pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change constant names

Browse Source
This commit is contained in:
dandds 2019-01-11 10:30:09 -05:00
parent d3d36822df
commit 0eec42c55b
19 changed files with 90 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
atst/domain/applications.py
View File

@ -27,7 +27,7 @@ class Applications(object):
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, user,
portfolio, portfolio,
Permissions.VIEW_APPLICATION_IN_WORKSPACE, Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
"view application in portfolio", "view application in portfolio",
) )
@ -56,7 +56,7 @@ class Applications(object):
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, user,
portfolio, portfolio,
Permissions.VIEW_APPLICATION_IN_WORKSPACE, Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
"view application in portfolio", "view application in portfolio",
) )

2
atst/domain/audit_log.py
View File

@ -46,7 +46,7 @@ class AuditLog(object):
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, user,
portfolio, portfolio,
Permissions.VIEW_WORKSPACE_AUDIT_LOG, Permissions.VIEW_PORTFOLIO_AUDIT_LOG,
"view portfolio audit log", "view portfolio audit log",
) )
return AuditEventQuery.get_ws_events(portfolio.id, pagination_opts) return AuditEventQuery.get_ws_events(portfolio.id, pagination_opts)

10
atst/domain/portfolios/portfolios.py
View File

@ -38,7 +38,7 @@ class Portfolios(object):
def get(cls, user, portfolio_id): def get(cls, user, portfolio_id):
portfolio = PortfoliosQuery.get(portfolio_id) portfolio = PortfoliosQuery.get(portfolio_id)
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, portfolio, Permissions.VIEW_WORKSPACE, "get portfolio" user, portfolio, Permissions.VIEW_PORTFOLIO, "get portfolio"
) )
return ScopedPortfolio(user, portfolio) return ScopedPortfolio(user, portfolio)
@ -47,7 +47,7 @@ class Portfolios(object):
def get_for_update_applications(cls, user, portfolio_id): def get_for_update_applications(cls, user, portfolio_id):
portfolio = PortfoliosQuery.get(portfolio_id) portfolio = PortfoliosQuery.get(portfolio_id)
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, portfolio, Permissions.ADD_APPLICATION_IN_WORKSPACE, "add application" user, portfolio, Permissions.ADD_APPLICATION_IN_PORTFOLIO, "add application"
) )
return portfolio return portfolio
@ -58,7 +58,7 @@ class Portfolios(object):
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, user,
portfolio, portfolio,
Permissions.EDIT_WORKSPACE_INFORMATION, Permissions.EDIT_PORTFOLIO_INFORMATION,
"update portfolio information", "update portfolio information",
) )
@ -86,7 +86,7 @@ class Portfolios(object):
Authorization.check_portfolio_permission( Authorization.check_portfolio_permission(
user, user,
portfolio, portfolio,
Permissions.VIEW_WORKSPACE_MEMBERS, Permissions.VIEW_PORTFOLIO_MEMBERS,
"view portfolio members", "view portfolio members",
) )
@ -94,7 +94,7 @@ class Portfolios(object):
@classmethod @classmethod
def for_user(cls, user): def for_user(cls, user):
if Authorization.has_atat_permission(user, Permissions.VIEW_WORKSPACE): if Authorization.has_atat_permission(user, Permissions.VIEW_PORTFOLIO):
portfolios = PortfoliosQuery.get_all() portfolios = PortfoliosQuery.get_all()
else: else:
portfolios = PortfoliosQuery.get_for_user(user) portfolios = PortfoliosQuery.get_for_user(user)

2
atst/domain/portfolios/scopes.py
View File

@ -31,7 +31,7 @@ class ScopedPortfolio(ScopedResource):
@property @property
def applications(self): def applications(self):
can_view_all_applications = Authorization.has_portfolio_permission( can_view_all_applications = Authorization.has_portfolio_permission(
self.user, self.resource, Permissions.VIEW_APPLICATION_IN_WORKSPACE self.user, self.resource, Permissions.VIEW_APPLICATION_IN_PORTFOLIO
) )
if can_view_all_applications: if can_view_all_applications:

