80 Commits

Author SHA1 Message Date
dandds
4f8e9cddc8 Merge portfolio members routes with invitations.
`portfolios.create_member` now just sends an invitation, so it should be
with the invitation routes. This also de-duplicates the function for
sending a portfolio invitation email.
2019-06-03 15:57:49 -04:00
leigh-mil
7bec073f78 Delete things related to deleted columns and table 2019-05-31 13:07:03 -04:00
dandds
df06d1b62f Use application_role_id on environment_roles.
In the future, an `application_invitation1 will not refer to a `user` until
someone accepts the invitation; they'll only reference an
`application_role`. When a user is invited to an application, the
inviter can specify the environments the invitee should have access to.
For this to be possible, an `environment_role` should reference an
`application_role`, because no `user` entity will be known at that time.

In addition to updating all the models and domain methods necessary for
this change, this commit deletes unused code and tests that were
dependent on `environment_roles` having a `user_id` foreign key.
2019-05-31 11:21:20 -04:00
George Drummond
6487fe91ba
Applications users were invited to were not showing in the portfolios
sidebar
2019-05-22 11:19:13 -04:00
dandds
3c1f4ac6df Standardize token argument in routes.
- `token` becomes `portfolio_token` in routes.
- Find relevant portfolio from token in `before_request` hook, like
  other routes.
2019-05-06 16:35:33 -04:00
dandds
42b912d4cb Look up major database resources in a before_request hook.
A `before_request` hook queries the database for portfolios, requests,
and task orders based on the route arguments. The resources are added as
attributes on `g`. The portfolio context processor and the access
decorator now rely on those resources being available on `g`.

WIP: find major resources in before_request hook, apply to g

WIP: use g.portfolio for portfolio context processor

WIP: the access decorator should rely on the resources being available on g
2019-05-06 16:32:55 -04:00
dandds
59a02572ea Application users should have access to portfolio landing page.
- Adds override to portfolio landing page access check to see if user
  has access to any applications within the portfolio.
- Route for accepting an application invitation redirects directly to
  portfolio applications route.
- Tests ensure application user only sees apps the user has access to on
  the portfolio landing page.
2019-05-03 17:11:57 -04:00
dandds
a2ebdf78a0 Route for accepting an application invitation.
- Domain method for enabling an application role.
- Updated ApplicationRole model `history` property so that it serializes
  the `status` correctly
2019-05-03 17:11:57 -04:00
dandds
c4ad7b4378 Make portfolio invitation specific to portfolio
- add a base domain class
- extract shared model code to mixin
- rename invitation classes
- invitation model relationship to portfolio_role name is now more
  generic "role"
2019-04-30 14:41:55 -04:00
leigh-mil
41f01f8dec
Merge branch 'master' into edit-env-form-view 2019-04-30 14:34:31 -04:00
montana-mil
0c6f00bf4d
Merge pull request #785 from dod-ccpo/check-user-is-in-app-before-adding-env-role
Check user is in app before adding env role
2019-04-30 14:31:08 -04:00
leigh-mil
67516b3b55 Combine env_forms and environment_obj 2019-04-30 10:13:55 -04:00
Montana
60b4c50819 Check that all users with changed data are app users before updating env roles 2019-04-29 15:05:59 -04:00
George Drummond
079672c818
Update application environments 2019-04-29 10:46:21 -04:00
leigh-mil
7f4a18a49b Move test checking route access into test_access and rename test checking if route is working 2019-04-25 10:47:39 -04:00
dandds
78ba6afba0 rename and rearrange some portfolio route functions 2019-04-22 07:20:08 -04:00
dandds
782a532c32 reorganize task order routes 2019-04-22 07:20:07 -04:00
dandds
849c5d4b58 Rearrange and rename application routes.
- move application routes to their own Flask blueprint
- squash application routes to be resource-specific
- reorganize application routes
2019-04-22 07:19:30 -04:00
dandds
ed25078c39 move portfolio context processor to generic location 2019-04-22 07:15:18 -04:00
dandds
c223bff09c Remove unused portfolio routes 2019-04-18 09:50:53 -04:00
George Drummond
882998e1d7
Merge pull request #748 from dod-ccpo/display-app-users
Display app users
2019-04-17 15:28:28 -04:00
dandds
4a1e5e61b3 portfolio user can view application settings page 2019-04-17 14:49:14 -04:00
George Drummond
52669a0265
Use access specs 2019-04-17 13:52:06 -04:00
dandds
dac764ab82 route for deleting an application 2019-04-15 15:58:38 -04:00
dandds
9c10a14827 update authorization decorator to check for application permissions 2019-04-08 13:31:19 -04:00
dandds
09d6b5fb09 just use python stdlib mock in access tests 2019-03-28 09:25:11 -04:00
dandds
746a5834c1 only pass one func to exception kwarg in access decorator 2019-03-22 06:33:01 -04:00
dandds
828d46bae9 fix tests in CI with CRL config option 2019-03-22 06:33:01 -04:00
dandds
078264bec7 add access tests for all access-protected routes
- cleans up skipped access tests in domain tests
- cleans up other skipped tests that are no longer relevant
2019-03-22 06:33:01 -04:00
dandds
4a0dd2d432 remove unused domain methods and arguments 2019-03-22 06:31:20 -04:00