Merge pull request #427 from dod-ccpo/remove-workspace-users
Consolidate WorkspaceUser into WorkspaceRole
This commit is contained in:
commit
ab6e93550b
@ -1,4 +1,4 @@
|
|||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.models.permissions import Permissions
|
from atst.models.permissions import Permissions
|
||||||
from atst.domain.exceptions import UnauthorizedError
|
from atst.domain.exceptions import UnauthorizedError
|
||||||
|
|
||||||
@ -6,7 +6,7 @@ from atst.domain.exceptions import UnauthorizedError
|
|||||||
class Authorization(object):
|
class Authorization(object):
|
||||||
@classmethod
|
@classmethod
|
||||||
def has_workspace_permission(cls, user, workspace, permission):
|
def has_workspace_permission(cls, user, workspace, permission):
|
||||||
return permission in WorkspaceUsers.workspace_user_permissions(workspace, user)
|
return permission in WorkspaceRoles.workspace_role_permissions(workspace, user)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def has_atat_permission(cls, user, permission):
|
def has_atat_permission(cls, user, permission):
|
||||||
|
@ -58,7 +58,7 @@ class Environments(object):
|
|||||||
return env
|
return env
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def update_environment_roles(cls, user, workspace, workspace_user, ids_and_roles):
|
def update_environment_roles(cls, user, workspace, workspace_role, ids_and_roles):
|
||||||
Authorization.check_workspace_permission(
|
Authorization.check_workspace_permission(
|
||||||
user,
|
user,
|
||||||
workspace,
|
workspace,
|
||||||
@ -71,16 +71,16 @@ class Environments(object):
|
|||||||
environment = Environments.get(id_and_role["id"])
|
environment = Environments.get(id_and_role["id"])
|
||||||
|
|
||||||
if new_role is None:
|
if new_role is None:
|
||||||
EnvironmentRoles.delete(workspace_user.user.id, environment.id)
|
EnvironmentRoles.delete(workspace_role.user.id, environment.id)
|
||||||
else:
|
else:
|
||||||
env_role = EnvironmentRoles.get(
|
env_role = EnvironmentRoles.get(
|
||||||
workspace_user.user.id, id_and_role["id"]
|
workspace_role.user.id, id_and_role["id"]
|
||||||
)
|
)
|
||||||
if env_role:
|
if env_role:
|
||||||
env_role.role = new_role
|
env_role.role = new_role
|
||||||
else:
|
else:
|
||||||
env_role = EnvironmentRole(
|
env_role = EnvironmentRole(
|
||||||
user=workspace_user.user, environment=environment, role=new_role
|
user=workspace_role.user, environment=environment, role=new_role
|
||||||
)
|
)
|
||||||
db.session.add(env_role)
|
db.session.add(env_role)
|
||||||
|
|
||||||
|
@ -3,7 +3,7 @@ from sqlalchemy.orm.exc import NoResultFound
|
|||||||
|
|
||||||
from atst.database import db
|
from atst.database import db
|
||||||
from atst.models.invitation import Invitation, Status as InvitationStatus
|
from atst.models.invitation import Invitation, Status as InvitationStatus
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
|
|
||||||
from .exceptions import NotFoundError
|
from .exceptions import NotFoundError
|
||||||
|
|
||||||
@ -83,7 +83,7 @@ class Invitations(object):
|
|||||||
|
|
||||||
elif invite.is_pending:
|
elif invite.is_pending:
|
||||||
Invitations._update_status(invite, InvitationStatus.ACCEPTED)
|
Invitations._update_status(invite, InvitationStatus.ACCEPTED)
|
||||||
WorkspaceUsers.enable(invite.workspace_role)
|
WorkspaceRoles.enable(invite.workspace_role)
|
||||||
return invite
|
return invite
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
|
@ -48,7 +48,7 @@ class Projects(object):
|
|||||||
)
|
)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_all(cls, user, workspace_user, workspace):
|
def get_all(cls, user, workspace_role, workspace):
|
||||||
Authorization.check_workspace_permission(
|
Authorization.check_workspace_permission(
|
||||||
user,
|
user,
|
||||||
workspace,
|
workspace,
|
||||||
|
@ -2,7 +2,6 @@ from sqlalchemy.orm.exc import NoResultFound
|
|||||||
|
|
||||||
from atst.database import db
|
from atst.database import db
|
||||||
from atst.models.workspace_role import WorkspaceRole, Status as WorkspaceRoleStatus
|
from atst.models.workspace_role import WorkspaceRole, Status as WorkspaceRoleStatus
|
||||||
from atst.models.workspace_user import WorkspaceUser
|
|
||||||
from atst.models.user import User
|
from atst.models.user import User
|
||||||
|
|
||||||
from .roles import Roles
|
from .roles import Roles
|
||||||
@ -10,14 +9,9 @@ from .users import Users
|
|||||||
from .exceptions import NotFoundError
|
from .exceptions import NotFoundError
|
||||||
|
|
||||||
|
|
||||||
class WorkspaceUsers(object):
|
class WorkspaceRoles(object):
