def test_create(application_role, environment, monkeypatch):
environment_role = EnvironmentRoles.create(application_role, environment,
"network admin")
assert environment_role.application_role == application_role
assert environment_role.environment == environment
assert environment_role.role == "network admin"
def add_applications_to_portfolio(portfolio):
applications = random_applications()
for application_data in applications:
application = Applications.create(
portfolio.owner,
portfolio=portfolio,
name=application_data["name"],
description=application_data["description"],
environment_names=application_data["environments"],
)
users = random.sample(APPLICATION_USERS, k=random.randint(1, 5))
for user_data in users:
try:
user = Users.get_by_dod_id(user_data["dod_id"])
except NotFoundError:
user = Users.create(
user_data["dod_id"],
None,
first_name=user_data["first_name"],
last_name=user_data["last_name"],
email=user_data["email"],
)
app_role = ApplicationRoles.create(
user=user,
application=application,
permission_set_names=[PermissionSets.EDIT_APPLICATION_TEAM],
)
ApplicationInvitations.create(portfolio.owner,
app_role,
user_data,
commit=True)
user_environments = random.sample(
application.environments,
k=random.randint(1, len(application.environments)),
)
for env in user_environments:
role = random.choice([e.value for e in CSPRole])
EnvironmentRoles.create(application_role=app_role,
environment=env,
role=role)
def update_env_role(cls, environment, application_role, new_role):
env_role = EnvironmentRoles.get_for_update(application_role.id,
environment.id)
if env_role and new_role and (env_role.disabled or env_role.deleted):
raise DisabledError("environment_role", env_role.id)
if env_role and env_role.role != new_role and not env_role.disabled:
env_role.role = new_role
db.session.add(env_role)
elif not env_role and new_role:
env_role = EnvironmentRoles.create(
application_role=application_role,
environment=environment,
role=new_role,
)
db.session.add(env_role)
if env_role and not new_role and not env_role.disabled:
EnvironmentRoles.disable(env_role.id)
db.session.commit()
def update_env_role(cls, environment, application_role, new_role):
updated = False
if new_role is None:
updated = EnvironmentRoles.delete(application_role.id, environment.id)
else:
env_role = EnvironmentRoles.get(application_role.id, environment.id)
if env_role and env_role.role != new_role:
env_role.role = new_role
updated = True
db.session.add(env_role)
elif not env_role:
env_role = EnvironmentRoles.create(
application_role=application_role,
environment=environment,
role=new_role,
)
updated = True
db.session.add(env_role)
if updated:
db.session.commit()
return updated