Add check to see if KO can sign the TO and update tests

atst/domain/task_orders.py

@@ -120,6 +120,14 @@ class TaskOrders(object):
 
         return True
 
+    @classmethod
+    def can_ko_sign(cls, task_order):
+        return (
+            TaskOrders.all_sections_complete(task_order)
+            and DD254s.is_complete(task_order.dd_254)
+            and not TaskOrders.is_signed_by_ko(task_order)
+        )
+
     @classmethod
     def is_signed_by_ko(cls, task_order):
         return task_order.signer_dod_id is not None

atst/routes/portfolios/task_orders.py

@@ -108,7 +108,9 @@ def submit_ko_review(portfolio_id, task_order_id, form=None):
 
     if form.validate():
         TaskOrders.update(user=g.current_user, task_order=task_order, **form.data)
-        if Authorization.is_ko(g.current_user, task_order):
+        if Authorization.is_ko(g.current_user, task_order) and TaskOrders.can_ko_sign(
+            task_order
+        ):
             return redirect(
                 url_for("task_orders.signature_requested", task_order_id=task_order_id)
             )

atst/routes/task_orders/signing.py

@@ -4,7 +4,7 @@ import datetime
 
 from . import task_orders_bp
 from atst.domain.authz import Authorization
-from atst.domain.exceptions import NotFoundError
+from atst.domain.exceptions import NoAccessError
 from atst.domain.task_orders import TaskOrders
 from atst.forms.task_order import SignatureForm
 from atst.utils.flash import formatted_flash as flash
@@ -14,8 +14,8 @@ def find_unsigned_ko_to(task_order_id):
     task_order = TaskOrders.get(g.current_user, task_order_id)
     Authorization.check_is_ko(g.current_user, task_order)
 
-    if TaskOrders.is_signed_by_ko(task_order):
-        raise NotFoundError("task_order")
+    if not TaskOrders.can_ko_sign(task_order):
+        raise NoAccessError("task_order")
 
     return task_order