pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #691 from dod-ccpo/check-to-completed-before-cor-review

Browse Source 
Check if form is complete before showing the TO Review page
This commit is contained in:
leigh-mil 2019-03-08 10:15:56 -05:00 committed by GitHub
commit 6f1c13be78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 46 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
atst/domain/exceptions.py
View File

@ -34,3 +34,12 @@ class UnauthenticatedError(Exception):
class UploadError(Exception): class UploadError(Exception):
pass pass
class NoAccessError(Exception):
def __init__(self, resource_name):
self.resource_name = resource_name
@property
def message(self):
return "Route for {} cannot be accessed".format(self.resource_name)

1
atst/routes/errors.py
View File

@ -27,6 +27,7 @@ def make_error_pages(app):
@app.errorhandler(exceptions.NotFoundError) @app.errorhandler(exceptions.NotFoundError)
@app.errorhandler(exceptions.UnauthorizedError) @app.errorhandler(exceptions.UnauthorizedError)
@app.errorhandler(PortfolioError) @app.errorhandler(PortfolioError)
@app.errorhandler(exceptions.NoAccessError)
# pylint: disable=unused-variable # pylint: disable=unused-variable
def not_found(e): def not_found(e):
return handle_error(e) return handle_error(e)

17
atst/routes/portfolios/task_orders.py
View File

@ -5,7 +5,7 @@ from flask import g, redirect, render_template, url_for, request as http_request
from . import portfolios_bp from . import portfolios_bp
from atst.database import db from atst.database import db
from atst.domain.task_orders import TaskOrders, DD254s from atst.domain.task_orders import TaskOrders, DD254s
from atst.domain.exceptions import NotFoundError from atst.domain.exceptions import NotFoundError, NoAccessError
from atst.domain.portfolios import Portfolios from atst.domain.portfolios import Portfolios
from atst.domain.authz import Authorization from atst.domain.authz import Authorization
from atst.forms.officers import EditTaskOrderOfficersForm from atst.forms.officers import EditTaskOrderOfficersForm
@ -85,12 +85,15 @@ def ko_review(portfolio_id, task_order_id):
Authorization.check_is_ko_or_cor(g.current_user, task_order) Authorization.check_is_ko_or_cor(g.current_user, task_order)
return render_template( if TaskOrders.all_sections_complete(task_order):
"/portfolios/task_orders/review.html", return render_template(
portfolio=portfolio, "/portfolios/task_orders/review.html",
task_order=task_order, portfolio=portfolio,
form=KOReviewForm(obj=task_order), task_order=task_order,
) form=KOReviewForm(obj=task_order),
)
else:
raise NoAccessError("task_order")
@portfolios_bp.route( @portfolios_bp.route(

16
templates/portfolios/task_orders/show.html
View File

@ -6,6 +6,10 @@
{% block portfolio_content %} {% block portfolio_content %}
{% set show_dd_254_button = is_so and to_form_complete %}
{% set show_to_info_button = (is_cor or is_ko) and to_form_complete %}
{% set show_sign_to_button = is_ko and dd_254_complete and not is_to_signed %}
{% macro officer_name(officer) -%} {% macro officer_name(officer) -%}
{%- if not officer -%} {%- if not officer -%}
Not specified Not specified
@ -136,8 +140,8 @@
}} }}
{{ {{
Step( Step(
button_text=is_so and ("common.edit" | translate), button_text=show_dd_254_button and ("common.edit" | translate),
button_url=is_so and url_for("portfolios.so_review", portfolio_id=portfolio.id, task_order_id=task_order.id), button_url=show_dd_254_button and url_for("portfolios.so_review", portfolio_id=portfolio.id, task_order_id=task_order.id),
complete=dd_254_complete, complete=dd_254_complete,
description="task_orders.view.steps.security" | translate({ description="task_orders.view.steps.security" | translate({
"security_officer": officer_name(task_order.security_officer) "security_officer": officer_name(task_order.security_officer)
@ -149,12 +153,12 @@
"contracting_officer": officer_name(task_order.contracting_officer), "contracting_officer": officer_name(task_order.contracting_officer),
"contracting_officer_representative": officer_name(task_order.contracting_officer_representative) "contracting_officer_representative": officer_name(task_order.contracting_officer_representative)
}) | safe, }) | safe,
button_url=url_for( button_url=show_to_info_button and url_for(
"portfolios.ko_review", "portfolios.ko_review",
portfolio_id=portfolio.id, portfolio_id=portfolio.id,
task_order_id=task_order.id, task_order_id=task_order.id,
), ),
button_text=(is_cor or is_ko) and ("common.edit" | translate), button_text=show_to_info_button and ("common.edit" | translate),
complete=False) %} complete=False) %}
<div class='alert alert--warning'> <div class='alert alert--warning'>
<div class='alert__content'> <div class='alert__content'>
@ -166,8 +170,8 @@
{% endcall %} {% endcall %}
{{ {{
Step( Step(
button_text=is_ko and not is_to_signed and ("common.sign" | translate), button_text=show_sign_to_button and ("common.sign" | translate),
button_url=is_ko and url_for( button_url=show_sign_to_button and url_for(
"portfolios.ko_review", "portfolios.ko_review",
portfolio_id=portfolio.id, portfolio_id=portfolio.id,
task_order_id=task_order.id, task_order_id=task_order.id,

16
tests/routes/portfolios/test_task_orders.py
View File

@ -308,6 +308,22 @@ def test_ko_can_view_ko_review_page(client, user_session):
assert response.status_code == 404 assert response.status_code == 404
def test_cor_cant_view_review_until_to_completed(client, user_session):
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
task_order = TaskOrderFactory.create(
portfolio=portfolio, clin_01=None, cor_dod_id=portfolio.owner.dod_id
)
response = client.get(
url_for(
"portfolios.ko_review",
portfolio_id=portfolio.id,
task_order_id=task_order.id,
)
)
assert response.status_code == 404
def test_mo_redirected_to_build_page(client, user_session): def test_mo_redirected_to_build_page(client, user_session):
portfolio = PortfolioFactory.create() portfolio = PortfolioFactory.create()
user_session(portfolio.owner) user_session(portfolio.owner)