Handle setting no access for user environment roles:
- use constant for no access string - update no access constant - update language and permissions for rendering remove app member button
This commit is contained in:
parent
0dc0397702
commit
815632ed00
@ -2,18 +2,18 @@ from flask_wtf import FlaskForm
|
||||
from wtforms.fields import FieldList, FormField, HiddenField, RadioField, StringField
|
||||
|
||||
from .forms import BaseForm
|
||||
from .data import ENV_ROLES
|
||||
from .data import ENV_ROLES, ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
|
||||
|
||||
class MemberForm(FlaskForm):
|
||||
user_id = HiddenField()
|
||||
user_name = StringField()
|
||||
role_name = RadioField(choices=ENV_ROLES, default="no_access")
|
||||
role_name = RadioField(choices=ENV_ROLES, default=NO_ACCESS)
|
||||
|
||||
@property
|
||||
def data(self):
|
||||
_data = super().data
|
||||
if "role_name" in _data and _data["role_name"] == "no_access":
|
||||
if "role_name" in _data and _data["role_name"] == NO_ACCESS:
|
||||
_data["role_name"] = None
|
||||
return _data
|
||||
|
||||
|
@ -217,6 +217,7 @@ REQUIRED_DISTRIBUTIONS = [
|
||||
("other", "Other as necessary"),
|
||||
]
|
||||
|
||||
ENV_ROLE_NO_ACCESS = "No Access"
|
||||
ENV_ROLES = [(role.value, role.value) for role in CSPRole] + [
|
||||
("no_access", "No access")
|
||||
(ENV_ROLE_NO_ACCESS, "No access")
|
||||
]
|
||||
|
@ -3,7 +3,7 @@ from wtforms.fields import FormField, FieldList, HiddenField, RadioField, String
|
||||
from wtforms.validators import Required
|
||||
|
||||
from .application_member import EnvironmentForm as BaseEnvironmentForm
|
||||
from .data import ENV_ROLES
|
||||
from .data import ENV_ROLES, ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
from .forms import BaseForm
|
||||
from atst.forms.fields import SelectField
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
@ -18,6 +18,13 @@ class EnvironmentForm(BaseEnvironmentForm):
|
||||
filters=[lambda x: None if x == "None" else x],
|
||||
)
|
||||
|
||||
@property
|
||||
def data(self):
|
||||
_data = super().data
|
||||
if "role" in _data and _data["role"] == NO_ACCESS:
|
||||
_data["role"] = None
|
||||
return _data
|
||||
|
||||
|
||||
class PermissionsForm(FlaskForm):
|
||||
perms_team_mgmt = SelectField(
|
||||
|
@ -5,6 +5,7 @@ from atst.domain.environments import Environments
|
||||
from atst.domain.applications import Applications
|
||||
from atst.forms.app_settings import AppEnvRolesForm
|
||||
from atst.forms.application import ApplicationForm, EditEnvironmentForm
|
||||
from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
from atst.domain.authz.decorator import user_can_access_decorator as user_can
|
||||
from atst.models.environment_role import CSPRole
|
||||
from atst.domain.exceptions import NotFoundError
|
||||
@ -46,10 +47,10 @@ def sort_env_users_by_role(env):
|
||||
users_list = []
|
||||
no_access_users = env.application.users - env.users
|
||||
no_access_list = [
|
||||
{"user_id": str(user.id), "user_name": user.full_name, "role_name": "no_access"}
|
||||
{"user_id": str(user.id), "user_name": user.full_name, "role_name": NO_ACCESS}
|
||||
for user in no_access_users
|
||||
]
|
||||
users_list.append({"role": "no_access", "members": no_access_list})
|
||||
users_list.append({"role": NO_ACCESS, "members": no_access_list})
|
||||
|
||||
for role in CSPRole:
|
||||
users_list.append(
|
||||
|
@ -113,7 +113,7 @@ def update_team(application_id):
|
||||
environment_role_form.environment_id.data
|
||||
)
|
||||
Environments.update_env_role(
|
||||
environment, user, environment_role_form.role.data
|
||||
environment, user, environment_role_form.data.get("role")
|
