Merge pull request #427 from dod-ccpo/remove-workspace-users
Consolidate WorkspaceUser into WorkspaceRole
This commit is contained in:
richard-dds
GitHub
@@ -1,4 +1,4 @@
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.workspace_roles import WorkspaceRoles
|
||||
from atst.models.permissions import Permissions
|
||||
from atst.domain.exceptions import UnauthorizedError
|
||||
|
||||
@@ -6,7 +6,7 @@ from atst.domain.exceptions import UnauthorizedError
|
||||
class Authorization(object):
|
||||
@classmethod
|
||||
def has_workspace_permission(cls, user, workspace, permission):
|
||||
return permission in WorkspaceUsers.workspace_user_permissions(workspace, user)
|
||||
return permission in WorkspaceRoles.workspace_role_permissions(workspace, user)
|
||||
|
||||
@classmethod
|
||||
def has_atat_permission(cls, user, permission):
|
||||
|
||||
@@ -58,7 +58,7 @@ class Environments(object):
|
||||
return env
|
||||
|
||||
@classmethod
|
||||
def update_environment_roles(cls, user, workspace, workspace_user, ids_and_roles):
|
||||
def update_environment_roles(cls, user, workspace, workspace_role, ids_and_roles):
|
||||
Authorization.check_workspace_permission(
|
||||
user,
|
||||
workspace,
|
||||
@@ -71,16 +71,16 @@ class Environments(object):
|
||||
environment = Environments.get(id_and_role["id"])
|
||||
|
||||
if new_role is None:
|
||||
EnvironmentRoles.delete(workspace_user.user.id, environment.id)
|
||||
EnvironmentRoles.delete(workspace_role.user.id, environment.id)
|
||||
else:
|
||||
env_role = EnvironmentRoles.get(
|
||||
workspace_user.user.id, id_and_role["id"]
|
||||
workspace_role.user.id, id_and_role["id"]
|
||||
)
|
||||
if env_role:
|
||||
env_role.role = new_role
|
||||
else:
|
||||
env_role = EnvironmentRole(
|
||||
user=workspace_user.user, environment=environment, role=new_role
|
||||
user=workspace_role.user, environment=environment, role=new_role
|
||||
)
|
||||
db.session.add(env_role)
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ from sqlalchemy.orm.exc import NoResultFound
|
||||
|
||||
from atst.database import db
|
||||
from atst.models.invitation import Invitation, Status as InvitationStatus
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.workspace_roles import WorkspaceRoles
|
||||
|
||||
from .exceptions import NotFoundError
|
||||
|
||||
@@ -83,7 +83,7 @@ class Invitations(object):
|
||||
|
||||
elif invite.is_pending:
|
||||
Invitations._update_status(invite, InvitationStatus.ACCEPTED)
|
||||
WorkspaceUsers.enable(invite.workspace_role)
|
||||
WorkspaceRoles.enable(invite.workspace_role)
|
||||
return invite
|
||||
|
||||
@classmethod
|
||||
|
||||
@@ -48,7 +48,7 @@ class Projects(object):
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def get_all(cls, user, workspace_user, workspace):
|
||||
def get_all(cls, user, workspace_role, workspace):
|
||||
Authorization.check_workspace_permission(
|
||||
user,
|
||||
workspace,
|
||||
|
||||
@@ -2,7 +2,6 @@ from sqlalchemy.orm.exc import NoResultFound
|
||||
|
||||
from atst.database import db
|
||||
from atst.models.workspace_role import WorkspaceRole, Status as WorkspaceRoleStatus
|
||||
from atst.models.workspace_user import WorkspaceUser
|
||||
from atst.models.user import User
|
||||
|
||||
from .roles import Roles
|
||||
@@ -10,14 +9,9 @@ from .users import Users
|
||||
from .exceptions import NotFoundError
|
||||
|
||||
|
||||
class WorkspaceUsers(object):
|
||||
class WorkspaceRoles(object):
|
||||
@classmethod
|
||||
def get(cls, workspace_id, user_id):
