dandds
3c1f4ac6df
Standardize token argument in routes.
...
- `token` becomes `portfolio_token` in routes.
- Find relevant portfolio from token in `before_request` hook, like
other routes.
2019-05-06 16:35:33 -04:00
dandds
42b912d4cb
Look up major database resources in a before_request hook.
...
A `before_request` hook queries the database for portfolios, requests,
and task orders based on the route arguments. The resources are added as
attributes on `g`. The portfolio context processor and the access
decorator now rely on those resources being available on `g`.
WIP: find major resources in before_request hook, apply to g
WIP: use g.portfolio for portfolio context processor
WIP: the access decorator should rely on the resources being available on g
2019-05-06 16:32:55 -04:00
dandds
59a02572ea
Application users should have access to portfolio landing page.
...
- Adds override to portfolio landing page access check to see if user
has access to any applications within the portfolio.
- Route for accepting an application invitation redirects directly to
portfolio applications route.
- Tests ensure application user only sees apps the user has access to on
the portfolio landing page.
2019-05-03 17:11:57 -04:00
dandds
a2ebdf78a0
Route for accepting an application invitation.
...
- Domain method for enabling an application role.
- Updated ApplicationRole model `history` property so that it serializes
the `status` correctly
2019-05-03 17:11:57 -04:00
dandds
c4ad7b4378
Make portfolio invitation specific to portfolio
...
- add a base domain class
- extract shared model code to mixin
- rename invitation classes
- invitation model relationship to portfolio_role name is now more
generic "role"
2019-04-30 14:41:55 -04:00
leigh-mil
41f01f8dec
Merge branch 'master' into edit-env-form-view
2019-04-30 14:34:31 -04:00
montana-mil
0c6f00bf4d
Merge pull request #785 from dod-ccpo/check-user-is-in-app-before-adding-env-role
...
Check user is in app before adding env role
2019-04-30 14:31:08 -04:00
leigh-mil
67516b3b55
Combine env_forms and environment_obj
2019-04-30 10:13:55 -04:00
Montana
60b4c50819
Check that all users with changed data are app users before updating env roles
2019-04-29 15:05:59 -04:00
George Drummond
079672c818
Update application environments
2019-04-29 10:46:21 -04:00
leigh-mil
7f4a18a49b
Move test checking route access into test_access and rename test checking if route is working
2019-04-25 10:47:39 -04:00
dandds
78ba6afba0
rename and rearrange some portfolio route functions
2019-04-22 07:20:08 -04:00
dandds
782a532c32
reorganize task order routes
2019-04-22 07:20:07 -04:00
dandds
849c5d4b58
Rearrange and rename application routes.
...
- move application routes to their own Flask blueprint
- squash application routes to be resource-specific
- reorganize application routes
2019-04-22 07:19:30 -04:00
dandds
ed25078c39
move portfolio context processor to generic location
2019-04-22 07:15:18 -04:00
dandds
c223bff09c
Remove unused portfolio routes
2019-04-18 09:50:53 -04:00
George Drummond
882998e1d7
Merge pull request #748 from dod-ccpo/display-app-users
...
Display app users
2019-04-17 15:28:28 -04:00
dandds
4a1e5e61b3
portfolio user can view application settings page
2019-04-17 14:49:14 -04:00
George Drummond
52669a0265
Use access specs
2019-04-17 13:52:06 -04:00
dandds
dac764ab82
route for deleting an application
2019-04-15 15:58:38 -04:00
dandds
9c10a14827
update authorization decorator to check for application permissions
2019-04-08 13:31:19 -04:00
dandds
09d6b5fb09
just use python stdlib mock in access tests
2019-03-28 09:25:11 -04:00
dandds
746a5834c1
only pass one func to exception kwarg in access decorator
2019-03-22 06:33:01 -04:00
dandds
828d46bae9
fix tests in CI with CRL config option
2019-03-22 06:33:01 -04:00
dandds
078264bec7
add access tests for all access-protected routes
...
- cleans up skipped access tests in domain tests
- cleans up other skipped tests that are no longer relevant
2019-03-22 06:33:01 -04:00
dandds
4a0dd2d432
remove unused domain methods and arguments
2019-03-22 06:31:20 -04:00