|
||||||
@classmethod
|
@classmethod
|
||||||
def get(cls, workspace_id, user_id):
|
def get(cls, workspace_id, user_id):
|
||||||
try:
|
|
||||||
user = Users.get(user_id)
|
|
||||||
except NoResultFound:
|
|
||||||
raise NotFoundError("user")
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
workspace_role = (
|
workspace_role = (
|
||||||
db.session.query(WorkspaceRole)
|
db.session.query(WorkspaceRole)
|
||||||
@ -28,7 +22,7 @@ class WorkspaceUsers(object):
|
|||||||
except NoResultFound:
|
except NoResultFound:
|
||||||
workspace_role = None
|
workspace_role = None
|
||||||
|
|
||||||
return WorkspaceUser(user, workspace_role)
|
return workspace_role
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def _get_active_workspace_role(cls, workspace_id, user_id):
|
def _get_active_workspace_role(cls, workspace_id, user_id):
|
||||||
@ -44,8 +38,8 @@ class WorkspaceUsers(object):
|
|||||||
return None
|
return None
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def workspace_user_permissions(cls, workspace, user):
|
def workspace_role_permissions(cls, workspace, user):
|
||||||
workspace_role = WorkspaceUsers._get_active_workspace_role(
|
workspace_role = WorkspaceRoles._get_active_workspace_role(
|
||||||
workspace.id, user.id
|
workspace.id, user.id
|
||||||
)
|
)
|
||||||
atat_permissions = set(user.atat_role.permissions)
|
atat_permissions = set(user.atat_role.permissions)
|
||||||
@ -94,23 +88,23 @@ class WorkspaceUsers(object):
|
|||||||
db.session.add(user)
|
db.session.add(user)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
return WorkspaceUser(user, new_workspace_role)
|
return new_workspace_role
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def update_role(cls, member, workspace_id, role_name):
|
def update_role(cls, member, workspace_id, role_name):
|
||||||
new_role = Roles.get(role_name)
|
new_role = Roles.get(role_name)
|
||||||
workspace_role = WorkspaceUsers._get_workspace_role(member.user, workspace_id)
|
workspace_role = WorkspaceRoles._get_workspace_role(member.user, workspace_id)
|
||||||
workspace_role.role = new_role
|
workspace_role.role = new_role
|
||||||
|
|
||||||
db.session.add(workspace_role)
|
db.session.add(workspace_role)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
return WorkspaceUser(member.user, workspace_role)
|
return workspace_role
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def add_many(cls, workspace_id, workspace_user_dicts):
|
def add_many(cls, workspace_id, workspace_role_dicts):
|
||||||
workspace_users = []
|
workspace_roles = []
|
||||||
|
|
||||||
for user_dict in workspace_user_dicts:
|
for user_dict in workspace_role_dicts:
|
||||||
try:
|
try:
|
||||||
user = Users.get(user_dict["id"])
|
user = Users.get(user_dict["id"])
|
||||||
except NoResultFound:
|
except NoResultFound:
|
||||||
@ -139,14 +133,13 @@ class WorkspaceUsers(object):
|
|||||||
)
|
)
|
||||||
|
|
||||||
user.workspace_roles.append(new_workspace_role)
|
user.workspace_roles.append(new_workspace_role)
|
||||||
workspace_user = WorkspaceUser(user, new_workspace_role)
|
workspace_roles.append(new_workspace_role)
|
||||||
workspace_users.append(workspace_user)
|
|
||||||
|
|
||||||
db.session.add(user)
|
db.session.add(user)
|
||||||
|
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
return workspace_users
|
return workspace_roles
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def enable(cls, workspace_role):
|
def enable(cls, workspace_role):
|
@ -2,7 +2,7 @@ from atst.domain.roles import Roles
|
|||||||
from atst.domain.authz import Authorization
|
from atst.domain.authz import Authorization
|
||||||
from atst.models.permissions import Permissions
|
from atst.models.permissions import Permissions
|
||||||
from atst.domain.users import Users
|
from atst.domain.users import Users
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||||
|
|
||||||
from .query import WorkspacesQuery
|
from .query import WorkspacesQuery
|
||||||
@ -95,8 +95,8 @@ class Workspaces(object):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def add_member(cls, workspace, member, role_name):
|
def add_member(cls, workspace, member, role_name):
|
||||||
workspace_user = WorkspaceUsers.add(member, workspace.id, role_name)
|
workspace_role = WorkspaceRoles.add(member, workspace.id, role_name)
|
||||||
return workspace_user
|
return workspace_role
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def update_member(cls, user, workspace, member, role_name):
|
def update_member(cls, user, workspace, member, role_name):
|
||||||
@ -107,7 +107,7 @@ class Workspaces(object):
|
