sync main > staging (#252)

* accessibility fixes (#206)

* fixes styling of nomination step errors

* adds role to success message

* fixes typos

* amends privacy path

* adds error message to terms checkbox

* changes notice to success flash

* adds aria to password guidance on forms

* adds alert role to step errors

* PR comment

* UPgrading CEditor, Moment and jQuery

* only allow LL to update local assessment step

(vulnerability fix)

* custom qavs scrubber for admin comments

* add pending eligibility state

* clean up js validation and add email validation

* user password change (#205)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* refactor

* fix Eligibility#save_as_eligible and related spec

* filter status updates (#215)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* copy change application in progress state

* copy change ineligible questionnaire state

* copy change submitted state

* copy change nomination not submitted state

* copy change withdrawn state

* fixes spec

* copy change admin eligible state

* copy change admin eligible duplicate state

* copy change admin ineligible states

* fixes specs

* copy change admin ineligible states

* copy change local assessment states

* copy change awarded states

* copy change assessors assigned sub state

* fixes specs

* copy change shortlisted state

* fixes typo

* copy change national assessment not recommended state

* copy change national assessment undecided state

* refactor

* fixes spec

* adds sub status filter for lieutenancy not assigned

* adds citation not submitted sub status

* adds sub filter for garden party not submitted

* removes duplicate test

* refactor

* reverts gemfile.lock changes

* revert error

* adds sub status filter for local assessment not started

* adds duplicate for ref to lieutenant filter

* adds sub filter for final verdict outstanding

* adds eligible duplicate to query

* refactor

* user log in update (#217)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* user name login

* adds name fields to admin/users#new

* fixes spec

* permits name params

* Changing ckeditor init method and preventing link injection

* only display edit status link if it's possible to edit el.status

* password length hint in account details (#221)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* password length hint

* pre sign in page

* copy fix

[ci skip]

* removes paragraph from dashboard (#226)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* removes paragraph

* bug fixes (#228)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* previous award winner eligibility changes

* updates copy on worthy questions

* fixes typo

* fixes repeated content in pdf

* login page content change

* refactor

* settings and email notifier updates (#227)

