merge in staging.

[john-labbate]

This release includes the following issues:

• GSPC | Email for individuals that have completed GSPC #450
• Verify Experience for User Who Has Met GSPC Course Requirements #21
• Issue Certificate to User Who Has Met GSPC Course and Experience Requirements #26
• Training Website Content Changes - May #552

[john-labbate]

There are a couple small things here around props in the front end (I was noticing some warnings in the browser) that I noted inline.

One potentially not-so-small thing is that it appears we are trusting user input for the expiration date on GSPC program certification. I can tamper with the URL sent to me in the original email and change the expiration date in the parameter to any date I like, which allows me (as a non-admin) to generate something like this:

I don't know enough about this certification to know if this is a real problem, but I suspect the admin sending the email might be surprised if the expiration date they specified can be easily changed by the user — especially since this will be the value actually saved in the database.

To speak to this, it is a known issue for the initial release(MVP) the clients are not concerned about this. They intend to revisit it and make each invite email with a unique GUID then pull the expiration date from the database if it becomes an issue. This has been discussed at length with them and they are aware of the potential misuse. The certification is based solely on the user's honesty and is to provide documentation that their training time was not wasted.