|||||||
"edit workspace member",
|
"edit workspace member",
|
||||||
)
|
)
|
||||||
|
|
||||||
return WorkspaceUsers.update_role(member, workspace.id, role_name)
|
return WorkspaceRoles.update_role(member, workspace.id, role_name)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def _create_workspace_role(
|
def _create_workspace_role(
|
||||||
|
@ -4,7 +4,6 @@ from sqlalchemy.orm import relationship
|
|||||||
from atst.models import Base
|
from atst.models import Base
|
||||||
from atst.models.types import Id
|
from atst.models.types import Id
|
||||||
from atst.models import mixins
|
from atst.models import mixins
|
||||||
from atst.models.workspace_user import WorkspaceUser
|
|
||||||
from atst.utils import first_or_none
|
from atst.utils import first_or_none
|
||||||
|
|
||||||
|
|
||||||
@ -39,7 +38,7 @@ class Workspace(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
|||||||
|
|
||||||
@property
|
@property
|
||||||
def members(self):
|
def members(self):
|
||||||
return [WorkspaceUser(role.user, role) for role in self.roles]
|
return self.roles
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def displayname(self):
|
def displayname(self):
|
||||||
|
@ -6,6 +6,11 @@ from sqlalchemy.orm import relationship
|
|||||||
from atst.models import Base, mixins
|
from atst.models import Base, mixins
|
||||||
from .types import Id
|
from .types import Id
|
||||||
|
|
||||||
|
from atst.database import db
|
||||||
|
from atst.models.environment_role import EnvironmentRole
|
||||||
|
from atst.models.project import Project
|
||||||
|
from atst.models.environment import Environment
|
||||||
|
|
||||||
|
|
||||||
class Status(Enum):
|
class Status(Enum):
|
||||||
ACTIVE = "active"
|
ACTIVE = "active"
|
||||||
@ -61,6 +66,46 @@ class WorkspaceRole(Base, mixins.TimestampsMixin, mixins.AuditableMixin):
|
|||||||
def has_dod_id_error(self):
|
def has_dod_id_error(self):
|
||||||
return self.latest_invitation and self.latest_invitation.is_rejected_wrong_user
|
return self.latest_invitation and self.latest_invitation.is_rejected_wrong_user
|
||||||
|
|
||||||
|
@property
|
||||||
|
def role_name(self):
|
||||||
|
return self.role.name
|
||||||
|
|
||||||
|
@property
|
||||||
|
def user_name(self):
|
||||||
|
return self.user.full_name
|
||||||
|
|
||||||
|
@property
|
||||||
|
def role_displayname(self):
|
||||||
|
return self.role.display_name
|
||||||
|
|
||||||
|
@property
|
||||||
|
def num_environment_roles(self):
|
||||||
|
return (
|
||||||
|
db.session.query(EnvironmentRole)
|
||||||
|
.join(EnvironmentRole.environment)
|
||||||
|
.join(Environment.project)
|
||||||
|
.join(Project.workspace)
|
||||||
|
.filter(Project.workspace_id == self.workspace_id)
|
||||||
|
.filter(EnvironmentRole.user_id == self.user_id)
|
||||||
|
.count()
|
||||||
|
)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def environment_roles(self):
|
||||||
|
return (
|
||||||
|
db.session.query(EnvironmentRole)
|
||||||
|
.join(EnvironmentRole.environment)
|
||||||
|
.join(Environment.project)
|
||||||
|
.join(Project.workspace)
|
||||||
|
.filter(Project.workspace_id == self.workspace_id)
|
||||||
|
.filter(EnvironmentRole.user_id == self.user_id)
|
||||||
|
.all()
|
||||||
|
)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def has_environment_roles(self):
|
||||||
|
return self.num_environment_roles > 0
|
||||||
|
|
||||||
|
|
||||||
Index(
|
Index(
|
||||||
"workspace_role_user_workspace",
|
"workspace_role_user_workspace",
|
||||||
|
@ -1,75 +0,0 @@
|
|||||||
from atst.database import db
|
|
||||||
from atst.models.environment_role import EnvironmentRole
|
|
||||||
from atst.models.project import Project
|
|
||||||
from atst.models.environment import Environment
|
|
||||||
|
|
||||||
|
|
||||||
class WorkspaceUser(object):
|
|
||||||
def __init__(self, user, workspace_role):
|
|
||||||
self.user = user
|
|
||||||
self.workspace_role = workspace_role
|
|
||||||
|
|
||||||
@property
|
|
||||||
def workspace(self):
|
|
||||||
return self.workspace_role.workspace
|
|
||||||
|
|
||||||
@property
|
|
||||||
def workspace_id(self):
|
|
||||||
return self.workspace_role.workspace_id
|
|
||||||
|
|
||||||
@property
|
|
||||||
def user_id(self):
|
|
||||||
return self.user.id
|
|
||||||
|
|
||||||
@property
|
|
||||||
def user_name(self):
|
|
||||||
return self.user.full_name
|
|
||||||
|
|
||||||
@property
|
|
||||||
def role(self):
|
|
||||||
return self.workspace_role.role.name
|
|
||||||
|
|
||||||
@property
|
|
||||||
def role_displayname(self):
|
|
||||||
return self.workspace_role.role.display_name
|
|
||||||
|
|
||||||
@property
