Update atst to atat

2020-02-28 16:01:45 -05:00
parent 6eb48239cf
commit c2814416fb
215 changed files with 735 additions and 746 deletions
--- a/atat/routes/portfolios/init.py
+++ b/atat/routes/portfolios/init.py
@@ -0,0 +1,7 @@
+from flask import request as http_request, g, render_template
+from operator import attrgetter
+
+from . import index
+from . import invitations
+from . import admin
+from .blueprint import portfolios_bp
--- a/atat/routes/portfolios/admin.py
+++ b/atat/routes/portfolios/admin.py
@@ -0,0 +1,212 @@
+from flask import render_template, request as http_request, g, redirect, url_for
+
+from .blueprint import portfolios_bp
+from atat.domain.portfolios import Portfolios
+from atat.domain.portfolio_roles import PortfolioRoles
+from atat.models.portfolio_role import Status as PortfolioRoleStatus
+from atat.domain.invitations import PortfolioInvitations
+from atat.domain.permission_sets import PermissionSets
+from atat.domain.audit_log import AuditLog
+from atat.domain.common import Paginator
+from atat.forms.portfolio import PortfolioForm
+import atat.forms.portfolio_member as member_forms
+from atat.models.permissions import Permissions
+from atat.domain.authz.decorator import user_can_access_decorator as user_can
+from atat.utils import first_or_none
+from atat.utils.flash import formatted_flash as flash
+from atat.domain.exceptions import UnauthorizedError
+
+
+def filter_perm_sets_data(member):
+    perm_sets_data = {
+        "perms_app_mgmt": bool(
+            member.has_permission_set(
+                PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT
+            )
+        ),
+        "perms_funding": bool(
+            member.has_permission_set(PermissionSets.EDIT_PORTFOLIO_FUNDING)
+        ),
+        "perms_reporting": bool(
+            member.has_permission_set(PermissionSets.EDIT_PORTFOLIO_REPORTS)
+        ),
+        "perms_portfolio_mgmt": bool(
+            member.has_permission_set(PermissionSets.EDIT_PORTFOLIO_ADMIN)
+        ),
+    }
+
+    return perm_sets_data
+
+
+def filter_members_data(members_list):
+    members_data = []
+    for member in members_list:
+        permission_sets = filter_perm_sets_data(member)
+        ppoc = (
+            PermissionSets.get(PermissionSets.PORTFOLIO_POC) in member.permission_sets
+        )
+        member_data = {
+            "role_id": member.id,
+            "user_name": member.user_name,
+            "permission_sets": filter_perm_sets_data(member),
+            "status": member.display_status,
+            "ppoc": ppoc,
+            "form": member_forms.PermissionsForm(permission_sets),
+        }
+
+        if not ppoc:
+            member_data["update_invite_form"] = (
+                member_forms.NewForm(user_data=member.latest_invitation)
+                if member.latest_invitation and member.latest_invitation.can_resend
+                else member_forms.NewForm()
+            )
+            member_data["invite_token"] = (
+                member.latest_invitation.token
+                if member.latest_invitation and member.latest_invitation.can_resend
+                else None
+            )
+
+        members_data.append(member_data)
+
+    return sorted(members_data, key=lambda member: member["user_name"])
+
+
+def render_admin_page(portfolio, form=None):
+    pagination_opts = Paginator.get_pagination_opts(http_request)
+    audit_events = AuditLog.get_portfolio_events(portfolio, pagination_opts)
+    portfolio_form = PortfolioForm(obj=portfolio)
+    member_list = portfolio.members
+    assign_ppoc_form = member_forms.AssignPPOCForm()
+
+    for pf_role in portfolio.roles:
+        if pf_role.user != portfolio.owner and pf_role.is_active:
+            assign_ppoc_form.role_id.choices += [(pf_role.id, pf_role.full_name)]
+
+    current_member = first_or_none(
+        lambda m: m.user_id == g.current_user.id, portfolio.members
