This now matches the updated safety questions from
af249ca0 .

RT 228354 - the numbering of sections in the Safety Handbook has
changed, making the references in the form inaccurate. Safety have
requested we do not give specific section numbers on the safety
checklist so this change removes them.

Strip whitespace from string fields in personal data form

Closes #74

See merge request !6

There were some other forms beside the personal data form that used
StringField where StrippedStringField would be more appropriate as we
don't want whitespace around the value.

We do not want people entering data with whitespace on the start or end.
This adds a subclass of StringField that adds a filter to strip its
input, and uses that subclass to generate form fields.

By execing python3 rather than running it as a child of /bin/sh shutdown
becomes a lot faster because then the SIGTERM gets seen by the python
process; when /bin/sh is the CMD and is signalled it doesn't pass the
signal on to its child python process, and Docker then waits for 10
seconds before sending a SIGKILL.

The live app has been migrated to Focal and Bionic is about to go end of
life.

It turns out to be necessary to mock out the whole of smtplib.SMTP
rather than just its send_message method, as otherwise an attempt to
open a socket when instantiating an instance fails when the test is run
from our gitlab setup.

Code should have tests.

Makes working on this on a machine with a package of chemistry_starters
installed easier.

New functions should have tests.

Added __init__.py to the tests directory to help with relative imports.

- adds a function in the database module to look up email addresses
for currently registered people and uses it to simplify
chemistry_starters.utils.mail_safety_induction_signoff

- completely remove
chemistry_starters.safety.get_safety_induction_signer as it can be done
with database.get_form_column

- update tests

Requested in RT 226948 where we were asked to inform the form creator
when the personal details and safety checklist had both been completed.

It seems unlikely that a single email at this point in the process is
really all that is wanted, so this change adds a new function to send an
email with a progress report to the form creator, and calls that when
the safety form is submitted. If we're asked to send emails at other
stages too we can just call that function again.

It also adds a function to get the email address of a currentty
registered person from their database id. This can be reused elsewhere.

The placeholder safety handbook is only there for testing purposes, so
does not go into the Debian package.

App provides safety handbook

See merge request !5

The endpoint for signing off student safety training failed to email the
admin team when an application is complete. This change fixes that.

We have an endpoint for this so we might as well use it.

There's an endpoint that allows downloading of a PDF copy of a person's
safety checklist. It's supposed to check that REMOTE_USER is set to a
member of the Department, and also that a valid time-limited token for
the safety checklist was provided. Because of an ordering problem on the
applied decorators these checks were not being done. This is not quite
as bad as it sounds because the webserver would still be enforcing that
Raven authentication had happened, although anyone with Raven would have
passed, and the missing token check didn't matter because the endpoint
needs to decode the token later on, so the necessary check happened
there instead.  The decorator to check the token also had an incorrect
argument which is fixed too.

The upshot was that if anyone with a working Raven password and not a
member of the department also had access to a valid time limited token
for this endpoint they could theoretically have downloaded someone's
safety checklist that they should not have had access to.

The starter needs the safety handbook to complete their safety checklist
form. While they should have already been emailed a copy, they could
have lost it. This change adds an endpoint where a user with a valid token
can download the secret handbook, and updates the safety checklist
page to have a link to that. If the handbook hasn't been provided to the
app it tells the starter to go and ask their group admin instead.

This is another possible exception that can be thrown by a bad token, so
we should handle it.

If the safety handbook is available, add it as an attachment to the new
starters email.

This provides and endpoint for group admins to get the safety handbook
from so they can easily give a copy to their new starters. The endpoint
checks REMOTE_USER which is set by the use of Raven protection, so only
members of the department allowed to generate registration forms can
access it.

The form generation page is updated to warn if the handbook is not
available. Later we'll link the handbook here if it is available.

Because we can't commit the secret safety handbook to this repository we
need to ensure that the application behaves well if we should
accidentally deploy it without giving it access to a copy. This adds a
function to check that.

The safety handbook can no longer be made available on our website
without password protection (see RT 226276) and so this application must
have access to a copy and be able to serve it up to people who request
it and are authorized to see it. This change adds a 'documents'
directory to hold the handbook PDF and possibly other sensitive
documents, a placeholder file to use in tests of the handbook
functionality, and config to tell the application the filename to find
the handbook at. The real handbook can't be committed to this
repository as it's public.

RT 225730 - another attempt to guide people to choose the correct form
type for their starter.

Improvements to navigation

See merge request !4

People are still failing to complete the safety stages of registration.