|
|
||||||
def status(self):
|
|
||||||
return self.workspace_role.display_status
|
|
||||||
|
|
||||||
@property
|
|
||||||
def has_dod_id_error(self):
|
|
||||||
return self.workspace_role.has_dod_id_error
|
|
||||||
|
|
||||||
@property
|
|
||||||
def num_environment_roles(self):
|
|
||||||
return (
|
|
||||||
db.session.query(EnvironmentRole)
|
|
||||||
.join(EnvironmentRole.environment)
|
|
||||||
.join(Environment.project)
|
|
||||||
.join(Project.workspace)
|
|
||||||
.filter(Project.workspace_id == self.workspace_id)
|
|
||||||
.filter(EnvironmentRole.user_id == self.user_id)
|
|
||||||
.count()
|
|
||||||
)
|
|
||||||
|
|
||||||
@property
|
|
||||||
def environment_roles(self):
|
|
||||||
return (
|
|
||||||
db.session.query(EnvironmentRole)
|
|
||||||
.join(EnvironmentRole.environment)
|
|
||||||
.join(Environment.project)
|
|
||||||
.join(Project.workspace)
|
|
||||||
.filter(Project.workspace_id == self.workspace_id)
|
|
||||||
.filter(EnvironmentRole.user_id == self.user_id)
|
|
||||||
.all()
|
|
||||||
)
|
|
||||||
|
|
||||||
@property
|
|
||||||
def has_environment_roles(self):
|
|
||||||
return self.num_environment_roles > 0
|
|
||||||
|
|
||||||
def __repr__(self):
|
|
||||||
return "<WorkspaceUser(user='{}', role='{}', workspace='{}', num_environment_roles='{}')>".format(
|
|
||||||
self.user_name, self.role, self.workspace.name, self.num_environment_roles
|
|
||||||
)
|
|
@ -14,7 +14,7 @@ from atst.domain.exceptions import UnauthorizedError, AlreadyExistsError
|
|||||||
from atst.domain.projects import Projects
|
from atst.domain.projects import Projects
|
||||||
from atst.domain.reports import Reports
|
from atst.domain.reports import Reports
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.domain.environments import Environments
|
from atst.domain.environments import Environments
|
||||||
from atst.domain.environment_roles import EnvironmentRoles
|
from atst.domain.environment_roles import EnvironmentRoles
|
||||||
from atst.forms.project import NewProjectForm, ProjectForm
|
from atst.forms.project import NewProjectForm, ProjectForm
|
||||||
@ -109,7 +109,7 @@ def workspace_members(workspace_id):
|
|||||||
members_list = [
|
members_list = [
|
||||||
{
|
{
|
||||||
"name": k.user_name,
|
"name": k.user_name,
|
||||||
"status": k.status,
|
"status": k.display_status,
|
||||||
"id": k.user_id,
|
"id": k.user_id,
|
||||||
"role": k.role_displayname,
|
"role": k.role_displayname,
|
||||||
"num_env": k.num_environment_roles,
|
"num_env": k.num_environment_roles,
|
||||||
@ -258,9 +258,7 @@ def create_member(workspace_id):
|
|||||||
if form.validate():
|
if form.validate():
|
||||||
try:
|
try:
|
||||||
new_member = Workspaces.create_member(g.current_user, workspace, form.data)
|
new_member = Workspaces.create_member(g.current_user, workspace, form.data)
|
||||||
invite = Invitations.create(
|
invite = Invitations.create(new_member, g.current_user, new_member.user)
|
||||||
new_member.workspace_role, g.current_user, new_member.user
|
|
||||||
)
|
|
||||||
send_invite_email(
|
send_invite_email(
|
||||||
g.current_user.full_name, invite.token, new_member.user.email
|
g.current_user.full_name, invite.token, new_member.user.email
|
||||||
)
|
)
|
||||||
@ -291,7 +289,7 @@ def view_member(workspace_id, member_id):
|
|||||||
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
|
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
|
||||||
"edit this workspace user",
|
"edit this workspace user",
|
||||||
)
|
)
|
||||||
member = WorkspaceUsers.get(workspace_id, member_id)
|
member = WorkspaceRoles.get(workspace_id, member_id)
|
||||||
projects = Projects.get_all(g.current_user, member, workspace)
|
projects = Projects.get_all(g.current_user, member, workspace)
|
||||||
form = EditMemberForm(workspace_role=member.role)
|
form = EditMemberForm(workspace_role=member.role)
|
||||||
editable = g.current_user == member.user
|
editable = g.current_user == member.user
|
||||||
@ -319,7 +317,7 @@ def update_member(workspace_id, member_id):
|
|||||||
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
|
Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
|
||||||
"edit this workspace user",
|
"edit this workspace user",
|
||||||
)
|
)
|
||||||
member = WorkspaceUsers.get(workspace_id, member_id)
|
member = WorkspaceRoles.get(workspace_id, member_id)
|
||||||
|
|
||||||
ids_and_roles = []
|
ids_and_roles = []
|
||||||
form_dict = http_request.form.to_dict()
|
form_dict = http_request.form.to_dict()
|
||||||
|
@ -11,7 +11,7 @@ from atst.domain.users import Users
|
|||||||
from atst.domain.requests import Requests
