Update route function to revoke CCPO superuser status

This commit is contained in:
leigh-mil 2019-08-08 14:09:10 -04:00
parent 54239a520e
commit e35399d8f5
4 changed files with 29 additions and 3 deletions

View File

@ -62,6 +62,6 @@ def confirm_new_user():
@user_can(Permissions.DELETE_CCPO_USER, message="remove ccpo user")
def remove_access(user_id):
user = Users.get(user_id)
# update user to remove perms
# flash alert to confirm removing ccpo perms
Users.revoke_ccpo_perms(user)
flash("ccpo_user_removed", user_name=user.full_name)
return redirect(url_for("ccpo.users"))

View File

@ -40,6 +40,11 @@ MESSAGES = {
"message_template": translate("ccpo.form.user_not_found_text"),
"category": "info",
},
"ccpo_user_removed": {
"title_template": translate("flash.success"),
"message_template": "You have successfully removed {{ user_name }}'s CCPO permissions.",
"category": "success",
},
"environment_added": {
"title_template": translate("flash.success"),
"message_template": """

View File

@ -1,5 +1,6 @@
from flask import url_for
from atst.domain.users import Users
from atst.utils.localization import translate
from tests.factories import UserFactory
@ -45,10 +46,19 @@ def test_confirm_new_user(user_session, client):
)
assert new_user.dod_id in response.data.decode()
# give person with out ATAT account CCPO permissions
# give person without ATAT account CCPO permissions
response = client.post(
url_for("ccpo.confirm_new_user"),
data={"dod_id": random_dod_id},
follow_redirects=True,
)
assert random_dod_id not in response.data.decode()
def test_remove_access(user_session, client):
ccpo = UserFactory.create_ccpo()
user = UserFactory.create_ccpo()
user_session(ccpo)
response = client.post(url_for("ccpo.remove_access", user_id=user.id))
assert user not in Users.get_ccpo_users()

View File

@ -161,6 +161,17 @@ def test_ccpo_confirm_new_user_access(post_url_assert_status):
post_url_assert_status(rando, url, 404, data={"dod_id": user.dod_id})
# ccpo.remove_access
def test_ccpo_remove_access(post_url_assert_status):
ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
rando = user_with()
user = UserFactory.create_ccpo()
url = url_for("ccpo.remove_access", user_id=user.id)
post_url_assert_status(rando, url, 404)
post_url_assert_status(ccpo, url, 302)
# applications.access_environment
def test_applications_access_environment_access(get_url_assert_status):
dev = UserFactory.create()