Previously, we were encoding the portfolio_role.user_id as part of the
form data for the portfolio admin page. This was convenient because it
allowed us to easily determine certain display attributes in the
template. Instead, we should rely on the PortfolioRole as the source of
truth for member information. This commit adds:
- Portfolio.owner_role to return the PortfolioRole of the owner
- explicitly passes the PortfolioRole IDs for the PPoC and current user
to the template
- PortfolioRole.full_name for deriving the member name
The download method for Libcloud objects returns a boolean, which means
that our CRL download could fail silently. The RackspaceCRLProvider
would not raise an error until it tried to open the full path for the
downloaded resource. This checks the return status of the download call
and raises an error if the download failed. For reference:
https://libcloud.readthedocs.io/en/latest/storage/api.html#libcloud.storage.base.StorageDriver.download_object
- uses two route functions - one for update app, another for add
environment
- uses a second form for the app settings page
- uses the /environments/new url naming convention
`user_can` function built for Jinja template contexts should check
application, portfolio, and atat level permissions depending on what
resources are available on `g`.
A `before_request` hook queries the database for portfolios, requests,
and task orders based on the route arguments. The resources are added as
attributes on `g`. The portfolio context processor and the access
decorator now rely on those resources being available on `g`.
WIP: find major resources in before_request hook, apply to g
WIP: use g.portfolio for portfolio context processor
WIP: the access decorator should rely on the resources being available on g
- Adds override to portfolio landing page access check to see if user
has access to any applications within the portfolio.
- Route for accepting an application invitation redirects directly to
portfolio applications route.
- Tests ensure application user only sees apps the user has access to on
the portfolio landing page.
