diff --git a/.secrets.baseline b/.secrets.baseline index e477008c..b8c620f6 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2019-09-10T18:56:49Z", + "generated_at": "2019-09-13T17:44:56Z", "plugins_used": [ { "base64_limit": 4.5, @@ -194,7 +194,7 @@ "hashed_secret": "e4f14805dfd1e6af030359090c535e149e6b4207", "is_secret": false, "is_verified": false, - "line_number": 507, + "line_number": 525, "type": "Hex High Entropy String" } ] diff --git a/atst/forms/application_member.py b/atst/forms/application_member.py index 1eaa4e06..ce2b6edd 100644 --- a/atst/forms/application_member.py +++ b/atst/forms/application_member.py @@ -1,15 +1,15 @@ from flask_wtf import FlaskForm from wtforms.fields import FormField, FieldList, HiddenField, BooleanField +from wtforms import Form -from .forms import BaseForm from .member import NewForm as BaseNewMemberForm from .data import ENV_ROLES, ENV_ROLE_NO_ACCESS as NO_ACCESS -from atst.domain.permission_sets import PermissionSets from atst.forms.fields import SelectField +from atst.domain.permission_sets import PermissionSets from atst.utils.localization import translate -class EnvironmentForm(FlaskForm): +class EnvironmentForm(Form): environment_id = HiddenField() environment_name = HiddenField() role = SelectField( @@ -53,6 +53,7 @@ class PermissionsForm(FlaskForm): @property def data(self): _data = super().data + _data.pop("csrf_token", None) perm_sets = [] if _data["perms_env_mgmt"]: @@ -64,10 +65,14 @@ class PermissionsForm(FlaskForm): if _data["perms_del_env"]: perm_sets.append(PermissionSets.DELETE_APPLICATION_ENVIRONMENTS) - return perm_sets + _data["permission_sets"] = perm_sets + return _data -class NewForm(BaseForm): +class NewForm(PermissionsForm): user_data = FormField(BaseNewMemberForm) - permission_sets = FormField(PermissionsForm) + environment_roles = FieldList(FormField(EnvironmentForm)) + + +class UpdateMemberForm(PermissionsForm): environment_roles = FieldList(FormField(EnvironmentForm)) diff --git a/atst/routes/applications/settings.py b/atst/routes/applications/settings.py index c80c9d10..8ea3b612 100644 --- a/atst/routes/applications/settings.py +++ b/atst/routes/applications/settings.py @@ -9,10 +9,9 @@ from atst.domain.audit_log import AuditLog from atst.domain.common import Paginator from atst.domain.environment_roles import EnvironmentRoles from atst.forms.application import ApplicationForm, EditEnvironmentForm -from atst.forms.application_member import NewForm as NewMemberForm +from atst.forms.application_member import NewForm as NewMemberForm, UpdateMemberForm from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS from atst.domain.authz.decorator import user_can_access_decorator as user_can -from atst.models.environment_role import CSPRole from atst.models.permissions import Permissions from atst.domain.permission_sets import PermissionSets from atst.utils.flash import formatted_flash as flash @@ -35,86 +34,64 @@ def get_environments_obj_for_app(application): return environments_obj -def data_for_app_env_roles_form(application): - csp_roles = [role.value for role in CSPRole] - csp_roles.insert(0, NO_ACCESS) - # dictionary for sorting application members by environments - # and roles within those environments - environments_dict = { - e.id: {role_name: [] for role_name in csp_roles} - for e in application.environments +def filter_perm_sets_data(member): + perm_sets_data = { + "perms_team_mgmt": bool( + member.has_permission_set(PermissionSets.EDIT_APPLICATION_TEAM) + ), + "perms_env_mgmt": bool( + member.has_permission_set(PermissionSets.EDIT_APPLICATION_ENVIRONMENTS) + ), + "perms_del_env": bool( + member.has_permission_set(PermissionSets.DELETE_APPLICATION_ENVIRONMENTS) + ), } - for member in application.members: - env_ids = set(environments_dict.keys()) - for env_role in member.environment_roles: - role_members_list = environments_dict[env_role.environment_id][ - env_role.role - ] - role_members_list.append( - { - "application_role_id": str(member.id), - "user_name": member.user_name, - "role_name": env_role.role, - } - ) - env_ids.remove(env_role.environment_id) - # any leftover environment IDs are ones the app member - # does not have access to - for env_id in env_ids: - role_members_list = environments_dict[env_id][NO_ACCESS] - role_members_list.append( - { - "application_role_id": str(member.id), - "user_name": member.user_name, - "role_name": NO_ACCESS, - } - ) + return