Move ccpo routes into their own file
This commit is contained in:
parent
5b008e044a
commit
1f8337485f
@ -18,6 +18,7 @@ from atst.routes.applications import applications_bp
|
||||
from atst.routes.dev import bp as dev_routes
|
||||
from atst.routes.users import bp as user_routes
|
||||
from atst.routes.errors import make_error_pages
|
||||
from atst.routes.ccpo import bp as ccpo_routes
|
||||
from atst.domain.authnid.crl import CRLCache, NoOpCRLCache
|
||||
from atst.domain.auth import apply_authentication
|
||||
from atst.domain.authz import Authorization
|
||||
@ -78,6 +79,7 @@ def make_app(config):
|
||||
app.register_blueprint(task_orders_bp)
|
||||
app.register_blueprint(applications_bp)
|
||||
app.register_blueprint(user_routes)
|
||||
app.register_blueprint(ccpo_routes)
|
||||
|
||||
if ENV != "prod":
|
||||
app.register_blueprint(dev_routes)
|
||||
|
@ -128,50 +128,6 @@ def logout():
|
||||
return response
|
||||
|
||||
|
||||
@bp.route("/activity-history")
|
||||
@user_can(Permissions.VIEW_AUDIT_LOG, message="view activity log")
|
||||
def activity_history():
|
||||
pagination_opts = Paginator.get_pagination_opts(request)
|
||||
audit_events = AuditLog.get_all_events(pagination_opts)
|
||||
return render_template("audit_log/audit_log.html", audit_events=audit_events)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users")
|
||||
@user_can(Permissions.VIEW_CCPO_USER, message="view ccpo users")
|
||||
def ccpo_users():
|
||||
users = Users.get_ccpo_users()
|
||||
return render_template("ccpo/users.html", users=users)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users/new")
|
||||
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
|
||||
def add_new_ccpo_user():
|
||||
form = CCPOUserForm()
|
||||
return render_template("ccpo/add_user.html", form=form)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users/new", methods=["POST"])
|
||||
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
|
||||
def submit_add_new_ccpo_user():
|
||||
try:
|
||||
new_user = Users.get_by_dod_id(request.form["dod_id"])
|
||||
form = CCPOUserForm(obj=new_user)
|
||||
except NotFoundError:
|
||||
new_user = None
|
||||
form = CCPOUserForm()
|
||||
|
||||
return render_template("ccpo/confirm_user.html", new_user=new_user, form=form)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users/confirm-new", methods=["POST"])
|
||||
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
|
||||
def confirm_new_ccpo_user():
|
||||
user = Users.get_by_dod_id(request.form["dod_id"])
|
||||
Users.update_ccpo_permissions(user, add_perms=True)
|
||||
flash("ccpo_user_added", user_name=user.full_name)
|
||||
return redirect(url_for("atst.ccpo_users"))
|
||||
|
||||
|
||||
@bp.route("/about")
|
||||
def about():
|
||||
return render_template("about.html")
|
||||
|
58
atst/routes/ccpo.py
Normal file
58
atst/routes/ccpo.py
Normal file
@ -0,0 +1,58 @@
|
||||
from flask import Blueprint, render_template, redirect, url_for, request
|
||||
from atst.domain.users import Users
|
||||
from atst.domain.audit_log import AuditLog
|
||||
from atst.domain.common import Paginator
|
||||
from atst.domain.exceptions import NotFoundError
|
||||
from atst.domain.authz.decorator import user_can_access_decorator as user_can
|
||||
from atst.forms.ccpo_user import CCPOUserForm
|
||||
from atst.models.permissions import Permissions
|
||||
from atst.utils.context_processors import atat as atat_context_processor
|
||||
from atst.utils.flash import formatted_flash as flash
|
||||
|
||||
|
||||
bp = Blueprint("ccpo", __name__)
|
||||
bp.context_processor(atat_context_processor)
|
||||
|
||||
|
||||
@bp.route("/activity-history")
|
||||
@user_can(Permissions.VIEW_AUDIT_LOG, message="view activity log")
|
||||
def activity_history():
|
