pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move ccpo routes into their own file

Browse Source
This commit is contained in:
leigh-mil 2019-08-08 10:52:34 -04:00
parent 5b008e044a
commit 1f8337485f
8 changed files with 81 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
atst/app.py
View File

@ -18,6 +18,7 @@ from atst.routes.applications import applications_bp
from atst.routes.dev import bp as dev_routes from atst.routes.dev import bp as dev_routes
from atst.routes.users import bp as user_routes from atst.routes.users import bp as user_routes
from atst.routes.errors import make_error_pages from atst.routes.errors import make_error_pages
from atst.routes.ccpo import bp as ccpo_routes
from atst.domain.authnid.crl import CRLCache, NoOpCRLCache from atst.domain.authnid.crl import CRLCache, NoOpCRLCache
from atst.domain.auth import apply_authentication from atst.domain.auth import apply_authentication
from atst.domain.authz import Authorization from atst.domain.authz import Authorization
@ -78,6 +79,7 @@ def make_app(config):
app.register_blueprint(task_orders_bp) app.register_blueprint(task_orders_bp)
app.register_blueprint(applications_bp) app.register_blueprint(applications_bp)
app.register_blueprint(user_routes) app.register_blueprint(user_routes)
app.register_blueprint(ccpo_routes)
if ENV != "prod": if ENV != "prod":
app.register_blueprint(dev_routes) app.register_blueprint(dev_routes)

44
atst/routes/__init__.py
View File

@ -128,50 +128,6 @@ def logout():
return response return response
@bp.route("/activity-history")
@user_can(Permissions.VIEW_AUDIT_LOG, message="view activity log")
def activity_history():
pagination_opts = Paginator.get_pagination_opts(request)
audit_events = AuditLog.get_all_events(pagination_opts)
return render_template("audit_log/audit_log.html", audit_events=audit_events)
@bp.route("/ccpo-users")
@user_can(Permissions.VIEW_CCPO_USER, message="view ccpo users")
def ccpo_users():
users = Users.get_ccpo_users()
return render_template("ccpo/users.html", users=users)
@bp.route("/ccpo-users/new")
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
def add_new_ccpo_user():
form = CCPOUserForm()
return render_template("ccpo/add_user.html", form=form)
@bp.route("/ccpo-users/new", methods=["POST"])
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
def submit_add_new_ccpo_user():
try:
new_user = Users.get_by_dod_id(request.form["dod_id"])
form = CCPOUserForm(obj=new_user)
except NotFoundError:
new_user = None
form = CCPOUserForm()
return render_template("ccpo/confirm_user.html", new_user=new_user, form=form)
@bp.route("/ccpo-users/confirm-new", methods=["POST"])
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
def confirm_new_ccpo_user():
user = Users.get_by_dod_id(request.form["dod_id"])
Users.update_ccpo_permissions(user, add_perms=True)
flash("ccpo_user_added", user_name=user.full_name)
return redirect(url_for("atst.ccpo_users"))
@bp.route("/about") @bp.route("/about")
def about(): def about():
return render_template("about.html") return render_template("about.html")

58
atst/routes/ccpo.py Normal file
View File

@ -0,0 +1,58 @@
from flask import Blueprint, render_template, redirect, url_for, request
from atst.domain.users import Users
from atst.domain.audit_log import AuditLog
from atst.domain.common import Paginator
from atst.domain.exceptions import NotFoundError
from atst.domain.authz.decorator import user_can_access_decorator as user_can
from atst.forms.ccpo_user import CCPOUserForm
from atst.models.permissions import Permissions
from atst.utils.context_processors import atat as atat_context_processor
from atst.utils.flash import formatted_flash as flash
bp = Blueprint("ccpo", __name__)
bp.context_processor(atat_context_processor)
@bp.route("/activity-history")
@user_can(Permissions.VIEW_AUDIT_LOG, message="view activity log")
def activity_history():
pagination_opts = Paginator.get_pagination_opts(request)
audit_events = AuditLog.get_all_events(pagination_opts)
return render_template("audit_log/audit_log.html", audit_events=audit_events)
@bp.route("/ccpo-users")
@user_can(Permissions.VIEW_CCPO_USER, message="view ccpo users")
def ccpo_users():
users = Users.get_ccpo_users()
return render_template("ccpo/users.html", users=users)
@bp.route("/ccpo-users/new")
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
def add_new_ccpo_user():
form = CCPOUserForm()
return render_template("ccpo/add_user.html", form=form)
@bp.route("/ccpo-users/new", methods=["POST"])
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
def submit_add_new_ccpo_user():
try:
new_user = Users.get_by_dod_id(request.form["dod_id"])
form = CCPOUserForm(obj=new_user)
except NotFoundError:
new_user = None
form = CCPOUserForm()
return render_template("ccpo/confirm_user.html", new_user=new_user, form=form)
@bp.route("/ccpo-users/confirm-new", methods=["POST"])
@user_can(Permissions.CREATE_CCPO_USER, message="create ccpo user")
def confirm_new_ccpo_user():
user = Users.get_by_dod_id(request.form["dod_id"])
Users.update_ccpo_permissions(user, add_perms=True)
flash("ccpo_user_added", user_name=user.full_name)
return redirect(url_for("ccpo.ccpo_users"))