4
atst/domain/requests/authorization.py
View File

@ -12,7 +12,7 @@ class RequestsAuthorization(object):
def can_view(self): def can_view(self):
return ( return (
Authorization.has_atat_permission( Authorization.has_atat_permission(
self.user, Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST self.user, Permissions.REVIEW_AND_APPROVE_JEDI_PORTFOLIO_REQUEST
) )
or self.request.creator == self.user or self.request.creator == self.user
) )
@ -24,6 +24,6 @@ class RequestsAuthorization(object):
def check_can_approve(self): def check_can_approve(self):
return Authorization.check_atat_permission( return Authorization.check_atat_permission(
self.user, self.user,
Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST, Permissions.REVIEW_AND_APPROVE_JEDI_PORTFOLIO_REQUEST,
"cannot review and approve requests", "cannot review and approve requests",
) )

76
atst/domain/roles.py
View File

@ -12,7 +12,7 @@ ATAT_ROLES = [
"description": "", "description": "",
"permissions": [ "permissions": [
Permissions.VIEW_ORIGINAL_JEDI_REQEUST, Permissions.VIEW_ORIGINAL_JEDI_REQEUST,
Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST, Permissions.REVIEW_AND_APPROVE_JEDI_PORTFOLIO_REQUEST,
Permissions.MODIFY_ATAT_ROLE_PERMISSIONS, Permissions.MODIFY_ATAT_ROLE_PERMISSIONS,
Permissions.CREATE_CSP_ROLE, Permissions.CREATE_CSP_ROLE,
Permissions.DELETE_CSP_ROLE, Permissions.DELETE_CSP_ROLE,
@ -26,41 +26,41 @@ ATAT_ROLES = [
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE, Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
Permissions.DEACTIVATE_WORKSPACE, Permissions.DEACTIVATE_PORTFOLIO,
Permissions.VIEW_ATAT_PERMISSIONS, Permissions.VIEW_ATAT_PERMISSIONS,
Permissions.TRANSFER_OWNERSHIP_OF_WORKSPACE, Permissions.TRANSFER_OWNERSHIP_OF_PORTFOLIO,
Permissions.VIEW_WORKSPACE, Permissions.VIEW_PORTFOLIO,
Permissions.VIEW_WORKSPACE_MEMBERS, Permissions.VIEW_PORTFOLIO_MEMBERS,
Permissions.ADD_APPLICATION_IN_WORKSPACE, Permissions.ADD_APPLICATION_IN_PORTFOLIO,
Permissions.DELETE_APPLICATION_IN_WORKSPACE, Permissions.DELETE_APPLICATION_IN_PORTFOLIO,
Permissions.DEACTIVATE_APPLICATION_IN_WORKSPACE, Permissions.DEACTIVATE_APPLICATION_IN_PORTFOLIO,
Permissions.VIEW_APPLICATION_IN_WORKSPACE, Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
Permissions.RENAME_APPLICATION_IN_WORKSPACE, Permissions.RENAME_APPLICATION_IN_PORTFOLIO,
Permissions.ADD_ENVIRONMENT_IN_APPLICATION, Permissions.ADD_ENVIRONMENT_IN_APPLICATION,
Permissions.DELETE_ENVIRONMENT_IN_APPLICATION, Permissions.DELETE_ENVIRONMENT_IN_APPLICATION,
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION, Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION, Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION, Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
Permissions.ADD_TAG_TO_WORKSPACE, Permissions.ADD_TAG_TO_PORTFOLIO,
Permissions.REMOVE_TAG_FROM_WORKSPACE, Permissions.REMOVE_TAG_FROM_PORTFOLIO,
Permissions.VIEW_AUDIT_LOG, Permissions.VIEW_AUDIT_LOG,
Permissions.VIEW_WORKSPACE_AUDIT_LOG, Permissions.VIEW_PORTFOLIO_AUDIT_LOG,
], ],
}, },
{ {
"name": "default", "name": "default",
"display_name": "Default", "display_name": "Default",
"description": "", "description": "",
"permissions": [Permissions.REQUEST_JEDI_WORKSPACE], "permissions": [Permissions.REQUEST_JEDI_PORTFOLIO],
}, },
] ]
WORKSPACE_ROLES = [ PORTFOLIO_ROLES = [
{ {
"name": "owner", "name": "owner",
"display_name": "Portfolio Owner", "display_name": "Portfolio Owner",
"description": "Adds, edits, deactivates access to all applications, environments, and members. Views budget reports. Initiates and edits JEDI Cloud requests.", "description": "Adds, edits, deactivates access to all applications, environments, and members. Views budget reports. Initiates and edits JEDI Cloud requests.",
"permissions": [ "permissions": [
Permissions.REQUEST_JEDI_WORKSPACE, Permissions.REQUEST_JEDI_PORTFOLIO,
Permissions.VIEW_ORIGINAL_JEDI_REQEUST, Permissions.VIEW_ORIGINAL_JEDI_REQEUST,
Permissions.VIEW_USAGE_REPORT, Permissions.VIEW_USAGE_REPORT,
Permissions.VIEW_USAGE_DOLLARS, Permissions.VIEW_USAGE_DOLLARS,
@ -70,22 +70,22 @@ WORKSPACE_ROLES = [
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE, Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
