diff --git a/atst/domain/permission_sets.py b/atst/domain/permission_sets.py
index 4c70b4e2..b162a15c 100644
--- a/atst/domain/permission_sets.py
+++ b/atst/domain/permission_sets.py
@@ -54,112 +54,6 @@ ATAT_ROLES = [
"permissions": [Permissions.REQUEST_JEDI_PORTFOLIO],
},
]
-PORTFOLIO_ROLES = [
- {
- "name": "owner",
- "display_name": "Portfolio Owner",
- "description": "Adds, edits, deactivates access to all applications, environments, and members. Views budget reports. Initiates and edits JEDI Cloud requests.",
- "permissions": [
- Permissions.REQUEST_JEDI_PORTFOLIO,
- Permissions.VIEW_ORIGINAL_JEDI_REQEUST,
- Permissions.VIEW_USAGE_REPORT,
- Permissions.VIEW_USAGE_DOLLARS,
- Permissions.ADD_AND_ASSIGN_CSP_ROLES,
- Permissions.REMOVE_CSP_ROLES,
- Permissions.REQUEST_NEW_CSP_ROLE,
- Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
- Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
- Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
- Permissions.DEACTIVATE_PORTFOLIO,
- Permissions.VIEW_ATAT_PERMISSIONS,
- Permissions.VIEW_PORTFOLIO,
- Permissions.VIEW_PORTFOLIO_MEMBERS,
- Permissions.EDIT_PORTFOLIO_INFORMATION,
- Permissions.ADD_APPLICATION_IN_PORTFOLIO,
- Permissions.DELETE_APPLICATION_IN_PORTFOLIO,
- Permissions.DEACTIVATE_APPLICATION_IN_PORTFOLIO,
- Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
- Permissions.RENAME_APPLICATION_IN_PORTFOLIO,
- Permissions.ADD_ENVIRONMENT_IN_APPLICATION,
- Permissions.DELETE_ENVIRONMENT_IN_APPLICATION,
- Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
- Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
- Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
- Permissions.VIEW_PORTFOLIO_AUDIT_LOG,
- Permissions.VIEW_TASK_ORDER,
- Permissions.UPDATE_TASK_ORDER,
- Permissions.ADD_TASK_ORDER_OFFICER,
- ],
- },
- {
- "name": "admin",
- "display_name": "Administrator",
- "description": "Adds and edits applications, environments, members, but cannot deactivate. Cannot view budget reports or JEDI Cloud requests.",
- "permissions": [
- Permissions.VIEW_USAGE_REPORT,
- Permissions.ADD_AND_ASSIGN_CSP_ROLES,
- Permissions.REMOVE_CSP_ROLES,
- Permissions.REQUEST_NEW_CSP_ROLE,
- Permissions.ASSIGN_AND_UNASSIGN_ATAT_ROLE,
- Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
- Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
- Permissions.VIEW_PORTFOLIO,
- Permissions.VIEW_PORTFOLIO_MEMBERS,
- Permissions.EDIT_PORTFOLIO_INFORMATION,
- Permissions.ADD_APPLICATION_IN_PORTFOLIO,
- Permissions.DELETE_APPLICATION_IN_PORTFOLIO,
- Permissions.DEACTIVATE_APPLICATION_IN_PORTFOLIO,
- Permissions.VIEW_APPLICATION_IN_PORTFOLIO,
- Permissions.RENAME_APPLICATION_IN_PORTFOLIO,
- Permissions.ADD_ENVIRONMENT_IN_APPLICATION,
- Permissions.DELETE_ENVIRONMENT_IN_APPLICATION,
- Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
- Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
- Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
- Permissions.VIEW_PORTFOLIO_AUDIT_LOG,
- Permissions.VIEW_TASK_ORDER,
- Permissions.UPDATE_TASK_ORDER,
- Permissions.ADD_TASK_ORDER_OFFICER,
- ],
- },
- {
- "name": "developer",
- "display_name": "Developer",
- "description": "Views only the applications and environments they are granted access to. Can also view members associated with each environment.",
- "permissions": [Permissions.VIEW_USAGE_REPORT, Permissions.VIEW_PORTFOLIO],
- },
- {
- "name": "billing_auditor",
- "display_name": "Billing Auditor",
- "description": "Views only the applications and environments they are granted access to. Can also view budgets and reports associated with the portfolio.",
- "permissions": [
- Permissions.VIEW_USAGE_REPORT,
- Permissions.VIEW_USAGE_DOLLARS,
- Permissions.VIEW_PORTFOLIO,
- ],
- },
- {
- "name": "security_auditor",
- "description": "Views only the applications and environments they are granted access to. Can also view activity logs.",
