Add route for applications.revoke_invite
This commit is contained in:
parent
a4f0b10bbb
commit
5c54c043c0
@ -194,7 +194,7 @@
|
||||
"hashed_secret": "e4f14805dfd1e6af030359090c535e149e6b4207",
|
||||
"is_secret": false,
|
||||
"is_verified": false,
|
||||
"line_number": 525,
|
||||
"line_number": 543,
|
||||
"type": "Hex High Entropy String"
|
||||
}
|
||||
]
|
||||
|
@ -70,3 +70,16 @@ class ApplicationRoles(object):
|
||||
db.session.commit()
|
||||
|
||||
return application_role
|
||||
|
||||
@classmethod
|
||||
def _update_status(cls, application_role, new_status):
|
||||
application_role.status = new_status
|
||||
db.session.add(application_role)
|
||||
db.session.commit()
|
||||
|
||||
return application_role
|
||||
|
||||
@classmethod
|
||||
def disable(cls, application_role):
|
||||
application_role.deleted = True
|
||||
return cls._update_status(application_role, ApplicationRoleStatus.DISABLED)
|
||||
|
@ -143,3 +143,10 @@ class PortfolioInvitations(BaseInvitations):
|
||||
class ApplicationInvitations(BaseInvitations):
|
||||
model = ApplicationInvitation
|
||||
role_domain_class = ApplicationRoles
|
||||
|
||||
@classmethod
|
||||
def _update_status(cls, invite, new_status):
|
||||
invite = super()._update_status(invite, new_status)
|
||||
ApplicationRoles.disable(invite.role)
|
||||
|
||||
return invite
|
||||
|
@ -8,6 +8,7 @@ from atst.domain.application_roles import ApplicationRoles
|
||||
from atst.domain.audit_log import AuditLog
|
||||
from atst.domain.common import Paginator
|
||||
from atst.domain.environment_roles import EnvironmentRoles
|
||||
from atst.domain.invitations import ApplicationInvitations
|
||||
from atst.forms.application_member import NewForm as NewMemberForm, UpdateMemberForm
|
||||
from atst.forms.application import NameAndDescriptionForm, EditEnvironmentForm
|
||||
from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
@ -379,3 +380,25 @@ def update_member(application_id, application_role_id):
|
||||
_anchor="application-members",
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@applications_bp.route(
|
||||
"/applications/<application_id>/members/<application_role_id>/revoke_invite",
|
||||
methods=["POST"],
|
||||
)
|
||||
@user_can(Permissions.DELETE_APPLICATION_MEMBER, message="revoke appliction invitation")
|
||||
def revoke_invite(application_id, application_role_id):
|
||||
app_role = ApplicationRoles.get_by_id(application_role_id)
|
||||
invite = app_role.latest_invitation
|
||||
|
||||
if invite.is_revokable:
|
||||
ApplicationInvitations.revoke(invite.token)
|
||||
|
||||
return redirect(
|
||||
url_for(
|
||||
"applications.settings",
|
||||
application_id=application_id,
|
||||
fragment="application-members",
|
||||
_anchor="application-members",
|
||||
)
|
||||
)
|
||||
|
@ -259,6 +259,7 @@ class ApplicationInvitationFactory(Base):
|
||||
email = factory.Faker("email")
|
||||
status = InvitationStatus.PENDING
|
||||
expiration_time = PortfolioInvitations.current_expiration_time()
|
||||
role = factory.SubFactory(ApplicationRoleFactory)
|
||||
|
||||
|
||||
class AttachmentFactory(Base):
|
||||
|
@ -14,6 +14,7 @@ from atst.domain.common import Paginator
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
from atst.domain.portfolios import Portfolios
|
||||
from atst.domain.exceptions import NotFoundError
|
||||
from atst.models.application_role import Status as ApplicationRoleStatus
|
||||
from atst.models.environment_role import CSPRole
|
||||
from atst.models.permissions import Permissions
|
||||
from atst.models.portfolio_role import Status as PortfolioRoleStatus
|
||||
@ -540,3 +541,21 @@ def test_update_member(client, user_session):
|
||||
# check that the user has roles in the correct envs
|
||||
assert environment_roles[0].environment in [env, env_2]
|
||||
assert environment_roles[1].environment in [env, env_2]
|
||||
|
||||
|
||||
def test_revoke_invite(client, user_session):
|
||||
invite = ApplicationInvitationFactory.create()
|
||||
app_role = invite.role
|
||||
application = app_role.application
|
||||
|
||||
user_session(application.portfolio.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
"applications.revoke_invite",
|
||||
application_id=application.id,
|
||||
application_role_id=app_role.id,
|
||||
)
|
||||
)
|
||||
|
||||
assert invite.is_revoked
|
||||
assert app_role.status == ApplicationRoleStatus.DISABLED
|
||||
|
@ -572,6 +572,24 @@ def test_applications_update_member(post_url_assert_status):
|
||||
post_url_assert_status(rando, url, 404)
|
||||
|
||||
|
||||
# applications.revoke_invite
|
||||
def test_applications_revoke_invite(post_url_assert_status):
|
||||
ccpo = UserFactory.create_ccpo()
|
||||
rando = UserFactory.create()
|
||||
application = ApplicationFactory.create()
|
||||
|
||||
for user, status in [(ccpo, 302), (application.portfolio.owner, 302), (rando, 404)]:
|
||||
app_role = ApplicationRoleFactory.create()
|
||||
invite = ApplicationInvitationFactory.create(role=app_role)
|
||||
|
||||
url = url_for(
|
||||
"applications.revoke_invite",
|
||||
application_id=application.id,
|
||||
application_role_id=app_role.id,
|
||||
)
|
||||
post_url_assert_status(user, url, status)
|
||||
|
||||
|
||||
# task_orders.download_task_order_pdf
|
||||
def test_task_orders_download_task_order_pdf_access(get_url_assert_status, monkeypatch):
|
||||
monkeypatch.setattr(
|
||||
|
Loading…
x
Reference in New Issue
Block a user