organize portfolio permission sets by domain

atst/domain/permission_sets.py

@@ -81,13 +81,16 @@ ATAT_ROLES = [
     },
 ]
 
-_VIEW_PORTFOLIO_PERMISSION_SETS = [
+_PORTFOLIO_BASIC_PERMISSION_SETS = [
     {
         "name": PermissionSets.VIEW_PORTFOLIO,
         "description": "View basic portfolio info",
         "display_name": "View Portfolio",
         "permissions": [Permissions.VIEW_PORTFOLIO],
-    },
+    }
+]
+
+_PORTFOLIO_APP_MGMT_PERMISSION_SETS = [
     {
         "name": PermissionSets.VIEW_PORTFOLIO_APPLICATION_MANAGEMENT,
         "description": "View applications and related resources",
@@ -98,36 +101,6 @@ _VIEW_PORTFOLIO_PERMISSION_SETS = [
             Permissions.VIEW_ENVIRONMENT,
         ],
     },
-    {
-        "name": PermissionSets.VIEW_PORTFOLIO_FUNDING,
-        "description": "View a portfolio's task orders",
-        "display_name": "Funding",
-        "permissions": [
-            Permissions.VIEW_PORTFOLIO_FUNDING,
-            Permissions.VIEW_TASK_ORDER_DETAILS,
-        ],
-    },
-    {
-        "name": PermissionSets.VIEW_PORTFOLIO_REPORTS,
-        "description": "View a portfolio's reports",
-        "display_name": "Reporting",
-        "permissions": [Permissions.VIEW_PORTFOLIO_REPORTS],
-    },
-    {
-        "name": PermissionSets.VIEW_PORTFOLIO_ADMIN,
-        "description": "View a portfolio's admin options",
-        "display_name": "Portfolio Administration",
-        "permissions": [
-            Permissions.VIEW_PORTFOLIO_ADMIN,
-            Permissions.VIEW_PORTFOLIO_NAME,
-            Permissions.VIEW_PORTFOLIO_USERS,
-            Permissions.VIEW_PORTFOLIO_ACTIVITY_LOG,
-            Permissions.VIEW_PORTFOLIO_POC,
-        ],
-    },
-]
-
-_EDIT_PORTFOLIO_PERMISSION_SETS = [
     {
         "name": PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT,
         "description": "Edit applications and related resources",
@@ -141,6 +114,18 @@ _EDIT_PORTFOLIO_PERMISSION_SETS = [
             Permissions.CREATE_ENVIRONMENT,
         ],
     },
+]
+
+_PORTFOLIO_FUNDING_PERMISSION_SETS = [
+    {
+        "name": PermissionSets.VIEW_PORTFOLIO_FUNDING,
+        "description": "View a portfolio's task orders",
+        "display_name": "Funding",
+        "permissions": [
+            Permissions.VIEW_PORTFOLIO_FUNDING,
+            Permissions.VIEW_TASK_ORDER_DETAILS,
+        ],
+    },
     {
         "name": PermissionSets.EDIT_PORTFOLIO_FUNDING,
         "description": "Edit a portfolio's task orders and add new ones",
@@ -150,12 +135,36 @@ _EDIT_PORTFOLIO_PERMISSION_SETS = [
             Permissions.EDIT_TASK_ORDER_DETAILS,
         ],
     },
+]
+
+_PORTFOLIO_REPORTS_PERMISSION_SETS = [
+    {
+        "name": PermissionSets.VIEW_PORTFOLIO_REPORTS,
+        "description": "View a portfolio's reports",
+        "display_name": "Reporting",
+        "permissions": [Permissions.VIEW_PORTFOLIO_REPORTS],
+    },
     {
         "name": PermissionSets.EDIT_PORTFOLIO_REPORTS,
         "description": "Edit a portfolio's reports (no-op)",
         "display_name": "Reporting",
         "permissions": [],
     },
+]
+
+_PORTFOLIO_ADMIN_PERMISSION_SETS = [
+    {
+        "name": PermissionSets.VIEW_PORTFOLIO_ADMIN,
+        "description": "View a portfolio's admin options",
+        "display_name": "Portfolio Administration",
+        "permissions": [
+            Permissions.VIEW_PORTFOLIO_ADMIN,
+            Permissions.VIEW_PORTFOLIO_NAME,
+            Permissions.VIEW_PORTFOLIO_USERS,
+            Permissions.VIEW_PORTFOLIO_ACTIVITY_LOG,
+            Permissions.VIEW_PORTFOLIO_POC,
+        ],
+    },
     {
         "name": PermissionSets.EDIT_PORTFOLIO_ADMIN,
         "description": "Edit a portfolio's admin options",
@@ -168,18 +177,20 @@ _EDIT_PORTFOLIO_PERMISSION_SETS = [
     },
 ]
 
