Update Point of Contact

atst/domain/portfolio_roles.py

@@ -121,6 +121,28 @@ class PortfolioRoles(object):
         )
         return PermissionSets.get_many(perms_set_names)
 
+    @classmethod
+    def make_ppoc(cls, portfolio_role):
+        portfolio = portfolio_role.portfolio
+        original_owner_role = PortfolioRoles.get(
+            portfolio_id=portfolio.id, user_id=portfolio.owner.id
+        )
+        PortfolioRoles.revoke_ppoc_permissions(portfolio_role=original_owner_role)
+        PortfolioRoles.add(
+            user=portfolio_role.user,
+            portfolio_id=portfolio.id,
+            permission_sets=PortfolioRoles.PORTFOLIO_PERMISSION_SETS,
+        )
+
+    @classmethod
+    def revoke_ppoc_permissions(cls, portfolio_role):
+        permission_sets = [
+            permission_set.name
+            for permission_set in portfolio_role.permission_sets
+            if permission_set.name != PermissionSets.PORTFOLIO_POC
+        ]
+        PortfolioRoles.update(portfolio_role=portfolio_role, set_names=permission_sets)
+
     @classmethod
     def disable(cls, portfolio_role):
         portfolio_role.status = PortfolioRoleStatus.DISABLED

atst/forms/portfolio_member.py

@@ -80,3 +80,11 @@ class NewForm(PermissionsForm):
         translate("forms.new_member.dod_id_label"),
         validators=[Required(), Length(min=10), IsNumber()],
     )
+
+
+class AssignPPOCForm(PermissionsForm):
+    user_id = SelectField(
+        label=translate("forms.assign_ppoc.dod_id"),
+        validators=[Required()],
+        choices=[("", "- Select -")],
+    )

atst/routes/portfolios/index.py

@@ -6,12 +6,14 @@ from . import portfolios_bp
 from atst.domain.reports import Reports
 from atst.domain.portfolios import Portfolios
 from atst.domain.portfolio_roles import PortfolioRoles
+from atst.domain.permission_sets import PermissionSets
+from atst.domain.users import Users
 from atst.domain.audit_log import AuditLog
 from atst.domain.common import Paginator
+from atst.domain.exceptions import NotFoundError
 from atst.forms.portfolio import PortfolioForm
 import atst.forms.portfolio_member as member_forms
 from atst.models.permissions import Permissions
-from atst.domain.permission_sets import PermissionSets
 from atst.domain.authz.decorator import user_can_access_decorator as user_can
 from atst.utils.flash import formatted_flash as flash
 from atst.domain.exceptions import UnauthorizedError
@@ -70,12 +72,19 @@ def render_admin_page(portfolio, form=None):
     member_perms_form = member_forms.MembersPermissionsForm(
         data={"members_permissions": members_data}
     )
+
+    assign_ppoc_form = member_forms.AssignPPOCForm()
+    assign_ppoc_form.user_id.choices += [
+        (user.id, user.full_name) for user in portfolio.users
+    ]
+
     return render_template(
         "portfolios/admin.html",
         form=form,
         portfolio_form=portfolio_form,
         member_perms_form=member_perms_form,
         member_form=member_forms.NewForm(),
+        assign_ppoc_form=assign_ppoc_form,
         portfolio=portfolio,
         audit_events=audit_events,
         user=g.current_user,
@@ -117,6 +126,32 @@ def edit_portfolio_members(portfolio_id):
         return render_admin_page(portfolio)
 
 
+@portfolios_bp.route("/portfolios/<portfolio_id>/update_ppoc", methods=["POST"])
+@user_can(Permissions.EDIT_PORTFOLIO_POC, message="update portfolio ppoc")
+def update_ppoc(portfolio_id):
+    user_id = http_request.form.get("user_id")
+
+    portfolio = Portfolios.get(g.current_user, portfolio_id)
+    new_ppoc = Users.get(user_id)
+
+    if new_ppoc not in portfolio.users:
+        raise NotFoundError("user not in portfolio")
+
+    portfolio_role = PortfolioRoles.get(portfolio_id=portfolio_id, user_id=user_id)
+    PortfolioRoles.make_ppoc(portfolio_role=portfolio_role)
+
+    flash("primary_point_of_contact_changed", ppoc_name=new_ppoc.full_name)
+
+    return redirect(
+        url_for(
+            "portfolios.portfolio_admin",
+            portfolio_id=portfolio.id,
+            fragment="primary-point-of-contact",
+            _anchor="primary-point-of-contact",
+        )
+    )
+
+
 @portfolios_bp.route("/portfolios/<portfolio_id>/edit", methods=["POST"])
 @user_can(Permissions.EDIT_PORTFOLIO_NAME, message="edit portfolio")
 def edit_portfolio(portfolio_id):

atst/utils/flash.py

@@ -2,6 +2,11 @@ from flask import flash, render_template_string
 from atst.utils.localization import translate
 
 MESSAGES = {
+    "primary_point_of_contact_changed": {
+        "title_template": "Primary Point of Contact Changed",
+        "message_template": "You have successfully added {{ ppoc_name }} as Point of Contact. You are no longer the PoC.",
+        "category": "success",
+    },
     "invitation_resent": {
         "title_template": "Invitation resent",
         "message_template": "The {{ officer_type }}  has been resent instructions to join this portfolio.",