From 41820813edf3fe53f74a04aa038a3093fabc4747 Mon Sep 17 00:00:00 2001 From: leigh-mil Date: Mon, 5 Aug 2019 15:06:17 -0400 Subject: [PATCH 1/4] Add in route for CCPO users page and permissions to view page --- atst/domain/permission_sets.py | 13 ++++++++++++- atst/models/permissions.py | 4 ++++ atst/routes/__init__.py | 6 ++++++ atst/routes/dev.py | 1 + templates/ccpo/users.html | 9 +++++++++ tests/test_access.py | 10 ++++++++++ 6 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 templates/ccpo/users.html diff --git a/atst/domain/permission_sets.py b/atst/domain/permission_sets.py index 1336bc92..51a91d2e 100644 --- a/atst/domain/permission_sets.py +++ b/atst/domain/permission_sets.py @@ -17,6 +17,7 @@ class PermissionSets(object): EDIT_PORTFOLIO_ADMIN = "edit_portfolio_admin" PORTFOLIO_POC = "portfolio_poc" VIEW_AUDIT_LOG = "view_audit_log" + EDIT_CCPO_USERS = "edit_ccpo_users" VIEW_APPLICATION = "view_application" EDIT_APPLICATION_ENVIRONMENTS = "edit_application_environments" @@ -56,7 +57,17 @@ ATAT_PERMISSION_SETS = [ "display_name": "View Audit Log", "description": "", "permissions": [Permissions.VIEW_AUDIT_LOG], - } + }, + { + "name": PermissionSets.EDIT_CCPO_USERS, + "display_name": "View Audit Log", + "description": "", + "permissions": [ + Permissions.VIEW_CCPO_USER, + Permissions.EDIT_CCPO_USER, + Permissions.DELETE_CCPO_USER, + ], + }, ] _PORTFOLIO_BASIC_PERMISSION_SETS = [ diff --git a/atst/models/permissions.py b/atst/models/permissions.py index 75991a64..a7d735b8 100644 --- a/atst/models/permissions.py +++ b/atst/models/permissions.py @@ -1,5 +1,9 @@ class Permissions(object): + # ccpo permissions VIEW_AUDIT_LOG = "view_audit_log" + VIEW_CCPO_USER = "view_ccpo_user" + EDIT_CCPO_USER = "edit_ccpo_user" + DELETE_CCPO_USER = "delete_ccpo_user" # base portfolio perms VIEW_PORTFOLIO = "view_portfolio" diff --git a/atst/routes/__init__.py b/atst/routes/__init__.py index ab919d74..9e138aca 100644 --- a/atst/routes/__init__.py +++ b/atst/routes/__init__.py @@ -132,6 +132,12 @@ def activity_history(): return render_template("audit_log/audit_log.html", audit_events=audit_events) +@bp.route("/ccpo-users") +@user_can(Permissions.VIEW_CCPO_USER, message="view ccpo users") +def ccpo_users(): + return render_template("ccpo/users.html") + + @bp.route("/about") def about(): return render_template("about.html") diff --git a/atst/routes/dev.py b/atst/routes/dev.py index aeb3cff0..2885ffbd 100644 --- a/atst/routes/dev.py +++ b/atst/routes/dev.py @@ -31,6 +31,7 @@ _ALL_PERMS = [ PermissionSets.EDIT_PORTFOLIO_ADMIN, PermissionSets.PORTFOLIO_POC, PermissionSets.VIEW_AUDIT_LOG, + PermissionSets.EDIT_CCPO_USERS, ] diff --git a/templates/ccpo/users.html b/templates/ccpo/users.html new file mode 100644 index 00000000..459d1554 --- /dev/null +++ b/templates/ccpo/users.html @@ -0,0 +1,9 @@ +{% extends "base.html" %} + +{% block content %} +
+ + CCPO Stuff goes here + +
+{% endblock %} diff --git a/tests/test_access.py b/tests/test_access.py index eefa2160..01692ac3 100644 --- a/tests/test_access.py +++ b/tests/test_access.py @@ -120,6 +120,16 @@ def test_atst_activity_history_access(get_url_assert_status): get_url_assert_status(rando, url, 404) +# atst.ccpo_users +def test_atst_ccpo_users_access(get_url_assert_status): + ccpo = user_with(PermissionSets.EDIT_CCPO_USERS) + rando = user_with() + + url = url_for("atst.ccpo_users") + get_url_assert_status(ccpo, url, 200) + get_url_assert_status(rando, url, 404) + + # applications.access_environment def test_applications_access_environment_access(get_url_assert_status): dev = UserFactory.create() From 90ae235cd006e1aed287591704b0fb989588bef9 Mon Sep 17 00:00:00 2001 From: leigh-mil Date: Mon, 5 Aug 2019 16:04:31 -0400 Subject: [PATCH 2/4] Create query to get all CCPO users --- atst/domain/users.py | 4 ++++ tests/domain/test_users.py | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/atst/domain/users.py b/atst/domain/users.py index daf69c68..a75a1f28 100644 --- a/atst/domain/users.py +++ b/atst/domain/users.py @@ -28,6 +28,10 @@ class Users(object): return user + @classmethod + def get_ccpo_users(cls): + return db.session.query(User).filter(User.permission_sets != None).all() + @classmethod def create(cls, dod_id, permission_sets=None, **kwargs): if permission_sets: diff --git a/tests/domain/test_users.py b/tests/domain/test_users.py index 116e5294..fda69a12 100644 --- a/tests/domain/test_users.py +++ b/tests/domain/test_users.py @@ -74,3 +74,14 @@ def test_update_user_with_last_login(): last_login = new_user.last_login Users.update_last_login(new_user) assert new_user.last_login > last_login + + +def test_get_ccpo_users(): + ccpo_1 = UserFactory.create_ccpo() + ccpo_2 = UserFactory.create_ccpo() + rando = UserFactory.create() + + ccpo_users = Users.get_ccpo_users() + assert ccpo_1 in ccpo_users + assert ccpo_2 in ccpo_users + assert rando not in ccpo_users From 083896a689e6a6ad8995a0131e2008ae621586b0 Mon Sep 17 00:00:00 2001 From: leigh-mil Date: Mon, 5 Aug 2019 16:11:24 -0400 Subject: [PATCH 3/4] Update template to show table of CCPO users --- atst/routes/__init__.py | 3 ++- templates/ccpo/users.html | 24 +++++++++++++++++++++--- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/atst/routes/__init__.py b/atst/routes/__init__.py index 9e138aca..0729d878 100644 --- a/atst/routes/__init__.py +++ b/atst/routes/__init__.py @@ -135,7 +135,8 @@ def activity_history(): @bp.route("/ccpo-users") @user_can(Permissions.VIEW_CCPO_USER, message="view ccpo users") def ccpo_users(): - return render_template("ccpo/users.html") + users = Users.get_ccpo_users() + return render_template("ccpo/users.html", users=users) @bp.route("/about") diff --git a/templates/ccpo/users.html b/templates/ccpo/users.html index 459d1554..f3d545de 100644 --- a/templates/ccpo/users.html +++ b/templates/ccpo/users.html @@ -2,8 +2,26 @@ {% block content %}
- - CCPO Stuff goes here - +
+ CCPO Users +
+ + + + + + + + + + {% for user in users %} + + + + + + {% endfor %} + +
NameEmailDoD ID
{{ user.full_name }}{{ user.email }}{{ user.dod_id }}
{% endblock %} From 9cf72e94668ed16763bec6f2129aec95eadae735 Mon Sep 17 00:00:00 2001 From: leigh-mil Date: Tue, 6 Aug 2019 10:38:58 -0400 Subject: [PATCH 4/4] Update name of permission --- atst/domain/permission_sets.py | 4 ++-- atst/routes/dev.py | 2 +- tests/test_access.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/atst/domain/permission_sets.py b/atst/domain/permission_sets.py index 51a91d2e..ab55feac 100644 --- a/atst/domain/permission_sets.py +++ b/atst/domain/permission_sets.py @@ -17,7 +17,7 @@ class PermissionSets(object): EDIT_PORTFOLIO_ADMIN = "edit_portfolio_admin" PORTFOLIO_POC = "portfolio_poc" VIEW_AUDIT_LOG = "view_audit_log" - EDIT_CCPO_USERS = "edit_ccpo_users" + MANAGE_CCPO_USERS = "manage_ccpo_users" VIEW_APPLICATION = "view_application" EDIT_APPLICATION_ENVIRONMENTS = "edit_application_environments" @@ -59,7 +59,7 @@ ATAT_PERMISSION_SETS = [ "permissions": [Permissions.VIEW_AUDIT_LOG], }, { - "name": PermissionSets.EDIT_CCPO_USERS, + "name": PermissionSets.MANAGE_CCPO_USERS, "display_name": "View Audit Log", "description": "", "permissions": [ diff --git a/atst/routes/dev.py b/atst/routes/dev.py index 2885ffbd..ed7adc43 100644 --- a/atst/routes/dev.py +++ b/atst/routes/dev.py @@ -31,7 +31,7 @@ _ALL_PERMS = [ PermissionSets.EDIT_PORTFOLIO_ADMIN, PermissionSets.PORTFOLIO_POC, PermissionSets.VIEW_AUDIT_LOG, - PermissionSets.EDIT_CCPO_USERS, + PermissionSets.MANAGE_CCPO_USERS, ] diff --git a/tests/test_access.py b/tests/test_access.py index 01692ac3..3a311894 100644 --- a/tests/test_access.py +++ b/tests/test_access.py @@ -122,7 +122,7 @@ def test_atst_activity_history_access(get_url_assert_status): # atst.ccpo_users def test_atst_ccpo_users_access(get_url_assert_status): - ccpo = user_with(PermissionSets.EDIT_CCPO_USERS) + ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS) rando = user_with() url = url_for("atst.ccpo_users")