Develop

endorsement/management/commands/reconcile_shared_drives.py

@@ -23,7 +23,7 @@ def add_arguments(self, parser):
         parser.add_argument(
             '--missing-drive-threshold',
             type=int,
-            default=50,
+            default=500,
             help="Skip missing drive deletion if missing drive count greater.",
         )
 

endorsement/static/endorsement/css/critical.scss

@@ -308,6 +308,15 @@ a {
      label { margin-bottom: 0; }
      span { font-weight: 400; }
   }
+  .access-delegate-id { font-weight: 800; }
+  .access-action { border-left: 1px solid #ddd;
+      a { color: #2F68CB; cursor: pointer; text-decoration: underline; padding-right: .5em;}
+      :last-child {padding-right:0}
+  }
+  .access-type {
+      a { font-weight: 800; color: #2F68CB; cursor: pointer; }
+      div { font-style: italic; }
+  }
   tr.new_netid,
   tr.new_access .access-delegate-id,
   tr.new_access .access-status,
@@ -410,6 +419,11 @@ label.accept_responsibility {
 
 #office_access { padding-top: .5em;
     .access-header { font-size: 1.1em; font-weight: 800; }
+    .mailbox-selector { padding-bottom: 1.5em; width: 100%;
+        label { font-weight: bold; }
+        select { float: left; width: 40%; }
+        button { float: left; margin-left: 1em; }
+    }
 }
 
 #shared_drives { padding-top: .5em;
@@ -511,6 +525,29 @@ ul.email-list { list-style: none; padding: 0; }
   h4 { font-size:1.1em; margin-top: 0; padding-top: 0; }
 }
 
+#access_netids_modal {
+    .access-type-selector {
+        margin-bottom: 1.5em;
+        label { font-weight: 800; }
+    }
+    .access-type-detail {
+        span { font-weight: 800; }
+        #toggle_permission_details > span {font-weight: normal;}
+        a { 
+          cursor: pointer; color: #2F68CB;
+          padding-left: .5em; 
+        }
+      }
+    .access-types-explained {
+        padding-top: 1em;
+        padding-left: .5em;
+    }
+}
+
+.modal-header {
+  span { font-weight: 700; }
+}
+
 .modal-content {
   overflow: auto;
 }

endorsement/templates/handlebars/tab/access/modal_access.html

@@ -0,0 +1,45 @@
+{% verbatim %}
+<script id="select_access_modal_content" type="text/x-handlebars-template">
+<div class="modal-header">
+  <span>Select permissions level for {{mailbox}}</span>
+  <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+    <span aria-hidden="true">&times;</span>
+  </button>
+</div>
+<div class="modal-body">
+  <div class="access-type-selector">
+    <label for="accesstype">Select permission level</label>
+    <select id="accesstype" class="office-access-types custom-select" data-access-right-id="{{ access_type }}" aria-label="Select access type for {{ delegate }} to {{mailbox}}'s mailbox"></select>
+  </div>
+  <div class="access-type-detail">
+    <span>Permission level details</span> <a id="toggle_permission_details" href="javascript:void(0);"><span>Hide</span> permission details</a>
+  </div>
+  <div class="access-types-explained">
+    <span>Full Access and Send As</span>
+    <ul>
+      <li>Open the mailbox</li>
+      <li>View, add and remove the contents of the mailbox</li>
+      <li>Send messages as if they came directly from the mailbox</li>
+    </ul>
+    <span>Full Access</span>
+    <ul>
+      <li>Open the mailbox</li>
+      <li>View, add and remove the contents of the mailbox</li>
+    </ul>
+    <span>Send As</span>
+    <ul>
+      <li>Send messages as if they came directly from the mailbox</li>
+    </ul>
+    <span>Send on Behalf</span>
+    <ul>
+    <li>Alows the delegate to send messages from the mailbox or group</li>
+    <li>Send messages on behalf of the mailbox (the “from” address clearly shows the message was sent by a delegate)</li>
+   </ul>
+  </div>
+</div>
+<div class="modal-footer">
+  <button type="button" class="btn btn-secondary button-link" data-dismiss="modal">Cancel</button>
+  <button type="button" id="select_netid_access" class="btn btn-primary" disabled="disabled">Next</button>
+</div>
+</script>
+{% endverbatim %}

