Esempio n. 1
0
def test_get_portfolio_events_includes_app_and_env_events():
    owner = UserFactory.create()
    # add portfolio level events
    portfolio = PortfolioFactory.create(owner=owner)
    portfolio_events = AuditLog.get_portfolio_events(portfolio)

    # add application level events
    application = ApplicationFactory.create(portfolio=portfolio)
    Applications.update(application, {"name": "Star Cruiser"})
    app_role = ApplicationRoleFactory.create(application=application)
    app_invite = ApplicationInvitationFactory.create(role=app_role)
    portfolio_and_app_events = AuditLog.get_portfolio_events(portfolio)
    assert len(portfolio_events) < len(portfolio_and_app_events)

    # add environment level events
    env = EnvironmentFactory.create(application=application)
    env_role = EnvironmentRoleFactory.create(environment=env, application_role=app_role)
    portfolio_app_and_env_events = AuditLog.get_portfolio_events(portfolio)
    assert len(portfolio_and_app_events) < len(portfolio_app_and_env_events)

    resource_types = [event.resource_type for event in portfolio_app_and_env_events]
    assert "application" in resource_types
    assert "application_role" in resource_types
    assert "application_invitation" in resource_types
    assert "environment" in resource_types
    assert "environment_role" in resource_types
Esempio n. 2
0
def test_paginate_audit_log():
    user = UserFactory.create()
    for _ in range(100):
        AuditLog.log_system_event(user, action="create")

    events = AuditLog.get_all_events(pagination_opts={"per_page": 25, "page": 2})
    assert len(events) == 25
Esempio n. 3
0
def test_get_all_includes_ccpo_user_changes():
    user = UserFactory.create()
    initial_audit_log = AuditLog.get_all_events()
    Users.give_ccpo_perms(user)
    Users.revoke_ccpo_perms(user)

    assert len(AuditLog.get_all_events()) == len(initial_audit_log) + 2
Esempio n. 4
0
def test_paginate_ws_audit_log():
    portfolio = PortfolioFactory.create()
    application = ApplicationFactory.create(portfolio=portfolio)
    for _ in range(100):
        AuditLog.log_system_event(
            resource=application, action="create", portfolio=portfolio
        )

    events = AuditLog.get_portfolio_events(
        portfolio, pagination_opts={"per_page": 25, "page": 2}
    )
    assert len(events) == 25
Esempio n. 5
0
def render_admin_page(portfolio, form=None):
    pagination_opts = Paginator.get_pagination_opts(http_request)
    audit_events = AuditLog.get_portfolio_events(portfolio, pagination_opts)
    portfolio_form = PortfolioForm(obj=portfolio)
    member_list = portfolio.members
    assign_ppoc_form = member_forms.AssignPPOCForm()

    for pf_role in portfolio.roles:
        if pf_role.user != portfolio.owner and pf_role.is_active:
            assign_ppoc_form.role_id.choices += [(pf_role.id,
                                                  pf_role.full_name)]

    current_member = first_or_none(lambda m: m.user_id == g.current_user.id,
                                   portfolio.members)
    current_member_id = current_member.id if current_member else None

    return render_template(
        "portfolios/admin.html",
        form=form,
        portfolio_form=portfolio_form,
        members=filter_members_data(member_list, portfolio),
        new_manager_form=member_forms.NewForm(),
        assign_ppoc_form=assign_ppoc_form,
        portfolio=portfolio,
        audit_events=audit_events,
        user=g.current_user,
        current_member_id=current_member_id,
        applications_count=len(portfolio.applications),
    )
Esempio n. 6
0
def render_admin_page(portfolio, form=None):
    pagination_opts = Paginator.get_pagination_opts(http_request)
    audit_events = AuditLog.get_portfolio_events(portfolio, pagination_opts)
    members_data = get_members_data(portfolio)
    portfolio_form = PortfolioForm(data={"name": portfolio.name})
    member_perms_form = member_forms.MembersPermissionsForm(
        data={"members_permissions": members_data}
    )

