pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

workspace -> portfolio everywhere

Browse Source
This commit is contained in:
dandds
2019-01-11 09:58:00 -05:00
parent 3fc323d785
commit d3d36822df
122 changed files with 2156 additions and 2129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/domain/test_applications.py
View File

@@ -1,35 +1,35 @@
from atst.domain.applications import Applications
from tests.factories import RequestFactory, UserFactory, WorkspaceFactory
from atst.domain.workspaces import Workspaces
from tests.factories import RequestFactory, UserFactory, PortfolioFactory
from atst.domain.portfolios import Portfolios
def test_create_application_with_multiple_environments():
request = RequestFactory.create()
workspace = Workspaces.create_from_request(request)
portfolio = Portfolios.create_from_request(request)
application = Applications.create(
workspace.owner, workspace, "My Test Application", "Test", ["dev", "prod"]
portfolio.owner, portfolio, "My Test Application", "Test", ["dev", "prod"]
)
assert application.workspace == workspace
assert application.portfolio == portfolio
assert application.name == "My Test Application"
assert application.description == "Test"
assert sorted(e.name for e in application.environments) == ["dev", "prod"]
def test_workspace_owner_can_view_environments():
def test_portfolio_owner_can_view_environments():
owner = UserFactory.create()
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
applications=[{"environments": [{"name": "dev"}, {"name": "prod"}]}],
)
application = Applications.get(owner, workspace, workspace.applications[0].id)
application = Applications.get(owner, portfolio, portfolio.applications[0].id)
assert len(application.environments) == 2
def test_can_only_update_name_and_description():
owner = UserFactory.create()
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
applications=[
{
@@ -39,11 +39,11 @@ def test_can_only_update_name_and_description():
}
],
)
application = Applications.get(owner, workspace, workspace.applications[0].id)
application = Applications.get(owner, portfolio, portfolio.applications[0].id)
env_name = application.environments[0].name
Applications.update(
owner,
workspace,
portfolio,
application,
{
"name": "New Name",

60
tests/domain/test_audit_log.py
View File

@@ -3,11 +3,11 @@ import pytest
from atst.domain.audit_log import AuditLog
from atst.domain.exceptions import UnauthorizedError
from atst.domain.roles import Roles
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from tests.factories import (
UserFactory,
WorkspaceFactory,
WorkspaceRoleFactory,
PortfolioFactory,
PortfolioRoleFactory,
ApplicationFactory,
)
@@ -42,69 +42,69 @@ def test_paginate_audit_log(ccpo):
def test_ccpo_can_view_ws_audit_log(ccpo):
workspace = WorkspaceFactory.create()
events = AuditLog.get_workspace_events(ccpo, workspace)
portfolio = PortfolioFactory.create()
events = AuditLog.get_portfolio_events(ccpo, portfolio)
assert len(events) > 0
def test_ws_admin_can_view_ws_audit_log():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
admin = UserFactory.create()
WorkspaceRoleFactory.create(
workspace=workspace,
PortfolioRoleFactory.create(
portfolio=portfolio,
user=admin,
role=Roles.get("admin"),
status=WorkspaceRoleStatus.ACTIVE,
status=PortfolioRoleStatus.ACTIVE,
)
events = AuditLog.get_workspace_events(admin, workspace)
events = AuditLog.get_portfolio_events(admin, portfolio)
assert len(events) > 0
def test_ws_owner_can_view_ws_audit_log():
workspace = WorkspaceFactory.create()
events = AuditLog.get_workspace_events(workspace.owner, workspace)
portfolio = PortfolioFactory.create()
events = AuditLog.get_portfolio_events(portfolio.owner, portfolio)
assert len(events) > 0
def test_other_users_cannot_view_ws_audit_log():
with pytest.raises(UnauthorizedError):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
dev = UserFactory.create()
WorkspaceRoleFactory.create(
workspace=workspace,
PortfolioRoleFactory.create(
portfolio=portfolio,
user=dev,
role=Roles.get("developer"),
status=WorkspaceRoleStatus.ACTIVE,
status=PortfolioRoleStatus.ACTIVE,
)
AuditLog.get_workspace_events(dev, workspace)
AuditLog.get_portfolio_events(dev, portfolio)
def test_paginate_ws_audit_log():
workspace = WorkspaceFactory.create()
application = ApplicationFactory.create(workspace=workspace)
portfolio = PortfolioFactory.create()
application = ApplicationFactory.create(portfolio=portfolio)
for _ in range(100):
AuditLog.log_system_event(
resource=application, action="create", workspace=workspace
resource=application, action="create", portfolio=portfolio
)
events = AuditLog.get_workspace_events(
workspace.owner, workspace, pagination_opts={"per_page": 25, "page": 2}
events = AuditLog.get_portfolio_events(
portfolio.owner, portfolio, pagination_opts={"per_page": 25, "page": 2}
)
assert len(events) == 25
def test_ws_audit_log_only_includes_current_ws_events():
owner = UserFactory.create()
workspace = WorkspaceFactory.create(owner=owner)
other_workspace = WorkspaceFactory.create(owner=owner)
portfolio = PortfolioFactory.create(owner=owner)
other_portfolio = PortfolioFactory.create(owner=owner)
# Add some audit events
application_1 = ApplicationFactory.create(workspace=workspace)
application_2 = ApplicationFactory.create(workspace=other_workspace)
application_1 = ApplicationFactory.create(portfolio=portfolio)
application_2 = ApplicationFactory.create(portfolio=other_portfolio)
events = AuditLog.get_workspace_events(workspace.owner, workspace)
events = AuditLog.get_portfolio_events(portfolio.owner, portfolio)
for event in events:
assert event.workspace_id == workspace.id or event.resource_id == workspace.id
assert event.portfolio_id == portfolio.id or event.resource_id == portfolio.id
assert (
not event.workspace_id == other_workspace.id
or event.resource_id == other_workspace.id
not event.portfolio_id == other_portfolio.id
or event.resource_id == other_portfolio.id
)

54
tests/domain/test_environments.py
View File

@@ -1,8 +1,8 @@
from atst.domain.environments import Environments
from atst.domain.environment_roles import EnvironmentRoles
from atst.domain.workspace_roles import WorkspaceRoles
from atst.domain.portfolio_roles import PortfolioRoles
from tests.factories import ApplicationFactory, UserFactory, WorkspaceFactory
from tests.factories import ApplicationFactory, UserFactory, PortfolioFactory
def test_create_environments():
@@ -16,7 +16,7 @@ def test_create_environment_role_creates_cloud_id(session):
owner = UserFactory.create()
developer = UserFactory.from_atat_role("developer")
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
members=[{"user": developer, "role_name": "developer"}],
applications=[
@@ -24,23 +24,23 @@ def test_create_environment_role_creates_cloud_id(session):
],
)
env = workspace.applications[0].environments[0]
env = portfolio.applications[0].environments[0]
new_role = [{"id": env.id, "role": "developer"}]
workspace_role = workspace.members[0]
assert not workspace_role.user.cloud_id
portfolio_role = portfolio.members[0]
assert not portfolio_role.user.cloud_id
assert Environments.update_environment_roles(
owner, workspace, workspace_role, new_role
owner, portfolio, portfolio_role, new_role
)
assert workspace_role.user.cloud_id is not None
assert portfolio_role.user.cloud_id is not None
def test_update_environment_roles():
owner = UserFactory.create()
developer = UserFactory.from_atat_role("developer")
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
members=[{"user": developer, "role_name": "developer"}],
applications=[
@@ -61,19 +61,19 @@ def test_update_environment_roles():
],
)
dev_env = workspace.applications[0].environments[0]
staging_env = workspace.applications[0].environments[1]
dev_env = portfolio.applications[0].environments[0]
staging_env = portfolio.applications[0].environments[1]
new_ids_and_roles = [
{"id": dev_env.id, "role": "billing_admin"},
{"id": staging_env.id, "role": "developer"},
]
workspace_role = workspace.members[0]
portfolio_role = portfolio.members[0]
assert Environments.update_environment_roles(
owner, workspace, workspace_role, new_ids_and_roles
owner, portfolio, portfolio_role, new_ids_and_roles
)
new_dev_env_role = EnvironmentRoles.get(workspace_role.user.id, dev_env.id)
staging_env_role = EnvironmentRoles.get(workspace_role.user.id, staging_env.id)
new_dev_env_role = EnvironmentRoles.get(portfolio_role.user.id, dev_env.id)
staging_env_role = EnvironmentRoles.get(portfolio_role.user.id, staging_env.id)
assert new_dev_env_role.role == "billing_admin"
assert staging_env_role.role == "developer"
@@ -82,7 +82,7 @@ def test_update_environment_roles():
def test_remove_environment_role():
owner = UserFactory.create()
developer = UserFactory.from_atat_role("developer")
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
members=[{"user": developer, "role_name": "developer"}],
applications=[
@@ -109,7 +109,7 @@ def test_remove_environment_role():
],
)
application = workspace.applications[0]
application = portfolio.applications[0]
now_ba = application.environments[0].id
now_none = application.environments[1].id
still_fa = application.environments[2].id
@@ -119,12 +119,12 @@ def test_remove_environment_role():
{"id": now_none, "role": None},
]
workspace_role = WorkspaceRoles.get(workspace.id, developer.id)
portfolio_role = PortfolioRoles.get(portfolio.id, developer.id)
assert Environments.update_environment_roles(
owner, workspace, workspace_role, new_environment_roles
owner, portfolio, portfolio_role, new_environment_roles
)
assert workspace_role.num_environment_roles == 2
assert portfolio_role.num_environment_roles == 2
assert EnvironmentRoles.get(developer.id, now_ba).role == "billing_auditor"
assert EnvironmentRoles.get(developer.id, now_none) is None
assert EnvironmentRoles.get(developer.id, still_fa).role == "financial_auditor"
@@ -134,7 +134,7 @@ def test_no_update_to_environment_roles():
owner = UserFactory.create()
developer = UserFactory.from_atat_role("developer")
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
members=[{"user": developer, "role_name": "developer"}],
applications=[
@@ -150,18 +150,18 @@ def test_no_update_to_environment_roles():
],
)
dev_env = workspace.applications[0].environments[0]
dev_env = portfolio.applications[0].environments[0]
new_ids_and_roles = [{"id": dev_env.id, "role": "devops"}]
workspace_role = WorkspaceRoles.get(workspace.id, developer.id)
portfolio_role = PortfolioRoles.get(portfolio.id, developer.id)
assert not Environments.update_environment_roles(
owner, workspace, workspace_role, new_ids_and_roles
owner, portfolio, portfolio_role, new_ids_and_roles
)
def test_get_scoped_environments(db):
developer = UserFactory.create()
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
members=[{"user": developer, "role_name": "developer"}],
applications=[
{
@@ -189,8 +189,8 @@ def test_get_scoped_environments(db):
],
)
application1_envs = Environments.for_user(developer, workspace.applications[0])
application1_envs = Environments.for_user(developer, portfolio.applications[0])
assert [env.name for env in application1_envs] == ["application1 dev"]
application2_envs = Environments.for_user(developer, workspace.applications[1])
application2_envs = Environments.for_user(developer, portfolio.applications[1])
assert [env.name for env in application2_envs] == ["application2 staging"]

