def create_or_update_new_application_step_1(portfolio_id=None,
application_id=None):
form = get_new_application_form({**http_request.form},
NameAndDescriptionForm, application_id)
if form.validate():
application = None
if application_id:
application = Applications.get(application_id)
application = Applications.update(application, form.data)
flash("application_updated", application_name=application.name)
else:
portfolio = Portfolios.get_for_update(portfolio_id)
application = Applications.create(g.current_user, portfolio,
**form.data)
flash("application_created", application_name=application.name)
return redirect(
url_for(
"applications.update_new_application_step_2",
application_id=application.id,
))
else:
return (
render_new_application_form(
"applications/new/step_1.html",
NameAndDescriptionForm,
portfolio_id,
application_id,
form,
),
400,
)
def remove_member(portfolio_id, portfolio_role_id):
portfolio_role = PortfolioRoles.get_by_id(portfolio_role_id)
if g.current_user.id == portfolio_role.user_id:
raise UnauthorizedError(
g.current_user, "you cant remove yourself from the portfolio"
)
portfolio = Portfolios.get(user=g.current_user, portfolio_id=portfolio_id)
if portfolio_role.user_id == portfolio.owner.id:
raise UnauthorizedError(
g.current_user, "you can't delete the portfolios PPoC from the portfolio"
)
# TODO: should this cascade and disable any application and environment
# roles they might have?
PortfolioRoles.disable(portfolio_role=portfolio_role)
flash("portfolio_member_removed", member_name=portfolio_role.full_name)
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio_id,
_anchor="portfolio-members",
fragment="portfolio-members",
)
)
def invite_member(portfolio_id):
portfolio = Portfolios.get(g.current_user, portfolio_id)
form = member_forms.NewForm(http_request.form)
if form.validate():
try:
invite = Portfolios.invite(portfolio, g.current_user, form.data)
send_portfolio_invitation(
invitee_email=invite.email,
inviter_name=g.current_user.full_name,
token=invite.token,
)
flash("new_portfolio_member",
user_name=invite.user_name,
portfolio=portfolio)
except AlreadyExistsError:
return render_template(
"error.html",
message="There was an error processing your request.")
else:
pass
# TODO: flash error message
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio_id,
fragment="portfolio-members",
_anchor="portfolio-members",
))
def remove_member(portfolio_id, portfolio_role_id):
portfolio_role = PortfolioRoles.get_by_id(portfolio_role_id)
if g.current_user.id == portfolio_role.user_id:
raise UnauthorizedError(g.current_user,
"you cant remove yourself from the portfolio")
portfolio = Portfolios.get(user=g.current_user, portfolio_id=portfolio_id)
if portfolio_role.user_id == portfolio.owner.id:
raise UnauthorizedError(
g.current_user,
"you can't delete the portfolios PPoC from the portfolio")
if (portfolio_role.latest_invitation
and portfolio_role.status == PortfolioRoleStatus.PENDING):
PortfolioInvitations.revoke(portfolio_role.latest_invitation.token)
else:
PortfolioRoles.disable(portfolio_role=portfolio_role)
flash("portfolio_member_removed", member_name=portfolio_role.full_name)
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio_id,
_anchor="portfolio-members",
fragment="portfolio-members",
))
def handle_create_member(application_id, form_data):
application = Applications.get(application_id)
form = NewMemberForm(form_data)
if form.validate():
try:
invite = Applications.invite(
application=application,
inviter=g.current_user,
user_data=form.user_data.data,
permission_sets_names=form.data["permission_sets"],
environment_roles_data=form.environment_roles.data,
)
send_application_invitation(
invitee_email=invite.email,
inviter_name=g.current_user.full_name,
token=invite.token,
)
flash("new_application_member", user_name=invite.first_name)
except AlreadyExistsError:
return render_template(
"error.html",
message="There was an error processing your request.")