2
templates/audit_log/audit_log.html
View File

@ -4,6 +4,6 @@
{% block content %} {% block content %}
<div v-cloak> <div v-cloak>
{% include "fragments/audit_events_log.html" %} {% include "fragments/audit_events_log.html" %}
{{ Pagination(audit_events, url_for('atst.activity_history'))}} {{ Pagination(audit_events, url_for('ccpo.activity_history'))}}
</div> </div>
{% endblock %} {% endblock %}

4
templates/ccpo/add_user.html
View File

@ -3,7 +3,7 @@
{% from "components/text_input.html" import TextInput %} {% from "components/text_input.html" import TextInput %}
{% block content %} {% block content %}
<form id="add-ccpo-user-form" action="{{ url_for('atst.submit_add_new_ccpo_user') }}" method="POST"> <form id="add-ccpo-user-form" action="{{ url_for('ccpo.submit_add_new_ccpo_user') }}" method="POST">
{{ form.csrf_token }} {{ form.csrf_token }}
<h1>Add new CCPO user</h1> <h1>Add new CCPO user</h1>
<div class='form-row'> <div class='form-row'>
@ -17,7 +17,7 @@
v-bind:disabled="invalid" v-bind:disabled="invalid"
class='action-group__action usa-button' class='action-group__action usa-button'
value='Next'> value='Next'>
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('atst.ccpo_users') }}">{{ "common.cancel" | translate }}</a> <a class='action-group__action icon-link icon-link--default' href="{{ url_for('ccpo.ccpo_users') }}">{{ "common.cancel" | translate }}</a>
</div> </div>
</div> </div>
</div> </div>

6
templates/ccpo/confirm_user.html
View File

@ -6,7 +6,7 @@
{% block content %} {% block content %}
{% if new_user %} {% if new_user %}
{% call Alert('Confirm new CCPO user') %} {% call Alert('Confirm new CCPO user') %}
<form id="add-ccpo-user-form" action="{{ url_for('atst.confirm_new_ccpo_user') }}" method="POST"> <form id="add-ccpo-user-form" action="{{ url_for('ccpo.confirm_new_ccpo_user') }}" method="POST">
{{ form.csrf_token }} {{ form.csrf_token }}
<input type="hidden" name="dod_id" value="{{ form.dod_id.data }}"> <input type="hidden" name="dod_id" value="{{ form.dod_id.data }}">
<div> <div>
@ -26,7 +26,7 @@
v-bind:disabled="invalid" v-bind:disabled="invalid"
class='action-group__action usa-button' class='action-group__action usa-button'
value='Confirm and Add User'> value='Confirm and Add User'>
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('atst.ccpo_users') }}">{{ "common.cancel" | translate }}</a> <a class='action-group__action icon-link icon-link--default' href="{{ url_for('ccpo.ccpo_users') }}">{{ "common.cancel" | translate }}</a>
</div> </div>
</form> </form>
{% endcall %} {% endcall %}
@ -34,7 +34,7 @@
{% call Alert('User not found') %} {% call Alert('User not found') %}
To add someone as a CCPO user, they must already have an ATAT account. To add someone as a CCPO user, they must already have an ATAT account.
<div class='action-group'> <div class='action-group'>
<a class='action-group__action icon-link icon-link--default' href="{{ url_for('atst.ccpo_users') }}"> <a class='action-group__action icon-link icon-link--default' href="{{ url_for('ccpo.ccpo_users') }}">
Return to list of CCPO users Return to list of CCPO users
</a> </a>
</div> </div>

