Display users env role if they have environment access

atst/domain/environment_roles.py

@@ -3,9 +3,10 @@ from flask import current_app as app
 
 from atst.database import db
 from atst.models import (
-    EnvironmentRole,
-    ApplicationRole,
     Environment,
+    EnvironmentRole,
+    Application,
+    ApplicationRole,
     ApplicationRoleStatus,
 )
 from atst.domain.exceptions import NotFoundError
@@ -126,3 +127,15 @@ class EnvironmentRoles(object):
             .one_or_none()
         )
         return existing_env_role
+
+    @classmethod
+    def for_user(cls, user_id, portfolio_id):
+        return (
+            db.session.query(EnvironmentRole)
+            .join(ApplicationRole)
+            .join(Application)
+            .filter(Application.portfolio_id == portfolio_id)
+            .filter(ApplicationRole.application_id == Application.id)
+            .filter(ApplicationRole.user_id == user_id)
+            .all()
+        )

atst/routes/applications/index.py

@@ -1,7 +1,8 @@
-from flask import render_template
+from flask import render_template, g
 
 from .blueprint import applications_bp
 from atst.domain.authz.decorator import user_can_access_decorator as user_can
+from atst.domain.environment_roles import EnvironmentRoles
 from atst.models.permissions import Permissions
 
 
@@ -23,4 +24,11 @@ def has_portfolio_applications(_user, portfolio=None, **_kwargs):
     message="view portfolio applications",
 )
 def portfolio_applications(portfolio_id):
-    return render_template("applications/index.html")
+    user_env_roles = EnvironmentRoles.for_user(g.current_user.id, portfolio_id)
+    environment_access = {}
+    for env_role in user_env_roles:
+        environment_access[env_role.environment_id] = env_role.role
+
+    return render_template(
+        "applications/index.html", environment_access=environment_access
+    )