else:
pass
def handle_update_member(application_id, application_role_id, form_data):
app_role = ApplicationRoles.get_by_id(application_role_id)
application = Applications.get(application_id)
existing_env_roles_data = filter_env_roles_form_data(
app_role, application.environments)
form = UpdateMemberForm(formdata=form_data,
environment_roles=existing_env_roles_data)
if form.validate():
try:
ApplicationRoles.update_permission_sets(
app_role, form.data["permission_sets"])
for env_role in form.environment_roles:
environment = Environments.get(env_role.environment_id.data)
new_role = None if env_role.disabled.data else env_role.data[
"role"]
Environments.update_env_role(environment, app_role, new_role)
flash("application_member_updated", user_name=app_role.user_name)
except GeneralCSPException as exc:
log_error(exc)
flash(
"application_member_update_error",
user_name=app_role.user_name,
)
else:
pass
def revoke_invite(application_id, application_role_id):
app_role = ApplicationRoles.get_by_id(application_role_id)
invite = app_role.latest_invitation
if invite.is_pending:
ApplicationInvitations.revoke(invite.token)
flash(
"application_invite_revoked",
user_name=app_role.user_name,
application_name=g.application.name,
)
else:
flash(
"application_invite_error",
user_name=app_role.user_name,
application_name=g.application.name,
)
return redirect(
url_for(
"applications.settings",
application_id=application_id,
fragment="application-members",
_anchor="application-members",
))
def update_environment(environment_id):
environment = Environments.get(environment_id)
application = environment.application
env_form = EditEnvironmentForm(obj=environment, formdata=http_request.form)
if env_form.validate():
Environments.update(environment=environment, name=env_form.name.data)
flash("application_environments_updated")
return redirect(
url_for(
"applications.settings",
application_id=application.id,
fragment="application-environments",
_anchor="application-environments",
active_toggler=environment.id,
active_toggler_section="edit",
))
else:
return (
render_settings_page(
application=application,
active_toggler=environment.id,
active_toggler_section="edit",
),
400,
)
def resend_invite(application_id, application_role_id):
app_role = ApplicationRoles.get_by_id(application_role_id)
invite = app_role.latest_invitation
form = MemberForm(http_request.form)
if form.validate():
new_invite = ApplicationInvitations.resend(g.current_user,
invite.token, form.data)
send_application_invitation(
invitee_email=new_invite.email,
inviter_name=g.current_user.full_name,
token=new_invite.token,
)
flash(
"application_invite_resent",
user_name=new_invite.user_name,
application_name=app_role.application.name,
)
else:
flash(
"application_invite_error",
user_name=app_role.user_name,
application_name=g.application.name,
)
return redirect(
url_for(
"applications.settings",
application_id=application_id,
fragment="application-members",
_anchor="application-members",
))
def session_expired(e):
log_error(e)
url_args = {"next": request.path}
flash("session_expired")
if request.method == "POST":
url_args[app.form_cache.PARAM_NAME] = app.form_cache.write(
request.form)
return redirect(url_for("atst.root", **url_args))
def delete(application_id):
application = Applications.get(application_id)
Applications.delete(application)
flash("application_deleted", application_name=application.name)
return redirect(
url_for("applications.portfolio_applications",
portfolio_id=application.portfolio_id))
def submit_task_order(task_order_id):
task_order = TaskOrders.get(task_order_id)
TaskOrders.sign(task_order=task_order, signer_dod_id=g.current_user.dod_id)
flash("task_order_submitted", task_order=task_order)
return redirect(
url_for("task_orders.portfolio_funding", portfolio_id=task_order.portfolio_id)
)
def submit_new_user():
try:
new_user = Users.get_by_dod_id(request.form["dod_id"])
form = CCPOUserForm(obj=new_user)
except NotFoundError:
flash("ccpo_user_not_found")
return redirect(url_for("ccpo.users"))
