From e391c3269df62074dd2b2de16dbdef4292f42b44 Mon Sep 17 00:00:00 2001 From: leigh-mil Date: Mon, 9 Sep 2019 15:23:37 -0400 Subject: [PATCH] Remove unused route to update team roles --- atst/routes/applications/settings.py | 39 ------- tests/routes/applications/test_settings.py | 130 --------------------- 2 files changed, 169 deletions(-) diff --git a/atst/routes/applications/settings.py b/atst/routes/applications/settings.py index 8e9ee64b..e586e317 100644 --- a/atst/routes/applications/settings.py +++ b/atst/routes/applications/settings.py @@ -12,7 +12,6 @@ from atst.forms.app_settings import AppEnvRolesForm from atst.forms.application import ApplicationForm, EditEnvironmentForm from atst.forms.application_member import NewForm as NewMemberForm from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS -from atst.forms.team import TeamForm from atst.domain.authz.decorator import user_can_access_decorator as user_can from atst.models.environment_role import CSPRole from atst.models.permissions import Permissions @@ -340,44 +339,6 @@ def delete_environment(environment_id): ) -@applications_bp.route("/application//team", methods=["POST"]) -@user_can(Permissions.EDIT_APPLICATION_MEMBER, message="update application member") -def update_team(application_id): - application = Applications.get(application_id) - form = TeamForm(http_request.form) - - if form.validate(): - for member_form in form.members: - app_role = ApplicationRoles.get_by_id(member_form.role_id.data) - new_perms = [ - perm - for perm in member_form.data["permission_sets"] - if perm != PermissionSets.VIEW_APPLICATION - ] - ApplicationRoles.update_permission_sets(app_role, new_perms) - - for environment_role_form in member_form.environment_roles: - environment = Environments.get( - environment_role_form.environment_id.data - ) - Environments.update_env_role( - environment, app_role, environment_role_form.data.get("role") - ) - - flash("updated_application_team_settings", application_name=application.name) - - return redirect( - url_for( - "applications.settings", - application_id=application_id, - fragment="application-members", - _anchor="application-members", - ) - ) - else: - return (render_settings_page(application), 400) - - @applications_bp.route("/application//members/new", methods=["POST"]) @user_can( Permissions.CREATE_APPLICATION_MEMBER, message="create new application member" diff --git a/tests/routes/applications/test_settings.py b/tests/routes/applications/test_settings.py index 7adc525e..9222167d 100644 --- a/tests/routes/applications/test_settings.py +++ b/tests/routes/applications/test_settings.py @@ -428,136 +428,6 @@ def test_delete_environment(client, user_session): assert len(application.environments) == 0 -def test_update_team_permissions(client, user_session): - application = ApplicationFactory.create() - owner = application.portfolio.owner - app_role = ApplicationRoleFactory.create( - application=application, permission_sets=[] - ) - user_session(owner) - response = client.post( - url_for("applications.update_team", application_id=application.id), - data={ - "members-0-role_id": app_role.id, - "members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM, - "members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS, - "members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS, - }, - ) - - assert response.status_code == 302 - actual_perms_names = [perm.name for perm in app_role.permission_sets] - expected_perms_names = [ - PermissionSets.VIEW_APPLICATION, - PermissionSets.EDIT_APPLICATION_TEAM, - PermissionSets.EDIT_APPLICATION_ENVIRONMENTS, - PermissionSets.DELETE_APPLICATION_ENVIRONMENTS, - ] - assert expected_perms_names == actual_perms_names - - -def test_update_team_with_bad_permission_sets(client, user_session): - application = ApplicationFactory.create() - owner = application.portfolio.owner - app_role = ApplicationRoleFactory.create( - application=application, permission_sets=[] - ) - permission_sets = app_role.permission_sets - - user_session(owner) - response = client.post( - url_for("applications.update_team", application_id=application.id), - data={ - "members-0-role_id": app_role.id, - "members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM, - "members-0-permission_sets-perms_env_mgmt": "some random string", - }, - ) - assert response.status_code == 400 - assert app_role.permission_sets == permission_sets - - -def test_update_team_with_non_app_user(client, user_session): - application = ApplicationFactory.create() - owner = application.portfolio.owner - - user_session(owner) - response = client.post( - url_for("applications.update_team", application_id=application.id), - data={ - "members-0-role_id": str(uuid.uuid4()), - "members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM, - "members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS, - "members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS, - }, - ) - - assert response.status_code == 404 - - -def test_update_team_environment_roles(client, user_session): - application = ApplicationFactory.create() - owner = application.portfolio.owner - app_role = ApplicationRoleFactory.create( - application=application, permission_sets=[] - ) - environment = EnvironmentFactory.create(application=application) - env_role = EnvironmentRoleFactory.create( - application_role=app_role, - environment=environment, - role=CSPRole.NETWORK_ADMIN.value, - ) - user_session(owner) - response = client.post( - url_for("applications.update_team", application_id=application.id), - data={ - "members-0-role_id": app_role.id, - "members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM, - "members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS, - "members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS, - "members-0-environment_roles-0-environment_id": environment.id, - "members-0-environment_roles-0-role": CSPRole.TECHNICAL_READ.value, - }, - ) - - assert response.status_code == 302 - assert env_role.role == CSPRole.TECHNICAL_READ.value - - -def test_update_team_revoke_environment_access(client, user_session, db, session): - application = ApplicationFactory.create() - owner = application.portfolio.owner - user = UserFactory.create() - app_role = ApplicationRoleFactory.create( - application=application, user=user, permission_sets=[] - ) - environment = EnvironmentFactory.create(application=application) - env_role = EnvironmentRoleFactory.create( - application_role=app_role, - environment=environment, - role=CSPRole.BASIC_ACCESS.value, - ) - assert user in environment.users - - user_session(owner) - response = client.post( - url_for("applications.update_team", application_id=application.id), - data={ - "members-0-role_id": app_role.id, - "members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM, - "members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS, - "members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS, - "members-0-environment_roles-0-environment_id": environment.id, - "members-0-environment_roles-0-role": NO_ACCESS, - }, - ) - - assert response.status_code == 302 - env_role_exists = db.exists().where(EnvironmentRole.id == env_role.id) - assert not session.query(env_role_exists).scalar() - assert user not in environment.users - - def test_create_member(monkeypatch, client, user_session, session): job_mock = Mock() monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock)