Merge pull request #832 from dod-ccpo/add-app-audit-log

Add app audit log
2019-05-22 15:07:47 -04:00
parent 2de4d1477a 7756ab8c28
commit 4df975acf9
26 changed files with 266 additions and 58 deletions
--- a/tests/domain/test_audit_log.py
+++ b/tests/domain/test_audit_log.py
@@ -1,14 +1,20 @@
 import pytest

+from atst.domain.applications import Applications
 from atst.domain.audit_log import AuditLog
 from atst.domain.exceptions import UnauthorizedError
 from atst.domain.permission_sets import PermissionSets
+from atst.domain.portfolios import Portfolios
 from atst.models.portfolio_role import Status as PortfolioRoleStatus
 from tests.factories import (
-    UserFactory,
+    ApplicationFactory,
+    ApplicationInvitationFactory,
+    ApplicationRoleFactory,
+    EnvironmentFactory,
+    EnvironmentRoleFactory,
    PortfolioFactory,
    PortfolioRoleFactory,
-    ApplicationFactory,
+    UserFactory,
 )


@@ -45,7 +51,7 @@ def test_paginate_ws_audit_log():
    assert len(events) == 25


-def test_ws_audit_log_only_includes_current_ws_events():
+def test_portfolio_audit_log_only_includes_current_portfolio_events():
    owner = UserFactory.create()
    portfolio = PortfolioFactory.create(owner=owner)
    other_portfolio = PortfolioFactory.create(owner=owner)
@@ -55,8 +61,59 @@ def test_ws_audit_log_only_includes_current_ws_events():

    events = AuditLog.get_portfolio_events(portfolio)
    for event in events:
-        assert event.portfolio_id == portfolio.id or event.resource_id == portfolio.id
+        assert event.portfolio_id == portfolio.id
        assert (
            not event.portfolio_id == other_portfolio.id
            or event.resource_id == other_portfolio.id
        )
+
+
+def test_get_portfolio_events_includes_app_and_env_events():
+    owner = UserFactory.create()
+    # add portfolio level events
+    portfolio = PortfolioFactory.create(owner=owner)
+    portfolio_events = AuditLog.get_portfolio_events(portfolio)
+
+    # add application level events
+    application = ApplicationFactory.create(portfolio=portfolio)
+    Applications.update(application, {"name": "Star Cruiser"})
+    app_role = ApplicationRoleFactory.create(application=application)
+    app_invite = ApplicationInvitationFactory.create(role=app_role)
+    portfolio_and_app_events = AuditLog.get_portfolio_events(portfolio)
+    assert len(portfolio_events) < len(portfolio_and_app_events)
+
+    # add environment level events
+    env = EnvironmentFactory.create(application=application)
+    env_role = EnvironmentRoleFactory.create(environment=env, user=app_role.user)
+    portfolio_app_and_env_events = AuditLog.get_portfolio_events(portfolio)
+    assert len(portfolio_and_app_events) < len(portfolio_app_and_env_events)
+
+    resource_types = [event.resource_type for event in portfolio_app_and_env_events]
+    assert "application" in resource_types
+    assert "application_role" in resource_types
+    assert "application_invitation" in resource_types
+    assert "environment" in resource_types
+    assert "environment_role" in resource_types
+
+
+def test_get_application_events():
+    # add in some portfolio level events
+    portfolio = PortfolioFactory.create()
+    Portfolios.update(portfolio, {"name": "New Name"})
+    # add app level events
+    application = ApplicationFactory.create(portfolio=portfolio)
+    Applications.update(application, {"name": "Star Cruiser"})
+    app_role = ApplicationRoleFactory.create(application=application)
+    app_invite = ApplicationInvitationFactory.create(role=app_role)
+    env = EnvironmentFactory.create(application=application)
+    env_role = EnvironmentRoleFactory.create(environment=env, user=app_role.user)
+    # add rando app
+    rando_app = ApplicationFactory.create(portfolio=portfolio)
+
+    events = AuditLog.get_application_events(application)
+    for event in events:
+        assert event.application_id == application.id
+        assert not event.application_id == rando_app.id
+
+    resource_types = [event.resource_type for event in events]
+    assert "portfolio" not in resource_types
--- a/tests/routes/applications/test_settings.py
+++ b/tests/routes/applications/test_settings.py
@@ -15,6 +15,7 @@ from atst.routes.applications.settings import check_users_are_in_application
 from atst.domain.applications import Applications
 from atst.domain.environment_roles import EnvironmentRoles
 from atst.domain.environments import Environments
+from atst.domain.common import Paginator
 from atst.domain.permission_sets import PermissionSets
 from atst.domain.portfolios import Portfolios
 from atst.domain.exceptions import NotFoundError
@@ -116,7 +117,7 @@ def test_edit_application_environments_obj(app, client, user_session):
        )

        assert response.status_code == 200
-        _, context = templates[0]
+        _, context = templates[-1]

        assert isinstance(context["members_form"], AppEnvRolesForm)
        env_obj = context["environments_obj"][0]
@@ -127,6 +128,7 @@ def test_edit_application_environments_obj(app, client, user_session):
            env_obj["members"].sort()
            == [env_role1.user.full_name, env_role2.user.full_name].sort()
        )
+        assert isinstance(context["audit_events"], Paginator)


 def test_data_for_app_env_roles_form(app, client, user_session):
@@ -156,7 +158,7 @@ def test_data_for_app_env_roles_form(app, client, user_session):
        )

        assert response.status_code == 200
-        _, context = templates[0]
+        _, context = templates[-1]

        members_form = context["members_form"]
        assert isinstance(members_form, AppEnvRolesForm)