Feat/enhance incident submission flow (#403)

* feat: enhance success modal * feat: reanable security group users * fix: format * fix: add return of line * fix: tests * fix: use official translation * fix: remove comments
cds-snc · Feb 8, 2024 · 1e3548e · 1e3548e
1 parent 6e3b0ef
commit 1e3548e
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 25 deletions.
diff --git a/app/commands/incident.py b/app/commands/incident.py
@@ -204,10 +204,7 @@ def handle_change_locale_button(ack, client, body):
 
 
 def submit(ack, view, say, body, client, logger):
-    ack(
-        response_action="update",
-        view=generate_success_modal(body),
-    )
+    ack()
 
     errors = {}
 
@@ -251,7 +248,9 @@ def submit(ack, view, say, body, client, logger):
     channel_name = response["channel"]["name"]
     logger.info(f"Created conversation: {channel_name}")
 
-    channel_id = response["channel"]["id"]
+    view = generate_success_modal(body, channel_id, channel_name)
+    client.views_open(trigger_id=body["trigger_id"], view=view)
+
     channel_url = f"https://gcdigital.slack.com/archives/{channel_id}"
 
     # Set topic
@@ -312,14 +311,6 @@ def submit(ack, view, say, body, client, logger):
     text = f":lapage: An incident report has been created at: {document_link}"
     say(text=text, channel=channel_id)
 
-    # Reminder to brief up
-    text = ":alphabet-yellow-question: Is this a `cybersecurity incident` (secret/data leak, account compromise, attack)? Please initiate the briefing process for CCCS and TBS OCIO Cyber. This just means we send a summary of the incident (or initial findings and updates if incident is ongoing) to [email protected] and CC [email protected], and [email protected]! CCCS will reach out with a case number, and any questions if they need more information."
-    say(text=text, channel=channel_id)
-
-    # Reminder to stop planned testing
-    text = ":alphabet-yellow-question: Is someone `penetration or performance testing`? Please stop it to make your life easier."
-    say(text=text, channel=channel_id)
-
     # Gather all user IDs in a list to ensure uniqueness
     users_to_invite = []
 
@@ -346,7 +337,7 @@ def submit(ack, view, say, body, client, logger):
     say(text=text, channel=channel_id)
 
 
-def generate_success_modal(body):
+def generate_success_modal(body, channel_id, channel_name):
     locale = body["view"]["blocks"][0]["elements"][0]["value"]
     if locale != "fr-FR":
         locale = "en-US"
@@ -361,15 +352,44 @@ def generate_success_modal(body):
                 "text": {
                     "type": "plain_text",
                     "text": i18n.t("incident.modal.success"),
-                    "emoji": True,
                 },
             },
             {
                 "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": f"{i18n.t('incident.modal.user_added')} <#{channel_id}|{channel_name}>",
+                },
+            },
+            {
+                "type": "divider",
+            },
+            {
+                "type": "header",
                 "text": {
                     "type": "plain_text",
-                    "text": i18n.t("incident.modal.user_added"),
-                    "emoji": True,
+                    "text": i18n.t("incident.modal.next_steps"),
+                },
+            },
+            {
+                "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": i18n.t("incident.modal.next_steps_instructions"),
+                },
+            },
+            {
+                "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": i18n.t("incident.modal.brief_up"),
+                },
+            },
+            {
+                "type": "section",
+                "text": {
+                    "type": "mrkdwn",
+                    "text": i18n.t("incident.modal.planned_testing"),
                 },
             },
         ],

diff --git a/app/commands/locales/incident.en-US.yml b/app/commands/locales/incident.en-US.yml
@@ -12,4 +12,8 @@ en-US:
     description: "Short description (ex: too many 500 errors)"
     product: "Select a product"
     success: "Incident successfully created"
-    user_added: "You have been added to the incident's conversation."
+    user_added: "You have been added to the incident's conversation:\n"
+    next_steps: "Wait! What's next?"
+    next_steps_instructions: "Ask yourself these questions:"
+    brief_up: ":alphabet-yellow-question: Is this a `cybersecurity incident` (secret/data leak, account compromise, attack)?\nPlease initiate the briefing process for CCCS and TBS OCIO Cyber.\nThis just means we send a summary of the incident (or initial findings and updates if incident is ongoing) to [email protected] and CC [email protected], and [email protected]! CCCS will reach out with a case number, and any questions if they need more information."
+    planned_testing: ":alphabet-yellow-question: Is someone `penetration or performance testing`? Please stop it to make your life easier."
diff --git a/app/commands/locales/incident.fr-FR.yml b/app/commands/locales/incident.fr-FR.yml
@@ -12,4 +12,8 @@ fr-FR:
     description: "Courte description (ex: trop d'erreurs 500)"
     product: "Choisissez un produit"
     success: "Incident créé avec succès"
-    user_added: "Vous avez ajouté à la discussion de cet incident."
+    user_added: "Vous avez ajouté à la discussion de cet incident:\n"
+    next_steps: "Attendez! Que faire ensuite?"
+    next_steps_instructions: "Posez-vous ces questions:"
+    brief_up: "S'agit-il d'un `incident de cybersécurité` (fuite de secrets/données, comptes compromis, attaque) ?\nVeuillez lancer le processus de breffage pour le Centre canadien pour la cybersécurité (CCC) et le Bureau du dirigeant principal de l'information du SCT.\nCela veut simplement dire que nous enverrons un résumé de l'incident (ou les conclusions préliminaires et les mises à jour si l'incident est toujours en cours) à [email protected], avec [email protected] en CC, et à [email protected]! Le CCC nous assignera un numéro de dossier et nous demandera plus de détails si nécessaire."
+    planned_testing: "Êtes-vous en train d'effectuer un `test de pénétration ou de performance` ? Veuillez cesser pour faciliter les choses."
diff --git a/app/tests/commands/test_incident.py b/app/tests/commands/test_incident.py
@@ -449,7 +449,7 @@ def test_incident_submit_calls_ack(
 @patch("commands.incident.google_drive.create_new_incident")
 @patch("commands.incident.google_drive.list_metadata")
 @patch("commands.incident.log_to_sentinel")
-def test_incident_submit_calls_ack_with_response_action(
+def test_incident_submit_calls_views_open(
     _log_to_sentinel_mock,
     _mock_list_metadata,
     _mock_create_new_incident,
@@ -464,10 +464,8 @@ def test_incident_submit_calls_ack_with_response_action(
     body = {"user": {"id": "user_id"}, "trigger_id": "trigger_id", "view": view}
     client = MagicMock()
     incident.submit(ack, view, say, body, client, logger)
-    ack.assert_called_once_with(
-        response_action="update",
-        view=_mock_generate_success_modal(body),
-    )
+    ack.assert_called_once()
+    client.views_open.assert_called_once()
 
 
 def test_incident_submit_returns_error_if_description_is_not_alphanumeric():
@@ -550,8 +548,9 @@ def test_incident_submit_adds_creator_to_channel(
     logger = MagicMock()
     view = helper_generate_view()
     say = MagicMock()
-    body = {"user": {"id": "creator_user_id"}, "view": view}
+    body = {"user": {"id": "creator_user_id"}, "view": view, "trigger_id": "trigger_id"}
     client = MagicMock()
+    client.views_open.return_value = {"view": view}
     client.conversations_create.return_value = {
         "channel": {"id": "channel_id", "name": "channel_name"}
     }