Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent management pages using "plugin" GOV.UK Frontend views #2355

Merged
merged 8 commits into from
Oct 11, 2023

Conversation

colinrotherham
Copy link
Contributor

@colinrotherham colinrotherham commented Oct 5, 2023

This PR fixes #2352 for management pages only

The fix uses res.send() with a custom Nunjucks environment as used by getTemplatesViewHandler()

Management pages previously used Express.js res.render() with all plugin Nunjucks views available

GOV.UK Frontend v5 release

Without this bugfix, users upgrading to GOV.UK Frontend v5 would see management pages load Nunjucks views from GOV.UK Frontend v5 but fonts, assets, styles and scripts from GOV.UK Frontend v4

@colinrotherham colinrotherham changed the title Fix management pages using "plugin" GOV.UK Frontend Stop management pages using "plugin" GOV.UK Frontend views Oct 5, 2023
@colinrotherham
Copy link
Contributor Author

colinrotherham commented Oct 5, 2023

Plenty of failing tests to look at

Nunjucks wise, management pages won’t have access to plugin filters, functions or Express.js app locals

@colinrotherham colinrotherham changed the title Stop management pages using "plugin" GOV.UK Frontend views Fix management pages using "plugin" GOV.UK Frontend views Oct 5, 2023
GOV.UK Frontend `nunjucksPaths` and `sass` config fields may potentially be `string | string[]` values one day
Prototype pages should use the “plugin” version by default although we’ll add an improved way to provide a backup version should the plugin be uninstalled
Adds an option param to `getNunjucksAppEnv()` to append backup view directories
@colinrotherham colinrotherham force-pushed the nunjucks-env branch 3 times, most recently from e9086d2 to d3a4381 Compare October 6, 2023 16:14
Jest uses Babel to hoist `jest.mock()` calls above `require()` already

But this change avoids needing a second call to update the mock implementation in a `beforeEach()` when it would be too late to do so
This prevents Manage prototype pages using “plugin” GOV.UK Frontend

Unlike other management pages, the handler `getTemplatesViewHandler()` will still pick up the GOV.UK Frontend “plugin” version
Management pages use locals like `serviceName` which custom Nunjucks environments don’t provide

Here we’re restoring the same `app.locals` that the route’s `res.render()` included by default previously
@colinrotherham
Copy link
Contributor Author

We're all set on this one now

I've made sure management pages keep Express.js app locals

BenSurgisonGDS
BenSurgisonGDS previously approved these changes Oct 9, 2023
Copy link
Contributor

@BenSurgisonGDS BenSurgisonGDS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@colinrotherham colinrotherham changed the title Fix management pages using "plugin" GOV.UK Frontend views Prevent management pages using "plugin" GOV.UK Frontend views Oct 9, 2023
@colinrotherham
Copy link
Contributor Author

Thanks @BenSurgisonGDS, just added a CHANGELOG entry

BenSurgisonGDS
BenSurgisonGDS previously approved these changes Oct 9, 2023
CHANGELOG.md Outdated
@@ -8,6 +8,7 @@

- [#2306: Locate GOV.UK Frontend using `require.resolve()`](https://github.com/alphagov/govuk-prototype-kit/pull/2306)
- [#2349: Fix GOV.UK Frontend `initAll()` on management pages](https://github.com/alphagov/govuk-prototype-kit/pull/2349)
- [#2355: Prevent management pages using "plugin" GOV.UK Frontend views](https://github.com/alphagov/govuk-prototype-kit/pull/2355)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be under "Unreleased" instead of "13.13.4".

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice spot, done ✅


beforeEach(() => {
mockSend = jest.fn()
res.status = jest.fn().mockReturnValue({ send: mockSend })
res.status = jest.fn().mockReturnValue({ send: res.send })
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason we're not using:

res.status = jest.fn().mockReturnValue(res)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No not at all, loads of ways to do this

Let me know if it's a blocker

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added it this morning, nice improvement should we need it in future

There's another handy shorthand if it's helpful for other tests:

- lookupPackageInfo: jest.fn().mockImplementation((packageName) => {
+ lookupPackageInfo: jest.fn((packageName) => {

Copy link
Contributor

@BenSurgisonGDS BenSurgisonGDS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved after Natalie's suggestion implemented

@colinrotherham colinrotherham merged commit 0bff77a into main Oct 11, 2023
27 checks passed
@colinrotherham colinrotherham deleted the nunjucks-env branch October 11, 2023 09:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Nunjucks templates from GOV.UK Frontend plugin used internally
3 participants