Permissions.DEACTIVATE_WORKSPACE, Permissions.DEACTIVATE_PORTFOLIO,
Permissions.VIEW_ATAT_PERMISSIONS, Permissions.VIEW_ATAT_PERMISSIONS,
Permissions.VIEW_WORKSPACE, Permissions.VIEW_PORTFOLIO,
Permissions.VIEW_WORKSPACE_MEMBERS, Permissions.VIEW_PORTFOLIO_MEMBERS,
Permissions.EDIT_WORKSPACE_INFORMATION, Permissions.EDIT_PORTFOLIO_INFORMATION,
Permissions.ADD_APPLICATION_IN_WORKSPACE, Permissions.ADD_APPLICATION_IN_PORTFOLIO,
Permissions.DELETE_APPLICATION_IN_WORKSPACE, Permissions.DELETE_APPLICATION_IN_PORTFOLIO,
Permissions.DEACTIVATE_APPLICATION_IN_WORKSPACE, Permissions.DEACTIVATE_APPLICATION_IN_PORTFOLIO,
Permissions.VIEW_APPLICATION_IN_WORKSPACE, Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
Permissions.RENAME_APPLICATION_IN_WORKSPACE, Permissions.RENAME_APPLICATION_IN_PORTFOLIO,
Permissions.ADD_ENVIRONMENT_IN_APPLICATION, Permissions.ADD_ENVIRONMENT_IN_APPLICATION,
Permissions.DELETE_ENVIRONMENT_IN_APPLICATION, Permissions.DELETE_ENVIRONMENT_IN_APPLICATION,
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION, Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION, Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION, Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_WORKSPACE_AUDIT_LOG, Permissions.VIEW_PORTFOLIO_AUDIT_LOG,
Permissions.VIEW_TASK_ORDER, Permissions.VIEW_TASK_ORDER,
Permissions.UPDATE_TASK_ORDER, Permissions.UPDATE_TASK_ORDER,
Permissions.ADD_TASK_ORDER_OFFICER, Permissions.ADD_TASK_ORDER_OFFICER,
@ -103,20 +103,20 @@ WORKSPACE_ROLES = [
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE, Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
Permissions.VIEW_WORKSPACE, Permissions.VIEW_PORTFOLIO,
Permissions.VIEW_WORKSPACE_MEMBERS, Permissions.VIEW_PORTFOLIO_MEMBERS,
Permissions.EDIT_WORKSPACE_INFORMATION, Permissions.EDIT_PORTFOLIO_INFORMATION,
Permissions.ADD_APPLICATION_IN_WORKSPACE, Permissions.ADD_APPLICATION_IN_PORTFOLIO,
Permissions.DELETE_APPLICATION_IN_WORKSPACE, Permissions.DELETE_APPLICATION_IN_PORTFOLIO,
Permissions.DEACTIVATE_APPLICATION_IN_WORKSPACE, Permissions.DEACTIVATE_APPLICATION_IN_PORTFOLIO,
Permissions.VIEW_APPLICATION_IN_WORKSPACE, Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
Permissions.RENAME_APPLICATION_IN_WORKSPACE, Permissions.RENAME_APPLICATION_IN_PORTFOLIO,
Permissions.ADD_ENVIRONMENT_IN_APPLICATION, Permissions.ADD_ENVIRONMENT_IN_APPLICATION,
Permissions.DELETE_ENVIRONMENT_IN_APPLICATION, Permissions.DELETE_ENVIRONMENT_IN_APPLICATION,
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION, Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION, Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION, Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_WORKSPACE_AUDIT_LOG, Permissions.VIEW_PORTFOLIO_AUDIT_LOG,
Permissions.VIEW_TASK_ORDER, Permissions.VIEW_TASK_ORDER,
Permissions.UPDATE_TASK_ORDER, Permissions.UPDATE_TASK_ORDER,
Permissions.ADD_TASK_ORDER_OFFICER, Permissions.ADD_TASK_ORDER_OFFICER,
@ -126,7 +126,7 @@ WORKSPACE_ROLES = [
"name": "developer", "name": "developer",
"display_name": "Developer", "display_name": "Developer",
"description": "Views only the applications and environments they are granted access to. Can also view members associated with each environment.", "description": "Views only the applications and environments they are granted access to. Can also view members associated with each environment.",
"permissions": [Permissions.VIEW_USAGE_REPORT, Permissions.VIEW_WORKSPACE], "permissions": [Permissions.VIEW_USAGE_REPORT, Permissions.VIEW_PORTFOLIO],
}, },
{ {
"name": "billing_auditor", "name": "billing_auditor",
@ -135,7 +135,7 @@ WORKSPACE_ROLES = [
"permissions": [ "permissions": [
Permissions.VIEW_USAGE_REPORT, Permissions.VIEW_USAGE_REPORT,
Permissions.VIEW_USAGE_DOLLARS, Permissions.VIEW_USAGE_DOLLARS,
Permissions.VIEW_WORKSPACE, Permissions.VIEW_PORTFOLIO,
], ],
}, },
{ {
@ -146,7 +146,7 @@ WORKSPACE_ROLES = [
Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS, Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
Permissions.VIEW_ATAT_PERMISSIONS, Permissions.VIEW_ATAT_PERMISSIONS,
Permissions.VIEW_WORKSPACE, Permissions.VIEW_PORTFOLIO,
], ],
}, },
{ {