- "display_name": "Security Auditor",
- "permissions": [
- Permissions.VIEW_ASSIGNED_ATAT_ROLE_CONFIGURATIONS,
- Permissions.VIEW_ASSIGNED_CSP_ROLE_CONFIGURATIONS,
- Permissions.VIEW_ATAT_PERMISSIONS,
- Permissions.VIEW_PORTFOLIO,
- ],
- },
- {
- "name": "officer",
- "description": "Officer involved with setting up a Task Order",
- "display_name": "Task Order Officer",
- "permissions": [
- Permissions.VIEW_PORTFOLIO,
- Permissions.VIEW_USAGE_REPORT,
- Permissions.VIEW_USAGE_DOLLARS,
- ],
- },
-]
_VIEW_PORTFOLIO_PERMISSION_SETS = [
{
diff --git a/atst/forms/data.py b/atst/forms/data.py
index 3a515f6d..4223de08 100644
--- a/atst/forms/data.py
+++ b/atst/forms/data.py
@@ -1,4 +1,3 @@
-from atst.domain.permission_sets import PORTFOLIO_ROLES as PORTFOLIO_ROLE_DEFINITIONS
from atst.utils.localization import translate, translate_duration
@@ -107,12 +106,6 @@ COMPLETION_DATE_RANGES = [
("Above 12 months", "Above 12 months"),
]
-PORTFOLIO_ROLES = [
- (role["name"], {"name": role["display_name"], "description": role["description"]})
- for role in PORTFOLIO_ROLE_DEFINITIONS
- if role["name"] is not "officer"
-]
-
ENVIRONMENT_ROLES = [
(
"developer",
diff --git a/atst/routes/portfolios/members.py b/atst/routes/portfolios/members.py
index 30ba503b..55383529 100644
--- a/atst/routes/portfolios/members.py
+++ b/atst/routes/portfolios/members.py
@@ -11,11 +11,7 @@ from atst.domain.environments import Environments
from atst.domain.environment_roles import EnvironmentRoles
from atst.services.invitation import Invitation as InvitationService
import atst.forms.portfolio_member as member_forms
-from atst.forms.data import (
- ENVIRONMENT_ROLES,
- ENV_ROLE_MODAL_DESCRIPTION,
- PORTFOLIO_ROLE_DEFINITIONS,
-)
+from atst.forms.data import ENVIRONMENT_ROLES, ENV_ROLE_MODAL_DESCRIPTION
from atst.domain.authz import Authorization
from atst.models.permissions import Permissions
@@ -45,7 +41,6 @@ def portfolio_members(portfolio_id):
return render_template(
"portfolios/members/index.html",
portfolio=portfolio,
- role_choices=PORTFOLIO_ROLE_DEFINITIONS,
status_choices=MEMBER_STATUS_CHOICES,
members=members_list,
)
diff --git a/script/seed_roles.py b/script/seed_roles.py
index fc93c523..0a2a2703 100755
--- a/script/seed_roles.py
+++ b/script/seed_roles.py
@@ -10,15 +10,11 @@ from sqlalchemy.orm.exc import NoResultFound
from atst.app import make_config, make_app
from atst.database import db
from atst.models import PermissionSet, Permissions
-from atst.domain.permission_sets import (
- ATAT_ROLES,
- PORTFOLIO_ROLES,
- PORTFOLIO_PERMISSION_SETS,
-)
+from atst.domain.permission_sets import ATAT_ROLES, PORTFOLIO_PERMISSION_SETS
def seed_roles():
- for permission_set_info in ATAT_ROLES + PORTFOLIO_ROLES + PORTFOLIO_PERMISSION_SETS:
+ for permission_set_info in ATAT_ROLES + PORTFOLIO_PERMISSION_SETS:
permission_set = PermissionSet(**permission_set_info)
try:
existing_permission_set = (
diff --git a/templates/portfolios/members/index.html b/templates/portfolios/members/index.html
index ffc91cf9..c55835fc 100644
--- a/templates/portfolios/members/index.html
+++ b/templates/portfolios/members/index.html
@@ -29,7 +29,6 @@
id="search-template"
class='member-list'
v-bind:members='{{ members | tojson}}'
- v-bind:role_choices='{{ role_choices | tojson}}'
v-bind:status_choices='{{ status_choices | tojson}}'>
-
-
-
-
-
diff --git a/tests/domain/test_audit_log.py b/tests/domain/test_audit_log.py
index dd4baaa5..94128e89 100644
--- a/tests/domain/test_audit_log.py
+++ b/tests/domain/test_audit_log.py
@@ -19,7 +19,7 @@ def ccpo():
@pytest.fixture(scope="function")
def developer():
- return UserFactory.from_atat_role("default")
+ return UserFactory.create()
def test_non_admin_cannot_view_audit_log(developer):
diff --git a/tests/domain/test_environments.py b/tests/domain/test_environments.py
index 8936d1be..78cc8b0d 100644