76
tests/domain/test_invitations.py
View File

@@ -11,8 +11,8 @@ from atst.domain.invitations import (
from atst.models.invitation import Status
from tests.factories import (
WorkspaceFactory,
WorkspaceRoleFactory,
PortfolioFactory,
PortfolioRoleFactory,
UserFactory,
InvitationFactory,
)
@@ -21,22 +21,22 @@ from atst.domain.audit_log import AuditLog
def test_create_invitation():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
invite = Invitations.create(workspace.owner, ws_role, user.email)
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = Invitations.create(portfolio.owner, ws_role, user.email)
assert invite.user == user
assert invite.workspace_role == ws_role
assert invite.inviter == workspace.owner
assert invite.portfolio_role == ws_role
assert invite.inviter == portfolio.owner
assert invite.status == Status.PENDING
assert re.match(r"^[\w\-_]+$", invite.token)
def test_accept_invitation():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
invite = Invitations.create(workspace.owner, ws_role, user.email)
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = Invitations.create(portfolio.owner, ws_role, user.email)
assert invite.is_pending
accepted_invite = Invitations.accept(user, invite.token)
assert accepted_invite.is_accepted
@@ -44,15 +44,15 @@ def test_accept_invitation():
def test_accept_expired_invitation():
user = UserFactory.create()
workspace = WorkspaceFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
increment = Invitations.EXPIRATION_LIMIT_MINUTES + 1
expiration_time = datetime.datetime.now() - datetime.timedelta(minutes=increment)
invite = InvitationFactory.create(
user=user,
expiration_time=expiration_time,
status=Status.PENDING,
workspace_role=ws_role,
portfolio_role=ws_role,
)
with pytest.raises(ExpiredError):
Invitations.accept(user, invite.token)
@@ -62,10 +62,10 @@ def test_accept_expired_invitation():
def test_accept_rejected_invite():
user = UserFactory.create()
workspace = WorkspaceFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = InvitationFactory.create(
user=user, status=Status.REJECTED_EXPIRED, workspace_role=ws_role
user=user, status=Status.REJECTED_EXPIRED, portfolio_role=ws_role
)
with pytest.raises(InvitationError):
Invitations.accept(user, invite.token)
@@ -73,10 +73,10 @@ def test_accept_rejected_invite():
def test_accept_revoked_invite():
user = UserFactory.create()
workspace = WorkspaceFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = InvitationFactory.create(
user=user, status=Status.REVOKED, workspace_role=ws_role
user=user, status=Status.REVOKED, portfolio_role=ws_role
)
with pytest.raises(InvitationError):
Invitations.accept(user, invite.token)
@@ -84,20 +84,20 @@ def test_accept_revoked_invite():
def test_wrong_user_accepts_invitation():
user = UserFactory.create()
workspace = WorkspaceFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
wrong_user = UserFactory.create()
invite = InvitationFactory.create(user=user, workspace_role=ws_role)
invite = InvitationFactory.create(user=user, portfolio_role=ws_role)
with pytest.raises(WrongUserError):
Invitations.accept(wrong_user, invite.token)
def test_user_cannot_accept_invitation_accepted_by_wrong_user():
user = UserFactory.create()
workspace = WorkspaceFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
wrong_user = UserFactory.create()
invite = InvitationFactory.create(user=user, workspace_role=ws_role)
invite = InvitationFactory.create(user=user, portfolio_role=ws_role)
with pytest.raises(WrongUserError):
Invitations.accept(wrong_user, invite.token)
with pytest.raises(InvitationError):
@@ -105,40 +105,40 @@ def test_user_cannot_accept_invitation_accepted_by_wrong_user():
def test_accept_invitation_twice():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
invite = Invitations.create(workspace.owner, ws_role, user.email)
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = Invitations.create(portfolio.owner, ws_role, user.email)
Invitations.accept(user, invite.token)
with pytest.raises(InvitationError):
Invitations.accept(user, invite.token)
def test_revoke_invitation():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
invite = Invitations.create(workspace.owner, ws_role, user.email)
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = Invitations.create(portfolio.owner, ws_role, user.email)
assert invite.is_pending
Invitations.revoke(invite.token)
assert invite.is_revoked
def test_resend_invitation():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
invite = Invitations.create(workspace.owner, ws_role, user.email)
Invitations.resend(workspace.owner, workspace.id, invite.token)
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = Invitations.create(portfolio.owner, ws_role, user.email)
Invitations.resend(portfolio.owner, portfolio.id, invite.token)
assert ws_role.invitations[0].is_revoked
assert ws_role.invitations[1].is_pending
def test_audit_event_for_accepted_invite():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
invite = Invitations.create(workspace.owner, ws_role, user.email)
ws_role = PortfolioRoleFactory.create(user=user, portfolio=portfolio)
invite = Invitations.create(portfolio.owner, ws_role, user.email)
invite = Invitations.accept(user, invite.token)
accepted_event = AuditLog.get_by_resource(invite.id)[0]

65
tests/domain/test_portfolio_roles.py Normal file
View File

@@ -0,0 +1,65 @@
from atst.domain.portfolio_roles import PortfolioRoles
from atst.domain.users import Users
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from atst.domain.roles import Roles
from tests.factories import (
PortfolioFactory,
UserFactory,
InvitationFactory,
PortfolioRoleFactory,
)
def test_can_create_new_portfolio_role():
portfolio = PortfolioFactory.create()
new_user = UserFactory.create()
portfolio_role_dicts = [{"id": new_user.id, "portfolio_role": "owner"}]
portfolio_roles = PortfolioRoles.add_many(portfolio.id, portfolio_role_dicts)
assert portfolio_roles[0].user_id == new_user.id
assert portfolio_roles[0].user.atat_role.name == new_user.atat_role.name
assert portfolio_roles[0].role.name == new_user.portfolio_roles[0].role.name
def test_can_update_existing_portfolio_role():
portfolio = PortfolioFactory.create()
new_user = UserFactory.create()
PortfolioRoles.add_many(
portfolio.id, [{"id": new_user.id, "portfolio_role": "owner"}]
)
portfolio_roles = PortfolioRoles.add_many(
portfolio.id, [{"id": new_user.id, "portfolio_role": "developer"}]
)
assert portfolio_roles[0].user.atat_role.name == new_user.atat_role.name
assert portfolio_roles[0].role.name == new_user.portfolio_roles[0].role.name
def test_portfolio_role_permissions():
portfolio_one = PortfolioFactory.create()
portfolio_two = PortfolioFactory.create()
new_user = UserFactory.create()
PortfolioRoleFactory.create(
portfolio=portfolio_one,
user=new_user,
role=Roles.get("developer"),
status=PortfolioRoleStatus.ACTIVE,
)
PortfolioRoleFactory.create(
portfolio=portfolio_two,
user=new_user,
role=Roles.get("developer"),
status=PortfolioRoleStatus.PENDING,
)
default_perms = set(new_user.atat_role.permissions)
assert len(
PortfolioRoles.portfolio_role_permissions(portfolio_one, new_user)
) > len(default_perms)
assert (
PortfolioRoles.portfolio_role_permissions(portfolio_two, new_user)
== default_perms
)

358
tests/domain/test_portfolios.py Normal file
View File

@@ -0,0 +1,358 @@
import pytest
from uuid import uuid4
from atst.domain.exceptions import NotFoundError, UnauthorizedError
from atst.domain.portfolios import Portfolios, PortfolioError
from atst.domain.portfolio_roles import PortfolioRoles
from atst.domain.applications import Applications
from atst.domain.environments import Environments
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from tests.factories import (
RequestFactory,
UserFactory,
PortfolioRoleFactory,
PortfolioFactory,
)
@pytest.fixture(scope="function")
def portfolio_owner():
return UserFactory.create()
@pytest.fixture(scope="function")
def request_(portfolio_owner):
return RequestFactory.create(creator=portfolio_owner)
@pytest.fixture(scope="function")
def portfolio(request_):
portfolio = Portfolios.create_from_request(request_)
return portfolio
def test_can_create_portfolio(request_):
portfolio = Portfolios.create_from_request(request_, name="frugal-whale")
assert portfolio.name == "frugal-whale"
def test_request_is_associated_with_portfolio(portfolio, request_):
assert portfolio.request == request_
def test_default_portfolio_name_is_request_name(portfolio, request_):
assert portfolio.name == str(request_.displayname)
def test_get_nonexistent_portfolio_raises():
with pytest.raises(NotFoundError):
Portfolios.get(UserFactory.build(), uuid4())
def test_can_get_portfolio_by_request(portfolio):
found = Portfolios.get_by_request(portfolio.request)
assert portfolio == found
def test_creating_portfolio_adds_owner(portfolio, portfolio_owner):
assert portfolio.roles[0].user == portfolio_owner
def test_portfolio_has_timestamps(portfolio):
assert portfolio.time_created == portfolio.time_updated
def test_portfolios_get_ensures_user_is_in_portfolio(portfolio, portfolio_owner):
outside_user = UserFactory.create()
with pytest.raises(UnauthorizedError):
Portfolios.get(outside_user, portfolio.id)
def test_get_for_update_applications_allows_owner(portfolio, portfolio_owner):
Portfolios.get_for_update_applications(portfolio_owner, portfolio.id)
def test_get_for_update_applications_blocks_developer(portfolio):
developer = UserFactory.create()
PortfolioRoles.add(developer, portfolio.id, "developer")
with pytest.raises(UnauthorizedError):
Portfolios.get_for_update_applications(developer, portfolio.id)
def test_can_create_portfolio_role(portfolio, portfolio_owner):
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"portfolio_role": "developer",
"dod_id": "1234567890",
}
new_member = Portfolios.create_member(portfolio_owner, portfolio, user_data)
assert new_member.portfolio == portfolio
assert new_member.user.provisional
def test_can_add_existing_user_to_portfolio(portfolio, portfolio_owner):
user = UserFactory.create()
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"portfolio_role": "developer",
"dod_id": user.dod_id,
}
new_member = Portfolios.create_member(portfolio_owner, portfolio, user_data)
assert new_member.portfolio == portfolio
assert new_member.user.email == user.email
assert not new_member.user.provisional
def test_need_permission_to_create_portfolio_role(portfolio, portfolio_owner):
random_user = UserFactory.create()
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"portfolio_role": "developer",
"dod_id": "1234567890",
}
with pytest.raises(UnauthorizedError):
Portfolios.create_member(random_user, portfolio, user_data)
def test_update_portfolio_role_role(portfolio, portfolio_owner):
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"portfolio_role": "developer",
"dod_id": "1234567890",
}
PortfolioRoleFactory._meta.sqlalchemy_session_persistence = "flush"
member = PortfolioRoleFactory.create(portfolio=portfolio)
role_name = "admin"
updated_member = Portfolios.update_member(
portfolio_owner, portfolio, member, role_name
)
assert updated_member.portfolio == portfolio
assert updated_member.role_name == role_name
def test_need_permission_to_update_portfolio_role_role(portfolio, portfolio_owner):
random_user = UserFactory.create()
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"portfolio_role": "developer",
"dod_id": "1234567890",
}
member = Portfolios.create_member(portfolio_owner, portfolio, user_data)
role_name = "developer"
with pytest.raises(UnauthorizedError):
Portfolios.update_member(random_user, portfolio, member, role_name)
def test_owner_can_view_portfolio_members(portfolio, portfolio_owner):
portfolio_owner = UserFactory.create()
portfolio = Portfolios.create_from_request(
RequestFactory.create(creator=portfolio_owner)
)
portfolio = Portfolios.get_with_members(portfolio_owner, portfolio.id)
assert portfolio
def test_ccpo_can_view_portfolio_members(portfolio, portfolio_owner):
ccpo = UserFactory.from_atat_role("ccpo")
assert Portfolios.get_with_members(ccpo, portfolio.id)
def test_random_user_cannot_view_portfolio_members(portfolio):
developer = UserFactory.from_atat_role("developer")
with pytest.raises(UnauthorizedError):
portfolio = Portfolios.get_with_members(developer, portfolio.id)
def test_scoped_portfolio_only_returns_a_users_applications_and_environments(
portfolio, portfolio_owner
):
new_application = Applications.create(
portfolio_owner,
portfolio,
"My Application",
"My application",
["dev", "staging", "prod"],
)
Applications.create(
portfolio_owner,
portfolio,
"My Application 2",
"My application 2",
["dev", "staging", "prod"],
)
developer = UserFactory.from_atat_role("developer")
dev_environment = Environments.add_member(
new_application.environments[0], developer, "developer"
)
scoped_portfolio = Portfolios.get(developer, portfolio.id)
# Should only return the application and environment in which the user has an
# environment role.
assert scoped_portfolio.applications == [new_application]
assert scoped_portfolio.applications[0].environments == [dev_environment]
def test_scoped_portfolio_returns_all_applications_for_portfolio_admin(
portfolio, portfolio_owner
):
for _ in range(5):
Applications.create(
portfolio_owner,
portfolio,
"My Application",
"My application",
["dev", "staging", "prod"],
)
admin = UserFactory.from_atat_role("default")
Portfolios._create_portfolio_role(
admin, portfolio, "admin", status=PortfolioRoleStatus.ACTIVE
)
scoped_portfolio = Portfolios.get(admin, portfolio.id)
assert len(scoped_portfolio.applications) == 5
assert len(scoped_portfolio.applications[0].environments) == 3
def test_scoped_portfolio_returns_all_applications_for_portfolio_owner(
portfolio, portfolio_owner
):
for _ in range(5):
Applications.create(
portfolio_owner,
portfolio,
"My Application",
"My application",
["dev", "staging", "prod"],
)
scoped_portfolio = Portfolios.get(portfolio_owner, portfolio.id)
assert len(scoped_portfolio.applications) == 5
assert len(scoped_portfolio.applications[0].environments) == 3
def test_for_user_returns_active_portfolios_for_user(portfolio, portfolio_owner):
bob = UserFactory.from_atat_role("default")
PortfolioRoleFactory.create(
user=bob, portfolio=portfolio, status=PortfolioRoleStatus.ACTIVE
)
Portfolios.create_from_request(RequestFactory.create())
bobs_portfolios = Portfolios.for_user(bob)
assert len(bobs_portfolios) == 1
def test_for_user_does_not_return_inactive_portfolios(portfolio, portfolio_owner):
bob = UserFactory.from_atat_role("default")
Portfolios.add_member(portfolio, bob, "developer")
Portfolios.create_from_request(RequestFactory.create())
bobs_portfolios = Portfolios.for_user(bob)
assert len(bobs_portfolios) == 0
def test_for_user_returns_all_portfolios_for_ccpo(portfolio, portfolio_owner):
sam = UserFactory.from_atat_role("ccpo")
Portfolios.create_from_request(RequestFactory.create())
sams_portfolios = Portfolios.for_user(sam)
assert len(sams_portfolios) == 2
def test_get_for_update_information():
portfolio_owner = UserFactory.create()
portfolio = Portfolios.create_from_request(
RequestFactory.create(creator=portfolio_owner)
)
owner_ws = Portfolios.get_for_update_information(portfolio_owner, portfolio.id)
assert portfolio == owner_ws
admin = UserFactory.create()
Portfolios._create_portfolio_role(
admin, portfolio, "admin", status=PortfolioRoleStatus.ACTIVE
)
admin_ws = Portfolios.get_for_update_information(admin, portfolio.id)
assert portfolio == admin_ws
ccpo = UserFactory.from_atat_role("ccpo")
with pytest.raises(UnauthorizedError):
Portfolios.get_for_update_information(ccpo, portfolio.id)
def test_can_create_portfolios_with_matching_names():
portfolio_name = "Great Portfolio"
Portfolios.create_from_request(RequestFactory.create(), name=portfolio_name)
Portfolios.create_from_request(RequestFactory.create(), name=portfolio_name)
def test_able_to_revoke_portfolio_access_for_active_member():
portfolio = PortfolioFactory.create()
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, status=PortfolioRoleStatus.ACTIVE
)
Portfolios.revoke_access(portfolio.owner, portfolio.id, portfolio_role.id)
assert Portfolios.for_user(portfolio_role.user) == []
def test_can_revoke_access():
portfolio = PortfolioFactory.create()
owner_role = portfolio.roles[0]
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, status=PortfolioRoleStatus.ACTIVE
)
assert Portfolios.can_revoke_access_for(portfolio, portfolio_role)
assert not Portfolios.can_revoke_access_for(portfolio, owner_role)
def test_unable_to_revoke_owner_portfolio_access():
portfolio = PortfolioFactory.create()
owner_portfolio_role = portfolio.roles[0]
with pytest.raises(PortfolioError):
Portfolios.revoke_access(portfolio.owner, portfolio.id, owner_portfolio_role.id)
def test_disabled_members_dont_show_up(session):
portfolio = PortfolioFactory.create()
PortfolioRoleFactory.create(portfolio=portfolio, status=PortfolioRoleStatus.ACTIVE)
PortfolioRoleFactory.create(
portfolio=portfolio, status=PortfolioRoleStatus.DISABLED
)
# should only return portfolio owner and ACTIVE member
assert len(portfolio.members) == 2
def test_does_not_count_disabled_members(session):
portfolio = PortfolioFactory.create()
PortfolioRoleFactory.create(portfolio=portfolio, status=PortfolioRoleStatus.ACTIVE)
PortfolioRoleFactory.create(portfolio=portfolio)
PortfolioRoleFactory.create(
portfolio=portfolio, status=PortfolioRoleStatus.DISABLED
)
assert portfolio.user_count == 3

