Add new permission

2019-01-07 16:11:07 -05:00
parent ef6d9a2c5f
commit 81af9f1c99
6 changed files with 11 additions and 3 deletions
--- a/atst/domain/audit_log.py
+++ b/atst/domain/audit_log.py
@@ -37,7 +37,7 @@ class AuditLog(object):
    @classmethod
    def get_workspace_events(cls, user, workspace_id, pagination_opts):
        Authorization.check_atat_permission(
-            user, Permissions.VIEW_AUDIT_LOG, "view audit log"
+            user, Permissions.VIEW_WORKSPACE_AUDIT_LOG, "view audit log"
        )
        return AuditEventQuery.get_ws_events(workspace_id, pagination_opts)

--- a/atst/domain/roles.py
+++ b/atst/domain/roles.py
@@ -44,6 +44,7 @@ ATAT_ROLES = [
            Permissions.ADD_TAG_TO_WORKSPACE,
            Permissions.REMOVE_TAG_FROM_WORKSPACE,
            Permissions.VIEW_AUDIT_LOG,
+            Permissions.VIEW_WORKSPACE_AUDIT_LOG,
        ],
    },
    {
@@ -84,6 +85,7 @@ WORKSPACE_ROLES = [
            Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
            Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
            Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
+            Permissions.VIEW_WORKSPACE_AUDIT_LOG,
        ],
    },
    {
@@ -111,6 +113,7 @@ WORKSPACE_ROLES = [
            Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
            Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
            Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
+            Permissions.VIEW_WORKSPACE_AUDIT_LOG,
        ],
    },
    {
--- a/atst/models/permissions.py
+++ b/atst/models/permissions.py
@@ -1,5 +1,6 @@
 class Permissions(object):
    VIEW_AUDIT_LOG = "view_audit_log"
+    VIEW_WORKSPACE_AUDIT_LOG = "view_workspace_audit_log"
    REQUEST_JEDI_WORKSPACE = "request_jedi_workspace"
    VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request"
    REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = (
--- a/atst/routes/workspaces/index.py
+++ b/atst/routes/workspaces/index.py
@@ -88,7 +88,10 @@ def workspace_reports(workspace_id):
 def workspace_activity(workspace_id):
    workspace = Workspaces.get(g.current_user, workspace_id)
    Authorization.check_workspace_permission(
-        g.current_user, workspace, Permissions.VIEW_AUDIT_LOG, "view workspace reports"
+        g.current_user,
+        workspace,
+        Permissions.VIEW_WORKSPACE_AUDIT_LOG,
+        "view workspace reports",
    )
    pagination_opts = Paginator.get_pagination_opts(http_request)
    audit_events = AuditLog.get_workspace_events(