--- a/tests/domain/test_environments.py
+++ b/tests/domain/test_environments.py
@@ -14,7 +14,7 @@ def test_create_environments():
def test_create_environment_role_creates_cloud_id(session):
owner = UserFactory.create()
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
portfolio = PortfolioFactory.create(
owner=owner,
@@ -38,7 +38,7 @@ def test_create_environment_role_creates_cloud_id(session):
def test_update_environment_roles():
owner = UserFactory.create()
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
portfolio = PortfolioFactory.create(
owner=owner,
@@ -81,7 +81,7 @@ def test_update_environment_roles():
def test_remove_environment_role():
owner = UserFactory.create()
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
portfolio = PortfolioFactory.create(
owner=owner,
members=[{"user": developer, "role_name": "developer"}],
@@ -132,7 +132,7 @@ def test_remove_environment_role():
def test_no_update_to_environment_roles():
owner = UserFactory.create()
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
portfolio = PortfolioFactory.create(
owner=owner,
diff --git a/tests/domain/test_portfolios.py b/tests/domain/test_portfolios.py
index fd2a58b7..fe2b7672 100644
--- a/tests/domain/test_portfolios.py
+++ b/tests/domain/test_portfolios.py
@@ -151,7 +151,7 @@ def test_ccpo_can_view_portfolio_members(portfolio, portfolio_owner):
def test_random_user_cannot_view_portfolio_members(portfolio):
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
with pytest.raises(UnauthorizedError):
portfolio = Portfolios.get_with_members(developer, portfolio.id)
@@ -175,7 +175,7 @@ def test_scoped_portfolio_only_returns_a_users_applications_and_environments(
"My application 2",
["dev", "staging", "prod"],
)
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
dev_environment = Environments.add_member(
new_application.environments[0], developer, "developer"
)
@@ -200,7 +200,7 @@ def test_scoped_portfolio_returns_all_applications_for_portfolio_admin(
["dev", "staging", "prod"],
)
- admin = UserFactory.from_atat_role("default")
+ admin = UserFactory.create()
perm_sets = [PermissionSets.get(prms["name"]) for prms in PORTFOLIO_PERMISSION_SETS]
PortfolioRoleFactory.create(
user=admin, portfolio=portfolio, permission_sets=perm_sets
@@ -230,7 +230,7 @@ def test_scoped_portfolio_returns_all_applications_for_portfolio_owner(
def test_for_user_returns_active_portfolios_for_user(portfolio, portfolio_owner):
- bob = UserFactory.from_atat_role("default")
+ bob = UserFactory.create()
PortfolioRoleFactory.create(
user=bob, portfolio=portfolio, status=PortfolioRoleStatus.ACTIVE
)
@@ -242,7 +242,7 @@ def test_for_user_returns_active_portfolios_for_user(portfolio, portfolio_owner)
def test_for_user_does_not_return_inactive_portfolios(portfolio, portfolio_owner):
- bob = UserFactory.from_atat_role("default")
+ bob = UserFactory.create()
Portfolios.add_member(portfolio, bob)
PortfolioFactory.create()
bobs_portfolios = Portfolios.for_user(bob)
@@ -274,7 +274,7 @@ def test_get_for_update_information(portfolio, portfolio_owner):
# ccpo = UserFactory.from_atat_role("ccpo")
# assert Portfolios.get_for_update_information(ccpo, portfolio.id)
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
with pytest.raises(UnauthorizedError):
Portfolios.get_for_update_information(developer, portfolio.id)
diff --git a/tests/domain/test_roles.py b/tests/domain/test_roles.py
index 997627db..58601d9f 100644
--- a/tests/domain/test_roles.py
+++ b/tests/domain/test_roles.py
@@ -9,8 +9,8 @@ def test_get_all_roles():
def test_get_existing_role():
- role = PermissionSets.get("developer")
- assert role.name == "developer"
+ role = PermissionSets.get("portfolio_poc")
+ assert role.name == "portfolio_poc"
def test_get_nonexistent_role():
diff --git a/tests/domain/test_users.py b/tests/domain/test_users.py
index de6c7fc8..69a83c69 100644
