Remove route 'applications.update_env_roles' and related functions and tests

2019-09-10 15:01:37 -04:00 · 2019-09-10 15:01:37 -04:00 · ddcd91964f
commit ddcd91964f
parent c9dcacddb0
10 changed files with 2 additions and 378 deletions
--- a/.secrets.baseline
+++ b/.secrets.baseline
@ -3,7 +3,7 @@
    "files": "^.secrets.baseline$",
    "lines": null
  },
-  "generated_at": "2019-08-29T17:03:11Z",
+  "generated_at": "2019-09-10T18:56:49Z",
  "plugins_used": [
    {
      "base64_limit": 4.5,
@ -194,7 +194,7 @@
        "hashed_secret": "e4f14805dfd1e6af030359090c535e149e6b4207",
        "is_secret": false,
        "is_verified": false,
-        "line_number": 544,
+        "line_number": 507,
        "type": "Hex High Entropy String"
      }
    ]
--- a/atst/domain/environments.py
+++ b/atst/domain/environments.py
@ -3,7 +3,6 @@ from sqlalchemy.orm.exc import NoResultFound
 from atst.database import db
 from atst.models.environment import Environment
 from atst.domain.environment_roles import EnvironmentRoles
-from atst.domain.application_roles import ApplicationRoles

 from .exceptions import NotFoundError

@ -72,17 +71,6 @@ class Environments(object):

        return updated

-    @classmethod
-    def update_env_roles_by_environment(cls, environment_id, team_roles):
-        environment = Environments.get(environment_id)
-
-        for member in team_roles:
-            new_role = member["role_name"]
-            app_role = ApplicationRoles.get_by_id(member["application_role_id"])
-            Environments.update_env_role(
-                environment=environment, application_role=app_role, new_role=new_role
-            )
-
    @classmethod
    def revoke_access(cls, environment, target_user):
        EnvironmentRoles.delete(environment.id, target_user.id)
--- a/atst/forms/app_settings.py
+++ b/atst/forms/app_settings.py
@ -1,32 +0,0 @@
-from flask_wtf import FlaskForm
-from wtforms.fields import FieldList, FormField, HiddenField, RadioField, StringField
-
-from .forms import BaseForm
-from .data import ENV_ROLES, ENV_ROLE_NO_ACCESS as NO_ACCESS
-
-
-class MemberForm(FlaskForm):
-    application_role_id = HiddenField()
-    user_name = StringField()
-    role_name = RadioField(choices=ENV_ROLES, default=NO_ACCESS)
-
-    @property
-    def data(self):
-        _data = super().data
-        if "role_name" in _data and _data["role_name"] == NO_ACCESS:
-            _data["role_name"] = None
-        return _data
-
-
-class RoleForm(FlaskForm):
-    role = HiddenField()
-    members = FieldList(FormField(MemberForm))
-
-
-class EnvironmentRolesForm(FlaskForm):
-    team_roles = FieldList(FormField(RoleForm))
-    env_id = HiddenField()
-
-
-class AppEnvRolesForm(BaseForm):
-    envs = FieldList(FormField(EnvironmentRolesForm))
--- a/atst/forms/team.py
+++ b/atst/forms/team.py
@ -1,64 +0,0 @@
-from flask_wtf import FlaskForm
-from wtforms.fields import FormField, FieldList, HiddenField, RadioField, StringField
-from wtforms.validators import Required
-
-from .application_member import EnvironmentForm as BaseEnvironmentForm
-from .data import ENV_ROLES
-from .forms import BaseForm
-from atst.forms.fields import SelectField
-from atst.domain.permission_sets import PermissionSets
-from atst.utils.localization import translate
-
-
-class EnvironmentForm(BaseEnvironmentForm):
-    role = RadioField(
-        "Role",
-        choices=ENV_ROLES,
-        default=None,
-        filters=[lambda x: None if x == "None" else x],
-    )
-
-
-class PermissionsForm(FlaskForm):
-    perms_team_mgmt = SelectField(
-        translate("portfolios.applications.members.new.manage_team"),
-        choices=[
-            (PermissionSets.VIEW_APPLICATION, "View"),
-            (PermissionSets.EDIT_APPLICATION_TEAM, "Edit"),
-        ],
-    )
-    perms_env_mgmt = SelectField(
-        translate("portfolios.applications.members.new.manage_envs"),
-        choices=[
-            (PermissionSets.VIEW_APPLICATION, "View"),
-            (PermissionSets.EDIT_APPLICATION_ENVIRONMENTS, "Edit"),
-        ],
-    )
-    perms_del_env = SelectField(
-        choices=[
-            (PermissionSets.VIEW_APPLICATION, "No"),
-            (PermissionSets.DELETE_APPLICATION_ENVIRONMENTS, "Yes"),
-        ]
-    )
-
-    @property
-    def data(self):
-        _data = super().data
-        _data.pop("csrf_token", None)
-        permission_sets = []
-        for field in _data:
-            if _data[field] is not None:
-                permission_sets.append(_data[field])
-
-        return permission_sets
-
-
-class MemberForm(FlaskForm):
-    role_id = HiddenField(validators=[Required()])
-    user_name = StringField()
-    environment_roles = FieldList(FormField(EnvironmentForm))
-    permission_sets = FormField(PermissionsForm)
-
-
-class TeamForm(BaseForm):
-    members = FieldList(FormField(MemberForm))
--- a/atst/routes/applications/settings.py
+++ b/atst/routes/applications/settings.py
@ -8,7 +8,6 @@ from atst.domain.application_roles import ApplicationRoles
 from atst.domain.audit_log import AuditLog
 from atst.domain.common import Paginator
 from atst.domain.environment_roles import EnvironmentRoles
-from atst.forms.app_settings import AppEnvRolesForm
 from atst.forms.application import ApplicationForm, EditEnvironmentForm
 from atst.forms.application_member import NewForm as NewMemberForm
 from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS
@ -139,7 +138,6 @@ def get_new_member_form(application):

