refactor: "Proposed alternative language" for "Instance Configuration…

…" page
freedomofpress · Nov 4, 2019 · 25ba95e · 25ba95e
1 parent f272aef
commit 25ba95e
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 24 deletions.
diff --git a/securedrop/journalist_app/admin.py b/securedrop/journalist_app/admin.py
@@ -14,7 +14,7 @@
 from journalist_app.decorators import admin_required
 from journalist_app.utils import (make_password, commit_account_changes, set_diceware_password,
                                   validate_hotp_secret, revoke_token)
-from journalist_app.forms import AllowDocumentUploadsForm, LogoForm, NewUserForm
+from journalist_app.forms import LogoForm, NewUserForm, SubmissionPreferencesForm
 
 
 def make_blueprint(config):
@@ -29,8 +29,9 @@ def index():
     @view.route('/config', methods=('GET', 'POST'))
     @admin_required
     def manage_config():
-        allow_document_uploads_form = AllowDocumentUploadsForm(
-            allow_document_uploads=current_app.config.get(
+        # The UI prompt ("prevent") is the opposite of the setting ("allow"):
+        submission_preferences_form = SubmissionPreferencesForm(
+            prevent_document_uploads=not current_app.config.get(
                 'ALLOW_DOCUMENT_UPLOADS',
                 True))
         logo_form = LogoForm()
@@ -51,19 +52,21 @@ def manage_config():
                 for error in errors:
                     flash(error, "logo-error")
             return render_template("config.html",
-                                   allow_document_uploads_form=allow_document_uploads_form,
+                                   submission_preferences_form=submission_preferences_form,
                                    logo_form=logo_form)
 
-    @view.route('/set-allow-document-uploads', methods=['POST'])
+    @view.route('/update-submission-preferences', methods=['POST'])
     @admin_required
-    def set_allow_document_uploads():
-        form = AllowDocumentUploadsForm()
+    def update_submission_preferences():
+        form = SubmissionPreferencesForm()
         if form.validate_on_submit():
             # Upsert ALLOW_DOCUMENT_UPLOADS:
             setting = InstanceConfig.query.get('ALLOW_DOCUMENT_UPLOADS')
             if not setting:
                 setting = InstanceConfig(name='ALLOW_DOCUMENT_UPLOADS')
-            setting.value = bool(request.form.get('allow_document_uploads'))
+
+            # The UI prompt ("prevent") is the opposite of the setting ("allow"):
+            setting.value = not bool(request.form.get('prevent_document_uploads'))
 
             db.session.add(setting)
             db.session.commit()

diff --git a/securedrop/journalist_app/forms.py b/securedrop/journalist_app/forms.py
@@ -64,8 +64,8 @@ class ReplyForm(FlaskForm):
     )
 
 
-class AllowDocumentUploadsForm(FlaskForm):
-    allow_document_uploads = BooleanField('allow_document_uploads')
+class SubmissionPreferencesForm(FlaskForm):
+    prevent_document_uploads = BooleanField('prevent_document_uploads')
 
 
 class LogoForm(FlaskForm):

diff --git a/securedrop/journalist_templates/config.html b/securedrop/journalist_templates/config.html
@@ -43,16 +43,16 @@ <h5>
 
 <hr class="no-line">
 
-<h2>{{ gettext('Document Uploads') }}</h2>
+<h2>{{ gettext('Submission Preferences') }}</h2>
 
-<form action="{{ url_for('admin.set_allow_document_uploads') }}" method="post">
+<form action="{{ url_for('admin.update_submission_preferences') }}" method="post">
   <input name="csrf_token" type="hidden" value="{{ csrf_token() }}">
   <p>
-    {{ allow_document_uploads_form.allow_document_uploads() }}
-    <label for="allow_document_uploads">{{ gettext('Allow sources to submit documents as well as messages') }}</label>
+    {{ submission_preferences_form.prevent_document_uploads() }}
+    <label for="prevent_document_uploads">{{ gettext('Prevent sources from uploading documents.  Sources will still be able to send messages.') }}</label>
   </p>
-  <button type="submit" id="submit-allow-document-uploads">
-    <i class="fas fa-pencil-alt"></i> {{ gettext('UPDATE') }}
+  <button type="submit" id="submit-submission-preferences">
+    <i class="fas fa-pencil-alt"></i> {{ gettext('UPDATE SUBMISSION PREFERENCES') }}
   </button>
 </form>
 

diff --git a/securedrop/tests/test_journalist.py b/securedrop/tests/test_journalist.py
@@ -1287,25 +1287,25 @@ def test_admin_add_user_integrity_error(journalist_app, test_admin, mocker):
             "None\n[SQL: STATEMENT]\n[parameters: 'PARAMETERS']") in log_event
 
 
-def test_allow_document_uploads(journalist_app, test_admin):
+def test_prevent_document_uploads(journalist_app, test_admin):
     with journalist_app.test_client() as app:
         _login_user(app, test_admin['username'], test_admin['password'],
                     test_admin['otp_secret'])
-        form = journalist_app_module.forms.AllowDocumentUploadsForm(
-            allow_document_uploads=True)
-        app.post(url_for('admin.set_allow_document_uploads'),
+        form = journalist_app_module.forms.SubmissionPreferencesForm(
+            prevent_document_uploads=True)
+        app.post(url_for('admin.update_submission_preferences'),
                  data=form.data,
                  follow_redirects=True)
-        assert InstanceConfig.query.get('ALLOW_DOCUMENT_UPLOADS').value is True
+        assert InstanceConfig.query.get('ALLOW_DOCUMENT_UPLOADS').value is False
 
 
-def test_disallow_document_uploads(journalist_app, test_admin):
+def test_no_prevent_document_uploads(journalist_app, test_admin):
     with journalist_app.test_client() as app:
         _login_user(app, test_admin['username'], test_admin['password'],
                     test_admin['otp_secret'])
-        app.post(url_for('admin.set_allow_document_uploads'),
+        app.post(url_for('admin.update_submission_preferences'),
                  follow_redirects=True)
-        assert InstanceConfig.query.get('ALLOW_DOCUMENT_UPLOADS').value is False
+        assert InstanceConfig.query.get('ALLOW_DOCUMENT_UPLOADS').value is True
 
 
 def test_logo_upload_with_valid_image_succeeds(journalist_app, test_admin):