|
||||
try:
|
||||
user = Users.get(user_id)
|
||||
except NoResultFound:
|
||||
raise NotFoundError("user")
|
||||
|
||||
try:
|
||||
workspace_role = (
|
||||
db.session.query(WorkspaceRole)
|
||||
@@ -28,7 +22,7 @@ class WorkspaceUsers(object):
|
||||
except NoResultFound:
|
||||
workspace_role = None
|
||||
|
||||
return WorkspaceUser(user, workspace_role)
|
||||
return workspace_role
|
||||
|
||||
@classmethod
|
||||
def _get_active_workspace_role(cls, workspace_id, user_id):
|
||||
@@ -44,8 +38,8 @@ class WorkspaceUsers(object):
|
||||
return None
|
||||
|
||||
@classmethod
|
||||
def workspace_user_permissions(cls, workspace, user):
|
||||
workspace_role = WorkspaceUsers._get_active_workspace_role(
|
||||
def workspace_role_permissions(cls, workspace, user):
|
||||
workspace_role = WorkspaceRoles._get_active_workspace_role(
|
||||
workspace.id, user.id
|
||||
)
|
||||
atat_permissions = set(user.atat_role.permissions)
|
||||
@@ -94,23 +88,23 @@ class WorkspaceUsers(object):
|
||||
db.session.add(user)
|
||||
db.session.commit()
|
||||
|
||||
return WorkspaceUser(user, new_workspace_role)
|
||||
return new_workspace_role
|
||||
|
||||
@classmethod
|
||||
def update_role(cls, member, workspace_id, role_name):
|
||||
new_role = Roles.get(role_name)
|
||||
workspace_role = WorkspaceUsers._get_workspace_role(member.user, workspace_id)
|
||||
workspace_role = WorkspaceRoles._get_workspace_role(member.user, workspace_id)
|
||||
workspace_role.role = new_role
|
||||
|
||||
db.session.add(workspace_role)
|
||||
db.session.commit()
|
||||
return WorkspaceUser(member.user, workspace_role)
|
||||
return workspace_role
|
||||
|
||||
@classmethod
|
||||
def add_many(cls, workspace_id, workspace_user_dicts):
|
||||
workspace_users = []
|
||||
def add_many(cls, workspace_id, workspace_role_dicts):
|
||||
workspace_roles = []
|
||||
|
||||
for user_dict in workspace_user_dicts:
|
||||
for user_dict in workspace_role_dicts:
|
||||
try:
|
||||
user = Users.get(user_dict["id"])
|
||||
except NoResultFound:
|
||||
@@ -139,14 +133,13 @@ class WorkspaceUsers(object):
|
||||
)
|
||||
|
||||
user.workspace_roles.append(new_workspace_role)
|
||||
workspace_user = WorkspaceUser(user, new_workspace_role)
|
||||
workspace_users.append(workspace_user)
|
||||
workspace_roles.append(new_workspace_role)
|
||||
|
||||
db.session.add(user)
|
||||
|
||||
db.session.commit()
|
||||
|
||||
return workspace_users
|
||||
return workspace_roles
|
||||
|
||||
@classmethod
|
||||
def enable(cls, workspace_role):
|
||||
@@ -2,7 +2,7 @@ from atst.domain.roles import Roles
|
||||
from atst.domain.authz import Authorization
|
||||
from atst.models.permissions import Permissions
|
||||
from atst.domain.users import Users
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.workspace_roles import WorkspaceRoles
|
||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||
|
||||
from .query import WorkspacesQuery
|
||||
@@ -95,8 +95,8 @@ class Workspaces(object):
|
||||
|
||||
@classmethod
|
||||
def add_member(cls, workspace, member, role_name):
|
||||
workspace_user = WorkspaceUsers.add(member, workspace.id, role_name)
|
||||
return workspace_user
|
||||
workspace_role = WorkspaceRoles.add(member, workspace.id, role_name)
|
||||
return workspace_role
|
||||
|
||||
@classmethod
|
||||
def update_member(cls, user, workspace, member, role_name):
|
||||
@@ -107,7 +107,7 @@ class Workspaces(object):
|
||||
"edit workspace member",
|
||||
)
|
||||
|
||||
