remove portfolio_role direct relationship to role
This commit is contained in:
dandds
parent
44a4d98978
commit
0c2ab6fb7a
@ -0,0 +1,30 @@
|
||||
"""remove portfolio_roles role_id
|
||||
|
||||
Revision ID: 0e71ab219ada
|
||||
Revises: 938a31795096
|
||||
Create Date: 2019-03-12 05:58:17.029899
|
||||
|
||||
"""
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
from sqlalchemy.dialects import postgresql
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = '0e71ab219ada'
|
||||
down_revision = '938a31795096'
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.drop_constraint('workspace_roles_role_id_fkey', 'portfolio_roles', type_='foreignkey')
|
||||
op.drop_column('portfolio_roles', 'role_id')
|
||||
# ### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.add_column('portfolio_roles', sa.Column('role_id', postgresql.UUID(), autoincrement=False, nullable=False))
|
||||
op.create_foreign_key('workspace_roles_role_id_fkey', 'portfolio_roles', 'roles', ['role_id'], ['id'])
|
||||
# ### end Alembic commands ###
|
||||
@ -9,7 +9,6 @@ from atst.models.portfolio_role import (
|
||||
from atst.models.user import User
|
||||
|
||||
from .roles import Roles
|
||||
from .users import Users
|
||||
from .exceptions import NotFoundError
|
||||
|
||||
|
||||
@ -53,17 +52,6 @@ class PortfolioRoles(object):
|
||||
except NoResultFound:
|
||||
return None
|
||||
|
||||
@classmethod
|
||||
def portfolio_role_permissions(cls, portfolio, user):
|
||||
portfolio_role = PortfolioRoles._get_active_portfolio_role(
|
||||
portfolio.id, user.id
|
||||
)
|
||||
atat_permissions = set(user.atat_role.permissions)
|
||||
portfolio_permissions = (
|
||||
[] if portfolio_role is None else portfolio_role.role.permissions
|
||||
)
|
||||
return set(portfolio_permissions).union(atat_permissions)
|
||||
|
||||
@classmethod
|
||||
def _get_portfolio_role(cls, user, portfolio_id):
|
||||
try:
|
||||
@ -80,9 +68,7 @@ class PortfolioRoles(object):
|
||||
raise NotFoundError("portfolio role")
|
||||
|
||||
@classmethod
|
||||
def add(cls, user, portfolio_id, role_name, permission_sets=None):
|
||||
role = Roles.get(role_name)
|
||||
|
||||
def add(cls, user, portfolio_id, permission_sets=None):
|
||||
new_portfolio_role = None
|
||||
try:
|
||||
existing_portfolio_role = (
|
||||
@ -94,13 +80,9 @@ class PortfolioRoles(object):
|
||||
.one()
|
||||
)
|
||||
new_portfolio_role = existing_portfolio_role
|
||||
new_portfolio_role.role = role
|
||||
except NoResultFound:
|
||||
new_portfolio_role = PortfolioRole(
|
||||
user=user,
|
||||
role_id=role.id,
|
||||
portfolio_id=portfolio_id,
|
||||
status=PortfolioRoleStatus.PENDING,
|
||||
user=user, portfolio_id=portfolio_id, status=PortfolioRoleStatus.PENDING
|
||||
)
|
||||
|
||||
if permission_sets:
|
||||
@ -137,47 +119,6 @@ class PortfolioRoles(object):
|
||||
db.session.commit()
|
||||
return portfolio_role
|
||||
|
||||
@classmethod
|
||||
def add_many(cls, portfolio_id, portfolio_role_dicts):
|
||||
portfolio_roles = []
|
||||
|
||||
for user_dict in portfolio_role_dicts:
|
||||
try:
|
||||
user = Users.get(user_dict["id"])
|
||||
except NoResultFound:
|
||||
default_role = Roles.get("developer")
|
||||
user = User(id=user_dict["id"], atat_role=default_role)
|
||||
|
||||
try:
|
||||
role = Roles.get(user_dict["portfolio_role"])
|
||||
except NoResultFound:
|
||||
raise NotFoundError("role")
|
||||
|
||||
try:
|
||||
existing_portfolio_role = (
|
||||
db.session.query(PortfolioRole)
|
||||
.filter(
|
||||
PortfolioRole.user == user,
|
||||
PortfolioRole.portfolio_id == portfolio_id,
|
||||
)
|
||||
.one()
|
||||
)
|
||||
new_portfolio_role = existing_portfolio_role
|
||||
new_portfolio_role.role = role
|
||||
except NoResultFound:
|
||||
new_portfolio_role = PortfolioRole(
|
||||
user=user, role_id=role.id, portfolio_id=portfolio_id
|
||||
)
|
||||
|
||||
user.portfolio_roles.append(new_portfolio_role)
|
||||
portfolio_roles.append(new_portfolio_role)
|
||||
|
||||
db.session.add(user)
|
||||
|
||||
db.session.commit()
|
||||
|
||||
return portfolio_roles
|
||||
|
||||
@classmethod
|
||||
def enable(cls, portfolio_role):
|
||||
portfolio_role.status = PortfolioRoleStatus.ACTIVE
|
||||
|
||||
@ -24,7 +24,6 @@ class Portfolios(object):
|
||||
Portfolios._create_portfolio_role(
|
||||
user,
|
||||
portfolio,
|
||||
"owner",
|
||||
status=PortfolioRoleStatus.ACTIVE,
|
||||
permission_sets=perms_sets,
|
||||
)
|
||||
@ -111,9 +110,7 @@ class Portfolios(object):
|
||||
|
||||
@classmethod
|
||||
def add_member(cls, portfolio, member, role_name, permission_sets=None):
|
||||
portfolio_role = PortfolioRoles.add(
|
||||
member, portfolio.id, role_name, permission_sets
|
||||
)
|
||||
portfolio_role = PortfolioRoles.add(member, portfolio.id, permission_sets)
|
||||
return portfolio_role
|
||||
|
||||
@classmethod
|
||||
@ -126,20 +123,13 @@ class Portfolios(object):
|
||||
|
||||
@classmethod
|
||||
def _create_portfolio_role(
|
||||
cls,
|
||||
user,
|
||||
portfolio,
|
||||
role_name,
|
||||
status=PortfolioRoleStatus.PENDING,
|
||||
permission_sets=None,
|
||||
cls, user, portfolio, status=PortfolioRoleStatus.PENDING, permission_sets=None
|
||||
):
|
||||
role = Roles.get(role_name)
|
||||
|
||||
if permission_sets is None:
|
||||
permission_sets = []
|
||||
|
||||
portfolio_role = PortfoliosQuery.create_portfolio_role(
|
||||
user, role, portfolio, status=status, permission_sets=permission_sets
|
||||
user, portfolio, status=status, permission_sets=permission_sets
|
||||
)
|
||||
PortfoliosQuery.add_and_commit(portfolio_role)
|
||||
return portfolio_role
|
||||
|
||||
@ -18,5 +18,5 @@ class PortfoliosQuery(Query):
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def create_portfolio_role(cls, user, role, portfolio, **kwargs):
|
||||
return PortfolioRole(user=user, role=role, portfolio=portfolio, **kwargs)
|
||||
def create_portfolio_role(cls, user, portfolio, **kwargs):
|
||||
return PortfolioRole(user=user, portfolio=portfolio, **kwargs)
|
||||
|
||||
@ -23,7 +23,9 @@ class Portfolio(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
||||
@property
|
||||
def owner(self):
|
||||
def _is_portfolio_owner(portfolio_role):
|
||||
return portfolio_role.role.name == "owner"
|
||||
return "portfolio_poc" in [
|
||||
perms_set.name for perms_set in portfolio_role.permission_sets
|
||||
]
|
||||
|
||||
owner = first_or_none(_is_portfolio_owner, self.roles)
|
||||
return owner.user if owner else None
|
||||
|
||||
@ -10,7 +10,6 @@ from atst.database import db
|
||||
from atst.models.environment_role import EnvironmentRole
|
||||
from atst.models.application import Application
|
||||
from atst.models.environment import Environment
|
||||
from atst.models.role import Role
|
||||
|
||||
|
||||
MEMBER_STATUSES = {
|
||||
@ -47,9 +46,6 @@ class PortfolioRole(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
||||
)
|
||||
portfolio = relationship("Portfolio", back_populates="roles")
|
||||
|
||||
role_id = Column(UUID(as_uuid=True), ForeignKey("roles.id"), nullable=False)
|
||||
role = relationship("Role")
|
||||
|
||||
user_id = Column(
|
||||
UUID(as_uuid=True), ForeignKey("users.id"), index=True, nullable=False
|
||||
)
|
||||
@ -65,19 +61,15 @@ class PortfolioRole(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
||||
]
|
||||
|
||||
def __repr__(self):
|
||||
return "<PortfolioRole(role='{}', portfolio='{}', user_id='{}', id='{}')>".format(