    assign_ppoc_form = member_forms.AssignPPOCForm()
    for pf_role in portfolio.roles:
        if pf_role.user != portfolio.owner and pf_role.is_active:
            assign_ppoc_form.role_id.choices += [(pf_role.id, pf_role.full_name)]

    current_member = first_or_none(
        lambda m: m.user_id == g.current_user.id, portfolio.members
    )
    current_member_id = current_member.id if current_member else None

    return render_template(
        "portfolios/admin.html",
        form=form,
        portfolio_form=portfolio_form,
        member_perms_form=member_perms_form,
        member_form=member_forms.NewForm(),
        assign_ppoc_form=assign_ppoc_form,
        portfolio=portfolio,
        audit_events=audit_events,
        user=g.current_user,
        ppoc_id=members_data[0].get("member_id"),
        current_member_id=current_member_id,
        applications_count=len(portfolio.applications),
    )
Esempio n. 7
0
def activity_history():
    if app.config.get("USE_AUDIT_LOG", False):
        pagination_opts = Paginator.get_pagination_opts(request)
        audit_events = AuditLog.get_all_events(pagination_opts)
        return render_template("audit_log/audit_log.html",
                               audit_events=audit_events)
    else:
        return redirect("/")
Esempio n. 8
0
def test_audit_event_for_accepted_invite():
    portfolio = PortfolioFactory.create()
    user = UserFactory.create()
    role = PortfolioRoleFactory.create(portfolio=portfolio)
    invite = PortfolioInvitationFactory.create(role=role, dod_id=user.dod_id)
    invite = PortfolioInvitations.accept(user, invite.token)

    accepted_event = AuditLog.get_by_resource(invite.id)[0]
    assert "email" in accepted_event.event_details
    assert "dod_id" in accepted_event.event_details
Esempio n. 9
0
def test_portfolio_audit_log_only_includes_current_portfolio_events():
    owner = UserFactory.create()
    portfolio = PortfolioFactory.create(owner=owner)
    other_portfolio = PortfolioFactory.create(owner=owner)
    # Add some audit events
    application_1 = ApplicationFactory.create(portfolio=portfolio)
    application_2 = ApplicationFactory.create(portfolio=other_portfolio)

    events = AuditLog.get_portfolio_events(portfolio)
    for event in events:
        assert event.portfolio_id == portfolio.id
        assert (not event.portfolio_id == other_portfolio.id
                or event.resource_id == other_portfolio.id)
Esempio n. 10
0
def test_get_application_events():
    # add in some portfolio level events
    portfolio = PortfolioFactory.create()
    Portfolios.update(portfolio, {"name": "New Name"})
    # add app level events
    application = ApplicationFactory.create(portfolio=portfolio)
    Applications.update(application, {"name": "Star Cruiser"})
    app_role = ApplicationRoleFactory.create(application=application)
    app_invite = ApplicationInvitationFactory.create(role=app_role)
    env = EnvironmentFactory.create(application=application)
    env_role = EnvironmentRoleFactory.create(environment=env, application_role=app_role)
    # add rando app
    rando_app = ApplicationFactory.create(portfolio=portfolio)

    events = AuditLog.get_application_events(application)
    for event in events:
        assert event.application_id == application.id
        assert not event.application_id == rando_app.id

    resource_types = [event.resource_type for event in events]
    assert "portfolio" not in resource_types
Esempio n. 11
0
def render_settings_page(application, **kwargs):
    environments_obj = get_environments_obj_for_app(application=application)
    new_env_form = EditEnvironmentForm()
    pagination_opts = Paginator.get_pagination_opts(http_request)
    audit_events = AuditLog.get_application_events(application,
                                                   pagination_opts)
    new_member_form = get_new_member_form(application)
    members = get_members_data(application)

    if "application_form" not in kwargs:
        kwargs["application_form"] = NameAndDescriptionForm(
            name=application.name, description=application.description)

    return render_template(
        "applications/settings.html",
        application=application,
        environments_obj=environments_obj,
        new_env_form=new_env_form,
        audit_events=audit_events,
        new_member_form=new_member_form,
        members=members,
        **kwargs,
    )