* adds password change for assessors

* adds group leader password change form

* adds password change for lieutenant

* update policies

* adds admin password change feature

* updates header

* updates copy

* hides mail notification for award year opening

* updates nomination stage deadline message copy

* adds help message to submission reminder mail notification

* updates formatting changes to registration stage

* adds bold font to mail notification header

* updates submission reminder subject

* copy update and date format for submission reminder mailer

* fixes specs

* removes unused deadline translations

* fixes spec

* updates local assessment deadline copy help

* group leader notification mail content

* updates group leader nomination mail subject

* adds group name to notification mailer

* fixes spec

* fixes spec

* adds link formatting

* adds group name to mail spec

* adds total nominations to preview

* update content for local assessment reminder mail

* restrict local assessment notification to advanced role

* fixes spec

* copy help update for local assessment submission deadline

* adds advanced lieutenant restriction for reminder notification

* reformat

* refactors mail renderer

* hides shortlisted stage - for now

* updates copy for end of embargo deadline

* updates copy for citation form deadline

* updates copy for palace invite deadlines

* add copy for palace attendee deadline

* adds successful group leader preview

* pull in citation date to email

* setup group leader winner notification

* remove strike through

* adding unsuccessful group leader notification

* adds test for group leaders winners mailer

* fixes spec

* adds test for unsuccessful group leader notification

* adds mail content for unsuccessful group leaders

* adds unsuccessful group leader mailer

* fixes typo

* adds new notification kind

* adds mailer for unsuccessful group leaders

* adds preview for unsuccessful group leader notification

* adds tests for group leader renderers

* adds test for notify successful nominations mailer

* increases coverage on mailer tests

* completes successful notifier mail content

* adds winners notification service

* adds winners nominator notification preview

* adds help to winners email notification

* adds unsuccessful mailer

* fixes typo

* adds preview for unsuccessful nominations

* updates copy header and help for unsuccessful nominations

* updates copy header and help for garden party invites

* updates mailer for reception invite

* updates notification service for reception invite

* updates preview content for reception invite

* removes unsuccessful feedback mailer

* removes unsuccessful feedback mailer

* fixes spec

* removes business app mailer

* removes duplicate palace invite mailer

* removes media pack deadline

* removes shortlisted from stages

* fixes spec

* update format for buckingham palace deadline

* remove mailto link from email notifications

* update reminder to submit mailer

* fix time format for minutes

* fix spec

* adds test for group leader mailer

* fix typo

* adds name to account mailers

* removes capitals from stage headers

* fixes spec

* removes shortlisted stage

* placeholder deadlines

* remove incorrect scope

* Update cloudtasker.rb

load schedule

* remove old workers and enable cloudtasker cron on servers

* Bump nokogiri from 1.12.4 to 1.12.5

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.12.4...v1.12.5)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* disable services that were not yet tested

* Bump nth-check from 2.0.0 to 2.0.1

Bumps [nth-check](https://github.com/fb55/nth-check) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/fb55/nth-check/releases)
- [Commits](fb55/nth-check@v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: nth-check
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* try to use deliver_now instead of deliver_later in ENS

* temp fix for local assessor form (#234)

* bug fixes (#235)

* assign award year for email preview

* removes mailto link from email

* removes QAE pressbook section from winners dashboard

* adds empty option to dropdowns

* checks for empty string on email validation (#236)

* removes palace attendee section (#237)

* removes tags from citation body (#238)

* update useful info page to be consistent with side menu (#240)

* updates pdf logo and header to QAVS (#241)

* removes QAE from pdf title

* updates QAVS award type name

* fixes specs

* fixes specs

* fix specs

* adds new qavs logo

* return of the sidekiq

* adds privacy policy link to emails (#242)

* run sidekiq on gcloud and update readme

* Update README.md

* Update sidekiq.rb

sidekiq/sidekiq#3518

* New cookie pages and behaviour (#239)

* New cookie pages and behaviour

* updating cookies table

* Updating link in cookie banner

* Making tables responsive and accessible at same time (#247)

* Making tables responsive and accessible at same time

* Forgot one table

* Fixing table font sizes and rendering

* local assessment form updates (#248)

* updates section E1 questions

* adds new required question E1.9

* removes question E2.5

* add details section to E3.1

* updates to section E4

* updates section E5

* changes to section E6

* updates section E7

* updates section E9

* Lieutenants (#246)

* renames lieutenant roles

* rename main lieutenant

* fixes path for edit users

* state that the phones are optional (#224)

* copy changes to local assessment form (#250)

* local assessment updates

* remove colon

* removes submitted nominations from filter (#251)

Co-authored-by: Mauricio Andre Cinelli <mauricio.cinelli@bitzesty.com>
Co-authored-by: Vasili Kachalko <amarant.st@gmail.com>
Co-authored-by: Matthew Ford <matt@bitzesty.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Gemfile

@@ -91,7 +91,8 @@ gem 'vigilion', '~> 1.0.4', github: 'vigilion/vigilion-ruby', ref: '7d6a7e5'
 gem 'vigilion-rails', github: 'vigilion/vigilion-rails', ref: '59def7b69589d702b6d14a5ec5b1c77c22e21065'
 
 # Background jobs
-gem 'cloudtasker', github: 'bitzesty/cloudtasker', ref: 'fb5cfc1ae2d4e83d6ad0f04b121a56d11301f9cf'
+gem 'sidekiq', "~> 5.2"
+gem 'sidekiq-cron', "~> 1.1"
 
 # CORS configuration
 gem 'rack-cors', '~> 1.0'
@@ -183,4 +184,5 @@ group :test do
   gem 'rspec_junit_formatter', '0.2.3'
   gem 'timecop'
   gem 'webmock', '3.13.0'
+  gem 'rspec-sidekiq'
 end

