Add route to update portfolio manager perms, add modal form to update in the UI

tests/routes/portfolios/test_admin.py

@@ -222,3 +222,54 @@ def test_remove_portfolio_member_ppoc(client, user_session):
         PortfolioRoles.get(portfolio_id=portfolio.id, user_id=portfolio.owner.id).status
         == PortfolioRoleStatus.ACTIVE
     )
+
+
+def test_portfolios_update_member(client, user_session):
+    portfolio = PortfolioFactory.create()
+    portfolio_role = PortfolioRoleFactory.create(
+        portfolio=portfolio,
+        permission_sets=[PermissionSets.get(PermissionSets.EDIT_PORTFOLIO_ADMIN)],
+    )
+
+    form_data = {
+        "perms_app_mgmt": "y",
+    }
+
+    user_session(portfolio.owner)
+    response = client.post(
+        url_for(
+            "portfolios.update_member",
+            portfolio_id=portfolio.id,
+            portfolio_role_id=portfolio_role.id,
+        ),
+        data=form_data,
+        follow_redirects=False,
+    )
+
+    assert response.status_code == 302
+    assert portfolio_role.has_permission_set(
+        PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT
+    )
+    assert not portfolio_role.has_permission_set(PermissionSets.EDIT_PORTFOLIO_ADMIN)
+
+
+def test_can_not_update_ppoc_permissions(client, user_session):
+    portfolio = PortfolioFactory.create()
+    owner = portfolio.owner
+
+    form_data = {
+        "perms_app_mgmt": "y",
+    }
+
+    user_session(owner)
+    response = client.post(
+        url_for(
+            "portfolios.update_member",
+            portfolio_id=portfolio.id,
+            portfolio_role_id=portfolio.owner_role.id,
+        ),
+        data=form_data,
+        follow_redirects=False,
+    )
+
+    assert response.status_code == 400

tests/routes/portfolios/test_invitations.py

@@ -269,10 +269,10 @@ def test_existing_member_invite_resent_to_email_submitted_in_form(
 
 
 _DEFAULT_PERMS_FORM_DATA = {
-    "permission_sets-perms_app_mgmt": False,
-    "permission_sets-perms_funding": False,
-    "permission_sets-perms_reporting": False,
-    "permission_sets-perms_portfolio_mgmt": False,
+    "permission_sets-perms_app_mgmt": "n",
+    "permission_sets-perms_funding": "n",
+    "permission_sets-perms_reporting": "n",
+    "permission_sets-perms_portfolio_mgmt": "n",
 }
 
 

tests/test_access.py

@@ -373,6 +373,24 @@ def test_portfolios_edit_access(post_url_assert_status):
     post_url_assert_status(rando, url, 404)
 
 
+# portfolios.update_member
+def test_portfolios_update_member_access(post_url_assert_status):
+    ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_ADMIN)
+    owner = user_with()
+    rando = user_with()
+    portfolio = PortfolioFactory.create(owner=owner)
+    portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio)
+
+    url = url_for(
+        "portfolios.update_member",
+        portfolio_id=portfolio.id,
+        portfolio_role_id=portfolio_role.id,
+    )
+    post_url_assert_status(ccpo, url, 302)
+    post_url_assert_status(owner, url, 302)
+    post_url_assert_status(rando, url, 404)
+
+
 # applications.new
 def test_applications_new_access(get_url_assert_status):
     ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT)