Add route to update portfolio manager perms, add modal form to update in the UI

This commit is contained in:
leigh-mil 2020-01-07 16:41:07 -05:00
parent 05e7dab673
commit 56c213285f
6 changed files with 144 additions and 11 deletions

View File

@ -19,9 +19,6 @@ from atst.domain.exceptions import UnauthorizedError
def filter_perm_sets_data(member):
perm_sets_data = {
"perms_portfolio_mgmt": bool(
member.has_permission_set(PermissionSets.EDIT_PORTFOLIO_ADMIN)
),
"perms_app_mgmt": bool(
member.has_permission_set(
PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT
@ -33,6 +30,9 @@ def filter_perm_sets_data(member):
"perms_reporting": bool(
member.has_permission_set(PermissionSets.EDIT_PORTFOLIO_REPORTS)
),
"perms_portfolio_mgmt": bool(
member.has_permission_set(PermissionSets.EDIT_PORTFOLIO_ADMIN)
),
}
return perm_sets_data
@ -41,6 +41,7 @@ def filter_perm_sets_data(member):
def filter_members_data(members_list, portfolio):
members_data = []
for member in members_list:
permission_sets = filter_perm_sets_data(member)
members_data.append(
{
"role_id": member.id,
@ -48,7 +49,7 @@ def filter_members_data(members_list, portfolio):
"permission_sets": filter_perm_sets_data(member),
"status": member.display_status,
"ppoc": PermissionSets.PORTFOLIO_POC in member.permission_sets,
# add in stuff here for forms
"form": member_forms.PermissionsForm(permission_sets),
}
)
@ -166,3 +167,30 @@ def remove_member(portfolio_id, portfolio_role_id):
fragment="portfolio-members",
)
)
@portfolios_bp.route(
"/portfolios/<portfolio_id>/members/<portfolio_role_id>", methods=["POST"]
)
@user_can(Permissions.EDIT_PORTFOLIO_USERS, message="update portfolio members")
def update_member(portfolio_id, portfolio_role_id):
form_data = http_request.form
form = member_forms.PermissionsForm(formdata=form_data)
portfolio_role = PortfolioRoles.get_by_id(portfolio_role_id)
portfolio = Portfolios.get(user=g.current_user, portfolio_id=portfolio_id)
if form.validate() and portfolio.owner_role != portfolio_role:
PortfolioRoles.update(portfolio_role, form.data["permission_sets"])
flash("update_portfolio_member", member_name=portfolio_role.full_name)
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio_id,
_anchor="portfolio-members",
fragment="portfolio-members",
)
)
else:
flash("update_portfolio_member_error", member_name=portfolio_role.full_name)
return (render_admin_page(portfolio), 400)

View File

@ -153,6 +153,18 @@ MESSAGES = {
"message": "flash.task_order.submitted.message",
"category": "success",
},
"update_portfolio_member": {
"title_template": "Success!",
"message_template": """
You have successfully updated access permissions for {{ member_name }}.
""",
"category": "success",
},
"update_portfolio_member_error": {
"title_template": "Permissions for {{ member_name }} could not be updated",
"message_template": "An unexpected problem occurred with your request, please try again. If the problem persists, contact an administrator.",
"category": "error",
},
"updated_application_team_settings": {
"title": "flash.success",
"message": "flash.updated_application_team_settings",

