3110 dashboard design feedback & permission changes (#3142)

* update org dashboard

* allowing org admins to access serviecs within an org

* fix test

Author: heyitsmebev

app/main/views/activity.py

@@ -123,7 +123,7 @@ def get_filtered_jobs(service_id, page):
 
 
 @main.route("/activity/services/<uuid:service_id>")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, allow_org_user=True)
 def all_jobs_activity(service_id):
     service_data_retention_days = 8
     page = get_page_from_request()

app/main/views/api_keys.py

@@ -23,7 +23,7 @@
 
 
 @main.route("/services/<uuid:service_id>/api")
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def api_integration(service_id):
     callbacks_link = (
         ".api_callbacks"
@@ -40,7 +40,7 @@ def api_integration(service_id):
 
 
 @main.route("/services/<uuid:service_id>/api/documentation")
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def api_documentation(service_id):
     return redirect(url_for(".documentation"), code=301)
 
@@ -51,7 +51,7 @@ def api_documentation(service_id):
     endpoint="old_guest_list",
 )
 @main.route("/services/<uuid:service_id>/api/guest-list", methods=["GET", "POST"])
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def guest_list(service_id):
     form = GuestList()
     if form.validate_on_submit():
@@ -70,15 +70,15 @@ def guest_list(service_id):
 
 
 @main.route("/services/<uuid:service_id>/api/keys")
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def api_keys(service_id):
     return render_template(
         "views/api/keys.html",
     )
 
 
 @main.route("/services/<uuid:service_id>/api/keys/create", methods=["GET", "POST"])
-@user_has_permissions("manage_api_keys", restrict_admin_usage=True)
+@user_has_permissions("manage_api_keys", restrict_admin_usage=True, allow_org_user=True)
 def create_api_key(service_id):
     form = CreateKeyForm(current_service.api_keys)
     form.key_type.choices = [
@@ -118,7 +118,7 @@ def create_api_key(service_id):
 @main.route(
     "/services/<uuid:service_id>/api/keys/revoke/<uuid:key_id>", methods=["GET", "POST"]
 )
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def revoke_api_key(service_id, key_id):
     key_name = current_service.get_api_key(key_id)["name"]
     if request.method == "GET":
@@ -161,7 +161,7 @@ def check_token_against_dummy_bearer(token):
 
 
 @main.route("/services/<uuid:service_id>/api/callbacks", methods=["GET"])
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def api_callbacks(service_id):
     if not current_service.has_permission(ServicePermission.INBOUND_SMS):
         return redirect(url_for(".delivery_status_callback", service_id=service_id))
@@ -192,7 +192,7 @@ def get_delivery_status_callback_details():
     "/services/<uuid:service_id>/api/callbacks/delivery-status-callback",
     methods=["GET", "POST"],
 )
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def delivery_status_callback(service_id):
     delivery_status_callback = get_delivery_status_callback_details()
     back_link = (
@@ -259,7 +259,7 @@ def get_received_text_messages_callback():
     "/services/<uuid:service_id>/api/callbacks/received-text-messages-callback",
     methods=["GET", "POST"],
 )
-@user_has_permissions("manage_api_keys")
+@user_has_permissions("manage_api_keys", allow_org_user=True)
 def received_text_messages_callback(service_id):
     if not current_service.has_permission(ServicePermission.INBOUND_SMS):
         return redirect(url_for(".api_integration", service_id=service_id))

app/main/views/conversation.py

@@ -13,7 +13,7 @@
 
 
 @main.route("/services/<uuid:service_id>/conversation/<uuid:notification_id>")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, allow_org_user=True)
 def conversation(service_id, notification_id):
     user_number = get_user_number(service_id, notification_id)
 
@@ -31,7 +31,7 @@ def conversation(service_id, notification_id):
 
 
 @main.route("/services/<uuid:service_id>/conversation/<uuid:notification_id>.json")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, allow_org_user=True)
 def conversation_updates(service_id, notification_id):
     return jsonify(
         get_conversation_partials(
@@ -46,7 +46,7 @@ def conversation_updates(service_id, notification_id):
 @main.route(
     "/services/<uuid:service_id>/conversation/<uuid:notification_id>/reply-with/from-folder/<uuid:from_folder>"
 )
-@user_has_permissions(ServicePermission.SEND_MESSAGES)
+@user_has_permissions(ServicePermission.SEND_MESSAGES, allow_org_user=True)
 def conversation_reply(
     service_id,
     notification_id,
@@ -70,7 +70,7 @@ def conversation_reply(
 @main.route(
     "/services/<uuid:service_id>/conversation/<uuid:notification_id>/reply-with/<uuid:template_id>"
 )
-@user_has_permissions(ServicePermission.SEND_MESSAGES)
+@user_has_permissions(ServicePermission.SEND_MESSAGES, allow_org_user=True)
 def conversation_reply_with_template(
     service_id,
     notification_id,

app/main/views/dashboard.py

@@ -24,13 +24,13 @@
 
 
 @main.route("/services/<uuid:service_id>/dashboard")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, allow_org_user=True)
 def old_service_dashboard(service_id):
     return redirect(url_for(".service_dashboard", service_id=service_id))
 