perm_sets_data - # transform the data into the shape the form needs - nested_data = [ + +def filter_env_roles_data(roles): + env_role_data = [ { - "env_id": env_id, - "team_roles": [ - {"role": role, "members": members} for role, members in roles.items() - ], + "environment_id": str(role.environment.id), + "environment_name": role.environment.name, + "role": role.role, } - for env_id, roles in environments_dict.items() + for role in roles ] - return {"envs": nested_data} + return env_role_data -def get_form_permission_value(member, edit_perm_set): - if member.has_permission_set(edit_perm_set): - return edit_perm_set - else: - return PermissionSets.VIEW_APPLICATION +def filter_env_roles_form_data(member, environments): + env_roles_form_data = [] + for env in environments: + env_data = { + "environment_id": str(env.id), + "environment_name": env.name, + "role": NO_ACCESS, + } + env_role = EnvironmentRoles.get_by_user_and_environment(member.user_id, env.id) + if env_role: + env_data["role"] = env_role.role + + env_roles_form_data.append(env_data) + + return env_roles_form_data def get_members_data(application): members_data = [] for member in application.members: - permission_sets = { - "perms_team_mgmt": get_form_permission_value( - member, PermissionSets.EDIT_APPLICATION_TEAM - ), - "perms_env_mgmt": get_form_permission_value( - member, PermissionSets.EDIT_APPLICATION_ENVIRONMENTS - ), - "perms_del_env": get_form_permission_value( - member, PermissionSets.DELETE_APPLICATION_ENVIRONMENTS - ), - } + permission_sets = filter_perm_sets_data(member) roles = EnvironmentRoles.get_for_application_member(member.id) - environment_roles = [ - { - "environment_id": str(role.environment.id), - "environment_name": role.environment.name, - "role": role.role, - } - for role in roles - ] + environment_roles = filter_env_roles_data(roles) + env_roles_form_data = filter_env_roles_form_data( + member, application.environments + ) + form = UpdateMemberForm( + environment_roles=env_roles_form_data, **permission_sets + ) members_data.append( { "role_id": member.id, @@ -122,6 +99,7 @@ def get_members_data(application): "permission_sets": permission_sets, "environment_roles": environment_roles, "role_status": member.status.value, + "form": form, } ) @@ -312,7 +290,7 @@ def create_member(application_id): application=application, inviter=g.current_user, user_data=form.user_data.data, - permission_sets_names=form.permission_sets.data, + permission_sets_names=form.data["permission_sets"], environment_roles_data=form.environment_roles.data, ) @@ -365,3 +343,34 @@ def remove_member(application_id, application_role_id): fragment="application-members", ) ) + + +@applications_bp.route( + "/applications//members//update", + methods=["POST"], +) +@user_can(Permissions.EDIT_APPLICATION_MEMBER, message="update application member") +def update_member(application_id, application_role_id): + app_role = ApplicationRoles.get_by_id(application_role_id) + form = UpdateMemberForm(http_request.form) + + if form.validate(): + ApplicationRoles.update_permission_sets(app_role, form.data["permission_sets"]) + + for env_role in form.environment_roles: + environment = Environments.get(env_role.environment_id.data) + Environments.update_env_role(environment, app_role, env_role.data["role"]) + + flash("application_member_updated", user_name=app_role.user_name) + else: + pass + # TODO: flash error message + + return redirect( + url_for( + "applications.settings", + application_id=application_id, + fragment="application-members", + _anchor="application-members", + ) + ) diff --git a/atst/utils/flash.py b/atst/utils/flash.py index b511f4d2..dfb0d324 100644 --- a/atst/utils/flash.py +++ b/atst/utils/flash.py @@ -7,11 +7,6 @@ MESSAGES = { "message_template": "Portfolio '{{portfolio_name}}' has been deleted", "category": "success", }, - "application_environment_members_updated": { - "title_template": "Application environment members updated", - "message_template": "Application environment members have been updated", - "category": "success", - }, "application_deleted": { "title_template": translate("flash.success"), "message_template": """ @@ -30,6 +25,11 @@ MESSAGES = { "message_template": "You have successfully deleted {{ user_name }} from {{ application_name }}", "category": "success", }, + "application_member_updated": { + "title_template": "Team