From 1ab1bf11a696c139acef440b33c599f79bb5039d Mon Sep 17 00:00:00 2001 From: colts661 Date: Fri, 26 Jan 2024 12:56:03 -0800 Subject: [PATCH 01/29] Added AuthRocket Status --- microsetta_interface/implementation.py | 11 +++++++++-- microsetta_interface/templates/admin_home.jinja2 | 10 ++++++++-- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index 283b6755..283d8f50 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -2782,8 +2782,15 @@ def get_interactive_account_search(email_query): if do_return: return email_diagnostics - accounts = [{"email": acct['email'], "account_id": acct['id']} - for acct in email_diagnostics['accounts']] + accounts = [{ + "email": acct['email'], + "account_id": acct['id'], + "authrocket_status": ( + "Missing" + if acct['auth_issuer'] is None and acct['auth_sub'] is None + else "Authenticated" + ) + } for acct in email_diagnostics['accounts']] return _render_with_defaults('admin_home.jinja2', accounts=accounts) diff --git a/microsetta_interface/templates/admin_home.jinja2 b/microsetta_interface/templates/admin_home.jinja2 index 63732742..2fc24326 100644 --- a/microsetta_interface/templates/admin_home.jinja2 +++ b/microsetta_interface/templates/admin_home.jinja2 @@ -13,18 +13,24 @@
{{ _('Account ID') }}
+
+ {{ _('AuthRocket Status') }} +
{% for account in accounts %}
-
+ -
+
{{ account.account_id|e }}
+
+ {{ account.authrocket_status|e }} +
{% endfor %} From 2649911da2d9aa1c4984215974759277f4e42409 Mon Sep 17 00:00:00 2001 From: colts661 Date: Fri, 26 Jan 2024 13:14:40 -0800 Subject: [PATCH 02/29] simplify comprehension --- microsetta_interface/implementation.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index 283d8f50..e659ac4c 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -2782,15 +2782,20 @@ def get_interactive_account_search(email_query): if do_return: return email_diagnostics - accounts = [{ - "email": acct['email'], - "account_id": acct['id'], - "authrocket_status": ( + accounts = [] + for acct in email_diagnostics['accounts']: + authrocket_status = ( "Missing" if acct['auth_issuer'] is None and acct['auth_sub'] is None else "Authenticated" ) - } for acct in email_diagnostics['accounts']] + acct_diag = { + "email": acct['email'], + "account_id": acct['id'], + "authrocket_status": authrocket_status + } + accounts.append(acct_diag) + return _render_with_defaults('admin_home.jinja2', accounts=accounts) From 62649a937ec30b8e2c26524118356719c1b1370e Mon Sep 17 00:00:00 2001 From: colts661 Date: Mon, 29 Jan 2024 13:48:14 -0800 Subject: [PATCH 03/29] cleaned code; updated logic --- microsetta_interface/implementation.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index e659ac4c..1000a14b 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -2784,11 +2784,12 @@ def get_interactive_account_search(email_query): accounts = [] for acct in email_diagnostics['accounts']: - authrocket_status = ( - "Missing" - if acct['auth_issuer'] is None and acct['auth_sub'] is None - else "Authenticated" - ) + if acct['auth_issuer'] is None and acct['auth_sub'] is None: + authrocket_status = "Missing" + elif acct['auth_issuer'] is None or acct['auth_sub'] is None: + authrocket_status = "Faulty - Contact Admin" + else: + authrocket_status = "Authenticated" acct_diag = { "email": acct['email'], "account_id": acct['id'], From 41e1a85ed5e8495b0adc6b0bcb4fabd347ae47e7 Mon Sep 17 00:00:00 2001 From: Cassidy Symons Date: Mon, 29 Jan 2024 13:57:25 -0800 Subject: [PATCH 04/29] Fix Diversity tab --- .../templates/new_results_page.jinja2 | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/microsetta_interface/templates/new_results_page.jinja2 b/microsetta_interface/templates/new_results_page.jinja2 index c469b7c4..b4c493c3 100644 --- a/microsetta_interface/templates/new_results_page.jinja2 +++ b/microsetta_interface/templates/new_results_page.jinja2 @@ -47,6 +47,11 @@ width: 30%; margin: 20px; } + @media (max-width: 575.98px) { + div.diversity-compare { + width: 90%; + } + } .diversity-category { color: #006a96; } @@ -116,6 +121,11 @@ border-color: #006a96; width: 70%; } + @media (max-width: 575.98px) { + div.how_you_compare_section { + width: 100%; + } + } div.how_you_compare_section h3 { color: #006a96; font-weight: lighter; @@ -147,7 +157,11 @@ width: 35%; box-shadow: 0 4px 8px 0 rgb(0 0 0 / 20%), 0 6px 20px 0 rgb(0 0 0 / 19%); } - + @media (max-width: 575.98px) { + div.your_sample_diversity_inset { + width: 100%; + } + } .scatter-bg { background-image: url('/static/img/scatter.png'); background: url('/static/img/scatter.png'); From 63a04de4101080dc2eaa5258d081a0454fd02f50 Mon Sep 17 00:00:00 2001 From: ayobi Date: Thu, 8 Feb 2024 19:30:35 -0500 Subject: [PATCH 05/29] admin account deletion fix --- microsetta_interface/implementation.py | 81 ++++++++++++++++- microsetta_interface/routes.yaml | 55 +++++++++++ .../templates/account_details.jinja2 | 41 +++++++++ ...admin_requests_account_removal_list.jinja2 | 91 +++++++++++++++++++ .../request_account_deletion_confirm.jinja2 | 32 +++++++ .../templates/sitebase.jinja2 | 3 +- .../tests/test_integration.py | 39 ++++++++ 7 files changed, 338 insertions(+), 4 deletions(-) create mode 100644 microsetta_interface/templates/admin_requests_account_removal_list.jinja2 create mode 100644 microsetta_interface/templates/request_account_deletion_confirm.jinja2 diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index 283b6755..af100f03 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -1144,12 +1144,20 @@ def get_account(*, account_id=None): @prerequisite([ACCT_PREREQS_MET]) def get_account_details(*, account_id=None): has_error, account, _ = ApiRequest.get('/accounts/%s' % account_id) + if has_error: return account + has_error, stats, _ = ApiRequest.get(f'/accounts/{account_id}/' + 'removal_queue') + + if