Warn users about unrestricted roles being assignable by a restricted role

[AddisonDunn]

Product Description

USH-4414

A role that does not have "full organization access" being able to assign a role that does increases security risk. This PR implements a warning about this sort of configuration in the role modal.

See this doc for UI pics/an example.

Feature Flag

No FF, but location restriction is only available at certain subscription levels.

Safety Assurance

Safety story

• This only adds red highlights/warning labels, and shouldn't affect any business logic/actual functionality
• Tested different situations locally

QA Plan

None

Rollback instructions

• This PR can be reverted after deploy with no further considerations

Labels & Review

• Risk label is set correctly
• The set of people pinged as reviewers is appropriate for the level of risk of the change

[AddisonDunn]

@biyeun I welcome your feedback on the way I tried to remove the bottom margin on warnings in edit_role_modal.html. I tried to follow the instructions here.

[orangejenny]

This feature seems like an example of doing field-level help: basically using help-block but not the alert classes. Docs are here: https://www.commcarehq.org/styleguide/b5/organisms/forms/#field-errors

[AddisonDunn]

I see. I think the red text is still appropriate, but when I use help-block with text-danger it overrides the text color:

So I tried using my own specifier: link.

Or would it be better to use help-block and then add a custom specifier that overrides the text color? Does it matter? Trying to get a feel for best practices.

Also, didn't even realize I am working in Bootstrap 3 territory.

[orangejenny]

Oops, I sent the B5 link by mistake. The B3 docs are here: you get the red text by applying has-error to an ancestor of the help-block.

Also, didn't even realize I am working in Bootstrap 3 territory.

Yeah, the vast majority of HQ is on B3, although that is rapidly changing.

[AddisonDunn]

Ah, gotcha. Thanks Jenny.

[orangejenny]

This is an observable, right?

[AddisonDunn]

I don't think it is, actually. Seems likeo is just a dictionary that was passed straight through.

[orangejenny]

huh, I see. I had thought it would need to be in order for the new markup to appear/disappear as needed when someone checks/unchecks full org access. You've confirmed that works, right?

[AddisonDunn]

I'm aware that it does not update without reloading the page.

[AddisonDunn]

I kind of accepted that as a defect--if role's name is changed in a role's model that isn't updated in other modals, either. Generally I think that's true for other modal data. I had trouble figuring out a reasonable high-level change for that.

[orangejenny]

The js already rewraps the saved role with the data sent back from the server. I think you'd need to rewrap the other roles and/or recreate the RolesViewModel based on the new data.

That said, I checked out the branch and played around with the interaction, and I think it's fine to call that out of scope.

[AddisonDunn]

Oh, that makes sense. Also maybe I could create a new array on each model that points to the self.permissions.access_all_locations observables on other models?

But yeah, was also thinking it might be out of scope here.

[orangejenny]

I wouldn't think you'd need to add any data - each role has the proper info about the other roles on page load, that data just isn't getting refreshed properly somewhere.

But yeah, out of scope is fine too.

[AddisonDunn]

@orangejenny it's been 2 weeks so merged in master. Could you give final thumbs up? (we are trying to merge today)

[AddisonDunn]

Thanks!