8
atst/forms/data.py
View File

@ -1,4 +1,4 @@
from atst.domain.roles import WORKSPACE_ROLES as WORKSPACE_ROLE_DEFINITIONS from atst.domain.roles import PORTFOLIO_ROLES as PORTFOLIO_ROLE_DEFINITIONS
SERVICE_BRANCHES = [ SERVICE_BRANCHES = [
("", "Select an option"), ("", "Select an option"),
@ -105,9 +105,9 @@ COMPLETION_DATE_RANGES = [
("Above 12 months", "Above 12 months"), ("Above 12 months", "Above 12 months"),
] ]
WORKSPACE_ROLES = [ PORTFOLIO_ROLES = [
(role["name"], {"name": role["display_name"], "description": role["description"]}) (role["name"], {"name": role["display_name"], "description": role["description"]})
for role in WORKSPACE_ROLE_DEFINITIONS for role in PORTFOLIO_ROLE_DEFINITIONS
if role["name"] is not "officer" if role["name"] is not "officer"
] ]
@ -186,7 +186,7 @@ APP_MIGRATION = [
("not_sure", "Not Sure"), ("not_sure", "Not Sure"),
] ]
PROJECT_COMPLEXITY = [ APPLICATION_COMPLEXITY = [
("storage", "Storage "), ("storage", "Storage "),
("data_analytics", "Data Analytics "), ("data_analytics", "Data Analytics "),
("conus", "CONUS Access "), ("conus", "CONUS Access "),

4
atst/forms/edit_member.py
View File

@ -4,7 +4,7 @@ from wtforms.validators import Required
from atst.forms.fields import SelectField from atst.forms.fields import SelectField
from atst.utils.localization import translate from atst.utils.localization import translate
from .data import WORKSPACE_ROLES from .data import PORTFOLIO_ROLES
class EditMemberForm(FlaskForm): class EditMemberForm(FlaskForm):
@ -13,6 +13,6 @@ class EditMemberForm(FlaskForm):
portfolio_role = SelectField( portfolio_role = SelectField(
translate("forms.edit_member.portfolio_role_label"), translate("forms.edit_member.portfolio_role_label"),
choices=WORKSPACE_ROLES, choices=PORTFOLIO_ROLES,
validators=[Required()], validators=[Required()],
) )