18
tests/domain/test_reports.py
View File

@@ -1,19 +1,19 @@
from atst.domain.reports import Reports
from tests.factories import RequestFactory, LegacyTaskOrderFactory, WorkspaceFactory
from tests.factories import RequestFactory, LegacyTaskOrderFactory, PortfolioFactory
CLIN_NUMS = ["0001", "0003", "1001", "1003", "2001", "2003"]
def test_workspace_totals():
def test_portfolio_totals():
legacy_task_order = LegacyTaskOrderFactory.create()
for num in CLIN_NUMS:
setattr(legacy_task_order, "clin_{}".format(num), 200)
request = RequestFactory.create(legacy_task_order=legacy_task_order)
workspace = WorkspaceFactory.create(request=request)
report = Reports.workspace_totals(workspace)
portfolio = PortfolioFactory.create(request=request)
report = Reports.portfolio_totals(portfolio)
total = 200 * len(CLIN_NUMS)
assert report == {"budget": total, "spent": 0}
@@ -21,18 +21,18 @@ def test_workspace_totals():
# this is sketched in until we do real reporting
def test_monthly_totals():
request = RequestFactory.create()
workspace = WorkspaceFactory.create(request=request)
monthly = Reports.monthly_totals(workspace)
portfolio = PortfolioFactory.create(request=request)
monthly = Reports.monthly_totals(portfolio)
assert not monthly["environments"]
assert not monthly["applications"]
assert not monthly["workspace"]
assert not monthly["portfolio"]
# this is sketched in until we do real reporting
def test_cumulative_budget():
request = RequestFactory.create()
workspace = WorkspaceFactory.create(request=request)
months = Reports.cumulative_budget(workspace)
portfolio = PortfolioFactory.create(request=request)
months = Reports.cumulative_budget(portfolio)
assert len(months["months"]) == 12

6
tests/domain/test_requests.py
View File

@@ -224,10 +224,10 @@ def test_random_user_cannot_view_request():
assert not RequestsAuthorization(user, request).can_view
def test_auto_approve_and_create_workspace():
def test_auto_approve_and_create_portfolio():
request = RequestFactory.create()
workspace = Requests.auto_approve_and_create_workspace(request)
assert workspace
portfolio = Requests.auto_approve_and_create_portfolio(request)
assert portfolio
assert request.reviews[0]
assert request.reviews[0].full_name_reviewer == "System"

26
tests/domain/test_task_orders.py
View File

@@ -6,8 +6,8 @@ from atst.domain.exceptions import UnauthorizedError
from tests.factories import (
TaskOrderFactory,
UserFactory,
WorkspaceRoleFactory,
WorkspaceFactory,
PortfolioRoleFactory,
PortfolioFactory,
)
@@ -40,31 +40,31 @@ def test_all_sections_complete():
def test_add_officer():
task_order = TaskOrderFactory.create()
ko = UserFactory.create()
owner = task_order.workspace.owner
owner = task_order.portfolio.owner
TaskOrders.add_officer(owner, task_order, "contracting_officer", ko.to_dictionary())
assert task_order.contracting_officer == ko
workspace_users = [ws_role.user for ws_role in task_order.workspace.members]
assert ko in workspace_users
portfolio_users = [ws_role.user for ws_role in task_order.portfolio.members]
assert ko in portfolio_users
def test_add_officer_with_nonexistent_role():
task_order = TaskOrderFactory.create()
ko = UserFactory.create()
owner = task_order.workspace.owner
owner = task_order.portfolio.owner
with pytest.raises(TaskOrderError):
TaskOrders.add_officer(owner, task_order, "pilot", ko.to_dictionary())
def test_add_officer_who_is_already_workspace_member():
def test_add_officer_who_is_already_portfolio_member():
task_order = TaskOrderFactory.create()
owner = task_order.workspace.owner
owner = task_order.portfolio.owner
TaskOrders.add_officer(
owner, task_order, "contracting_officer", owner.to_dictionary()
)
assert task_order.contracting_officer == owner
member = task_order.workspace.members[0]
member = task_order.portfolio.members[0]
assert member.user == owner and member.role_name == "owner"
@@ -84,15 +84,15 @@ def test_task_order_access():
with pytest.raises(UnauthorizedError):
method(user, *method_args)
workspace = WorkspaceFactory.create(owner=creator)
task_order = TaskOrderFactory.create(creator=creator, workspace=workspace)
WorkspaceRoleFactory.create(user=member, workspace=task_order.workspace)
portfolio = PortfolioFactory.create(owner=creator)
task_order = TaskOrderFactory.create(creator=creator, portfolio=portfolio)
PortfolioRoleFactory.create(user=member, portfolio=task_order.portfolio)
TaskOrders.add_officer(
creator, task_order, "contracting_officer", officer.to_dictionary()
)
check_access([creator, officer], [member, rando], "get", [task_order.id])
check_access([creator], [officer, member, rando], "create", [workspace])
check_access([creator], [officer, member, rando], "create", [portfolio])
check_access([creator, officer], [member, rando], "update", [task_order])
check_access(
[creator],

65
tests/domain/test_workspace_roles.py
View File

@@ -1,65 +0,0 @@
from atst.domain.workspace_roles import WorkspaceRoles
from atst.domain.users import Users
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.domain.roles import Roles
from tests.factories import (
WorkspaceFactory,
UserFactory,
InvitationFactory,
WorkspaceRoleFactory,
)
def test_can_create_new_workspace_role():
workspace = WorkspaceFactory.create()
new_user = UserFactory.create()
workspace_role_dicts = [{"id": new_user.id, "workspace_role": "owner"}]
workspace_roles = WorkspaceRoles.add_many(workspace.id, workspace_role_dicts)
assert workspace_roles[0].user_id == new_user.id
assert workspace_roles[0].user.atat_role.name == new_user.atat_role.name
assert workspace_roles[0].role.name == new_user.workspace_roles[0].role.name
def test_can_update_existing_workspace_role():
workspace = WorkspaceFactory.create()
new_user = UserFactory.create()
WorkspaceRoles.add_many(
workspace.id, [{"id": new_user.id, "workspace_role": "owner"}]
)
workspace_roles = WorkspaceRoles.add_many(
workspace.id, [{"id": new_user.id, "workspace_role": "developer"}]
)
assert workspace_roles[0].user.atat_role.name == new_user.atat_role.name
assert workspace_roles[0].role.name == new_user.workspace_roles[0].role.name
def test_workspace_role_permissions():
workspace_one = WorkspaceFactory.create()
workspace_two = WorkspaceFactory.create()
new_user = UserFactory.create()
WorkspaceRoleFactory.create(
workspace=workspace_one,
user=new_user,
role=Roles.get("developer"),
status=WorkspaceRoleStatus.ACTIVE,
)
WorkspaceRoleFactory.create(
workspace=workspace_two,
user=new_user,
role=Roles.get("developer"),
status=WorkspaceRoleStatus.PENDING,
)
default_perms = set(new_user.atat_role.permissions)
assert len(
WorkspaceRoles.workspace_role_permissions(workspace_one, new_user)
) > len(default_perms)
assert (
WorkspaceRoles.workspace_role_permissions(workspace_two, new_user)
== default_perms
)

