diff --git a/caseworker/cases/forms/queries.py b/caseworker/cases/forms/queries.py index 74f584b58d..e6c6ad5953 100644 --- a/caseworker/cases/forms/queries.py +++ b/caseworker/cases/forms/queries.py @@ -8,10 +8,12 @@ class CloseQueryForm(forms.Form): reason_for_closing_query = forms.CharField( label="Why are you closing the query? This will not be visible to the exporter.", widget=forms.Textarea, - required=False, + error_messages={"required": "Enter a reason why you are closing the query"}, ) def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.helper = FormHelper() - self.helper.layout = Layout("reason_for_closing_query", Button("submit", "Submit")) + self.helper.layout = Layout( + "reason_for_closing_query", Button("submit", "Submit", css_class="govuk-!-margin-bottom-0") + ) diff --git a/caseworker/cases/helpers/case.py b/caseworker/cases/helpers/case.py index aa364909c7..da4ea6ca2e 100644 --- a/caseworker/cases/helpers/case.py +++ b/caseworker/cases/helpers/case.py @@ -239,7 +239,7 @@ def _transform_data(self): for queue_detail in self.case.queue_details: queue_detail["days_on_queue_elapsed"] = (timezone.now() - parse(queue_detail["joined_queue_at"])).days - def get(self, request, **kwargs): + def get(self, request, *args, **kwargs): self.case_id = str(kwargs["pk"]) self.case = get_case(request, self.case_id) self.queue_id = kwargs["queue_pk"] diff --git a/caseworker/cases/views/queries.py b/caseworker/cases/views/queries.py index 61b00a2bba..6522244c5d 100644 --- a/caseworker/cases/views/queries.py +++ b/caseworker/cases/views/queries.py @@ -1,13 +1,16 @@ +from django.http import Http404 from django.urls import reverse from django.views.generic import FormView from caseworker.cases.forms.queries import CloseQueryForm +from caseworker.cases.helpers.ecju_queries import get_ecju_queries from caseworker.cases.services import put_ecju_query from core.auth.views import LoginRequiredMixin class CloseQueryView(LoginRequiredMixin, FormView): form_class = CloseQueryForm + template_name = "case/close-query.html" def dispatch(self, request, *args, **kwargs): self.lite_user = request.lite_user @@ -35,3 +38,22 @@ def get_success_url(self): "tab": "ecju-queries", }, ) + + def get_query(self, open_ecju_queries): + for query in open_ecju_queries: + if query["id"] == str(self.kwargs["query_pk"]): + return query + return None + + def get_context_data(self, *args, **kwargs): + context = super().get_context_data(*args, **kwargs) + + open_ecju_queries, _ = get_ecju_queries(self.request, self.kwargs["pk"]) + query = self.get_query(open_ecju_queries) + if not query: + raise Http404 + + context["title"] = "Close query" + context["query"] = query + + return context diff --git a/caseworker/templates/case/close-query.html b/caseworker/templates/case/close-query.html new file mode 100644 index 0000000000..a1092f159e --- /dev/null +++ b/caseworker/templates/case/close-query.html @@ -0,0 +1,35 @@ +{% extends 'layouts/two-pane.html' %} +{% load crispy_forms_tags crispy_forms_gds %} + +{% block title %}{{title}}{% endblock %} +{% block back_link %} + {{ back_link_text|default:"Back" }} +{% endblock %} + +{% block two_thirds %} + +{% if errors %} + {% include "forms-errors.html" %} +{% endif %} + +
+ {% csrf_token %} + + {% error_summary form %} + +
+

+ +

+
+
+ {{ query.question }} +
+
+ {% crispy form %} +
+
+ +{% endblock %} diff --git a/caseworker/templates/layouts/base.html b/caseworker/templates/layouts/base.html index 0fad2fc156..17b0121056 100644 --- a/caseworker/templates/layouts/base.html +++ b/caseworker/templates/layouts/base.html @@ -152,6 +152,11 @@