has_error: + return stats + return _render_with_defaults('account_details.jinja2', CREATE_ACCT=False, - account=account) + account=account, + requested_deletion=stats['status']) @prerequisite([ACCT_PREREQS_MET]) @@ -1316,6 +1324,23 @@ def get_create_nonhuman_source(*, account_id=None): account_id=account_id) +# Note: ideally this would be represented as a DELETE, not as a POST +# However, it is used as a form submission action, and HTML forms do not +# support delete as an action +def post_request_account_removal(*, account_id): + # PUT is used to add the account_id to the queue + # DELETE is used to remove the account_id from the queue, if it's + # still there. + has_error, put_output, _ = ApiRequest.put( + '/accounts/%s/removal_queue' % + (account_id)) + + if has_error: + return put_output + + return _render_with_defaults('request_account_deletion_confirm.jinja2') + + @prerequisite([ACCT_PREREQS_MET]) def post_create_nonhuman_source(*, account_id=None, body=None): has_error, sources_output, _ = ApiRequest.post( @@ -2797,6 +2822,7 @@ def post_account_delete(body): raise Unauthorized() account_to_delete = body.get('account_id') + delete_reason = body.get('delete_reason') if account_to_delete is None: raise Unauthorized() @@ -2811,8 +2837,10 @@ def post_account_delete(body): if accts_output['account_type'] != 'standard': return get_rootpath() - has_error, delete_output, _ = ApiRequest.delete( - '/accounts/%s' % (account_to_delete,)) + url = f'/admin/account_removal/{account_to_delete}' \ + f'?delete_reason={delete_reason}' + + has_error, delete_output, _ = ApiRequest.delete(url) if has_error: return delete_output @@ -2820,6 +2848,37 @@ def post_account_delete(body): return get_rootpath() +def post_account_ignore_delete(body): + if not session.get(ADMIN_MODE_KEY, False): + raise Unauthorized() + + account_details = session.get(LOGIN_INFO_KEY) + if account_details is None: + raise Unauthorized() + + account_to_ignore = body.get('account_id') + if account_to_ignore is None: + raise Unauthorized() + + # preserve 'standard-accounts-only' logic for now. + # admin accounts shouldn't be requesting their own deletion. + do_return, accts_output, _ = ApiRequest.get( + '/accounts/%s' % (account_to_ignore, )) + if do_return: + return accts_output + + if accts_output['account_type'] != 'standard': + return get_rootpath() + + url = '/admin/account_removal/%s' % account_to_ignore + has_error, ignore_output, _ = ApiRequest.put(url) + + if has_error: + return ignore_output + + return get_rootpath() + + def get_perk_fulfillment_state(): if not session.get(ADMIN_MODE_KEY, False): raise Unauthorized() @@ -3381,6 +3440,22 @@ def post_campaign_edit(body): return get_campaign_edit(campaign_info['campaign_id']) +def get_account_removal_requests(): + if not session.get(ADMIN_MODE_KEY, False): + raise Unauthorized() + + do_return, diagnostics, _ = ApiRequest.get( + "/admin/account_removal/list", + params={} + ) + + if do_return: + return diagnostics + + return _render_with_defaults('admin_requests_account_removal_list.jinja2', + diagnostics=diagnostics) + + def get_submit_interest(campaign_id=None, source=None): valid_campaign = False campaign_info = None diff --git a/microsetta_interface/routes.yaml b/microsetta_interface/routes.yaml index 589d89dd..04cf0950 100644 --- a/microsetta_interface/routes.yaml +++ b/microsetta_interface/routes.yaml @@ -586,6 +586,23 @@ paths: schema: type: string + # same as above + # TODO: Do we need more response codes appended? + '/accounts/{account_id}/request/remove': + post: + operationId: microsetta_interface.implementation.post_request_account_removal + tags: + - Account + parameters: + - $ref: '#/components/parameters/account_id' + responses: + '200': + description: Display of revised info or error info + content: + text/html: + schema: + type: string + '/accounts/{account_id}/sources/{source_id}/claim_samples': post: operationId: microsetta_interface.implementation.post_claim_samples @@ -1064,6 +1081,9 @@ paths: account_id: type: string nullable: false + delete_reason: + type: string + nullable: true responses: '200': @@ -1073,6 +1093,28 @@ paths: schema: type: string + '/admin/account_ignore_delete': + post: + operationId: microsetta_interface.implementation.post_account_ignore_delete + tags: + - Admin + requestBody: + content: + application/x-www-form-urlencoded: + schema: + type: object + properties: + account_id: + type: string + nullable: false + responses: + '200': + description: Account successfully removed from delete queue, redirect to home + content: + text/html: + schema: + type: string + '/admin/perk_fulfillment_state': get: operationId: microsetta_interface.implementation.get_perk_fulfillment_state @@ -1439,6 +1481,19 @@ paths: schema: type: string + '/admin/account_removal/list': + get: + operationId: microsetta_interface.implementation.get_account_removal_requests + tags: + - Admin + responses: + '200': + description: List of account removal requests for admin users to view/edit + content: + text/html: + schema: + type: string + components: parameters: diff --git a/microsetta_interface/templates/account_details.jinja2 b/microsetta_interface/templates/account_details.jinja2 index c4d738b2..1a36f6a4 100644 --- a/microsetta_interface/templates/account_details.jinja2 +++ b/microsetta_interface/templates/account_details.jinja2 @@ -128,6 +128,12 @@ } },cc); }); + + function verifyDeleteUserRequest(){ + let confirmMsg = "{{ _('You are requesting to delete your account.') }} " + + "{{ _('This operation cannot be undone. Are you sure you want to delete this account?') }} "; + return window.confirm(confirmMsg); + } {% endblock %} {% block breadcrumb %} @@ -442,4 +448,39 @@ {% endif %}
+{% if not admin_mode %} + {% if requested_deletion %} +
+
+
+