 def render_settings_page(application, **kwargs):
    environments_obj = get_environments_obj_for_app(application=application)
-    members_form = AppEnvRolesForm(data=data_for_app_env_roles_form(application))
    new_env_form = EditEnvironmentForm()
    pagination_opts = Paginator.get_pagination_opts(http_request)
    audit_events = AuditLog.get_application_events(application, pagination_opts)
@ -155,7 +153,6 @@ def render_settings_page(application, **kwargs):
        "portfolios/applications/settings.html",
        application=application,
        environments_obj=environments_obj,
-        members_form=members_form,
        new_env_form=new_env_form,
        audit_events=audit_events,
        new_member_form=new_member_form,
@ -265,47 +262,6 @@ def update(application_id):
        return render_settings_page(application=application, application_form=form)


-@applications_bp.route("/environments/<environment_id>/roles", methods=["POST"])
-@user_can(Permissions.ASSIGN_ENVIRONMENT_MEMBER, message="update environment roles")
-def update_env_roles(environment_id):
-    environment = Environments.get(environment_id)
-    application = environment.application
-    form = AppEnvRolesForm(formdata=http_request.form)
-
-    if form.validate():
-        env_data = []
-        for env in form.envs.data:
-            if env["env_id"] == str(environment.id):
-                for role in env["team_roles"]:
-                    env_data = env_data + role["members"]
-
-        Environments.update_env_roles_by_environment(
-            environment_id=environment_id, team_roles=env_data
-        )
-
-        flash("application_environment_members_updated")
-
-        return redirect(
-            url_for(
-                "applications.settings",
-                application_id=application.id,
-                fragment="application-environments",
-                _anchor="application-environments",
-                active_toggler=environment.id,
-                active_toggler_section="members",
-            )
-        )
-    else:
-        return (
-            render_settings_page(
-                application=application,
-                active_toggler=environment.id,
-                active_toggler_section="edit",
-            ),
-            400,
-        )
-
-
@applications_bp.route("/applications/<application_id>/delete", methods=["POST"])
@user_can(Permissions.DELETE_APPLICATION, message="delete application")
 def delete(application_id):
--- a/tests/domain/test_application_roles.py
+++ b/tests/domain/test_application_roles.py
@ -56,23 +56,6 @@ def test_get_handles_invalid_id():
        ApplicationRoles.get(user.id, application.id)


-def test_update_permission_sets():
-    user = UserFactory.create()
-    application = ApplicationFactory.create()
-    app_role = ApplicationRoleFactory.create(user=user, application=application)
-
-    view_app = [PermissionSets.get(PermissionSets.VIEW_APPLICATION)]
-    new_perms_names = [
-        PermissionSets.EDIT_APPLICATION_TEAM,
-        PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
-    ]
-    new_perms = PermissionSets.get_many(new_perms_names)
-    # view application permission is included by default
-    assert app_role.permission_sets == view_app
-    assert ApplicationRoles.update_permission_sets(app_role, new_perms_names)
-    assert set(app_role.permission_sets) == set(new_perms + view_app)
-
-
 def test_get_by_id():
    user = UserFactory.create()
    application = ApplicationFactory.create()
--- a/tests/domain/test_environments.py
+++ b/tests/domain/test_environments.py
@ -53,51 +53,6 @@ def test_update_env_role_no_change():
    )


