Add new permission

2019-01-07 16:11:07 -05:00 · 2019-01-07 16:11:07 -05:00 · 81af9f1c99
commit 81af9f1c99
parent ef6d9a2c5f
6 changed files with 11 additions and 3 deletions
--- a/atst/domain/audit_log.py
+++ b/atst/domain/audit_log.py
@ -37,7 +37,7 @@ class AuditLog(object):
    @classmethod
    def get_workspace_events(cls, user, workspace_id, pagination_opts):
        Authorization.check_atat_permission(
-            user, Permissions.VIEW_AUDIT_LOG, "view audit log"
+            user, Permissions.VIEW_WORKSPACE_AUDIT_LOG, "view audit log"
        )
        return AuditEventQuery.get_ws_events(workspace_id, pagination_opts)

--- a/atst/domain/roles.py
+++ b/atst/domain/roles.py
@ -44,6 +44,7 @@ ATAT_ROLES = [
            Permissions.ADD_TAG_TO_WORKSPACE,
            Permissions.REMOVE_TAG_FROM_WORKSPACE,
            Permissions.VIEW_AUDIT_LOG,
+            Permissions.VIEW_WORKSPACE_AUDIT_LOG,
        ],
    },
    {
@ -84,6 +85,7 @@ WORKSPACE_ROLES = [
            Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
            Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
            Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
+            Permissions.VIEW_WORKSPACE_AUDIT_LOG,
        ],
    },
    {
@ -111,6 +113,7 @@ WORKSPACE_ROLES = [
            Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
            Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
            Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
+            Permissions.VIEW_WORKSPACE_AUDIT_LOG,
        ],
    },
    {
--- a/atst/models/permissions.py
+++ b/atst/models/permissions.py
@ -1,5 +1,6 @@
 class Permissions(object):
    VIEW_AUDIT_LOG = "view_audit_log"
+    VIEW_WORKSPACE_AUDIT_LOG = "view_workspace_audit_log"
    REQUEST_JEDI_WORKSPACE = "request_jedi_workspace"
    VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request"
    REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = (
--- a/atst/routes/workspaces/index.py
+++ b/atst/routes/workspaces/index.py
@ -88,7 +88,10 @@ def workspace_reports(workspace_id):
 def workspace_activity(workspace_id):
    workspace = Workspaces.get(g.current_user, workspace_id)
    Authorization.check_workspace_permission(
-        g.current_user, workspace, Permissions.VIEW_AUDIT_LOG, "view workspace reports"
+        g.current_user,
+        workspace,
+        Permissions.VIEW_WORKSPACE_AUDIT_LOG,
+        "view workspace reports",
    )
    pagination_opts = Paginator.get_pagination_opts(http_request)
    audit_events = AuditLog.get_workspace_events(
--- a/script/seed_roles.py
+++ b/script/seed_roles.py
@ -1,3 +1,4 @@
+#! .venv/bin/python
 # Add root project dir to the python path
 import os
 import sys
--- a/templates/navigation/workspace_navigation.html
+++ b/templates/navigation/workspace_navigation.html
@ -56,7 +56,7 @@
      ) }}
    {% endif %}

-    {% if user_can(permissions.VIEW_AUDIT_LOG) %}
+    {% if user_can(permissions.VIEW_WORKSPACE_AUDIT_LOG) %}
      {{ SidenavItem(
        ("navigation.workspace_navigation.activity_log" | translate),
        href=url_for("workspaces.workspace_activity", workspace_id=workspace.id),