|
from atst.domain.requests import Requests
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
from atst.domain.projects import Projects
|
from atst.domain.projects import Projects
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.domain.exceptions import AlreadyExistsError
|
from atst.domain.exceptions import AlreadyExistsError
|
||||||
from tests.factories import RequestFactory, TaskOrderFactory
|
from tests.factories import RequestFactory, TaskOrderFactory
|
||||||
from atst.routes.dev import _DEV_USERS as DEV_USERS
|
from atst.routes.dev import _DEV_USERS as DEV_USERS
|
||||||
@ -74,9 +74,9 @@ def seed_db():
|
|||||||
workspace = Workspaces.create(
|
workspace = Workspaces.create(
|
||||||
request, name="{}'s workspace".format(user.first_name)
|
request, name="{}'s workspace".format(user.first_name)
|
||||||
)
|
)
|
||||||
for workspace_user in WORKSPACE_USERS:
|
for workspace_role in WORKSPACE_USERS:
|
||||||
ws_user = Workspaces.create_member(user, workspace, workspace_user)
|
ws_role = Workspaces.create_member(user, workspace, workspace_role)
|
||||||
WorkspaceUsers.enable(ws_user.workspace_role)
|
WorkspaceRoles.enable(ws_role)
|
||||||
|
|
||||||
Projects.create(
|
Projects.create(
|
||||||
user,
|
user,
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
from atst.domain.environments import Environments
|
from atst.domain.environments import Environments
|
||||||
from atst.domain.environment_roles import EnvironmentRoles
|
from atst.domain.environment_roles import EnvironmentRoles
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
|
|
||||||
from tests.factories import UserFactory, WorkspaceFactory
|
from tests.factories import UserFactory, WorkspaceFactory
|
||||||
|
|
||||||
@ -37,12 +37,12 @@ def test_update_environment_roles():
|
|||||||
{"id": staging_env.id, "role": "developer"},
|
{"id": staging_env.id, "role": "developer"},
|
||||||
]
|
]
|
||||||
|
|
||||||
workspace_user = workspace.members[0]
|
workspace_role = workspace.members[0]
|
||||||
Environments.update_environment_roles(
|
Environments.update_environment_roles(
|
||||||
owner, workspace, workspace_user, new_ids_and_roles
|
owner, workspace, workspace_role, new_ids_and_roles
|
||||||
)
|
)
|
||||||
new_dev_env_role = EnvironmentRoles.get(workspace_user.user.id, dev_env.id)
|
new_dev_env_role = EnvironmentRoles.get(workspace_role.user.id, dev_env.id)
|
||||||
staging_env_role = EnvironmentRoles.get(workspace_user.user.id, staging_env.id)
|
staging_env_role = EnvironmentRoles.get(workspace_role.user.id, staging_env.id)
|
||||||
|
|
||||||
assert new_dev_env_role.role == "billing_admin"
|
assert new_dev_env_role.role == "billing_admin"
|
||||||
assert staging_env_role.role == "developer"
|
assert staging_env_role.role == "developer"
|
||||||
@ -88,12 +88,12 @@ def test_remove_environment_role():
|
|||||||
{"id": now_none, "role": None},
|
{"id": now_none, "role": None},
|
||||||
]
|
]
|
||||||
|
|
||||||
workspace_user = WorkspaceUsers.get(workspace.id, developer.id)
|
workspace_role = WorkspaceRoles.get(workspace.id, developer.id)
|
||||||
Environments.update_environment_roles(
|
Environments.update_environment_roles(
|
||||||
owner, workspace, workspace_user, new_environment_roles
|
owner, workspace, workspace_role, new_environment_roles
|
||||||
)
|
)
|
||||||
|
|
||||||
assert workspace_user.num_environment_roles == 2
|
assert workspace_role.num_environment_roles == 2
|
||||||
assert EnvironmentRoles.get(developer.id, now_ba).role == "billing_auditor"
|
assert EnvironmentRoles.get(developer.id, now_ba).role == "billing_auditor"
|
||||||
assert EnvironmentRoles.get(developer.id, now_none) is None
|
assert EnvironmentRoles.get(developer.id, now_none) is None
|
||||||
assert EnvironmentRoles.get(developer.id, still_fa).role == "financial_auditor"
|
assert EnvironmentRoles.get(developer.id, still_fa).role == "financial_auditor"
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.domain.users import Users
|
from atst.domain.users import Users
|
||||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||||
from atst.domain.roles import Roles
|
from atst.domain.roles import Roles
|
||||||
@ -11,40 +11,34 @@ from tests.factories import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
def test_can_create_new_workspace_user():
|
def test_can_create_new_workspace_role():
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
new_user = UserFactory.create()
|
new_user = UserFactory.create()
|
||||||
|
|
||||||
workspace_user_dicts = [{"id": new_user.id, "workspace_role": "owner"}]
|
workspace_role_dicts = [{"id": new_user.id, "workspace_role": "owner"}]