Support links

{% endif %} +
  • + + Accessibility statement + +
    • diff --git a/caseworker/urls.py b/caseworker/urls.py index 6e09bebe91..6e9388ecb5 100644 --- a/caseworker/urls.py +++ b/caseworker/urls.py @@ -3,6 +3,8 @@ import caseworker.core.views +from core.accessibility.views import CaseworkerAccessibilityStatementView + urlpatterns = [ path("healthcheck/", include("health_check.urls")), @@ -27,6 +29,11 @@ path("tau/report_summary/", include("caseworker.report_summary.urls")), path("search/", include("caseworker.search.urls")), path("bookmarks/", include("caseworker.bookmarks.urls")), + path( + "accessibility-statement/", + CaseworkerAccessibilityStatementView.as_view(), + name="caseworker-accessibility-statement", + ), ] diff --git a/core/accessibility/views.py b/core/accessibility/views.py new file mode 100644 index 0000000000..5bddadcb60 --- /dev/null +++ b/core/accessibility/views.py @@ -0,0 +1,29 @@ +from django.views.generic import TemplateView +from django.urls import reverse + +from core.auth.views import LoginRequiredMixin + + +class BaseAccessibilityStatementView(LoginRequiredMixin, TemplateView): + template_name = "accessibility/accessibility.html" + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + protocol = "https://" if self.request.is_secure() else "http://" + context["host"] = f"{protocol}{self.request.get_host()}/" + return context + + +class ExporterAccessibilityStatementView(BaseAccessibilityStatementView): + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + context["back_url"] = reverse("core:home") + return context + + +class CaseworkerAccessibilityStatementView(BaseAccessibilityStatementView): + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + context["back_url"] = reverse("core:index") + + return context diff --git a/core/templates/accessibility/accessibility.html b/core/templates/accessibility/accessibility.html new file mode 100644 index 0000000000..402485aa51 --- /dev/null +++ b/core/templates/accessibility/accessibility.html @@ -0,0 +1,111 @@ +{% extends 'layouts/base.html' %} + +{% block back_link %} +Back +{% endblock %} + +{% block title %}Accessibility statement{% endblock %} + +{% block body %} +
    +
    +
    +
    +

    + Accessibility statement +

    + +

    + This statement applies to {{ host }} +

    +

    + This service is run by the Department for Business and Trade (DBT). It is currently in private beta + but is designed to be used by as many people as possible when it goes into public beta for + standard individual export licences (SIELs). +

    +

    + AbilityNet has advice on making your device easier to + use if you have a disability. +

    + +

    How accessible this website is

    +

    + The service meets the Content Accessibility Guidelines (WCAG) version 2.1 AA standard. +

    +

    + The below areas do not meet 2.1 AAA requirements, which were not in scope for the purposes of + this audit: +

      +
    • there was an ambiguous link identified on two pages that may be difficult to understand for + screen reader users browsing out of context
      • +
    • links that opened in a new window without informing users were identified
      • +
    +

    + +

    Feedback and contact information

    +

    + If you find any problems not listed on this page or think we do not meet accessibility requirements, + contact LITE.support@businessandtrade.gov.uk. +

    +

    + We’ll consider your request and get back to you within 15 days. +

    + +

    Enforcement procedure

    +

    + The Equality and Human Rights Commission (EHRC) is responsible for enforcing the Public + Sector Bodies (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018 (the + 'accessibility regulations'). If you're not happy with how we respond to your complaint, contact the + Equality Advisory and Support Service (EASS). +

    + +

    Technical information about this website's accessibility

    +

    + We are committed to making this website accessible, in accordance with the Public Sector Bodies + (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018. +

    + +

    Compliance status

    +

    + This website is fully compliant with the Web Content + Accessibility Guidelines version 2.1 AA standard. +

    + +

    Content that’s not within the scope of the accessibility regulations

    +

    + Our PDF documents are essential to providing our services. For example, we have PDFs with + information on the application outcome and a copy of the application is generated as a PDF. +

    + +

    What we're doing to improve accessibility

    +

    + We will schedule another accessibility audit in 2024 to identify any issues that do not meet + the WCAG 2.2. success criteria. +

    +

    + In late 2024, we will consider what we can do to improve the accessibility of our PDF documents + and licences. +

    + +

    Preparation of this accessibility statement

    +

    + This statement was prepared on Friday 2 February 2024. It was last reviewed on Friday 2 + February 2024. +