--- a/tests/domain/test_users.py
+++ b/tests/domain/test_users.py
@@ -8,14 +8,14 @@ DOD_ID = "my_dod_id"
def test_create_user():
- user = Users.create(DOD_ID, "developer")
- assert user.atat_role.name == "developer"
+ user = Users.create(DOD_ID, "default")
+ assert user.atat_role.name == "default"
def test_create_user_with_existing_email():
- Users.create(DOD_ID, "developer", email="thisusersemail@usersRus.com")
+ Users.create(DOD_ID, "default", email="thisusersemail@usersRus.com")
with pytest.raises(AlreadyExistsError):
- Users.create(DOD_ID, "admin", email="thisusersemail@usersRus.com")
+ Users.create(DOD_ID, "ccpo", email="thisusersemail@usersRus.com")
def test_create_user_with_nonexistent_role():
@@ -24,61 +24,61 @@ def test_create_user_with_nonexistent_role():
def test_get_or_create_nonexistent_user():
- user = Users.get_or_create_by_dod_id(DOD_ID, atat_role_name="developer")
+ user = Users.get_or_create_by_dod_id(DOD_ID, atat_role_name="default")
assert user.dod_id == DOD_ID
def test_get_or_create_existing_user():
- Users.get_or_create_by_dod_id(DOD_ID, atat_role_name="developer")
- user = Users.get_or_create_by_dod_id(DOD_ID, atat_role_name="developer")
+ Users.get_or_create_by_dod_id(DOD_ID, atat_role_name="default")
+ user = Users.get_or_create_by_dod_id(DOD_ID, atat_role_name="default")
assert user
def test_get_user():
- new_user = Users.create(DOD_ID, "developer")
+ new_user = Users.create(DOD_ID, "default")
user = Users.get(new_user.id)
assert user.id == new_user.id
def test_get_nonexistent_user():
- Users.create(DOD_ID, "developer")
+ Users.create(DOD_ID, "default")
with pytest.raises(NotFoundError):
Users.get(uuid4())
def test_get_user_by_dod_id():
- new_user = Users.create(DOD_ID, "developer")
+ new_user = Users.create(DOD_ID, "default")
user = Users.get_by_dod_id(DOD_ID)
assert user == new_user
def test_update_role():
- new_user = Users.create(DOD_ID, "developer")
+ new_user = Users.create(DOD_ID, "default")
updated_user = Users.update_role(new_user.id, "ccpo")
assert updated_user.atat_role.name == "ccpo"
def test_update_role_with_nonexistent_user():
- Users.create(DOD_ID, "developer")
+ Users.create(DOD_ID, "default")
with pytest.raises(NotFoundError):
Users.update_role(uuid4(), "ccpo")
def test_update_existing_user_with_nonexistent_role():
- new_user = Users.create(DOD_ID, "developer")
+ new_user = Users.create(DOD_ID, "default")
with pytest.raises(NotFoundError):
Users.update_role(new_user.id, "nonexistent")
def test_update_user():
- new_user = Users.create(DOD_ID, "developer")
+ new_user = Users.create(DOD_ID, "default")
updated_user = Users.update(new_user, {"first_name": "Jabba"})
assert updated_user.first_name == "Jabba"
def test_update_user_with_dod_id():
- new_user = Users.create(DOD_ID, "developer")
+ new_user = Users.create(DOD_ID, "default")
with pytest.raises(UnauthorizedError) as excinfo:
Users.update(new_user, {"dod_id": "1234567890"})
diff --git a/tests/factories.py b/tests/factories.py
index 97cfd3f2..23ed2a86 100644
--- a/tests/factories.py
+++ b/tests/factories.py
@@ -16,7 +16,6 @@ from atst.models.permission_set import PermissionSet
from atst.models.portfolio import Portfolio
from atst.domain.permission_sets import (
PermissionSets,
- PORTFOLIO_ROLES,
PORTFOLIO_PERMISSION_SETS,
_VIEW_PORTFOLIO_PERMISSION_SETS,
_EDIT_PORTFOLIO_PERMISSION_SETS,
diff --git a/tests/models/test_environments.py b/tests/models/test_environments.py
index 1e415efa..0dad7874 100644
--- a/tests/models/test_environments.py
+++ b/tests/models/test_environments.py
@@ -5,7 +5,7 @@ from tests.factories import PortfolioFactory, UserFactory
def test_add_user_to_environment():
owner = UserFactory.create()
- developer = UserFactory.from_atat_role("developer")
+ developer = UserFactory.create()
portfolio = PortfolioFactory.create(owner=owner)
application = Applications.create(