|
||||||
workspace_users = WorkspaceUsers.add_many(workspace.id, workspace_user_dicts)
|
workspace_roles = WorkspaceRoles.add_many(workspace.id, workspace_role_dicts)
|
||||||
|
|
||||||
assert workspace_users[0].user.id == new_user.id
|
assert workspace_roles[0].user_id == new_user.id
|
||||||
assert workspace_users[0].user.atat_role.name == new_user.atat_role.name
|
assert workspace_roles[0].user.atat_role.name == new_user.atat_role.name
|
||||||
assert (
|
assert workspace_roles[0].role.name == new_user.workspace_roles[0].role.name
|
||||||
workspace_users[0].workspace_role.role.name
|
|
||||||
== new_user.workspace_roles[0].role.name
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def test_can_update_existing_workspace_user():
|
def test_can_update_existing_workspace_role():
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
new_user = UserFactory.create()
|
new_user = UserFactory.create()
|
||||||
|
|
||||||
WorkspaceUsers.add_many(
|
WorkspaceRoles.add_many(
|
||||||
workspace.id, [{"id": new_user.id, "workspace_role": "owner"}]
|
workspace.id, [{"id": new_user.id, "workspace_role": "owner"}]
|
||||||
)
|
)
|
||||||
workspace_users = WorkspaceUsers.add_many(
|
workspace_roles = WorkspaceRoles.add_many(
|
||||||
workspace.id, [{"id": new_user.id, "workspace_role": "developer"}]
|
workspace.id, [{"id": new_user.id, "workspace_role": "developer"}]
|
||||||
)
|
)
|
||||||
|
|
||||||
assert workspace_users[0].user.atat_role.name == new_user.atat_role.name
|
assert workspace_roles[0].user.atat_role.name == new_user.atat_role.name
|
||||||
assert (
|
assert workspace_roles[0].role.name == new_user.workspace_roles[0].role.name
|
||||||
workspace_users[0].workspace_role.role.name
|
|
||||||
== new_user.workspace_roles[0].role.name
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def test_workspace_user_permissions():
|
def test_workspace_role_permissions():
|
||||||
workspace_one = WorkspaceFactory.create()
|
workspace_one = WorkspaceFactory.create()
|
||||||
workspace_two = WorkspaceFactory.create()
|
workspace_two = WorkspaceFactory.create()
|
||||||
new_user = UserFactory.create()
|
new_user = UserFactory.create()
|
||||||
@ -61,5 +55,5 @@ def test_workspace_user_permissions():
|
|||||||
status=WorkspaceRoleStatus.PENDING,
|
status=WorkspaceRoleStatus.PENDING,
|
||||||
)
|
)
|
||||||
|
|
||||||
assert WorkspaceUsers.workspace_user_permissions(workspace_one, new_user)
|
assert WorkspaceRoles.workspace_role_permissions(workspace_one, new_user)
|
||||||
assert not WorkspaceUsers.workspace_user_permissions(workspace_two, new_user)
|
assert not WorkspaceRoles.workspace_role_permissions(workspace_two, new_user)
|
||||||
|
@ -3,7 +3,7 @@ from uuid import uuid4
|
|||||||
|
|
||||||
from atst.domain.exceptions import NotFoundError, UnauthorizedError
|
from atst.domain.exceptions import NotFoundError, UnauthorizedError
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.domain.projects import Projects
|
from atst.domain.projects import Projects
|
||||||
from atst.domain.environments import Environments
|
from atst.domain.environments import Environments
|
||||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||||
@ -75,13 +75,13 @@ def test_get_for_update_projects_allows_owner(workspace, workspace_owner):
|
|||||||
|
|
||||||
def test_get_for_update_projects_blocks_developer(workspace):
|
def test_get_for_update_projects_blocks_developer(workspace):
|
||||||
developer = UserFactory.create()
|
developer = UserFactory.create()
|
||||||
WorkspaceUsers.add(developer, workspace.id, "developer")
|
WorkspaceRoles.add(developer, workspace.id, "developer")
|
||||||
|
|
||||||
with pytest.raises(UnauthorizedError):
|
with pytest.raises(UnauthorizedError):
|
||||||
Workspaces.get_for_update_projects(developer, workspace.id)
|
Workspaces.get_for_update_projects(developer, workspace.id)
|
||||||
|
|
||||||
|
|
||||||
def test_can_create_workspace_user(workspace, workspace_owner):
|
def test_can_create_workspace_role(workspace, workspace_owner):
|
||||||
user_data = {
|
user_data = {
|
||||||
"first_name": "New",
|
"first_name": "New",
|
||||||
"last_name": "User",
|
"last_name": "User",
|
||||||
@ -111,7 +111,7 @@ def test_can_add_existing_user_to_workspace(workspace, workspace_owner):
|
|||||||
assert not new_member.user.provisional
|
assert not new_member.user.provisional
|
||||||
|
|
||||||
|
|
||||||
def test_need_permission_to_create_workspace_user(workspace, workspace_owner):
|
def test_need_permission_to_create_workspace_role(workspace, workspace_owner):
|
||||||
random_user = UserFactory.create()
