diff --git a/atst/routes/portfolios/index.py b/atst/routes/portfolios/index.py index 8dc37ade..f34fe316 100644 --- a/atst/routes/portfolios/index.py +++ b/atst/routes/portfolios/index.py @@ -90,6 +90,20 @@ def portfolio_admin(portfolio_id): return render_admin_page(portfolio) +def permission_set_has_changed(old_perm_set_names, new_perm_set_names): + has_changed = False + for perm_name in new_perm_set_names: + base = perm_name[4:] + if perm_name.split("_")[0] == "edit": + if perm_name not in old_perm_set_names: + has_changed = True + elif perm_name.split("_")[0] == "view": + edit_version = "edit" + base + if edit_version in old_perm_set_names: + has_changed = True + return has_changed + + @portfolios_bp.route("/portfolios//admin", methods=["POST"]) @user_can(Permissions.EDIT_PORTFOLIO_USERS, message="view portfolio admin page") def edit_portfolio_members(portfolio_id): diff --git a/tests/routes/portfolios/test_admin.py b/tests/routes/portfolios/test_admin.py index 1adeaa73..8096e62d 100644 --- a/tests/routes/portfolios/test_admin.py +++ b/tests/routes/portfolios/test_admin.py @@ -1,6 +1,7 @@ from flask import url_for from atst.domain.permission_sets import PermissionSets +from atst.routes.portfolios.index import permission_set_has_changed from tests.factories import PortfolioFactory, PortfolioRoleFactory, UserFactory @@ -28,6 +29,32 @@ def test_member_table_access(client, user_session): assert "