Gemfile.lock

@@ -9,20 +9,6 @@ GIT
       carrierwave (>= 1.3.2, < 3)
       google-cloud-storage (>= 1.30, < 2)
 
-GIT
-  remote: https://github.com/bitzesty/cloudtasker.git
-  revision: fb5cfc1ae2d4e83d6ad0f04b121a56d11301f9cf
-  ref: fb5cfc1ae2d4e83d6ad0f04b121a56d11301f9cf
-  specs:
-    cloudtasker (0.12.rc11)
-      activesupport
-      connection_pool
-      fugit
-      google-cloud-tasks (~> 1.0)
-      jwt
-      redis
-      retriable
-
 GIT
   remote: https://github.com/devise-security/devise-security.git
   revision: f83d59c5f9063466ce3948ac35ce587aeb659a0a
@@ -246,7 +232,7 @@ GEM
       activesupport (>= 3.2)
     equalizer (0.0.11)
     erubi (1.10.0)
-    et-orbi (1.2.4)
+    et-orbi (1.2.5)
       tzinfo
     execjs (2.7.0)
     factory_bot (6.1.0)
@@ -278,7 +264,7 @@ GEM
     faraday_middleware (1.1.0)
       faraday (~> 1.0)
     ffi (1.15.3)
-    fugit (1.5.0)
+    fugit (1.5.2)
       et-orbi (~> 1.1, >= 1.1.8)
       raabro (~> 1.4)
     globalid (0.5.2)
@@ -315,24 +301,6 @@ GEM
       google-cloud-core (~> 1.6)
       googleauth (>= 0.16.2, < 2.a)
       mini_mime (~> 1.0)
-    google-cloud-tasks (1.5.1)
-      google-gax (~> 1.8)
-      googleapis-common-protos (>= 1.3.9, < 2.0)
-      googleapis-common-protos-types (>= 1.0.4, < 2.0)
-      grpc-google-iam-v1 (~> 0.6.9)
-    google-gax (1.8.1)
-      google-protobuf (~> 3.9)
-      googleapis-common-protos (>= 1.3.9, < 2.0)
-      googleauth (~> 0.9)
-      grpc (~> 1.24)
-      rly (~> 0.2.3)
-    google-protobuf (3.17.3)
-    googleapis-common-protos (1.3.11)
-      google-protobuf (~> 3.14)
-      googleapis-common-protos-types (>= 1.0.6, < 2.0)
-      grpc (~> 1.27)
-    googleapis-common-protos-types (1.1.0)
-      google-protobuf (~> 3.14)
     googleauth (0.17.0)
       faraday (>= 0.17.3, < 2.0)
       jwt (>= 1.4, < 3.0)
@@ -345,13 +313,6 @@ GEM
       sass (>= 3.2.0)
     govuk_template (0.12.0)
       rails (>= 3.1)
-    grpc (1.38.0)
-      google-protobuf (~> 3.15)
-      googleapis-common-protos-types (~> 1.0)
-    grpc-google-iam-v1 (0.6.11)
-      google-protobuf (~> 3.14)
-      googleapis-common-protos (>= 1.3.11, < 2.0)
-      grpc (~> 1.27)
     hashdiff (1.0.1)
     hashery (2.1.2)
     hashie (3.6.0)
@@ -435,7 +396,7 @@ GEM
       activerecord (>= 3.0.0)
       activesupport (>= 3.0.0)
     nio4r (2.5.8)
-    nokogiri (1.12.4)
+    nokogiri (1.12.5)
       mini_portile2 (~> 2.6.1)
       racc (~> 1.4)
     notifications-ruby-client (5.3.0)
@@ -501,6 +462,8 @@ GEM
       rack (>= 2.0.0)
     rack-mini-profiler (1.0.0)
       rack (>= 1.2.0)
+    rack-protection (2.1.0)
+      rack
     rack-proxy (0.7.0)
       rack
     rack-ssl-enforcer (0.2.9)
@@ -577,7 +540,6 @@ GEM
       netrc (~> 0.8)
     retriable (3.1.2)
     rexml (3.2.5)
-    rly (0.2.3)
     rspec (3.9.0)
       rspec-core (~> 3.9.0)
       rspec-expectations (~> 3.9.0)
@@ -600,6 +562,9 @@ GEM
       rspec-expectations (~> 3.9)
       rspec-mocks (~> 3.9)
       rspec-support (~> 3.9)
+    rspec-sidekiq (3.1.0)
+      rspec-core (~> 3.0, >= 3.0.0)
+      sidekiq (>= 2.4.0)
     rspec-support (3.9.3)
     rspec_junit_formatter (0.2.3)
       builder (< 4)
@@ -638,6 +603,14 @@ GEM
       rails (>= 4)
     shoulda-matchers (4.5.1)
       activesupport (>= 4.2.0)
+    sidekiq (5.2.7)
+      connection_pool (~> 2.2, >= 2.2.2)
+      rack (>= 1.5.0)
+      rack-protection (>= 1.5.0)
+      redis (>= 3.3.5, < 5)
+    sidekiq-cron (1.2.0)
+      fugit (~> 1.1)
+      sidekiq (>= 4.2.1)
     signet (0.15.0)
       addressable (~> 2.3)
       faraday (>= 0.17.3, < 2.0)
@@ -739,7 +712,6 @@ DEPENDENCIES
   carrierwave (~> 2.2.2)
   carrierwave-google-storage!
   ckeditor
-  cloudtasker!
   codeclimate_circle_ci_coverage
   coffee-rails (= 5.0)
   connection_pool
@@ -802,12 +774,15 @@ DEPENDENCIES
   rest-client
   rspec-github
   rspec-rails (~> 4.0.1)
+  rspec-sidekiq
   rspec_junit_formatter (= 0.2.3)
   rubocop (~> 0.52)
   sanitize
   selenium-webdriver
   shog
   shoulda-matchers
+  sidekiq (~> 5.2)
+  sidekiq-cron (~> 1.1)
   simple_form (~> 5.0)
   slim-rails (~> 3.2.0)
   sprockets (~> 3.7.2)

