def disable(cls, application_role):
cls._update_status(application_role, ApplicationRoleStatus.DISABLED)
application_role.deleted = True
for env in application_role.application.environments:
EnvironmentRoles.delete(
application_role_id=application_role.id, environment_id=env.id
)
db.session.add(application_role)
db.session.commit()
def test_environment_roles_do_not_include_deleted():
member_list = [
{
"role_name": CSPRole.BASIC_ACCESS.value
},
{
"role_name": CSPRole.BASIC_ACCESS.value
},
{
"role_name": CSPRole.BASIC_ACCESS.value
},
]
env = EnvironmentFactory.create(members=member_list)
role_1 = env.roles[0]
role_2 = env.roles[1]
EnvironmentRoles.delete(role_1.application_role_id, env.id)
EnvironmentRoles.disable(role_2.id)
assert len(env.roles) == 2
def update_env_role(cls, environment, application_role, new_role):
updated = False
if new_role is None:
updated = EnvironmentRoles.delete(application_role.id, environment.id)
else:
env_role = EnvironmentRoles.get(application_role.id, environment.id)
if env_role and env_role.role != new_role:
env_role.role = new_role
updated = True
db.session.add(env_role)
elif not env_role:
env_role = EnvironmentRoles.create(
application_role=application_role,
environment=environment,
role=new_role,
)
updated = True
db.session.add(env_role)
if updated:
db.session.commit()
return updated
def test_delete(application_role, environment, monkeypatch):
env_role = EnvironmentRoleFactory.create(application_role=application_role,
environment=environment)
assert EnvironmentRoles.delete(application_role.id, environment.id)
assert not EnvironmentRoles.delete(application_role.id, environment.id)
def revoke_access(cls, environment, target_user):
EnvironmentRoles.delete(environment.id, target_user.id)