pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #845 from dod-ccpo/app-settings-role-id

Browse Source 
Use role ID for app settings table
This commit is contained in:
dandds
2019-05-28 11:43:56 -04:00
committed by GitHub
parent 48fbc1c997 43ea922218
commit 96ae1bba9d
11 changed files with 136 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
tests/domain/test_environments.py
View File

@@ -67,28 +67,35 @@ def test_update_env_roles_by_environment():
env_role_1 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
)
app_role_1 = ApplicationRoleFactory.create(
user=env_role_1.user, application=environment.application
)
env_role_2 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.NETWORK_ADMIN.value
)
app_role_2 = ApplicationRoleFactory.create(
user=env_role_2.user, application=environment.application
)
env_role_3 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.TECHNICAL_READ.value
)
for user in [env_role_1.user, env_role_2.user, env_role_3.user]:
ApplicationRoleFactory.create(user=user, application=environment.application)
app_role_3 = ApplicationRoleFactory.create(
user=env_role_3.user, application=environment.application
)
team_roles = [
{
"user_id": env_role_1.user.id,
"application_role_id": app_role_1.id,
"user_name": env_role_1.user.full_name,
"role_name": CSPRole.BUSINESS_READ.value,
},
{
"user_id": env_role_2.user.id,
"application_role_id": app_role_2.id,
"user_name": env_role_2.user.full_name,
"role_name": CSPRole.NETWORK_ADMIN.value,
},
{
"user_id": env_role_3.user.id,
"application_role_id": app_role_3.id,
"user_name": env_role_3.user.full_name,
"role_name": None,
},
@@ -136,36 +143,6 @@ def test_update_env_roles_by_member():
assert not EnvironmentRoles.get(user.id, testing.id)
def test_get_members_by_role(db):
environment = EnvironmentFactory.create()
env_role_1 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
)
env_role_2 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.TECHNICAL_READ.value
)
env_role_3 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.TECHNICAL_READ.value
)
rando_env = EnvironmentFactory.create()
rando_env_role = EnvironmentRoleFactory.create(
environment=rando_env, role=CSPRole.BASIC_ACCESS.value
)
basic_access_members = Environments.get_members_by_role(
environment, CSPRole.BASIC_ACCESS.value
)
technical_read_members = Environments.get_members_by_role(
environment, CSPRole.TECHNICAL_READ.value
)
assert basic_access_members == [env_role_1]
assert rando_env_role not in basic_access_members
assert technical_read_members == [env_role_2, env_role_3]
assert (
Environments.get_members_by_role(environment, CSPRole.BUSINESS_READ.value) == []
)
def test_get_scoped_environments(db):
developer = UserFactory.create()
portfolio = PortfolioFactory.create(

12
tests/models/test_application_role.py
View File

@@ -1,7 +1,7 @@
from atst.domain.permission_sets import PermissionSets
from atst.models.audit_event import AuditEvent
from tests.factories import PortfolioFactory, UserFactory
from tests.factories import *
def test_has_application_role_history(session):
@@ -38,3 +38,13 @@ def test_has_application_role_history(session):
old_state, new_state = changed_event.changed_state["permission_sets"]
assert old_state == [PermissionSets.VIEW_APPLICATION]
assert new_state == [PermissionSets.EDIT_APPLICATION_TEAM]
def test_environment_roles():
application = ApplicationFactory.create()
environment = EnvironmentFactory.create(application=application)
user = UserFactory.create()
application_role = ApplicationRoleFactory.create(application=application, user=user)
environment_role = EnvironmentRoleFactory.create(environment=environment, user=user)
assert application_role.environment_roles == [environment_role]