-def test_update_env_roles_by_environment():
-    environment = EnvironmentFactory.create()
-    app_role_1 = ApplicationRoleFactory.create(application=environment.application)
-    env_role_1 = EnvironmentRoleFactory.create(
-        application_role=app_role_1,
-        environment=environment,
-        role=CSPRole.BASIC_ACCESS.value,
-    )
-    app_role_2 = ApplicationRoleFactory.create(application=environment.application)
-    env_role_2 = EnvironmentRoleFactory.create(
-        application_role=app_role_2,
-        environment=environment,
-        role=CSPRole.NETWORK_ADMIN.value,
-    )
-    app_role_3 = ApplicationRoleFactory.create(application=environment.application)
-    env_role_3 = EnvironmentRoleFactory.create(
-        application_role=app_role_3,
-        environment=environment,
-        role=CSPRole.TECHNICAL_READ.value,
-    )
-
-    team_roles = [
-        {
-            "application_role_id": app_role_1.id,
-            "user_name": app_role_1.user_name,
-            "role_name": CSPRole.BUSINESS_READ.value,
-        },
-        {
-            "application_role_id": app_role_2.id,
-            "user_name": app_role_2.user_name,
-            "role_name": CSPRole.NETWORK_ADMIN.value,
-        },
-        {
-            "application_role_id": app_role_3.id,
-            "user_name": app_role_3.user_name,
-            "role_name": None,
-        },
-    ]
-
-    Environments.update_env_roles_by_environment(environment.id, team_roles)
-    assert env_role_1.role == CSPRole.BUSINESS_READ.value
-    assert env_role_2.role == CSPRole.NETWORK_ADMIN.value
-    assert not EnvironmentRoles.get(app_role_3.id, environment.id)
-
-
 def test_get_excludes_deleted():
    env = EnvironmentFactory.create(
        deleted=True, application=ApplicationFactory.create()
--- a/tests/forms/test_team.py
+++ b/tests/forms/test_team.py
@ -1,30 +0,0 @@
-from wtforms.validators import ValidationError
-
-from atst.domain.permission_sets import PermissionSets
-from atst.forms.team import *
-
-
-def test_permissions_form_permission_sets():
-    form_data = {
-        "perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
-        "perms_env_mgmt": PermissionSets.VIEW_APPLICATION,
-        "perms_del_env": PermissionSets.VIEW_APPLICATION,
-    }
-    form = PermissionsForm(data=form_data)
-
-    assert form.validate()
-    assert form.data == [
-        PermissionSets.EDIT_APPLICATION_TEAM,
-        PermissionSets.VIEW_APPLICATION,
-        PermissionSets.VIEW_APPLICATION,
-    ]
-
-
-def test_permissions_form_invalid():
-    form_data = {
-        "perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
-        "perms_env_mgmt": "not a real choice",
-        "perms_del_env": PermissionSets.VIEW_APPLICATION,
-    }
-    form = PermissionsForm(data=form_data)
-    assert not form.validate()
--- a/tests/routes/applications/test_settings.py
+++ b/tests/routes/applications/test_settings.py
@ -15,7 +15,6 @@ from atst.domain.exceptions import NotFoundError
 from atst.models.environment_role import CSPRole
 from atst.models.portfolio_role import Status as PortfolioRoleStatus
 from atst.forms.application import EditEnvironmentForm
-from atst.forms.app_settings import AppEnvRolesForm
 from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS

 from tests.utils import captured_templates
@ -112,7 +111,6 @@ def test_edit_application_environments_obj(app, client, user_session):
        assert response.status_code == 200
        _, context = templates[-1]

-        assert isinstance(context["members_form"], AppEnvRolesForm)
        env_obj = context["environments_obj"][0]
        assert env_obj["name"] == env.name
        assert env_obj["id"] == env.id
@ -153,50 +151,6 @@ def test_data_for_app_env_roles_form(app, client, user_session):
        assert response.status_code == 200
        _, context = templates[-1]

-        members_form = context["members_form"]
-        assert isinstance(members_form, AppEnvRolesForm)
-        assert members_form.data == {
-            "envs": [
-                {
-                    "env_id": env.id,
-                    "team_roles": [
-                        {
-                            "role": NO_ACCESS,
-                            "members": [
-                                {
-                                    "application_role_id": str(app_role0.id),
-                                    "user_name": app_role0.user_name,
-                                    "role_name": None,
-                                }
-                            ],
-                        },
-                        {
-                            "role": CSPRole.BASIC_ACCESS.value,
-                            "members": [
-                                {
-                                    "application_role_id": str(app_role1.id),
-                                    "user_name": app_role1.user_name,
-                                    "role_name": CSPRole.BASIC_ACCESS.value,
-                                }
-                            ],
-                        },
-                        {
-                            "role": CSPRole.NETWORK_ADMIN.value,
-                            "members": [
-                                {
-                                    "application_role_id": str(app_role2.id),
-                                    "user_name": app_role2.user_name,
-                                    "role_name": CSPRole.NETWORK_ADMIN.value,
-                                }
-                            ],
-                        },
-                        {"role": CSPRole.BUSINESS_READ.value, "members": []},
-                        {"role": CSPRole.TECHNICAL_READ.value, "members": []},
-                    ],
-                }
-            ]
-        }
-

 def test_user_with_permission_can_update_application(client, user_session):
    owner = UserFactory.create()
@ -253,55 +207,6 @@ def test_user_without_permission_cannot_update_application(client, user_session)
    assert application.description == "Cool stuff happening here!"


