From 0798ce4019b9247f93044f0841eaf3dae623ef65 Mon Sep 17 00:00:00 2001
From: Patrick Smith <patrick+dds@promptworks.com>
Date: Fri, 4 Jan 2019 14:57:15 -0500
Subject: [PATCH] Add hook to CSP when creating environment role

---
 atst/domain/csp/cloud.py         | 14 ++++++++++++++
 atst/domain/environment_roles.py |  8 ++++++++
 atst/domain/environments.py      |  4 ++--
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/atst/domain/csp/cloud.py b/atst/domain/csp/cloud.py
index ca10aba6..0fd7d3c0 100644
--- a/atst/domain/csp/cloud.py
+++ b/atst/domain/csp/cloud.py
@@ -8,9 +8,23 @@ class CloudProviderInterface:
         """
         raise NotImplementedError()
 
+    def create_role(self, environment_role):  # pragma: no cover
+        """Takes an `atst.model.EnvironmentRole` object and allows the
+        specified user access to the specified cloud entity.
+
+        This _does not_ return a token, but is intended to perform any necessary
+        setup to allow a token to be generated in the future (for example,
+        add the user to the cloud entity in some fashion).
+        """
+        raise NotImplementedError()
+
 
 class MockCloudProvider(CloudProviderInterface):
     def create_application(self, name):
         """Returns an id that represents what would be an application in the
         cloud."""
         return uuid4().hex
+
+    def create_role(self, environment_role):
+        # Currently, there is nothing to mock out, so just do nothing.
+        pass
diff --git a/atst/domain/environment_roles.py b/atst/domain/environment_roles.py
index 18d056f1..8c38ec21 100644
--- a/atst/domain/environment_roles.py
+++ b/atst/domain/environment_roles.py
@@ -1,8 +1,16 @@
+from flask import current_app as app
+
 from atst.models.environment_role import EnvironmentRole
 from atst.database import db
 
 
 class EnvironmentRoles(object):
+    @classmethod
+    def create(cls, user, environment, role):
+        env_role = EnvironmentRole(user=user, environment=environment, role=role)
+        app.csp.cloud.create_role(env_role)
+        return env_role
+
     @classmethod
     def get(cls, user_id, environment_id):
         existing_env_role = (
diff --git a/atst/domain/environments.py b/atst/domain/environments.py
index 82e96ec0..d1658ea0 100644
--- a/atst/domain/environments.py
+++ b/atst/domain/environments.py
@@ -31,7 +31,7 @@ class Environments(object):
 
     @classmethod
     def add_member(cls, environment, user, role):
-        environment_user = EnvironmentRole(
+        environment_user = EnvironmentRoles.create(
             user=user, environment=environment, role=role
         )
         db.session.add(environment_user)
@@ -86,7 +86,7 @@ class Environments(object):
                     updated = True
                     db.session.add(env_role)
                 elif not env_role:
-                    env_role = EnvironmentRole(
+                    env_role = EnvironmentRoles.create(
                         user=workspace_role.user, environment=environment, role=new_role
                     )
                     updated = True