4
atst/forms/new_member.py
View File

@ -7,7 +7,7 @@ from atst.forms.validators import IsNumber
from atst.forms.fields import SelectField from atst.forms.fields import SelectField
from atst.utils.localization import translate from atst.utils.localization import translate
from .data import WORKSPACE_ROLES from .data import PORTFOLIO_ROLES
class NewMemberForm(FlaskForm): class NewMemberForm(FlaskForm):
@ -27,7 +27,7 @@ class NewMemberForm(FlaskForm):
) )
portfolio_role = SelectField( portfolio_role = SelectField(
translate("forms.new_member.portfolio_role_label"), translate("forms.new_member.portfolio_role_label"),
choices=WORKSPACE_ROLES, choices=PORTFOLIO_ROLES,
validators=[Required()], validators=[Required()],
default="", default="",
description=translate("forms.new_member.portfolio_role_description"), description=translate("forms.new_member.portfolio_role_description"),

4
atst/forms/task_order.py
View File

@ -18,7 +18,7 @@ from .forms import CacheableForm
from .data import ( from .data import (
SERVICE_BRANCHES, SERVICE_BRANCHES,
APP_MIGRATION, APP_MIGRATION,
PROJECT_COMPLEXITY, APPLICATION_COMPLEXITY,
DEV_TEAM, DEV_TEAM,
TEAM_EXPERIENCE, TEAM_EXPERIENCE,
PERIOD_OF_PERFORMANCE_LENGTH, PERIOD_OF_PERFORMANCE_LENGTH,
@ -52,7 +52,7 @@ class AppInfoForm(CacheableForm):
complexity = SelectMultipleField( complexity = SelectMultipleField(
translate("forms.task_order.complexity_label"), translate("forms.task_order.complexity_label"),
description=translate("forms.task_order.complexity_description"), description=translate("forms.task_order.complexity_description"),
choices=PROJECT_COMPLEXITY, choices=APPLICATION_COMPLEXITY,
default="", default="",
widget=ListWidget(prefix_label=False), widget=ListWidget(prefix_label=False),
option_widget=CheckboxInput(), option_widget=CheckboxInput(),