+

+
+ _("Your account removal request is being reviewed. You will be notified via email once your account has been deleted.") +
+
+
+
+ {% else %} +
+
+
+

+

+
+
+ {{ _('If you wish to delete this account, please click the following button to submit your request to an administrator.') }} + +
+ {{ _('IMPORTANT: Once you click this button, the request cannot be undone. Your account cannot be restored after it has been deleted.') }} +
+
+
+
+
+
+ {% endif %} +{% endif %} {% endblock %} diff --git a/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 b/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 new file mode 100644 index 00000000..a92a3ea0 --- /dev/null +++ b/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 @@ -0,0 +1,91 @@ +{% extends "sitebase.jinja2" %} +{% set page_title = _("Requests for Account Removal") %} +{% set show_breadcrumbs = False %} +{% block content %} + +

{{ _('Requests for Account Removal') }}

+
+ {% if diagnostics is not none and diagnostics|length > 0 %} +
+
+
+ {{ _('ID') }} +
+
+ {{ _('Account ID') }} +
+
+ {{ _('Email') }} +
+
+ {{ _('First Name') }} +
+
+ {{ _('Last Name') }} +
+
+ {{ _('Requested On') }} +
+
+   +
+
+   +
+
+ {% for row in diagnostics %} +
+
+
+ {{ row.id |e }} +
+
+ {{ row.account_id |e }} +
+
+ {{ row.email |e }} +
+
+ {{ row.first_name |e }} +
+
+ {{ row.last_name |e }} +
+
+ {{ row.requested_on |e }} +
+
+
+ + + +
+
+
+
+ + + +
+
+ +
+
+ {% endfor %} +
+

