pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'staging' into Typography-updates

Browse Source
This commit is contained in:
Hannah Brinkman 2020-01-14 16:09:49 -05:00 committed by GitHub
commit e5a8bb1c17
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 100 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
alembic/versions/828d8c188dce_update_environment_roles_enum_list.py Normal file
View File

@ -0,0 +1,58 @@
"""update environment_roles enum list
Revision ID: 828d8c188dce
Revises: 5d7198d34b91
Create Date: 2020-01-08 16:08:03.879881
"""
from alembic import op
import sqlalchemy as sa
# revision identifiers, used by Alembic.
revision = '828d8c188dce' # pragma: allowlist secret
down_revision = '5d7198d34b91' # pragma: allowlist secret
branch_labels = None
depends_on = None
def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
conn = op.get_bind()
conn.execute(
"""
UPDATE environment_roles
SET role = NULL
"""
)
op.alter_column(
"environment_roles",
"role",
type_=sa.Enum(
"ADMIN",
"BILLING_READ",
"CONTRIBUTOR",
name="role",
native_enum=False,
),
existing_type=sa.VARCHAR(),
nullable=True,
)
# ### end Alembic commands ###
def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.alter_column(
"environment_roles",
"status",
type_=sa.VARCHAR(),
existing_type=sa.Enum(
"ADMIN",
"BILLING_READ",
"CONTRIBUTOR",
name="status",
native_enum=False,
),
)
# ### end Alembic commands ###

2
atst/forms/data.py
View File

@ -14,7 +14,7 @@ SERVICE_BRANCHES = [
] ]
ENV_ROLE_NO_ACCESS = "No Access" ENV_ROLE_NO_ACCESS = "No Access"
ENV_ROLES = [(role.value, role.value) for role in CSPRole] + [ ENV_ROLES = [(role.name, role.value) for role in CSPRole] + [
(ENV_ROLE_NO_ACCESS, ENV_ROLE_NO_ACCESS) (ENV_ROLE_NO_ACCESS, ENV_ROLE_NO_ACCESS)
] ]

9
atst/models/environment_role.py
View File

@ -9,10 +9,9 @@ import atst.models.types as types
class CSPRole(Enum): class CSPRole(Enum):
BASIC_ACCESS = "Basic Access" ADMIN = "Admin"
NETWORK_ADMIN = "Network Admin" BILLING_READ = "Billing Read-only"
BUSINESS_READ = "Business Read-only" CONTRIBUTOR = "Contributor"
TECHNICAL_READ = "Technical Read-only"
class EnvironmentRole( class EnvironmentRole(
@ -26,7 +25,7 @@ class EnvironmentRole(
) )
environment = relationship("Environment") environment = relationship("Environment")
role = Column(String()) role = Column(SQLAEnum(CSPRole, native_enum=False), nullable=True)
application_role_id = Column( application_role_id = Column(
UUID(as_uuid=True), ForeignKey("application_roles.id"), nullable=False UUID(as_uuid=True), ForeignKey("application_roles.id"), nullable=False

5
atst/routes/applications/settings.py
View File

@ -78,7 +78,7 @@ def filter_env_roles_data(roles):
{ {
"environment_id": str(role.environment.id), "environment_id": str(role.environment.id),
"environment_name": role.environment.name, "environment_name": role.environment.name,
"role": role.role, "role": (role.role.value if role.role else "None"),
} }
for role in roles for role in roles
], ],
@ -99,8 +99,9 @@ def filter_env_roles_form_data(member, environments):
if len(env_roles_set) == 1: if len(env_roles_set) == 1:
(env_role,) = env_roles_set (env_role,) = env_roles_set
env_data["role"] = env_role.role
env_data["disabled"] = env_role.disabled env_data["disabled"] = env_role.disabled
if env_role.role:
env_data["role"] = env_role.role.name
env_roles_form_data.append(env_data) env_roles_form_data.append(env_data)

6
tests/domain/test_applications.py
View File

@ -147,7 +147,7 @@ def test_invite():
user_data=user_data, user_data=user_data,
permission_sets_names=permission_sets_names, permission_sets_names=permission_sets_names,
environment_roles_data=[ environment_roles_data=[
{"environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value}, {"environment_id": env1.id, "role": CSPRole.ADMIN},
{"environment_id": env2.id, "role": None}, {"environment_id": env2.id, "role": None},
], ],
) )
@ -173,8 +173,8 @@ def test_invite_to_nonexistent_environment():
inviter=application.portfolio.owner, inviter=application.portfolio.owner,
user_data=user_data, user_data=user_data,
environment_roles_data=[ environment_roles_data=[
{"environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value}, {"environment_id": env1.id, "role": CSPRole.ADMIN},
{"environment_id": uuid4(), "role": CSPRole.BASIC_ACCESS.value}, {"environment_id": uuid4(), "role": CSPRole.ADMIN},
], ],
) )