358
tests/domain/test_workspaces.py
View File

@@ -1,358 +0,0 @@
import pytest
from uuid import uuid4
from atst.domain.exceptions import NotFoundError, UnauthorizedError
from atst.domain.workspaces import Workspaces, WorkspaceError
from atst.domain.workspace_roles import WorkspaceRoles
from atst.domain.applications import Applications
from atst.domain.environments import Environments
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from tests.factories import (
RequestFactory,
UserFactory,
WorkspaceRoleFactory,
WorkspaceFactory,
)
@pytest.fixture(scope="function")
def workspace_owner():
return UserFactory.create()
@pytest.fixture(scope="function")
def request_(workspace_owner):
return RequestFactory.create(creator=workspace_owner)
@pytest.fixture(scope="function")
def workspace(request_):
workspace = Workspaces.create_from_request(request_)
return workspace
def test_can_create_workspace(request_):
workspace = Workspaces.create_from_request(request_, name="frugal-whale")
assert workspace.name == "frugal-whale"
def test_request_is_associated_with_workspace(workspace, request_):
assert workspace.request == request_
def test_default_workspace_name_is_request_name(workspace, request_):
assert workspace.name == str(request_.displayname)
def test_get_nonexistent_workspace_raises():
with pytest.raises(NotFoundError):
Workspaces.get(UserFactory.build(), uuid4())
def test_can_get_workspace_by_request(workspace):
found = Workspaces.get_by_request(workspace.request)
assert workspace == found
def test_creating_workspace_adds_owner(workspace, workspace_owner):
assert workspace.roles[0].user == workspace_owner
def test_workspace_has_timestamps(workspace):
assert workspace.time_created == workspace.time_updated
def test_workspaces_get_ensures_user_is_in_workspace(workspace, workspace_owner):
outside_user = UserFactory.create()
with pytest.raises(UnauthorizedError):
Workspaces.get(outside_user, workspace.id)
def test_get_for_update_applications_allows_owner(workspace, workspace_owner):
Workspaces.get_for_update_applications(workspace_owner, workspace.id)
def test_get_for_update_applications_blocks_developer(workspace):
developer = UserFactory.create()
WorkspaceRoles.add(developer, workspace.id, "developer")
with pytest.raises(UnauthorizedError):
Workspaces.get_for_update_applications(developer, workspace.id)
def test_can_create_workspace_role(workspace, workspace_owner):
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"workspace_role": "developer",
"dod_id": "1234567890",
}
new_member = Workspaces.create_member(workspace_owner, workspace, user_data)
assert new_member.workspace == workspace
assert new_member.user.provisional
def test_can_add_existing_user_to_workspace(workspace, workspace_owner):
user = UserFactory.create()
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"workspace_role": "developer",
"dod_id": user.dod_id,
}
new_member = Workspaces.create_member(workspace_owner, workspace, user_data)
assert new_member.workspace == workspace
assert new_member.user.email == user.email
assert not new_member.user.provisional
def test_need_permission_to_create_workspace_role(workspace, workspace_owner):
random_user = UserFactory.create()
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"workspace_role": "developer",
"dod_id": "1234567890",
}
with pytest.raises(UnauthorizedError):
Workspaces.create_member(random_user, workspace, user_data)
def test_update_workspace_role_role(workspace, workspace_owner):
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"workspace_role": "developer",
"dod_id": "1234567890",
}
WorkspaceRoleFactory._meta.sqlalchemy_session_persistence = "flush"
member = WorkspaceRoleFactory.create(workspace=workspace)
role_name = "admin"
updated_member = Workspaces.update_member(
workspace_owner, workspace, member, role_name
)
assert updated_member.workspace == workspace
assert updated_member.role_name == role_name
def test_need_permission_to_update_workspace_role_role(workspace, workspace_owner):
random_user = UserFactory.create()
user_data = {
"first_name": "New",
"last_name": "User",
"email": "new.user@mail.com",
"workspace_role": "developer",
"dod_id": "1234567890",
}
member = Workspaces.create_member(workspace_owner, workspace, user_data)
role_name = "developer"
with pytest.raises(UnauthorizedError):
Workspaces.update_member(random_user, workspace, member, role_name)
def test_owner_can_view_workspace_members(workspace, workspace_owner):
workspace_owner = UserFactory.create()
workspace = Workspaces.create_from_request(
RequestFactory.create(creator=workspace_owner)
)
workspace = Workspaces.get_with_members(workspace_owner, workspace.id)
assert workspace
def test_ccpo_can_view_workspace_members(workspace, workspace_owner):
ccpo = UserFactory.from_atat_role("ccpo")
assert Workspaces.get_with_members(ccpo, workspace.id)
def test_random_user_cannot_view_workspace_members(workspace):
developer = UserFactory.from_atat_role("developer")
with pytest.raises(UnauthorizedError):
workspace = Workspaces.get_with_members(developer, workspace.id)
def test_scoped_workspace_only_returns_a_users_applications_and_environments(
workspace, workspace_owner
):
new_application = Applications.create(
workspace_owner,
workspace,
"My Application",
"My application",
["dev", "staging", "prod"],
)
Applications.create(
workspace_owner,
workspace,
"My Application 2",
"My application 2",
["dev", "staging", "prod"],
)
developer = UserFactory.from_atat_role("developer")
dev_environment = Environments.add_member(
new_application.environments[0], developer, "developer"
)
scoped_workspace = Workspaces.get(developer, workspace.id)
# Should only return the application and environment in which the user has an
# environment role.
assert scoped_workspace.applications == [new_application]
assert scoped_workspace.applications[0].environments == [dev_environment]
def test_scoped_workspace_returns_all_applications_for_workspace_admin(
workspace, workspace_owner
):
for _ in range(5):
Applications.create(
workspace_owner,
workspace,
"My Application",
"My application",
["dev", "staging", "prod"],
)
admin = UserFactory.from_atat_role("default")
Workspaces._create_workspace_role(
admin, workspace, "admin", status=WorkspaceRoleStatus.ACTIVE
)
scoped_workspace = Workspaces.get(admin, workspace.id)
assert len(scoped_workspace.applications) == 5
assert len(scoped_workspace.applications[0].environments) == 3
def test_scoped_workspace_returns_all_applications_for_workspace_owner(
workspace, workspace_owner
):
for _ in range(5):
Applications.create(
workspace_owner,
workspace,
"My Application",
"My application",
["dev", "staging", "prod"],
)
scoped_workspace = Workspaces.get(workspace_owner, workspace.id)
assert len(scoped_workspace.applications) == 5
assert len(scoped_workspace.applications[0].environments) == 3
def test_for_user_returns_active_workspaces_for_user(workspace, workspace_owner):
bob = UserFactory.from_atat_role("default")
WorkspaceRoleFactory.create(
user=bob, workspace=workspace, status=WorkspaceRoleStatus.ACTIVE
)
Workspaces.create_from_request(RequestFactory.create())
bobs_workspaces = Workspaces.for_user(bob)
assert len(bobs_workspaces) == 1
def test_for_user_does_not_return_inactive_workspaces(workspace, workspace_owner):
bob = UserFactory.from_atat_role("default")
Workspaces.add_member(workspace, bob, "developer")
Workspaces.create_from_request(RequestFactory.create())
bobs_workspaces = Workspaces.for_user(bob)
assert len(bobs_workspaces) == 0
def test_for_user_returns_all_workspaces_for_ccpo(workspace, workspace_owner):
sam = UserFactory.from_atat_role("ccpo")
Workspaces.create_from_request(RequestFactory.create())
sams_workspaces = Workspaces.for_user(sam)
assert len(sams_workspaces) == 2
def test_get_for_update_information():
workspace_owner = UserFactory.create()
workspace = Workspaces.create_from_request(
RequestFactory.create(creator=workspace_owner)
)
owner_ws = Workspaces.get_for_update_information(workspace_owner, workspace.id)
assert workspace == owner_ws
admin = UserFactory.create()
Workspaces._create_workspace_role(
admin, workspace, "admin", status=WorkspaceRoleStatus.ACTIVE
)
admin_ws = Workspaces.get_for_update_information(admin, workspace.id)
assert workspace == admin_ws
ccpo = UserFactory.from_atat_role("ccpo")
with pytest.raises(UnauthorizedError):
Workspaces.get_for_update_information(ccpo, workspace.id)
def test_can_create_workspaces_with_matching_names():
workspace_name = "Great Workspace"
Workspaces.create_from_request(RequestFactory.create(), name=workspace_name)
Workspaces.create_from_request(RequestFactory.create(), name=workspace_name)
def test_able_to_revoke_workspace_access_for_active_member():
workspace = WorkspaceFactory.create()
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, status=WorkspaceRoleStatus.ACTIVE
)
Workspaces.revoke_access(workspace.owner, workspace.id, workspace_role.id)
assert Workspaces.for_user(workspace_role.user) == []
def test_can_revoke_access():
workspace = WorkspaceFactory.create()
owner_role = workspace.roles[0]
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, status=WorkspaceRoleStatus.ACTIVE
)
assert Workspaces.can_revoke_access_for(workspace, workspace_role)
assert not Workspaces.can_revoke_access_for(workspace, owner_role)
def test_unable_to_revoke_owner_workspace_access():
workspace = WorkspaceFactory.create()
owner_workspace_role = workspace.roles[0]
with pytest.raises(WorkspaceError):
Workspaces.revoke_access(workspace.owner, workspace.id, owner_workspace_role.id)
def test_disabled_members_dont_show_up(session):
workspace = WorkspaceFactory.create()
WorkspaceRoleFactory.create(workspace=workspace, status=WorkspaceRoleStatus.ACTIVE)
WorkspaceRoleFactory.create(
workspace=workspace, status=WorkspaceRoleStatus.DISABLED
)
# should only return workspace owner and ACTIVE member
assert len(workspace.members) == 2
def test_does_not_count_disabled_members(session):
workspace = WorkspaceFactory.create()
WorkspaceRoleFactory.create(workspace=workspace, status=WorkspaceRoleStatus.ACTIVE)
WorkspaceRoleFactory.create(workspace=workspace)
WorkspaceRoleFactory.create(
workspace=workspace, status=WorkspaceRoleStatus.DISABLED
)
assert workspace.user_count == 3

46
tests/factories.py
View File

@@ -17,9 +17,9 @@ from atst.models.legacy_task_order import LegacyTaskOrder, Source, FundingType
from atst.models.task_order import TaskOrder
from atst.models.user import User
from atst.models.role import Role
from atst.models.workspace import Workspace
from atst.models.portfolio import Portfolio
from atst.domain.roles import Roles, WORKSPACE_ROLES
from atst.models.workspace_role import WorkspaceRole, Status as WorkspaceRoleStatus
from atst.models.portfolio_role import PortfolioRole, Status as PortfolioRoleStatus
from atst.models.environment_role import EnvironmentRole
from atst.models.invitation import Invitation, Status as InvitationStatus
from atst.domain.invitations import Invitations
@@ -54,7 +54,7 @@ def random_future_date(year_min=1, year_max=5):
)
def random_workspace_role():
def random_portfolio_role():
choice = random.choice(WORKSPACE_ROLES)
return Roles.get(choice["name"])
@@ -250,9 +250,9 @@ class LegacyTaskOrderFactory(Base):
clin_2003 = random.randrange(100, 100_000)
class WorkspaceFactory(Base):
class PortfolioFactory(Base):
class Meta:
model = Workspace
model = Portfolio
request = factory.SubFactory(RequestFactory, with_task_order=True)
# name it the same as the request ID by default
@@ -264,40 +264,40 @@ class WorkspaceFactory(Base):
owner = kwargs.pop("owner", UserFactory.create())
members = kwargs.pop("members", [])
workspace = super()._create(model_class, *args, **kwargs)
portfolio = super()._create(model_class, *args, **kwargs)
applications = [
ApplicationFactory.create(workspace=workspace, **p)
ApplicationFactory.create(portfolio=portfolio, **p)
for p in with_applications
]
workspace.request.creator = owner
WorkspaceRoleFactory.create(
workspace=workspace,
portfolio.request.creator = owner
PortfolioRoleFactory.create(
portfolio=portfolio,
role=Roles.get("owner"),
user=owner,
status=WorkspaceRoleStatus.ACTIVE,
status=PortfolioRoleStatus.ACTIVE,
)
for member in members:
user = member.get("user", UserFactory.create())
role_name = member["role_name"]
WorkspaceRoleFactory.create(
workspace=workspace,
PortfolioRoleFactory.create(
portfolio=portfolio,
role=Roles.get(role_name),
user=user,
status=WorkspaceRoleStatus.ACTIVE,
status=PortfolioRoleStatus.ACTIVE,
)
workspace.applications = applications
return workspace
portfolio.applications = applications
return portfolio
class ApplicationFactory(Base):
class Meta:
model = Application
workspace = factory.SubFactory(WorkspaceFactory)
portfolio = factory.SubFactory(PortfolioFactory)
name = factory.Faker("name")
description = "A test application"
@@ -334,14 +334,14 @@ class EnvironmentFactory(Base):
return environment
class WorkspaceRoleFactory(Base):
class PortfolioRoleFactory(Base):
class Meta:
model = WorkspaceRole
model = PortfolioRole
workspace = factory.SubFactory(WorkspaceFactory)
role = factory.LazyFunction(random_workspace_role)
portfolio = factory.SubFactory(PortfolioFactory)
role = factory.LazyFunction(random_portfolio_role)
user = factory.SubFactory(UserFactory)
status = WorkspaceRoleStatus.PENDING
status = PortfolioRoleStatus.PENDING
class EnvironmentRoleFactory(Base):
@@ -366,7 +366,7 @@ class TaskOrderFactory(Base):
class Meta:
model = TaskOrder
workspace = factory.SubFactory(WorkspaceFactory)
portfolio = factory.SubFactory(PortfolioFactory)
clin_01 = factory.LazyFunction(lambda *args: random.randrange(100, 100_000))
clin_03 = factory.LazyFunction(lambda *args: random.randrange(100, 100_000))