+ {% else %} + {{ _('No requests found') }} + {% endif %} +
+{% endblock %} \ No newline at end of file diff --git a/microsetta_interface/templates/request_account_deletion_confirm.jinja2 b/microsetta_interface/templates/request_account_deletion_confirm.jinja2 new file mode 100644 index 00000000..e7223707 --- /dev/null +++ b/microsetta_interface/templates/request_account_deletion_confirm.jinja2 @@ -0,0 +1,32 @@ +{% extends "sitebase.jinja2" %} +{% set page_title = _("Home") %} +{% set show_breadcrumbs = False %} + +{% block head %} + + + + + + + + +{% endblock %} + +{% block content %} +
+
+
{{ _('Account Removal Requested') }}
+
+
+ {{ _("We are sorry to see you go! Your request has been logged, and an administrator will review the request soon. You will receive an email notification once your account has been deleted.") }} +
+
+
+
+{% endblock %} \ No newline at end of file diff --git a/microsetta_interface/templates/sitebase.jinja2 b/microsetta_interface/templates/sitebase.jinja2 index 0193b5cd..c7fe6d04 100644 --- a/microsetta_interface/templates/sitebase.jinja2 +++ b/microsetta_interface/templates/sitebase.jinja2 @@ -126,7 +126,8 @@ {{ _('Interested Users') }} {{ _('Address Verification') }} {{ _('Campaigns') }} - {{ _('FFQ Codes') }} + {{ _('Account Removal') }} + {{ _('FFQ Codes') }}
diff --git a/microsetta_interface/tests/test_integration.py b/microsetta_interface/tests/test_integration.py index ddc4a4e2..7b0838c3 100644 --- a/microsetta_interface/tests/test_integration.py +++ b/microsetta_interface/tests/test_integration.py @@ -621,6 +621,45 @@ def _is_consent_required(self, acc_id, source_id, consent_type): resp = self.app.get(url) return resp["result"] + def test_request_delete(self): + # Create a new user and sign the consent + my_resp, my_url, my_jwt = self._new_to_create() + self.assertPageTitle(my_resp, 'Account') + account_id, _, _ = self._ids_from_url(my_url) + self._sign_consent(account_id, consent=ADULT_CONSENT) + + # once a basic account has been set up, confirm Account->Details page + # shows the following text. This user should not already be in the + # delete queue. + url = f'/accounts/{account_id}/details' + resp = self.app.get(url) + data = self._html_page(resp) + + s = ('If you wish to delete this account, please click the following ' + 'button to submit your request to an administrator.') + self.assertIn(s, data) + + # post to the request endpoint to add this user to the removal queue. + # confirm that the text contains verbiage from the confirmation page. + url = f'/accounts/{account_id}/request/remove' + body = {'key': 'value'} + resp = self.app.post(url, data=body) + data = self._html_page(resp) + s = ("We are sorry to see you go! Your request has been logged, and" + " an administrator will review the request soon. You will receive" + " an email notification once your account has been deleted.") + + self.assertIn(s, data) + + # return to the Account->Details page and confirm that it shows the + # following text. The user should not be able to push the 'delete' + # button a second time. + url = f'/accounts/{account_id}/details' + resp = self.app.get(url) + data = self._html_page(resp) + s = ('Your account removal request is being reviewed. You will be ' + 'notified via email once your account has been deleted.') + self.assertIn(s, data) if __name__ == '__main__': unittest.main() From 3b12786851fb5c49e297bb099df43a56d3b9768a Mon Sep 17 00:00:00 2001 From: ayobi Date: Thu, 8 Feb 2024 19:45:02 -0500 Subject: [PATCH 06/29] lint --- .../tests/test_integration.py | 77 ++++++++++--------- 1 file changed, 39 insertions(+), 38 deletions(-) diff --git a/microsetta_interface/tests/test_integration.py b/microsetta_interface/tests/test_integration.py index 7b0838c3..375df209 100644 --- a/microsetta_interface/tests/test_integration.py +++ b/microsetta_interface/tests/test_integration.py @@ -622,44 +622,45 @@ def _is_consent_required(self, acc_id, source_id, consent_type): return resp["result"] def test_request_delete(self): - # Create a new user and sign the consent - my_resp, my_url, my_jwt = self._new_to_create() - self.assertPageTitle(my_resp, 'Account') - account_id, _, _ = self._ids_from_url(my_url) - self._sign_consent(account_id, consent=ADULT_CONSENT) - - # once a basic account has been set up, confirm Account->Details page - # shows the following text. This user should not already be in the - # delete queue. - url = f'/accounts/{account_id}/details' - resp = self.app.get(url) - data = self._html_page(resp) - - s = ('If you wish to delete this account, please click the following ' - 'button to submit your request to an administrator.') - self.assertIn(s, data) - - # post to the request endpoint to add this user to the removal queue. - # confirm that the text contains verbiage from the confirmation page. - url = f'/accounts/{account_id}/request/remove' - body = {'key': 'value'} - resp = self.app.post(url, data=body) - data = self._html_page(resp) - s = ("We are sorry to see you go! Your request has been logged, and" - " an administrator will review the request soon. You will receive" - " an email notification once your account has been deleted.") - - self.assertIn(s, data) - - # return to the Account->Details page and confirm that it shows the - # following text. The user should not be able to push the 'delete' - # button a second