member updated", + "message_template": "You have successfully updated the permissions for {{ user_name }}", + "category": "success", + }, "ccpo_user_added": { "title_template": translate("flash.success"), "message_template": "You have successfully given {{ user_name }} CCPO permissions.", diff --git a/js/components/checkbox_input.js b/js/components/checkbox_input.js index 32fd3337..2a1b0c89 100644 --- a/js/components/checkbox_input.js +++ b/js/components/checkbox_input.js @@ -6,6 +6,7 @@ export default { props: { name: String, initialChecked: Boolean, + optional: Boolean, }, data: function() { @@ -18,7 +19,7 @@ export default { emitEvent('field-mount', this, { optional: this.optional, name: this.name, - valid: this.isChecked, + valid: this.optional || this.isChecked, }) }, @@ -27,7 +28,7 @@ export default { emitEvent('field-change', this, { value: e.target.checked, name: this.name, - valid: this.isChecked, + valid: this.optional || this.isChecked, }) }, }, diff --git a/styles/sections/_application_edit.scss b/styles/sections/_application_edit.scss index c011e361..894f80c0 100644 --- a/styles/sections/_application_edit.scss +++ b/styles/sections/_application_edit.scss @@ -24,7 +24,8 @@ } } -#modal--add-app-mem { +#modal--add-app-mem, +.form-content--app-mem { text-align: left; input[type="checkbox"] + label::before { @@ -98,11 +99,19 @@ margin-top: $gap; margin-left: $gap; } + + .form-row { + margin: 0; + } } &__head { font-weight: $font-bold; } + + hr { + margin: 0.5em; + } } .form-row { diff --git a/templates/components/checkbox_input.html b/templates/components/checkbox_input.html index 4e527114..6ce8f511 100644 --- a/templates/components/checkbox_input.html +++ b/templates/components/checkbox_input.html @@ -2,20 +2,24 @@ field, label=field.label, inline=False, - classes="") -%} + classes="", + key=field.name, + id=field.name, + optional=False) -%}
- {{ field(**{"v-model": "isChecked"}) }} - {{ label | safe }} + {{ field(id=id, checked=True, **{"v-model": "isChecked"}) }} + {{ field.label(for=id) | safe }} {% if field.description %}

diff --git a/templates/fragments/applications/member_perms_form_fields.html b/templates/fragments/applications/member_perms_form_fields.html new file mode 100644 index 00000000..c0261ed3 --- /dev/null +++ b/templates/fragments/applications/member_perms_form_fields.html @@ -0,0 +1,52 @@ +{% from "components/checkbox_input.html" import CheckboxInput %} + +{% macro MemberPermsFields(form, new=False, member_role_id=None) %} +

+

{{ "portfolios.applications.members.form.project_perms" | translate }}

+
+ {% if new %} + {% set team_mgmt = form.perms_team_mgmt.name %} + {% set env_mgmt = form.perms_env_mgmt.name %} + {% set del_env = form.perms_del_env.name %} + {% else %} + {% set team_mgmt = "perms_team_mgmt-{}".format(member_role_id) %} + {% set env_mgmt = "perms_env_mgmt-{}".format(member_role_id) %} + {% set del_env = "perms_del_env-{}".format(member_role_id) %} + {% endif %} + + {{ CheckboxInput(form.perms_team_mgmt, classes="input__inline-fields", key=team_mgmt, id=team_mgmt, optional=True) }} + {{ CheckboxInput(form.perms_env_mgmt, classes="input__inline-fields", key=env_mgmt, id=env_mgmt, optional=True) }} + {{ CheckboxInput(form.perms_del_env, classes="input__inline-fields", key=del_env, id=del_env, optional=True) }} +
+
+

{{ "portfolios.applications.members.form.env_access" | translate }}

+
+ {% for environment_data in form.environment_roles %} + +
+
+
+
+ +
+ {{ environment_data.environment_name.data }} +
+ +
+
+ {{ environment_data.role(**{"v-model": "value"}) }} +
+
+
+
+ + {{ environment_data.environment_id() }} +
+ {% endfor %} +
+
+{% endmacro %} diff --git a/templates/fragments/applications/new_member_modal_content.html b/templates/fragments/applications/new_member_modal_content.html index 97c84b85..14fa7019 100644 --- a/templates/fragments/applications/new_member_modal_content.html +++ b/templates/fragments/applications/new_member_modal_content.html @@ -2,6 +2,7 @@ {% from "components/text_input.html" import TextInput %} {% from "components/checkbox_input.html" import CheckboxInput %} {% from "components/phone_input.html" import PhoneInput %} +{% from "fragments/applications/member_perms_form_fields.html" import MemberPermsFields %} {% macro MemberFormTemplate(title, next_button, previous=True) %}
@@ -24,7 +25,7 @@