 
 @main.route("/services/<uuid:service_id>")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def service_dashboard(service_id):
 
     if session.get("invited_user_id"):
@@ -84,7 +84,7 @@ def job_is_finished(job_dict):
 
 
 @main.route("/services/<uuid:service_id>/daily-stats.json")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def get_daily_stats(service_id):
     date_range = get_stats_date_range()
     days = date_range["days"]
@@ -148,7 +148,7 @@ def get_local_daily_stats_for_last_x_days(stats_utc, user_timezone, days):
 
 
 @main.route("/services/<uuid:service_id>/daily-stats-by-user.json")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def get_daily_stats_by_user(service_id):
     date_range = get_stats_date_range()
     days = date_range["days"]
@@ -166,7 +166,7 @@ def get_daily_stats_by_user(service_id):
 
 
 @main.route("/services/<uuid:service_id>/template-usage")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, allow_org_user=True)
 def template_usage(service_id):
     year, current_financial_year = requested_and_current_financial_year(request)
     stats = template_statistics_client.get_monthly_template_usage_for_service(

app/main/views/history.py

@@ -11,7 +11,7 @@
 
 
 @main.route("/services/<uuid:service_id>/history")
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def history(service_id):
     events = _get_events(current_service.id, request.args.get("selected"))
 

app/main/views/jobs.py

@@ -26,7 +26,7 @@
 
 
 @main.route("/services/<uuid:service_id>/jobs")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def view_jobs(service_id):
     return redirect(
         url_for(
@@ -37,7 +37,7 @@ def view_jobs(service_id):
 
 
 @main.route("/services/<uuid:service_id>/jobs/<uuid:job_id>")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def view_job(service_id, job_id):
     job = Job.from_id(job_id, service_id=current_service.id)
     if job.cancelled:
@@ -83,7 +83,7 @@ def view_job(service_id, job_id):
 
 
 @main.route("/services/<uuid:service_id>/jobs/<uuid:job_id>.csv")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, allow_org_user=True)
 def view_job_csv(service_id, job_id):
     job = Job.from_id(job_id, service_id=service_id)
     filter_args = parse_filter_args(request.args)
@@ -111,14 +111,14 @@ def view_job_csv(service_id, job_id):
 
 
 @main.route("/services/<uuid:service_id>/jobs/<uuid:job_id>", methods=["POST"])
-@user_has_permissions(ServicePermission.SEND_MESSAGES)
+@user_has_permissions(ServicePermission.SEND_MESSAGES, allow_org_user=True)
 def cancel_job(service_id, job_id):
     Job.from_id(job_id, service_id=service_id).cancel()
     return redirect(url_for("main.service_dashboard", service_id=service_id))
 
 
 @main.route("/services/<uuid:service_id>/jobs/<uuid:job_id>/status.json")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def view_job_status_poll(service_id, job_id):
     from app.notify_client.job_api_client import job_api_client
 
@@ -147,7 +147,7 @@ def view_job_status_poll(service_id, job_id):
 
 
 @main.route("/services/<uuid:service_id>/jobs/<uuid:job_id>/notifications-table")
-@user_has_permissions()
+@user_has_permissions(allow_org_user=True)
 def view_job_notifications_table(service_id, job_id):
     """Endpoint that returns only the notifications table HTML fragment."""
     job = Job.from_id(job_id, service_id=current_service.id)

app/main/views/manage_users.py

@@ -44,7 +44,7 @@ def manage_users(service_id):
 @main.route(
     "/services/<uuid:service_id>/users/invite/<uuid:user_id>", methods=["GET", "POST"]
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def invite_user(service_id, user_id=None):
     form_class = InviteUserForm
     form = form_class(
@@ -116,7 +116,7 @@ def invite_user(service_id, user_id=None):
 
 
 @main.route("/services/<uuid:service_id>/users/<uuid:user_id>", methods=["GET", "POST"])
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def edit_user_permissions(service_id, user_id):
     service_has_email_auth = current_service.has_permission(
         ServicePermission.EMAIL_AUTH
@@ -169,7 +169,7 @@ def edit_user_permissions(service_id, user_id):
 