12
tests/domain/test_environments.py
View File

@ -26,8 +26,8 @@ def test_create_environments():
def test_update_env_role(): def test_update_env_role():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value) env_role = EnvironmentRoleFactory.create(role=CSPRole.ADMIN)
new_role = CSPRole.TECHNICAL_READ.value new_role = CSPRole.BILLING_READ
Environments.update_env_role( Environments.update_env_role(
env_role.environment, env_role.application_role, new_role env_role.environment, env_role.application_role, new_role
) )
@ -35,7 +35,7 @@ def test_update_env_role():
def test_update_env_role_no_access(): def test_update_env_role_no_access():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value) env_role = EnvironmentRoleFactory.create(role=CSPRole.ADMIN)
Environments.update_env_role(env_role.environment, env_role.application_role, None) Environments.update_env_role(env_role.environment, env_role.application_role, None)
assert not EnvironmentRoles.get( assert not EnvironmentRoles.get(
@ -46,15 +46,13 @@ def test_update_env_role_no_access():
def test_update_env_role_disabled_role(): def test_update_env_role_disabled_role():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value) env_role = EnvironmentRoleFactory.create(role=CSPRole.ADMIN)
Environments.update_env_role(env_role.environment, env_role.application_role, None) Environments.update_env_role(env_role.environment, env_role.application_role, None)
# An exception should be raised when a new role is passed to Environments.update_env_role # An exception should be raised when a new role is passed to Environments.update_env_role
with pytest.raises(DisabledError): with pytest.raises(DisabledError):
Environments.update_env_role( Environments.update_env_role(
env_role.environment, env_role.environment, env_role.application_role, CSPRole.BILLING_READ,
env_role.application_role,
CSPRole.TECHNICAL_READ.value,
) )
assert env_role.role is None assert env_role.role is None

2
tests/factories.py
View File

@ -255,7 +255,7 @@ class EnvironmentRoleFactory(Base):
model = EnvironmentRole model = EnvironmentRole
environment = factory.SubFactory(EnvironmentFactory) environment = factory.SubFactory(EnvironmentFactory)
role = random.choice([e.value for e in CSPRole]) role = random.choice([e for e in CSPRole])
application_role = factory.SubFactory(ApplicationRoleFactory) application_role = factory.SubFactory(ApplicationRoleFactory)

8
tests/models/test_environments.py
View File

@ -28,7 +28,7 @@ def test_add_user_to_environment():
EnvironmentRoleFactory.create( EnvironmentRoleFactory.create(
application_role=application_role, application_role=application_role,
environment=dev_environment, environment=dev_environment,
role=CSPRole.BASIC_ACCESS.value, role=CSPRole.ADMIN,
) )
assert developer in dev_environment.users assert developer in dev_environment.users
@ -75,9 +75,9 @@ def test_environment_provisioning_status(env_data, expected_status):
def test_environment_roles_do_not_include_deleted(): def test_environment_roles_do_not_include_deleted():
member_list = [ member_list = [
{"role_name": CSPRole.BASIC_ACCESS.value}, {"role_name": CSPRole.ADMIN},
{"role_name": CSPRole.BASIC_ACCESS.value}, {"role_name": CSPRole.ADMIN},
{"role_name": CSPRole.BASIC_ACCESS.value}, {"role_name": CSPRole.ADMIN},
] ]
env = EnvironmentFactory.create(members=member_list) env = EnvironmentFactory.create(members=member_list)
role_1 = env.roles[0] role_1 = env.roles[0]

4
tests/routes/applications/test_init.py
View File

@ -9,9 +9,7 @@ def test_environment_access_with_env_role(client, user_session):
app_role = ApplicationRoleFactory.create( app_role = ApplicationRoleFactory.create(
user=user, application=environment.application user=user, application=environment.application
) )
EnvironmentRoleFactory.create( EnvironmentRoleFactory.create(application_role=app_role, environment=environment)
application_role=app_role, environment=environment, role="developer"
)
user_session(user) user_session(user)
response = client.get( response = client.get(
url_for("applications.access_environment", environment_id=environment.id) url_for("applications.access_environment", environment_id=environment.id)