time. - url = f'/accounts/{account_id}/details' - resp = self.app.get(url) - data = self._html_page(resp) - s = ('Your account removal request is being reviewed. You will be ' - 'notified via email once your account has been deleted.') - self.assertIn(s, data) + # Create a new user and sign the consent + my_resp, my_url, my_jwt = self._new_to_create() + self.assertPageTitle(my_resp, 'Account') + account_id, _, _ = self._ids_from_url(my_url) + self._sign_consent(account_id, consent=ADULT_CONSENT) + + # once a basic account has been set up, confirm Account->Details page + # shows the following text. This user should not already be in the + # delete queue. + url = f'/accounts/{account_id}/details' + resp = self.app.get(url) + data = self._html_page(resp) + + s = ('If you wish to delete this account, please click the following ' + 'button to submit your request to an administrator.') + self.assertIn(s, data) + + # post to the request endpoint to add this user to the removal queue. + # confirm that the text contains verbiage from the confirmation page. + url = f'/accounts/{account_id}/request/remove' + body = {'key': 'value'} + resp = self.app.post(url, data=body) + data = self._html_page(resp) + s = ("We are sorry to see you go! Your request has been logged, and" + " an administrator will review the request soon. You will receive" + " an email notification once your account has been deleted.") + + self.assertIn(s, data) + + # return to the Account->Details page and confirm that it shows the + # following text. The user should not be able to push the 'delete' + # button a second time. + url = f'/accounts/{account_id}/details' + resp = self.app.get(url) + data = self._html_page(resp) + s = ('Your account removal request is being reviewed. You will be ' + 'notified via email once your account has been deleted.') + self.assertIn(s, data) + if __name__ == '__main__': unittest.main() From 836bf1808c5686ecf1f03323b2707be388208248 Mon Sep 17 00:00:00 2001 From: ayobi Date: Tue, 13 Feb 2024 14:03:54 -0500 Subject: [PATCH 07/29] added user delete reason --- microsetta_interface/implementation.py | 12 ++++++++---- microsetta_interface/routes.yaml | 10 ++++++++++ .../templates/account_details.jinja2 | 8 +++++++- .../admin_requests_account_removal_list.jinja2 | 6 ++++++ 4 files changed, 31 insertions(+), 5 deletions(-) diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index af100f03..47dab5de 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -1327,13 +1327,17 @@ def get_create_nonhuman_source(*, account_id=None): # Note: ideally this would be represented as a DELETE, not as a POST # However, it is used as a form submission action, and HTML forms do not # support delete as an action -def post_request_account_removal(*, account_id): +def post_request_account_removal(*, account_id, body): # PUT is used to add the account_id to the queue # DELETE is used to remove the account_id from the queue, if it's # still there. - has_error, put_output, _ = ApiRequest.put( - '/accounts/%s/removal_queue' % - (account_id)) + + user_delete_reason = body.get('user_delete_reason') + + url = f'/accounts/{account_id}/removal_queue' \ + f'?user_delete_reason={user_delete_reason}' + + has_error, put_output, _ = ApiRequest.put(url) if has_error: return put_output diff --git a/microsetta_interface/routes.yaml b/microsetta_interface/routes.yaml index 04cf0950..ffa61523 100644 --- a/microsetta_interface/routes.yaml +++ b/microsetta_interface/routes.yaml @@ -595,6 +595,16 @@ paths: - Account parameters: - $ref: '#/components/parameters/account_id' + requestBody: + required: true + content: + application/x-www-form-urlencoded: + schema: + type: object + properties: + user_delete_reason: + type: string + nullable: true responses: '200': description: Display of revised info or error info diff --git a/microsetta_interface/templates/account_details.jinja2 b/microsetta_interface/templates/account_details.jinja2 index 1a36f6a4..8f28e57f 100644 --- a/microsetta_interface/templates/account_details.jinja2 +++ b/microsetta_interface/templates/account_details.jinja2 @@ -132,7 +132,12 @@ function verifyDeleteUserRequest(){ let confirmMsg = "{{ _('You are requesting to delete your account.') }} " + "{{ _('This operation cannot be undone. Are you sure you want to delete this account?') }} "; - return window.confirm(confirmMsg); + + let reason = prompt("{{ _('Please provide a reason for deletion (Optional):') }}"); + document.getElementById("user_delete_reason").value = reason; + + return window.confirm(confirmMsg); + } {% endblock %} @@ -472,6 +477,7 @@ method="post" action="/accounts/{{ account.account_id }}/request/remove" onsubmit="return verifyDeleteUserRequest();"> {{ _('If you wish to delete this account, please click the following button to submit your request to an administrator.') }} +
{{ _('IMPORTANT: Once you click this button, the request cannot be undone. Your account cannot be restored after it has been deleted.') }} diff --git a/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 b/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 index a92a3ea0..b3a9f030 100644 --- a/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 +++ b/microsetta_interface/templates/admin_requests_account_removal_list.jinja2 @@ -36,6 +36,9 @@
{{ _('Requested On') }}
+
+ {{ _('Reason for Deletion') }} +
 
