Merge pull request #570 from dod-ccpo/bug-start-to-from-pf-funding-page

Allow CCPO to create TO on anyone's portfolio

atst/domain/authz.py

@@ -6,7 +6,9 @@ from atst.domain.exceptions import UnauthorizedError
 class Authorization(object):
     @classmethod
     def has_portfolio_permission(cls, user, portfolio, permission):
-        return permission in PortfolioRoles.portfolio_role_permissions(portfolio, user)
+        return permission in PortfolioRoles.portfolio_role_permissions(
+            portfolio, user
+        ) or Authorization.is_ccpo(user)
 
     @classmethod
     def has_atat_permission(cls, user, permission):

tests/domain/test_portfolios.py

@@ -298,8 +298,11 @@ def test_get_for_update_information():
     assert portfolio == admin_ws
 
     ccpo = UserFactory.from_atat_role("ccpo")
+    assert Portfolios.get_for_update_information(ccpo, portfolio.id)
+
+    developer = UserFactory.from_atat_role("developer")
     with pytest.raises(UnauthorizedError):
-        Portfolios.get_for_update_information(ccpo, portfolio.id)
+        Portfolios.get_for_update_information(developer, portfolio.id)
 
 
 def test_can_create_portfolios_with_matching_names():