def update_environment(environment_id): environment = Environments.get(environment_id) application = environment.application env_form = EditEnvironmentForm(obj=environment, formdata=http_request.form) if env_form.validate(): Environments.update(environment=environment, name=env_form.name.data) flash("application_environments_updated") return redirect( url_for( "applications.settings", application_id=application.id, fragment="application-environments", _anchor="application-environments", active_toggler=environment.id, active_toggler_section="edit", )) else: return ( render_settings_page( application=application, active_toggler=environment.id, active_toggler_section="edit", ), 400, )
def handle_update_member(application_id, application_role_id, form_data): app_role = ApplicationRoles.get_by_id(application_role_id) application = Applications.get(application_id) existing_env_roles_data = filter_env_roles_form_data( app_role, application.environments) form = UpdateMemberForm(formdata=form_data, environment_roles=existing_env_roles_data) if form.validate(): try: ApplicationRoles.update_permission_sets( app_role, form.data["permission_sets"]) for env_role in form.environment_roles: environment = Environments.get(env_role.environment_id.data) new_role = None if env_role.disabled.data else env_role.data[ "role"] Environments.update_env_role(environment, app_role, new_role) flash("application_member_updated", user_name=app_role.user_name) except GeneralCSPException as exc: log_error(exc) flash( "application_member_update_error", user_name=app_role.user_name, ) else: pass
def test_update_env_role_no_access(): env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value) Environments.update_env_role(env_role.environment, env_role.application_role, None) assert not EnvironmentRoles.get(env_role.application_role.id, env_role.environment.id) assert env_role.role is None assert env_role.disabled
def create(cls, user, portfolio, name, description, environment_names=None): application = Application( portfolio=portfolio, name=name, description=description ) db.session.add(application) if environment_names: Environments.create_many(user, application, environment_names) db.session.commit() return application
def update(cls, application, new_data): if "name" in new_data: application.name = new_data["name"] if "description" in new_data: application.description = new_data["description"] if "environment_names" in new_data: Environments.create_many(g.current_user, application, new_data["environment_names"]) db.session.add(application) commit_or_raise_already_exists_error(message="application") return application
def delete(cls, application): for env in application.environments: Environments.delete(env) application.deleted = True for role in application.roles: role.deleted = True role.status = ApplicationRoleStatus.DISABLED db.session.add(role) db.session.add(application) db.session.commit()
def update(cls, application, new_data): if "name" in new_data: application.name = new_data["name"] if "description" in new_data: application.description = new_data["description"] if "environment_names" in new_data: Environments.create_many( g.current_user, application, new_data["environment_names"] ) db.session.add(application) db.session.commit() return application
def delete_environment(environment_id): environment = Environments.get(environment_id) Environments.delete(environment=environment, commit=True) flash("environment_deleted", environment_name=environment.name) return redirect( url_for( "applications.settings", application_id=environment.application_id, _anchor="application-environments", fragment="application-environments", ))
def do_create_environment(csp: CloudProviderInterface, environment_id=None): environment = Environments.get(environment_id) with claim_for_update(environment) as environment: if environment.cloud_id is not None: # TODO: Return value for this? return user = environment.creator # we'll need to do some checking in this job for cases where it's retrying # when a failure occured after some successful steps # (e.g. if environment.cloud_id is not None, then we can skip first step) # credentials either from a given user or pulled from config? # if using global creds, do we need to log what user authorized action? atat_root_creds = csp.root_creds() # user is needed because baseline root account in the environment will # be assigned to the requesting user, open question how to handle duplicate # email addresses across new environments csp_environment_id = csp.create_environment(atat_root_creds, user, environment) environment.cloud_id = csp_environment_id db.session.add(environment) db.session.commit() body = render_email("emails/application/environment_ready.txt", {"environment": environment}) app.mailer.send([environment.creator.email], translate("email.environment_ready"), body)