return render_template("ccpo/confirm_user.html",
new_user=new_user,
form=form)
def root():
if g.current_user:
return redirect(url_for(".home"))
redirect_url = app.config.get("CAC_URL")
if request.args.get("next"):
redirect_url = url.urljoin(
redirect_url,
"?{}".format(url.urlencode({"next": request.args.get("next")})),
)
flash("login_next")
return render_template("login.html", redirect_url=redirect_url)
def delete_environment(environment_id):
environment = Environments.get(environment_id)
Environments.delete(environment=environment, commit=True)
flash("environment_deleted", environment_name=environment.name)
return redirect(
url_for(
"applications.settings",
application_id=environment.application_id,
_anchor="application-environments",
fragment="application-environments",
))
def resend_invitation(portfolio_id, portfolio_token):
invite = PortfolioInvitations.resend(g.current_user, portfolio_token)
send_portfolio_invitation(
invitee_email=invite.email,
inviter_name=g.current_user.full_name,
token=invite.token,
)
flash("resend_portfolio_invitation", user_name=invite.user_name)
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio_id,
fragment="portfolio-members",
_anchor="portfolio-members",
))
def user():
user = g.current_user
form = EditUserForm(data=user.to_dictionary())
next_ = http_request.args.get("next")
if next_:
flash("user_must_complete_profile")
return render_template(
"user/edit.html",
next=next_,
form=form,
user=user,
mindate=(dt.datetime.now() - dt.timedelta(days=365)),
maxdate=dt.datetime.now(),
)
def update_task_order(form, portfolio_id=None, task_order_id=None, flash_invalid=True):
if form.validate(flash_invalid=flash_invalid):
task_order = None
try:
if task_order_id:
task_order = TaskOrders.update(task_order_id, **form.data)
portfolio_id = task_order.portfolio_id
else:
task_order = TaskOrders.create(portfolio_id, **form.data)
return task_order
except AlreadyExistsError:
flash("task_order_number_error", to_number=form.data["number"])
return False
else:
return False
def remove_member(application_id, application_role_id):
application_role = ApplicationRoles.get_by_id(application_role_id)
ApplicationRoles.disable(application_role)
flash(
"application_member_removed",
user_name=application_role.user_name,
application_name=g.application.name,
)
return redirect(
url_for(
"applications.settings",
_anchor="application-members",
application_id=g.application.id,
fragment="application-members",
))
def update_ppoc(portfolio_id):
role_id = http_request.form.get("role_id")
portfolio = Portfolios.get(g.current_user, portfolio_id)
new_ppoc_role = PortfolioRoles.get_by_id(role_id)
PortfolioRoles.make_ppoc(portfolio_role=new_ppoc_role)
flash("primary_point_of_contact_changed",
ppoc_name=new_ppoc_role.full_name)
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio.id,
fragment="primary-point-of-contact",
_anchor="primary-point-of-contact",
))
def update_user():
user = g.current_user
form = EditUserForm(http_request.form)
next_url = http_request.args.get("next")
if form.validate():
Users.update(user, form.data)
flash("user_updated")
if next_url:
return redirect(next_url)
return render_template(
"user/edit.html",
form=form,
user=user,
next=next_url,
mindate=(dt.datetime.now() - dt.timedelta(days=365)),
maxdate=dt.datetime.now(),
)
def new_environment(application_id):
application = Applications.get(application_id)
env_form = EditEnvironmentForm(formdata=http_request.form)
if env_form.validate():
Environments.create(g.current_user,
application=application,
name=env_form.name.data)
flash("environment_added", environment_name=env_form.data["name"])
return redirect(
url_for(
"applications.settings",
application_id=application.id,
fragment="application-environments",
_anchor="application-environments",
))
else:
return (render_settings_page(application=application), 400)
def reports(portfolio_id):
portfolio = Portfolios.get(g.current_user, portfolio_id)
current_obligated_funds = Reports.obligated_funds_by_JEDI_clin(portfolio)
if any(map(lambda clin: clin["remaining"] < 0, current_obligated_funds)):