|
||||
self.role.name, self.portfolio.name, self.user_id, self.id
|
||||
return "<PortfolioRole(portfolio='{}', user_id='{}', id='{}', permissions={})>".format(
|
||||
self.portfolio.name, self.user_id, self.id, self.permissions
|
||||
)
|
||||
|
||||
@property
|
||||
def history(self):
|
||||
previous_state = self.get_changes()
|
||||
change_set = {}
|
||||
if "role_id" in previous_state:
|
||||
from_role_id = previous_state["role_id"][0]
|
||||
from_role = db.session.query(Role).filter(Role.id == from_role_id).one()
|
||||
to_role = self.role_name
|
||||
change_set["role"] = [from_role.name, to_role]
|
||||
# TODO: need to update to include permission_sets
|
||||
if "status" in previous_state:
|
||||
from_status = previous_state["status"][0].value
|
||||
to_status = self.status.value
|
||||
@ -121,10 +113,6 @@ class PortfolioRole(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
||||
def has_dod_id_error(self):
|
||||
return self.latest_invitation and self.latest_invitation.is_rejected_wrong_user
|
||||
|
||||
@property
|
||||
def role_name(self):
|
||||
return self.role.name
|
||||
|
||||
@property
|
||||
def user_name(self):
|
||||
return self.user.full_name
|
||||
|
||||
@ -64,7 +64,9 @@ def home():
|
||||
elif num_portfolios == 1:
|
||||
portfolio_role = user.portfolio_roles[0]
|
||||
portfolio_id = portfolio_role.portfolio.id
|
||||
is_portfolio_owner = portfolio_role.role.name == "owner"
|
||||
is_portfolio_owner = "portfolio_poc" in [
|
||||
ps.name for ps in portfolio_role.permission_sets
|
||||
]
|
||||
|
||||
if is_portfolio_owner:
|
||||
return redirect(
|
||||
|
||||
@ -28,7 +28,7 @@ def serialize_portfolio_role(portfolio_role):
|
||||
"name": portfolio_role.user_name,
|
||||
"status": portfolio_role.display_status,
|
||||
"id": portfolio_role.user_id,
|
||||
"role": portfolio_role.role_displayname,
|
||||
"role": "admin",
|
||||
"num_env": portfolio_role.num_environment_roles,
|
||||
"edit_link": url_for(
|
||||
"portfolios.view_member",
|
||||
@ -115,7 +115,7 @@ def view_member(portfolio_id, member_id):
|
||||
)
|
||||
member = PortfolioRoles.get(portfolio_id, member_id)
|
||||
applications = Applications.get_all(g.current_user, member, portfolio)
|
||||
form = EditMemberForm(portfolio_role=member.role_name)
|
||||
form = EditMemberForm(portfolio_role="admin")
|
||||
editable = g.current_user == member.user
|
||||
can_revoke_access = Portfolios.can_revoke_access_for(portfolio, member)
|
||||
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
|
||||
{% if not portfolio.members %}
|
||||
|
||||
{% set user_can_invite = user_can(permissions.CREATE_PORTFOLIO_USERS) %}
|
||||
{% set user_can_invite = user_can(Permissions.CREATE_PORTFOLIO_USERS) %}
|
||||
|
||||
{{ EmptyState(
|
||||
'There are currently no members in this Portfolio.',
|
||||
|
||||
@ -53,10 +53,7 @@ def test_ws_admin_can_view_ws_audit_log():
|
||||
portfolio = PortfolioFactory.create()
|
||||
admin = UserFactory.create()
|
||||
PortfolioRoleFactory.create(
|
||||
portfolio=portfolio,
|
||||
user=admin,
|
||||
role=Roles.get("admin"),
|
||||
status=PortfolioRoleStatus.ACTIVE,
|
||||
portfolio=portfolio, user=admin, status=PortfolioRoleStatus.ACTIVE
|
||||
)
|
||||
events = AuditLog.get_portfolio_events(admin, portfolio)
|
||||
assert len(events) > 0
|
||||
|
||||
@ -11,66 +11,12 @@ from tests.factories import (
|
||||
)
|
||||
|
||||
|
||||
def test_can_create_new_portfolio_role():
|
||||
portfolio = PortfolioFactory.create()
|
||||
new_user = UserFactory.create()
|
||||
|
||||
portfolio_role_dicts = [{"id": new_user.id, "portfolio_role": "owner"}]
|
||||
portfolio_roles = PortfolioRoles.add_many(portfolio.id, portfolio_role_dicts)