30
atst/models/permissions.py
View File

@ -1,9 +1,9 @@
class Permissions(object): class Permissions(object):
VIEW_AUDIT_LOG = "view_audit_log" VIEW_AUDIT_LOG = "view_audit_log"
VIEW_WORKSPACE_AUDIT_LOG = "view_portfolio_audit_log" VIEW_PORTFOLIO_AUDIT_LOG = "view_portfolio_audit_log"
REQUEST_JEDI_WORKSPACE = "request_jedi_portfolio" REQUEST_JEDI_PORTFOLIO = "request_jedi_portfolio"
VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request" VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request"
REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = ( REVIEW_AND_APPROVE_JEDI_PORTFOLIO_REQUEST = (
"review_and_approve_jedi_portfolio_request" "review_and_approve_jedi_portfolio_request"
) )
MODIFY_ATAT_ROLE_PERMISSIONS = "modify_atat_role_permissions" MODIFY_ATAT_ROLE_PERMISSIONS = "modify_atat_role_permissions"
@ -22,18 +22,18 @@ class Permissions(object):
VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS = "view_assigned_atat_role_configurations" VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS = "view_assigned_atat_role_configurations"
VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS = "view_assigned_csp_role_configurations" VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS = "view_assigned_csp_role_configurations"
EDIT_WORKSPACE_INFORMATION = "edit_portfolio_information" EDIT_PORTFOLIO_INFORMATION = "edit_portfolio_information"
DEACTIVATE_WORKSPACE = "deactivate_portfolio" DEACTIVATE_PORTFOLIO = "deactivate_portfolio"
VIEW_ATAT_PERMISSIONS = "view_atat_permissions" VIEW_ATAT_PERMISSIONS = "view_atat_permissions"
TRANSFER_OWNERSHIP_OF_WORKSPACE = "transfer_ownership_of_portfolio" TRANSFER_OWNERSHIP_OF_PORTFOLIO = "transfer_ownership_of_portfolio"
VIEW_WORKSPACE_MEMBERS = "view_portfolio_members" VIEW_PORTFOLIO_MEMBERS = "view_portfolio_members"
VIEW_WORKSPACE = "view_portfolio" VIEW_PORTFOLIO = "view_portfolio"
ADD_APPLICATION_IN_WORKSPACE = "add_application_in_portfolio" ADD_APPLICATION_IN_PORTFOLIO = "add_application_in_portfolio"
DELETE_APPLICATION_IN_WORKSPACE = "delete_application_in_portfolio" DELETE_APPLICATION_IN_PORTFOLIO = "delete_application_in_portfolio"
DEACTIVATE_APPLICATION_IN_WORKSPACE = "deactivate_application_in_portfolio" DEACTIVATE_APPLICATION_IN_PORTFOLIO = "deactivate_application_in_portfolio"
VIEW_APPLICATION_IN_WORKSPACE = "view_application_in_portfolio" VIEW_APPLICATION_IN_PORTFOLIO = "view_application_in_portfolio"
RENAME_APPLICATION_IN_WORKSPACE = "rename_application_in_portfolio" RENAME_APPLICATION_IN_PORTFOLIO = "rename_application_in_portfolio"
ADD_ENVIRONMENT_IN_APPLICATION = "add_environment_in_application" ADD_ENVIRONMENT_IN_APPLICATION = "add_environment_in_application"
DELETE_ENVIRONMENT_IN_APPLICATION = "delete_environment_in_application" DELETE_ENVIRONMENT_IN_APPLICATION = "delete_environment_in_application"
@ -41,8 +41,8 @@ class Permissions(object):
VIEW_ENVIRONMENT_IN_APPLICATION = "view_environment_in_application" VIEW_ENVIRONMENT_IN_APPLICATION = "view_environment_in_application"
RENAME_ENVIRONMENT_IN_APPLICATION = "rename_environment_in_application" RENAME_ENVIRONMENT_IN_APPLICATION = "rename_environment_in_application"
ADD_TAG_TO_WORKSPACE = "add_tag_to_portfolio" ADD_TAG_TO_PORTFOLIO = "add_tag_to_portfolio"
REMOVE_TAG_FROM_WORKSPACE = "remove_tag_from_portfolio" REMOVE_TAG_FROM_PORTFOLIO = "remove_tag_from_portfolio"
VIEW_TASK_ORDER = "view_task_order" VIEW_TASK_ORDER = "view_task_order"
UPDATE_TASK_ORDER = "update_task_order" UPDATE_TASK_ORDER = "update_task_order"

2
atst/models/user.py
View File

@ -67,7 +67,7 @@ class User(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
@property @property
def has_portfolios(self): def has_portfolios(self):
return ( return (
Permissions.VIEW_WORKSPACE in self.atat_role.permissions Permissions.VIEW_PORTFOLIO in self.atat_role.permissions
) or self.portfolio_roles ) or self.portfolio_roles
@property @property

4
atst/routes/portfolios/members.py
View File

@ -15,7 +15,7 @@ from atst.forms.edit_member import EditMemberForm
from atst.forms.data import ( from atst.forms.data import (
ENVIRONMENT_ROLES, ENVIRONMENT_ROLES,
ENV_ROLE_MODAL_DESCRIPTION, ENV_ROLE_MODAL_DESCRIPTION,
WORKSPACE_ROLE_DEFINITIONS, PORTFOLIO_ROLE_DEFINITIONS,
) )
from atst.domain.authz import Authorization from atst.domain.authz import Authorization
from atst.models.permissions import Permissions from atst.models.permissions import Permissions
@ -47,7 +47,7 @@ def portfolio_members(portfolio_id):
return render_template( return render_template(
"portfolios/members/index.html", "portfolios/members/index.html",
portfolio=portfolio, portfolio=portfolio,
role_choices=WORKSPACE_ROLE_DEFINITIONS, role_choices=PORTFOLIO_ROLE_DEFINITIONS,
status_choices=MEMBER_STATUS_CHOICES, status_choices=MEMBER_STATUS_CHOICES,
members=members_list, members=members_list,
new_member=new_member, new_member=new_member,

