pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove portfolio_role direct relationship to role

Browse Source
This commit is contained in:
dandds
2019-03-13 05:56:59 -04:00
parent 44a4d98978
commit 0c2ab6fb7a
20 changed files with 111 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tests/domain/test_audit_log.py
View File

@@ -53,10 +53,7 @@ def test_ws_admin_can_view_ws_audit_log():
portfolio = PortfolioFactory.create()
admin = UserFactory.create()
PortfolioRoleFactory.create(
portfolio=portfolio,
user=admin,
role=Roles.get("admin"),
status=PortfolioRoleStatus.ACTIVE,
portfolio=portfolio, user=admin, status=PortfolioRoleStatus.ACTIVE
)
events = AuditLog.get_portfolio_events(admin, portfolio)
assert len(events) > 0

56
tests/domain/test_portfolio_roles.py
View File

@@ -11,66 +11,12 @@ from tests.factories import (
)
def test_can_create_new_portfolio_role():
portfolio = PortfolioFactory.create()
new_user = UserFactory.create()
portfolio_role_dicts = [{"id": new_user.id, "portfolio_role": "owner"}]
portfolio_roles = PortfolioRoles.add_many(portfolio.id, portfolio_role_dicts)
assert portfolio_roles[0].user_id == new_user.id
assert portfolio_roles[0].user.atat_role.name == new_user.atat_role.name
assert portfolio_roles[0].role.name == new_user.portfolio_roles[0].role.name
def test_can_update_existing_portfolio_role():
portfolio = PortfolioFactory.create()
new_user = UserFactory.create()
PortfolioRoles.add_many(
portfolio.id, [{"id": new_user.id, "portfolio_role": "owner"}]
)
portfolio_roles = PortfolioRoles.add_many(
portfolio.id, [{"id": new_user.id, "portfolio_role": "developer"}]
)
assert portfolio_roles[0].user.atat_role.name == new_user.atat_role.name
assert portfolio_roles[0].role.name == new_user.portfolio_roles[0].role.name
def test_portfolio_role_permissions():
portfolio_one = PortfolioFactory.create()
portfolio_two = PortfolioFactory.create()
new_user = UserFactory.create()
PortfolioRoleFactory.create(
portfolio=portfolio_one,
user=new_user,
role=Roles.get("developer"),
status=PortfolioRoleStatus.ACTIVE,
)
PortfolioRoleFactory.create(
portfolio=portfolio_two,
user=new_user,
role=Roles.get("developer"),
status=PortfolioRoleStatus.PENDING,
)
default_perms = set(new_user.atat_role.permissions)
assert len(
PortfolioRoles.portfolio_role_permissions(portfolio_one, new_user)
) > len(default_perms)
assert (
PortfolioRoles.portfolio_role_permissions(portfolio_two, new_user)
== default_perms
)
def test_add_portfolio_role_with_permission_sets():
portfolio = PortfolioFactory.create()
new_user = UserFactory.create()
permission_sets = ["edit_portfolio_application_management"]
port_role = PortfolioRoles.add(
new_user, portfolio.id, "developer", permission_sets=permission_sets
new_user, portfolio.id, permission_sets=permission_sets
)
assert len(port_role.permission_sets) == 5
expected_names = [

3
tests/domain/test_portfolios.py
View File

@@ -53,7 +53,7 @@ def test_get_for_update_applications_allows_owner(portfolio, portfolio_owner):
def test_get_for_update_applications_blocks_developer(portfolio):
developer = UserFactory.create()
PortfolioRoles.add(developer, portfolio.id, "developer")
PortfolioRoles.add(developer, portfolio.id)
with pytest.raises(UnauthorizedError):
Portfolios.get_for_update_applications(developer, portfolio.id)
@@ -120,7 +120,6 @@ def test_update_portfolio_role_role(portfolio, portfolio_owner):
portfolio_owner, portfolio, member, role_name
)
assert updated_member.portfolio == portfolio
assert updated_member.role_name == role_name
def test_need_permission_to_update_portfolio_role_role(portfolio, portfolio_owner):