|
||||
|
||||
assert portfolio_roles[0].user_id == new_user.id
|
||||
assert portfolio_roles[0].user.atat_role.name == new_user.atat_role.name
|
||||
assert portfolio_roles[0].role.name == new_user.portfolio_roles[0].role.name
|
||||
|
||||
|
||||
def test_can_update_existing_portfolio_role():
|
||||
portfolio = PortfolioFactory.create()
|
||||
new_user = UserFactory.create()
|
||||
|
||||
PortfolioRoles.add_many(
|
||||
portfolio.id, [{"id": new_user.id, "portfolio_role": "owner"}]
|
||||
)
|
||||
portfolio_roles = PortfolioRoles.add_many(
|
||||
portfolio.id, [{"id": new_user.id, "portfolio_role": "developer"}]
|
||||
)
|
||||
|
||||
assert portfolio_roles[0].user.atat_role.name == new_user.atat_role.name
|
||||
assert portfolio_roles[0].role.name == new_user.portfolio_roles[0].role.name
|
||||
|
||||
|
||||
def test_portfolio_role_permissions():
|
||||
portfolio_one = PortfolioFactory.create()
|
||||
portfolio_two = PortfolioFactory.create()
|
||||
new_user = UserFactory.create()
|
||||
PortfolioRoleFactory.create(
|
||||
portfolio=portfolio_one,
|
||||
user=new_user,
|
||||
role=Roles.get("developer"),
|
||||
status=PortfolioRoleStatus.ACTIVE,
|
||||
)
|
||||
PortfolioRoleFactory.create(
|
||||
portfolio=portfolio_two,
|
||||
user=new_user,
|
||||
role=Roles.get("developer"),
|
||||
status=PortfolioRoleStatus.PENDING,
|
||||
)
|
||||
|
||||
default_perms = set(new_user.atat_role.permissions)
|
||||
assert len(
|
||||
PortfolioRoles.portfolio_role_permissions(portfolio_one, new_user)
|
||||
) > len(default_perms)
|
||||
assert (
|
||||
PortfolioRoles.portfolio_role_permissions(portfolio_two, new_user)
|
||||
== default_perms
|
||||
)
|
||||
|
||||
|
||||
def test_add_portfolio_role_with_permission_sets():
|
||||
portfolio = PortfolioFactory.create()
|
||||
new_user = UserFactory.create()
|
||||
permission_sets = ["edit_portfolio_application_management"]
|
||||
port_role = PortfolioRoles.add(
|
||||
new_user, portfolio.id, "developer", permission_sets=permission_sets
|
||||
new_user, portfolio.id, permission_sets=permission_sets
|
||||
)
|
||||
assert len(port_role.permission_sets) == 5
|
||||
expected_names = [
|
||||
|
||||
@ -53,7 +53,7 @@ def test_get_for_update_applications_allows_owner(portfolio, portfolio_owner):
|
||||
|
||||
def test_get_for_update_applications_blocks_developer(portfolio):
|
||||
developer = UserFactory.create()
|
||||
PortfolioRoles.add(developer, portfolio.id, "developer")
|
||||
PortfolioRoles.add(developer, portfolio.id)
|
||||
|
||||
with pytest.raises(UnauthorizedError):
|
||||
Portfolios.get_for_update_applications(developer, portfolio.id)
|
||||
@ -120,7 +120,6 @@ def test_update_portfolio_role_role(portfolio, portfolio_owner):
|
||||
portfolio_owner, portfolio, member, role_name
|
||||
)
|
||||
assert updated_member.portfolio == portfolio
|
||||
assert updated_member.role_name == role_name
|
||||
|
||||
|
||||
def test_need_permission_to_update_portfolio_role_role(portfolio, portfolio_owner):
|
||||
|
||||
@ -2,6 +2,7 @@ import pytest
|
||||
|
||||
from atst.domain.task_orders import TaskOrders, TaskOrderError, DD254s
|
||||
from atst.domain.exceptions import UnauthorizedError
|
||||
from atst.domain.roles import Roles, _VIEW_PORTFOLIO_PERMISSION_SETS
|
||||
from atst.models.attachment import Attachment
|
||||
|
||||
from tests.factories import (
|
||||
@ -90,10 +91,7 @@ def test_add_officer_who_is_already_portfolio_member():
|
||||
|
||||
assert task_order.contracting_officer == owner
|
||||
member = task_order.portfolio.members[0]
|
||||
assert member.user == owner and member.role_name == "owner"
|
||||
|
||||
|
||||