2
atst/routes/requests/index.py
View File

@ -14,7 +14,7 @@ class RequestsIndex(object):
def execute(self): def execute(self):
if ( if (
Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST Permissions.REVIEW_AND_APPROVE_JEDI_PORTFOLIO_REQUEST
in self.user.atat_permissions in self.user.atat_permissions
): ):
context = self._ccpo_view(self.user) context = self._ccpo_view(self.user)

4
script/seed_roles.py
View File

@ -10,11 +10,11 @@ from sqlalchemy.orm.exc import NoResultFound
from atst.app import make_config, make_app from atst.app import make_config, make_app
from atst.database import db from atst.database import db
from atst.models import Role, Permissions from atst.models import Role, Permissions
from atst.domain.roles import ATAT_ROLES, WORKSPACE_ROLES from atst.domain.roles import ATAT_ROLES, PORTFOLIO_ROLES
def seed_roles(): def seed_roles():
for role_info in ATAT_ROLES + WORKSPACE_ROLES: for role_info in ATAT_ROLES + PORTFOLIO_ROLES:
role = Role(**role_info) role = Role(**role_info)
try: try:
existing_role = db.session.query(Role).filter_by(name=role.name).one() existing_role = db.session.query(Role).filter_by(name=role.name).one()

8
templates/navigation/portfolio_navigation.html
View File

@ -6,7 +6,7 @@
("navigation.portfolio_navigation.applications" | translate), ("navigation.portfolio_navigation.applications" | translate),
href=url_for("portfolios.portfolio_applications", portfolio_id=portfolio.id), href=url_for("portfolios.portfolio_applications", portfolio_id=portfolio.id),
active=request.url_rule.rule.startswith('/portfolios/<portfolio_id>/applications'), active=request.url_rule.rule.startswith('/portfolios/<portfolio_id>/applications'),
subnav=None if not user_can(permissions.ADD_APPLICATION_IN_WORKSPACE) else [ subnav=None if not user_can(permissions.ADD_APPLICATION_IN_PORTFOLIO) else [
{ {
"label": ("navigation.portfolio_navigation.add_new_application_label" | translate), "label": ("navigation.portfolio_navigation.add_new_application_label" | translate),
"href": url_for('portfolios.new_application', portfolio_id=portfolio.id), "href": url_for('portfolios.new_application', portfolio_id=portfolio.id),
@ -16,7 +16,7 @@
] ]
) }} ) }}
{% if user_can(permissions.VIEW_WORKSPACE_MEMBERS) %} {% if user_can(permissions.VIEW_PORTFOLIO_MEMBERS) %}
{{ SidenavItem( {{ SidenavItem(
("navigation.portfolio_navigation.members" | translate), ("navigation.portfolio_navigation.members" | translate),
href=url_for("portfolios.portfolio_members", portfolio_id=portfolio.id), href=url_for("portfolios.portfolio_members", portfolio_id=portfolio.id),
@ -47,7 +47,7 @@
subnav=None subnav=None
) }} ) }}
{% if user_can(permissions.EDIT_WORKSPACE_INFORMATION) %} {% if user_can(permissions.EDIT_PORTFOLIO_INFORMATION) %}
{{ SidenavItem( {{ SidenavItem(
("navigation.portfolio_navigation.portfolio_settings" | translate), ("navigation.portfolio_navigation.portfolio_settings" | translate),
href=url_for("portfolios.portfolio", portfolio_id=portfolio.id), href=url_for("portfolios.portfolio", portfolio_id=portfolio.id),
@ -56,7 +56,7 @@
) }} ) }}
{% endif %} {% endif %}
{% if user_can(permissions.VIEW_WORKSPACE_AUDIT_LOG) %} {% if user_can(permissions.VIEW_PORTFOLIO_AUDIT_LOG) %}
{{ SidenavItem( {{ SidenavItem(
("navigation.portfolio_navigation.activity_log" | translate), ("navigation.portfolio_navigation.activity_log" | translate),
href=url_for("portfolios.portfolio_activity", portfolio_id=portfolio.id), href=url_for("portfolios.portfolio_activity", portfolio_id=portfolio.id),

