New backend flow for application invitations.
Like portfolio invitations, now a user is not associated with an application role until they accept the associated invitation. - domain method for inviting user to application - change application route for inviting a member - ApplicationRole model knows user name from invitation
This commit is contained in:
dandds
@@ -189,3 +189,48 @@ def test_remove_member():
|
||||
)
|
||||
is None
|
||||
)
|
||||
|
||||
|
||||
def test_invite():
|
||||
application = ApplicationFactory.create()
|
||||
env1 = EnvironmentFactory.create(application=application)
|
||||
env2 = EnvironmentFactory.create(application=application)
|
||||
user_data = UserFactory.dictionary()
|
||||
permission_sets_names = [PermissionSets.EDIT_APPLICATION_TEAM]
|
||||
|
||||
invitation = Applications.invite(
|
||||
application=application,
|
||||
inviter=application.portfolio.owner,
|
||||
user_data=user_data,
|
||||
permission_sets_names=permission_sets_names,
|
||||
environment_roles_data=[
|
||||
{"environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value},
|
||||
{"environment_id": env2.id, "role": None},
|
||||
],
|
||||
)
|
||||
|
||||
member_role = invitation.role
|
||||
assert invitation.dod_id == user_data["dod_id"]
|
||||
# view application AND edit application team
|
||||
assert len(member_role.permission_sets) == 2
|
||||
|
||||
env_roles = member_role.environment_roles
|
||||
assert len(env_roles) == 1
|
||||
assert env_roles[0].environment == env1
|
||||
|
||||
|
||||
def test_invite_to_nonexistent_environment():
|
||||
application = ApplicationFactory.create()
|
||||
env1 = EnvironmentFactory.create(application=application)
|
||||
user_data = UserFactory.dictionary()
|
||||
|
||||
with pytest.raises(NotFoundError):
|
||||
Applications.invite(
|
||||
application=application,
|
||||
inviter=application.portfolio.owner,
|
||||
user_data=user_data,
|
||||
environment_roles_data=[
|
||||
{"environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value},
|
||||
{"environment_id": uuid4(), "role": CSPRole.BASIC_ACCESS.value},
|
||||
],
|
||||
)
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
import pytest
|
||||
import uuid
|
||||
from flask import url_for
|
||||
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
from atst.models import CSPRole
|
||||
from atst.forms.data import ENV_ROLE_NO_ACCESS as NO_ACCESS
|
||||
from atst.queue import queue
|
||||
|
||||
from tests.factories import *
|
||||
|
||||
@@ -145,7 +145,8 @@ def test_update_team_revoke_environment_access(client, user_session, db, session
|
||||
assert not session.query(env_role_exists).scalar()
|
||||
|
||||
|
||||
def test_create_member(client, user_session):
|
||||
def test_create_member(client, user_session, session):
|
||||
queue_length = len(queue.get_queue())
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create(
|
||||
environments=[{"name": "Naboo"}, {"name": "Endor"}]
|
||||
@@ -179,14 +180,18 @@ def test_create_member(client, user_session):
|
||||
_external=True,
|
||||
)
|
||||
assert response.location == expected_url
|
||||
assert len(user.application_roles) == 1
|
||||
assert user.application_roles[0].application == application
|
||||
environment_roles = [
|
||||
er for ar in user.application_roles for er in ar.environment_roles
|
||||
]
|
||||
assert len(application.roles) == 1
|
||||
environment_roles = application.roles[0].environment_roles
|
||||
assert len(environment_roles) == 1
|
||||
assert environment_roles[0].environment == env
|
||||
|
||||
invitation = (
|
||||
session.query(ApplicationInvitation).filter_by(dod_id=user.dod_id).one()
|
||||
)
|
||||
assert invitation.role.application == application
|
||||
|
||||
assert len(queue.get_queue()) == queue_length + 1
|
||||
|
||||
|
||||
def test_remove_member_success(client, user_session):
|
||||
user = UserFactory.create()
|
||||
|
||||
Reference in New Issue
Block a user