richard-dds
GitHub
@@ -25,21 +25,21 @@ def styleguide():
|
||||
return render_template("styleguide.html")
|
||||
|
||||
|
||||
@bp.route('/<path:path>')
|
||||
@bp.route("/<path:path>")
|
||||
def catch_all(path):
|
||||
return render_template("{}.html".format(path))
|
||||
|
||||
|
||||
def _make_authentication_context():
|
||||
return AuthenticationContext(
|
||||
crl_cache=app.crl_cache,
|
||||
auth_status=request.environ.get("HTTP_X_SSL_CLIENT_VERIFY"),
|
||||
sdn=request.environ.get("HTTP_X_SSL_CLIENT_S_DN"),
|
||||
cert=request.environ.get("HTTP_X_SSL_CLIENT_CERT")
|
||||
crl_cache=app.crl_cache,
|
||||
auth_status=request.environ.get("HTTP_X_SSL_CLIENT_VERIFY"),
|
||||
sdn=request.environ.get("HTTP_X_SSL_CLIENT_S_DN"),
|
||||
cert=request.environ.get("HTTP_X_SSL_CLIENT_CERT"),
|
||||
)
|
||||
|
||||
|
||||
@bp.route('/login-redirect')
|
||||
@bp.route("/login-redirect")
|
||||
def login_redirect():
|
||||
auth_context = _make_authentication_context()
|
||||
auth_context.authenticate()
|
||||
@@ -53,7 +53,7 @@ def login_redirect():
|
||||
|
||||
|
||||
def _is_valid_certificate(request):
|
||||
cert = request.environ.get('HTTP_X_SSL_CLIENT_CERT')
|
||||
cert = request.environ.get("HTTP_X_SSL_CLIENT_CERT")
|
||||
if cert:
|
||||
result = app.crl_validator.validate(cert.encode())
|
||||
return result
|
||||
|
||||
@@ -10,45 +10,46 @@ _DEV_USERS = {
|
||||
"first_name": "Sam",
|
||||
"last_name": "Seeceepio",
|
||||
"atat_role_name": "ccpo",
|
||||
"email": "sam@test.com"
|
||||
"email": "sam@test.com",
|
||||
},
|
||||
"amanda": {
|
||||
"dod_id": "2345678901",
|
||||
"first_name": "Amanda",
|
||||
"last_name": "Adamson",
|
||||
"atat_role_name": "default",
|
||||
"email": "amanda@test.com"
|
||||
"email": "amanda@test.com",
|
||||
},
|
||||
"brandon": {
|
||||
"dod_id": "3456789012",
|
||||
"first_name": "Brandon",
|
||||
"last_name": "Buchannan",
|
||||
"atat_role_name": "default",
|
||||
"email": "brandon@test.com"
|
||||
"email": "brandon@test.com",
|
||||
},
|
||||
"christina": {
|
||||
"dod_id": "4567890123",
|
||||
"first_name": "Christina",
|
||||
"last_name": "Collins",
|
||||
"atat_role_name": "default",
|
||||
"email": "christina@test.com"
|
||||
"email": "christina@test.com",
|
||||
},
|
||||
"dominick": {
|
||||
"dod_id": "5678901234",
|
||||
"first_name": "Dominick",
|
||||
"last_name": "Domingo",
|
||||
"atat_role_name": "default",
|
||||
"email": "dominick@test.com"
|
||||
"email": "dominick@test.com",
|
||||
},
|
||||
"erica": {
|
||||
"dod_id": "6789012345",
|
||||
"first_name": "Erica",
|
||||
"last_name": "Eichner",
|
||||
"atat_role_name": "default",
|
||||
"email": "erica@test.com"
|
||||
"email": "erica@test.com",
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@bp.route("/login-dev")
|
||||
def login_dev():
|
||||
role = request.args.get("username", "amanda")
|
||||
@@ -58,7 +59,7 @@ def login_dev():
|
||||
atat_role_name=user_data["atat_role_name"],
|
||||
first_name=user_data["first_name"],
|
||||
last_name=user_data["last_name"],
|
||||
email=user_data["email"]
|
||||
email=user_data["email"],
|
||||
)
|
||||
session["user_id"] = user.id
|
||||
|
||||
|
||||
@@ -11,11 +11,10 @@ def make_error_pages(app):
|
||||
app.logger.error(e.message)
|
||||
return render_template("not_found.html"), 404
|
||||
|
||||
|
||||
@app.errorhandler(exceptions.UnauthenticatedError)
|
||||
# pylint: disable=unused-variable
|
||||
def unauthorized(e):
|
||||
app.logger.error(e.message)
|
||||
return render_template('unauthenticated.html'), 401
|
||||
return render_template("unauthenticated.html"), 401
|
||||
|
||||
return app
|
||||
|
||||
@@ -8,6 +8,7 @@ from . import index
|
||||
from . import requests_form
|
||||
from . import financial_verification
|
||||
|
||||
|
||||
@requests_bp.context_processor
|
||||
def annual_spend_threshold():
|
||||
return { "annual_spend_threshold": Requests.ANNUAL_SPEND_THRESHOLD }
|
||||
return {"annual_spend_threshold": Requests.ANNUAL_SPEND_THRESHOLD}
|
||||
|
||||
@@ -43,7 +43,13 @@ def update_financial_verification(request_id):
|
||||
if valid:
|
||||
Requests.submit_financial_verification(request_id)
