Merge pull request #801 from dod-ccpo/app-team-permissions
Application Team Table Permissions
This commit is contained in:
montana-mil
GitHub
@@ -1,4 +1,7 @@
|
||||
import pytest
|
||||
|
||||
from atst.domain.application_roles import ApplicationRoles
|
||||
from atst.domain.exceptions import NotFoundError
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
from atst.models import ApplicationRoleStatus
|
||||
|
||||
@@ -33,3 +36,38 @@ def test_enabled_application_role():
|
||||
ApplicationRoles.enable(app_role)
|
||||
|
||||
assert app_role.status == ApplicationRoleStatus.ACTIVE
|
||||
|
||||
|
||||
def test_get():
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create()
|
||||
app_role = ApplicationRoleFactory.create(user=user, application=application)
|
||||
|
||||
assert ApplicationRoles.get(user.id, application.id)
|
||||
assert app_role.application == application
|
||||
assert app_role.user == user
|
||||
|
||||
|
||||
def test_get_handles_invalid_id():
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create()
|
||||
|
||||
with pytest.raises(NotFoundError):
|
||||
ApplicationRoles.get(user.id, application.id)
|
||||
|
||||
|
||||
def test_update_permission_sets():
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create()
|
||||
app_role = ApplicationRoleFactory.create(user=user, application=application)
|
||||
|
||||
view_app = [PermissionSets.get(PermissionSets.VIEW_APPLICATION)]
|
||||
new_perms_names = [
|
||||
PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
|
||||
]
|
||||
new_perms = PermissionSets.get_many(new_perms_names)
|
||||
# view application permission is included by default
|
||||
assert app_role.permission_sets == view_app
|
||||
assert ApplicationRoles.update_permission_sets(app_role, new_perms_names)
|
||||
assert set(app_role.permission_sets) == set(new_perms + view_app)
|
||||
|
||||
16
tests/domain/test_environment_roles.py
Normal file
16
tests/domain/test_environment_roles.py
Normal file
@@ -0,0 +1,16 @@
|
||||
from atst.domain.environment_roles import EnvironmentRoles
|
||||
|
||||
from tests.factories import *
|
||||
|
||||
|
||||
def test_get_for_application_and_user():
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create()
|
||||
env1 = EnvironmentFactory.create(application=application)
|
||||
EnvironmentFactory.create(application=application)
|
||||
EnvironmentRoleFactory.create(user=user, environment=env1)
|
||||
|
||||
roles = EnvironmentRoles.get_for_application_and_user(user.id, application.id)
|
||||
assert len(roles) == 1
|
||||
assert roles[0].environment == env1
|
||||
assert roles[0].user == user
|
||||
0
tests/forms/__init__.py
Normal file
0
tests/forms/__init__.py
Normal file
31
tests/forms/test_team.py
Normal file
31
tests/forms/test_team.py
Normal file
@@ -0,0 +1,31 @@
|
||||
from wtforms.validators import ValidationError
|
||||
import pytest
|
||||
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
from atst.forms.team import *
|
||||
|
||||
|
||||
def test_permissions_form_permission_sets():
|
||||
form_data = {
|
||||
"perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
"perms_env_mgmt": PermissionSets.VIEW_APPLICATION,
|
||||
"perms_del_env": PermissionSets.VIEW_APPLICATION,
|
||||
}
|
||||
form = PermissionsForm(data=form_data)
|
||||
|
||||
assert form.validate()
|
||||
assert form.data == [
|
||||
PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
PermissionSets.VIEW_APPLICATION,
|
||||
PermissionSets.VIEW_APPLICATION,
|
||||
]
|
||||
|
||||
|
||||
def test_permissions_form_invalid():
|
||||
form_data = {
|
||||
"perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
"perms_env_mgmt": "not a real choice",
|
||||
"perms_del_env": PermissionSets.VIEW_APPLICATION,
|
||||
}
|
||||
form = PermissionsForm(data=form_data)
|
||||
assert not form.validate()
|
||||
0
tests/routes/applications/__init__.py
Normal file
0
tests/routes/applications/__init__.py
Normal file
@@ -1,6 +1,9 @@
|
||||
import pytest
|
||||
from flask import url_for
|
||||
|
||||
from tests.factories import PortfolioFactory, ApplicationFactory, UserFactory
|
||||
from atst.domain.permission_sets import PermissionSets
|
||||
|
||||
from tests.factories import *
|
||||
|
||||
|
||||
def test_application_team(client, user_session):
|
||||
@@ -10,10 +13,83 @@ def test_application_team(client, user_session):
|
||||
user_session(portfolio.owner)
|
||||
|
||||
response = client.get(url_for("applications.team", application_id=application.id))
|
||||
|
||||
assert response.status_code == 200
|
||||
|
||||
|
||||
def test_update_team(client, user_session):
|
||||
application = ApplicationFactory.create()
|
||||
owner = application.portfolio.owner
|
||||
app_role = ApplicationRoleFactory.create(
|
||||
application=application, permission_sets=[]
|
||||
)
|
||||
app_user = app_role.user
|
||||
user_session(owner)
|
||||
response = client.post(
|
||||
url_for("applications.update_team", application_id=application.id),
|
||||
data={
|
||||
"members-0-user_id": app_user.id,
|
||||
"members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
"members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
|
||||
"members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 302
|
||||
actual_perms_names = [perm.name for perm in app_role.permission_sets]
|
||||
expected_perms_names = [
|
||||
PermissionSets.VIEW_APPLICATION,
|
||||
PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
|
||||
PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
|
||||
]
|
||||
assert expected_perms_names == actual_perms_names
|
||||
|
||||
|
||||
def test_update_team_with_bad_permission_sets(client, user_session):
|
||||
application = ApplicationFactory.create()
|
||||
owner = application.portfolio.owner
|
||||
app_role = ApplicationRoleFactory.create(
|
||||
application=application, permission_sets=[]
|
||||
)
|
||||
app_user = app_role.user
|
||||
permission_sets = app_user.permission_sets
|
||||
|
||||
user_session(owner)
|
||||
response = client.post(
|
||||
url_for("applications.update_team", application_id=application.id),
|
||||
data={
|
||||
"members-0-user_id": app_user.id,
|
||||
"members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
"members-0-permission_sets-perms_env_mgmt": "some random string",
|
||||
},
|
||||
)
|
||||
assert response.status_code == 400
|
||||
assert app_user.permission_sets == permission_sets
|
||||
|
||||
|
||||
def test_update_team_with_non_app_user(client, user_session):
|
||||
application = ApplicationFactory.create()
|
||||
owner = application.portfolio.owner
|
||||
app_role = ApplicationRoleFactory.create(
|
||||
application=application, permission_sets=[]
|
||||
)
|
||||
non_app_user = UserFactory.create()
|
||||
app_user = app_role.user
|
||||
|
||||
user_session(owner)
|
||||
response = client.post(
|
||||
url_for("applications.update_team", application_id=application.id),
|
||||
data={
|
||||
"members-0-user_id": non_app_user.id,
|
||||
"members-0-permission_sets-perms_team_mgmt": PermissionSets.EDIT_APPLICATION_TEAM,
|
||||
"members-0-permission_sets-perms_env_mgmt": PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
|
||||
"members-0-permission_sets-perms_del_env": PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_create_member(client, user_session):
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create(
|
||||
|
||||
Reference in New Issue
Block a user