pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds an ORM permission set listener for application roles.

Browse Source 
Application role changes will be recorded in the audit log. Generalizes
pre-existing listener that was in user for portfolio roles.
This commit is contained in:
dandds
2019-04-08 14:00:26 -04:00
parent 9c10a14827
commit b17741acd1
4 changed files with 74 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
tests/models/test_application_role.py Normal file
View File

@@ -0,0 +1,40 @@
from atst.domain.permission_sets import PermissionSets
from atst.models.audit_event import AuditEvent
from tests.factories import PortfolioFactory, UserFactory
def test_has_application_role_history(session):
owner = UserFactory.create()
user = UserFactory.create()
PortfolioFactory.create(
owner=owner,
applications=[
{
"name": "starkiller",
"environments": [
{
"name": "bridge",
"members": [{"user": user, "role_name": "developer"}],
}
],
}
],
)
app_role = user.application_roles[0]
app_role.permission_sets = [
PermissionSets.get(PermissionSets.EDIT_APPLICATION_TEAM)
]
session.add(app_role)
session.commit()
changed_event = (
session.query(AuditEvent)
.filter(AuditEvent.resource_id == app_role.id, AuditEvent.action == "update")
.one()
)
old_state, new_state = changed_event.changed_state["permission_sets"]
assert old_state == [PermissionSets.VIEW_APPLICATION]
assert new_state == [PermissionSets.EDIT_APPLICATION_TEAM]