endorsement/templates/handlebars/tab/access/modal_confirm.html

@@ -38,7 +38,7 @@ <h4>Statement of agreement</h4>
 </div>
 <div class="modal-footer">
   <button type="button" class="btn btn-secondary button-link" data-dismiss="modal">Cancel</button>
-  <button type="button" id="confirm_netid_access" class="btn btn-primary" disabled="disabled">OK</button>
+  <button type="button" id="confirm_netid_access" class="btn btn-primary" disabled="disabled" data-loading-text="Setting Access">OK</button>
 </div>
 </script>
 

endorsement/templates/handlebars/tab/access/modal_renew.html

@@ -8,27 +8,25 @@
 </div>
 <div class="modal-body">
   <div class="endorsed-acceptance container">
-    {{> modal_action_partial}}
+    <div class="row"><div class="col-md-12">
+    You are about to renew access to the UW Office 365 Exchange Online mailbox belonging
+    to UW NetID "{{mailbox}}".
+    </div></div>
     <div class="row">
       <div class="col-md-12">
     As the provisioner, you are responsible for the proper use, account maintenance, and file privileges of the provision.
       </div>
     </div>
     <div class="row">
       <div class="col-md-12">
-    The use of UW Office 365 by any indivual is bound by UW's Appropriate Use policy, as well as being subject to state and federal law, and other UW policies and procedures. For more information, visit <a href="https://itconnect.uw.edu/work/appropriate-use/" target="_blank">UW's Appropriate Use</a> page.
-      </div>
-    </div>
-    <div class="row">
-      <div class="col-md-12">
-    Lear more about provision renewal
+    To learn more about provision renewal visit the <a href="https://itconnect.uw.edu/tools-services-support/software-computers/productivity-platforms/provisioning-request-tool/#annual-review" target="_blank">Provision Request Tool help page</a>.
       </div>
     </div>
   </div>
 </div>
 <div class="modal-footer">
   <button type="button" class="btn btn-secondary button-link" data-dismiss="modal">Cancel</button>
-  <button type="button" id="confirm_netid_renew" class="btn btn-primary">OK</button>
+  <button type="button" id="confirm_netid_renew" class="btn btn-primary" data-loading-text="Renewing">OK</button>
 </div>
 </script>
 

endorsement/templates/handlebars/tab/access/modal_revoke.html

@@ -17,7 +17,7 @@
 </div>
 <div class="modal-footer">
   <button type="button" class="btn btn-secondary button-link" data-dismiss="modal">Cancel</button>
-  <button type="button" id="confirm_netid_revoke" class="btn btn-primary">Revoke access</button>
+  <button type="button" id="confirm_netid_revoke" class="btn btn-primary" data-loading-text="Revoking">Revoke access</button>
 </div>
 </script>
 

endorsement/templates/handlebars/tab/access/modal_update.html

@@ -13,7 +13,7 @@
 </div>
 <div class="modal-footer">
   <button type="button" class="btn btn-secondary button-link" data-dismiss="modal">Cancel</button>
-  <button type="button" id="confirm_netid_update" class="btn btn-primary">OK</button>
+  <button type="button" id="confirm_netid_update" class="btn btn-primary" data-loading-text="Updating">OK</button>
 </div>
 </script>
 