return WorkspaceUsers.update_role(member, workspace.id, role_name)
|
||||
return WorkspaceRoles.update_role(member, workspace.id, role_name)
|
||||
|
||||
@classmethod
|
||||
def _create_workspace_role(
|
||||
|
||||
@@ -4,7 +4,6 @@ from sqlalchemy.orm import relationship
|
||||
from atst.models import Base
|
||||
from atst.models.types import Id
|
||||
from atst.models import mixins
|
||||
from atst.models.workspace_user import WorkspaceUser
|
||||
from atst.utils import first_or_none
|
||||
|
||||
|
||||
@@ -39,7 +38,7 @@ class Workspace(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
||||
|
||||
@property
|
||||
def members(self):
|
||||
return [WorkspaceUser(role.user, role) for role in self.roles]
|
||||
return self.roles
|
||||
|
||||
@property
|
||||
def displayname(self):
|
||||
|
||||
@@ -6,6 +6,11 @@ from sqlalchemy.orm import relationship
|
||||
from atst.models import Base, mixins
|
||||
from .types import Id
|
||||
|
||||
from atst.database import db
|
||||
from atst.models.environment_role import EnvironmentRole
|
||||
from atst.models.project import Project
|
||||
from atst.models.environment import Environment
|
||||
|
||||
|
||||
class Status(Enum):
|
||||
ACTIVE = "active"
|
||||
@@ -61,6 +66,46 @@ class WorkspaceRole(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
||||
def has_dod_id_error(self):
|
||||
return self.latest_invitation and self.latest_invitation.is_rejected_wrong_user
|
||||
|
||||
@property
|
||||
def role_name(self):
|
||||
return self.role.name
|
||||
|
||||
@property
|
||||
def user_name(self):
|
||||
return self.user.full_name
|
||||
|
||||
@property
|
||||
def role_displayname(self):
|
||||
return self.role.display_name
|
||||
|
||||
@property
|
||||
def num_environment_roles(self):
|
||||
return (
|
||||
db.session.query(EnvironmentRole)
|
||||
.join(EnvironmentRole.environment)
|
||||
.join(Environment.project)
|
||||
.join(Project.workspace)
|
||||
.filter(Project.workspace_id == self.workspace_id)
|
||||
.filter(EnvironmentRole.user_id == self.user_id)
|
||||
.count()
|
||||
)
|
||||
|
||||
@property
|
||||
def environment_roles(self):
|
||||
return (
|
||||
db.session.query(EnvironmentRole)
|
||||
.join(EnvironmentRole.environment)
|
||||
.join(Environment.project)
|
||||
.join(Project.workspace)
|
||||
.filter(Project.workspace_id == self.workspace_id)
|
||||
.filter(EnvironmentRole.user_id == self.user_id)
|
||||
.all()
|
||||
)
|
||||
|
||||
@property
|
||||
def has_environment_roles(self):
|
||||
return self.num_environment_roles > 0
|
||||
|
||||
|
||||
Index(
|
||||
"workspace_role_user_workspace",
|
||||
|
||||
@@ -1,75 +0,0 @@
|
||||
from atst.database import db
|
||||
from atst.models.environment_role import EnvironmentRole
|
||||
from atst.models.project import Project
|
||||
from atst.models.environment import Environment
|
||||
|
||||
|
||||
class WorkspaceUser(object):
|
||||
def __init__(self, user, workspace_role):
|
||||
self.user = user
|
||||
self.workspace_role = workspace_role
|
||||
|
||||
@property
|
||||
def workspace(self):
|
||||
return self.workspace_role.workspace
|
||||
|
||||
@property
|
||||
def workspace_id(self):
|
||||
return self.workspace_role.workspace_id
|
||||
|
||||
@property
|
||||
def user_id(self):
|
||||
return self.user.id
|
||||
|
||||
@property
|
||||
def user_name(self):
|
||||
return self.user.full_name
|
||||
|
||||
@property
|
||||
def role(self):
|
||||
return self.workspace_role.role.name
|
||||
|
||||
@property
|
||||
def role_displayname(self):
|
||||