def test_create_environments(): application = ApplicationFactory.create() environments = Environments.create_many(application.portfolio.owner, application, ["Staging", "Production"]) for env in environments: assert env.cloud_id is None
def create(cls, user, portfolio, name, description, environment_names=None): application = Application(portfolio=portfolio, name=name, description=description) db.session.add(application) if environment_names: Environments.create_many(user, application, environment_names) commit_or_raise_already_exists_error(message="application") return application
def create_demo_portfolio(name, data): try: portfolio_owner = Users.get_or_create_by_dod_id("2345678901") # Amanda # auditor = Users.get_by_dod_id("3453453453") # Sally except NotFoundError: print("Could not find demo users; will not create demo portfolio {}". format(name)) return portfolio = Portfolios.create( user=portfolio_owner, portfolio_attrs={ "name": name, "defense_component": random_service_branch() }, ) add_task_orders_to_portfolio(portfolio) add_members_to_portfolio(portfolio) for mock_application in data["applications"]: application = Application(portfolio=portfolio, name=mock_application.name, description="") env_names = [env.name for env in mock_application.environments] envs = Environments.create_many(portfolio.owner, application, env_names) db.session.add(application) db.session.commit()
def test_update_env_role(): env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value) new_role = CSPRole.TECHNICAL_READ.value assert Environments.update_env_role(env_role.environment, env_role.application_role, new_role) assert env_role.role == new_role
def test_delete_environment(session): env = EnvironmentFactory.create(application=ApplicationFactory.create()) env_role = EnvironmentRoleFactory.create( application_role=ApplicationRoleFactory.create( application=env.application), environment=env, ) assert not env.deleted assert not env_role.deleted Environments.delete(env) assert env.deleted assert env_role.deleted # did not flush assert session.dirty Environments.delete(env, commit=True) assert env.deleted assert env_role.deleted # flushed the change assert not session.dirty
def new_environment(application_id): application = Applications.get(application_id) env_form = EditEnvironmentForm(formdata=http_request.form) if env_form.validate(): Environments.create(g.current_user, application=application, name=env_form.name.data) flash("environment_added", environment_name=env_form.data["name"]) return redirect( url_for( "applications.settings", application_id=application.id, fragment="application-environments", _anchor="application-environments", )) else: return (render_settings_page(application=application), 400)
def test_with_unprovisioned_expired_clins_environment(self): self.create_portfolio_with_clins( [(self.YESTERDAY, self.YESTERDAY)], { "cloud_id": uuid4().hex, "root_user_info": None }, ) assert (len( Environments.get_environments_pending_atat_user_creation( self.NOW)) == 0)
def do_create_atat_admin_user(csp: CloudProviderInterface, environment_id=None): environment = Environments.get(environment_id) with claim_for_update(environment) as environment: atat_root_creds = csp.root_creds() atat_remote_root_user = csp.create_atat_admin_user( atat_root_creds, environment.cloud_id) environment.root_user_info = atat_remote_root_user db.session.add(environment) db.session.commit()
def handle_update_environment(form, application=None, environment=None): if form.validate(): try: if environment: environment = Environments.update(environment=environment, name=form.name.data) flash("application_environments_updated") else: environment = Environments.create(g.current_user, application=application, name=form.name.data) flash("environment_added", environment_name=form.name.data) return environment except AlreadyExistsError: flash("application_environments_name_error", name=form.name.data) return False else: return False
def test_with_unprovisioned_environment(self): self.create_portfolio_with_clins( [(self.YESTERDAY, self.TOMORROW)], { "cloud_id": uuid4().hex, "root_user_info": { "foo": "bar" }, "baseline_info": None, }, ) assert (len( Environments.get_environments_pending_baseline_creation( self.NOW)) == 1)