||||
pagination_opts = Paginator.get_pagination_opts(request)
|
||||
audit_events = AuditLog.get_all_events(pagination_opts)
|
||||
return render_template("audit_log/audit_log.html", audit_events=audit_events)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users")
|
||||
@user_can(Permissions.VIEW_CCPO_USER, message="view ccpo users")
|
||||
def ccpo_users():
|
||||
users = Users.get_ccpo_users()
|
||||
return render_template("ccpo/users.html", users=users)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users/new")
|
||||
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
|
||||
def add_new_ccpo_user():
|
||||
form = CCPOUserForm()
|
||||
return render_template("ccpo/add_user.html", form=form)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users/new", methods=["POST"])
|
||||
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
|
||||
def submit_add_new_ccpo_user():
|
||||
try:
|
||||
new_user = Users.get_by_dod_id(request.form["dod_id"])
|
||||
form = CCPOUserForm(obj=new_user)
|
||||
except NotFoundError:
|
||||
new_user = None
|
||||
form = CCPOUserForm()
|
||||
|
||||
return render_template("ccpo/confirm_user.html", new_user=new_user, form=form)
|
||||
|
||||
|
||||
@bp.route("/ccpo-users/confirm-new", methods=["POST"])
|
||||
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
|
||||
def confirm_new_ccpo_user():
|
||||
user = Users.get_by_dod_id(request.form["dod_id"])
|
||||
Users.update_ccpo_permissions(user, add_perms=True)
|
||||
flash("ccpo_user_added", user_name=user.full_name)
|
||||
return redirect(url_for("ccpo.ccpo_users"))
|
@ -4,6 +4,6 @@
|
||||
{% block content %}
|
||||
<div v-cloak>
|
||||
{% include "fragments/audit_events_log.html" %}
|
||||
{{ Pagination(audit_events, url_for('atst.activity_history'))}}
|
||||
{{ Pagination(audit_events, url_for('ccpo.activity_history'))}}
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
@ -3,7 +3,7 @@
|
||||
{% from "components/text_input.html" import TextInput %}
|
||||
|
||||
{% block content %}
|
||||
<form id="add-ccpo-user-form" action="{{ url_for('atst.submit_add_new_ccpo_user') }}" method="POST">
|
||||
<form id="add-ccpo-user-form" action="{{ url_for('ccpo.submit_add_new_ccpo_user') }}" method="POST">
|
||||
{{ form.csrf_token }}
|
||||
<h1>Add new CCPO user</h1>
|
||||
<div class='form-row'>
|
||||
@ -17,7 +17,7 @@
|
||||
v-bind:disabled="invalid"
|
||||
class='action-group__action usa-button'
|
||||
value='Next'>
|
||||
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('atst.ccpo_users') }}">{{ "common.cancel" | translate }}</a>
|
||||
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('ccpo.ccpo_users') }}">{{ "common.cancel" | translate }}</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -6,7 +6,7 @@
|
||||
{% block content %}
|
||||
{% if new_user %}
|
||||
{% call Alert('Confirm new CCPO user') %}
|
||||
<form id="add-ccpo-user-form" action="{{ url_for('atst.confirm_new_ccpo_user') }}" method="POST">
|
||||
<form id="add-ccpo-user-form" action="{{ url_for('ccpo.confirm_new_ccpo_user') }}" method="POST">
|
||||
{{ form.csrf_token }}
|
||||
<input type="hidden" name="dod_id" value="{{ form.dod_id.data }}">
|
||||
<div>
|
||||
@ -26,7 +26,7 @@
|
||||
v-bind:disabled="invalid"
|
||||
class='action-group__action usa-button'
|
||||
value='Confirm and Add User'>
|
||||
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('atst.ccpo_users') }}">{{ "common.cancel" | translate }}</a>
|
||||
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('ccpo.ccpo_users') }}">{{ "common.cancel" | translate }}</a>
|
||||
</div>
|
||||
</form>
|
||||
{% endcall %}
|
||||
@ -34,7 +34,7 @@
|
||||
{% call Alert('User not found') %}
|
||||
To add someone as a CCPO user, they must already have an ATAT account.
