLOWED_COBRANDS => 'bathnes', + COBRAND_FEATURES => { updates_allowed => { bathnes => 'open' } } + }, sub { + $mech->get_ok('/admin/body/' . $body->id .'/test%20category'); + $mech->content_contains('even if this is unticked, only open reports can have updates left on them.'); + }; + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + ALLOWED_COBRANDS => 'bathnes', + COBRAND_FEATURES => { updates_allowed => { bathnes => 'staff' } } + }, sub { + $mech->get_ok('/admin/body/' . $body->id .'/test%20category'); + $mech->content_contains('even if this is unticked, only staff will be able to leave updates.'); + }; + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + ALLOWED_COBRANDS => 'bathnes', + COBRAND_FEATURES => { updates_allowed => { bathnes => 'reporter' } } + }, sub { + $mech->get_ok('/admin/body/' . $body->id .'/test%20category'); + $mech->content_contains('even if this is unticked, only the problem reporter will be able to leave updates'); + }; +}; + done_testing(); -- cgit v1.2.3 From bf90bf71fbac2c8e1be96646715182f876eccd57 Mon Sep 17 00:00:00 2001 From: M Somerville Date: Fri, 2 Oct 2020 14:14:17 +0100 Subject: =?UTF-8?q?Don=E2=80=99t=20strip=20all=20spaces=20from=20Open311?= =?UTF-8?q?=20categories.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If a category’s send method is Open311, only strip spaces from the ends of the code. We are aware of active Open311 servers that have codes with spaces in the middle. --- t/app/controller/admin/bodies.t | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index 75db6f87c..b63cacd9d 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -231,9 +231,10 @@ subtest 'check open311 devolved editing' => sub { $mech->content_contains("name=\"category\"\n size=\"30\" value=\"test category\"\n required>", 'Can edit as now devolved'); $mech->submit_form_ok( { with_fields => { send_method => '', - email => 'open311-code', + email => 'open311 code', note => 'Removing email send method', } } ); + $mech->content_contains('open311 code'); $mech->content_contains('Values updated'); }; -- cgit v1.2.3 From 043bce556a17545c2c26386d8368f47ba8f541e6 Mon Sep 17 00:00:00 2001 From: M Somerville Date: Wed, 7 Oct 2020 12:06:54 +0100 Subject: Show all category history even if category renamed --- t/app/controller/admin/bodies.t | 1 + 1 file changed, 1 insertion(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index b63cacd9d..542c3f4c0 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -111,6 +111,7 @@ subtest 'check contact renaming' => sub { $mech->get('/admin/body/' . $body->id . '/test%20category'); is $mech->res->code, 404; $mech->get_ok('/admin/body/' . $body->id . '/testing%20category'); + $mech->content_contains('test2@example.com'); $report->discard_changes; is $report->category, 'testing category'; $mech->submit_form_ok( { with_fields => { category => 'test category' } } ); -- cgit v1.2.3 From cfda101b3006f12280a41adc4b28ca555b867556 Mon Sep 17 00:00:00 2001 From: Struan Donald Date: Fri, 23 Oct 2020 14:28:38 +0100 Subject: prevent editing of category names with hardcoded flag If a category has hardcoded set to 1 in it's extra metadata then prevent the name being edited in the admin. This is to avoid issues where the name of the category is used in e.g. layers or other configuration and changing it breaks things. Also includes admin interface for setting this that is restricted to super users only. Fixes mysociety/fixmystreet-commercial#1992 --- t/app/controller/admin/bodies.t | 65 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) (limited to 't/app/controller/admin/bodies.t') diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index 542c3f4c0..811ac4362 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -15,6 +15,10 @@ my $mech = FixMyStreet::TestMech->new; my $superuser = $mech->create_user_ok('superuser@example.com', name => 'Super User', is_superuser => 1); $mech->log_in_ok( $superuser->email ); my $body = $mech->create_body_ok(2650, 'Aberdeen City Council'); +my $body2 = $mech->create_body_ok(2237, 'Oxfordshire County Council'); + +my $user = $mech->create_user_ok('user@example.com', name => 'OCC User', from_body => $body2); +$user->user_body_permissions->create({ body => $body2, permission_type => 'category_edit' }); # This override is wrapped around ALL the /admin/body tests FixMyStreet::override_config { @@ -117,6 +121,8 @@ subtest 'check contact renaming' => sub { $mech->submit_form_ok( { with_fields => { category => 'test category' } } ); }; + + subtest 'check contact updating' => sub { $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); $mech->content_like(qr{test2\@example.com[^<]*[^<]*unconfirmed}s); @@ -442,4 +448,63 @@ subtest 'check update disallowed message' => sub { }; }; +subtest 'check hardcoded contact renaming' => sub { + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + 'ALLOWED_COBRANDS' => [ 'oxfordshire' ], + }, sub { + my $contact = FixMyStreet::DB->resultset('Contact')->create( + { + body_id => $body2->id, + category => 'protected category', + state => 'confirmed', + editor => $0, + whenedited => \'current_timestamp', + note => 'protected contact', + email => 'protected@example.org', + } + ); + $contact->set_extra_metadata( 'hardcoded', 1 ); + $contact->update; + $mech->get_ok('/admin/body/' . $body2->id .'/protected%20category'); + $mech->content_contains( 'name="hardcoded"' ); + $mech->content_like( qr'value="protected category"[^>]*readonly's ); + $mech->submit_form_ok( { with_fields => { category => 'non protected category', note => 'rename category' } } ); + $mech->content_contains( 'protected category' ); + $mech->content_lacks( 'non protected category' ); + $mech->get('/admin/body/' . $body2->id . '/non%20protected%20category'); + is $mech->res->code, 404; + + $mech->get_ok('/admin/body/' . $body2->id .'/protected%20category'); + $mech->submit_form_ok( { with_fields => { hardcoded => 0, note => 'remove hardcoding' } } ); + $mech->get_ok('/admin/body/' . $body2->id .'/protected%20category'); + $mech->content_unlike( qr'value="protected category"[^>]*readonly's ); + $mech->submit_form_ok( { with_fields => { category => 'non protected category', note => 'rename category' } } ); + $mech->content_contains( 'non protected category' ); + $mech->get_ok('/admin/body/' . $body2->id . '/non%20protected%20category'); + $mech->get('/admin/body/' . $body2->id . '/protected%20category'); + is $mech->res->code, 404; + + $contact->discard_changes; + $contact->set_extra_metadata( 'hardcoded', 1 ); + $contact->update; + + $mech->log_out_ok( $superuser->email ); + $mech->log_in_ok( $user->email ); + $mech->get_ok('/admin/body/' . $body2->id . '/non%20protected%20category'); + $mech->content_lacks( 'name="hardcoded"' ); + $user->update( { is_superuser => 1 } ); + $mech->get_ok('/admin/body/' . $body2->id . '/non%20protected%20category'); + $mech->content_contains('name="hardcoded"' ); + $user->update( { is_superuser => 0 } ); + $mech->submit_form_ok( { with_fields => { hardcoded => 0, note => 'remove hardcoding' } } ); + $mech->content_lacks( 'name="hardcoded"' ); + + $contact->discard_changes; + is $contact->get_extra_metadata('hardcoded'), 1, "non superuser can't remove hardcoding"; + + $mech->log_out_ok( $user->email ); + }; +}; + done_testing(); -- cgit v1.2.3