4
tests/routes/applications/test_new.py
View File

@ -153,7 +153,7 @@ def test_post_new_member(monkeypatch, client, user_session, session):
"user_data-dod_id": user.dod_id, "user_data-dod_id": user.dod_id,
"user_data-email": user.email, "user_data-email": user.email,
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": "Basic Access", "environment_roles-0-role": "ADMIN",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-role": NO_ACCESS, "environment_roles-1-role": NO_ACCESS,
@ -201,7 +201,7 @@ def test_post_update_member(client, user_session):
), ),
data={ data={
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": "Basic Access", "environment_roles-0-role": "ADMIN",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-role": NO_ACCESS, "environment_roles-1-role": NO_ACCESS,

28
tests/routes/applications/test_settings.py
View File

@ -129,11 +129,11 @@ def test_edit_application_environments_obj(app, client, user_session):
env = application.environments[0] env = application.environments[0]
app_role1 = ApplicationRoleFactory.create(application=application) app_role1 = ApplicationRoleFactory.create(application=application)
env_role1 = EnvironmentRoleFactory.create( env_role1 = EnvironmentRoleFactory.create(
application_role=app_role1, environment=env, role=CSPRole.BASIC_ACCESS.value application_role=app_role1, environment=env, role=CSPRole.ADMIN
) )
app_role2 = ApplicationRoleFactory.create(application=application, user=None) app_role2 = ApplicationRoleFactory.create(application=application, user=None)
env_role2 = EnvironmentRoleFactory.create( env_role2 = EnvironmentRoleFactory.create(
application_role=app_role2, environment=env, role=CSPRole.NETWORK_ADMIN.value application_role=app_role2, environment=env, role=CSPRole.CONTRIBUTOR
) )
user_session(portfolio.owner) user_session(portfolio.owner)
@ -180,7 +180,7 @@ def test_get_members_data(app, client, user_session):
environments=[ environments=[
{ {
"name": "testing", "name": "testing",
"members": [{"user": user, "role_name": CSPRole.BASIC_ACCESS.value}], "members": [{"user": user, "role_name": CSPRole.ADMIN}],
} }
], ],
) )
@ -212,7 +212,7 @@ def test_get_members_data(app, client, user_session):
{ {
"environment_id": str(environment.id), "environment_id": str(environment.id),
"environment_name": environment.name, "environment_name": environment.name,
"role": env_role.role, "role": env_role.role.value,
} }
] ]
assert member["role_status"] assert member["role_status"]
@ -402,7 +402,7 @@ def test_create_member(monkeypatch, client, user_session, session):
"user_data-dod_id": user.dod_id, "user_data-dod_id": user.dod_id,
"user_data-email": user.email, "user_data-email": user.email,
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": "Basic Access", "environment_roles-0-role": "ADMIN",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-role": NO_ACCESS, "environment_roles-1-role": NO_ACCESS,
@ -511,10 +511,10 @@ def test_update_member(client, user_session, session):
env_2 = EnvironmentFactory.create(application=application) env_2 = EnvironmentFactory.create(application=application)
# add user to two of the environments: env and env_1 # add user to two of the environments: env and env_1
updated_role = EnvironmentRoleFactory.create( updated_role = EnvironmentRoleFactory.create(
environment=env, application_role=app_role, role=CSPRole.BASIC_ACCESS.value environment=env, application_role=app_role, role=CSPRole.ADMIN
) )
suspended_role = EnvironmentRoleFactory.create( suspended_role = EnvironmentRoleFactory.create(
environment=env_1, application_role=app_role, role=CSPRole.BASIC_ACCESS.value environment=env_1, application_role=app_role, role=CSPRole.ADMIN
) )
user_session(application.portfolio.owner) user_session(application.portfolio.owner)
@ -528,13 +528,13 @@ def test_update_member(client, user_session, session):
), ),
data={ data={
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": CSPRole.TECHNICAL_READ.value, "environment_roles-0-role": "CONTRIBUTOR",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-environment_name": env_1.name, "environment_roles-1-environment_name": env_1.name,
"environment_roles-1-disabled": "True", "environment_roles-1-disabled": "True",
"environment_roles-2-environment_id": env_2.id, "environment_roles-2-environment_id": env_2.id,
"environment_roles-2-role": CSPRole.NETWORK_ADMIN.value, "environment_roles-2-role": "BILLING_READ",
"environment_roles-2-environment_name": env_2.name, "environment_roles-2-environment_name": env_2.name,
"perms_env_mgmt": True, "perms_env_mgmt": True,
"perms_team_mgmt": True, "perms_team_mgmt": True,
@ -565,7 +565,7 @@ def test_update_member(client, user_session, session):
environment_roles = application.roles[0].environment_roles environment_roles = application.roles[0].environment_roles
# check that the user has roles in the correct envs # check that the user has roles in the correct envs
assert len(environment_roles) == 3 assert len(environment_roles) == 3
assert updated_role.role == CSPRole.TECHNICAL_READ.value assert updated_role.role == CSPRole.CONTRIBUTOR
assert suspended_role.disabled assert suspended_role.disabled
@ -695,7 +695,7 @@ def test_handle_create_member(monkeypatch, set_g, session):
"user_data-dod_id": user.dod_id, "user_data-dod_id": user.dod_id,
"user_data-email": user.email, "user_data-email": user.email,
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": "Basic Access", "environment_roles-0-role": "ADMIN",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-role": NO_ACCESS, "environment_roles-1-role": NO_ACCESS,
@ -718,7 +718,7 @@ def test_handle_create_member(monkeypatch, set_g, session):
assert job_mock.called assert job_mock.called
def test_handle_update_member(set_g): def test_handle_update_member_success(set_g):
user = UserFactory.create() user = UserFactory.create()
application = ApplicationFactory.create( application = ApplicationFactory.create(
environments=[{"name": "Naboo"}, {"name": "Endor"}] environments=[{"name": "Naboo"}, {"name": "Endor"}]
@ -732,7 +732,7 @@ def test_handle_update_member(set_g):
form_data = ImmutableMultiDict( form_data = ImmutableMultiDict(
{ {
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": "Basic Access", "environment_roles-0-role": "ADMIN",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-role": NO_ACCESS, "environment_roles-1-role": NO_ACCESS,
@ -772,7 +772,7 @@ def test_handle_update_member_with_error(set_g, monkeypatch, mock_logger):
form_data = ImmutableMultiDict( form_data = ImmutableMultiDict(
{ {
"environment_roles-0-environment_id": env.id, "environment_roles-0-environment_id": env.id,
"environment_roles-0-role": "Basic Access", "environment_roles-0-role": "ADMIN",
"environment_roles-0-environment_name": env.name, "environment_roles-0-environment_name": env.name,
"environment_roles-1-environment_id": env_1.id, "environment_roles-1-environment_id": env_1.id,
"environment_roles-1-role": NO_ACCESS, "environment_roles-1-role": NO_ACCESS,

