Merge pull request #521 from dod-ccpo/view-ws-activity-log
View workspace activity log
This commit is contained in:
commit
95df0e7c12
@ -1,3 +1,5 @@
|
|||||||
|
from sqlalchemy import or_
|
||||||
|
|
||||||
from atst.database import db
|
from atst.database import db
|
||||||
from atst.domain.common import Query
|
from atst.domain.common import Query
|
||||||
from atst.domain.authz import Authorization, Permissions
|
from atst.domain.authz import Authorization, Permissions
|
||||||
@ -12,11 +14,25 @@ class AuditEventQuery(Query):
|
|||||||
query = db.session.query(cls.model).order_by(cls.model.time_created.desc())
|
query = db.session.query(cls.model).order_by(cls.model.time_created.desc())
|
||||||
return cls.paginate(query, pagination_opts)
|
return cls.paginate(query, pagination_opts)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def get_ws_events(cls, workspace_id, pagination_opts):
|
||||||
|
query = (
|
||||||
|
db.session.query(cls.model)
|
||||||
|
.filter(
|
||||||
|
or_(
|
||||||
|
cls.model.workspace_id == workspace_id,
|
||||||
|
cls.model.resource_id == workspace_id,
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.order_by(cls.model.time_created.desc())
|
||||||
|
)
|
||||||
|
return cls.paginate(query, pagination_opts)
|
||||||
|
|
||||||
|
|
||||||
class AuditLog(object):
|
class AuditLog(object):
|
||||||
@classmethod
|
@classmethod
|
||||||
def log_system_event(cls, resource, action):
|
def log_system_event(cls, resource, action, workspace=None):
|
||||||
return cls._log(resource=resource, action=action)
|
return cls._log(resource=resource, action=action, workspace=workspace)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_all_events(cls, user, pagination_opts=None):
|
def get_all_events(cls, user, pagination_opts=None):
|
||||||
@ -25,6 +41,16 @@ class AuditLog(object):
|
|||||||
)
|
)
|
||||||
return AuditEventQuery.get_all(pagination_opts)
|
return AuditEventQuery.get_all(pagination_opts)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def get_workspace_events(cls, user, workspace, pagination_opts=None):
|
||||||
|
Authorization.check_workspace_permission(
|
||||||
|
user,
|
||||||
|
workspace,
|
||||||
|
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
|
||||||
|
"view workspace audit log",
|
||||||
|
)
|
||||||
|
return AuditEventQuery.get_ws_events(workspace.id, pagination_opts)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_by_resource(cls, resource_id):
|
def get_by_resource(cls, resource_id):
|
||||||
return (
|
return (
|
||||||
@ -39,9 +65,10 @@ class AuditLog(object):
|
|||||||
return type(resource).__name__.lower()
|
return type(resource).__name__.lower()
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def _log(cls, user=None, workspace_id=None, resource=None, action=None):
|
def _log(cls, user=None, workspace=None, resource=None, action=None):
|
||||||
resource_id = resource.id if resource else None
|
resource_id = resource.id if resource else None
|
||||||
resource_type = cls._resource_type(resource) if resource else None
|
resource_type = cls._resource_type(resource) if resource else None
|
||||||
|
workspace_id = workspace.id if workspace else None
|
||||||
|
|
||||||
audit_event = AuditEventQuery.create(
|
audit_event = AuditEventQuery.create(
|
||||||
user=user,
|
user=user,
|
||||||
|
@ -1 +1,2 @@
|
|||||||
from .query import Query
|
from .query import Query
|
||||||
|
from .query import Paginator
|
||||||
|
@ -17,6 +17,13 @@ class Paginator(object):
|
|||||||
def __init__(self, query_set):
|
def __init__(self, query_set):
|
||||||
self.query_set = query_set
|
self.query_set = query_set
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def get_pagination_opts(cls, request, default_page=1, default_per_page=100):
|
||||||
|
return {
|
||||||
|
"page": int(request.args.get("page", default_page)),
|
||||||
|
"per_page": int(request.args.get("perPage", default_per_page)),
|
||||||
|
}
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def paginate(cls, query, pagination_opts=None):
|
def paginate(cls, query, pagination_opts=None):
|
||||||
if pagination_opts is not None:
|
if pagination_opts is not None:
|
||||||
|
@ -44,6 +44,7 @@ ATAT_ROLES = [
|
|||||||
Permissions.ADD_TAG_TO_WORKSPACE,
|
Permissions.ADD_TAG_TO_WORKSPACE,
|
||||||
Permissions.REMOVE_TAG_FROM_WORKSPACE,
|
Permissions.REMOVE_TAG_FROM_WORKSPACE,
|
||||||
Permissions.VIEW_AUDIT_LOG,
|
Permissions.VIEW_AUDIT_LOG,
|
||||||
|
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -84,6 +85,7 @@ WORKSPACE_ROLES = [
|
|||||||
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
|
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
|
||||||
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
|
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
|
||||||
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
|
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
|
||||||
|
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -111,6 +113,7 @@ WORKSPACE_ROLES = [
|
|||||||
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
|
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
|
||||||
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
|
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
|
||||||
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
|
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
|
||||||
|
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
class Permissions(object):
|
class Permissions(object):
|
||||||
VIEW_AUDIT_LOG = "view_audit_log"
|
VIEW_AUDIT_LOG = "view_audit_log"
|
||||||
|
VIEW_WORKSPACE_AUDIT_LOG = "view_workspace_audit_log"
|
||||||
REQUEST_JEDI_WORKSPACE = "request_jedi_workspace"
|
REQUEST_JEDI_WORKSPACE = "request_jedi_workspace"
|
||||||
VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request"
|
VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request"
|
||||||
REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = (
|
REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = (
|
||||||
|
@ -12,6 +12,7 @@ from atst.domain.users import Users
|
|||||||
from atst.domain.authnid import AuthenticationContext
|
from atst.domain.authnid import AuthenticationContext
|
||||||
from atst.domain.audit_log import AuditLog
|
from atst.domain.audit_log import AuditLog
|
||||||
from atst.domain.auth import logout as _logout
|
from atst.domain.auth import logout as _logout
|
||||||
|
from atst.domain.common import Paginator
|
||||||
from atst.utils.flash import formatted_flash as flash
|
from atst.utils.flash import formatted_flash as flash
|
||||||
|
|
||||||
|
|
||||||
@ -126,16 +127,9 @@ def logout():
|
|||||||
return redirect(url_for(".root"))
|
return redirect(url_for(".root"))
|
||||||
|
|
||||||
|
|
||||||
def get_pagination_opts(request, default_page=1, default_per_page=100):
|
|
||||||
return {
|
|
||||||
"page": int(request.args.get("page", default_page)),
|
|
||||||
"per_page": int(request.args.get("perPage", default_per_page)),
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/activity-history")
|
@bp.route("/activity-history")
|
||||||
def activity_history():
|
def activity_history():
|
||||||
pagination_opts = get_pagination_opts(request)
|
pagination_opts = Paginator.get_pagination_opts(request)
|
||||||
audit_events = AuditLog.get_all_events(g.current_user, pagination_opts)
|
audit_events = AuditLog.get_all_events(g.current_user, pagination_opts)
|
||||||
return render_template("audit_log/audit_log.html", audit_events=audit_events)
|
return render_template("audit_log/audit_log.html", audit_events=audit_events)
|
||||||
|
|
||||||
|
@ -5,8 +5,10 @@ from flask import render_template, request as http_request, g, redirect, url_for
|
|||||||
from . import workspaces_bp
|
from . import workspaces_bp
|
||||||
from atst.domain.reports import Reports
|
from atst.domain.reports import Reports
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
from atst.forms.workspace import WorkspaceForm
|
from atst.domain.audit_log import AuditLog