endorsement/templates/handlebars/tab/access/modal_validate.html

@@ -1,20 +1,24 @@
 {% verbatim %}
 <script id="access_validate_netids_modal_content" type="text/x-handlebars-template">
 <div class="modal-header">
-  <span>Add Access to "{{ mailbox }}"</span>
+  <span>Determine who will get access to mailbox "{{ mailbox }}"</span>
   <button type="button" class="close" data-dismiss="modal" aria-label="Close">
     <span aria-hidden="true">&times;</span>
   </button>
 </div>
 <div class="modal-body validate-netid-list">
+  <strong>Add UW NetIDs or UW Groups</strong>
   <p>
-  Add UW NetIDs or UW Groups to be provisioned with elevated access to mailbox "{{ mailbox }}". Please note that UW NetIDs or UW Groups added to "{{ mailbox }}" must be <a href="https://itconnect.uw.edu/tools-services-support/software-computers/productivity-platforms/microsoft-productivity-platform/exchange-online/exchange-enabled-uw-groups/" target="_blank">Exchange-enabled</a> before granting access.
+    Add people or groups to be provisioned with elevated access to mailbox "{{ mailbox }}".  You will select the access permission level in the next step.
   </p>
-  <textarea class="form-control" data-mailbox="{{ mailbox }}" placeholder="Enter the UW NetIDs or UW Groups that you'd like to provide access to the &quot;{{ mailbox }}&quot; mailbox. Ex: harrythehusky, u_mygroup, etc."></textarea>
+  <p>
+    <strong>Please note:</strong> UW NetIDs or UW Groups added to "{{ mailbox }}" must be <a href="https://itconnect.uw.edu/tools-services-support/software-computers/productivity-platforms/microsoft-productivity-platform/exchange-online/exchange-enabled-uw-groups/" target="_blank">Exchange-enabled</a> before granting access.
+  </p>
+  <textarea class="form-control" data-mailbox="{{ mailbox }}"></textarea>
 </div>
 <div class="modal-footer">
   <button type="button" class="btn btn-secondary button-link" data-dismiss="modal">Cancel</button>
-  <button type="button" id="validate_netids_access" class="btn btn-primary" disabled="disabled" data-loading-text="Validating UW NetID(s)">Add to "{{ mailbox }}"</button>
+  <button type="button" id="validate_netids_access" class="btn btn-primary" disabled="disabled" data-loading-text="Validating UW NetID(s)">Next</button>
 </div>
 </script>
 {% endverbatim %}

endorsement/templates/handlebars/tab/access/office.html

@@ -1,38 +1,35 @@
 {% verbatim %}
 <script id="office_access_panel" type="text/x-handlebars-template">
-<div class="row justify-content-end">
- <div class="col-sm-9">
-    <span class="access-header">UW Office 365 Outlook (Exchange Online) mailbox permissions</span>
-    <p><a href="https://itconnect.uw.edu/tools-services-support/software-computers/productivity-platforms/microsoft-productivity-platform/exchange-online/add-mailbox-permissions/" target="_blank">Learn about UW Office 365 Exchange Online mailbox permissions</a>
 
- </div>
- <div class="col-sm-3">
-  <div class="input-group mb-3">
-    <label for="addnetid" class="visually-hidden">Select a mailbox to providing access to</label>
-    <select class="custom-select inbox-netids">
-      <option value="">Select a mailbox</option>
-      {{#each netids}}
-      <option value="{{this}}">{{this}}</option>
-      {{/each}}
-    </select>
-    <div class="input-group-append">
-      <button type="button" class="btn btn-primary" id="add_access" data-loading-text="Adding NetID">Give access to...</button>
+
+<div class="container row">
+ <div class="mailbox-selector">
+    <div>
+      <label for="addnetid">Select a mailbox to give access to</label>
+    </div>
+    <div>
+      <select class="custom-select inbox-netids">
+        <option value="">Select a mailbox</option>
+        {{#each netids}}
+        <option value="{{this}}">{{this}}</option>
+        {{/each}}
+      </select>
+      <button type="button" class="btn btn-primary" id="add_access" data-loading-text="Adding NetID">Next&hellip;</button>
     </div>
-  </div>
- </div>
 </div>
 
