def handle_update_member(application_id, application_role_id, form_data):
app_role = ApplicationRoles.get_by_id(application_role_id)
application = Applications.get(application_id)
existing_env_roles_data = filter_env_roles_form_data(
app_role, application.environments)
form = UpdateMemberForm(formdata=form_data,
environment_roles=existing_env_roles_data)
if form.validate():
try:
ApplicationRoles.update_permission_sets(
app_role, form.data["permission_sets"])
for env_role in form.environment_roles:
environment = Environments.get(env_role.environment_id.data)
new_role = None if env_role.disabled.data else env_role.data[
"role"]
Environments.update_env_role(environment, app_role, new_role)
flash("application_member_updated", user_name=app_role.user_name)
except GeneralCSPException as exc:
log_error(exc)
flash(
"application_member_update_error",
user_name=app_role.user_name,
)
else:
pass
def test_update_env_role_no_access():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
Environments.update_env_role(env_role.environment,
env_role.application_role, None)
assert not EnvironmentRoles.get(env_role.application_role.id,
env_role.environment.id)
assert env_role.role is None
assert env_role.disabled
def test_update_env_role():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
new_role = CSPRole.TECHNICAL_READ.value
assert Environments.update_env_role(env_role.environment,
env_role.application_role, new_role)
assert env_role.role == new_role
def update_member(application_id, application_role_id):
app_role = ApplicationRoles.get_by_id(application_role_id)
form = UpdateMemberForm(http_request.form)
if form.validate():
ApplicationRoles.update_permission_sets(app_role, form.data["permission_sets"])
for env_role in form.environment_roles:
environment = Environments.get(env_role.environment_id.data)
Environments.update_env_role(environment, app_role, env_role.data["role"])
flash("application_member_updated", user_name=app_role.user_name)
else:
pass
# TODO: flash error message
return redirect(
url_for(
"applications.settings",
application_id=application_id,
fragment="application-members",
_anchor="application-members",
)
)
def test_update_env_role_disabled_role():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
Environments.update_env_role(env_role.environment,
env_role.application_role, None)
# An exception should be raised when a new role is passed to Environments.update_env_role
with pytest.raises(DisabledError):
Environments.update_env_role(
env_role.environment,
env_role.application_role,
CSPRole.TECHNICAL_READ.value,
)
assert env_role.role is None
assert env_role.disabled
# An exception should not be raised when no new role is passed
Environments.update_env_role(env_role.environment,
env_role.application_role, None)
def test_update_env_role_no_change():
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
new_role = CSPRole.BASIC_ACCESS.value
assert not Environments.update_env_role(
env_role.environment, env_role.application_role, new_role)