+    )
+    current_member_id = current_member.id if current_member else None
+
+    return render_template(
+        "portfolios/admin.html",
+        form=form,
+        portfolio_form=portfolio_form,
+        members=filter_members_data(member_list),
+        new_manager_form=member_forms.NewForm(),
+        assign_ppoc_form=assign_ppoc_form,
+        portfolio=portfolio,
+        audit_events=audit_events,
+        user=g.current_user,
+        current_member_id=current_member_id,
+        applications_count=len(portfolio.applications),
+    )
+
+
+@portfolios_bp.route("/portfolios/<portfolio_id>/admin")
+@user_can(Permissions.VIEW_PORTFOLIO_ADMIN, message="view portfolio admin page")
+def admin(portfolio_id):
+    portfolio = Portfolios.get_for_update(portfolio_id)
+    return render_admin_page(portfolio)
+
+
+# Updating PPoC is a post-MVP feature
+# @portfolios_bp.route("/portfolios/<portfolio_id>/update_ppoc", methods=["POST"])
+# @user_can(Permissions.EDIT_PORTFOLIO_POC, message="update portfolio ppoc")
+# def update_ppoc(portfolio_id):  # pragma: no cover
+#     role_id = http_request.form.get("role_id")
+#
+#     portfolio = Portfolios.get(g.current_user, portfolio_id)
+#     new_ppoc_role = PortfolioRoles.get_by_id(role_id)
+#
+#     PortfolioRoles.make_ppoc(portfolio_role=new_ppoc_role)
+#
+#     flash("primary_point_of_contact_changed", ppoc_name=new_ppoc_role.full_name)
+#
+#     return redirect(
+#         url_for(
+#             "portfolios.admin",
+#             portfolio_id=portfolio.id,
+#             fragment="primary-point-of-contact",
+#             _anchor="primary-point-of-contact",
+#         )
+#     )
+
+
+@portfolios_bp.route("/portfolios/<portfolio_id>/edit", methods=["POST"])
+@user_can(Permissions.EDIT_PORTFOLIO_NAME, message="edit portfolio")
+def edit(portfolio_id):
+    portfolio = Portfolios.get_for_update(portfolio_id)
+    form = PortfolioForm(http_request.form)
+    if form.validate():
+        Portfolios.update(portfolio, form.data)
+        return redirect(
+            url_for("applications.portfolio_applications", portfolio_id=portfolio.id)
+        )
+    else:
+        # rerender portfolio admin page
+        return render_admin_page(portfolio, form)
+
+
+@portfolios_bp.route(
+    "/portfolios/<portfolio_id>/members/<portfolio_role_id>/delete", methods=["POST"]
+)
+@user_can(Permissions.EDIT_PORTFOLIO_USERS, message="update portfolio members")
+def remove_member(portfolio_id, portfolio_role_id):
+    portfolio_role = PortfolioRoles.get_by_id(portfolio_role_id)
+
+    if g.current_user.id == portfolio_role.user_id:
+        raise UnauthorizedError(
+            g.current_user, "you cant remove yourself from the portfolio"
+        )
+
+    portfolio = Portfolios.get(user=g.current_user, portfolio_id=portfolio_id)
+    if portfolio_role.user_id == portfolio.owner.id:
+        raise UnauthorizedError(
+            g.current_user, "you can't delete the portfolios PPoC from the portfolio"
+        )
+
+    if (
+        portfolio_role.latest_invitation
+        and portfolio_role.status == PortfolioRoleStatus.PENDING
+    ):
+        PortfolioInvitations.revoke(portfolio_role.latest_invitation.token)
+    else:
+        PortfolioRoles.disable(portfolio_role=portfolio_role)
+
+    flash("portfolio_member_removed", member_name=portfolio_role.full_name)
+
+    return redirect(
+        url_for(
+            "portfolios.admin",
+            portfolio_id=portfolio_id,
+            _anchor="portfolio-members",
+            fragment="portfolio-members",
+        )
+    )
+
+
+@portfolios_bp.route(
+    "/portfolios/<portfolio_id>/members/<portfolio_role_id>", methods=["POST"]
+)
+@user_can(Permissions.EDIT_PORTFOLIO_USERS, message="update portfolio members")
+def update_member(portfolio_id, portfolio_role_id):
+    form_data = http_request.form