||||
)
|
||||
|
||||
flash("updated_application_team_settings", application_name=application.name)
|
||||
|
@ -1,5 +1,5 @@
|
||||
import { shallowMount } from '@vue/test-utils'
|
||||
import EditEnvironmentRole from '../forms/edit_environment_role'
|
||||
import { NO_ACCESS, EditEnvironmentRole } from '../forms/edit_environment_role'
|
||||
|
||||
describe('EditEnvironmentRole', () => {
|
||||
var initialRoleCategories, wrapper
|
||||
@ -7,7 +7,7 @@ describe('EditEnvironmentRole', () => {
|
||||
beforeEach(() => {
|
||||
initialRoleCategories = [
|
||||
{
|
||||
role: 'no_access',
|
||||
role: NO_ACCESS,
|
||||
members: [
|
||||
{ role_name: null, user_id: '123' },
|
||||
{ role_name: null, user_id: '456' },
|
||||
@ -41,10 +41,10 @@ describe('EditEnvironmentRole', () => {
|
||||
|
||||
it('removes null roles to no_access', () => {
|
||||
let roles = wrapper.vm.sanitizeValues([
|
||||
{ role: 'no_access', members: [{ role_name: null }] },
|
||||
{ role: NO_ACCESS, members: [{ role_name: null }] },
|
||||
])
|
||||
expect(roles).toEqual([
|
||||
{ role: 'no_access', members: [{ role_name: 'no_access' }] },
|
||||
{ role: NO_ACCESS, members: [{ role_name: NO_ACCESS }] },
|
||||
])
|
||||
})
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
import FormMixin from '../../mixins/form'
|
||||
import Modal from '../../mixins/modal'
|
||||
import toggler from '../toggler'
|
||||
import EditEnvironmentRole from './edit_environment_role'
|
||||
import { EditEnvironmentRole } from './edit_environment_role'
|
||||
|
||||
export default {
|
||||
name: 'edit-application-roles',
|
||||
|
@ -5,7 +5,9 @@ import Modal from '../../mixins/modal'
|
||||
// https://github.com/dod-ccpo/atst/pull/799/files#r282240663
|
||||
// May also want to reconsider the data structure by storing the roles and members separately
|
||||
|
||||
export default {
|
||||
export const NO_ACCESS = 'No Access'
|
||||
|
||||
export const EditEnvironmentRole = {
|
||||
name: 'edit-environment-role',
|
||||
|
||||
mixins: [FormMixin],
|
||||
@ -26,7 +28,7 @@ export default {
|
||||
roles.forEach(role => {
|
||||
role.members.forEach(member => {
|
||||
if (member.role_name === null) {
|
||||
member.role_name = 'no_access'
|
||||
member.role_name = NO_ACCESS
|
||||
}
|
||||
})
|
||||
})
|
||||
@ -34,7 +36,7 @@ export default {
|
||||
},
|
||||
|
||||
checkNoAccess: function(role) {
|
||||
return role === 'no_access'
|
||||
return role === NO_ACCESS
|
||||
},
|
||||
|
||||
toggleSection: function(sectionName) {
|
||||
|
@ -1,4 +1,4 @@
|
||||
import editEnvironmentRole from './forms/edit_environment_role'
|
||||
import { EditEnvironmentRole } from './forms/edit_environment_role'
|
||||
import FormMixin from '../mixins/form'
|
||||
import optionsinput from './options_input'
|
||||
import textinput from './text_input'
|
||||
@ -17,7 +17,7 @@ export default {
|
||||
},
|
||||
|
||||
components: {
|
||||
editEnvironmentRole,
|
||||
EditEnvironmentRole,
|
||||
optionsinput,
|
||||
textinput,
|
||||
optionsinput,
|
||||
|
@ -18,7 +18,7 @@ import poc from './components/forms/poc'
|
||||
import oversight from './components/forms/oversight'
|
||||
import toggler from './components/toggler'
|
||||
import NewApplication from './components/forms/new_application'
|
||||
import EditEnvironmentRole from './components/forms/edit_environment_role'
|
||||
import { EditEnvironmentRole } from './components/forms/edit_environment_role'
|
||||
import EditApplicationRoles from './components/forms/edit_application_roles'
|
||||
import MultiStepModalForm from './components/forms/multi_step_modal_form'
|
||||
import funding from './components/forms/funding'
|
||||
|
@ -79,13 +79,15 @@
|
