From f928b776a688068e2e50b7fded4dac2b4f9e8b7f Mon Sep 17 00:00:00 2001
From: leigh-mil <leigh-ctr@friends.dds.mil>
Date: Fri, 25 Oct 2019 11:44:15 -0400
Subject: [PATCH] Properly set deleted data for UpdateMemberForm and display
 suspended env access text

Styling for env name and role in update app member perms form
---
 atst/domain/environment_roles.py              |  8 ++
 atst/routes/applications/settings.py          |  8 +-
 styles/sections/_application_edit.scss        | 18 ++--
 .../fragments/member_form_fields.html         | 90 ++++++++-----------
 tests/domain/test_environment_roles.py        | 23 +++--
 tests/domain/test_environments.py             |  4 +-
 6 files changed, 80 insertions(+), 71 deletions(-)

diff --git a/atst/domain/environment_roles.py b/atst/domain/environment_roles.py
index 6e69ac96..4dfb29c5 100644
--- a/atst/domain/environment_roles.py
+++ b/atst/domain/environment_roles.py
@@ -126,3 +126,11 @@ class EnvironmentRoles(object):
             .one_or_none()
         )
         return existing_env_role
+
+    @classmethod
+    def get_all_for_application_member(cls, application_role_id):
+        return (
+            db.session.query(EnvironmentRole)
+            .filter(EnvironmentRole.application_role_id == application_role_id)
+            .all()
+        )
diff --git a/atst/routes/applications/settings.py b/atst/routes/applications/settings.py
index 37e45e50..65f6d00e 100644
--- a/atst/routes/applications/settings.py
+++ b/atst/routes/applications/settings.py
@@ -77,12 +77,16 @@ def filter_env_roles_form_data(member, environments):
             "environment_id": str(env.id),
             "environment_name": env.name,
             "role": NO_ACCESS,
-            "deleted": env.deleted,
+            "deleted": False,
         }
-        env_roles_set = set(env.roles).intersection(set(member.environment_roles))
+        env_roles_set = set(env.roles).intersection(
+            set(EnvironmentRoles.get_all_for_application_member(member.id))
+        )
+
         if len(env_roles_set) == 1:
             (env_role,) = env_roles_set
             env_data["role"] = env_role.role
+            env_data["deleted"] = env_role.deleted
 
         env_roles_form_data.append(env_data)
 
diff --git a/styles/sections/_application_edit.scss b/styles/sections/_application_edit.scss
index 1c1c395d..94afb41e 100644
--- a/styles/sections/_application_edit.scss
+++ b/styles/sections/_application_edit.scss
@@ -92,15 +92,21 @@
     text-align: left;
 
     .usa-input {
-      margin: $gap 0 $gap 0;
+      margin: $gap * 2;
 
-      .usa-input__title-inline {
-        margin-top: $gap;
-        margin-left: $gap;
+      &__title-inline {
+        font-weight: $font-bold;
       }
 
-      .form-row {
-        margin: 0;
+      &__help {
+        margin-bottom: 0;
+      }
+
+      .env-role__no-access {
+        .usa-input__title-inline,
+        .usa-input__help {
+          color: $color-gray;
+        }
       }
     }
 
diff --git a/templates/applications/fragments/member_form_fields.html b/templates/applications/fragments/member_form_fields.html
index eb4ba097..5c43c277 100644
--- a/templates/applications/fragments/member_form_fields.html
+++ b/templates/applications/fragments/member_form_fields.html
@@ -3,45 +3,30 @@
 {% from "components/phone_input.html" import PhoneInput %}
 