4
templates/portfolios/applications/index.html
View File

@ -8,7 +8,7 @@
{% if not portfolio.applications %} {% if not portfolio.applications %}
{% set can_create_applications = user_can(permissions.ADD_APPLICATION_IN_WORKSPACE) %} {% set can_create_applications = user_can(permissions.ADD_APPLICATION_IN_PORTFOLIO) %}
{{ EmptyState( {{ EmptyState(
'This portfolio doesnt have any applications yet.', 'This portfolio doesnt have any applications yet.',
@ -24,7 +24,7 @@
<div v-cloak class='block-list application-list-item'> <div v-cloak class='block-list application-list-item'>
<header class='block-list__header'> <header class='block-list__header'>
<h2 class='block-list__title'>{{ application.name }} ({{ application.environments|length }} environments)</h2> <h2 class='block-list__title'>{{ application.name }} ({{ application.environments|length }} environments)</h2>
{% if user_can(permissions.RENAME_APPLICATION_IN_WORKSPACE) %} {% if user_can(permissions.RENAME_APPLICATION_IN_PORTFOLIO) %}
<a class='icon-link' href='{{ url_for("portfolios.edit_application", portfolio_id=portfolio.id, application_id=application.id) }}'> <a class='icon-link' href='{{ url_for("portfolios.edit_application", portfolio_id=portfolio.id, application_id=application.id) }}'>
{{ Icon('edit') }} {{ Icon('edit') }}
<span>edit</span> <span>edit</span>

2
templates/portfolios/reports/index.html
View File

@ -115,7 +115,7 @@
{% if not portfolio.applications %} {% if not portfolio.applications %}
{% set can_create_applications = user_can(permissions.ADD_APPLICATION_IN_WORKSPACE) %} {% set can_create_applications = user_can(permissions.ADD_APPLICATION_IN_PORTFOLIO) %}
{% set message = 'This portfolio has no cloud environments set up, so there is no spending data to report. Create an application with some cloud environments to get started.' {% set message = 'This portfolio has no cloud environments set up, so there is no spending data to report. Create an application with some cloud environments to get started.'
if can_create_applications if can_create_applications
else 'This portfolio has no cloud environments set up, so there is no spending data to report. Contact the portfolio owner to set up some cloud environments.' else 'This portfolio has no cloud environments set up, so there is no spending data to report. Contact the portfolio owner to set up some cloud environments.'

6
tests/factories.py
View File

@ -18,7 +18,7 @@ from atst.models.task_order import TaskOrder
from atst.models.user import User from atst.models.user import User
from atst.models.role import Role from atst.models.role import Role
from atst.models.portfolio import Portfolio from atst.models.portfolio import Portfolio
from atst.domain.roles import Roles, WORKSPACE_ROLES from atst.domain.roles import Roles, PORTFOLIO_ROLES
from atst.models.portfolio_role import PortfolioRole, Status as PortfolioRoleStatus from atst.models.portfolio_role import PortfolioRole, Status as PortfolioRoleStatus
from atst.models.environment_role import EnvironmentRole from atst.models.environment_role import EnvironmentRole
from atst.models.invitation import Invitation, Status as InvitationStatus from atst.models.invitation import Invitation, Status as InvitationStatus
@ -55,7 +55,7 @@ def random_future_date(year_min=1, year_max=5):
def random_portfolio_role(): def random_portfolio_role():
choice = random.choice(WORKSPACE_ROLES) choice = random.choice(PORTFOLIO_ROLES)
return Roles.get(choice["name"]) return Roles.get(choice["name"])
@ -376,7 +376,7 @@ class TaskOrderFactory(Base):
defense_component = factory.LazyFunction(random_service_branch) defense_component = factory.LazyFunction(random_service_branch)
app_migration = random_choice(data.APP_MIGRATION) app_migration = random_choice(data.APP_MIGRATION)
native_apps = random.choices(["yes", "no", "not_sure"]) native_apps = random.choices(["yes", "no", "not_sure"])
complexity = [random_choice(data.PROJECT_COMPLEXITY)] complexity = [random_choice(data.APPLICATION_COMPLEXITY)]
dev_team = [random_choice(data.DEV_TEAM)] dev_team = [random_choice(data.DEV_TEAM)]
team_experience = random_choice(data.TEAM_EXPERIENCE) team_experience = random_choice(data.TEAM_EXPERIENCE)