6
tests/models/test_environments.py
View File

@@ -1,5 +1,5 @@
from atst.domain.environments import Environments
from atst.domain.workspaces import Workspaces
from atst.domain.portfolios import Portfolios
from atst.domain.applications import Applications
from tests.factories import RequestFactory, UserFactory
@@ -8,10 +8,10 @@ def test_add_user_to_environment():
owner = UserFactory.create()
developer = UserFactory.from_atat_role("developer")
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
application = Applications.create(
owner,
workspace,
portfolio,
"my test application",
"It's mine.",
["dev", "staging", "prod"],

30
tests/models/test_invitation.py
View File

@@ -2,44 +2,44 @@ import pytest
import datetime
from atst.models.invitation import Invitation, Status
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from tests.factories import (
InvitationFactory,
WorkspaceFactory,
PortfolioFactory,
UserFactory,
WorkspaceRoleFactory,
PortfolioRoleFactory,
)
def test_expired_invite_is_not_revokable():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(
expiration_time=datetime.datetime.now() - datetime.timedelta(minutes=60),
workspace_role=ws_role,
portfolio_role=ws_role,
)
assert not invite.is_revokable
def test_unexpired_invite_is_revokable():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(workspace_role=ws_role)
invite = InvitationFactory.create(portfolio_role=ws_role)
assert invite.is_revokable
def test_invite_is_not_revokable_if_invite_is_not_pending():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(workspace_role=ws_role, status=Status.ACCEPTED)
invite = InvitationFactory.create(portfolio_role=ws_role, status=Status.ACCEPTED)
assert not invite.is_revokable

150
tests/models/test_workspace_role.py → tests/models/test_portfolio_role.py
View File

@@ -1,36 +1,36 @@
import datetime
from atst.domain.environments import Environments
from atst.domain.workspaces import Workspaces
from atst.domain.portfolios import Portfolios
from atst.domain.applications import Applications
from atst.models.workspace_role import Status
from atst.models.portfolio_role import Status
from atst.models.role import Role
from atst.models.invitation import Status as InvitationStatus
from atst.models.audit_event import AuditEvent
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from tests.factories import (
RequestFactory,
UserFactory,
InvitationFactory,
WorkspaceRoleFactory,
PortfolioRoleFactory,
EnvironmentFactory,
EnvironmentRoleFactory,
ApplicationFactory,
WorkspaceFactory,
PortfolioFactory,
)
from atst.domain.workspace_roles import WorkspaceRoles
from atst.domain.portfolio_roles import PortfolioRoles
def test_has_no_ws_role_history(session):
owner = UserFactory.create()
user = UserFactory.create()
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
workspace_role = WorkspaceRoles.add(user, workspace.id, "developer")
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
portfolio_role = PortfolioRoles.add(user, portfolio.id, "developer")
create_event = (
session.query(AuditEvent)
.filter(
AuditEvent.resource_id == workspace_role.id, AuditEvent.action == "create"
AuditEvent.resource_id == portfolio_role.id, AuditEvent.action == "create"
)
.one()
)
@@ -42,19 +42,19 @@ def test_has_ws_role_history(session):
owner = UserFactory.create()
user = UserFactory.create()
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
role = session.query(Role).filter(Role.name == "developer").one()
# in order to get the history, we don't want the WorkspaceRoleFactory
# in order to get the history, we don't want the PortfolioRoleFactory
# to commit after create()
WorkspaceRoleFactory._meta.sqlalchemy_session_persistence = "flush"
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, role=role
PortfolioRoleFactory._meta.sqlalchemy_session_persistence = "flush"
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, role=role
)
WorkspaceRoles.update_role(workspace_role, "admin")
PortfolioRoles.update_role(portfolio_role, "admin")
changed_events = (
session.query(AuditEvent)
.filter(
AuditEvent.resource_id == workspace_role.id, AuditEvent.action == "update"
AuditEvent.resource_id == portfolio_role.id, AuditEvent.action == "update"
)
.all()
)
@@ -67,16 +67,16 @@ def test_has_ws_status_history(session):
owner = UserFactory.create()
user = UserFactory.create()
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
# in order to get the history, we don't want the WorkspaceRoleFactory
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
# in order to get the history, we don't want the PortfolioRoleFactory
# to commit after create()
WorkspaceRoleFactory._meta.sqlalchemy_session_persistence = "flush"
workspace_role = WorkspaceRoleFactory.create(workspace=workspace, user=user)
WorkspaceRoles.enable(workspace_role)
PortfolioRoleFactory._meta.sqlalchemy_session_persistence = "flush"
portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio, user=user)
PortfolioRoles.enable(portfolio_role)
changed_events = (
session.query(AuditEvent)
.filter(
AuditEvent.resource_id == workspace_role.id, AuditEvent.action == "update"
AuditEvent.resource_id == portfolio_role.id, AuditEvent.action == "update"
)
.all()
)
@@ -89,8 +89,8 @@ def test_has_ws_status_history(session):
def test_has_no_env_role_history(session):
owner = UserFactory.create()
user = UserFactory.create()
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
application = ApplicationFactory.create(workspace=workspace)
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
application = ApplicationFactory.create(portfolio=portfolio)
environment = EnvironmentFactory.create(
application=application, name="new environment!"
)
@@ -110,9 +110,9 @@ def test_has_no_env_role_history(session):
def test_has_env_role_history(session):
owner = UserFactory.create()
user = UserFactory.create()
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
workspace_role = WorkspaceRoleFactory.create(workspace=workspace, user=user)
application = ApplicationFactory.create(workspace=workspace)
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio, user=user)
application = ApplicationFactory.create(portfolio=portfolio)
environment = EnvironmentFactory.create(
application=application, name="new environment!"
)
@@ -121,7 +121,7 @@ def test_has_env_role_history(session):
user=user, environment=environment, role="developer"
)
Environments.update_environment_roles(
owner, workspace, workspace_role, [{"role": "admin", "id": environment.id}]
owner, portfolio, portfolio_role, [{"role": "admin", "id": environment.id}]
)
changed_events = (
session.query(AuditEvent)
@@ -137,11 +137,11 @@ def test_event_details():
owner = UserFactory.create()
user = UserFactory.create()
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
workspace_role = WorkspaceRoles.add(user, workspace.id, "developer")
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
portfolio_role = PortfolioRoles.add(user, portfolio.id, "developer")
assert workspace_role.event_details["updated_user_name"] == user.displayname
assert workspace_role.event_details["updated_user_id"] == str(user.id)
assert portfolio_role.event_details["updated_user_name"] == user.displayname
assert portfolio_role.event_details["updated_user_id"] == str(user.id)
def test_has_no_environment_roles():
@@ -151,13 +151,13 @@ def test_has_no_environment_roles():
"first_name": "Test",
"last_name": "User",
"email": "test.user@mail.com",
"workspace_role": "developer",
"portfolio_role": "developer",
}
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
workspace_role = Workspaces.create_member(owner, workspace, developer_data)
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
portfolio_role = Portfolios.create_member(owner, portfolio, developer_data)
assert not workspace_role.has_environment_roles
assert not portfolio_role.has_environment_roles
def test_has_environment_roles():
@@ -167,22 +167,22 @@ def test_has_environment_roles():
"first_name": "Test",
"last_name": "User",
"email": "test.user@mail.com",
"workspace_role": "developer",
"portfolio_role": "developer",
}
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
workspace_role = Workspaces.create_member(owner, workspace, developer_data)
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
portfolio_role = Portfolios.create_member(owner, portfolio, developer_data)
application = Applications.create(
owner,
workspace,
portfolio,
"my test application",
"It's mine.",
["dev", "staging", "prod"],
)
Environments.add_member(
application.environments[0], workspace_role.user, "developer"
application.environments[0], portfolio_role.user, "developer"
)
assert workspace_role.has_environment_roles
assert portfolio_role.has_environment_roles
def test_role_displayname():
@@ -192,84 +192,84 @@ def test_role_displayname():
"first_name": "Test",
"last_name": "User",
"email": "test.user@mail.com",
"workspace_role": "developer",
"portfolio_role": "developer",
}
workspace = Workspaces.create_from_request(RequestFactory.create(creator=owner))
workspace_role = Workspaces.create_member(owner, workspace, developer_data)
portfolio = Portfolios.create_from_request(RequestFactory.create(creator=owner))
portfolio_role = Portfolios.create_member(owner, portfolio, developer_data)
assert workspace_role.role_displayname == "Developer"
assert portfolio_role.role_displayname == "Developer"
def test_status_when_member_is_active():
workspace_role = WorkspaceRoleFactory.create(status=Status.ACTIVE)
assert workspace_role.display_status == "Active"
portfolio_role = PortfolioRoleFactory.create(status=Status.ACTIVE)
assert portfolio_role.display_status == "Active"
def test_status_when_invitation_has_been_rejected_for_expirations():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invitation = InvitationFactory.create(
workspace_role=workspace_role, status=InvitationStatus.REJECTED_EXPIRED
portfolio_role=portfolio_role, status=InvitationStatus.REJECTED_EXPIRED
)
assert workspace_role.display_status == "Invite expired"
assert portfolio_role.display_status == "Invite expired"
def test_status_when_invitation_has_been_rejected_for_wrong_user():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invitation = InvitationFactory.create(
workspace_role=workspace_role, status=InvitationStatus.REJECTED_WRONG_USER
portfolio_role=portfolio_role, status=InvitationStatus.REJECTED_WRONG_USER
)
assert workspace_role.display_status == "Error on invite"
assert portfolio_role.display_status == "Error on invite"
def test_status_when_invitation_is_expired():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invitation = InvitationFactory.create(
workspace_role=workspace_role,
portfolio_role=portfolio_role,
status=InvitationStatus.PENDING,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
assert workspace_role.display_status == "Invite expired"
assert portfolio_role.display_status == "Invite expired"
def test_can_not_resend_invitation_if_active():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invitation = InvitationFactory.create(
workspace_role=workspace_role, status=InvitationStatus.ACCEPTED
portfolio_role=portfolio_role, status=InvitationStatus.ACCEPTED
)
assert not workspace_role.can_resend_invitation
assert not portfolio_role.can_resend_invitation
def test_can_resend_invitation_if_expired():
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
workspace_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
portfolio_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invitation = InvitationFactory.create(
workspace_role=workspace_role, status=InvitationStatus.REJECTED_EXPIRED
portfolio_role=portfolio_role, status=InvitationStatus.REJECTED_EXPIRED
)
assert workspace_role.can_resend_invitation
assert portfolio_role.can_resend_invitation
def test_can_list_all_environments():
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
applications=[
{
"name": "application1",
@@ -298,4 +298,4 @@ def test_can_list_all_environments():
]
)
assert len(workspace.all_environments) == 9
assert len(portfolio.all_environments) == 9

116
tests/routes/workspaces/test_applications.py → tests/routes/portfolios/test_applications.py
View File