Procfile

@@ -1,2 +1,2 @@
 web: bundle exec rake cf:run_migrations db:migrate && bundle exec puma -C config/puma.rb
-worker: cloudtasker
+worker: bundle exec sidekiq -C config/sidekiq.yml

README.md

@@ -1,8 +1,8 @@
 
-![Logo](https://raw.githubusercontent.com/bitzesty/qae/master/public/logo.jpg) Queen's Awards for Enterprise
+Queen's Award for Voluntary Service
 ---------------------------
 
-"QAE" is the application which powers the application process for The Queen's Awards for Enterprise.
+"QAVS" is the application which powers the application process for The Queen's Award for Voluntary Service.
 
 ## Setup
 
@@ -20,10 +20,10 @@
 ```
 ./bin/setup
 bundle exec rails s
-cloudtasker
+bundle exec sidekiq -C config/sidekiq.yml
 ```
 
-If you're running this on your local dev setup, start redis first before starting cloudtasker
+If you're running this on your local dev setup, start redis first before starting sidekiq
 
 ### Install Poxa
 

app/assets/javascripts/application.js.coffee

@@ -919,6 +919,9 @@ jQuery ->
 
   if $('.js-ckeditor').length > 0
 
+    CKEDITOR.plugins.addExternal( 'wordcount', '/ckeditor/plugins/notification/plugin.js' );
+    CKEDITOR.plugins.addExternal( 'wordcount', '/ckeditor/plugins/wordcount/plugin.js' );
+
     $('.js-ckeditor').each (index) ->
       group = $(this).closest(".govuk-form-group")
 