2
templates/ccpo/users.html
View File

@ -31,7 +31,7 @@
</div> </div>
{% if user_can(permissions.CREATE_CCPO_USER) %} {% if user_can(permissions.CREATE_CCPO_USER) %}
<a class="icon-link modal-link" href="{{ url_for('atst.add_new_ccpo_user')}}"> <a class="icon-link modal-link" href="{{ url_for('ccpo.add_new_ccpo_user')}}">
Add new CCPO user {{ Icon("plus") }} Add new CCPO user {{ Icon("plus") }}
</a> </a>
{% endif %} {% endif %}

28
tests/test_access.py
View File

@ -110,53 +110,53 @@ def post_url_assert_status(client, user_session):
return _get_url_assert_status return _get_url_assert_status
# atst.activity_history # ccpo.activity_history
def test_atst_activity_history_access(get_url_assert_status): def test_atst_activity_history_access(get_url_assert_status):
ccpo = user_with(PermissionSets.VIEW_AUDIT_LOG) ccpo = user_with(PermissionSets.VIEW_AUDIT_LOG)
rando = user_with() rando = user_with()
url = url_for("atst.activity_history") url = url_for("ccpo.activity_history")
get_url_assert_status(ccpo, url, 200) get_url_assert_status(ccpo, url, 200)
get_url_assert_status(rando, url, 404) get_url_assert_status(rando, url, 404)
# atst.ccpo_users # ccpo.ccpo_users
def test_atst_ccpo_users_access(get_url_assert_status): def test_ccpo_ccpo_users_access(get_url_assert_status):
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS) ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
rando = user_with() rando = user_with()
url = url_for("atst.ccpo_users") url = url_for("ccpo.ccpo_users")
get_url_assert_status(ccpo, url, 200) get_url_assert_status(ccpo, url, 200)
get_url_assert_status(rando, url, 404) get_url_assert_status(rando, url, 404)
# atst.add_new_ccpo_user # ccpo.add_new_ccpo_user
def test_atst_add_new_ccpo_user_access(get_url_assert_status): def test_ccpo_add_new_ccpo_user_access(get_url_assert_status):
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS) ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
rando = user_with() rando = user_with()
url = url_for("atst.add_new_ccpo_user") url = url_for("ccpo.add_new_ccpo_user")
get_url_assert_status(ccpo, url, 200) get_url_assert_status(ccpo, url, 200)
get_url_assert_status(rando, url, 404) get_url_assert_status(rando, url, 404)
# atst.submit_add_new_ccpo_user # ccpo.submit_add_new_ccpo_user
def test_atst_submit_add_new_ccpo_user_access(post_url_assert_status): def test_ccpo_submit_add_new_ccpo_user_access(post_url_assert_status):
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS) ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
rando = user_with() rando = user_with()
url = url_for("atst.submit_add_new_ccpo_user") url = url_for("ccpo.submit_add_new_ccpo_user")
post_url_assert_status(ccpo, url, 200, data={"dod_id": "1234567890"}) post_url_assert_status(ccpo, url, 200, data={"dod_id": "1234567890"})
post_url_assert_status(rando, url, 404, data={"dod_id": "1234567890"}) post_url_assert_status(rando, url, 404, data={"dod_id": "1234567890"})
# atst.confirm_new_ccpo_user # ccpo.confirm_new_ccpo_user
def test_atst_confirm_new_ccpo_user_access(post_url_assert_status): def test_ccpo_confirm_new_ccpo_user_access(post_url_assert_status):
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS) ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
rando = user_with() rando = user_with()
user = UserFactory.create() user = UserFactory.create()
url = url_for("atst.confirm_new_ccpo_user") url = url_for("ccpo.confirm_new_ccpo_user")
post_url_assert_status(ccpo, url, 302, data={"dod_id": user.dod_id}) post_url_assert_status(ccpo, url, 302, data={"dod_id": user.dod_id})
post_url_assert_status(rando, url, 404, data={"dod_id": user.dod_id}) post_url_assert_status(rando, url, 404, data={"dod_id": user.dod_id})