def update_member(application_id, application_role_id): app_role = ApplicationRoles.get_by_id(application_role_id) form = UpdateMemberForm(http_request.form) if form.validate(): ApplicationRoles.update_permission_sets(app_role, form.data["permission_sets"]) for env_role in form.environment_roles: environment = Environments.get(env_role.environment_id.data) Environments.update_env_role(environment, app_role, env_role.data["role"]) flash("application_member_updated", user_name=app_role.user_name) else: pass # TODO: flash error message return redirect( url_for( "applications.settings", application_id=application_id, fragment="application-members", _anchor="application-members", ) )
def do_create_environment_baseline(csp: CloudProviderInterface, environment_id=None): environment = Environments.get(environment_id) with claim_for_update(environment) as environment: # ASAP switch to use remote root user for provisioning atat_remote_root_creds = environment.root_user_info["credentials"] baseline_info = csp.create_environment_baseline( atat_remote_root_creds, environment.cloud_id) environment.baseline_info = baseline_info body = render_email("emails/application/environment_ready.txt", {"environment": environment}) app.mailer.send([environment.creator.email], translate("email.environment_ready"), body) db.session.add(environment) db.session.commit()
def create_demo_portfolio(name, data): try: portfolio_owner = Users.get_or_create_by_dod_id( "2345678901", **pick( [ "permission_sets", "first_name", "last_name", "email", "service_branch", "phone_number", "citizenship", "designation", "date_latest_training", ], DEV_USERS["amanda"], ), ) # Amanda # auditor = Users.get_by_dod_id("3453453453") # Sally except NotFoundError: print("Could not find demo users; will not create demo portfolio {}". format(name)) return portfolio = Portfolios.create( user=portfolio_owner, portfolio_attrs={ "name": name, "defense_component": random_service_branch() }, ) add_task_orders_to_portfolio(portfolio) add_members_to_portfolio(portfolio) for mock_application in data["applications"]: application = Application(portfolio=portfolio, name=mock_application["name"], description="") env_names = [env["name"] for env in mock_application["environments"]] envs = Environments.create_many(portfolio.owner, application, env_names) db.session.add(application) db.session.commit()
def update_environment(environment_id): environment = Environments.get(environment_id) application = environment.application env_form = EditEnvironmentForm(obj=environment, formdata=http_request.form) updated_environment = handle_update_environment(form=env_form, application=application, environment=environment) if updated_environment: return redirect( url_for( "applications.settings", application_id=application.id, fragment="application-environments", _anchor="application-environments", )) else: return (render_settings_page(application=application, show_flash=True), 400)
def test_update_env_role_disabled_role(): env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value) Environments.update_env_role(env_role.environment, env_role.application_role, None) # An exception should be raised when a new role is passed to Environments.update_env_role with pytest.raises(DisabledError): Environments.update_env_role( env_role.environment, env_role.application_role, CSPRole.TECHNICAL_READ.value, ) assert env_role.role is None assert env_role.disabled # An exception should not be raised when no new role is passed Environments.update_env_role(env_role.environment, env_role.application_role, None)
def test_with_expired_clins(self, session): self.create_portfolio_with_clins([(self.YESTERDAY, self.YESTERDAY)]) assert len(Environments.get_environments_pending_creation( self.NOW)) == 0
def test_with_active_clins(self, session): portfolio = self.create_portfolio_with_clins([(self.YESTERDAY, self.TOMORROW)]) Environments.get_environments_pending_creation( self.NOW) == [portfolio.applications[0].environments[0].id]
def test_update_environment(): environment = EnvironmentFactory.create() assert environment.name is not "name 2" Environments.update(environment, name="name 2") assert environment.name == "name 2"
def test_with_future_clins(self, session): self.create_portfolio_with_clins([(self.TOMORROW, self.TOMORROW)]) assert len(Environments.get_environments_pending_creation( self.NOW)) == 0
def test_get_excludes_deleted(): env = EnvironmentFactory.create(deleted=True, application=ApplicationFactory.create()) with pytest.raises(NotFoundError): Environments.get(env.id)
def test_with_already_provisioned_env(self, session): self.create_portfolio_with_clins([(self.YESTERDAY, self.TOMORROW)], env_data={"cloud_id": uuid4().hex}) assert len(Environments.get_environments_pending_creation( self.NOW)) == 0