pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,947 Commits 1 Branch 0 Tags
97b9d84c38e79db87c7528a5f9b73e963a4b2faa
Commit Graph

315 Commits

Author SHA1 Message Date
George Drummond
b8ea1349b2 Merge pull request #817 from dod-ccpo/delete-user-from-application 
Delete an application member
 2019-05-14 15:45:32 -04:00
George Drummond
9927b22783 Disable rather than delete application_roles 2019-05-14 15:26:51 -04:00
George Drummond
4aea264026 Avoid double lookup 2019-05-14 11:37:33 -04:00
George Drummond
27a4ef12c6 Delete an application member 2019-05-14 11:07:08 -04:00
leigh-mil
546e04555d Update role div height 
Move serialization into the route
change member.role to member.role_name in form and route
Return 400 for invalid form submission
 2019-05-14 11:00:14 -04:00
leigh-mil
319cc17c1c Start vue component for edit-environment-role 2019-05-14 10:58:22 -04:00
leigh-mil
addf2e97a1 Update form to nest all envs in one form 2019-05-14 10:58:22 -04:00
leigh-mil
060c6834bf Add save button and temp member role toggle to env member form 2019-05-14 10:58:22 -04:00
dandds
2435f91b13 Merge pull request #809 from dod-ccpo/resource-finder 
Resource finder
 2019-05-10 06:07:45 -04:00
Montana
d5307b440f Make user_id required and add post tests 
- raise an exception in ApplicationRoles.get()
- permission_sets is not changed if bad data is sent
 2019-05-07 16:21:17 -04:00
Montana
526bcb1661 Update tests 2019-05-07 09:31:04 -04:00
dandds
42b912d4cb Look up major database resources in a before_request hook. 
A `before_request` hook queries the database for portfolios, requests,
and task orders based on the route arguments. The resources are added as
attributes on `g`. The portfolio context processor and the access
decorator now rely on those resources being available on `g`.

