From 0736b229bfd81cb9ad2a01b7d92920b719c8c107 Mon Sep 17 00:00:00 2001
From: Montana <montana-ctr@friends.dds.mil>
Date: Mon, 29 Apr 2019 11:30:43 -0400
Subject: [PATCH] Do not use mutable kwarg to set default permission set on
 application role

---
 atst/domain/application_roles.py       | 5 ++---
 atst/domain/environments.py            | 4 +++-
 atst/routes/applications/settings.py   | 1 -
 tests/domain/test_application_roles.py | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/atst/domain/application_roles.py b/atst/domain/application_roles.py
index 2a5f7960..f1aa36f7 100644
--- a/atst/domain/application_roles.py
+++ b/atst/domain/application_roles.py
@@ -6,12 +6,11 @@ from atst.domain.permission_sets import PermissionSets
 class ApplicationRoles(object):
     @classmethod
     def _permission_sets_for_names(cls, set_names):
+        set_names = set(set_names).union({PermissionSets.VIEW_APPLICATION})
         return PermissionSets.get_many(set_names)
 
     @classmethod
-    def create(
-        cls, user, application, permission_set_names=[PermissionSets.VIEW_APPLICATION]
-    ):
+    def create(cls, user, application, permission_set_names):
         application_role = ApplicationRole(user=user, application_id=application.id)
 
         application_role.permission_sets = ApplicationRoles._permission_sets_for_names(
diff --git a/atst/domain/environments.py b/atst/domain/environments.py
index 76873a60..0ad704a3 100644
--- a/atst/domain/environments.py
+++ b/atst/domain/environments.py
@@ -33,7 +33,9 @@ class Environments(object):
 
     @classmethod
     def add_member(cls, environment, user, role):
-        ApplicationRoles.create(user=user, application=environment.application)
+        ApplicationRoles.create(
+            user=user, application=environment.application, permission_set_names=[]
+        )
         environment_user = EnvironmentRoles.create(
             user=user, environment=environment, role=role
         )
diff --git a/atst/routes/applications/settings.py b/atst/routes/applications/settings.py
index 12194ecf..8adc4a02 100644
--- a/atst/routes/applications/settings.py
+++ b/atst/routes/applications/settings.py
@@ -7,7 +7,6 @@ from atst.domain.applications import Applications
 from atst.forms.application import ApplicationForm
 from atst.forms.app_settings import EnvironmentRolesForm
 from atst.domain.authz.decorator import user_can_access_decorator as user_can
-from atst.domain.exceptions import UnauthorizedError
 
 from atst.models.permissions import Permissions
 from atst.utils.flash import formatted_flash as flash
diff --git a/tests/domain/test_application_roles.py b/tests/domain/test_application_roles.py
index ceac10e1..bde4a1d5 100644
--- a/tests/domain/test_application_roles.py
+++ b/tests/domain/test_application_roles.py
@@ -14,7 +14,7 @@ def test_create_application_role():
     )
 
     assert application_role.permission_sets == PermissionSets.get_many(
-        [PermissionSets.EDIT_APPLICATION_TEAM]
+        [PermissionSets.EDIT_APPLICATION_TEAM, PermissionSets.VIEW_APPLICATION]
     )
     assert application_role.application == application
     assert application_role.user == user