{% endmacro %} -{% macro MemberStepOne(new_member_form) %} +{% macro MemberStepOne(member_form) %} {% set next_button %} - {{ TextInput(new_member_form.user_data.first_name, validation='requiredField', optional=False) }} + {{ TextInput(member_form.user_data.first_name, validation='requiredField', optional=False) }}
- {{ TextInput(new_member_form.user_data.last_name, validation='requiredField', optional=False) }} + {{ TextInput(member_form.user_data.last_name, validation='requiredField', optional=False) }}
- {{ TextInput(new_member_form.user_data.email, validation='email', optional=False) }} + {{ TextInput(member_form.user_data.email, validation='email', optional=False) }}
- {{ PhoneInput(new_member_form.user_data.phone_number, new_member_form.user_data.phone_ext)}} + {{ PhoneInput(member_form.user_data.phone_number, member_form.user_data.phone_ext)}}
- {{ TextInput(new_member_form.user_data.dod_id, validation='dodId', optional=False) }} + {{ TextInput(member_form.user_data.dod_id, validation='dodId', optional=False) }}
How do I find the DoD ID? {% endcall %} {% endmacro %} -{% macro MemberStepTwo(new_member_form, application) %} +{% macro MemberStepTwo(member_form, application) %} {% set next_button %} {{ "portfolios.applications.members.form.project_perms" | translate }} -
- {{ CheckboxInput(new_member_form.permission_sets.perms_team_mgmt, classes="input__inline-fields") }} - {{ CheckboxInput(new_member_form.permission_sets.perms_env_mgmt, classes="input__inline-fields") }} - {{ CheckboxInput(new_member_form.permission_sets.perms_del_env, classes="input__inline-fields") }} -
-
-

{{ "portfolios.applications.members.form.env_access" | translate }}

-
- {% for environment_data in new_member_form.environment_roles %} - -
-
-
-
- -
- {{ environment_data.environment_name.data }} -
- -
-
- {{ environment_data.role(**{"v-model": "value"}) }} -
-
-
-
- - {{ environment_data.environment_id() }} -
- {% endfor %} -
+ {{ MemberPermsFields(form=member_form) }} {% endcall %} {% endmacro %} diff --git a/templates/portfolios/applications/settings.html b/templates/portfolios/applications/settings.html index 7b54a709..a4b1c38d 100644 --- a/templates/portfolios/applications/settings.html +++ b/templates/portfolios/applications/settings.html @@ -4,12 +4,17 @@ {% from "components/delete_confirmation.html" import DeleteConfirmation %} {% from "components/icon.html" import Icon %} {% import "fragments/applications/new_member_modal_content.html" as member_steps %} +{% from "fragments/applications/member_perms_form_fields.html" import MemberPermsFields %} {% from "components/modal.html" import Modal %} {% from "components/multi_step_modal_form.html" import MultiStepModalForm %} {% from "components/pagination.html" import Pagination %} {% from "components/save_button.html" import SaveButton %} {% from "components/text_input.html" import TextInput %} {% from "components/toggle_list.html" import ToggleButton, ToggleSection %} +{% from "components/icon.html" import Icon %} +{% from "components/text_input.html" import TextInput %} +{% from "components/checkbox_input.html" import CheckboxInput %} +{% from "components/phone_input.html" import PhoneInput %} {% set secondary_breadcrumb = 'portfolios.applications.existing_application_title' | translate({ "application_name": application.name }) %} @@ -115,6 +120,25 @@ {% if g.matchesPath("application-members") %} {% include "fragments/flash.html" %} {% endif %} + {% for member in members %} + {% set modal_name = "edit_member-{}".format(loop.index) %} + {% call Modal(modal_name) %} +
+

{{ Icon('avatar') }} {{ member.user_name }}

+
+
+ + + + {% endcall %} + {% endfor %} @@ -126,12 +150,18 @@ {% for member in members %} + {% set modal_name = "edit_member-{}".format(loop.index) %}
- {{ member.user_name }}
+ {{ member.user_name }} + + {{ Icon('edit') }} + +