View File

@ -7,6 +7,29 @@
{% import "portfolios/fragments/member_form_fields.html" as member_form_fields %}
{% from "components/toggle_menu.html" import ToggleMenu %}
{% if user_can(permissions.EDIT_PORTFOLIO_USERS) -%}
{% for member in members -%}
{% set modal_name = "edit_member-{}".format(loop.index) %}
{% call Modal(modal_name, classes="form-content--app-mem") %}
<div class="modal__form--header">
<h1>{{ Icon('avatar') }} {{ "portfolios.applications.members.form.edit_access_header" | translate({ "user": member.user_name }) }}</h1>
</div>
<base-form inline-template>
<form id='{{ modal_name }}' method="POST" action="{{ url_for('portfolios.update_member', portfolio_id=portfolio.id, portfolio_role_id=member.role_id) }}">
{{ member.form.csrf_token }}
{{ member_form.SubmitStep(
name=modal_name,
form=member_form_fields.PermsFields(member.form, member_role_id=member.role_id),
submit_text="Save Changes",
previous=False,
modal=modal_name,
) }}
</form>
</base-form>
{% endcall %}
{%- endfor %}
{%- endif %}
<h3>Portfolio Managers</h3>
<div class="panel">
<section class="member-list">
@ -20,6 +43,7 @@
</thead>
<tbody>
{% for member in members -%}
{% set perms_modal = "edit_member-{}".format(loop.index) %}
<tr>
<td>
<strong>{{ member.user_name }}{% if member.role_id == current_member_id %} (You){% endif %}</strong>
@ -39,7 +63,7 @@
{%-endfor %}
{% if user_can(permissions.EDIT_PORTFOLIO_USERS) -%}
{% call ToggleMenu() %}
<a href="#">Edit Permissions</a>
<a v-on:click="openModal('{{ perms_modal }}')">Edit Permissions</a>
<a href="#">Resend Invite</a>
<a href="#">Revoke Invite</a>
{% endcall %}
@ -68,13 +92,13 @@
form=member_form_fields.InfoFields(new_manager_form.user_data),
next_button_text="Next: Permissions",
previous=False,
modal=new_manager_modal_name,
modal=new_manager_modal,
),
member_form.SubmitStep(
name=new_manager_modal,
form=member_form_fields.PermsFields(new_manager_form),
submit_text="Add Mananger",
modal=new_manager_modal_name,
modal=new_manager_modal,
)
],
) }}

View File

@ -222,3 +222,54 @@ def test_remove_portfolio_member_ppoc(client, user_session):
PortfolioRoles.get(portfolio_id=portfolio.id, user_id=portfolio.owner.id).status
== PortfolioRoleStatus.ACTIVE
)
def test_portfolios_update_member(client, user_session):
portfolio = PortfolioFactory.create()
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio,
permission_sets=[PermissionSets.get(PermissionSets.EDIT_PORTFOLIO_ADMIN)],
)
form_data = {
"perms_app_mgmt": "y",
}
user_session(portfolio.owner)
response = client.post(
url_for(
"portfolios.update_member",
portfolio_id=portfolio.id,
portfolio_role_id=portfolio_role.id,
),
data=form_data,
follow_redirects=False,
)
assert response.status_code == 302
assert portfolio_role.has_permission_set(
PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT
)
assert not portfolio_role.has_permission_set(PermissionSets.EDIT_PORTFOLIO_ADMIN)
def test_can_not_update_ppoc_permissions(client, user_session):
portfolio = PortfolioFactory.create()
owner = portfolio.owner
form_data = {
"perms_app_mgmt": "y",
}
user_session(owner)
response = client.post(
url_for(
"portfolios.update_member",
portfolio_id=portfolio.id,
portfolio_role_id=portfolio.owner_role.id,
),
data=form_data,
follow_redirects=False,
)
assert response.status_code == 400

View File

@ -269,10 +269,10 @@ def test_existing_member_invite_resent_to_email_submitted_in_form(
_DEFAULT_PERMS_FORM_DATA = {
"permission_sets-perms_app_mgmt": False,
"permission_sets-perms_funding": False,
"permission_sets-perms_reporting": False,
"permission_sets-perms_portfolio_mgmt": False,
"permission_sets-perms_app_mgmt": "n",
"permission_sets-perms_funding": "n",
"permission_sets-perms_reporting": "n",
"permission_sets-perms_portfolio_mgmt": "n",
}

View File

@ -373,6 +373,24 @@ def test_portfolios_edit_access(post_url_assert_status):
post_url_assert_status(rando, url, 404)
# portfolios.update_member
def test_portfolios_update_member_access(post_url_assert_status):
ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_ADMIN)
owner = user_with()
rando = user_with()
portfolio = PortfolioFactory.create(owner=owner)
portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio)
url = url_for(
"portfolios.update_member",
portfolio_id=portfolio.id,
portfolio_role_id=portfolio_role.id,
)
post_url_assert_status(ccpo, url, 302)
post_url_assert_status(owner, url, 302)
post_url_assert_status(rando, url, 404)
# applications.new
def test_applications_new_access(get_url_assert_status):
ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT)