def test_get_many():
perms_sets = PermissionSets.get_many([
PermissionSets.VIEW_PORTFOLIO_FUNDING,
PermissionSets.EDIT_PORTFOLIO_FUNDING
])
assert len(perms_sets) == 2
assert first_or_none(
lambda p: p.name == PermissionSets.VIEW_PORTFOLIO_FUNDING, perms_sets)
assert first_or_none(
lambda p: p.name == PermissionSets.EDIT_PORTFOLIO_FUNDING, perms_sets)
def render_admin_page(portfolio, form=None):
pagination_opts = Paginator.get_pagination_opts(http_request)
audit_events = AuditLog.get_portfolio_events(portfolio, pagination_opts)
portfolio_form = PortfolioForm(obj=portfolio)
member_list = portfolio.members
assign_ppoc_form = member_forms.AssignPPOCForm()
for pf_role in portfolio.roles:
if pf_role.user != portfolio.owner and pf_role.is_active:
assign_ppoc_form.role_id.choices += [(pf_role.id,
pf_role.full_name)]
current_member = first_or_none(lambda m: m.user_id == g.current_user.id,
portfolio.members)
current_member_id = current_member.id if current_member else None
return render_template(
"portfolios/admin.html",
form=form,
portfolio_form=portfolio_form,
members=filter_members_data(member_list, portfolio),
new_manager_form=member_forms.NewForm(),
assign_ppoc_form=assign_ppoc_form,
portfolio=portfolio,
audit_events=audit_events,
user=g.current_user,
current_member_id=current_member_id,
applications_count=len(portfolio.applications),
)
def render_admin_page(portfolio, form=None):
pagination_opts = Paginator.get_pagination_opts(http_request)
audit_events = AuditLog.get_portfolio_events(portfolio, pagination_opts)
members_data = get_members_data(portfolio)
portfolio_form = PortfolioForm(data={"name": portfolio.name})
member_perms_form = member_forms.MembersPermissionsForm(
data={"members_permissions": members_data}
)
assign_ppoc_form = member_forms.AssignPPOCForm()
for pf_role in portfolio.roles:
if pf_role.user != portfolio.owner and pf_role.is_active:
assign_ppoc_form.role_id.choices += [(pf_role.id, pf_role.full_name)]
current_member = first_or_none(
lambda m: m.user_id == g.current_user.id, portfolio.members
)
current_member_id = current_member.id if current_member else None
return render_template(
"portfolios/admin.html",
form=form,
portfolio_form=portfolio_form,
member_perms_form=member_perms_form,
member_form=member_forms.NewForm(),
assign_ppoc_form=assign_ppoc_form,
portfolio=portfolio,
audit_events=audit_events,
user=g.current_user,
ppoc_id=members_data[0].get("member_id"),
current_member_id=current_member_id,
applications_count=len(portfolio.applications),
)
def owner_role(self):
def _is_portfolio_owner(portfolio_role):
return PermissionSets.PORTFOLIO_POC in [
perms_set.name for perms_set in portfolio_role.permission_sets
]
return first_or_none(_is_portfolio_owner, self.roles)
def has_portfolio_permission(cls, user, portfolio, permission):
if Authorization.has_atat_permission(user, permission):
return True
port_role = first_or_none(lambda pr: pr.portfolio == portfolio,
user.portfolio_roles)
if port_role and port_role.status is not PortfolioRoleStatus.DISABLED:
return permission in port_role.permissions
else:
return False
def has_application_permission(cls, user, application, permission):
if Authorization.has_portfolio_permission(user, application.portfolio,
permission):
return True
app_role = first_or_none(
lambda app_role: app_role.application == application,
user.application_roles)
if app_role and app_role.status is not ApplicationRoleStatus.DISABLED:
return permission in app_role.permissions
else:
return False
def invite(
cls,
application,
inviter,
user_data,
permission_sets_names=None,
environment_roles_data=None,
):
permission_sets_names = permission_sets_names or []
permission_sets = ApplicationRoles._permission_sets_for_names(
permission_sets_names
)
app_role = ApplicationRole(
application=application, permission_sets=permission_sets
)
db.session.add(app_role)
for env_role_data in environment_roles_data:
env_role_name = env_role_data.get("role")
environment_id = env_role_data.get("environment_id")
if env_role_name is not None:
# pylint: disable=cell-var-from-loop
environment = first_or_none(
lambda e: str(e.id) == str(environment_id), application.environments
)
if environment is None:
raise NotFoundError("environment")
else:
env_role = EnvironmentRole(
application_role=app_role,
environment=environment,
role=env_role_name,
)
db.session.add(env_role)
invitation = ApplicationInvitations.create(
inviter=inviter, role=app_role, member_data=user_data
)
db.session.add(invitation)
db.session.commit()
return invitation
def has_permission_set(self, perm_set_name):
return first_or_none(lambda prms: prms.name == perm_set_name,
self.permission_sets)