@@ -2,132 +2,132 @@ from flask import url_for
from tests.factories import (
UserFactory,
WorkspaceFactory,
WorkspaceRoleFactory,
PortfolioFactory,
PortfolioRoleFactory,
EnvironmentRoleFactory,
EnvironmentFactory,
ApplicationFactory,
)
from atst.domain.applications import Applications
from atst.domain.workspaces import Workspaces
from atst.domain.portfolios import Portfolios
from atst.domain.roles import Roles
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.models.portfolio_role import Status as PortfolioRoleStatus
def test_user_with_permission_has_budget_report_link(client, user_session):
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
response = client.get("/workspaces/{}/applications".format(workspace.id))
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/reports"'.format(workspace.id).encode() in response.data
'href="/portfolios/{}/reports"'.format(portfolio.id).encode() in response.data
)
def test_user_without_permission_has_no_budget_report_link(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(
user, workspace, "developer", status=WorkspaceRoleStatus.ACTIVE
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(
user, portfolio, "developer", status=PortfolioRoleStatus.ACTIVE
)
user_session(user)
response = client.get("/workspaces/{}/applications".format(workspace.id))
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/reports"'.format(workspace.id).encode()
'href="/portfolios/{}/reports"'.format(portfolio.id).encode()
not in response.data
)
def test_user_with_permission_has_activity_log_link(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
ccpo = UserFactory.from_atat_role("ccpo")
admin = UserFactory.create()
WorkspaceRoleFactory.create(
workspace=workspace,
PortfolioRoleFactory.create(
portfolio=portfolio,
user=admin,
role=Roles.get("admin"),
status=WorkspaceRoleStatus.ACTIVE,
status=PortfolioRoleStatus.ACTIVE,
)
user_session(workspace.owner)
response = client.get("/workspaces/{}/applications".format(workspace.id))
user_session(portfolio.owner)
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data
'href="/portfolios/{}/activity"'.format(portfolio.id).encode() in response.data
)
# logs out previous user before creating a new session
user_session(admin)
response = client.get("/workspaces/{}/applications".format(workspace.id))
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data
'href="/portfolios/{}/activity"'.format(portfolio.id).encode() in response.data
)
user_session(ccpo)
response = client.get("/workspaces/{}/applications".format(workspace.id))
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data
'href="/portfolios/{}/activity"'.format(portfolio.id).encode() in response.data
)
def test_user_without_permission_has_no_activity_log_link(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
developer = UserFactory.create()
WorkspaceRoleFactory.create(
workspace=workspace,
PortfolioRoleFactory.create(
portfolio=portfolio,
user=developer,
role=Roles.get("developer"),
status=WorkspaceRoleStatus.ACTIVE,
status=PortfolioRoleStatus.ACTIVE,
)
user_session(developer)
response = client.get("/workspaces/{}/applications".format(workspace.id))
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/activity"'.format(workspace.id).encode()
'href="/portfolios/{}/activity"'.format(portfolio.id).encode()
not in response.data
)
def test_user_with_permission_has_add_application_link(client, user_session):
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
response = client.get("/workspaces/{}/applications".format(workspace.id))
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/applications/new"'.format(workspace.id).encode()
'href="/portfolios/{}/applications/new"'.format(portfolio.id).encode()
in response.data
)
def test_user_without_permission_has_no_add_application_link(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
user_session(user)
response = client.get("/workspaces/{}/applications".format(workspace.id))
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert (
'href="/workspaces/{}/applications/new"'.format(workspace.id).encode()
'href="/portfolios/{}/applications/new"'.format(portfolio.id).encode()
not in response.data
)
def test_view_edit_application(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
application = Applications.create(
workspace.owner,
workspace,
portfolio.owner,
portfolio,
"Snazzy Application",
"A new application for me and my friends",
{"env1", "env2"},
)
user_session(workspace.owner)
user_session(portfolio.owner)
response = client.get(
"/workspaces/{}/applications/{}/edit".format(workspace.id, application.id)
"/portfolios/{}/applications/{}/edit".format(portfolio.id, application.id)
)
assert response.status_code == 200
def test_user_with_permission_can_update_application(client, user_session):
owner = UserFactory.create()
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
applications=[
{
@@ -137,12 +137,12 @@ def test_user_with_permission_can_update_application(client, user_session):
}
],
)
application = workspace.applications[0]
application = portfolio.applications[0]
user_session(owner)
response = client.post(
url_for(
"workspaces.update_application",
workspace_id=workspace.id,
"portfolios.update_application",
portfolio_id=portfolio.id,
application_id=application.id,
),
data={
@@ -160,7 +160,7 @@ def test_user_with_permission_can_update_application(client, user_session):
def test_user_without_permission_cannot_update_application(client, user_session):
dev = UserFactory.create()
owner = UserFactory.create()
workspace = WorkspaceFactory.create(
portfolio = PortfolioFactory.create(
owner=owner,
members=[{"user": dev, "role_name": "developer"}],
applications=[
@@ -171,12 +171,12 @@ def test_user_without_permission_cannot_update_application(client, user_session)
}
],
)
application = workspace.applications[0]
application = portfolio.applications[0]
user_session(dev)
response = client.post(
url_for(
"workspaces.update_application",
workspace_id=workspace.id,
"portfolios.update_application",
portfolio_id=portfolio.id,
application_id=application.id,
),
data={"name": "New Name", "description": "A new description."},
@@ -189,9 +189,9 @@ def test_user_without_permission_cannot_update_application(client, user_session)
def create_environment(user):
workspace = WorkspaceFactory.create()
workspace_role = WorkspaceRoleFactory.create(workspace=workspace, user=user)
application = ApplicationFactory.create(workspace=workspace)
portfolio = PortfolioFactory.create()
portfolio_role = PortfolioRoleFactory.create(portfolio=portfolio, user=user)
application = ApplicationFactory.create(portfolio=portfolio)
return EnvironmentFactory.create(application=application, name="new environment!")
@@ -204,8 +204,8 @@ def test_environment_access_with_env_role(client, user_session):
user_session(user)
response = client.get(
url_for(
"workspaces.access_environment",
workspace_id=environment.workspace.id,
"portfolios.access_environment",
portfolio_id=environment.portfolio.id,
environment_id=environment.id,
)
)
@@ -219,8 +219,8 @@ def test_environment_access_with_no_role(client, user_session):
user_session(user)
response = client.get(
url_for(
"workspaces.access_environment",
workspace_id=environment.workspace.id,
"portfolios.access_environment",
portfolio_id=environment.portfolio.id,
environment_id=environment.id,
)
)

146
tests/routes/workspaces/test_invitations.py → tests/routes/portfolios/test_invitations.py
View File

@@ -3,51 +3,51 @@ from flask import url_for
from tests.factories import (
UserFactory,
WorkspaceFactory,
WorkspaceRoleFactory,
PortfolioFactory,
PortfolioRoleFactory,
InvitationFactory,
TaskOrderFactory,
)
from atst.domain.workspaces import Workspaces
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.domain.portfolios import Portfolios
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from atst.models.invitation import Status as InvitationStatus
from atst.domain.users import Users
def test_existing_member_accepts_valid_invite(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(user_id=user.id, workspace_role=ws_role)
invite = InvitationFactory.create(user_id=user.id, portfolio_role=ws_role)
# the user does not have access to the workspace before accepting the invite
assert len(Workspaces.for_user(user)) == 0
# the user does not have access to the portfolio before accepting the invite
assert len(Portfolios.for_user(user)) == 0
user_session(user)
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
# user is redirected to the workspace view
# user is redirected to the portfolio view
assert response.status_code == 302
assert (
url_for("workspaces.show_workspace", workspace_id=invite.workspace.id)
url_for("portfolios.show_portfolio", portfolio_id=invite.portfolio.id)
in response.headers["Location"]
)
# the one-time use invite is no longer usable
assert invite.is_accepted
# the user has access to the workspace
assert len(Workspaces.for_user(user)) == 1
# the user has access to the portfolio
assert len(Portfolios.for_user(user)) == 1
def test_new_member_accepts_valid_invite(monkeypatch, client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user_info = UserFactory.dictionary()
user_session(workspace.owner)
user_session(portfolio.owner)
client.post(
url_for("workspaces.create_member", workspace_id=workspace.id),
data={"workspace_role": "developer", **user_info},
url_for("portfolios.create_member", portfolio_id=portfolio.id),
data={"portfolio_role": "developer", **user_info},
)
user = Users.get_by_dod_id(user_info["dod_id"])
@@ -57,101 +57,101 @@ def test_new_member_accepts_valid_invite(monkeypatch, client, user_session):
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(user)
response = client.get(url_for("workspaces.accept_invitation", token=token))
response = client.get(url_for("portfolios.accept_invitation", token=token))
# user is redirected to the workspace view
# user is redirected to the portfolio view
assert response.status_code == 302
assert (
url_for("workspaces.show_workspace", workspace_id=workspace.id)
url_for("portfolios.show_portfolio", portfolio_id=portfolio.id)
in response.headers["Location"]
)
# the user has access to the workspace
assert len(Workspaces.for_user(user)) == 1
# the user has access to the portfolio
assert len(Portfolios.for_user(user)) == 1
def test_member_accepts_invalid_invite(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(
user_id=user.id,
workspace_role=ws_role,
portfolio_role=ws_role,
status=InvitationStatus.REJECTED_WRONG_USER,
)
user_session(user)
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
assert response.status_code == 404
def test_user_who_has_not_accepted_workspace_invite_cannot_view(client, user_session):
def test_user_who_has_not_accepted_portfolio_invite_cannot_view(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
# create user in workspace with invitation
user_session(workspace.owner)
# create user in portfolio with invitation
user_session(portfolio.owner)
response = client.post(
url_for("workspaces.create_member", workspace_id=workspace.id),
data={"workspace_role": "developer", **user.to_dictionary()},
url_for("portfolios.create_member", portfolio_id=portfolio.id),
data={"portfolio_role": "developer", **user.to_dictionary()},
)
# user tries to view workspace before accepting invitation
# user tries to view portfolio before accepting invitation
user_session(user)
response = client.get("/workspaces/{}/applications".format(workspace.id))
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert response.status_code == 404
def test_user_accepts_invite_with_wrong_dod_id(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
different_user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(user_id=user.id, workspace_role=ws_role)
invite = InvitationFactory.create(user_id=user.id, portfolio_role=ws_role)
user_session(different_user)
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
assert response.status_code == 404
def test_user_accepts_expired_invite(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(
user_id=user.id,
workspace_role=ws_role,
portfolio_role=ws_role,
status=InvitationStatus.REJECTED_EXPIRED,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(user)
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
assert response.status_code == 404
def test_revoke_invitation(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(
user_id=user.id,
workspace_role=ws_role,
portfolio_role=ws_role,
status=InvitationStatus.REJECTED_EXPIRED,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(workspace.owner)
user_session(portfolio.owner)
response = client.post(
url_for(
"workspaces.revoke_invitation",
workspace_id=workspace.id,
"portfolios.revoke_invitation",
portfolio_id=portfolio.id,
token=invite.token,
)
)
@@ -162,18 +162,18 @@ def test_revoke_invitation(client, user_session):
def test_resend_invitation_sends_email(client, user_session, queue):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
ws_role = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(
user_id=user.id, workspace_role=ws_role, status=InvitationStatus.PENDING
user_id=user.id, portfolio_role=ws_role, status=InvitationStatus.PENDING
)
user_session(workspace.owner)
user_session(portfolio.owner)
client.post(
url_for(
"workspaces.resend_invitation",
workspace_id=workspace.id,
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
token=invite.token,
)
)
@@ -184,22 +184,22 @@ def test_resend_invitation_sends_email(client, user_session, queue):
def test_existing_member_invite_resent_to_email_submitted_in_form(
client, user_session, queue
):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = InvitationFactory.create(
user_id=user.id,
workspace_role=ws_role,
portfolio_role=ws_role,
status=InvitationStatus.PENDING,
email="example@example.com",
)
user_session(workspace.owner)
user_session(portfolio.owner)
client.post(
url_for(
"workspaces.resend_invitation",
workspace_id=workspace.id,
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
token=invite.token,
)
)
@@ -211,16 +211,16 @@ def test_existing_member_invite_resent_to_email_submitted_in_form(
def test_task_order_officer_accepts_invite(monkeypatch, client, user_session):
workspace = WorkspaceFactory.create()
task_order = TaskOrderFactory.create(workspace=workspace)
portfolio = PortfolioFactory.create()
task_order = TaskOrderFactory.create(portfolio=portfolio)
user_info = UserFactory.dictionary()
# create contracting officer
user_session(workspace.owner)
user_session(portfolio.owner)
client.post(
url_for("task_orders.new", screen=3, task_order_id=task_order.id),
data={
"workspace_role": "contracting_officer",
"portfolio_role": "contracting_officer",
"ko_first_name": user_info["first_name"],
"ko_last_name": user_info["last_name"],
"ko_email": user_info["email"],
@@ -241,7 +241,7 @@ def test_task_order_officer_accepts_invite(monkeypatch, client, user_session):
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(user)
response = client.get(url_for("workspaces.accept_invitation", token=token))
response = client.get(url_for("portfolios.accept_invitation", token=token))
# user is redirected to the task order review page
assert response.status_code == 302