|
||||||
from atst.domain.authz import Authorization
|
from atst.domain.authz import Authorization
|
||||||
|
from atst.domain.common import Paginator
|
||||||
|
from atst.forms.workspace import WorkspaceForm
|
||||||
from atst.models.permissions import Permissions
|
from atst.models.permissions import Permissions
|
||||||
|
|
||||||
|
|
||||||
@ -80,3 +82,19 @@ def workspace_reports(workspace_id):
|
|||||||
expiration_date=expiration_date,
|
expiration_date=expiration_date,
|
||||||
remaining_days=remaining_days,
|
remaining_days=remaining_days,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@workspaces_bp.route("/workspaces/<workspace_id>/activity")
|
||||||
|
def workspace_activity(workspace_id):
|
||||||
|
workspace = Workspaces.get(g.current_user, workspace_id)
|
||||||
|
pagination_opts = Paginator.get_pagination_opts(http_request)
|
||||||
|
audit_events = AuditLog.get_workspace_events(
|
||||||
|
g.current_user, workspace, pagination_opts
|
||||||
|
)
|
||||||
|
|
||||||
|
return render_template(
|
||||||
|
"workspaces/activity/index.html",
|
||||||
|
workspace_name=workspace.name,
|
||||||
|
workspace_id=workspace_id,
|
||||||
|
audit_events=audit_events,
|
||||||
|
)
|
||||||
|
1
script/seed_roles.py
Normal file → Executable file
1
script/seed_roles.py
Normal file → Executable file
@ -1,3 +1,4 @@
|
|||||||
|
#! .venv/bin/python
|
||||||
# Add root project dir to the python path
|
# Add root project dir to the python path
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
|
@ -2,24 +2,8 @@
|
|||||||
{% from "components/pagination.html" import Pagination %}
|
{% from "components/pagination.html" import Pagination %}
|
||||||
|
|
||||||
{% block content %}
|
{% block content %}
|
||||||
|
|
||||||
<div v-cloak>
|
<div v-cloak>
|
||||||
<section class="block-list">
|
{% include "fragments/audit_events_log.html" %}
|
||||||
<header class="block-list__header">
|
{{ Pagination(audit_events, 'atst.activity_history')}}
|
||||||
<h1 class="block-list__title">{{ "audit_log.header_title" | translate }}</h1>
|
|
||||||
</header>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
{% for event in audit_events %}
|
|
||||||
<li class="block-list__item">
|
|
||||||
{% autoescape false %}
|
|
||||||
{{ event | renderAuditEvent }}
|
|
||||||
{% endautoescape %}
|
|
||||||
</li>
|
|
||||||
{% endfor %}
|
|
||||||
</ul>
|
|
||||||
</section>
|
|
||||||
|
|
||||||
{{ Pagination(audit_events, 'atst.activity_history') }}
|
|
||||||
</div>
|
</div>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{% macro Page(pagination, route, i, label=None, disabled=False) -%}
|
{% macro Page(pagination, route, i, label=None, disabled=False, workspace_id=None) -%}
|
||||||
{% set label = label or i %}
|
{% set label = label or i %}
|
||||||
|
|
||||||
{% set button_class = "page usa-button " %}
|
{% set button_class = "page usa-button " %}
|
||||||
@ -11,38 +11,43 @@
|
|||||||
{% set button_class = button_class + "usa-button-secondary" %}
|
{% set button_class = button_class + "usa-button-secondary" %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
<a id="{{ label }}" type="button" class="{{ button_class }}" href="{{ url_for(route, page=i, perPage=pagination.per_page) if not disabled else 'null' }}">{{ label }}</a>
|
<a id="{{ label }}" type="button" class="{{ button_class }}" href="{{ url_for(route, workspace_id=workspace_id, page=i, perPage=pagination.per_page) if not disabled else 'null' }}">{{ label }}</a>
|
||||||
{%- endmacro %}
|
{%- endmacro %}
|
||||||
|
|
||||||
{% macro Pagination(pagination, route) -%}
|
{% macro Pagination(pagination, route, workspace_id=None) -%}
|
||||||
<div class="pagination">
|
<div class="pagination">
|
||||||
|
|
||||||
|
{% if pagination.page == 1 %}
|
||||||
|
{{ Page(pagination, route, 1, label="first", disabled=True, workspace_id=workspace_id) }}
|
||||||
|
{{ Page(pagination, route, pagination.page - 1, label="prev", disabled=True, workspace_id=workspace_id) }}
|
||||||
|
{% else %}