flash("insufficient_funds")
# wrapped in str() because the sum of obligated funds returns a Decimal object
total_portfolio_value = str(
sum(task_order.total_obligated_funds
for task_order in portfolio.active_task_orders))
return render_template(
"portfolios/reports/index.html",
portfolio=portfolio,
total_portfolio_value=total_portfolio_value,
current_obligated_funds=current_obligated_funds,
expired_task_orders=Reports.expired_task_orders(portfolio),
monthly_spending=Reports.monthly_spending(portfolio),
retrieved=datetime.now(), # mocked datetime of reporting data retrival
)
def update_new_application_step_2(application_id):
form = get_new_application_form({**http_request.form}, EnvironmentsForm,
application_id)
if form.validate():
application = Applications.get(application_id)
application = Applications.update(application, form.data)
flash("application_environments_updated")
return redirect(
url_for(
"applications.update_new_application_step_3",
application_id=application_id,
))
else:
return (
render_new_application_form(
"applications/new/step_2.html",
EnvironmentsForm,
application_id=application_id,
form=form,
),
400,
)
def update_member(application_id, application_role_id):
app_role = ApplicationRoles.get_by_id(application_role_id)
form = UpdateMemberForm(http_request.form)
if form.validate():
ApplicationRoles.update_permission_sets(app_role, form.data["permission_sets"])
for env_role in form.environment_roles:
environment = Environments.get(env_role.environment_id.data)
Environments.update_env_role(environment, app_role, env_role.data["role"])
flash("application_member_updated", user_name=app_role.user_name)
else:
pass
# TODO: flash error message
return redirect(
url_for(
"applications.settings",
application_id=application_id,
fragment="application-members",
_anchor="application-members",
)
)
def edit_members(portfolio_id):
portfolio = Portfolios.get_for_update(portfolio_id)
member_perms_form = member_forms.MembersPermissionsForm(http_request.form)
if member_perms_form.validate():
for subform in member_perms_form.members_permissions:
member_id = subform.member_id.data
member = PortfolioRoles.get_by_id(member_id)
if member is not portfolio.owner_role:
new_perm_set = subform.data["permission_sets"]
PortfolioRoles.update(member, new_perm_set)
flash("update_portfolio_members", portfolio=portfolio)
return redirect(
url_for(
"portfolios.admin",
portfolio_id=portfolio_id,
fragment="portfolio-members",
_anchor="portfolio-members",
)
)
else:
return render_admin_page(portfolio)
def handle_update_application(form, application_id=None, portfolio_id=None):
if form.validate():
application = None
try:
if application_id:
application = Applications.get(application_id)
application = Applications.update(application, form.data)
flash("application_updated", application_name=application.name)
else:
portfolio = Portfolios.get_for_update(portfolio_id)
application = Applications.create(g.current_user, portfolio,
**form.data)
flash("application_created", application_name=application.name)
return application
except AlreadyExistsError:
flash("application_name_error", name=form.data["name"])
return False
def handle_update_environment(form, application=None, environment=None):
if form.validate():
try:
if environment:
environment = Environments.update(environment=environment,
name=form.name.data)
flash("application_environments_updated")
else:
environment = Environments.create(g.current_user,
application=application,
name=form.name.data)
flash("environment_added", environment_name=form.name.data)
return environment
except AlreadyExistsError:
flash("application_environments_name_error", name=form.name.data)
return False
else:
return False
def delete_portfolio(portfolio_id):
Portfolios.delete(portfolio=g.portfolio)
flash("portfolio_deleted", portfolio_name=g.portfolio.name)
return redirect(url_for("atst.home"))
def validate(self, *args, flash_invalid=True, **kwargs):
valid = super().validate(*args, **kwargs)
if not valid and flash_invalid:
flash("form_errors")
return valid