192
tests/routes/workspaces/test_members.py → tests/routes/portfolios/test_members.py
View File

@@ -2,121 +2,121 @@ from flask import url_for
from tests.factories import (
UserFactory,
WorkspaceFactory,
WorkspaceRoleFactory,
PortfolioFactory,
PortfolioRoleFactory,
InvitationFactory,
)
from atst.domain.workspaces import Workspaces
from atst.domain.workspace_roles import WorkspaceRoles
from atst.domain.portfolios import Portfolios
from atst.domain.portfolio_roles import PortfolioRoles
from atst.domain.applications import Applications
from atst.domain.environments import Environments
from atst.domain.environment_roles import EnvironmentRoles
from atst.queue import queue
from atst.models.workspace_role import Status as WorkspaceRoleStatus
from atst.models.portfolio_role import Status as PortfolioRoleStatus
from atst.models.invitation import Status as InvitationStatus
def create_workspace_and_invite_user(
def create_portfolio_and_invite_user(
ws_role="developer",
ws_status=WorkspaceRoleStatus.PENDING,
ws_status=PortfolioRoleStatus.PENDING,
invite_status=InvitationStatus.PENDING,
):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
if ws_role != "owner":
user = UserFactory.create()
member = WorkspaceRoleFactory.create(
user=user, workspace=workspace, status=ws_status
member = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=ws_status
)
InvitationFactory.create(
user=workspace.owner,
workspace_role=member,
user=portfolio.owner,
portfolio_role=member,
email=member.user.email,
status=invite_status,
)
return workspace
return portfolio
def test_user_with_permission_has_add_member_link(client, user_session):
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
response = client.get("/workspaces/{}/members".format(workspace.id))
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get("/portfolios/{}/members".format(portfolio.id))
assert (
'href="/workspaces/{}/members/new"'.format(workspace.id).encode()
'href="/portfolios/{}/members/new"'.format(portfolio.id).encode()
in response.data
)
def test_user_without_permission_has_no_add_member_link(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
user_session(user)
response = client.get("/workspaces/{}/members".format(workspace.id))
response = client.get("/portfolios/{}/members".format(portfolio.id))
assert (
'href="/workspaces/{}/members/new"'.format(workspace.id).encode()
'href="/portfolios/{}/members/new"'.format(portfolio.id).encode()
not in response.data
)
def test_permissions_for_view_member(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
member = WorkspaceRoles.add(user, workspace.id, "developer")
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
member = PortfolioRoles.add(user, portfolio.id, "developer")
user_session(user)
response = client.get(
url_for("workspaces.view_member", workspace_id=workspace.id, member_id=user.id)
url_for("portfolios.view_member", portfolio_id=portfolio.id, member_id=user.id)
)
assert response.status_code == 404
def test_create_member(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
queue_length = len(queue.get_queue())
response = client.post(
url_for("workspaces.create_member", workspace_id=workspace.id),
url_for("portfolios.create_member", portfolio_id=portfolio.id),
data={
"dod_id": user.dod_id,
"first_name": "Wilbur",
"last_name": "Zuckerman",
"email": "some_pig@zuckermans.com",
"workspace_role": "developer",
"portfolio_role": "developer",
},
follow_redirects=True,
)
assert response.status_code == 200
assert user.has_workspaces
assert user.has_portfolios
assert user.invitations
assert len(queue.get_queue()) == queue_length + 1
def test_view_member_shows_role(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
member = WorkspaceRoles.add(user, workspace.id, "developer")
user_session(workspace.owner)
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
member = PortfolioRoles.add(user, portfolio.id, "developer")
user_session(portfolio.owner)
response = client.get(
url_for("workspaces.view_member", workspace_id=workspace.id, member_id=user.id)
url_for("portfolios.view_member", portfolio_id=portfolio.id, member_id=user.id)
)
assert response.status_code == 200
assert "initial-choice='developer'".encode() in response.data
def test_update_member_workspace_role(client, user_session):
workspace = WorkspaceFactory.create()
def test_update_member_portfolio_role(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = WorkspaceRoles.add(user, workspace.id, "developer")
user_session(workspace.owner)
member = PortfolioRoles.add(user, portfolio.id, "developer")
user_session(portfolio.owner)
response = client.post(
url_for(
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
"portfolios.update_member", portfolio_id=portfolio.id, member_id=user.id
),
data={"workspace_role": "security_auditor"},
data={"portfolio_role": "security_auditor"},
follow_redirects=True,
)
assert response.status_code == 200
@@ -124,14 +124,14 @@ def test_update_member_workspace_role(client, user_session):
assert member.role_name == "security_auditor"
def test_update_member_workspace_role_with_no_data(client, user_session):
workspace = WorkspaceFactory.create()
def test_update_member_portfolio_role_with_no_data(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = WorkspaceRoles.add(user, workspace.id, "developer")
user_session(workspace.owner)
member = PortfolioRoles.add(user, portfolio.id, "developer")
user_session(portfolio.owner)
response = client.post(
url_for(
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
"portfolios.update_member", portfolio_id=portfolio.id, member_id=user.id
),
data={},
follow_redirects=True,
@@ -141,12 +141,12 @@ def test_update_member_workspace_role_with_no_data(client, user_session):
def test_update_member_environment_role(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = WorkspaceRoles.add(user, workspace.id, "developer")
member = PortfolioRoles.add(user, portfolio.id, "developer")
application = Applications.create(
workspace.owner,
workspace,
portfolio.owner,
portfolio,
"Snazzy Application",
"A new application for me and my friends",
{"env1", "env2"},
@@ -155,13 +155,13 @@ def test_update_member_environment_role(client, user_session):
env2_id = application.environments[1].id
for env in application.environments:
Environments.add_member(env, user, "developer")
user_session(workspace.owner)
user_session(portfolio.owner)
response = client.post(
url_for(
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
"portfolios.update_member", portfolio_id=portfolio.id, member_id=user.id
),
data={
"workspace_role": "developer",
"portfolio_role": "developer",
"env_" + str(env1_id): "security_auditor",
"env_" + str(env2_id): "devops",
},
@@ -175,12 +175,12 @@ def test_update_member_environment_role(client, user_session):
def test_update_member_environment_role_with_no_data(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = WorkspaceRoles.add(user, workspace.id, "developer")
member = PortfolioRoles.add(user, portfolio.id, "developer")
application = Applications.create(
workspace.owner,
workspace,
portfolio.owner,
portfolio,
"Snazzy Application",
"A new application for me and my friends",
{"env1"},
@@ -188,10 +188,10 @@ def test_update_member_environment_role_with_no_data(client, user_session):
env1_id = application.environments[0].id
for env in application.environments:
Environments.add_member(env, user, "developer")
user_session(workspace.owner)
user_session(portfolio.owner)
response = client.post(
url_for(
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
"portfolios.update_member", portfolio_id=portfolio.id, member_id=user.id
),
data={"env_" + str(env1_id): None, "env_" + str(env1_id): ""},
follow_redirects=True,
@@ -202,36 +202,36 @@ def test_update_member_environment_role_with_no_data(client, user_session):
def test_revoke_active_member_access(client, user_session):
workspace = WorkspaceFactory.create()
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = WorkspaceRoleFactory.create(
workspace=workspace, user=user, status=WorkspaceRoleStatus.ACTIVE
member = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.ACTIVE
)
Applications.create(
workspace.owner,
workspace,
portfolio.owner,
portfolio,
"Snazzy Application",
"A new application for me and my friends",
{"env1"},
)
user_session(workspace.owner)
user_session(portfolio.owner)
response = client.post(
url_for(
"workspaces.revoke_access", workspace_id=workspace.id, member_id=member.id
"portfolios.revoke_access", portfolio_id=portfolio.id, member_id=member.id
)
)
assert response.status_code == 302
assert WorkspaceRoles.get_by_id(member.id).num_environment_roles == 0
assert PortfolioRoles.get_by_id(member.id).num_environment_roles == 0
def test_does_not_show_any_buttons_if_owner(client, user_session):
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get(
url_for(
"workspaces.view_member",
workspace_id=workspace.id,
member_id=workspace.owner.id,
"portfolios.view_member",
portfolio_id=portfolio.id,
member_id=portfolio.owner.id,
)
)
assert "Remove Portfolio Access" not in response.data.decode()
@@ -240,15 +240,15 @@ def test_does_not_show_any_buttons_if_owner(client, user_session):
def test_only_shows_revoke_access_button_if_active(client, user_session):
workspace = create_workspace_and_invite_user(
ws_status=WorkspaceRoleStatus.ACTIVE, invite_status=InvitationStatus.ACCEPTED
portfolio = create_portfolio_and_invite_user(
ws_status=PortfolioRoleStatus.ACTIVE, invite_status=InvitationStatus.ACCEPTED
)
user_session(workspace.owner)
member = workspace.members[1]
user_session(portfolio.owner)
member = portfolio.members[1]
response = client.get(
url_for(
"workspaces.view_member",
workspace_id=workspace.id,
"portfolios.view_member",
portfolio_id=portfolio.id,
member_id=member.user.id,
)
)
@@ -258,15 +258,15 @@ def test_only_shows_revoke_access_button_if_active(client, user_session):
def test_only_shows_revoke_invite_button_if_pending(client, user_session):
workspace = create_workspace_and_invite_user(
ws_status=WorkspaceRoleStatus.PENDING, invite_status=InvitationStatus.PENDING
portfolio = create_portfolio_and_invite_user(
ws_status=PortfolioRoleStatus.PENDING, invite_status=InvitationStatus.PENDING
)
user_session(workspace.owner)
member = workspace.members[1]
user_session(portfolio.owner)
member = portfolio.members[1]
response = client.get(
url_for(
"workspaces.view_member",
workspace_id=workspace.id,
"portfolios.view_member",
portfolio_id=portfolio.id,
member_id=member.user.id,
)
)
@@ -276,16 +276,16 @@ def test_only_shows_revoke_invite_button_if_pending(client, user_session):
def test_only_shows_resend_button_if_expired(client, user_session):
workspace = create_workspace_and_invite_user(
ws_status=WorkspaceRoleStatus.PENDING,
portfolio = create_portfolio_and_invite_user(
ws_status=PortfolioRoleStatus.PENDING,
invite_status=InvitationStatus.REJECTED_EXPIRED,
)
user_session(workspace.owner)
member = workspace.members[1]
user_session(portfolio.owner)
member = portfolio.members[1]
response = client.get(
url_for(
"workspaces.view_member",
workspace_id=workspace.id,
"portfolios.view_member",
portfolio_id=portfolio.id,
member_id=member.user.id,
)
)
@@ -295,15 +295,15 @@ def test_only_shows_resend_button_if_expired(client, user_session):
def test_only_shows_resend_button_if_revoked(client, user_session):
workspace = create_workspace_and_invite_user(
ws_status=WorkspaceRoleStatus.PENDING, invite_status=InvitationStatus.REVOKED
portfolio = create_portfolio_and_invite_user(
ws_status=PortfolioRoleStatus.PENDING, invite_status=InvitationStatus.REVOKED
)
user_session(workspace.owner)
member = workspace.members[1]
user_session(portfolio.owner)
member = portfolio.members[1]
response = client.get(
url_for(
"workspaces.view_member",
workspace_id=workspace.id,
"portfolios.view_member",
portfolio_id=portfolio.id,
member_id=member.user.id,
)
)