return self.workspace_role.role.display_name
|
||||
|
||||
@property
|
||||
def status(self):
|
||||
return self.workspace_role.display_status
|
||||
|
||||
@property
|
||||
def has_dod_id_error(self):
|
||||
return self.workspace_role.has_dod_id_error
|
||||
|
||||
@property
|
||||
def num_environment_roles(self):
|
||||
return (
|
||||
db.session.query(EnvironmentRole)
|
||||
.join(EnvironmentRole.environment)
|
||||
.join(Environment.project)
|
||||
.join(Project.workspace)
|
||||
.filter(Project.workspace_id == self.workspace_id)
|
||||
.filter(EnvironmentRole.user_id == self.user_id)
|
||||
.count()
|
||||
)
|
||||
|
||||
@property
|
||||
def environment_roles(self):
|
||||
return (
|
||||
db.session.query(EnvironmentRole)
|
||||
.join(EnvironmentRole.environment)
|
||||
.join(Environment.project)
|
||||
.join(Project.workspace)
|
||||
.filter(Project.workspace_id == self.workspace_id)
|
||||
.filter(EnvironmentRole.user_id == self.user_id)
|
||||
.all()
|
||||
)
|
||||
|
||||
@property
|
||||
def has_environment_roles(self):
|
||||
return self.num_environment_roles > 0
|
||||
|
||||
def __repr__(self):
|
||||
return "<WorkspaceUser(user='{}', role='{}', workspace='{}', num_environment_roles='{}')>".format(
|
||||
self.user_name, self.role, self.workspace.name, self.num_environment_roles
|
||||
)
|
||||
@@ -14,7 +14,7 @@ from atst.domain.exceptions import UnauthorizedError, AlreadyExistsError
|
||||
from atst.domain.projects import Projects
|
||||
from atst.domain.reports import Reports
|
||||
from atst.domain.workspaces import Workspaces
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.workspace_roles import WorkspaceRoles
|
||||
from atst.domain.environments import Environments
|
||||
from atst.domain.environment_roles import EnvironmentRoles
|
||||
from atst.forms.project import NewProjectForm, ProjectForm
|
||||
@@ -109,7 +109,7 @@ def workspace_members(workspace_id):
|
||||
members_list = [
|
||||
{
|
||||
"name": k.user_name,
|
||||
"status": k.status,
|
||||
"status": k.display_status,
|
||||
"id": k.user_id,
|
||||
"role": k.role_displayname,
|
||||
"num_env": k.num_environment_roles,
|
||||
@@ -258,9 +258,7 @@ def create_member(workspace_id):
|
||||
if form.validate():
|
||||
try:
|
||||
new_member = Workspaces.create_member(g.current_user, workspace, form.data)
|
||||
invite = Invitations.create(
|
||||
new_member.workspace_role, g.current_user, new_member.user
|
||||
)
|
||||
invite = Invitations.create(new_member, g.current_user, new_member.user)
|
||||
send_invite_email(
|
||||
g.current_user.full_name, invite.token, new_member.user.email
|
||||
)
|
||||
@@ -291,7 +289,7 @@ def view_member(workspace_id, member_id):
|
||||
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
|
||||
"edit this workspace user",
|
||||
)
|
||||
member = WorkspaceUsers.get(workspace_id, member_id)
|
||||
member = WorkspaceRoles.get(workspace_id, member_id)
|
||||
projects = Projects.get_all(g.current_user, member, workspace)
|
||||
form = EditMemberForm(workspace_role=member.role)
|
||||
editable = g.current_user == member.user
|
||||
@@ -319,7 +317,7 @@ def update_member(workspace_id, member_id):
|
||||
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
|
||||
"edit this workspace user",
|
||||
)
|
||||
member = WorkspaceUsers.get(workspace_id, member_id)
|
||||
member = WorkspaceRoles.get(workspace_id, member_id)
|
||||
|
||||
ids_and_roles = []
|
||||
form_dict = http_request.form.to_dict()
|
||||
|
||||
Reference in New Issue
Block a user