From 1888a867515fec7cc6b92cb84a31bc51fa8bf494 Mon Sep 17 00:00:00 2001 From: Tim Ballard <1425377+timoballard@users.noreply.github.com> Date: Fri, 29 Sep 2023 09:28:34 -0500 Subject: [PATCH 1/3] Discard auditee name from SAM.gov (#2292) * rm auditee_name from step-2 form * rm auditee_name from pre-sac tests * Modify gen-info to manually type auditee name --------- Co-authored-by: Edward Zapata --- backend/cypress/support/general-info.js | 1 + .../report_submission/templates/report_submission/step-2.html | 1 - backend/report_submission/test_views.py | 1 - backend/report_submission/views.py | 1 - 4 files changed, 1 insertion(+), 3 deletions(-) diff --git a/backend/cypress/support/general-info.js b/backend/cypress/support/general-info.js index 716fa58343..8213ae7c9c 100644 --- a/backend/cypress/support/general-info.js +++ b/backend/cypress/support/general-info.js @@ -10,6 +10,7 @@ export function testValidGeneralInfo() { cy.get('label[for=audit-period-annual]').click(); // Auditee information + cy.get('#auditee_name').type('Super Important name') cy.get('#ein').type('546000173'); cy.get('label[for=ein_not_an_ssn_attestation]').click(); cy.get('label[for=multiple-eins-yes]').click(); diff --git a/backend/report_submission/templates/report_submission/step-2.html b/backend/report_submission/templates/report_submission/step-2.html index 0b6ffc8f5a..9f91fdba89 100644 --- a/backend/report_submission/templates/report_submission/step-2.html +++ b/backend/report_submission/templates/report_submission/step-2.html @@ -66,7 +66,6 @@

diff --git a/backend/report_submission/test_views.py b/backend/report_submission/test_views.py index 857cf9b379..8ca2ad3634 100644 --- a/backend/report_submission/test_views.py +++ b/backend/report_submission/test_views.py @@ -188,7 +188,6 @@ def test_end_to_end_submission_pass(self, mock_get_uei_info): self.assertTemplateUsed(step2_get, "report_submission/step-2.html") step2_data = { - "auditee_name": "Federal Bureau of Control", "auditee_uei": "KZV2XNZZN3A8", "auditee_fiscal_period_start": "01/01/2022", "auditee_fiscal_period_end": "01/01/2023", diff --git a/backend/report_submission/views.py b/backend/report_submission/views.py index 79bbc99995..9fabf925ae 100644 --- a/backend/report_submission/views.py +++ b/backend/report_submission/views.py @@ -66,7 +66,6 @@ def post(self, request): formatted_post = { "csrfmiddlewaretoken": request.POST.get("csrfmiddlewaretoken"), "auditee_uei": form.cleaned_data["auditee_uei"], - "auditee_name": request.POST.get("auditee_name"), "auditee_address_line_1": request.POST.get("auditee_address_line_1"), "auditee_city": request.POST.get("auditee_city"), "auditee_state": request.POST.get("auditee_state"), From d9c8a86338a9551ae7182dda525c57a4e4d27791 Mon Sep 17 00:00:00 2001 From: Tim Ballard <1425377+timoballard@users.noreply.github.com> Date: Fri, 29 Sep 2023 15:39:24 -0500 Subject: [PATCH 2/3] Make email based Access claims case-insensitive (#2318) * make email based access claims case insensitive * lint * don't do it with regex --- backend/users/auth.py | 13 +++++++------ backend/users/test_auth.py | 5 +++-- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/backend/users/auth.py b/backend/users/auth.py index 55f81b43b3..ed0332c8e7 100644 --- a/backend/users/auth.py +++ b/backend/users/auth.py @@ -11,12 +11,13 @@ def claim_audit_access(user, all_emails): - access_invites = ( - Access.objects.filter(user_id=None) - .filter(email__in=all_emails) - .update(user_id=user.id) - ) - logger.debug(f"{user.email} granted access to {access_invites} new audits") + for email in all_emails: + access_invites = ( + Access.objects.filter(user_id=None) + .filter(email__iexact=email) + .update(user_id=user.id) + ) + logger.debug(f"{user.email} granted access to {access_invites} new audits") class FACAuthenticationBackend(OpenIdConnectBackend): diff --git a/backend/users/test_auth.py b/backend/users/test_auth.py index c8ed857d4a..7d1b6fabad 100644 --- a/backend/users/test_auth.py +++ b/backend/users/test_auth.py @@ -114,12 +114,13 @@ def test_multiple_audit_access_granted(self): backend = FACAuthenticationBackend() login_id = str(uuid4()) - email = "a@a.com" + email = "a+a@a.com" access1 = baker.make(Access, email=email) access2 = baker.make(Access, email=email) - user_info = {"sub": login_id, "email": email, "all_emails": [email]} + # use different casing in the user info to ensure we're not case sensitive + user_info = {"sub": login_id, "email": "A@A.CoM", "all_emails": ["A+a@A.cOm"]} factory = RequestFactory() request = factory.get("/") From f639e0d3c513205857ca29e9b5290cc205b96d9f Mon Sep 17 00:00:00 2001 From: Tadhg O'Higgins <2626258+tadhg-ohiggins@users.noreply.github.com> Date: Fri, 29 Sep 2023 14:41:06 -0700 Subject: [PATCH 3/3] Add report_id to SAC admin list view. (#2320) --- backend/audit/admin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/audit/admin.py b/backend/audit/admin.py index e4c79c342c..291a18719c 100644 --- a/backend/audit/admin.py +++ b/backend/audit/admin.py @@ -4,7 +4,7 @@ class SACAdmin(admin.ModelAdmin): - list_display = ("id",) + list_display = ("id", "report_id") class AccessAdmin(admin.ModelAdmin):