+    form = member_forms.PermissionsForm(formdata=form_data)
+    portfolio_role = PortfolioRoles.get_by_id(portfolio_role_id)
+    portfolio = Portfolios.get(user=g.current_user, portfolio_id=portfolio_id)
+
+    if form.validate() and portfolio.owner_role != portfolio_role:
+        PortfolioRoles.update(portfolio_role, form.data["permission_sets"])
+        flash("update_portfolio_member", member_name=portfolio_role.full_name)
+
+        return redirect(
+            url_for(
+                "portfolios.admin",
+                portfolio_id=portfolio_id,
+                _anchor="portfolio-members",
+                fragment="portfolio-members",
+            )
+        )
+    else:
+        flash("update_portfolio_member_error", member_name=portfolio_role.full_name)
+        return (render_admin_page(portfolio), 400)
--- a/atat/routes/portfolios/blueprint.py
+++ b/atat/routes/portfolios/blueprint.py
@@ -0,0 +1,5 @@
+from flask import Blueprint
+from atat.utils.context_processors import portfolio as portfolio_context_processor
+
+portfolios_bp = Blueprint("portfolios", __name__)
+portfolios_bp.context_processor(portfolio_context_processor)
--- a/atat/routes/portfolios/index.py
+++ b/atat/routes/portfolios/index.py
@@ -0,0 +1,57 @@
+import pendulum
+from flask import redirect, render_template, url_for, request as http_request, g
+
+from .blueprint import portfolios_bp
+from atat.forms.portfolio import PortfolioCreationForm
+from atat.domain.reports import Reports
+from atat.domain.portfolios import Portfolios
+from atat.models.permissions import Permissions
+from atat.domain.authz.decorator import user_can_access_decorator as user_can
+from atat.utils.flash import formatted_flash as flash
+
+
+@portfolios_bp.route("/portfolios/new")
+def new_portfolio_step_1():
+    form = PortfolioCreationForm()
+    return render_template("portfolios/new/step_1.html", form=form)
+
+
+@portfolios_bp.route("/portfolios", methods=["POST"])
+def create_portfolio():
+    form = PortfolioCreationForm(http_request.form)
+
+    if form.validate():
+        portfolio = Portfolios.create(user=g.current_user, portfolio_attrs=form.data)
+        return redirect(
+            url_for("applications.portfolio_applications", portfolio_id=portfolio.id)
+        )
+    else:
+        return render_template("portfolios/new/step_1.html", form=form), 400
+
+
+@portfolios_bp.route("/portfolios/<portfolio_id>/reports")
+@user_can(Permissions.VIEW_PORTFOLIO_REPORTS, message="view portfolio reports")
+def reports(portfolio_id):
+    portfolio = Portfolios.get(g.current_user, portfolio_id)
+    spending = Reports.get_portfolio_spending(portfolio)
+    obligated = portfolio.total_obligated_funds
+    remaining = obligated - (spending["invoiced"] + spending["estimated"])
+
+    current_obligated_funds = {
+        **spending,
+        "obligated": obligated,
+        "remaining": remaining,
+    }
+
+    if current_obligated_funds["remaining"] < 0:
+        flash("insufficient_funds")
+
+    return render_template(
+        "portfolios/reports/index.html",
+        portfolio=portfolio,
+        # wrapped in str() because this sum returns a Decimal object
+        total_portfolio_value=str(portfolio.total_obligated_funds),
+        current_obligated_funds=current_obligated_funds,
+        expired_task_orders=Reports.expired_task_orders(portfolio),
+        retrieved=pendulum.now(),  # mocked datetime of reporting data retrival
+    )
--- a/atat/routes/portfolios/invitations.py
+++ b/atat/routes/portfolios/invitations.py
@@ -0,0 +1,123 @@
+from flask import g, redirect, url_for, render_template, request as http_request
+
+from .blueprint import portfolios_bp
+from atat.domain.authz.decorator import user_can_access_decorator as user_can
+from atat.domain.exceptions import AlreadyExistsError
+from atat.domain.invitations import PortfolioInvitations
+from atat.domain.portfolios import Portfolios