6
tests/domain/test_task_orders.py
View File

@@ -2,6 +2,7 @@ import pytest
from atst.domain.task_orders import TaskOrders, TaskOrderError, DD254s
from atst.domain.exceptions import UnauthorizedError
from atst.domain.roles import Roles, _VIEW_PORTFOLIO_PERMISSION_SETS
from atst.models.attachment import Attachment
from tests.factories import (
@@ -90,10 +91,7 @@ def test_add_officer_who_is_already_portfolio_member():
assert task_order.contracting_officer == owner
member = task_order.portfolio.members[0]
assert member.user == owner and member.role_name == "owner"
from atst.domain.roles import Roles, _VIEW_PORTFOLIO_PERMISSION_SETS
assert member.user == owner
def test_task_order_access():

8
tests/factories.py
View File

@@ -69,11 +69,6 @@ def _random_date(year_min, year_max, operation):
)
def random_portfolio_role():
choice = random.choice(PORTFOLIO_ROLES)
return Roles.get(choice["name"])
def base_portfolio_permission_sets():
return [Roles.get(prms["name"]) for prms in _VIEW_PORTFOLIO_PERMISSION_SETS]
@@ -135,7 +130,6 @@ class PortfolioFactory(Base):
PortfolioRoleFactory.create(
portfolio=portfolio,
role=Roles.get("owner"),
user=owner,
status=PortfolioRoleStatus.ACTIVE,
permission_sets=get_all_portfolio_permission_sets(),
@@ -155,7 +149,6 @@ class PortfolioFactory(Base):
PortfolioRoleFactory.create(
portfolio=portfolio,
role=Roles.get(role_name),
user=user,
status=PortfolioRoleStatus.ACTIVE,
permission_sets=perms_set,
@@ -211,7 +204,6 @@ class PortfolioRoleFactory(Base):
model = PortfolioRole
portfolio = factory.SubFactory(PortfolioFactory)
role = factory.LazyFunction(random_portfolio_role)
user = factory.SubFactory(UserFactory)
status = PortfolioRoleStatus.PENDING
permission_sets = factory.LazyFunction(base_portfolio_permission_sets)

26
tests/models/test_portfolio_role.py
View File

@@ -1,3 +1,4 @@
import pytest
import datetime
from atst.domain.environments import Environments
@@ -26,7 +27,7 @@ def test_has_no_ws_role_history(session):
user = UserFactory.create()
portfolio = PortfolioFactory.create(owner=owner)
portfolio_role = PortfolioRoles.add(user, portfolio.id, "developer")
portfolio_role = PortfolioRoles.add(user, portfolio.id)
create_event = (
session.query(AuditEvent)
.filter(
@@ -38,6 +39,7 @@ def test_has_no_ws_role_history(session):
assert not create_event.changed_state
@pytest.mark.skip(reason="need to update audit log permission set handling")
def test_has_ws_role_history(session):
owner = UserFactory.create()
user = UserFactory.create()
@@ -47,9 +49,7 @@ def test_has_ws_role_history(session):
# in order to get the history, we don't want the PortfolioRoleFactory
# to commit after create()
PortfolioRoleFactory._meta.sqlalchemy_session_persistence = "flush"
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, role=role
)
portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio, user=user)
PortfolioRoles.update_role(portfolio_role, "admin")
changed_events = (
session.query(AuditEvent)
@@ -138,7 +138,7 @@ def test_event_details():
user = UserFactory.create()
portfolio = PortfolioFactory.create(owner=owner)
portfolio_role = PortfolioRoles.add(user, portfolio.id, "developer")
portfolio_role = PortfolioRoles.add(user, portfolio.id)
assert portfolio_role.event_details["updated_user_name"] == user.displayname
assert portfolio_role.event_details["updated_user_id"] == str(user.id)
@@ -185,22 +185,6 @@ def test_has_environment_roles():
assert portfolio_role.has_environment_roles
def test_role_displayname():
owner = UserFactory.create()
developer_data = {
"dod_id": "1234567890",
"first_name": "Test",
"last_name": "User",
"email": "test.user@mail.com",
"portfolio_role": "developer",
}
portfolio = PortfolioFactory.create(owner=owner)
portfolio_role = Portfolios.create_member(owner, portfolio, developer_data)
assert portfolio_role.role_displayname == "Developer"
def test_status_when_member_is_active():
portfolio_role = PortfolioRoleFactory.create(status=Status.ACTIVE)
assert portfolio_role.display_status == "Active"

