pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #809 from dod-ccpo/resource-finder

Browse Source 
Resource finder
This commit is contained in:
dandds
2019-05-10 06:07:45 -04:00
committed by GitHub
parent d3b775150c 2d99b5cfc5
commit 2435f91b13
9 changed files with 191 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
atst/utils/context_processors.py
View File

@@ -1,33 +1,51 @@
from operator import attrgetter
from flask import request as http_request, g
from flask import g
from sqlalchemy.orm.exc import NoResultFound
from atst.database import db
from atst.domain.authz import Authorization
from atst.models import Application, Environment, Portfolio, TaskOrder
from atst.models.permissions import Permissions
from atst.domain.portfolios.scopes import ScopedPortfolio
from atst.models import (
Application,
Environment,
Permissions,
Portfolio,
PortfolioInvitation,
PortfolioRole,
TaskOrder,
)
def get_portfolio_from_context(view_args):
def get_resources_from_context(view_args):
query = None
if "portfolio_id" in view_args:
if "portfolio_token" in view_args:
query = (
db.session.query(Portfolio)
.join(PortfolioRole, PortfolioRole.portfolio_id == Portfolio.id)
.join(
PortfolioInvitation,
PortfolioInvitation.portfolio_role_id == PortfolioRole.id,
)
.filter(PortfolioInvitation.token == view_args["portfolio_token"])
)
elif "portfolio_id" in view_args:
query = db.session.query(Portfolio).filter(
Portfolio.id == view_args["portfolio_id"]
)
elif "application_id" in view_args:
query = (
db.session.query(Portfolio)
db.session.query(Portfolio, Application)
.join(Application, Application.portfolio_id == Portfolio.id)
.filter(Application.id == view_args["application_id"])
)
elif "environment_id" in view_args:
query = (
db.session.query(Portfolio)
db.session.query(Portfolio, Application)
.join(Application, Application.portfolio_id == Portfolio.id)
.join(Environment, Environment.application_id == Application.id)
.filter(Environment.id == view_args["environment_id"])
@@ -35,33 +53,51 @@ def get_portfolio_from_context(view_args):
elif "task_order_id" in view_args:
query = (
db.session.query(Portfolio)
db.session.query(Portfolio, TaskOrder)
.join(TaskOrder, TaskOrder.portfolio_id == Portfolio.id)
.filter(TaskOrder.id == view_args["task_order_id"])
)
if query:
try:
portfolio = query.one()
return ScopedPortfolio(g.current_user, portfolio)
return query.only_return_tuples(True).one()
except NoResultFound:
raise NotFoundError("portfolio")
def assign_resources(view_args):
g.portfolio = None
g.application = None
g.task_order = None
resources = get_resources_from_context(view_args)
if resources:
for resource in resources:
if isinstance(resource, Portfolio):
g.portfolio = ScopedPortfolio(g.current_user, resource)
elif isinstance(resource, Application):
g.application = resource
elif isinstance(resource, TaskOrder):
g.task_order = resource
def user_can_view(permission):
if g.application:
return Authorization.has_application_permission(
g.current_user, g.application, permission
)
elif g.portfolio:
return Authorization.has_portfolio_permission(
g.current_user, g.portfolio, permission
)
else:
return Authorization.has_atat_permission(g.current_user, permission)
def portfolio():
portfolio = get_portfolio_from_context(http_request.view_args)
def user_can(permission):
if portfolio:
return Authorization.has_portfolio_permission(
g.current_user, portfolio, permission
)
return False
if not portfolio is None:
if g.portfolio is not None:
active_task_orders = [
task_order for task_order in portfolio.task_orders if task_order.is_active
task_order for task_order in g.portfolio.task_orders if task_order.is_active
]
funding_end_date = (
sorted(active_task_orders, key=attrgetter("end_date"))[-1].end_date
@@ -74,9 +110,9 @@ def portfolio():
funded = None
return {
"portfolio": portfolio,
"portfolio": g.portfolio,
"permissions": Permissions,
"user_can": user_can,
"user_can": user_can_view,
"funding_end_date": funding_end_date,
"funded": funded,
}