from atst.domain.roles import Roles, _VIEW_PORTFOLIO_PERMISSION_SETS
|
||||
assert member.user == owner
|
||||
|
||||
|
||||
def test_task_order_access():
|
||||
|
||||
@ -69,11 +69,6 @@ def _random_date(year_min, year_max, operation):
|
||||
)
|
||||
|
||||
|
||||
def random_portfolio_role():
|
||||
choice = random.choice(PORTFOLIO_ROLES)
|
||||
return Roles.get(choice["name"])
|
||||
|
||||
|
||||
def base_portfolio_permission_sets():
|
||||
return [Roles.get(prms["name"]) for prms in _VIEW_PORTFOLIO_PERMISSION_SETS]
|
||||
|
||||
@ -135,7 +130,6 @@ class PortfolioFactory(Base):
|
||||
|
||||
PortfolioRoleFactory.create(
|
||||
portfolio=portfolio,
|
||||
role=Roles.get("owner"),
|
||||
user=owner,
|
||||
status=PortfolioRoleStatus.ACTIVE,
|
||||
permission_sets=get_all_portfolio_permission_sets(),
|
||||
@ -155,7 +149,6 @@ class PortfolioFactory(Base):
|
||||
|
||||
PortfolioRoleFactory.create(
|
||||
portfolio=portfolio,
|
||||
role=Roles.get(role_name),
|
||||
user=user,
|
||||
status=PortfolioRoleStatus.ACTIVE,
|
||||
permission_sets=perms_set,
|
||||
@ -211,7 +204,6 @@ class PortfolioRoleFactory(Base):
|
||||
model = PortfolioRole
|
||||
|
||||
portfolio = factory.SubFactory(PortfolioFactory)
|
||||
role = factory.LazyFunction(random_portfolio_role)
|
||||
user = factory.SubFactory(UserFactory)
|
||||
status = PortfolioRoleStatus.PENDING
|
||||
permission_sets = factory.LazyFunction(base_portfolio_permission_sets)
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
import pytest
|
||||
import datetime
|
||||
|
||||
from atst.domain.environments import Environments
|
||||
@ -26,7 +27,7 @@ def test_has_no_ws_role_history(session):
|
||||
user = UserFactory.create()
|
||||
|
||||
portfolio = PortfolioFactory.create(owner=owner)
|
||||
portfolio_role = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
portfolio_role = PortfolioRoles.add(user, portfolio.id)
|
||||
create_event = (
|
||||
session.query(AuditEvent)
|
||||
.filter(
|
||||
@ -38,6 +39,7 @@ def test_has_no_ws_role_history(session):
|
||||
assert not create_event.changed_state
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="need to update audit log permission set handling")
|
||||
def test_has_ws_role_history(session):
|
||||
owner = UserFactory.create()
|
||||
user = UserFactory.create()
|
||||
@ -47,9 +49,7 @@ def test_has_ws_role_history(session):
|
||||
# in order to get the history, we don't want the PortfolioRoleFactory
|
||||
# to commit after create()
|
||||
PortfolioRoleFactory._meta.sqlalchemy_session_persistence = "flush"
|
||||
portfolio_role = PortfolioRoleFactory.create(
|
||||
portfolio=portfolio, user=user, role=role
|
||||
)
|
||||
portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio, user=user)
|
||||
PortfolioRoles.update_role(portfolio_role, "admin")
|
||||
changed_events = (
|
||||
session.query(AuditEvent)
|
||||
@ -138,7 +138,7 @@ def test_event_details():
|
||||
user = UserFactory.create()
|
||||
|
||||
portfolio = PortfolioFactory.create(owner=owner)
|
||||
portfolio_role = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
portfolio_role = PortfolioRoles.add(user, portfolio.id)
|
||||
|
||||
assert portfolio_role.event_details["updated_user_name"] == user.displayname
|
||||
assert portfolio_role.event_details["updated_user_id"] == str(user.id)
|
||||
@ -185,22 +185,6 @@ def test_has_environment_roles():
|
||||
assert portfolio_role.has_environment_roles
|
||||
|
||||
|
||||
def test_role_displayname():
|
||||
owner = UserFactory.create()
|
||||
developer_data = {
|
||||
"dod_id": "1234567890",
|
||||
"first_name": "Test",
|
||||
"last_name": "User",
|
||||
"email": "test.user@mail.com",
|
||||
"portfolio_role": "developer",
|
||||
}
|
||||
|