 
 @main.route("/services/<uuid:service_id>/users/<uuid:user_id>/delete", methods=["POST"])
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def remove_user_from_service(service_id, user_id):
     try:
         service_api_client.remove_user_from_service(service_id, user_id)
@@ -192,7 +192,7 @@ def remove_user_from_service(service_id, user_id):
     "/services/<uuid:service_id>/users/<uuid:user_id>/edit-email",
     methods=["GET", "POST"],
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def edit_user_email(service_id, user_id):
     user = current_service.get_team_member(user_id)
     user_email = user.email_address
@@ -225,7 +225,7 @@ def edit_user_email(service_id, user_id):
     "/services/<uuid:service_id>/users/<uuid:user_id>/edit-email/confirm",
     methods=["GET", "POST"],
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def confirm_edit_user_email(service_id, user_id):
     user = current_service.get_team_member(user_id)
     session_key = "team_member_email_change-{}".format(user_id)
@@ -263,7 +263,7 @@ def confirm_edit_user_email(service_id, user_id):
     "/services/<uuid:service_id>/users/<uuid:user_id>/edit-mobile-number",
     methods=["GET", "POST"],
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def edit_user_mobile_number(service_id, user_id):
     user = current_service.get_team_member(user_id)
     user_mobile_number = redact_mobile_number(user.mobile_number)
@@ -293,7 +293,7 @@ def edit_user_mobile_number(service_id, user_id):
     "/services/<uuid:service_id>/users/<uuid:user_id>/edit-mobile-number/confirm",
     methods=["GET", "POST"],
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def confirm_edit_user_mobile_number(service_id, user_id):
     user = current_service.get_team_member(user_id)
     if "team_member_mobile_change" in session:
@@ -331,7 +331,7 @@ def confirm_edit_user_mobile_number(service_id, user_id):
     "/services/<uuid:service_id>/cancel-invited-user/<uuid:invited_user_id>",
     methods=["GET"],
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def cancel_invited_user(service_id, invited_user_id):
     current_service.cancel_invite(invited_user_id)
 
@@ -350,7 +350,7 @@ def cancel_invited_user(service_id, invited_user_id):
     "/services/<uuid:service_id>/resend-invite/<uuid:invited_user_id>",
     methods=["GET"],
 )
-@user_has_permissions(ServicePermission.MANAGE_SERVICE)
+@user_has_permissions(ServicePermission.MANAGE_SERVICE, allow_org_user=True)
 def resend_invite(service_id, invited_user_id):
     current_service.resend_invite(invited_user_id)
 

app/main/views/notifications.py

@@ -35,7 +35,7 @@
 
 
 @main.route("/services/<uuid:service_id>/notification/<uuid:notification_id>")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, allow_org_user=True)
 def view_notification(service_id, notification_id, error_message=None):
     if error_message:
         flash(error_message)
@@ -108,7 +108,7 @@ def view_notification(service_id, notification_id, error_message=None):
 
 
 @main.route("/services/<uuid:service_id>/notification/<uuid:notification_id>.json")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, allow_org_user=True)
 def view_notification_updates(service_id, notification_id):
     return jsonify(
         **get_single_notification_partials(
@@ -149,7 +149,7 @@ def get_all_personalisation_from_notification(notification):
 
 
 @main.route("/services/<uuid:service_id>/download-notifications.csv")
-@user_has_permissions(ServicePermission.VIEW_ACTIVITY)
+@user_has_permissions(ServicePermission.VIEW_ACTIVITY, allow_org_user=True)
 def download_notifications_csv(service_id):
     set_timezone()
     filter_args = parse_filter_args(request.args)

app/main/views/organizations.py

@@ -241,10 +241,10 @@ def get_services_dashboard_data(organization, year):
         if sms_sent > 0 or sms_remainder > 0:
             if sms_cost > 0:
                 usage_parts.append(
-                    f"{sms_sent:,} sms ({sms_remainder:,} remaining, ${sms_cost:,.2f})"
+                    f"{sms_sent:,} sms ({sms_remainder:,} message parts remaining, ${sms_cost:,.2f})"
                 )
             else:
-                usage_parts.append(f"{sms_sent:,} sms ({sms_remainder:,} remaining)")
+                usage_parts.append(f"{sms_sent:,} sms ({sms_remainder:,} message parts remaining)")
 
         service["usage"] = ", ".join(usage_parts) if usage_parts else "No usage"