    +

    + This website was last tested on 30 May 2023 and was checked for compliance with the WCAG 2.1 + AA standard. The test was carried out by the Digital Accessibility Centre (DAC). +

    + +
    +
    +
    +
    + +{% endblock %} diff --git a/exporter/core/urls.py b/exporter/core/urls.py index dce247546e..362207403b 100644 --- a/exporter/core/urls.py +++ b/exporter/core/urls.py @@ -50,5 +50,6 @@ path("signature-help/", views.SignatureHelp.as_view(), name="signature_help"), path("certificate/", views.CertificateDownload.as_view(), name="certificate"), path("register-name/", views.RegisterName.as_view(), name="register_name"), + path("privacy-notice/", views.PrivacyNotice.as_view(), name="privacy_notice"), ] ) diff --git a/exporter/core/views.py b/exporter/core/views.py index 62b859ebd4..6f39d457c7 100644 --- a/exporter/core/views.py +++ b/exporter/core/views.py @@ -226,3 +226,7 @@ def get(self, request, *args, **kwargs): def handler403(request, exception): return error_page(request, title="Forbidden", description=exception, show_back_link=True) + + +class PrivacyNotice(LoginRequiredMixin, TemplateView): + template_name = "core/privacy_notice.html" diff --git a/exporter/templates/core/privacy_notice.html b/exporter/templates/core/privacy_notice.html new file mode 100644 index 0000000000..0f75f797eb --- /dev/null +++ b/exporter/templates/core/privacy_notice.html @@ -0,0 +1,256 @@ +{% extends 'layouts/base.html' %} + +{% block back_link %} +Back +{% endblock %} + +{% block title %}Privacy notice{% endblock %} + +{% block body %} +
    +
    +
    +
    +

    + Privacy notice +

    + +

    + This notice sets out your rights with respect to how we will use your personal data when you apply + for a standard individual export + licence (SIEL). +

    +

    + This notice explains how the Department for Business and Trade (DBT) (also referred to as “We” or + “Us” or “Our” in this privacy + notice) will use your personal data. We recognise that we have a duty to people whose information we + hold to treat that information + responsibly, keep it safe and secure, and process it correctly and proportionately. We will process + your personal data lawfully and + fairly in line with the 2018 Data Protection Act. +

    +

    + This privacy notice broadly explains the information we collect, the purpose for processing, + categories of personal information and + who we may share it with. It is important that you read this notice, so that you are aware of how + and why we are using your + information. +

    + +

    Purpose of privacy notice

    +

    + This online service is for applying for export licences and clearances, related to goods that + require government permission to be + exported from the UK or traded between countries. +

    +

    + The information you provide will be processed by DBT and shared with third parties for the purpose + of processing licensing or + clearance applications for controlled strategic goods and services. +

    +

    + The information you provide will be processed on a lawful basis to enable DBT to perform a task in + the public interest or to fulfil an + official function, including conducting research appropriate to DBT and export controls. +

    + +

    What data we collect

    +

    + The personal data we will collect includes: +

      +
    • full name
      • +
    • email address
      • +
    • phone number
      • +
    • address
      • +
    • data related to criminal convictions, if applicable
      • +
    +

    + +

    Processing of criminal data

    +

    + Processing of criminal data is pursuant to Article 11 (1) of the Firearms Regulation No. 258/2012. + The article stipulates that an + export authorisation (licence) must be refused if the applicant has a criminal record concerning + conduct constituting an offence, + punishable by a term of imprisonment of not less than four years. +

    +

    + DBT has a duty to identify individuals that do not meet the criteria for licensing. +

    + +

    Our legal basis for processing your data

    +

    + DBT is the data controller for personal data you provide to us. We process the data on the lawful + basis of legal obligation and the + processing is necessary to comply with the law. +

    + +

    How we may share your information

    +

    + In line with the purpose your personal information may be shared with the following parties; +

    + +

    + These are: +

      +
    • Ministry of Defence
      • +
    • Foreign Commonwealth and Development Office
      • +
    • HM Revenue and Customs
      • +
    • Department for Energy Security and Net Zero
      • +
    • National Cyber Security Centre
      • +
    • UK Border Force – Home Office
      • +
    • Australia Group
      • +
    • Nuclear Suppliers Group
      • +
    • Wassenaar Arrangement
      • +
    • Missile Technology Control Regime
      • +
    • Europe Union
      • +
    +