@@ -64,6 +67,9 @@
{{ row.requested_on |e }}
+
+ {{ row.user_delete_reason |e }} +
From 4280027219e5a0a1d8cb9fd6195c7dbcefe4c718 Mon Sep 17 00:00:00 2001 From: ayobi Date: Tue, 20 Feb 2024 16:09:11 -0500 Subject: [PATCH 08/29] ui enhancements --- .../templates/account_details.jinja2 | 76 ++++++++++--------- 1 file changed, 39 insertions(+), 37 deletions(-) diff --git a/microsetta_interface/templates/account_details.jinja2 b/microsetta_interface/templates/account_details.jinja2 index 8f28e57f..503ecf47 100644 --- a/microsetta_interface/templates/account_details.jinja2 +++ b/microsetta_interface/templates/account_details.jinja2 @@ -422,6 +422,7 @@ {% endif %}
+

{% if admin_mode %}
@@ -449,44 +450,45 @@ -
{% endif %} - - -{% if not admin_mode %} - {% if requested_deletion %} -
-
-
-

-

-
- _("Your account removal request is being reviewed. You will be notified via email once your account has been deleted.") -
+ + {% if not admin_mode and not CREATE_ACCT %} + {% if requested_deletion %} +
+
+
+

+

+
+ {{ _('Your account removal request is being reviewed. You will be notified via email once your account has been deleted.') }} +
+
+
-
-
- {% else %} -
-
-
-