2
tests/test_access.py
View File

@ -213,7 +213,7 @@ def test_applications_access_environment_access(get_url_assert_status):
"environments": [ "environments": [
{ {
"name": "thebar", "name": "thebar",
"members": [{"user": dev, "role_name": "devops"}], "members": [{"user": dev, "role_name": "ADMIN"}],
} }
], ],
} }

6
tests/test_jobs.py
View File

@ -24,7 +24,7 @@ from tests.factories import (
PortfolioFactory, PortfolioFactory,
ApplicationRoleFactory, ApplicationRoleFactory,
) )
from atst.models import EnvironmentRole, ApplicationRoleStatus from atst.models import CSPRole, EnvironmentRole, ApplicationRoleStatus
@pytest.fixture(autouse=True, scope="function") @pytest.fixture(autouse=True, scope="function")
@ -293,7 +293,7 @@ def test_do_provision_user(csp, session):
environment_role = EnvironmentRoleFactory.create( environment_role = EnvironmentRoleFactory.create(
environment=provisioned_environment, environment=provisioned_environment,
status=EnvironmentRole.Status.PENDING, status=EnvironmentRole.Status.PENDING,
role="my_role", role="ADMIN",
) )
# When I call the user provisoning task # When I call the user provisoning task
@ -302,7 +302,7 @@ def test_do_provision_user(csp, session):
session.refresh(environment_role) session.refresh(environment_role)
# I expect that the CSP create_or_update_user method will be called # I expect that the CSP create_or_update_user method will be called
csp.create_or_update_user.assert_called_once_with( csp.create_or_update_user.assert_called_once_with(
credentials, environment_role, "my_role" credentials, environment_role, CSPRole.ADMIN
) )
# I expect that the EnvironmentRole now has a csp_user_id # I expect that the EnvironmentRole now has a csp_user_id
assert environment_role.csp_user_id assert environment_role.csp_user_id