diff --git a/atst/domain/permission_sets.py b/atst/domain/permission_sets.py index 9f6eef96..b045523a 100644 --- a/atst/domain/permission_sets.py +++ b/atst/domain/permission_sets.py @@ -30,6 +30,14 @@ class PermissionSets(object): def get_all(cls): return db.session.query(PermissionSet).all() + @classmethod + def get_many(cls, perms_set_names): + return ( + db.session.query(PermissionSet) + .filter(PermissionSet.name.in_(perms_set_names)) + .all() + ) + ATAT_ROLES = [ { diff --git a/atst/domain/portfolio_roles.py b/atst/domain/portfolio_roles.py index b5e8189f..153d4707 100644 --- a/atst/domain/portfolio_roles.py +++ b/atst/domain/portfolio_roles.py @@ -101,16 +101,25 @@ class PortfolioRoles(object): PermissionSets.VIEW_PORTFOLIO_FUNDING, PermissionSets.VIEW_PORTFOLIO_REPORTS, PermissionSets.VIEW_PORTFOLIO_ADMIN, + PermissionSets.VIEW_PORTFOLIO, } + PORTFOLIO_PERMISSION_SETS = DEFAULT_PORTFOLIO_PERMISSION_SETS.union( + { + PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT, + PermissionSets.EDIT_PORTFOLIO_FUNDING, + PermissionSets.EDIT_PORTFOLIO_REPORTS, + PermissionSets.EDIT_PORTFOLIO_ADMIN, + PermissionSets.PORTFOLIO_POC, + } + ) + @classmethod def _permission_sets_for_names(cls, set_names): perms_set_names = PortfolioRoles.DEFAULT_PORTFOLIO_PERMISSION_SETS.union( set(set_names) ) - return [ - PermissionSets.get(perms_set_name) for perms_set_name in perms_set_names - ] + return PermissionSets.get_many(perms_set_names) @classmethod def update(cls, portfolio_role, set_names): diff --git a/atst/domain/portfolios/portfolios.py b/atst/domain/portfolios/portfolios.py index f6170fa9..9ce6c2e9 100644 --- a/atst/domain/portfolios/portfolios.py +++ b/atst/domain/portfolios/portfolios.py @@ -1,4 +1,4 @@ -from atst.domain.permission_sets import PermissionSets, PORTFOLIO_PERMISSION_SETS +from atst.domain.permission_sets import PermissionSets from atst.domain.authz import Authorization from atst.models.permissions import Permissions from atst.domain.users import Users @@ -20,9 +20,7 @@ class Portfolios(object): portfolio = PortfoliosQuery.create( name=name, defense_component=defense_component ) - perms_sets = [ - PermissionSets.get(prms["name"]) for prms in PORTFOLIO_PERMISSION_SETS - ] + perms_sets = PermissionSets.get_many(PortfolioRoles.PORTFOLIO_PERMISSION_SETS) Portfolios._create_portfolio_role( user, portfolio, diff --git a/tests/domain/test_permission_sets.py b/tests/domain/test_permission_sets.py new file mode 100644 index 00000000..df19c24d --- /dev/null +++ b/tests/domain/test_permission_sets.py @@ -0,0 +1,32 @@ +import pytest +from atst.domain.permission_sets import PermissionSets +from atst.domain.exceptions import NotFoundError +from atst.utils import first_or_none + + +def test_get_all(): + roles = PermissionSets.get_all() + assert roles + + +def test_get_existing_permission_set(): + role = PermissionSets.get("portfolio_poc") + assert role.name == "portfolio_poc" + + +def test_get_nonexistent_permission_set(): + with pytest.raises(NotFoundError): + PermissionSets.get("nonexistent") + + +def test_get_many(): + perms_sets = PermissionSets.get_many( + [PermissionSets.VIEW_PORTFOLIO_FUNDING, PermissionSets.EDIT_PORTFOLIO_FUNDING] + ) + assert len(perms_sets) == 2 + assert first_or_none( + lambda p: p.name == PermissionSets.VIEW_PORTFOLIO_FUNDING, perms_sets + ) + assert first_or_none( + lambda p: p.name == PermissionSets.EDIT_PORTFOLIO_FUNDING, perms_sets + ) diff --git a/tests/domain/test_portfolio_roles.py b/tests/domain/test_portfolio_roles.py index 8ffbed81..5bdc9bc0 100644 --- a/tests/domain/test_portfolio_roles.py +++ b/tests/domain/test_portfolio_roles.py @@ -18,13 +18,14 @@ def test_add_portfolio_role_with_permission_sets(): port_role = PortfolioRoles.add( new_user, portfolio.id, permission_sets=permission_sets ) - assert len(port_role.permission_sets) == 5 + assert len(port_role.permission_sets) == 6 expected_names = [ PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT, PermissionSets.VIEW_PORTFOLIO_APPLICATION_MANAGEMENT, PermissionSets.VIEW_PORTFOLIO_FUNDING, PermissionSets.VIEW_PORTFOLIO_REPORTS, PermissionSets.VIEW_PORTFOLIO_ADMIN, + PermissionSets.VIEW_PORTFOLIO, ] actual_names = [prms.name for prms in port_role.permission_sets] assert expected_names == expected_names diff --git a/tests/domain/test_portfolios.py b/tests/domain/test_portfolios.py index 9140d82d..e2e743ae 100644 --- a/tests/domain/test_portfolios.py +++ b/tests/domain/test_portfolios.py @@ -9,7 +9,12 @@ from atst.domain.environments import Environments from atst.domain.permission_sets import PermissionSets, PORTFOLIO_PERMISSION_SETS from atst.models.portfolio_role import Status as PortfolioRoleStatus -from tests.factories import UserFactory, PortfolioRoleFactory, PortfolioFactory +from tests.factories import ( + UserFactory, + PortfolioRoleFactory, + PortfolioFactory, + get_all_portfolio_permission_sets, +) @pytest.fixture(scope="function") @@ -201,7 +206,7 @@ def test_scoped_portfolio_returns_all_applications_for_portfolio_admin( ) admin = UserFactory.create() - perm_sets = [PermissionSets.get(prms["name"]) for prms in PORTFOLIO_PERMISSION_SETS] + perm_sets = get_all_portfolio_permission_sets() PortfolioRoleFactory.create( user=admin, portfolio=portfolio, permission_sets=perm_sets ) @@ -263,7 +268,7 @@ def test_get_for_update_information(portfolio, portfolio_owner): assert portfolio == owner_ws admin = UserFactory.create() - perm_sets = [PermissionSets.get(prms["name"]) for prms in PORTFOLIO_PERMISSION_SETS] + perm_sets = get_all_portfolio_permission_sets() PortfolioRoleFactory.create( user=admin, portfolio=portfolio, permission_sets=perm_sets ) diff --git a/tests/domain/test_roles.py b/tests/domain/test_roles.py deleted file mode 100644 index 58601d9f..00000000 --- a/tests/domain/test_roles.py +++ /dev/null @@ -1,18 +0,0 @@ -import pytest -from atst.domain.permission_sets import PermissionSets -from atst.domain.exceptions import NotFoundError - - -def test_get_all_roles(): - roles = PermissionSets.get_all() - assert roles - - -def test_get_existing_role(): - role = PermissionSets.get("portfolio_poc") - assert role.name == "portfolio_poc" - - -def test_get_nonexistent_role(): - with pytest.raises(NotFoundError): - PermissionSets.get("nonexistent") diff --git a/tests/factories.py b/tests/factories.py index 4a786739..bdb27c69 100644 --- a/tests/factories.py +++ b/tests/factories.py @@ -72,7 +72,7 @@ def base_portfolio_permission_sets(): def get_all_portfolio_permission_sets(): - return [PermissionSets.get(prms["name"]) for prms in PORTFOLIO_PERMISSION_SETS] + return PermissionSets.get_many(PortfolioRoles.PORTFOLIO_PERMISSION_SETS) class Base(factory.alchemy.SQLAlchemyModelFactory): diff --git a/tests/routes/portfolios/test_members.py b/tests/routes/portfolios/test_members.py index 910042b5..5d149f6f 100644 --- a/tests/routes/portfolios/test_members.py +++ b/tests/routes/portfolios/test_members.py @@ -109,7 +109,7 @@ def test_create_member(client, user_session): assert user.invitations assert len(queue.get_queue()) == queue_length + 1 portfolio_role = user.portfolio_roles[0] - assert len(portfolio_role.permission_sets) == 4 + assert len(portfolio_role.permission_sets) == 5 @pytest.mark.skip(reason="permission set display not implemented")