{% if member.role_status == 'pending' %} INVITE PENDING {% endif %} + 		diff --git a/tests/forms/test_application_member.py b/tests/forms/test_application_member.py index 8494db48..61a9e373 100644 --- a/tests/forms/test_application_member.py +++ b/tests/forms/test_application_member.py @@ -1,5 +1,6 @@ from wtforms.validators import ValidationError +from atst.domain.permission_sets import PermissionSets from atst.forms.data import ENV_ROLES, ENV_ROLE_NO_ACCESS as NO_ACCESS from atst.forms.application_member import * @@ -34,3 +35,16 @@ def test_environment_form_invalid(): } form = EnvironmentForm(data=form_data) assert not form.validate() + + +def test_update_member_form(): + form_data = { + "perms_team_mgmt": True, + "perms_env_mgmt": False, + "perms_del_env": False, + } + form = UpdateMemberForm(data=form_data) + assert form.validate() + assert form.perms_team_mgmt.data + assert not form.perms_env_mgmt.data + assert not form.perms_del_env.data diff --git a/tests/routes/applications/test_settings.py b/tests/routes/applications/test_settings.py index 8a69c22e..3d69404c 100644 --- a/tests/routes/applications/test_settings.py +++ b/tests/routes/applications/test_settings.py @@ -6,15 +6,19 @@ from unittest.mock import Mock from tests.factories import * from atst.domain.applications import Applications +from atst.domain.application_roles import ApplicationRoles from atst.domain.environment_roles import EnvironmentRoles from atst.domain.environments import Environments +from atst.domain.environment_roles import EnvironmentRoles from atst.domain.common import Paginator from atst.domain.permission_sets import PermissionSets from atst.domain.portfolios import Portfolios from atst.domain.exceptions import NotFoundError from atst.models.environment_role import CSPRole +from atst.models.permissions import Permissions from atst.models.portfolio_role import Status as PortfolioRoleStatus from atst.forms.application import EditEnvironmentForm +from atst.forms.application_member import UpdateMemberForm from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS from tests.utils import captured_templates @@ -124,27 +128,23 @@ def test_edit_application_environments_obj(app, client, user_session): assert isinstance(context["audit_events"], Paginator) -def test_data_for_app_env_roles_form(app, client, user_session): - portfolio = PortfolioFactory.create() - application = Applications.create( - portfolio.owner, - portfolio, - "Snazzy Application", - "A new application for me and my friends", - {"env"}, +def test_get_members_data(app, client, user_session): + user = UserFactory.create() + application = ApplicationFactory.create( + environments=[ + { + "name": "testing", + "members": [{"user": user, "role_name": CSPRole.BASIC_ACCESS.value}], + } + ] ) - env = application.environments[0] - app_role0 = ApplicationRoleFactory.create(application=application) - app_role1 = ApplicationRoleFactory.create(application=application) - env_role1 = EnvironmentRoleFactory.create( - application_role=app_role1, environment=env, role=CSPRole.BASIC_ACCESS.value - ) - app_role2 = ApplicationRoleFactory.create(application=application) - env_role2 = EnvironmentRoleFactory.create( - application_role=app_role2, environment=env, role=CSPRole.NETWORK_ADMIN.value + environment = application.environments[0] + app_role = ApplicationRoles.get(user_id=user.id, application_id=application.id) + env_role = EnvironmentRoles.get( + application_role_id=app_role.id, environment_id=environment.id ) - user_session(portfolio.owner) + user_session(application.portfolio.owner) with captured_templates(app) as templates: response = app.test_client().get( @@ -154,6 +154,24 @@ def test_data_for_app_env_roles_form(app, client, user_session): assert response.status_code == 200 _, context = templates[-1] + member = context["members"][0] + assert member["role_id"] == app_role.id + assert member["user_name"] == user.full_name + assert member["permission_sets"] == { + "perms_team_mgmt": False, + "perms_env_mgmt": False, + "perms_del_env": False, + } + assert member["environment_roles"] == [ + { + "environment_id": str(environment.id), + "environment_name": environment.name, + "role": env_role.role, + } + ] + assert member["role_status"] + assert isinstance(member["form"], UpdateMemberForm) + def test_user_with_permission_can_update_application(client, user_session): owner = UserFactory.create() @@ -361,9 +379,9 @@ def test_create_member(monkeypatch, client, user_session, session): "environment_roles-1-environment_id": env_1.id, "environment_roles-1-role": NO_ACCESS, "environment_roles-1-environment_name": env_1.name, - "permission_sets-perms_env_mgmt": True, - "permission_sets-perms_team_mgmt": True, - "permission_sets-perms_del_env": True, + "perms_env_mgmt": True, + "perms_team_mgmt": True, + "perms_del_env": True, }, ) @@ -453,3 +471,72 @@ def test_remove_member_failure(client, user_session): ) assert response.status_code == 404 + + +def