15
tests/routes/portfolios/test_portfolios_index.py Normal file
View File

@@ -0,0 +1,15 @@
from flask import url_for
from tests.factories import PortfolioFactory
def test_update_portfolio_name(client, user_session):
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.post(
url_for("portfolios.edit_portfolio", portfolio_id=portfolio.id),
data={"name": "a cool new name"},
follow_redirects=True,
)
assert response.status_code == 200
assert portfolio.name == "a cool new name"

4
tests/routes/requests/test_requests_index.py
View File

@@ -9,7 +9,7 @@ def test_action_required_mission_owner():
creator = UserFactory.create()
requests = RequestFactory.create_batch(5, creator=creator)
Requests.submit(requests[0])
Requests.approve_and_create_workspace(requests[1])
Requests.approve_and_create_portfolio(requests[1])
context = RequestsIndex(creator).execute()
@@ -20,7 +20,7 @@ def test_action_required_ccpo():
creator = UserFactory.create()
requests = RequestFactory.create_batch(5, creator=creator)
Requests.submit(requests[0])
Requests.approve_and_create_workspace(requests[1])
Requests.approve_and_create_portfolio(requests[1])
ccpo = UserFactory.from_atat_role("ccpo")
context = RequestsIndex(ccpo).execute()

6
tests/routes/task_orders/test_index.py
View File

@@ -5,7 +5,7 @@ from zipfile import ZipFile
from atst.utils.docx import Docx
from tests.factories import TaskOrderFactory, WorkspaceFactory, UserFactory
from tests.factories import TaskOrderFactory, PortfolioFactory, UserFactory
def xml_translated(val):
@@ -16,8 +16,8 @@ def xml_translated(val):
def test_download_summary(client, user_session):
user = UserFactory.create()
workspace = WorkspaceFactory.create(owner=user)
task_order = TaskOrderFactory.create(creator=user, workspace=workspace)
portfolio = PortfolioFactory.create(owner=user)
task_order = TaskOrderFactory.create(creator=user, portfolio=portfolio)
user_session(user)
response = client.get(
url_for("task_orders.download_summary", task_order_id=task_order.id)

28
tests/routes/task_orders/test_new_task_order.py
View File

@@ -4,7 +4,7 @@ from flask import url_for
from atst.domain.task_orders import TaskOrders
from atst.routes.task_orders.new import ShowTaskOrderWorkflow, UpdateTaskOrderWorkflow
from tests.factories import UserFactory, TaskOrderFactory, WorkspaceFactory
from tests.factories import UserFactory, TaskOrderFactory, PortfolioFactory
def test_new_task_order(client, user_session):
@@ -95,9 +95,9 @@ def test_task_order_form_shows_errors(client, user_session):
@pytest.fixture
def task_order():
user = UserFactory.create()
workspace = WorkspaceFactory.create(owner=user)
portfolio = PortfolioFactory.create(owner=user)
return TaskOrderFactory.create(creator=user, workspace=workspace)
return TaskOrderFactory.create(creator=user, portfolio=portfolio)
def test_show_task_order(task_order):
@@ -112,9 +112,9 @@ def test_show_task_order(task_order):
def test_show_task_order_form_list_data():
complexity = ["oconus", "tactical_edge"]
user = UserFactory.create()
workspace = WorkspaceFactory.create(owner=user)
portfolio = PortfolioFactory.create(owner=user)
task_order = TaskOrderFactory.create(
creator=user, workspace=workspace, complexity=complexity
creator=user, portfolio=portfolio, complexity=complexity
)
workflow = ShowTaskOrderWorkflow(user, task_order_id=task_order.id)
@@ -173,10 +173,10 @@ def test_invite_officers_to_task_order(task_order, queue):
task_order.creator, to_data, screen=3, task_order_id=task_order.id
)
workflow.update()
workspace = task_order.workspace
# owner and three officers are workspace members
assert len(workspace.members) == 4
roles = [member.role.name for member in workspace.members]
portfolio = task_order.portfolio
# owner and three officers are portfolio members
assert len(portfolio.members) == 4
roles = [member.role.name for member in portfolio.members]
# officers exist in roles
assert roles.count("officer") == 3
# email invitations are enqueued
@@ -198,9 +198,9 @@ def test_add_officer_but_do_not_invite(task_order, queue):
task_order.creator, to_data, screen=3, task_order_id=task_order.id
)
workflow.update()
workspace = task_order.workspace
# owner is only workspace member
assert len(workspace.members) == 1
portfolio = task_order.portfolio
# owner is only portfolio member
assert len(portfolio.members) == 1
# no invitations are enqueued
assert len(queue.get_queue()) == 0
@@ -208,10 +208,10 @@ def test_add_officer_but_do_not_invite(task_order, queue):
def test_update_does_not_resend_invitation():
user = UserFactory.create()
contracting_officer = UserFactory.create()
workspace = WorkspaceFactory.create(owner=user)
portfolio = PortfolioFactory.create(owner=user)
task_order = TaskOrderFactory.create(
creator=user,
workspace=workspace,
portfolio=portfolio,
ko_first_name=contracting_officer.first_name,
ko_last_name=contracting_officer.last_name,
ko_dod_id=contracting_officer.dod_id,

2
tests/routes/test_auth.py
View File

@@ -4,7 +4,7 @@ from urllib.parse import quote
from tests.factories import UserFactory
PROTECTED_URL = "/workspaces"
PROTECTED_URL = "/portfolios"
def test_request_page_with_complete_profile(client, user_session):

54
tests/routes/test_home.py
View File

@@ -1,26 +1,26 @@
import pytest
from tests.factories import UserFactory, WorkspaceFactory, RequestFactory
from atst.domain.workspaces import Workspaces
from tests.factories import UserFactory, PortfolioFactory, RequestFactory
from atst.domain.portfolios import Portfolios
def test_user_with_workspaces_has_workspaces_nav(client, user_session):
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
def test_user_with_portfolios_has_portfolios_nav(client, user_session):
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get("/home", follow_redirects=True)
assert b'href="/workspaces"' in response.data
assert b'href="/portfolios"' in response.data
@pytest.mark.skip(reason="this may no longer be accurate")
def test_user_without_workspaces_has_no_workspaces_nav(client, user_session):
def test_user_without_portfolios_has_no_portfolios_nav(client, user_session):
user = UserFactory.create()
user_session(user)
response = client.get("/home", follow_redirects=True)
assert b'href="/workspaces"' not in response.data
assert b'href="/portfolios"' not in response.data
@pytest.mark.skip(reason="this may no longer be accurate")
def test_request_owner_with_no_workspaces_redirected_to_requests(client, user_session):
def test_request_owner_with_no_portfolios_redirected_to_requests(client, user_session):
request = RequestFactory.create()
user_session(request.creator)
response = client.get("/home", follow_redirects=False)
@@ -28,31 +28,31 @@ def test_request_owner_with_no_workspaces_redirected_to_requests(client, user_se
assert "/requests" in response.location
def test_request_owner_with_one_workspace_redirected_to_reports(client, user_session):
def test_request_owner_with_one_portfolio_redirected_to_reports(client, user_session):
request = RequestFactory.create()
workspace = Workspaces.create_from_request(request)
portfolio = Portfolios.create_from_request(request)
user_session(request.creator)
response = client.get("/home", follow_redirects=False)
assert "/workspaces/{}/reports".format(workspace.id) in response.location
assert "/portfolios/{}/reports".format(portfolio.id) in response.location
def test_request_owner_with_more_than_one_workspace_redirected_to_workspaces(
def test_request_owner_with_more_than_one_portfolio_redirected_to_portfolios(
client, user_session
):
request_creator = UserFactory.create()
Workspaces.create_from_request(RequestFactory.create(creator=request_creator))
Workspaces.create_from_request(RequestFactory.create(creator=request_creator))
Portfolios.create_from_request(RequestFactory.create(creator=request_creator))
Portfolios.create_from_request(RequestFactory.create(creator=request_creator))
user_session(request_creator)
response = client.get("/home", follow_redirects=False)
assert "/workspaces" in response.location
assert "/portfolios" in response.location
@pytest.mark.skip(reason="this may no longer be accurate")
def test_non_owner_user_with_no_workspaces_redirected_to_requests(client, user_session):
def test_non_owner_user_with_no_portfolios_redirected_to_requests(client, user_session):
user = UserFactory.create()
user_session(user)
@@ -61,39 +61,39 @@ def test_non_owner_user_with_no_workspaces_redirected_to_requests(client, user_s
assert "/requests" in response.location
def test_non_owner_user_with_one_workspace_redirected_to_workspace_applications(
def test_non_owner_user_with_one_portfolio_redirected_to_portfolio_applications(
client, user_session
):
user = UserFactory.create()
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
user_session(user)
response = client.get("/home", follow_redirects=False)
assert "/workspaces/{}/applications".format(workspace.id) in response.location
assert "/portfolios/{}/applications".format(portfolio.id) in response.location
def test_non_owner_user_with_mulitple_workspaces_redirected_to_workspaces(
def test_non_owner_user_with_mulitple_portfolios_redirected_to_portfolios(
client, user_session
):
user = UserFactory.create()
for _ in range(3):
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
user_session(user)
response = client.get("/home", follow_redirects=False)
assert "/workspaces" in response.location
assert "/portfolios" in response.location
@pytest.mark.skip(reason="this may no longer be accurate")
def test_ccpo_user_redirected_to_requests(client, user_session):
user = UserFactory.from_atat_role("ccpo")
for _ in range(3):
workspace = WorkspaceFactory.create()
Workspaces._create_workspace_role(user, workspace, "developer")
portfolio = PortfolioFactory.create()
Portfolios._create_portfolio_role(user, portfolio, "developer")
user_session(user)
response = client.get("/home", follow_redirects=False)

15
tests/routes/workspaces/test_workspaces_index.py
View File

@@ -1,15 +0,0 @@
from flask import url_for
from tests.factories import WorkspaceFactory
def test_update_workspace_name(client, user_session):
workspace = WorkspaceFactory.create()
user_session(workspace.owner)
response = client.post(
url_for("workspaces.edit_workspace", workspace_id=workspace.id),
data={"name": "a cool new name"},
follow_redirects=True,
)
assert response.status_code == 200
assert workspace.name == "a cool new name"

6
tests/services/test_invitation.py
View File

@@ -1,4 +1,4 @@
from tests.factories import UserFactory, WorkspaceFactory, WorkspaceRoleFactory
from tests.factories import UserFactory, PortfolioFactory, PortfolioRoleFactory
from atst.services.invitation import Invitation
@@ -6,8 +6,8 @@ from atst.services.invitation import Invitation
def test_invite_member(queue):
inviter = UserFactory.create()
new_member = UserFactory.create()
workspace = WorkspaceFactory.create(owner=inviter)
ws_member = WorkspaceRoleFactory.create(user=new_member, workspace=workspace)
portfolio = PortfolioFactory.create(owner=inviter)
ws_member = PortfolioRoleFactory.create(user=new_member, portfolio=portfolio)
invite_service = Invitation(inviter, ws_member, new_member.email)
new_invitation = invite_service.invite()
assert new_invitation == new_member.invitations[0]

6
tests/test_auth.py
View File

@@ -97,9 +97,9 @@ def test_protected_routes_redirect_to_login(client, app):
def test_get_protected_route_encodes_redirect(client):
workspace_index = url_for("workspaces.workspaces")
response = client.get(workspace_index)
redirect = url_for("atst.root", next=workspace_index)
portfolio_index = url_for("portfolios.portfolios")
response = client.get(portfolio_index)
redirect = url_for("atst.root", next=portfolio_index)
assert redirect in response.headers["Location"]

2
tests/utils/test_flash.py
View File

@@ -3,7 +3,7 @@ from flask import get_flashed_messages
def test_flash_message():
flash("revoked_workspace_access", member_name="Lando")
flash("revoked_portfolio_access", member_name="Lando")
messages = get_flashed_messages()
message_info = messages[0]
assert "message" in message_info