||||
portfolio = PortfolioFactory.create(owner=owner)
|
||||
portfolio_role = Portfolios.create_member(owner, portfolio, developer_data)
|
||||
|
||||
assert portfolio_role.role_displayname == "Developer"
|
||||
|
||||
|
||||
def test_status_when_member_is_active():
|
||||
portfolio_role = PortfolioRoleFactory.create(status=Status.ACTIVE)
|
||||
assert portfolio_role.display_status == "Active"
|
||||
|
||||
@ -29,7 +29,7 @@ def test_user_without_permission_has_no_budget_report_link(client, user_session)
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
Portfolios._create_portfolio_role(
|
||||
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
|
||||
user, portfolio, status=PortfolioRoleStatus.ACTIVE
|
||||
)
|
||||
user_session(user)
|
||||
response = client.get("/portfolios/{}/applications".format(portfolio.id))
|
||||
@ -45,10 +45,7 @@ def test_user_with_permission_has_activity_log_link(client, user_session):
|
||||
ccpo = UserFactory.from_atat_role("ccpo")
|
||||
admin = UserFactory.create()
|
||||
PortfolioRoleFactory.create(
|
||||
portfolio=portfolio,
|
||||
user=admin,
|
||||
role=Roles.get("admin"),
|
||||
status=PortfolioRoleStatus.ACTIVE,
|
||||
portfolio=portfolio, user=admin, status=PortfolioRoleStatus.ACTIVE
|
||||
)
|
||||
|
||||
user_session(portfolio.owner)
|
||||
@ -103,7 +100,7 @@ def test_user_with_permission_has_add_application_link(client, user_session):
|
||||
def test_user_without_permission_has_no_add_application_link(client, user_session):
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
Portfolios._create_portfolio_role(user, portfolio, "developer")
|
||||
Portfolios._create_portfolio_role(user, portfolio)
|
||||
user_session(user)
|
||||
response = client.get("/portfolios/{}/applications".format(portfolio.id))
|
||||
assert (
|
||||
|
||||
@ -45,6 +45,7 @@ def test_user_with_permission_has_add_member_link(client, user_session):
|
||||
portfolio = PortfolioFactory.create()
|
||||
user_session(portfolio.owner)
|
||||
response = client.get("/portfolios/{}/members".format(portfolio.id))
|
||||
assert response.status_code == 200
|
||||
assert (
|
||||
'href="/portfolios/{}/members/new"'.format(portfolio.id).encode()
|
||||
in response.data
|
||||
@ -54,7 +55,7 @@ def test_user_with_permission_has_add_member_link(client, user_session):
|
||||
def test_user_without_permission_has_no_add_member_link(client, user_session):
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
Portfolios._create_portfolio_role(user, portfolio, "developer")
|
||||
Portfolios._create_portfolio_role(user, portfolio)
|
||||
user_session(user)
|
||||
response = client.get("/portfolios/{}/members".format(portfolio.id))
|
||||
assert (
|
||||
@ -66,8 +67,8 @@ def test_user_without_permission_has_no_add_member_link(client, user_session):
|
||||
def test_permissions_for_view_member(client, user_session):
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
Portfolios._create_portfolio_role(user, portfolio, "developer")
|
||||
member = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
Portfolios._create_portfolio_role(user, portfolio)
|
||||
member = PortfolioRoles.add(user, portfolio.id)
|
||||
user_session(user)
|
||||
response = client.get(
|
||||
url_for("portfolios.view_member", portfolio_id=portfolio.id, member_id=user.id)
|
||||
@ -106,11 +107,12 @@ def test_create_member(client, user_session):
|
||||
assert len(portfolio_role.permission_sets) == 4
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="permission set display not implemented")
|
||||
def test_view_member_shows_role(client, user_session):
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
Portfolios._create_portfolio_role(user, portfolio, "developer")