|
||||||
|
{{ Page(pagination, route, 1, label="first", workspace_id=workspace_id) }}
|
||||||
|
{{ Page(pagination, route, pagination.page - 1, label="prev", workspace_id=workspace_id) }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if pagination.page == 1 %}
|
{% if pagination.page == 1 %}
|
||||||
{% set max_page = [pagination.pages, 5] | min %}
|
{% set max_page = [pagination.pages, 5] | min %}
|
||||||
{{ Page(pagination, route, 1, label="first", disabled=True) }}
|
|
||||||
{{ Page(pagination, route, pagination.page - 1, label="prev", disabled=True) }}
|
|
||||||
{% for i in range(1, max_page + 1) %}
|
{% for i in range(1, max_page + 1) %}
|
||||||
{{ Page(pagination, route, i) }}
|
{{ Page(pagination, route, i, workspace_id=workspace_id) }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ Page(pagination, route, pagination.page + 1, label="next") }}
|
|
||||||
{{ Page(pagination, route, pagination.pages, label="last") }}
|
|
||||||
{% elif pagination.page == pagination.pages %}
|
{% elif pagination.page == pagination.pages %}
|
||||||
{{ Page(pagination, route, 1, label="first") }}
|
|
||||||
{{ Page(pagination, route, pagination.page - 1, label="prev") }}
|
|
||||||
{% for i in range(pagination.pages - 4, pagination.pages + 1) %}
|
{% for i in range(pagination.pages - 4, pagination.pages + 1) %}
|
||||||
{{ Page(pagination, route, i) }}
|
{{ Page(pagination, route, i, workspace_id=workspace_id) }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ Page(pagination, route, pagination.page + 1, label="next", disabled=True) }}
|
|
||||||
{{ Page(pagination, route, pagination.pages, label="last", disabled=True) }}
|
|
||||||
{% else %}
|
{% else %}
|
||||||
{% set window = pagination | pageWindow %}
|
{% set window = pagination | pageWindow %}
|
||||||
{{ Page(pagination, route, 1, label="first") }}
|
|
||||||
{{ Page(pagination, route, pagination.page - 1, label="prev") }}
|
|
||||||
{% for i in range(window.0, window.1 + 1) %}
|
{% for i in range(window.0, window.1 + 1) %}
|
||||||
{{ Page(pagination, route, i) }}
|
{{ Page(pagination, route, i, workspace_id=workspace_id) }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ Page(pagination, route, pagination.page + 1, label="next") }}
|
|
||||||
{{ Page(pagination, route, pagination.pages, label="last") }}
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if pagination.page == pagination.pages %}
|
||||||
|
{{ Page(pagination, route, pagination.page + 1, label="next", disabled=True, workspace_id=workspace_id) }}
|
||||||
|
{{ Page(pagination, route, pagination.pages, label="last", disabled=True, workspace_id=workspace_id) }}
|
||||||
|
{% else %}
|
||||||
|
{{ Page(pagination, route, pagination.page + 1, label="next", workspace_id=workspace_id) }}
|
||||||
|
{{ Page(pagination, route, pagination.pages, label="last", workspace_id=workspace_id) }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
{%- endmacro %}
|
{%- endmacro %}
|
||||||
|
17
templates/fragments/audit_events_log.html
Normal file
17
templates/fragments/audit_events_log.html
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
{% from "components/pagination.html" import Pagination %}
|
||||||
|
|
||||||
|
<section class="block-list">
|
||||||
|
<header class="block-list__header">
|
||||||
|
<h1 class="block-list__title">{{ "audit_log.header_title" | translate }}</h1>
|
||||||
|
</header>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
{% for event in audit_events %}
|
||||||
|
<li class="block-list__item">
|
||||||
|
{% autoescape false %}
|
||||||
|
{{ event | renderAuditEvent }}
|
||||||
|
{% endautoescape %}
|
||||||
|
</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
</section>
|
@ -56,5 +56,13 @@
|
|||||||
) }}
|
) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if user_can(permissions.VIEW_WORKSPACE_AUDIT_LOG) %}
|
||||||
|
{{ SidenavItem(
|
||||||
|
("navigation.workspace_navigation.activity_log" | translate),
|
||||||
|
