Use application_role.id to reference users in team page forms.

Membership in a resource should be decoupled from the users table.
2019-05-23 09:51:25 -04:00
parent da6ac57812
commit a332d1432e
6 changed files with 39 additions and 27 deletions
--- a/atst/domain/application_roles.py
+++ b/atst/domain/application_roles.py
@@ -47,6 +47,18 @@ class ApplicationRoles(object):

        return app_role

+    @classmethod
+    def get_by_id(cls, id_):
+        try:
+            return (
+                db.session.query(ApplicationRole)
+                .filter(ApplicationRole.id == id_)
+                .filter(ApplicationRole.status != ApplicationRoleStatus.DISABLED)
+                .one()
+            )
+        except NoResultFound:
+            raise NotFoundError("portfolio_role")
+
    @classmethod
    def update_permission_sets(cls, application_role, new_perm_sets_names):
        application_role.permission_sets = ApplicationRoles._permission_sets_for_names(
--- a/atst/forms/team.py
+++ b/atst/forms/team.py
@@ -61,7 +61,7 @@ class PermissionsForm(FlaskForm):


 class MemberForm(FlaskForm):
-    user_id = HiddenField(validators=[Required()])
+    role_id = HiddenField(validators=[Required()])
    user_name = StringField()
    environment_roles = FieldList(FormField(EnvironmentForm))
    permission_sets = FormField(PermissionsForm)
--- a/atst/routes/applications/team.py
+++ b/atst/routes/applications/team.py
@@ -27,8 +27,6 @@ def get_form_permission_value(member, edit_perm_set):
 def get_team_form(application):
    team_data = []
    for member in application.members:
-        user_id = member.user.id
-        user_name = member.user.full_name
        permission_sets = {
            "perms_team_mgmt": get_form_permission_value(
                member, PermissionSets.EDIT_APPLICATION_TEAM
@@ -53,8 +51,8 @@ def get_team_form(application):
        ]
        team_data.append(
            {
-                "user_id": str(user_id),
-                "user_name": user_name,
+                "role_id": member.id,
+                "user_name": member.user_name,
                "permission_sets": permission_sets,
                "environment_roles": environment_roles,
            }
@@ -99,7 +97,7 @@ def update_team(application_id):

    if form.validate():
        for member_form in form.members:
-            app_role = ApplicationRoles.get(member_form.user_id.data, application.id)
+            app_role = ApplicationRoles.get_by_id(member_form.role_id.data)
            new_perms = [
                perm
                for perm in member_form.data["permission_sets"]
@@ -108,12 +106,11 @@ def update_team(application_id):
            ApplicationRoles.update_permission_sets(app_role, new_perms)

            for environment_role_form in member_form.environment_roles:
-                user = Users.get(member_form.user_id.data)
                environment = Environments.get(
                    environment_role_form.environment_id.data
                )
                Environments.update_env_role(
-                    environment, user, environment_role_form.data.get("role")
+                    environment, app_role.user, environment_role_form.data.get("role")
                )

        flash("updated_application_team_settings", application_name=application.name)