+
   <div class="form-group">
     <div class="office-access-table">
     <table class="table outlook-access-table">
       <caption class="visually-hidden">NetIDs with access to your Outlook mailboxes</caption>
       <thead class="thead-light">
         <tr>
-          <th scope="col" class="endorsed-netid">UW NetID's Mailbox <span class="prt-data-popover" aria-hidden="true" tabindex="0" data-placement="right" data-content="If you’re not seeing a UWNetID that you’d expect, make sure that UW Office 365 is provisioned under the SERVICES FOR NETIDS tab." data-original-title="UW NetID"><i class="fa fa-question-circle"></i></span></th>
+          <th scope="col" class="endorsed-netid">UW NetID <span class="prt-data-popover" aria-hidden="true" tabindex="0" data-placement="right" data-content="If you’re not seeing a UWNetID that you’d expect, make sure that UW Office 365 is provisioned under the SERVICES FOR NETIDS tab." data-original-title="UW NetID"><i class="fa fa-question-circle"></i></span></th>
           <th scope="col" >Name</th>
-          <th scope="col" class="access-delegate">UW NetID/Group</th>
+          <th scope="col" class="access-delegate">Person/Group</th>
+          <th scope="col" class="access-type">Access Type</th>
           <th scope="col" class="access-status">Status</th>
-          <th scope="col" class="access-type">Permissions <span class="prt-data-popover" aria-hidden="true" tabindex="0" data-placement="left" data-content="<h6>Full Access and Send As</h6><ul><li>Open the mailbox</li><li>View, add and remove the contents of the mailbox</li><li>Send messages as if they came directly from the mailbox</li></ul><h6>Full Access</h6><ul><li>Open the mailbox</li><li>View, add and remove the contents of the mailbox</li></ul><h6>Send As</h6><ul><li>Send messages as if they came directly from the mailbox</li></ul><h6>Send on Behalf</h6><ul><li>Alows the delegate to send messages from the mailbox or group</li><li>Send messages on behalf of the mailbox (the “from” address clearly shows the message was sent by a delegate)</li></ul>" data-original-title="Permissions"><i class="fa fa-question-circle"></i></th>
           <th scope="col" class="access-action">Action</th>
         </tr>
       </thead>
@@ -60,17 +57,32 @@
 
