Issue #2579 #2644: Analyst can merge user accounts - [BOB]

[rachidatecs]

Ticket

Resolves #2579
Resolves #2644

Changes

• New view/template for a transfer user page
• Sidebar, breadcrumbs (<- @Katherine-Osos instead of a back to link), comparison panes, select and submit
• The select is a combo box implemented outside of the DJA context which means spot-loading the required JS and CSS
• Modal on submit
• Transfer of user properties (portfolio and roles/perms)
• Transfer of joined fields (DomainInfo, DomainRequest, UserDomainRole, VerifiedBy, Portfolio) defined as constants in the view class
• Solid testing

Context for reviewers

This turned to be a bit large, so we shed a couple of items to other tickets:

• Refactor the join lookup on user transfer to work with the refactored portfolio (multiple per user instead of one) #2644 will refactor the portfolio transfer now that a user can have more than one portfolio
• Refactor the Join lookup on transfer user #2645 will attempt implementation of a join lookup that does not rely on constants
• The combobox was tricky to implement outside of DJA and is missing styles for dark mode. We can fix this but I suggest we make it another follow-on small ticket <- @abroddrick (should be a 1 pointer, maybe make it 2 and loop in some scss reorg as described below)
• I revised how we're dealing with DJA and USWDS button styles. All buttons in our admin should be consistent now but we could do some low priority work in cleaning up the admin scss (time consuming, no change to users, just code hygiene)

Setup

• Try transferring users who own doman requests, domains, are creators on portfolios, have entries in the verified by (edge case, I don't think we'll be merging analysts), have a portfolio and roles and perms on it.

Designers

As of Friday night the sandbox build is not running. Check for green checkmarks before you go to bob.

Code Review Verification Steps

As the original developer, I have

Satisfied acceptance criteria and met development standards

• Met the acceptance criteria, or will meet them in a subsequent PR
• Created/modified automated tests
• Added at least 2 developers as PR reviewers (only 1 will need to approve)
• Messaged on Slack or in standup to notify the team that a PR is ready for review
• Changes to “how we do things” are documented in READMEs and or onboarding guide
• If any model was updated to modify/add/delete columns, makemigrations was ran and the associated migrations file has been commited.

Ensured code standards are met (Original Developer)

• All new functions and methods are commented using plain language
• Did dependency updates in Pipfile also get changed in requirements.txt?
• Interactions with external systems are wrapped in try/except
• Error handling exists for unusual or missing values

Validated user-facing changes (if applicable)

• New pages have been added to .pa11yci file so that they will be tested with our automated accessibility testing
• Checked keyboard navigability
• Tested general usability, landmarks, page header structure, and links with a screen reader (such as Voiceover or ANDI)
• Add at least 1 designer as PR reviewer

As a code reviewer, I have

Reviewed, tested, and left feedback about the changes

• Pulled this branch locally and tested it
• Reviewed this code and left comments
• Checked that all code is adequately covered by tests
• Made it clear which comments need to be addressed before this work is merged
• If any model was updated to modify/add/delete columns, makemigrations was ran and the associated migrations file has been commited.

Ensured code standards are met (Code reviewer)

• All new functions and methods are commented using plain language
• Interactions with external systems are wrapped in try/except
• Error handling exists for unusual or missing values
• (Rarely needed) Did dependency updates in Pipfile also get changed in requirements.txt?

Validated user-facing changes as a developer

• New pages have been added to .pa11yci file so that they will be tested with our automated accessibility testing

• Checked keyboard navigability

• Meets all designs and user flows provided by design/product

• Tested general usability, landmarks, page header structure, and links with a screen reader (such as Voiceover or ANDI)

• Tested with multiple browsers, the suggestion is to use ones that the developer didn't (check off which ones were used)

  • Chrome
  • Microsoft Edge
  • FireFox
  • Safari

• (Rarely needed) Tested as both an analyst and applicant user

Note: Multiple code reviewers can share the checklists above, a second reviewers should not make a duplicate checklist

As a designer reviewer, I have

Verified that the changes match the design intention

• Checked that the design translated visually
• Checked behavior
• Checked different states (empty, one, some, error)
• Checked for landmarks, page heading structure, and links
• Tried to break the intended flow

Validated user-facing changes as a designer

• Checked keyboard navigability

• Tested general usability, landmarks, page header structure, and links with a screen reader (such as Voiceover or ANDI)

• Tested with multiple browsers (check off which ones were used)

  • Chrome
  • Microsoft Edge
  • FireFox
  • Safari

• (Rarely needed) Tested as both an analyst and applicant user

Screenshots

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[rachidatecs]

Relax, this is just an additional check for document.getElementById("id_investigator") && django && django.jQuery) to get rid of a console error. Nothing else in this file.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[Katherine-Osos]

@rachidatecs Looks good, just two small updates:

• Can we use a different (muted) button style for the "Select and preview" button? Visually, it competes with the "Transfer ..." button, which is a much more important button. For example, could we use the gray button style that's used for the search fields in the admin?
• In the confirmation modal: I reviewed some of the other modals we're using in the "Domains" section, and want to make a few tweaks to this one for consistency.
  • Let's update the heading to be a question: "Are you sure you want to transfer data and delete this user?"
  • Move the name & email to the body of the message and add the username (since I believe you/Kaitlin noted that's an important unique identifier).
  • Update the button label to be a response to the question: "Yes, transfer and delete user"
  • See layout below.

---

Are you sure you want to transfer data and delete this user?
Username: 987654321
Name: John Smith
Email: jsmith@ example.com

This action cannot be undone.

[Yes, transfer and delete user] [Cancel]

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[Matt-Spence]

Works perfectly well for me. I have a concern with adding a hole in our csp for select2, but I don't think it's an unacceptable risk. Let me know if there's no acceptably convenient way around using it.

[Matt-Spence]

I assume there was no other easy way to do this? Adding another hole in our CSP is not something we should do lightly. If somehow that version alias of select2 were to get replaced with something malicious anybody who accesses a view that loads scripts from this source could be vulnerable.

If it's going to be super expensive to replace this then it may be worth it, but I want to make sure it's something we're considering carefully.

[Matt-Spence]

This is what I was referencing earlier. If hypothetically the developers of select2 got hacked (or were deliberately malicious) they could upload arbitrary code at this url and it would execute in the users browser. This is a risk we take with basically all our dependencies, so it's not unacceptable, but again want to make sure it's carefully considered.

[rachidatecs]

select2 makes the django admin combobox possible on the transfer page. It's django source code basically. Without it, the transfer page would have to be registered as a django admin view (which it is not), or we'd need to use USWDS's combobox in this view's context. There might be a way to load this piece of Django's source code from our existing build but I couldn't figure it out.

[rachidatecs]

One option: We download the select2 script and load it from our static folder. Is it worth it though?

[rachidatecs]

^ Legit question, you or Alysia would be the ones best qualified to answer.

[Matt-Spence]

I'm cool with this as-is. Just wanted to make sure there wasn't an easy workaround.

[asaki222]

Is there an instance where the selected_user would be equal to the logged_in_user? Could we make a better 'else' message if so?

[rachidatecs]

This will be refactored in a future ticket that disallows this feature for any staff (analyst, superuser) user

[asaki222]

I really like the use of tests here for different scenarios!

[asaki222]

This is a really clean way of logging changes!

[Matt-Spence]

All good

[github-actions]

🥳 Successfully deployed to developer sandbox bob.

[github-actions]

🥳 Successfully deployed to developer sandbox bob.