test_update_member(client, user_session): + role = PermissionSets.get(PermissionSets.EDIT_APPLICATION_TEAM) + # create an app role with only edit team perms + app_role = ApplicationRoleFactory.create(permission_sets=[role]) + application = app_role.application + env = EnvironmentFactory.create(application=application) + env_1 = EnvironmentFactory.create(application=application) + env_2 = EnvironmentFactory.create(application=application) + # add user to two of the environments: env and env_1 + EnvironmentRoleFactory.create( + environment=env, application_role=app_role, role=CSPRole.BASIC_ACCESS.value + ) + EnvironmentRoleFactory.create( + environment=env_1, application_role=app_role, role=CSPRole.BASIC_ACCESS.value + ) + + user_session(application.portfolio.owner) + # update the user's app permissions to have edit team and env perms + # update user's role in env, remove user from env_1, and add user to env_2 + response = client.post( + url_for( + "applications.update_member", + application_id=application.id, + application_role_id=app_role.id, + ), + data={ + "environment_roles-0-environment_id": env.id, + "environment_roles-0-role": CSPRole.TECHNICAL_READ.value, + "environment_roles-0-environment_name": env.name, + "environment_roles-1-environment_id": env_1.id, + "environment_roles-1-role": NO_ACCESS, + "environment_roles-1-environment_name": env_1.name, + "environment_roles-2-environment_id": env_2.id, + "environment_roles-2-role": CSPRole.NETWORK_ADMIN.value, + "environment_roles-2-environment_name": env_2.name, + "perms_env_mgmt": True, + "perms_team_mgmt": True, + "perms_del_env": True, + }, + ) + + assert response.status_code == 302 + expected_url = url_for( + "applications.settings", + application_id=application.id, + fragment="application-members", + _anchor="application-members", + _external=True, + ) + assert response.location == expected_url + # make sure new application role was not created + assert len(application.roles) == 1 + # check that new app perms were added + assert bool(app_role.has_permission_set(PermissionSets.EDIT_APPLICATION_TEAM)) + assert bool( + app_role.has_permission_set(PermissionSets.EDIT_APPLICATION_ENVIRONMENTS) + ) + assert bool( + app_role.has_permission_set(PermissionSets.DELETE_APPLICATION_ENVIRONMENTS) + ) + + environment_roles = application.roles[0].environment_roles + # make sure that old env role was deleted and there are only 2 env roles + assert len(environment_roles) == 2 + # check that the user has roles in the correct envs + assert environment_roles[0].environment in [env, env_2] + assert environment_roles[1].environment in [env, env_2] diff --git a/tests/test_access.py b/tests/test_access.py index 5f0563fe..779ef7f6 100644 --- a/tests/test_access.py +++ b/tests/test_access.py @@ -464,6 +464,24 @@ def test_applications_update_environments(post_url_assert_status): post_url_assert_status(rando, url, 404) +# applications.update_member +def test_applications_update_member(post_url_assert_status): + ccpo = UserFactory.create_ccpo() + rando = UserFactory.create() + + application_role = ApplicationRoleFactory.create() + application = application_role.application + + url = url_for( + "applications.update_member", + application_id=application.id, + application_role_id=application_role.id, + ) + post_url_assert_status(application.portfolio.owner, url, 302) + post_url_assert_status(ccpo, url, 302) + post_url_assert_status(rando, url, 404) + + # task_orders.download_task_order_pdf def test_task_orders_download_task_order_pdf_access(get_url_assert_status, monkeypatch): monkeypatch.setattr( diff --git a/translations.yaml b/translations.yaml index ea304406..45696d1c 100644 --- a/translations.yaml +++ b/translations.yaml @@ -366,14 +366,14 @@ portfolios: delete_envs: 'Allow member to delete environments within the application.' manage_team: 'Allow member to add, update, and remove members from the application team.' perms_team_mgmt: - view_application: View Team - edit_application_team: Edit Team + 'False': View Team + 'True': Edit Team perms_env_mgmt: - view_application: View Environments - edit_application_environments: Edit Environments + 'False': View Environments + 'True': Edit Environments perms_del_env: - view_application: "" - delete_application_environments: Delete Application + 'False': "" + 'True': Delete Application index: empty: start_button: Start a new JEDI portfolio