href=url_for("workspaces.workspace_activity", workspace_id=workspace.id),
|
||||||
|
active=request.url_rule.rule.startswith('/workspaces/<workspace_id>/activity')
|
||||||
|
) }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
</ul>
|
</ul>
|
||||||
</nav>
|
</nav>
|
||||||
|
9
templates/workspaces/activity/index.html
Normal file
9
templates/workspaces/activity/index.html
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{% extends "workspaces/base.html" %}
|
||||||
|
{% from "components/pagination.html" import Pagination %}
|
||||||
|
|
||||||
|
{% block workspace_content %}
|
||||||
|
<div v-cloak>
|
||||||
|
{% include "fragments/audit_events_log.html" %}
|
||||||
|
{{ Pagination(audit_events, 'workspaces.workspace_activity', workspace_id=workspace_id) }}
|
||||||
|
</div>
|
||||||
|
{% endblock %}
|
@ -2,7 +2,14 @@ import pytest
|
|||||||
|
|
||||||
from atst.domain.audit_log import AuditLog
|
from atst.domain.audit_log import AuditLog
|
||||||
from atst.domain.exceptions import UnauthorizedError
|
from atst.domain.exceptions import UnauthorizedError
|
||||||
from tests.factories import UserFactory
|
from atst.domain.roles import Roles
|
||||||
|
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||||
|
from tests.factories import (
|
||||||
|
UserFactory,
|
||||||
|
WorkspaceFactory,
|
||||||
|
WorkspaceRoleFactory,
|
||||||
|
ProjectFactory,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope="function")
|
@pytest.fixture(scope="function")
|
||||||
@ -21,7 +28,8 @@ def test_non_admin_cannot_view_audit_log(developer):
|
|||||||
|
|
||||||
|
|
||||||
def test_ccpo_can_view_audit_log(ccpo):
|
def test_ccpo_can_view_audit_log(ccpo):
|
||||||
AuditLog.get_all_events(ccpo)
|
events = AuditLog.get_all_events(ccpo)
|
||||||
|
assert len(events) > 0
|
||||||
|
|
||||||
|
|
||||||
def test_paginate_audit_log(ccpo):
|
def test_paginate_audit_log(ccpo):
|
||||||
@ -31,3 +39,72 @@ def test_paginate_audit_log(ccpo):
|
|||||||
|
|
||||||
events = AuditLog.get_all_events(ccpo, pagination_opts={"per_page": 25, "page": 2})
|
events = AuditLog.get_all_events(ccpo, pagination_opts={"per_page": 25, "page": 2})
|
||||||
assert len(events) == 25
|
assert len(events) == 25
|
||||||
|
|
||||||
|
|
||||||
|
def test_ccpo_can_view_ws_audit_log(ccpo):
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
events = AuditLog.get_workspace_events(ccpo, workspace)
|
||||||
|
assert len(events) > 0
|
||||||
|
|
||||||
|
|
||||||
|
def test_ws_admin_can_view_ws_audit_log():
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
admin = UserFactory.create()
|
||||||
|
WorkspaceRoleFactory.create(
|
||||||
|
workspace=workspace,
|
||||||
|
user=admin,
|
||||||
|
role=Roles.get("admin"),
|
||||||
|
status=WorkspaceRoleStatus.ACTIVE,
|
||||||
|
)
|
||||||
|
events = AuditLog.get_workspace_events(admin, workspace)
|
||||||
|
assert len(events) > 0
|
||||||
|
|
||||||
|
|
||||||
|
def test_ws_owner_can_view_ws_audit_log():
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
events = AuditLog.get_workspace_events(workspace.owner, workspace)
|
||||||
|
assert len(events) > 0
|
||||||
|
|
||||||
|
|
||||||
|
def test_other_users_cannot_view_ws_audit_log():
|
||||||
|
with pytest.raises(UnauthorizedError):
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
dev = UserFactory.create()
|
||||||
|
WorkspaceRoleFactory.create(
|
||||||
|
workspace=workspace,
|
||||||
|
user=dev,
|
||||||
|
role=Roles.get("developer"),
|
||||||
|
status=WorkspaceRoleStatus.ACTIVE,
|
||||||
|
)
|
||||||
|
AuditLog.get_workspace_events(dev, workspace)
|
||||||
|
|
||||||
|
|
||||||
|
def test_paginate_ws_audit_log():
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
project = ProjectFactory.create(workspace=workspace)
|
||||||
|
for _ in range(100):
|
||||||
|
AuditLog.log_system_event(
|
||||||
|
resource=project, action="create", workspace=workspace
|
||||||
|
)
|
||||||
|
|
||||||
|
events = AuditLog.get_workspace_events(
|
||||||
|
workspace.owner, workspace, pagination_opts={"per_page": 25, "page": 2}