    +

    + Aggregated analysis of data collected may be shared with the Information Commissioner’s Office (ICO) + the Government Internal + Audit Agency (GIAA), and the National Audit Office (NAO). +

    +

    + We may also anonymise some personal data you provide to us to ensure that you cannot be identified + and use this data to allow + DBT to effectively target and plan the provision of services related to the purposes described + above. +

    +

    + We will not: +

      +
    • sell or rent your data to third parties
      • +
    • share your data with third parties for marketing purposes
      • +
    • use your personal data in analytics
      • +
    +

    +

    + We will also share your data if we are required to do so by law or regulation, for example, by court + order, or to prevent fraud or + other crime. +

    + + +

    How long we will keep your information

    +

    + We will only retain your personal information for as long as necessary to fulfil the purposes we + collected it for, including for the + purposes of satisfying any legal, accounting, or reporting requirements. +

    +

    + We will retain your personal information for as long as: +

      +
    • it is needed to fulfil the purposes set out in this document
      • +
    • the law requires us to do so
      • +
    +

    +

    + Subject to the paragraph above, we will only retain your personal data and criminal offence data for + as long as: +

      +
    • it is needed for the purposes set out in this document; or
      • +
    • the law requires us to
      • +
    +

    +

    + However, we conduct regular reviews to ensure we only keep information required for the purpose of + which it was collected. If + there is any indication of a business need to extend this retention period, we will robustly review + it and communicate any changes + in a revised notice. +

    + +

    Your rights and access to your information

    +

    + You have the right to request a copy of the information that we hold about you. The Data Protection + Act (DPA) also gives you + additional rights that refer to how DBT holds and uses your information. +

    +

    + Under certain circumstances, by law you have the right to: +

      +
    • request information about how your personal data is processed
      • +
    • raise an objection about how your personal data is processed
      • +
    +

    + +

    Contact us

    +

    + The Department for Business and Trade is registered as a Data Controller under the General Data + Protection Regulation and Data + Protection Act 2018. Our contact details are: +

    +

    + Data Protection Officer
    + Old Admiralty Building
    + Whitehall
    + London
    + SW1A 2DY
    + Email: data.protection@businessandtrade.gov.uk
    +

    + +

    + You have a right to complain to us if you think we have not complied with our obligation for + handling your personal information. You + can contact our Data Protection Officer using the same contact details. +

    + +

    Contact the Information Commissioner’s Office

    +

    + If you are not satisfied with the DBT response you have a right to complain to the Information + Commissioner’s Office (ICO). You + can report a concern by contacting the ICO on the below details. +

    + +

    + Information Commissioner’s Office
    + Wycliffe House
    + Water Lane
    + Wilmslow
    + Cheshire
    + SK9 5AF
    +
    + Email: casework@ico.org.uk +

    + Tel 0303 123 1113 +

    + Textphone 01625 545860
    + Monday to Friday 9am to 4:30pm +

    + For more information about your rights under the Data Protection Act or to request a copy of any + data held about you please + contact data.protection@businessandtrade.gov.uk. +

    + +

    Confidentiality

    +

    + If you wish the information you provide to be treated as confidential, please be aware that, in + accordance with the Freedom of + Information Act (FOIA), public authorities are required to comply with the FOIA. +

    + +

    In view of this, it would be helpful if you have reasons for confidentially, if + you could explain to us why you wish that information to + be treated confidentially. If we receive a request for disclosure of information that has been + provided, we will take full account of + your explanation, but we cannot give an assurance that confidentiality can be maintained in all + circumstances. +

    + +

    Changes to this privacy notice

    +

    + We reserve the right to update this privacy notice at any time and we will provide you with a new + privacy notice when we make any + substantial updates. +

    + +
    +
    +
    +
    + +{% endblock %} diff --git a/exporter/templates/layouts/base.html b/exporter/templates/layouts/base.html index f41e57482a..1b8538de24 100644 --- a/exporter/templates/layouts/base.html +++ b/exporter/templates/layouts/base.html @@ -120,7 +120,17 @@

    Support links

    {% endif %} - +
  • + + Privacy notice + +
    • +
  • + + Accessibility statement + +
    • +