|
||||
new_workspace = Requests.approve_and_create_workspace(updated_request)
|
||||
return redirect(url_for("workspaces.workspace_projects", workspace_id=new_workspace.id, newWorkspace=True))
|
||||
return redirect(
|
||||
url_for(
|
||||
"workspaces.workspace_projects",
|
||||
workspace_id=new_workspace.id,
|
||||
newWorkspace=True,
|
||||
)
|
||||
)
|
||||
|
||||
else:
|
||||
form.reset()
|
||||
|
||||
@@ -15,6 +15,11 @@ def map_request(request):
|
||||
"requests.requests_form_update", screen=1, request_id=request.id
|
||||
)
|
||||
verify_url = url_for("requests.financial_verification", request_id=request.id)
|
||||
edit_link = (
|
||||
verify_url
|
||||
if Requests.is_pending_financial_verification(request)
|
||||
else update_url
|
||||
)
|
||||
|
||||
return {
|
||||
"order_id": request.id,
|
||||
@@ -24,15 +29,16 @@ def map_request(request):
|
||||
"date": time_created.format("M/DD/YYYY"),
|
||||
"full_name": request.creator.full_name,
|
||||
"annual_usage": annual_usage,
|
||||
"edit_link": verify_url if Requests.is_pending_financial_verification(
|
||||
request
|
||||
) else update_url,
|
||||
"edit_link": edit_link,
|
||||
}
|
||||
|
||||
|
||||
@requests_bp.route("/requests", methods=["GET"])
|
||||
def requests_index():
|
||||
if Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST in g.current_user.atat_permissions:
|
||||
if (
|
||||
Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST
|
||||
in g.current_user.atat_permissions
|
||||
):
|
||||
return _ccpo_view()
|
||||
|
||||
else:
|
||||
|
||||
@@ -129,7 +129,9 @@ class JEDIRequestFlow(object):
|
||||
if section == "primary_poc":
|
||||
if data.get("am_poc", False):
|
||||
try:
|
||||
request_user_info = self.existing_request.body.get("information_about_you", {})
|
||||
request_user_info = self.existing_request.body.get(
|
||||
"information_about_you", {}
|
||||
)
|
||||
except AttributeError:
|
||||
request_user_info = {}
|
||||
|
||||
|
||||
@@ -6,7 +6,12 @@ from atst.routes.requests.jedi_request_flow import JEDIRequestFlow
|
||||
from atst.models.permissions import Permissions
|
||||
from atst.models.request_status_event import RequestStatus
|
||||
from atst.domain.exceptions import UnauthorizedError
|
||||
from atst.forms.data import SERVICE_BRANCHES, ASSISTANCE_ORG_TYPES, DATA_TRANSFER_AMOUNTS, COMPLETION_DATE_RANGES
|
||||
from atst.forms.data import (
|
||||
SERVICE_BRANCHES,
|
||||
ASSISTANCE_ORG_TYPES,
|
||||
DATA_TRANSFER_AMOUNTS,
|
||||
COMPLETION_DATE_RANGES,
|
||||
)
|
||||
|
||||
|
||||
@requests_bp.route("/requests/new/<int:screen>", methods=["GET"])
|
||||
@@ -27,6 +32,7 @@ def requests_form_new(screen):
|
||||
completion_date_ranges=COMPLETION_DATE_RANGES,
|
||||
)
|
||||
|
||||
|
||||
@requests_bp.route(
|
||||
"/requests/new/<int:screen>", methods=["GET"], defaults={"request_id": None}
|
||||
)
|
||||
@@ -36,7 +42,9 @@ def requests_form_update(screen=1, request_id=None):
|
||||
_check_can_view_request(request_id)
|
||||
|
||||
request = Requests.get(request_id) if request_id is not None else None
|
||||
jedi_flow = JEDIRequestFlow(screen, request=request, request_id=request_id, current_user=g.current_user)
|
||||
jedi_flow = JEDIRequestFlow(
|
||||
screen, request=request, request_id=request_id, current_user=g.current_user
|
||||
)
|
||||
|
||||
return render_template(
|
||||
"requests/screen-%d.html" % int(screen),
|
||||
@@ -114,10 +122,12 @@ def requests_submit(request_id=None):
|
||||
# TODO: generalize this, along with other authorizations, into a policy-pattern
|
||||
# for authorization in the application
|
||||
def _check_can_view_request(request_id):
|
||||
if Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST in g.current_user.atat_permissions:
|
||||
if (
|
||||
Permissions.REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST
|
||||
in g.current_user.atat_permissions
|
||||
):
|
||||
pass
|
||||
elif Requests.exists(request_id, g.current_user):
|
||||
pass
|
||||
else:
|
||||
raise UnauthorizedError(g.current_user, "view request {}".format(request_id))
|
||||
|
||||
|
||||
Reference in New Issue
Block a user