9
tests/routes/portfolios/test_applications.py
View File

@@ -29,7 +29,7 @@ def test_user_without_permission_has_no_budget_report_link(client, user_session)
user = UserFactory.create()
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
user, portfolio, status=PortfolioRoleStatus.ACTIVE
)
user_session(user)
response = client.get("/portfolios/{}/applications".format(portfolio.id))
@@ -45,10 +45,7 @@ def test_user_with_permission_has_activity_log_link(client, user_session):
ccpo = UserFactory.from_atat_role("ccpo")
admin = UserFactory.create()
PortfolioRoleFactory.create(
portfolio=portfolio,
user=admin,
role=Roles.get("admin"),
status=PortfolioRoleStatus.ACTIVE,
portfolio=portfolio, user=admin, status=PortfolioRoleStatus.ACTIVE
)
user_session(portfolio.owner)
@@ -103,7 +100,7 @@ def test_user_with_permission_has_add_application_link(client, user_session):
def test_user_without_permission_has_no_add_application_link(client, user_session):
user = UserFactory.create()
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
Portfolios._create_portfolio_role(user, portfolio)
user_session(user)
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (

25
tests/routes/portfolios/test_members.py
View File

@@ -45,6 +45,7 @@ def test_user_with_permission_has_add_member_link(client, user_session):
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get("/portfolios/{}/members".format(portfolio.id))
assert response.status_code == 200
assert (
'href="/portfolios/{}/members/new"'.format(portfolio.id).encode()
in response.data
@@ -54,7 +55,7 @@ def test_user_with_permission_has_add_member_link(client, user_session):
def test_user_without_permission_has_no_add_member_link(client, user_session):
user = UserFactory.create()
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
Portfolios._create_portfolio_role(user, portfolio)
user_session(user)
response = client.get("/portfolios/{}/members".format(portfolio.id))
assert (
@@ -66,8 +67,8 @@ def test_user_without_permission_has_no_add_member_link(client, user_session):
def test_permissions_for_view_member(client, user_session):
user = UserFactory.create()
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
member = PortfolioRoles.add(user, portfolio.id, "developer")
Portfolios._create_portfolio_role(user, portfolio)
member = PortfolioRoles.add(user, portfolio.id)
user_session(user)
response = client.get(
url_for("portfolios.view_member", portfolio_id=portfolio.id, member_id=user.id)
@@ -106,11 +107,12 @@ def test_create_member(client, user_session):
assert len(portfolio_role.permission_sets) == 4
@pytest.mark.skip(reason="permission set display not implemented")
def test_view_member_shows_role(client, user_session):
user = UserFactory.create()
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
member = PortfolioRoles.add(user, portfolio.id, "developer")
Portfolios._create_portfolio_role(user, portfolio)
member = PortfolioRoles.add(user, portfolio.id)
user_session(portfolio.owner)
response = client.get(
url_for("portfolios.view_member", portfolio_id=portfolio.id, member_id=user.id)
@@ -119,10 +121,11 @@ def test_view_member_shows_role(client, user_session):
assert "initial-choice='developer'".encode() in response.data
@pytest.mark.skip(reason="need to re-implement for permission set changes")
def test_update_member_portfolio_role(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = PortfolioRoles.add(user, portfolio.id, "developer")
member = PortfolioRoles.add(user, portfolio.id)
user_session(portfolio.owner)
response = client.post(
url_for(
@@ -136,10 +139,11 @@ def test_update_member_portfolio_role(client, user_session):
assert member.role_name == "security_auditor"
@pytest.mark.skip(reason="update member permission sets not implemented")
def test_update_member_portfolio_role_with_no_data(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = PortfolioRoles.add(user, portfolio.id, "developer")
member = PortfolioRoles.add(user, portfolio.id)
user_session(portfolio.owner)
response = client.post(
url_for(
@@ -152,10 +156,11 @@ def test_update_member_portfolio_role_with_no_data(client, user_session):
assert member.role_name == "developer"
@pytest.mark.skip(reason="update member permission sets not implemented")
def test_update_member_environment_role(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = PortfolioRoles.add(user, portfolio.id, "developer")
member = PortfolioRoles.add(user, portfolio.id)
application = Applications.create(
portfolio.owner,
portfolio,
@@ -173,7 +178,6 @@ def test_update_member_environment_role(client, user_session):
"portfolios.update_member", portfolio_id=portfolio.id, member_id=user.id
),
data={
"portfolio_role": "developer",
"env_" + str(env1_id): "security_auditor",
"env_" + str(env2_id): "devops",
},
@@ -189,7 +193,7 @@ def test_update_member_environment_role(client, user_session):
def test_update_member_environment_role_with_no_data(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = PortfolioRoles.add(user, portfolio.id, "developer")
member = PortfolioRoles.add(user, portfolio.id)
application = Applications.create(
portfolio.owner,
portfolio,
@@ -263,6 +267,7 @@ def test_only_shows_revoke_access_button_if_active(client, user_session):
member_id=member.user.id,
)
)
assert response.status_code == 200
assert "Remove Portfolio Access" in response.data.decode()
assert "Revoke Invitation" not in response.data.decode()
assert "Resend Invitation" not in response.data.decode()