68
tests/routes/applications/test_settings.py
View File

@@ -10,7 +10,6 @@ from tests.factories import (
ApplicationFactory,
ApplicationRoleFactory,
)
from atst.routes.applications.settings import check_users_are_in_application
from atst.domain.applications import Applications
from atst.domain.environment_roles import EnvironmentRoles
@@ -140,15 +139,19 @@ def test_data_for_app_env_roles_form(app, client, user_session):
{"env"},
)
env = application.environments[0]
app_role = ApplicationRoleFactory.create(application=application)
app_role0 = ApplicationRoleFactory.create(application=application)
env_role1 = EnvironmentRoleFactory.create(
environment=env, role=CSPRole.BASIC_ACCESS.value
)
ApplicationRoleFactory.create(application=application, user=env_role1.user)
app_role1 = ApplicationRoleFactory.create(
application=application, user=env_role1.user
)
env_role2 = EnvironmentRoleFactory.create(
environment=env, role=CSPRole.NETWORK_ADMIN.value
)
ApplicationRoleFactory.create(application=application, user=env_role2.user)
app_role2 = ApplicationRoleFactory.create(
application=application, user=env_role2.user
)
user_session(portfolio.owner)
@@ -171,8 +174,8 @@ def test_data_for_app_env_roles_form(app, client, user_session):
"role": NO_ACCESS,
"members": [
{
"user_id": str(app_role.user_id),
"user_name": app_role.user.full_name,
"application_role_id": str(app_role0.id),
"user_name": app_role0.user.full_name,
"role_name": None,
}
],
@@ -181,7 +184,7 @@ def test_data_for_app_env_roles_form(app, client, user_session):
"role": CSPRole.BASIC_ACCESS.value,
"members": [
{
"user_id": str(env_role1.user_id),
"application_role_id": str(app_role1.id),
"user_name": env_role1.user.full_name,
"role_name": CSPRole.BASIC_ACCESS.value,
}
@@ -191,7 +194,7 @@ def test_data_for_app_env_roles_form(app, client, user_session):
"role": CSPRole.NETWORK_ADMIN.value,
"members": [
{
"user_id": str(env_role2.user_id),
"application_role_id": str(app_role2.id),
"user_name": env_role2.user.full_name,
"role_name": CSPRole.NETWORK_ADMIN.value,
}
@@ -260,57 +263,32 @@ def test_user_without_permission_cannot_update_application(client, user_session)
assert application.description == "Cool stuff happening here!"
def test_check_users_are_in_application_raises_NotFoundError():
application = ApplicationFactory.create()
app_user_1 = UserFactory.create()
app_user_2 = UserFactory.create()
for user in [app_user_1, app_user_2]:
ApplicationRoleFactory.create(user=user, application=application)
non_app_user = UserFactory.create()
user_ids = [app_user_1.id, app_user_2.id, non_app_user.id]
with pytest.raises(NotFoundError):
check_users_are_in_application(user_ids, application)
def test_check_users_are_in_application():
application = ApplicationFactory.create()
app_user_1 = UserFactory.create()
app_user_2 = UserFactory.create()
app_user_3 = UserFactory.create()
for user in [app_user_1, app_user_2, app_user_3]:
ApplicationRoleFactory.create(user=user, application=application)
user_ids = [str(app_user_1.id), str(app_user_2.id), str(app_user_3.id)]
assert check_users_are_in_application(user_ids, application)
def test_update_team_env_roles(client, user_session):
environment = EnvironmentFactory.create()
application = environment.application
app_role_1 = ApplicationRoleFactory.create(application=application)
env_role_1 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
environment=environment, role=CSPRole.BASIC_ACCESS.value, user=app_role_1.user
)
app_role_2 = ApplicationRoleFactory.create(application=application)
env_role_2 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
environment=environment, role=CSPRole.BASIC_ACCESS.value, user=app_role_2.user
)
app_role_3 = ApplicationRoleFactory.create(application=application)
env_role_3 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
environment=environment, role=CSPRole.BASIC_ACCESS.value, user=app_role_3.user
)
for user in [env_role_1.user, env_role_2.user, env_role_3.user]:
ApplicationRoleFactory.create(user=user, application=application)
app_role = ApplicationRoleFactory.create(application=application)
app_role_4 = ApplicationRoleFactory.create(application=application)
form_data = {
"envs-0-env_id": environment.id,
"envs-0-team_roles-0-members-0-user_id": app_role.user.id,
"envs-0-team_roles-0-members-0-application_role_id": app_role_4.id,
"envs-0-team_roles-0-members-0-role_name": CSPRole.TECHNICAL_READ.value,
"envs-0-team_roles-1-members-0-user_id": env_role_1.user.id,
"envs-0-team_roles-1-members-0-application_role_id": app_role_1.id,
"envs-0-team_roles-1-members-0-role_name": CSPRole.NETWORK_ADMIN.value,
"envs-0-team_roles-1-members-1-user_id": env_role_2.user.id,
"envs-0-team_roles-1-members-1-application_role_id": app_role_2.id,
"envs-0-team_roles-1-members-1-role_name": CSPRole.BASIC_ACCESS.value,
"envs-0-team_roles-1-members-2-user_id": env_role_3.user.id,
"envs-0-team_roles-1-members-2-application_role_id": app_role_3.id,
"envs-0-team_roles-1-members-2-role_name": NO_ACCESS,
}
@@ -325,7 +303,7 @@ def test_update_team_env_roles(client, user_session):
assert env_role_1.role == CSPRole.NETWORK_ADMIN.value
assert env_role_2.role == CSPRole.BASIC_ACCESS.value
assert not EnvironmentRoles.get(env_role_3.user.id, environment.id)
assert EnvironmentRoles.get(app_role.user.id, environment.id)
assert EnvironmentRoles.get(app_role_4.user.id, environment.id)
def test_user_can_only_access_apps_in_their_portfolio(client, user_session):