|
random_user = UserFactory.create()
|
||||||
|
|
||||||
user_data = {
|
user_data = {
|
||||||
@ -126,7 +126,7 @@ def test_need_permission_to_create_workspace_user(workspace, workspace_owner):
|
|||||||
Workspaces.create_member(random_user, workspace, user_data)
|
Workspaces.create_member(random_user, workspace, user_data)
|
||||||
|
|
||||||
|
|
||||||
def test_update_workspace_user_role(workspace, workspace_owner):
|
def test_update_workspace_role_role(workspace, workspace_owner):
|
||||||
user_data = {
|
user_data = {
|
||||||
"first_name": "New",
|
"first_name": "New",
|
||||||
"last_name": "User",
|
"last_name": "User",
|
||||||
@ -141,10 +141,10 @@ def test_update_workspace_user_role(workspace, workspace_owner):
|
|||||||
workspace_owner, workspace, member, role_name
|
workspace_owner, workspace, member, role_name
|
||||||
)
|
)
|
||||||
assert updated_member.workspace == workspace
|
assert updated_member.workspace == workspace
|
||||||
assert updated_member.role == role_name
|
assert updated_member.role_name == role_name
|
||||||
|
|
||||||
|
|
||||||
def test_need_permission_to_update_workspace_user_role(workspace, workspace_owner):
|
def test_need_permission_to_update_workspace_role_role(workspace, workspace_owner):
|
||||||
random_user = UserFactory.create()
|
random_user = UserFactory.create()
|
||||||
user_data = {
|
user_data = {
|
||||||
"first_name": "New",
|
"first_name": "New",
|
||||||
|
@ -3,7 +3,7 @@ import datetime
|
|||||||
from atst.domain.environments import Environments
|
from atst.domain.environments import Environments
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
from atst.domain.projects import Projects
|
from atst.domain.projects import Projects
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.models.workspace_role import Status
|
from atst.models.workspace_role import Status
|
||||||
from atst.models.invitation import Status as InvitationStatus
|
from atst.models.invitation import Status as InvitationStatus
|
||||||
from tests.factories import (
|
from tests.factories import (
|
||||||
@ -25,9 +25,9 @@ def test_has_no_environment_roles():
|
|||||||
}
|
}
|
||||||
|
|
||||||
workspace = Workspaces.create(RequestFactory.create(creator=owner))
|
workspace = Workspaces.create(RequestFactory.create(creator=owner))
|
||||||
workspace_user = Workspaces.create_member(owner, workspace, developer_data)
|
workspace_role = Workspaces.create_member(owner, workspace, developer_data)
|
||||||
|
|
||||||
assert not workspace_user.has_environment_roles
|
assert not workspace_role.has_environment_roles
|
||||||
|
|
||||||
|
|
||||||
def test_has_environment_roles():
|
def test_has_environment_roles():
|
||||||
@ -41,12 +41,12 @@ def test_has_environment_roles():
|
|||||||
}
|
}
|
||||||
|
|
||||||
workspace = Workspaces.create(RequestFactory.create(creator=owner))
|
workspace = Workspaces.create(RequestFactory.create(creator=owner))
|
||||||
workspace_user = Workspaces.create_member(owner, workspace, developer_data)
|
workspace_role = Workspaces.create_member(owner, workspace, developer_data)
|
||||||
project = Projects.create(
|
project = Projects.create(
|
||||||
owner, workspace, "my test project", "It's mine.", ["dev", "staging", "prod"]
|
owner, workspace, "my test project", "It's mine.", ["dev", "staging", "prod"]
|
||||||
)
|
)
|
||||||
Environments.add_member(project.environments[0], workspace_user.user, "developer")
|
Environments.add_member(project.environments[0], workspace_role.user, "developer")
|
||||||
assert workspace_user.has_environment_roles
|
assert workspace_role.has_environment_roles
|
||||||
|
|
||||||
|
|
||||||
def test_role_displayname():
|
def test_role_displayname():
|
||||||
@ -60,9 +60,9 @@ def test_role_displayname():
|
|||||||
}
|
}
|
||||||
|
|
||||||
workspace = Workspaces.create(RequestFactory.create(creator=owner))
|
workspace = Workspaces.create(RequestFactory.create(creator=owner))
|
||||||
workspace_user = Workspaces.create_member(owner, workspace, developer_data)
|
workspace_role = Workspaces.create_member(owner, workspace, developer_data)
|
||||||
|
|
||||||
assert workspace_user.role_displayname == "Developer"
|
assert workspace_role.role_displayname == "Developer"
|
||||||
|
|
||||||
|
|
||||||
def test_status_when_member_is_active():
|
def test_status_when_member_is_active():
|
||||||
|
@ -8,11 +8,11 @@ from tests.factories import (
|
|||||||
InvitationFactory,
|
InvitationFactory,
|
||||||
)
|
)
|
||||||
from atst.domain.workspaces import Workspaces
|
from atst.domain.workspaces import Workspaces
|
||||||
from atst.domain.workspace_users import WorkspaceUsers
