switch portfolio authorization to rely on new permission sets

2019-03-11 17:25:35 -04:00
parent 6805041b13
commit 44a4d98978
22 changed files with 204 additions and 112 deletions
--- a/tests/factories.py
+++ b/tests/factories.py
@@ -14,7 +14,13 @@ from atst.models.task_order import TaskOrder
 from atst.models.user import User
 from atst.models.role import Role
 from atst.models.portfolio import Portfolio
-from atst.domain.roles import Roles, PORTFOLIO_ROLES
+from atst.domain.roles import (
+    Roles,
+    PORTFOLIO_ROLES,
+    PORTFOLIO_PERMISSION_SETS,
+    _VIEW_PORTFOLIO_PERMISSION_SETS,
+    _EDIT_PORTFOLIO_PERMISSION_SETS,
+)
 from atst.models.portfolio_role import PortfolioRole, Status as PortfolioRoleStatus
 from atst.models.environment_role import EnvironmentRole
 from atst.models.invitation import Invitation, Status as InvitationStatus
@@ -68,6 +74,14 @@ def random_portfolio_role():
    return Roles.get(choice["name"])


+def base_portfolio_permission_sets():
+    return [Roles.get(prms["name"]) for prms in _VIEW_PORTFOLIO_PERMISSION_SETS]
+
+
+def get_all_portfolio_permission_sets():
+    return [Roles.get(prms["name"]) for prms in PORTFOLIO_PERMISSION_SETS]
+
+
 class Base(factory.alchemy.SQLAlchemyModelFactory):
    @classmethod
    def dictionary(cls, **attrs):
@@ -124,16 +138,27 @@ class PortfolioFactory(Base):
            role=Roles.get("owner"),
            user=owner,
            status=PortfolioRoleStatus.ACTIVE,
+            permission_sets=get_all_portfolio_permission_sets(),
        )

        for member in members:
            user = member.get("user", UserFactory.create())
            role_name = member["role_name"]
+
+            perms_set = None
+            if member.get("permissions_sets"):
+                perms_set = [
+                    Roles.get(perm_set) for perm_set in member.get("permission_sets")
+                ]
+            else:
+                perms_set = []
+
            PortfolioRoleFactory.create(
                portfolio=portfolio,
                role=Roles.get(role_name),
                user=user,
                status=PortfolioRoleStatus.ACTIVE,
+                permission_sets=perms_set,
            )

        portfolio.applications = applications
@@ -189,6 +214,7 @@ class PortfolioRoleFactory(Base):
    role = factory.LazyFunction(random_portfolio_role)
    user = factory.SubFactory(UserFactory)
    status = PortfolioRoleStatus.PENDING
+    permission_sets = factory.LazyFunction(base_portfolio_permission_sets)


 class EnvironmentRoleFactory(Base):