||||
{{ "portfolios.applications.team_settings.add_to_environment" | translate }}
|
||||
{{ Icon("plus") }}
|
||||
</a>
|
||||
<button
|
||||
type="button"
|
||||
class='usa-button button-danger'
|
||||
v-on:click="openModal('{{ delete_modal_id }}')"
|
||||
>
|
||||
{{ "portfolios.members.archive_button" | translate }}
|
||||
</button>
|
||||
{% if user_can(permissions.DELETE_APPLICATION_MEMBER) %}
|
||||
<button
|
||||
type="button"
|
||||
class='usa-button button-danger'
|
||||
v-on:click="openModal('{{ delete_modal_id }}')"
|
||||
>
|
||||
{{ "portfolios.applications.remove_member.button" | translate }}
|
||||
</button>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endcall %}
|
||||
{{ member_form.user_id() }}
|
||||
|
@ -18,11 +18,11 @@ from atst.domain.environments import Environments
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
from atst.domain.portfolios import Portfolios
|
||||
from atst.domain.exceptions import NotFoundError
|
||||
|
||||
from atst.models.environment_role import CSPRole
|
||||
from atst.models.portfolio_role import Status as PortfolioRoleStatus
|
||||
from atst.forms.application import EditEnvironmentForm
|
||||
from atst.forms.app_settings import AppEnvRolesForm
|
||||
from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
|
||||
from tests.utils import captured_templates
|
||||
|
||||
@ -166,7 +166,7 @@ def test_data_for_app_env_roles_form(app, client, user_session):
|
||||
"env_id": env.id,
|
||||
"team_roles": [
|
||||
{
|
||||
"role": "no_access",
|
||||
"role": NO_ACCESS,
|
||||
"members": [
|
||||
{
|
||||
"user_id": str(app_role.user_id),
|
||||
@ -309,7 +309,7 @@ def test_update_team_env_roles(client, user_session):
|
||||
"envs-0-team_roles-1-members-1-user_id": env_role_2.user.id,
|
||||
"envs-0-team_roles-1-members-1-role_name": CSPRole.BASIC_ACCESS.value,
|
||||
"envs-0-team_roles-1-members-2-user_id": env_role_3.user.id,
|
||||
"envs-0-team_roles-1-members-2-role_name": "no_access",
|
||||
"envs-0-team_roles-1-members-2-role_name": NO_ACCESS,
|
||||
}
|
||||
|
||||
user_session(application.portfolio.owner)
|
||||
|
@ -4,6 +4,7 @@ from flask import url_for
|
||||
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
from atst.models import CSPRole
|
||||
from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
|
||||
from tests.factories import *
|
||||
|
||||
@ -120,8 +121,7 @@ def test_update_team_environment_roles(client, user_session):
|
||||
assert env_role.role == CSPRole.TECHNICAL_READ.value
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="Need to rebase against master")
|
||||
def test_update_team_revoke_environment_access(client, user_session):
|
||||
def test_update_team_revoke_environment_access(client, user_session, db, session):
|
||||
application = ApplicationFactory.create()
|
||||
owner = application.portfolio.owner
|
||||
app_role = ApplicationRoleFactory.create(
|
||||
@ -141,12 +141,13 @@ def test_update_team_revoke_environment_access(client, user_session):
|
||||
"members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
|
||||
"members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
|
||||
"members-0-environment_roles-0-environment_id": environment.id,
|
||||
"members-0-environment_roles-0-role": "",
|
||||
"members-0-environment_roles-0-role": NO_ACCESS,
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 302
|
||||
assert env_role.role == CSPRole.TECHNICAL_READ.value
|
||||
env_role_exists = db.exists().where(EnvironmentRole.id == env_role.id)
|
||||
assert not session.query(env_role_exists).scalar()
|
||||
|
||||
|
||||
def test_create_member(client, user_session):
|
||||
|
Loading…
x
Reference in New Issue
Block a user