|
||||
<div class='action-group'>
|
||||
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('atst.ccpo_users') }}">
|
||||
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('ccpo.ccpo_users') }}">
|
||||
Return to list of CCPO users
|
||||
</a>
|
||||
</div>
|
||||
|
@ -31,7 +31,7 @@
|
||||
</div>
|
||||
|
||||
{% if user_can(permissions.CREATE_CCPO_USER) %}
|
||||
<a class="icon-link modal-link" href="{{ url_for('atst.add_new_ccpo_user')}}">
|
||||
<a class="icon-link modal-link" href="{{ url_for('ccpo.add_new_ccpo_user')}}">
|
||||
Add new CCPO user {{ Icon("plus") }}
|
||||
</a>
|
||||
{% endif %}
|
||||
|
@ -110,53 +110,53 @@ def post_url_assert_status(client, user_session):
|
||||
return _get_url_assert_status
|
||||
|
||||
|
||||
# atst.activity_history
|
||||
# ccpo.activity_history
|
||||
def test_atst_activity_history_access(get_url_assert_status):
|
||||
ccpo = user_with(PermissionSets.VIEW_AUDIT_LOG)
|
||||
rando = user_with()
|
||||
|
||||
url = url_for("atst.activity_history")
|
||||
url = url_for("ccpo.activity_history")
|
||||
get_url_assert_status(ccpo, url, 200)
|
||||
get_url_assert_status(rando, url, 404)
|
||||
|
||||
|
||||
# atst.ccpo_users
|
||||
def test_atst_ccpo_users_access(get_url_assert_status):
|
||||
# ccpo.ccpo_users
|
||||
def test_ccpo_ccpo_users_access(get_url_assert_status):
|
||||
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
|
||||
rando = user_with()
|
||||
|
||||
url = url_for("atst.ccpo_users")
|
||||
url = url_for("ccpo.ccpo_users")
|
||||
get_url_assert_status(ccpo, url, 200)
|
||||
get_url_assert_status(rando, url, 404)
|
||||
|
||||
|
||||
# atst.add_new_ccpo_user
|
||||
def test_atst_add_new_ccpo_user_access(get_url_assert_status):
|
||||
# ccpo.add_new_ccpo_user
|
||||
def test_ccpo_add_new_ccpo_user_access(get_url_assert_status):
|
||||
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
|
||||
rando = user_with()
|
||||
|
||||
url = url_for("atst.add_new_ccpo_user")
|
||||
url = url_for("ccpo.add_new_ccpo_user")
|
||||
get_url_assert_status(ccpo, url, 200)
|
||||
get_url_assert_status(rando, url, 404)
|
||||
|
||||
|
||||
# atst.submit_add_new_ccpo_user
|
||||
def test_atst_submit_add_new_ccpo_user_access(post_url_assert_status):
|
||||
# ccpo.submit_add_new_ccpo_user
|
||||
def test_ccpo_submit_add_new_ccpo_user_access(post_url_assert_status):
|
||||
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
|
||||
rando = user_with()
|
||||
|
||||
url = url_for("atst.submit_add_new_ccpo_user")
|
||||
url = url_for("ccpo.submit_add_new_ccpo_user")
|
||||
post_url_assert_status(ccpo, url, 200, data={"dod_id": "1234567890"})
|
||||
post_url_assert_status(rando, url, 404, data={"dod_id": "1234567890"})
|
||||
|
||||
|
||||
# atst.confirm_new_ccpo_user
|
||||
def test_atst_confirm_new_ccpo_user_access(post_url_assert_status):
|
||||
# ccpo.confirm_new_ccpo_user
|
||||
def test_ccpo_confirm_new_ccpo_user_access(post_url_assert_status):
|
||||
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
|
||||
rando = user_with()
|
||||
user = UserFactory.create()
|
||||
|
||||
url = url_for("atst.confirm_new_ccpo_user")
|
||||
url = url_for("ccpo.confirm_new_ccpo_user")
|
||||
post_url_assert_status(ccpo, url, 302, data={"dod_id": user.dod_id})
|
||||
post_url_assert_status(rando, url, 404, data={"dod_id": user.dod_id})
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user