WIP: find major resources in before_request hook, apply to g

WIP: use g.portfolio for portfolio context processor

WIP: the access decorator should rely on the resources being available on g
 2019-05-06 16:32:55 -04:00
dandds
0da0f6a0ae WIP: use team form for application team page 2019-05-06 15:15:03 -04:00
dandds
8bd945d0d4 Applications.for_user returns user's portfolio applications. 
The method has been updated to that, given a user and portfolio, it
returns the portfolio applications for which the user has an application
role.
 2019-05-03 17:11:57 -04:00
dandds
a2ebdf78a0 Route for accepting an application invitation. 
- Domain method for enabling an application role.
- Updated ApplicationRole model `history` property so that it serializes
  the `status` correctly
 2019-05-03 17:11:57 -04:00
dandds
4f304d747e Small tweaks for adding a new application member: 
- raise specific invitation type if invite not found in invitation domain classes
- more terse assignments of defaults in invitation service, smh
- terser margin expression for inline input fields
- sass formatting
- use translation for cancel link
- oxford comma for app team management permission explanation
- do not format environment roles with hyphens for role selection
- generalize some additional methods in the invitation domain base class
- use plain atst.models import path
 2019-04-30 17:14:58 -04:00
dandds
ade77e6b91 Route for adding new application member 
- domain method for creating a new application member
- ApplicationInvitations domain class
- nested form for adding a new user that holds user data, application
  permission sets, and environment roles
- Invitation service can infer invitation type based on role it's given
- new invitation email templates
 2019-04-30 14:41:55 -04:00
dandds
c4ad7b4378 Make portfolio invitation specific to portfolio 
- add a base domain class
- extract shared model code to mixin
- rename invitation classes
- invitation model relationship to portfolio_role name is now more
  generic "role"
 2019-04-30 14:41:55 -04:00
montana-mil
0c6f00bf4d Merge pull request #785 from dod-ccpo/check-user-is-in-app-before-adding-env-role 
Check user is in app before adding env role
 2019-04-30 14:31:08 -04:00
Montana
0736b229bf Do not use mutable kwarg to set default permission set on application role 2019-04-29 13:39:43 -04:00
Montana
6822680bc8 Ensure that a member is an application member before adding the user to an environment 2019-04-29 11:06:37 -04:00
George Drummond
079672c818 Update application environments 2019-04-29 10:46:21 -04:00
leigh-mil
73e4057c3d Remove unused imports 2019-04-25 10:47:39 -04:00
leigh-mil
5e415edaef Update form to handle No access 2019-04-25 10:47:39 -04:00
leigh-mil
c085f27af8 Update env roles by environment 2019-04-25 10:47:39 -04:00
dandds
849c5d4b58 Rearrange and rename application routes. 
- move application routes to their own Flask blueprint
- squash application routes to be resource-specific
- reorganize application routes
 2019-04-22 07:19:30 -04:00
dandds
c1df245800 Scope access to applications, task orders, and environment roles. 
These resources should be scoped to the portfolio when accessed from
route functions.
 2019-04-16 14:18:53 -04:00
dandds
eaeeed0b05 Added BaseDomainClass with a get method. 
The BaseDomainClass.get can accept any number of keyword arguments and
will add a filter to the query for each kwarg. This will allow the
caller to scope the query as needed with kwargs.
 2019-04-16 14:18:53 -04:00
dandds
0bde431a70 extend soft delete functionality to app and env roles 2019-04-15 15:58:38 -04:00
dandds
b58aef2c6b domain methods for deleting apps and environments 2019-04-15 15:58:38 -04:00
dandds
1c0c5dd9c5 soft deletes available for applications and environments 
- parent relation will not include applications or environments marked
  as deleted
- domain classes will exclude deleted objects from selections
- changed some test factories to use domain_word for resource names,
  because they were using person names and it bugged me
 2019-04-15 15:58:38 -04:00
dandds
265833f3fc ApplicationRoles.create should accept permission set names 2019-04-11 11:32:17 -04:00
George Drummond
50a532ddbb ApplicationRoles seed and domain 2019-04-11 10:03:21 -04:00
dandds
d0bf5745e6 Merge pull request #746 from dod-ccpo/application_roles 
Application roles
 2019-04-08 14:22:52 -04:00
dandds
9c10a14827 update authorization decorator to check for application permissions 2019-04-08 13:31:19 -04:00
George Drummond
090e13f083 Update Point of Contact 2019-04-08 13:31:00 -04:00
Montana
ea2338bc30 Make test more robust 2019-04-04 08:38:52 -04:00
Montana
86f106f6d1 Test logging events for auditable mixin 2019-04-03 17:07:33 -04:00
leigh-mil
f1c6717a1e Merge pull request #733 from dod-ccpo/add-last-login-timestamp 
Add last login timestamp
 2019-04-03 13:10:52 -04:00
leigh-mil
215c2b4cbc Updates from PR feedback 2019-04-03 12:24:02 -04:00
leigh-mil
610aef428d Add user's last login to the session data 2019-04-03 12:24:02 -04:00
George Drummond
933d90b203 Save PR and don't do an extra lookup 2019-04-03 09:43:40 -04:00
George Drummond
dee14b98be Remove portfolio permissions when role is disabled 2019-04-03 09:43:40 -04:00
George Drummond
6f1eb43de4 Remove Portfolio User 2019-04-03 09:43:39 -04:00
dandds
29ec4a80af give access decorator override function a clearer name; exception -> override 2019-03-28 09:32:51 -04:00
dandds
dc2781ec82 more specificity in decorator exceptions test 2019-03-22 13:05:37 -04:00
dandds
6a18109bdd catch individual errors in authorization decorator test 2019-03-22 12:41:29 -04:00
dandds
601ca1c655 fix access logs and add request method 2019-03-22 11:48:59 -04:00
dandds
746a5834c1 only pass one func to exception kwarg in access decorator 2019-03-22 06:33:01 -04:00
dandds
078264bec7 add access tests for all access-protected routes 
- cleans up skipped access tests in domain tests
- cleans up other skipped tests that are no longer relevant
 2019-03-22 06:33:01 -04:00