|
from atst.domain.workspace_roles import WorkspaceRoles
|
||||||
from atst.domain.projects import Projects
|
from atst.domain.projects import Projects
|
||||||
from atst.domain.environments import Environments
|
from atst.domain.environments import Environments
|
||||||
from atst.domain.environment_roles import EnvironmentRoles
|
from atst.domain.environment_roles import EnvironmentRoles
|
||||||
from atst.models.workspace_user import WorkspaceUser
|
from atst.models.workspace_role import WorkspaceRole
|
||||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||||
from atst.models.invitation import Status as InvitationStatus
|
from atst.models.invitation import Status as InvitationStatus
|
||||||
from atst.queue import queue
|
from atst.queue import queue
|
||||||
@ -202,7 +202,7 @@ def test_permissions_for_view_member(client, user_session):
|
|||||||
user = UserFactory.create()
|
user = UserFactory.create()
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
Workspaces._create_workspace_role(user, workspace, "developer")
|
Workspaces._create_workspace_role(user, workspace, "developer")
|
||||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
member = WorkspaceRoles.add(user, workspace.id, "developer")
|
||||||
user_session(user)
|
user_session(user)
|
||||||
response = client.post(
|
response = client.post(
|
||||||
url_for("workspaces.view_member", workspace_id=workspace.id, member_id=user.id),
|
url_for("workspaces.view_member", workspace_id=workspace.id, member_id=user.id),
|
||||||
@ -214,7 +214,7 @@ def test_permissions_for_view_member(client, user_session):
|
|||||||
def test_update_member_workspace_role(client, user_session):
|
def test_update_member_workspace_role(client, user_session):
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
user = UserFactory.create()
|
user = UserFactory.create()
|
||||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
member = WorkspaceRoles.add(user, workspace.id, "developer")
|
||||||
user_session(workspace.owner)
|
user_session(workspace.owner)
|
||||||
response = client.post(
|
response = client.post(
|
||||||
url_for(
|
url_for(
|
||||||
@ -224,13 +224,13 @@ def test_update_member_workspace_role(client, user_session):
|
|||||||
follow_redirects=True,
|
follow_redirects=True,
|
||||||
)
|
)
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
assert member.role == "security_auditor"
|
assert member.role_name == "security_auditor"
|
||||||
|
|
||||||
|
|
||||||
def test_update_member_workspace_role_with_no_data(client, user_session):
|
def test_update_member_workspace_role_with_no_data(client, user_session):
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
user = UserFactory.create()
|
user = UserFactory.create()
|
||||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
member = WorkspaceRoles.add(user, workspace.id, "developer")
|
||||||
user_session(workspace.owner)
|
user_session(workspace.owner)
|
||||||
response = client.post(
|
response = client.post(
|
||||||
url_for(
|
url_for(
|
||||||
@ -240,13 +240,13 @@ def test_update_member_workspace_role_with_no_data(client, user_session):
|
|||||||
follow_redirects=True,
|
follow_redirects=True,
|
||||||
)
|
)
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
assert member.role == "developer"
|
assert member.role_name == "developer"
|
||||||
|
|
||||||
|
|
||||||
def test_update_member_environment_role(client, user_session):
|
def test_update_member_environment_role(client, user_session):
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
user = UserFactory.create()
|
user = UserFactory.create()
|
||||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
member = WorkspaceRoles.add(user, workspace.id, "developer")
|
||||||
project = Projects.create(
|
project = Projects.create(
|
||||||
workspace.owner,
|
workspace.owner,
|
||||||
workspace,
|
workspace,
|
||||||
@ -278,7 +278,7 @@ def test_update_member_environment_role(client, user_session):
|
|||||||
def test_update_member_environment_role_with_no_data(client, user_session):
|
def test_update_member_environment_role_with_no_data(client, user_session):
|
||||||
workspace = WorkspaceFactory.create()
|
workspace = WorkspaceFactory.create()
|
||||||
user = UserFactory.create()
|
user = UserFactory.create()
|
||||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
member = WorkspaceRoles.add(user, workspace.id, "developer")
|
||||||
project = Projects.create(
|
project = Projects.create(
|
||||||
workspace.owner,
|
workspace.owner,
|
||||||
workspace,
|
workspace,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user