Adds parameter for security classification

.env.django

@@ -74,3 +74,9 @@ FILE_EXPIRY_IN_DAYS=30
 # === Playwright Tests ===
 
 USER_EMAIL=
+
+# === Security classifications ===
+# The maximum security classification permitted for the app to handle
+
+# OFFICIAL, OFFICIAL_SENSITIVE, SECRET or TOP_SECRET
+MAX_SECURITY_CLASSIFICATION=OFFICIAL_SENSITIVE

.env.example

@@ -75,3 +75,9 @@ FILE_EXPIRY_IN_DAYS=30
 # === Playwright Tests ===
 
 USER_EMAIL=
+
+# === Security classifications ===
+# The maximum security classification permitted for the app to handle
+
+# OFFICIAL, OFFICIAL_SENSITIVE, SECRET or TOP_SECRET
+MAX_SECURITY_CLASSIFICATION=OFFICIAL_SENSITIVE

.env.test

@@ -73,3 +73,9 @@ FILE_EXPIRY_IN_DAYS=30
 # === Playwright Tests ===
 
 USER_EMAIL=
+
+# === Security classifications ===
+# The maximum security classification permitted for the app to handle
+
+# OFFICIAL, OFFICIAL_SENSITIVE, SECRET or TOP_SECRET
+MAX_SECURITY_CLASSIFICATION=OFFICIAL_SENSITIVE

django_app/redbox_app/jinja2.py

@@ -63,6 +63,7 @@ def environment(**options):
             "url": url,
             "humanize_timedelta": humanize_timedelta,
             "environment": settings.ENVIRONMENT,
+            "security": settings.MAX_SECURITY_CLASSIFICATION.value,
         }
     )
     env.globals.update(
@@ -71,6 +72,7 @@ def environment(**options):
             "url": url,
             "humanize_timedelta": humanize_timedelta,
             "environment": settings.ENVIRONMENT,
+            "security": settings.MAX_SECURITY_CLASSIFICATION.value,
         }
     )
     return env

django_app/redbox_app/settings.py

@@ -1,6 +1,7 @@
 # mypy: ignore-errors
 
 import socket
+from enum import StrEnum
 from pathlib import Path
 
 import environ
@@ -323,3 +324,16 @@
 USE_STREAMING = env.bool("USE_STREAMING")
 FILE_EXPIRY_IN_SECONDS = env.int("FILE_EXPIRY_IN_DAYS") * 24 * 60 * 60
 SUPERUSER_EMAIL = env.str("SUPERUSER_EMAIL", None)
+
+# Security classifications
+# https://www.gov.uk/government/publications/government-security-classifications/
+
+
+class Classification(StrEnum):
+    OFFICIAL = "Official"
+    OFFICIAL_SENSITIVE = "Official Sensitive"
+    SECRET = "Secret"  # noqa S105
+    TOP_SECRET = "Top Secret"  # noqa S105
+
+
+MAX_SECURITY_CLASSIFICATION = Classification[env.str("MAX_SECURITY_CLASSIFICATION")]

django_app/redbox_app/templates/base.html

@@ -41,7 +41,7 @@
   <header class="govuk-header" role="banner" data-module="govuk-header">
 
     <div class="iai-classification-banner govuk-body">
-      Up to UK OFFICIAL SENSITIVE documents can be used in this tool
+      Up to UK {{ security | upper }} documents can be used in this tool
     </div>
 
     <div class="govuk-header__container govuk-width-container">

django_app/redbox_app/templates/homepage.html

@@ -8,7 +8,7 @@
         <div class="govuk-grid-row">
             <div class="govuk-grid-column-two-thirds">
                 <h1 class="govuk-heading-xl">Ask any question of documents in your Redbox</h1>
-                <p class="govuk-body-l">Use Artificial Intelligence (AI) to get insights from your personal document set. You can use up to, and including, Official Sensitive documents.</p>
+                <p class="govuk-body-l">Use Artificial Intelligence (AI) to get insights from your personal document set. You can use up to, and including, {{ security }} documents.</p>
                 {% if not request.user.is_authenticated %}
                 <p class="govuk-body">If you have an account, please <a class="govuk-link" href="{{url('sign-in')}}">sign in</a> to get started</p>
                 {% endif %}
@@ -26,7 +26,7 @@ <h2 class="govuk-heading-m govuk-!-margin-top-5 govuk-!-padding-top-5">Upload</h
             <h2 class="govuk-heading-m govuk-!-margin-top-5 govuk-!-padding-top-5">Chat</h2>
             <p class="govuk-body">You can communicate with your Redbox and ask questions of the documents contained within. Use Redbox to unlock deeper insights in the various documents you have uploaded, pulling together summaries of individual or combined documents.</p>
             <h2 class="govuk-heading-m govuk-!-margin-top-5 govuk-!-padding-top-5">Secure</h2>
-            <p class="govuk-body">Redbox is built in our secure and private cloud which enables you to upload, up to, and including, Official Sensitive documents in your Redbox.</p>
+            <p class="govuk-body">Redbox is built in our secure and private cloud which enables you to upload, up to, and including, {{ security }} documents in your Redbox.</p>
 
         </div>
     </div>

django_app/redbox_app/templates/upload.html

@@ -25,7 +25,7 @@ <h1 class="govuk-heading-l">{{ pageTitle }}</h1>
             {{ govukNotificationBanner(
               title="Important",
               text_list=[
-                {"text": "The AI will use all documents you upload. You can use up to, and including, Official Sensitive documents"}
+                {"text": "The AI will use all documents you upload. You can use up to, and including, " ~ security ~ " documents"}
               ]
             ) }}
           </div>

django_app/tests_playwright/_signin.py

@@ -8,8 +8,8 @@
 from playwright.sync_api import Page, expect
 
 logger = logging.getLogger(__name__)
-ROOT = Path(__file__).parents[1]
-load_dotenv(dotenv_path=ROOT / ".env", override=True)
+DJANGO_ROOT = Path(__file__).parents[1]
+load_dotenv(dotenv_path=DJANGO_ROOT / ".env", override=True)
 
 
 def sign_in(page: Page):
@@ -26,9 +26,8 @@ def sign_in(page: Page):
     page.get_by_text("Continue").click()
 
     # Get magic link
-    django_dir = Path(__file__).parents[2]
     command = ["poetry", "run", "python", "manage.py", "show_magiclink_url", email_address]
-    result = subprocess.run(command, capture_output=True, text=True, cwd=django_dir)  # noqa: S603
+    result = subprocess.run(command, capture_output=True, text=True, cwd=DJANGO_ROOT)  # noqa: S603
     magic_link = result.stdout.strip()
 
     # Complete sign-in and verify