|
||||
member = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
Portfolios._create_portfolio_role(user, portfolio)
|
||||
member = PortfolioRoles.add(user, portfolio.id)
|
||||
user_session(portfolio.owner)
|
||||
response = client.get(
|
||||
url_for("portfolios.view_member", portfolio_id=portfolio.id, member_id=user.id)
|
||||
@ -119,10 +121,11 @@ def test_view_member_shows_role(client, user_session):
|
||||
assert "initial-choice='developer'".encode() in response.data
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="need to re-implement for permission set changes")
|
||||
def test_update_member_portfolio_role(client, user_session):
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
member = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
member = PortfolioRoles.add(user, portfolio.id)
|
||||
user_session(portfolio.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
@ -136,10 +139,11 @@ def test_update_member_portfolio_role(client, user_session):
|
||||
assert member.role_name == "security_auditor"
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="update member permission sets not implemented")
|
||||
def test_update_member_portfolio_role_with_no_data(client, user_session):
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
member = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
member = PortfolioRoles.add(user, portfolio.id)
|
||||
user_session(portfolio.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
@ -152,10 +156,11 @@ def test_update_member_portfolio_role_with_no_data(client, user_session):
|
||||
assert member.role_name == "developer"
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="update member permission sets not implemented")
|
||||
def test_update_member_environment_role(client, user_session):
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
member = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
member = PortfolioRoles.add(user, portfolio.id)
|
||||
application = Applications.create(
|
||||
portfolio.owner,
|
||||
portfolio,
|
||||
@ -173,7 +178,6 @@ def test_update_member_environment_role(client, user_session):
|
||||
"portfolios.update_member", portfolio_id=portfolio.id, member_id=user.id
|
||||
),
|
||||
data={
|
||||
"portfolio_role": "developer",
|
||||
"env_" + str(env1_id): "security_auditor",
|
||||
"env_" + str(env2_id): "devops",
|
||||
},
|
||||
@ -189,7 +193,7 @@ def test_update_member_environment_role(client, user_session):
|
||||
def test_update_member_environment_role_with_no_data(client, user_session):
|
||||
portfolio = PortfolioFactory.create()
|
||||
user = UserFactory.create()
|
||||
member = PortfolioRoles.add(user, portfolio.id, "developer")
|
||||
member = PortfolioRoles.add(user, portfolio.id)
|
||||
application = Applications.create(
|
||||
portfolio.owner,
|
||||
portfolio,
|
||||
@ -263,6 +267,7 @@ def test_only_shows_revoke_access_button_if_active(client, user_session):
|
||||
member_id=member.user.id,
|
||||
)
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert "Remove Portfolio Access" in response.data.decode()
|
||||
assert "Revoke Invitation" not in response.data.decode()
|
||||
assert "Resend Invitation" not in response.data.decode()
|
||||
|
||||
@ -230,10 +230,13 @@ class TestTaskOrderInvitations:
|
||||
|
||||
def test_ko_can_view_task_order(client, user_session, portfolio, user):
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("owner"),
|
||||
portfolio=portfolio,
|
||||
user=user,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
task_order = TaskOrderFactory.create(portfolio=portfolio, contracting_officer=user)
|
||||
user_session(user)
|
||||