-

-
-
- {{ _('If you wish to delete this account, please click the following button to submit your request to an administrator.') }} - - -
- {{ _('IMPORTANT: Once you click this button, the request cannot be undone. Your account cannot be restored after it has been deleted.') }} -
-
-
+ {% else %} +
+
+
+

+

+
+
+ {{ _('If you wish to delete this account, please click the following button to submit your request to an administrator.') }} + +

+ +

+ {{ _('IMPORTANT: Once you click this button, the request cannot be undone. Your account cannot be restored after it has been deleted.') }} +
+
+
+
-
-
- {% endif %} -{% endif %} + {% endif %} + {% endif %} + +
+
{% endblock %} From 9cd731b32d47d1f75830914b33c9eacd1e2cf091 Mon Sep 17 00:00:00 2001 From: aaron obrien Date: Fri, 23 Feb 2024 14:22:25 -0500 Subject: [PATCH 09/29] add unauth if account details is none per suggestion Co-authored-by: Daniel McDonald --- microsetta_interface/implementation.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index 47dab5de..16323d4e 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -3447,6 +3447,9 @@ def post_campaign_edit(body): def get_account_removal_requests(): if not session.get(ADMIN_MODE_KEY, False): raise Unauthorized() + account_details = session.get(LOGIN_INFO_KEY) + if account_details is None: + raise Unauthorized() do_return, diagnostics, _ = ApiRequest.get( "/admin/account_removal/list", From b6489c169dc6da55c1b64e06ef9d85ce361472ed Mon Sep 17 00:00:00 2001 From: ayobi Date: Fri, 23 Feb 2024 15:27:49 -0500 Subject: [PATCH 10/29] added more response codes for request/remove --- microsetta_interface/implementation.py | 1 + microsetta_interface/routes.yaml | 13 ++++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/microsetta_interface/implementation.py b/microsetta_interface/implementation.py index 16323d4e..cd1fa475 100644 --- a/microsetta_interface/implementation.py +++ b/microsetta_interface/implementation.py @@ -3447,6 +3447,7 @@ def post_campaign_edit(body): def get_account_removal_requests(): if not session.get(ADMIN_MODE_KEY, False): raise Unauthorized() + account_details = session.get(LOGIN_INFO_KEY) if account_details is None: raise Unauthorized() diff --git a/microsetta_interface/routes.yaml b/microsetta_interface/routes.yaml index ffa61523..7b1f5f32 100644 --- a/microsetta_interface/routes.yaml +++ b/microsetta_interface/routes.yaml @@ -587,7 +587,6 @@ paths: type: string # same as above - # TODO: Do we need more response codes appended? '/accounts/{account_id}/request/remove': post: operationId: microsetta_interface.implementation.post_request_account_removal @@ -612,6 +611,18 @@ paths: text/html: schema: type: string + '403': + description: Forbidden + content: + text/html: + schema: + type: string + '404': + description: Not Found + content: + text/html: + schema: + type: string '/accounts/{account_id}/sources/{source_id}/claim_samples': post: From 6b487b51546b7914ec45ed0b87fec459208fa847 Mon Sep 17 00:00:00 2001 From: colts661 Date: Mon, 25 Mar 2024 23:25:00 -0700 Subject: [PATCH 11/29] restructure admin menu --- .../templates/sitebase.jinja2 | 21 +++++++++++-------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/microsetta_interface/templates/sitebase.jinja2 b/microsetta_interface/templates/sitebase.jinja2 index 0193b5cd..b02598b6 100644 --- a/microsetta_interface/templates/sitebase.jinja2 +++ b/microsetta_interface/templates/sitebase.jinja2 @@ -119,19 +119,22 @@ {% if admin_mode %} {% endif %} From ef576e9737c0305f6cf3e40880a06c78fe05d39f Mon Sep 17 00:00:00 2001 From: colts661 Date: Tue, 26 Mar 2024 11:08:31 -0700 Subject: [PATCH 12/29] add margins --- microsetta_interface/templates/sitebase.jinja2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/microsetta_interface/templates/sitebase.jinja2 b/microsetta_interface/templates/sitebase.jinja2 index b02598b6..bf9437c2 100644 --- a/microsetta_interface/templates/sitebase.jinja2 +++ b/microsetta_interface/templates/sitebase.jinja2 @@ -118,7 +118,7 @@ {% if admin_mode %} -