+from atat.models import Permissions
+from atat.jobs import send_mail
+from atat.utils.flash import formatted_flash as flash
+from atat.utils.localization import translate
+import atat.forms.portfolio_member as member_forms
+
+
+def send_portfolio_invitation(invitee_email, inviter_name, token):
+    body = render_template(
+        "emails/portfolio/invitation.txt", owner=inviter_name, token=token
+    )
+    send_mail.delay(
+        [invitee_email],
+        translate("email.portfolio_invite", {"inviter_name": inviter_name}),
+        body,
+    )
+
+
+@portfolios_bp.route("/portfolios/invitations/<portfolio_token>", methods=["GET"])
+def accept_invitation(portfolio_token):
+    invite = PortfolioInvitations.accept(g.current_user, portfolio_token)
+
+    return redirect(
+        url_for("applications.portfolio_applications", portfolio_id=invite.portfolio.id)
+    )
+
+
+@portfolios_bp.route(
+    "/portfolios/<portfolio_id>/invitations/<portfolio_token>/revoke", methods=["POST"]
+)
+@user_can(Permissions.EDIT_PORTFOLIO_USERS, message="revoke invitation")
+def revoke_invitation(portfolio_id, portfolio_token):
+    invite = PortfolioInvitations.revoke(portfolio_token)
+
+    flash(
+        "invite_revoked",
+        resource="Portfolio",
+        user_name=invite.user_name,
+        resource_name=g.portfolio.name,
+    )
+    return redirect(
+        url_for(
+            "portfolios.admin",
+            portfolio_id=portfolio_id,
+            _anchor="portfolio-members",
+            fragment="portfolio-members",
+        )
+    )
+
+
+@portfolios_bp.route(
+    "/portfolios/<portfolio_id>/invitations/<portfolio_token>/resend", methods=["POST"]
+)
+@user_can(Permissions.EDIT_PORTFOLIO_USERS, message="resend invitation")
+def resend_invitation(portfolio_id, portfolio_token):
+    form = member_forms.NewForm(http_request.form)
+
+    if form.validate():
+        invite = PortfolioInvitations.resend(
+            g.current_user, portfolio_token, form.data["user_data"]
+        )
+        send_portfolio_invitation(
+            invitee_email=invite.email,
+            inviter_name=g.current_user.full_name,
+            token=invite.token,
+        )
+        flash("resend_portfolio_invitation", email=invite.email)
+    else:
+        user_name = f"{form['user_data']['first_name'].data} {form['user_data']['last_name'].data}"
+        flash("resend_portfolio_invitation_error", user_name=user_name)
+
+    return redirect(
+        url_for(
+            "portfolios.admin",
+            portfolio_id=portfolio_id,
+            fragment="portfolio-members",
+            _anchor="portfolio-members",
+        )
+    )
+
+
+@portfolios_bp.route("/portfolios/<portfolio_id>/members/new", methods=["POST"])
+@user_can(Permissions.CREATE_PORTFOLIO_USERS, message="create new portfolio member")
+def invite_member(portfolio_id):
+    portfolio = Portfolios.get(g.current_user, portfolio_id)
+    form = member_forms.NewForm(http_request.form)
+
+    if form.validate():
+        try:
+            invite = Portfolios.invite(portfolio, g.current_user, form.data)
+            send_portfolio_invitation(
+                invitee_email=invite.email,
+                inviter_name=g.current_user.full_name,
+                token=invite.token,
+            )
+
+            flash(
+                "new_portfolio_member", user_name=invite.user_name, portfolio=portfolio
+            )
+
+        except AlreadyExistsError:
+            return render_template(
+                "error.html", message="There was an error processing your request."
+            )
+    else:
+        pass
+        # TODO: flash error message
+
+    return redirect(
+        url_for(
+            "portfolios.admin",
+            portfolio_id=portfolio_id,
+            fragment="portfolio-members",
+            _anchor="portfolio-members",
+        )
+    )