-def test_update_team_env_roles(client, user_session):
-    environment = EnvironmentFactory.create()
-    application = environment.application
-    app_role_1 = ApplicationRoleFactory.create(application=application)
-    env_role_1 = EnvironmentRoleFactory.create(
-        environment=environment,
-        role=CSPRole.BASIC_ACCESS.value,
-        application_role=app_role_1,
-    )
-    app_role_2 = ApplicationRoleFactory.create(application=application)
-    env_role_2 = EnvironmentRoleFactory.create(
-        environment=environment,
-        role=CSPRole.BASIC_ACCESS.value,
-        application_role=app_role_2,
-    )
-    app_role_3 = ApplicationRoleFactory.create(application=application)
-    env_role_3 = EnvironmentRoleFactory.create(
-        environment=environment,
-        role=CSPRole.BASIC_ACCESS.value,
-        application_role=app_role_3,
-    )
-
-    app_role_4 = ApplicationRoleFactory.create(application=application)
-    form_data = {
-        "envs-0-env_id": environment.id,
-        "envs-0-team_roles-0-members-0-application_role_id": app_role_4.id,
-        "envs-0-team_roles-0-members-0-role_name": CSPRole.TECHNICAL_READ.value,
-        "envs-0-team_roles-1-members-0-application_role_id": app_role_1.id,
-        "envs-0-team_roles-1-members-0-role_name": CSPRole.NETWORK_ADMIN.value,
-        "envs-0-team_roles-1-members-1-application_role_id": app_role_2.id,
-        "envs-0-team_roles-1-members-1-role_name": CSPRole.BASIC_ACCESS.value,
-        "envs-0-team_roles-1-members-2-application_role_id": app_role_3.id,
-        "envs-0-team_roles-1-members-2-role_name": NO_ACCESS,
-    }
-
-    user_session(application.portfolio.owner)
-    response = client.post(
-        url_for("applications.update_env_roles", environment_id=environment.id),
-        data=form_data,
-        follow_redirects=True,
-    )
-
-    assert response.status_code == 200
-    assert env_role_1.role == CSPRole.NETWORK_ADMIN.value
-    assert env_role_2.role == CSPRole.BASIC_ACCESS.value
-    assert not EnvironmentRoles.get(app_role_3.id, environment.id)
-    assert EnvironmentRoles.get(app_role_4.id, environment.id)
-
-
 def test_user_can_only_access_apps_in_their_portfolio(client, user_session):
    portfolio = PortfolioFactory.create()
    other_portfolio = PortfolioFactory.create(
--- a/tests/test_access.py
+++ b/tests/test_access.py
@ -235,43 +235,6 @@ def test_applications_create_access(post_url_assert_status):
    post_url_assert_status(rando, url, 404)


-# applications.update_env_roles
-def test_applications_update_team_env_roles(post_url_assert_status):
-    ccpo = UserFactory.create_ccpo()
-    owner = user_with()
-    app_admin = user_with()
-    rando = user_with()
-    app_member = UserFactory.create()
-
-    portfolio = PortfolioFactory.create(
-        owner=owner, applications=[{"name": "mos eisley"}]
-    )
-    application = portfolio.applications[0]
-    environment = EnvironmentFactory.create(application=application)
-
-    ApplicationRoleFactory.create(
-        user=app_admin,
-        application=application,
-        permission_sets=PermissionSets.get_many(
-            [
-                PermissionSets.VIEW_APPLICATION,
-                PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
-                PermissionSets.EDIT_APPLICATION_TEAM,
-                PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
-            ]
-        ),
-    )
-    ApplicationRoleFactory.create(user=app_member, application=application)
-    ApplicationRoleFactory.create(user=ccpo, application=application)
-    ApplicationRoleFactory.create(user=owner, application=application)
-
-    url = url_for("applications.update_env_roles", environment_id=environment.id)
-    post_url_assert_status(ccpo, url, 302)
-    post_url_assert_status(owner, url, 302)
-    post_url_assert_status(app_admin, url, 302)
-    post_url_assert_status(rando, url, 404)
-
-
 # portfolios.invite_member
 def test_portfolios_invite_member_access(post_url_assert_status):
    ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_ADMIN)