+_PORTFOLIO_POC_PERMISSION_SETS = [
+    {
+        "name": "portfolio_poc",
+        "description": "Permissions belonging to the Portfolio POC",
+        "display_name": "Portfolio Point of Contact",
+        "permissions": [Permissions.EDIT_PORTFOLIO_POC, Permissions.ARCHIVE_PORTFOLIO],
+    }
+]
+
 PORTFOLIO_PERMISSION_SETS = (
-    _VIEW_PORTFOLIO_PERMISSION_SETS
+    _PORTFOLIO_BASIC_PERMISSION_SETS
-    + _EDIT_PORTFOLIO_PERMISSION_SETS
+    + _PORTFOLIO_APP_MGMT_PERMISSION_SETS
-    + [
+    + _PORTFOLIO_FUNDING_PERMISSION_SETS
-        {
+    + _PORTFOLIO_REPORTS_PERMISSION_SETS
-            "name": "portfolio_poc",
+    + _PORTFOLIO_ADMIN_PERMISSION_SETS
-            "description": "Permissions belonging to the Portfolio POC",
+    + _PORTFOLIO_POC_PERMISSION_SETS
-            "display_name": "Portfolio Point of Contact",
-            "permissions": [
-                Permissions.EDIT_PORTFOLIO_POC,
-                Permissions.ARCHIVE_PORTFOLIO,
-            ],
-        }
-    ]
 )

atst/domain/portfolio_roles.py

@@ -96,7 +96,7 @@ class PortfolioRoles(object):
 
         return new_portfolio_role
 
-    _DEFAULT_PORTFOLIO_PERMS_SETS = {
+    DEFAULT_PORTFOLIO_PERMISSION_SETS = {
         PermissionSets.VIEW_PORTFOLIO_APPLICATION_MANAGEMENT,
         PermissionSets.VIEW_PORTFOLIO_FUNDING,
         PermissionSets.VIEW_PORTFOLIO_REPORTS,
@@ -105,7 +105,7 @@ class PortfolioRoles(object):
 
     @classmethod
     def _permission_sets_for_names(cls, set_names):
-        perms_set_names = PortfolioRoles._DEFAULT_PORTFOLIO_PERMS_SETS.union(
+        perms_set_names = PortfolioRoles.DEFAULT_PORTFOLIO_PERMISSION_SETS.union(
             set(set_names)
         )
         return [

tests/domain/test_task_orders.py

@@ -2,7 +2,8 @@ import pytest
 
 from atst.domain.task_orders import TaskOrders, TaskOrderError, DD254s
 from atst.domain.exceptions import UnauthorizedError
-from atst.domain.permission_sets import PermissionSets, _VIEW_PORTFOLIO_PERMISSION_SETS
+from atst.domain.permission_sets import PermissionSets
+from atst.domain.portfolio_roles import PortfolioRoles
 from atst.models.attachment import Attachment
 
 from tests.factories import (
@@ -116,7 +117,8 @@ def test_task_order_access():
         user=member,
         portfolio=task_order.portfolio,
         permission_sets=[
-            PermissionSets.get(prms["name"]) for prms in _VIEW_PORTFOLIO_PERMISSION_SETS
+            PermissionSets.get(prms)
+            for prms in PortfolioRoles.DEFAULT_PORTFOLIO_PERMISSION_SETS
         ],
     )
     TaskOrders.add_officer(

tests/factories.py

@@ -14,17 +14,13 @@ from atst.models.task_order import TaskOrder
 from atst.models.user import User
 from atst.models.permission_set import PermissionSet
 from atst.models.portfolio import Portfolio
-from atst.domain.permission_sets import (
+from atst.domain.permission_sets import PermissionSets, PORTFOLIO_PERMISSION_SETS
-    PermissionSets,
-    PORTFOLIO_PERMISSION_SETS,
-    _VIEW_PORTFOLIO_PERMISSION_SETS,
-    _EDIT_PORTFOLIO_PERMISSION_SETS,
-)
 from atst.models.portfolio_role import PortfolioRole, Status as PortfolioRoleStatus
 from atst.models.environment_role import EnvironmentRole
 from atst.models.invitation import Invitation, Status as InvitationStatus
 from atst.models.dd_254 import DD254
 from atst.domain.invitations import Invitations
+from atst.domain.portfolio_roles import PortfolioRoles
 
 
 def random_choice(choices):
@@ -70,7 +66,8 @@ def _random_date(year_min, year_max, operation):
 
 def base_portfolio_permission_sets():
     return [
-        PermissionSets.get(prms["name"]) for prms in _VIEW_PORTFOLIO_PERMISSION_SETS
+        PermissionSets.get(prms)
+        for prms in PortfolioRoles.DEFAULT_PORTFOLIO_PERMISSION_SETS
     ]