This change adds styling to the 'tasks to be done' sections of the main
navigation template to try to make it even clearer that there's more
than one thing to be done. Because this trains the user to take action
on items coloured pink and therefore they may now ignore everything
else, I've also styled the reminder about getting a photograph taken to
match even though it's something that happens outside this system.

The submit button text on the personal details form is also updated to
imply there are subsequent tasks after that form is submitted.

Replace photo uploads with reminder to make appointment

Closes #9

See merge request !3

Instead of having people upload photographs and affirm they've done this
we now want to ask them to make an appointment with Photography to have
a photo taken in-house. ( RT 224010 ).

This removes the personal data form question about uploading photos and
replaces the instructions for the photo with a pointer to Photography.
The photo upload URL setting is removed as it's no longer needed. The
navigation page template is updated to include a reminder to arrange for
a photograph to be taken once the registration is complete. The email to
Photography is retained, as that's how they will keep track of who needs
to be photographed, but the text is updated.

Closes #9 as we no longer need to implement this.

We've been having problems with Visitors selecting 'Embedded company
staff' as their post category when they very clearly are not; embedded
company staff don't get Chemistry IT resources and so we find this out
when we get tickets about them not having access to things they should.
The most obvious reason for the bad choice is that it's the default
selection and they simply don't read the form carefully enough.

This commit changes the post category questions on the various types of
from to have no default entry, hopefully encouraging people to make a
considered choice.

The previous commit changed a template which affected one of the tests.
This updates the text to be matched.

Some people are still filling in the personal details form but
apparently not noticing the instruction that they also need to complete
their safety checklist. They are then surprised when their registration
doesn't go through because they thought it was complete. This causes
extra work for the admin team and delay for the starter.

This change moves the list of incomplete tasks to the top of the
navigation page in the hope that they will be easier to notice there.
The header text for incomplete tasks is updated to be in <em> tags to
match other sections containing things that need action.

DTC postgrads do an initial year where they are not assigned to any
particular group or even department; they cycle around a few. Because of
this there have been issues with them being unable to get a safety
induction at Chemistry in order to complete a registration, and Alice
Wood has suggested they should instead get signed in as short term
visitors for the occasions on which they need to physically enter the
department.

Once they finish their initial year and get assigned to a research group
in Chemistry they can and should register with us as ordinary postgraduate
students.

This change removes all the logic for the DTC postgraduate category from
the app. We also need to clean up a reference in the database view
registration.crsids_allowed_to_generate_forms in the database although
the example SQL here has been updated.

Better help for crsid field, compulsory for postgrads

Closes #71

See merge request !1

This year we have had several postgrads fail to enter their CRSID on
their registration form. This was missed when the forms were imported
which led to several duplicate entries in the database requiring tedious
manual merging.

I believe all postgrads have a CRSID at the point they register with us,
as they're issued when they apply to Cambridge, so there's no reason we
should not make it compulsory to enter it. Other categories may not have
CRSIDs at the point of registration and so the field must remain
optional for them. This change makes the CRSID field compulsory for
postgraduates, including DTC postgraduates.

The change includes more assistance with putting the right thing into
the CRSID field. The field now always has a placeholder value that
matches the one used by Raven, and for the postgraduates an explanation
that the CRSID is the thing before @cam.ac.uk in their email address. I
have not added that explanation for other categories as they won't
necessarily have a Cambridge email address.

A regular annoyance with this application is needing to restart Apache
to reload it when the code changes. If we run it in WSGI daemon mode
rather than embedded mode it will automatically restart when
starters.wsgi changes, which is an improvement.

The forms that load lists of choices from the database do that at class
definition time, so every instantiated form inherits the lists loaded
when the app started up. This is annoying when things change in the
database because the changes are not reflected until the webserver
restarts.

This change overrides the WTForms form constructor where needed to load
the choices there instead, so they are loaded fresh for every
instantiation of a form object. It supercedes and so undoes the change
in the previous commit which manually reloaded the list of safety
signers.

See RT 221400. The list of people who are allowed to sign off safety
forms is generated from the database. Because of the way WTForms works,
the list is set when the code to define the safety form class is first
run, and each safety form instance that is created gets the same list
from the class. This is annoying when new people have been added to the
list, as the applicaton doesn't see them until it restarts and hence
re-runs the code to define the class.

This change reloads the choices on the safety induction signer field on
instances of the safety form immediately after they are created in the
safety checklist view, thus immediately picking up new signers.