set portfolio member permission sets

atst/domain/portfolio_roles.py

@@ -80,7 +80,7 @@ class PortfolioRoles(object):
             raise NotFoundError("portfolio role")
 
     @classmethod
-    def add(cls, user, portfolio_id, role_name):
+    def add(cls, user, portfolio_id, role_name, permission_sets=None):
         role = Roles.get(role_name)
 
         new_portfolio_role = None
@@ -103,12 +103,31 @@ class PortfolioRoles(object):
                 status=PortfolioRoleStatus.PENDING,
             )
 
+        if permission_sets:
+            new_portfolio_role.permission_sets = PortfolioRoles._permission_sets_for_names(
+                permission_sets
+            )
+
         user.portfolio_roles.append(new_portfolio_role)
         db.session.add(user)
         db.session.commit()
 
         return new_portfolio_role
 
+    _DEFAULT_PORTFOLIO_PERMS_SETS = {
+        "view_portfolio_application_management",
+        "view_portfolio_funding",
+        "view_portfolio_reports",
+        "view_portfolio_admin",
+    }
+
+    @classmethod
+    def _permission_sets_for_names(cls, set_names):
+        perms_set_names = PortfolioRoles._DEFAULT_PORTFOLIO_PERMS_SETS.union(
+            set(set_names)
+        )
+        return [Roles.get(perms_set_name) for perms_set_name in perms_set_names]
+
     @classmethod
     def update_role(cls, portfolio_role, role_name):
         new_role = Roles.get(role_name)

atst/domain/portfolios/portfolios.py

@@ -105,11 +105,16 @@ class Portfolios(object):
             atat_role_name="default",
             provisional=True,
         )
-        return Portfolios.add_member(portfolio, new_user, data["portfolio_role"])
+        permission_sets = data.get("permission_sets", [])
+        return Portfolios.add_member(
+            portfolio, new_user, data["portfolio_role"], permission_sets=permission_sets
+        )
 
     @classmethod
-    def add_member(cls, portfolio, member, role_name):
-        portfolio_role = PortfolioRoles.add(member, portfolio.id, role_name)
+    def add_member(cls, portfolio, member, role_name, permission_sets=None):
+        portfolio_role = PortfolioRoles.add(
+            member, portfolio.id, role_name, permission_sets
+        )
         return portfolio_role
 
     @classmethod

atst/forms/new_member.py

@@ -32,3 +32,42 @@ class NewMemberForm(BaseForm):
         default="",
         description=translate("forms.new_member.portfolio_role_description"),
     )
+
+    perms_app_mgmt = SelectField(
+        None,
+        choices=[
+            ("view_portfolio_application_management", "View Only"),
+            ("edit_portfolio_application_management", "Edit Access"),
+        ],
+    )
+    perms_funding = SelectField(
+        None,
+        choices=[
+            ("view_portfolio_funding", "View Only"),
+            ("edit_portfolio_funding", "Edit Access"),
+        ],
+    )
+    perms_reporting = SelectField(
+        None,
+        choices=[
+            ("view_portfolio_reports", "View Only"),
+            ("edit_portfolio_reports", "Edit Access"),
+        ],
+    )
+    perms_portfolio_mgmt = SelectField(
+        None,
+        choices=[
+            ("view_portfolio_admin", "View Only"),
+            ("edit_portfolio_admin", "Edit Access"),
+        ],
+    )
+
+    @property
+    def data(self):
+        _data = super().data
+        _data["permission_sets"] = []
+        for field in _data:
+            if "perms" in field:
+                _data["permission_sets"].append(_data[field])
+
+        return _data