 <script id="office_access_row_partial" type="text/x-handlebars-template">
     <tr class="
-endorsement_row_{{#if (eq access_index 0) }}first {{else}}following {{/if}} endorsee_row_{{#if (even accessee_index)}}even{{else}}odd{{/if}}{{#unless delegate}} no-delegates{{/unless}}{{#if new_delegate}} new_access{{/if}}" data-mailbox="{{ mailbox }}" data-delegate="{{ delegate }}">
+endorsement_row_{{#if (eq access_index 0) }}first {{else}}following {{/if}} endorsee_row_{{#if (even accessee_index)}}even{{else}}odd{{/if}}{{#unless delegate}} no-delegates{{/unless}}{{#if new_delegate}} new_access{{/if}}" data-mailbox="{{ mailbox }}" data-delegate="{{ delegate }}" data-right-id="{{right_id}}">
       <td scope="row" class="access-mailbox" data-mailbox="{{ mailbox }}">{{ mailbox }}</td>
     <td class="access-mailbox-name">{{ name }}</td>
 {{#if is_valid}}
 {{#if delegate}}
     <td class="access-delegate-id">{{#if delegate_link}}<a href="{{ delegate_link }}" target="_blank">{{/if}}{{ delegate }}{{#if delegate_link}}</a>{{/if}}</td>
-    <td class="access-status">{{#if date_granted}}<i class="fa fa-check" style="color: green;"></i> Provisioned<p>Renew by {{date_renewal}}<br />({{date_renewal_relative}})</p>{{else}}Not Provisioned{{/if}}</td>
-      <td class="access-type"><label for="accesstype" class="visually-hidden">Permissions</label><select id="accesstype" class="office-access-types custom-select" data-access-right-id="{{ right_id }}" aria-label="Select permissions for {{ delegate }} to {{mailbox}}'s mailbox"></select></td>
-      <td class="access-action">{{#if date_granted}}<button type="button" class="btn btn-primary" id="access_update" data-loading-text="Updating" style="display: none;">Update</button><button type="button" class="btn btn-primary" id="access_renew" data-loading-text="Renewing">Renew</button> <button type="button" class="btn btn-secondary" id="access_revoke" data-loading-text="Revoking">Revoke</button>{{else}}<button type="button" class="btn btn-secondary" id="access_provision" disabled="disabled" data-loading-text="Provisioning">Provision Access</button>{{/if}}</td>
+    {{#if date_granted}}
+        <td class="access-type">{{right_name}}</td>
+        <td class="access-status">{{#if date_granted}}<i class="fa fa-check" style="color: green;"></i> Provisioned<p>Renew by {{date_renewal}}<br />({{date_renewal_relative}})</p>{{/if}}</td>
+    {{else}}
+        <td class="access-type" colspan="2">
+          <a id="select_access_type">Select permission level</a>
+          <div>
+          This UW NetID does not yet have mailbox access.
+          </div>
+        </td>
+    {{/if}}
+    <td class="access-action">
+    {{#if date_granted}}
+      <a id="access_update">Update</a>
+      <a id="access_renew">Renew</a>
+      <a id="access_revoke">Revoke</a>
+    {{/if}}
+    </td>
 {{else}}
-      <td class="text-center" colspan="4"><span class="fw-lighter">No mailbox permissions provisioned</span></td>
+      <td class="text-center" colspan="4"><span class="fw-lighter">No access type provisioned</span></td>
 {{/if}}
 {{else}}
     <td>{{#if delegate_link}}<a href="{{ delegate_link }}" target="_blank">{{/if}}{{ delegate }}{{#if delegate_link}}</a>{{/if}}</td>
@@ -88,15 +100,15 @@
       <td class="access-delegate-id">{{#if delegate_link}}<a href="{{ delegate_link }}" target="_blank">{{/if}}{{ delegate }}{{#if delegate_link}}</a>{{/if}}</td>
       <td colspan="3">
        <p>
-         PRT policy allows only one permission, however, this {{#if is_group}}UW Group{{else}}{{#if is_shared_netid}}shared {{else}}{{/if}}UW NetID{{/if}} has multiple permissions assigned.  Please select one permission for this {{#if is_group}}UW Group{{else}}{{#if is_shared_netid}}shared {{else}}{{/if}}UW NetID{{/if}}.
+         PRT policy allows only one access type, however, this {{#if is_group}}UW Group{{else}}{{#if is_shared_netid}}shared {{else}}{{/if}}UW NetID{{/if}} has multiple access types assigned.  Please select one access type for this {{#if is_group}}UW Group{{else}}{{#if is_shared_netid}}shared {{else}}{{/if}}UW NetID{{/if}}.
        </p>
       <div class="row">
         <div class="col-md-8">
         {{#each rights}}
           <input type="radio" class="access-conflict" id="{{ name }}" value="{{name}}">
           <label for="{{ name }}"> {{ display_name }}</label><br />
         {{/each}}
-        <button type="button" class="btn btn-primary" id="access_resolve" data-loading-text="Setting Permissions" data-mailbox="{{ mailbox }}" data-delegate="{{ delegate }}" disabled="disabled">Choose Permission</button>
+        <button type="button" class="btn btn-primary" id="access_resolve" data-loading-text="Setting Permissions" data-mailbox="{{ mailbox }}" data-delegate="{{ delegate }}" disabled="disabled">Choose Access Type</button>
        </div>
       </div>
       </td>

endorsement/templates/index.html

@@ -52,6 +52,7 @@ <h1>Manage your Google Shared Drives</h1>
  {% if '*' in provisioning or 'mailbox_access' in provisioning  %}
  <div id="access" class="tab">
   <h1>Manage access to your Outlook mailboxes</h1>
+  <p>Give UW NetIDs or groups access to your UW Office 365 Outlook (Exchange Online) mailbox.  <a href="https://itconnect.uw.edu/tools-services-support/software-computers/productivity-platforms/microsoft-productivity-platform/exchange-online/add-mailbox-permissions/" target="_blank">Learn more.</a></p>
   <div id="office_access" class="netid-panel"></div>
  </div>
  {% endif %}
@@ -81,6 +82,7 @@ <h1>Manage access to your Outlook mailboxes</h1>
 {% include "handlebars/tab/access/modal_action_partial.html" %}
 {% include "handlebars/tab/access/modal_validate.html" %}
 {% include "handlebars/tab/access/modal_confirm.html" %}
+{% include "handlebars/tab/access/modal_access.html" %}
 {% include "handlebars/tab/access/modal_revoke.html" %}
 {% include "handlebars/tab/access/modal_resolved.html" %}
 {% include "handlebars/tab/access/modal_renew.html" %}