@ -294,16 +297,22 @@ def test_ko_can_view_ko_review_page(client, user_session):
|
||||
cor = UserFactory.create()
|
||||
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=ko,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=cor,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
task_order = TaskOrderFactory.create(
|
||||
portfolio=portfolio,
|
||||
@ -365,10 +374,13 @@ def test_mo_redirected_to_build_page(client, user_session, portfolio):
|
||||
def test_cor_redirected_to_build_page(client, user_session, portfolio):
|
||||
cor = UserFactory.create()
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=cor,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
task_order = TaskOrderFactory.create(
|
||||
portfolio=portfolio, contracting_officer_representative=cor
|
||||
@ -384,10 +396,13 @@ def test_submit_completed_ko_review_page_as_cor(
|
||||
client, user_session, pdf_upload, portfolio, user
|
||||
):
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=user,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
|
||||
task_order = TaskOrderFactory.create(
|
||||
@ -429,10 +444,13 @@ def test_submit_completed_ko_review_page_as_ko(
|
||||
ko = UserFactory.create()
|
||||
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=ko,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
|
||||
task_order = TaskOrderFactory.create(portfolio=portfolio, contracting_officer=ko)
|
||||
@ -470,10 +488,13 @@ def test_submit_completed_ko_review_page_as_ko(
|
||||
def test_so_review_page(app, client, user_session, portfolio):
|
||||
so = UserFactory.create()
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=so,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
task_order = TaskOrderFactory.create(portfolio=portfolio, security_officer=so)
|
||||
|
||||
@ -508,10 +529,13 @@ def test_so_review_page(app, client, user_session, portfolio):
|
||||
def test_submit_so_review(app, client, user_session, portfolio):
|
||||
so = UserFactory.create()
|
||||
PortfolioRoleFactory.create(
|
||||
role=Roles.get("officer"),
|
||||
portfolio=portfolio,
|
||||
user=so,
|
||||
status=PortfolioStatus.ACTIVE,
|
||||
permission_sets=[
|
||||
Roles.get("view_portfolio"),
|
||||
Roles.get("view_portfolio_funding"),
|
||||
],
|
||||
)
|
||||
task_order = TaskOrderFactory.create(portfolio=portfolio, security_officer=so)
|
||||
dd_254_data = DD254Factory.dictionary()
|
||||
|
||||
@ -28,9 +28,6 @@ def test_invite_officers_to_task_order(client, user_session, queue):
|
||||
|
||||
# owner and three officers are portfolio members
|
||||
assert len(portfolio.members) == 4
|
||||
roles = [member.role.name for member in portfolio.members]
|
||||
# officers exist in roles
|
||||
assert roles.count("officer") == 3
|
||||
# email invitations are enqueued
|
||||
assert len(queue.get_queue()) == 3
|
||||
# task order has relationship to user for each officer role
|
||||
|
||||
@ -33,7 +33,7 @@ def test_non_owner_user_with_one_portfolio_redirected_to_portfolio_applications(
|
||||
user = UserFactory.create()
|
||||
portfolio = PortfolioFactory.create()
|
||||
Portfolios._create_portfolio_role(
|
||||
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
|
||||
user, portfolio, status=PortfolioRoleStatus.ACTIVE
|
||||
)
|
||||
|
||||
user_session(user)
|
||||
@ -51,7 +51,7 @@ def test_non_owner_user_with_mulitple_portfolios_redirected_to_portfolios(
|
||||
portfolio = PortfolioFactory.create()
|
||||
portfolios.append(portfolio)
|
||||
role = Portfolios._create_portfolio_role(
|
||||
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
|
||||
user, portfolio, status=PortfolioRoleStatus.ACTIVE
|
||||
)
|
||||
|
||||
user_session(user)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user