Create Projects.for_user and Environments.for_user

atst/domain/environments.py

@@ -1,6 +1,7 @@
 from atst.database import db
 from atst.models.environment import Environment
 from atst.models.environment_role import EnvironmentRole, CSPRole
+from atst.models.project import Project
 
 
 class Environments(object):
@@ -19,11 +20,22 @@ class Environments(object):
         db.session.commit()
 
     @classmethod
-    def add_member(cls, user, environment, member):
+    def add_member(cls, user, environment, member, role=CSPRole.NONSENSE_ROLE):
         environment_user = EnvironmentRole(
-            user=member, environment=environment, role=CSPRole.NONSENSE_ROLE.value
+            user=member, environment=environment, role=role.value
         )
         db.session.add(environment_user)
         db.session.commit()
 
         return environment
+
+    @classmethod
+    def for_user(cls, user, project):
+        return (
+            db.session.query(Environment)
+            .join(EnvironmentRole)
+            .join(Project)
+            .filter(EnvironmentRole.user_id == user.id)
+            .filter(Project.id == Environment.project_id)
+            .all()
+        )

atst/domain/projects.py

@@ -4,6 +4,8 @@ from atst.domain.environments import Environments
 from atst.domain.exceptions import NotFoundError
 from atst.models.permissions import Permissions
 from atst.models.project import Project
+from atst.models.environment import Environment
+from atst.models.environment_role import EnvironmentRole
 
 
 class Projects(object):
@@ -36,3 +38,14 @@ class Projects(object):
             raise NotFoundError("project")
 
         return project
+
+    @classmethod
+    def for_user(self, user, workspace):
+        return (
+            db.session.query(Project)
+            .join(Environment)
+            .join(EnvironmentRole)
+            .filter(Project.workspace_id == workspace.id)
+            .filter(EnvironmentRole.user_id == user.id)
+            .all()
+        )

atst/models/workspace.py

@@ -22,7 +22,8 @@ class Workspace(Base, TimestampsMixin):
         def _is_workspace_owner(workspace_role):
             return workspace_role.role.name == "owner"
 
-        return first_or_none(_is_workspace_owner, self.roles)
+        owner = first_or_none(_is_workspace_owner, self.roles)
+        return owner.user if owner else None
 
     @property
     def users(self):

tests/domain/test_workspaces.py

@@ -4,6 +4,8 @@ from uuid import uuid4
 from atst.domain.exceptions import NotFoundError, UnauthorizedError
 from atst.domain.workspaces import Workspaces
 from atst.domain.workspace_users import WorkspaceUsers
+from atst.domain.projects import Projects
+from atst.domain.environments import Environments
 
 from tests.factories import WorkspaceFactory, RequestFactory, UserFactory
 
@@ -179,3 +181,57 @@ def test_random_user_cannot_view_workspace_members():
 
     with pytest.raises(UnauthorizedError):
         workspace = Workspaces.get_with_members(developer, workspace.id)
+
+
+def test_scoped_workspace_only_returns_users_projects_and_environments():
+    workspace = WorkspaceFactory.create()
+    new_project = Projects.create(
+        workspace.owner,
+        workspace,
+        "My Project",
+        "My project",
+        ["dev", "staging", "prod"],
+    )
+    developer = UserFactory.from_atat_role("developer")
+    dev_environment = Environments.add_member(workspace.owner, new_project.environments[0], developer)
+
+    scoped_workspace = Workspaces.get(developer, workspace.id)
+
+    assert scoped_workspace.projects == [new_project]
+    assert scoped_workspace.projects[0].environments == [dev_environment]
+
+
+def test_scoped_workspace_returns_all_projects_for_ccpo():
+    workspace = Workspaces.create(RequestFactory.create())
+    for _ in range(5):
+        Projects.create(
+            workspace.owner,
+            workspace,
+            "My Project",
+            "My project",
+            ["dev", "staging", "prod"],
+        )
+
+    ccpo = UserFactory.from_atat_role("ccpo")
+    scoped_workspace = Workspaces.get(ccpo, workspace.id)
+
+    assert len(scoped_workspace.projects) == 5
+    assert len(scoped_workspace.projects[0].environments) == 3
+
+
+def test_scoped_workspace_returns_all_projects_for_workspace_owner():
+    workspace = Workspaces.create(RequestFactory.create())
+    for _ in range(5):
+        Projects.create(
+            workspace.owner,
+            workspace,
+            "My Project",
+            "My project",
+            ["dev", "staging", "prod"],
+        )
+
+    owner = UserFactory.from_atat_role("owner")
+    scoped_workspace = Workspaces.get(owner, workspace.id)
+
+    assert len(scoped_workspace.projects) == 5
+    assert len(scoped_workspace.projects[0].environments) == 3