Merge pull request #104 from epimorphics/spike/dev-security-updates

CHANGELOG.md

@@ -68,9 +68,22 @@
   monitoring, and updated version of Sentry.
 - (Ian) Updated the README as part of handover.
 
-## 1.3.5 - 2021-12-11
+## 1.3.7
+
+- (Jon) Add Folkestone and Hythe to district names.
+
+## 1.3.6 - 2021-10-22
+
+- (Joseph) Add North and West Northamptonshire to county names.
+- (Joseph) Add Bournemouth, Christchurch and Poole to county names.
+- (Joseph) Add Somerset West and Taunton to district names.
+- (Joseph) Add East Suffolk to district names.
+- (Joseph) Add West Suffolk to district names.
+
+## 1.3.5
 
 - (Mairead) Added deployment sub repo and assisting deployment files
+- (Mairead) Added Object.assign polyfill
 
 ## 1.3.4 - 2021-06-25
 

Gemfile.lock

@@ -1,3 +1,21 @@
+GIT
+  remote: https://github.com/epimorphics/lr_common_styles
+  revision: 423fddbb2ee1d2a76036ef16f07eb3dc8d36de5b
+  specs:
+    lr_common_styles (1.8.1)
+      bootstrap-sass (~> 3.4.0)
+      font-awesome-rails (~> 4.7.0.1)
+      govuk_elements_rails (~> 2.0.0)
+      govuk_frontend_toolkit (~> 4.18.1)
+      govuk_template (~> 0.18.1)
+      haml-rails (~> 2.0.0)
+      jquery-rails (~> 4.3.5)
+      lodash-rails (~> 4.17.14)
+      modernizr-rails (~> 2.7.1)
+      modulejs-rails (~> 2.2.0.0)
+      rails (~> 5.2.4)
+      sass-rails (~> 5.0.4)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -42,8 +60,8 @@ GEM
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
     ansi (1.5.0)
     arel (9.0.0)
     ast (2.4.2)
@@ -74,7 +92,7 @@ GEM
     date (3.3.3)
     erubi (1.12.0)
     erubis (2.7.0)
-    execjs (2.7.0)
+    execjs (2.8.1)
     faraday (1.10.0)
       faraday-em_http (~> 1.0)
       faraday-em_synchrony (~> 1.0)
@@ -231,7 +249,7 @@ GEM
     prometheus-client (4.0.0)
     psych (4.0.3)
       stringio
-    public_suffix (4.0.6)
+    public_suffix (5.0.0)
     puma (5.6.4)
       nio4r (~> 2.0)
     racc (1.7.1)
@@ -355,7 +373,7 @@ GEM
     websocket-extensions (0.1.5)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    yajl-ruby (1.4.1)
+    yajl-ruby (1.4.3)
 
 GEM
   remote: https://rubygems.pkg.github.com/epimorphics/

app/assets/javascripts/application.js

@@ -16,6 +16,7 @@
 //= require jquery-ui/widgets/autocomplete
 //= require leaflet
 //= require lodash
+//= require object-assign-polyfill 
 //= require js-routes
 //= require lr_common_styles/application
 //= require_tree .

app/assets/javascripts/object-assign-polyfill.js

@@ -0,0 +1,28 @@
+/**
+ * Object.assign() polyfill for IE11
+ * @see <https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/assign>
+ */
+if (typeof Object.assign != "function") {
+  Object.defineProperty(Object, "assign", {
+    value: function assign(target, varArgs) {
+      "use strict";
+      if (target == null) {
+        throw new TypeError("Cannot convert undefined or null to object");
+      }
+      var to = Object(target);
+      for (var index = 1; index < arguments.length; index++) {
+        var nextSource = arguments[index];
+        if (nextSource != null) {
+          for (var nextKey in nextSource) {
+            if (Object.prototype.hasOwnProperty.call(nextSource, nextKey)) {
+              to[nextKey] = nextSource[nextKey];
+            }
+          }
+        }
+      }
+      return to;
+    },
+    writable: true,
+    configurable: true
+  });
+}

app/helpers/download_request_helper.rb

@@ -36,8 +36,8 @@ def render_unknown_request(request)
 
   def render_failed_request(request)
     content_tag(:span, class: 'o-request--status__warning') do
-      "Request #{request.id} did not complete successfully. " + "
-      Ideally we will put more info here. In the meantime, please check the log file"
+      "Request #{request.id} did not complete successfully." \
+        'Ideally we will put more info here. In the meantime, please check the log file'
     end
   end
 

app/models/step_select_county.rb

@@ -30,6 +30,7 @@ def map_enabled?
     'BLACKPOOL',
     'BLAENAU GWENT',
     'BOURNEMOUTH',
+    'BOURNEMOUTH, CHRISTCHURCH AND POOLE',
     'BRACKNELL FOREST',
     'BRIDGEND',
     'BRIGHTON AND HOVE',
@@ -90,6 +91,7 @@ def map_enabled?
     'NORFOLK',
     'NORTH EAST LINCOLNSHIRE',
     'NORTH LINCOLNSHIRE',
+    'NORTH NORTHAMPTONSHIRE',
     'NORTH SOMERSET',
     'NORTH YORKSHIRE',
     'NORTHAMPTONSHIRE',
@@ -127,6 +129,7 @@ def map_enabled?
     'WARWICKSHIRE',
     'WEST BERKSHIRE',
     'WEST MIDLANDS',
+    'WEST NORTHAMPTONSHIRE',
     'WEST SUSSEX',
     'WEST YORKSHIRE',
     'WILTSHIRE',

app/models/step_select_district.rb

@@ -127,6 +127,7 @@ def successor_step
     'EAST NORTHAMPTONSHIRE',
     'EAST RIDING OF YORKSHIRE',
     'EAST STAFFORDSHIRE',
+    'EAST SUFFOLK',
     'EASTBOURNE',
     'EASTLEIGH',
     'EDEN',
@@ -139,6 +140,7 @@ def successor_step
     'FAREHAM',
     'FENLAND',
     'FLINTSHIRE',
+    'FOLKESTONE AND HYTHE',
     'FOREST HEATH',
     'FOREST OF DEAN',
     'FYLDE',
@@ -277,6 +279,7 @@ def successor_step
     'SHROPSHIRE',
     'SLOUGH',
     'SOLIHULL',
+    'SOMERSET WEST AND TAUNTON',
     'SOUTH BUCKS',
     'SOUTH CAMBRIDGESHIRE',
     'SOUTH DERBYSHIRE',
@@ -354,6 +357,7 @@ def successor_step
     'WEST LINDSEY',
     'WEST OXFORDSHIRE',
     'WEST SOMERSET',
+    'WEST SUFFOLK',
     'WEYMOUTH AND PORTLAND',
     'WIGAN',
     'WILTSHIRE',

app/models/workflow.rb

@@ -81,7 +81,7 @@ def form_action(controller = :report_design, action = :show)
   end
 
   def params
-    @params ||= @state.select { |k, _v| whitelist_key(k) }
+    @params ||= @state.select { |k, _v| allowlist_key(k) }
   end
 
   def_delegator :params, :each, :each_state_key
@@ -92,7 +92,7 @@ def each_state_ignoring(ignore = nil, &block)
     end
   end
 
-  def whitelist_key(key)
+  def allowlist_key(key)
     step_with_param(key)
   end
 

data/county-names.txt

@@ -4,6 +4,7 @@ BLACKBURN WITH DARWEN
 BLACKPOOL
 BLAENAU GWENT
 BOURNEMOUTH
+BOURNEMOUTH, CHRISTCHURCH AND POOLE
 BRACKNELL FOREST
 BRIDGEND
 BRIGHTON AND HOVE
@@ -64,6 +65,7 @@ NEWPORT
 NORFOLK
 NORTH EAST LINCOLNSHIRE
 NORTH LINCOLNSHIRE
+NORTH NORTHAMPTONSHIRE
 NORTH SOMERSET
 NORTH YORKSHIRE
 NORTHAMPTONSHIRE
@@ -101,6 +103,7 @@ WARRINGTON
 WARWICKSHIRE
 WEST BERKSHIRE
 WEST MIDLANDS
+WEST NORTHAMPTONSHIRE
 WEST SUSSEX
 WEST YORKSHIRE
 WILTSHIRE

data/district-names.txt

@@ -101,6 +101,7 @@ EAST LINDSEY
 EAST NORTHAMPTONSHIRE
 EAST RIDING OF YORKSHIRE
 EAST STAFFORDSHIRE
+EAST SUFFOLK
 EASTBOURNE
 EASTLEIGH
 EDEN
@@ -113,6 +114,7 @@ EXETER
 FAREHAM
 FENLAND
 FLINTSHIRE
+FOLKESTONE AND HYTHE
 FOREST HEATH
 FOREST OF DEAN
 FYLDE
@@ -251,6 +253,7 @@ SHEPWAY
 SHROPSHIRE
 SLOUGH
 SOLIHULL
+SOMERSET WEST AND TAUNTON
 SOUTH BUCKS
 SOUTH CAMBRIDGESHIRE
 SOUTH DERBYSHIRE
@@ -328,6 +331,7 @@ WEST LANCASHIRE
 WEST LINDSEY
 WEST OXFORDSHIRE
 WEST SOMERSET
+WEST SUFFOLK
 WEYMOUTH AND PORTLAND
 WIGAN
 WILTSHIRE