@@ -927,7 +930,24 @@ jQuery ->
 
       CKEDITOR.replace this,
         title: group.find('label').first().text(),
-        toolbar: 'mini'
+        language: 'en'
+        toolbar_mini: [
+          {name: 'p1', items: ["Cut", "Copy", "PasteText", "-", "Undo", "Redo"]},
+          {name: 'p2', items: ["Bold", "Italic",  "-", "RemoveFormat"]},
+          {name: 'p3', items: ["NumberedList", "BulletedList", "-", "Outdent", "Indent", "-", 'JustifyLeft', 'JustifyCenter', 'JustifyRight', 'JustifyBlock']}
+        ]
+        toolbar: "mini";
+        extraPlugins: 'wordcount'
+
+        wordcount: {
+          showParagraphs: false,
+          showWordCount: true
+        }
+
+        removePlugins: 'link,elementspath,contextmenu,liststyle,tabletools,tableselection'
+        disableNativeSpellChecker: false
+
+        allowedContent: 'h1 h2 h3 blockquote p ul ol li em i strong b i br'
         height: 200
         wordcount:
           maxWordCount: $(this).data('word-max')
@@ -962,3 +982,42 @@ jQuery ->
   #
   # Init WYSYWYG editor for QAE Form textareas - end
   #
+
+
+  #cookie settings
+
+  if $('.cookie-settings').length > 0
+    saveButton = document.querySelector('.save-cookie-settings')
+    cookieForm = document.querySelector('.cookie-save-form')
+
+    return if !saveButton
+
+    analyticsConsent = Cookies.get('analytics_cookies_consent_status')
+
+    if analyticsConsent is 'yes'
+      document.getElementById('cookies-analytics-yes').checked = true
+    if analyticsConsent is 'no'
+      document.getElementById('cookies-analytics-no').checked = true
+
+    cookieForm.addEventListener 'submit', (e) ->
+      e.preventDefault()
+      e.stopPropagation()
+
+      analyticsRadio = document.querySelector('input[name="cookies-analytics"]:checked')
+      analyticsValue = if analyticsRadio then analyticsRadio.value else null
+
+      if analyticsValue
+        Cookies.set('analytics_cookies_consent_status', analyticsValue, { expires: 365 })
+
+      Cookies.set('general_cookie_consent_status', 'yes', { expires: 365 })
+
+      existingMessage = document.querySelector('.save-cookie-message')
+
+      if existingMessage
+        existingMessage.parentNode.removeChild(existingMessage)
+
+      message = document.createElement('p')
+      message.classList.add('save-cookie-message')
+      message.setAttribute('role', 'alert')
+      message.innerHTML = 'Your cookie preferences were successfully saved. These preferences will be valid for 1 year.'
+      saveButton.insertAdjacentElement('afterend', message)

app/assets/javascripts/ckeditor/config.js

@@ -1,9 +1,9 @@
 CKEDITOR.editorConfig = function (config) {
   config.language = 'en';
   config.toolbar_mini = [
-    {name: "clipboard", items: ["Cut", "Copy", "PasteText", "-", "Undo", "Redo"]},
-    {name: "basicstyles", items: ["Bold", "Italic",  "-", "RemoveFormat"]},
-    {name: "paragraph", items: ["NumberedList", "BulletedList", "-", "Outdent", "Indent", "-", "JustifyLeft", "JustifyCenter", "JustifyRight", "JustifyBlock"]}
+    ["Cut", "Copy", "PasteText", "-", "Undo", "Redo"],
+    ["Bold", "Italic",  "-", "RemoveFormat"],
+    ["NumberedList", "BulletedList", "-", "Outdent", "Indent", "-", "JustifyLeft", "JustifyCenter", "JustifyRight", "JustifyBlock"]
   ];
   config.toolbar = "mini";
   config.extraPlugins = 'wordcount';
@@ -13,7 +13,7 @@ CKEDITOR.editorConfig = function (config) {
     showWordCount: true
   };
 