40
tests/routes/portfolios/test_task_orders.py
View File

@@ -230,10 +230,13 @@ class TestTaskOrderInvitations:
def test_ko_can_view_task_order(client, user_session, portfolio, user):
PortfolioRoleFactory.create(
role=Roles.get("owner"),
portfolio=portfolio,
user=user,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(portfolio=portfolio, contracting_officer=user)
user_session(user)
@@ -294,16 +297,22 @@ def test_ko_can_view_ko_review_page(client, user_session):
cor = UserFactory.create()
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=ko,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=cor,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(
portfolio=portfolio,
@@ -365,10 +374,13 @@ def test_mo_redirected_to_build_page(client, user_session, portfolio):
def test_cor_redirected_to_build_page(client, user_session, portfolio):
cor = UserFactory.create()
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=cor,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(
portfolio=portfolio, contracting_officer_representative=cor
@@ -384,10 +396,13 @@ def test_submit_completed_ko_review_page_as_cor(
client, user_session, pdf_upload, portfolio, user
):
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=user,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(
@@ -429,10 +444,13 @@ def test_submit_completed_ko_review_page_as_ko(
ko = UserFactory.create()
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=ko,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(portfolio=portfolio, contracting_officer=ko)
@@ -470,10 +488,13 @@ def test_submit_completed_ko_review_page_as_ko(
def test_so_review_page(app, client, user_session, portfolio):
so = UserFactory.create()
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=so,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(portfolio=portfolio, security_officer=so)
@@ -508,10 +529,13 @@ def test_so_review_page(app, client, user_session, portfolio):
def test_submit_so_review(app, client, user_session, portfolio):
so = UserFactory.create()
PortfolioRoleFactory.create(
role=Roles.get("officer"),
portfolio=portfolio,
user=so,
status=PortfolioStatus.ACTIVE,
permission_sets=[
Roles.get("view_portfolio"),
Roles.get("view_portfolio_funding"),
],
)
task_order = TaskOrderFactory.create(portfolio=portfolio, security_officer=so)
dd_254_data = DD254Factory.dictionary()

3
tests/routes/task_orders/test_invite.py
View File

@@ -28,9 +28,6 @@ def test_invite_officers_to_task_order(client, user_session, queue):
# owner and three officers are portfolio members
assert len(portfolio.members) == 4
roles = [member.role.name for member in portfolio.members]
# officers exist in roles
assert roles.count("officer") == 3
# email invitations are enqueued
assert len(queue.get_queue()) == 3
# task order has relationship to user for each officer role

4
tests/routes/test_home.py
View File

@@ -33,7 +33,7 @@ def test_non_owner_user_with_one_portfolio_redirected_to_portfolio_applications(
user = UserFactory.create()
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
user, portfolio, status=PortfolioRoleStatus.ACTIVE
)
user_session(user)
@@ -51,7 +51,7 @@ def test_non_owner_user_with_mulitple_portfolios_redirected_to_portfolios(
portfolio = PortfolioFactory.create()
portfolios.append(portfolio)
role = Portfolios._create_portfolio_role(
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
user, portfolio, status=PortfolioRoleStatus.ACTIVE
)
user_session(user)