|
||||||
|
)
|
||||||
|
assert len(events) == 25
|
||||||
|
|
||||||
|
|
||||||
|
def test_ws_audit_log_only_includes_current_ws_events():
|
||||||
|
owner = UserFactory.create()
|
||||||
|
workspace = WorkspaceFactory.create(owner=owner)
|
||||||
|
other_workspace = WorkspaceFactory.create(owner=owner)
|
||||||
|
# Add some audit events
|
||||||
|
project_1 = ProjectFactory.create(workspace=workspace)
|
||||||
|
project_2 = ProjectFactory.create(workspace=other_workspace)
|
||||||
|
|
||||||
|
events = AuditLog.get_workspace_events(workspace.owner, workspace)
|
||||||
|
for event in events:
|
||||||
|
assert event.workspace_id == workspace.id or event.resource_id == workspace.id
|
||||||
|
assert (
|
||||||
|
not event.workspace_id == other_workspace.id
|
||||||
|
or event.resource_id == other_workspace.id
|
||||||
|
)
|
||||||
|
@ -8,8 +8,10 @@ from tests.factories import (
|
|||||||
EnvironmentFactory,
|
EnvironmentFactory,
|
||||||
ProjectFactory,
|
ProjectFactory,
|
||||||
)
|
)
|
||||||
|
|
||||||
from atst.domain.projects import Projects
|
from atst.domain.projects import Projects
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
|
from atst.domain.roles import Roles
|
||||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||||
|
|
||||||
|
|
||||||
@ -36,6 +38,55 @@ def test_user_without_permission_has_no_budget_report_link(client, user_session)
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def test_user_with_permission_has_activity_log_link(client, user_session):
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
ccpo = UserFactory.from_atat_role("ccpo")
|
||||||
|
admin = UserFactory.create()
|
||||||
|
WorkspaceRoleFactory.create(
|
||||||
|
workspace=workspace,
|
||||||
|
user=admin,
|
||||||
|
role=Roles.get("admin"),
|
||||||
|
status=WorkspaceRoleStatus.ACTIVE,
|
||||||
|
)
|
||||||
|
|
||||||
|
user_session(workspace.owner)
|
||||||
|
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||||
|
assert (
|
||||||
|
'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data
|
||||||
|
)
|
||||||
|
|
||||||
|
# logs out previous user before creating a new session
|
||||||
|
user_session(admin)
|
||||||
|
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||||
|
assert (
|
||||||
|
'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data
|
||||||
|
)
|
||||||
|
|
||||||
|
user_session(ccpo)
|
||||||
|
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||||
|
assert (
|
||||||
|
'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def test_user_without_permission_has_no_activity_log_link(client, user_session):
|
||||||
|
workspace = WorkspaceFactory.create()
|
||||||
|
developer = UserFactory.create()
|
||||||
|
WorkspaceRoleFactory.create(
|
||||||
|
workspace=workspace,
|
||||||
|
user=developer,
|
||||||
|
role=Roles.get("developer"),
|
||||||
|
status=WorkspaceRoleStatus.ACTIVE,
|
||||||
|
)
|
||||||
|
|
||||||
|
user_session(developer)
|
||||||
|
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||||
|
assert (
|
||||||
|
'href="/workspaces/{}/activity"'.format(workspace.id).encode()
|
||||||
|
not in response.data
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def test_user_with_permission_has_add_project_link(client, user_session):
|
def test_user_with_permission_has_add_project_link(client, user_session):
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
user_session(workspace.owner)
|
user_session(workspace.owner)
|
||||||
|
@ -202,6 +202,7 @@ navigation:
|
|||||||
add_new_member_label: Add New Member
|
add_new_member_label: Add New Member
|
||||||
add_new_project_label: Add New Project
|
add_new_project_label: Add New Project
|
||||||
budget_report: Budget Report
|
budget_report: Budget Report
|
||||||
|
activity_log: Activity Log
|
||||||
members: Members
|
members: Members
|
||||||
projects: Projects
|
projects: Projects
|
||||||
task_orders: Task Orders
|
task_orders: Task Orders
|
||||||
|
Loading…
x
Reference in New Issue
Block a user