-  config.removePlugins = 'elementspath,contextmenu,liststyle,tabletools,tableselection';
+  config.removePlugins = 'link,elementspath,contextmenu,liststyle,tabletools,tableselection';
   config.disableNativeSpellChecker = false;
 
   config.allowedContent = {

app/assets/javascripts/frontend/form-validation.js.coffee

@@ -116,7 +116,7 @@ window.FormValidation =
   validateEmailQuestion: (question) ->
     val = String(question.find("input[type='email']").val()).toLowerCase()
 
-    if not /^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/.test(val)
+    if not /^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/.test(val) && val != ""
       @logThis(question, "validateEmailQuestion", "Not a valid email")
       @addErrorMessage(question, "Not a valid email")
 

app/assets/javascripts/frontend/ga-optout.js.coffee

@@ -1,5 +1,5 @@
 jQuery ->
-  if !Cookies.get("gaconsent") && !Cookies.get("gaoptout")
+  if !Cookies.get("general_cookie_consent_status")
     $(".govuk-cookie-banner").attr("tabindex", "-1")
     $(".govuk-cookie-banner").attr("aria-live", "polite")
     $(".govuk-cookie-banner").removeAttr("hidden")
@@ -8,24 +8,15 @@ jQuery ->
     $(".govuk-cookie-banner .cookies-action").on "click", (e) ->
       e.preventDefault()
 
-      Cookies.set("gaconsent", $(@).val(), { expires: 3650 })
+      Cookies.set("general_cookie_consent_status", 'yes', { expires: 3650 })
+      Cookies.set("analytics_cookies_consent_status", $(@).val(), { expires: 3650 })
       $(".govuk-cookie-banner .initial-message").attr("hidden", "true")
 
       if $(@).val() == "accept"
         $(".govuk-cookie-banner .accept-message").removeAttr("hidden")
       else
         $(".govuk-cookie-banner .reject-message").removeAttr("hidden")
-    
+
     $(".govuk-cookie-banner .hide-message").on "click", (e) ->
       e.preventDefault()
       $(".govuk-cookie-banner").attr("hidden", "true")
-
-  if $("#ga-optout-input").length
-    $("#ga-optout-input").prop("checked", Cookies.get("gaconsent") == "reject" || Cookies.get("gaoptout"))
-    $("#ga-optout").on "click", (e) ->
-      e.preventDefault()
-
-      if $("#ga-optout-input").prop("checked")
-        Cookies.set("gaconsent", "reject", { expires: 3650 })
-      else
-        Cookies.set("gaconsent", "accept", { expires: 3650 })

app/controllers/content_only_controller.rb

@@ -10,7 +10,8 @@ class ContentOnlyController < ApplicationController
                   :cookies,
                   :apply_for_queens_award_for_enterprise,
                   :sign_up_complete,
-                  :submitted_nomination_successful
+                  :submitted_nomination_successful,
+                  :pre_sign_in
                 ]
 
   before_action :get_current_form,

app/decorators/form_answer_decorator.rb

@@ -64,7 +64,7 @@ def award_application_title
   end
 
   def award_application_title_print
-    "The Queen's Awards for Enterprise: #{object.award_type_full_name} #{object.award_year.try(:year)}"
+    "The Queen's Award for Voluntary Service: #{object.award_year.try(:year)}"
   end
 
   def company_or_nominee_name

app/decorators/trigger_at_decorator.rb

@@ -25,6 +25,22 @@ def formatted_trigger_date(format=nil)
     object.trigger_at.strftime(str_format)
   end
 
+  def long_mail_reminder
+    trigger_at = object.strftime("%l:%M %P")
+    trigger_at = "midnight" if midnight?
+    trigger_at = "midday" if midday?
+
+    object.strftime("#{ trigger_at } on %A on #{ formatted_trigger_date("with_year") }")
+  end
+
+  def formatted_mailer_deadline
+    trigger_at = object.strftime("%l:%M %P")
+    trigger_at = "midnight" if midnight?
+    trigger_at = "midday" if midday?
+
+    object.strftime("#{ trigger_at }, #{ formatted_trigger_date("with_year") }")
+  end
+
   private
 
   def placeholder