From c6062c041860d686fbf2ff7572f0e95f9edf9a5b Mon Sep 17 00:00:00 2001 From: Montana Date: Wed, 23 Jan 2019 13:27:04 -0500 Subject: [PATCH 1/3] Allow CCPO to create TO on anyone's portfolio --- atst/domain/authz.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/atst/domain/authz.py b/atst/domain/authz.py index a893e0b1..5b476aad 100644 --- a/atst/domain/authz.py +++ b/atst/domain/authz.py @@ -6,7 +6,9 @@ from atst.domain.exceptions import UnauthorizedError class Authorization(object): @classmethod def has_portfolio_permission(cls, user, portfolio, permission): - return permission in PortfolioRoles.portfolio_role_permissions(portfolio, user) + return permission in PortfolioRoles.portfolio_role_permissions( + portfolio, user + ) or Authorization.is_ccpo(user) @classmethod def has_atat_permission(cls, user, permission): From 1d2befa6606e35783f28ffeb11dd01cb081e1c10 Mon Sep 17 00:00:00 2001 From: Montana Date: Wed, 23 Jan 2019 14:45:29 -0500 Subject: [PATCH 2/3] Fix test --- tests/domain/test_portfolios.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/domain/test_portfolios.py b/tests/domain/test_portfolios.py index 19bd649f..8d6e0284 100644 --- a/tests/domain/test_portfolios.py +++ b/tests/domain/test_portfolios.py @@ -298,8 +298,7 @@ def test_get_for_update_information(): assert portfolio == admin_ws ccpo = UserFactory.from_atat_role("ccpo") - with pytest.raises(UnauthorizedError): - Portfolios.get_for_update_information(ccpo, portfolio.id) + assert Portfolios.get_for_update_information(ccpo, portfolio.id) def test_can_create_portfolios_with_matching_names(): From ef85340baaa9d3d5193c150a15664daf7848e1fd Mon Sep 17 00:00:00 2001 From: Montana Date: Wed, 23 Jan 2019 15:47:00 -0500 Subject: [PATCH 3/3] Add to test --- tests/domain/test_portfolios.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/domain/test_portfolios.py b/tests/domain/test_portfolios.py index 8d6e0284..6c1da209 100644 --- a/tests/domain/test_portfolios.py +++ b/tests/domain/test_portfolios.py @@ -300,6 +300,10 @@ def test_get_for_update_information(): ccpo = UserFactory.from_atat_role("ccpo") assert Portfolios.get_for_update_information(ccpo, portfolio.id) + developer = UserFactory.from_atat_role("developer") + with pytest.raises(UnauthorizedError): + Portfolios.get_for_update_information(developer, portfolio.id) + def test_can_create_portfolios_with_matching_names(): portfolio_name = "Great Portfolio"