 {% macro EnvRoleInput(field, member_role_id=None) %}
-  {% if field.role.data == "No Access" and not field.deleted.data -%}
-    <optionsinput inline-template
-      v-bind:initial-value="'{{ field.role.data | string }}'"
-      v-bind:name="'{{ field.name | string }}{% if member_role_id %}-{{ member_role_id }}{% endif %}'"
-      v-bind:optional="true"
-      v-bind:watch="true">
-      <div class="usa-input">
-        <fieldset data-ally-disabled="true" v-on:change="onInput" class="usa-input__choices">
-          <div class="form-row">
-            <div class="form-col form-col--two-thirds">
-              <legend>
-                <div v-bind:class='["usa-input__title-inline", {"environment-name--gray": value === "None" }]'>
-                  {{ field.environment_name.data }}
-                </div>
-                <p class="usa-input__help">
-                  {{ field.role.data }}
-                </p>
-              </legend>
-            </div>
-            <div class="form-col form-col--third">
-              {{ field.role(**{"v-model": "value", "id": "{}-{}".format(field.role.name, member_role_id)}) }}
-            </div>
-          </div>
-        </fieldset>
+  {% set role = field.role.data if not field.deleted.data else "Access Suspended" %}
+  <div class="form-row usa-input">
+    <div class="form-col form-col--two-thirds">
+      <div class="{% if field.deleted.data or field.role.data == 'No Access' %}env-role__no-access{% endif %}">
+        <div v-bind:class='["usa-input__title-inline", {"environment-name--gray": value === "None" }]'>
+          {{ field.environment_name.data }}
+        </div>
+        <p class="usa-input__help">
+          {{ role }}
+        </p>
       </div>
-    </optionsinput>
-  {% elif field.role.data != "No Access" and not field.deleted.data -%}
-    <div class="form-row">
-      <div class="form-col form-col--two-thirds">
-        <legend>
-          <div v-bind:class='["usa-input__title-inline", {"environment-name--gray": value === "None" }]'>
-            {{ field.environment_name.data }}
-          </div>
-          <p class="usa-input__help">
-            {{ field.role.data }}
-          </p>
-        </legend>
-      </div>
-      <div class="form-col form-col--third">
+    </div>
+    <div class="form-col form-col--third">
+      {% if field.role.data == "No Access" and not field.deleted.data -%}
+        <optionsinput inline-template
+          v-bind:initial-value="'{{ field.role.data | string }}'"
+          v-bind:name="'{{ field.name | string }}{% if member_role_id %}-{{ member_role_id }}{% endif %}'"
+          v-bind:optional="true"
+          v-bind:watch="true">
+          <fieldset data-ally-disabled="true" v-on:change="onInput" class="usa-input__choices">
+            {{ field.role(**{"v-model": "value", "id": "{}-{}".format(field.role.name, member_role_id)}) }}
+          </fieldset>
+        </optionsinput>
+      {% elif field.role.data != "No Access" and not field.deleted.data -%}
         <checkboxinput
           name="'{{ field.deleted.name | string }}-{% if member_role_id %}-{{ member_role_id }}{% endif %}'"
           inline-template
@@ -49,23 +34,22 @@
           v-bind:initial-checked='{{ field.deleted.data|string|lower }}'
           v-bind:optional="true"
           >
-          <div>
-            <div class='usa-input' v-bind:class="[{ 'checked': isChecked }]">
-
-              <fieldset data-ally-disabled="true" v-on:change="onInput" class="usa-input__choices {% if inline %}usa-input__choices--inline{% endif %}">
-                <legend>
-                  {% set id = "{}-{}".format(field.deleted.name, member_role_id) %}
-                  {{ field.deleted(id=id, checked=True, **{"v-model": "isChecked"}) }}
-                  {{ field.deleted.label(for=id) | safe }}
-                </legend>
-              </fieldset>
-            </div>
-          </div>
+          <fieldset data-ally-disabled="true" v-on:change="onInput" class="usa-input__choices {% if inline %}usa-input__choices--inline{% endif %}">
+            <legend>
+              {% set id = "{}-{}".format(field.deleted.name, member_role_id) %}
+              {{ field.deleted(id=id, checked=True, **{"v-model": "isChecked"}) }}
+              {{ field.deleted.label(for=id) | safe }}
+            </legend>
+          </fieldset>
         </checkboxinput>
-      </div>
+      {% elif field.deleted.data -%}
+        <p class="usa-input__help">
+          Suspended access cannot be modified.
+        </p>
+      {%- endif %}
+      {{ field.environment_id() }}
     </div>
-  {%- endif %}
-  {{ field.environment_id() }}
+  </div>
 {% endmacro %}
 
 {% macro PermsFields(form, new=False, member_role_id=None) %}
diff --git a/tests/domain/test_environment_roles.py b/tests/domain/test_environment_roles.py
index 71bbbdf2..8f68207f 100644
--- a/tests/domain/test_environment_roles.py
+++ b/tests/domain/test_environment_roles.py
@@ -93,12 +93,21 @@ def test_disable_completed(application_role, environment):
     assert environment_role.status == EnvironmentRole.Status.DISABLED
 
 
-def test_get_for_update():
-    app_role = ApplicationRoleFactory.create()
-    env = EnvironmentFactory.create(application=app_role.application)
-    EnvironmentRoleFactory.create(application_role=app_role, environment=env, deleted=True)
-    role = EnvironmentRoles.get_for_update(app_role.id, env.id)
+def test_get_for_update(application_role, environment):
+    EnvironmentRoleFactory.create(
+        application_role=application_role, environment=environment, deleted=True
+    )
+    role = EnvironmentRoles.get_for_update(application_role.id, environment.id)
     assert role
-    assert role.application_role == app_role
-    assert role.environment == env
+    assert role.application_role == application_role
+    assert role.environment == environment
     assert role.deleted
+
+
+def test_get_all_for_application_member(application_role, environment):
+    EnvironmentRoleFactory.create(
+        application_role=application_role, environment=environment, deleted=True
+    )
+
+    roles = EnvironmentRoles.get_all_for_application_member(application_role.id)
+    assert len(roles) == 1
diff --git a/tests/domain/test_environments.py b/tests/domain/test_environments.py
index 112c33af..a3562741 100644
--- a/tests/domain/test_environments.py
+++ b/tests/domain/test_environments.py
@@ -61,9 +61,7 @@ def test_update_env_role_no_change():
 
 def test_update_env_role_deleted_role():
     env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
-    Environments.update_env_role(
-        env_role.environment, env_role.application_role, None
-    )
+    Environments.update_env_role(env_role.environment, env_role.application_role, None)
     assert not Environments.update_env_role(
         env_role.environment, env_role.application_role, CSPRole.TECHNICAL_READ.value
     )