示例#1
0
def test_has_permission_set():
    perm_sets = PermissionSets.get_many(
        [PermissionSets.VIEW_PORTFOLIO_FUNDING, PermissionSets.VIEW_PORTFOLIO_REPORTS]
    )
    port_role = PortfolioRoleFactory.create(permission_sets=perm_sets)

    assert port_role.has_permission_set(PermissionSets.VIEW_PORTFOLIO_REPORTS)
示例#2
0
def test_applications_delete_access(post_url_assert_status, monkeypatch):
    ccpo = UserFactory.create_ccpo()
    owner = user_with()
    app_admin = user_with()
    rando = user_with()

    portfolio = PortfolioFactory.create(
        owner=owner, applications=[{"name": "mos eisley"}]
    )
    application = portfolio.applications[0]

    ApplicationRoleFactory.create(
        user=app_admin,
        application=application,
        permission_sets=PermissionSets.get_many(
            [
                PermissionSets.VIEW_APPLICATION,
                PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
                PermissionSets.EDIT_APPLICATION_TEAM,
                PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
            ]
        ),
    )

    monkeypatch.setattr("atst.domain.applications.Applications.delete", lambda *a: True)

    url = url_for("applications.delete", application_id=application.id)
    post_url_assert_status(app_admin, url, 404)
    post_url_assert_status(rando, url, 404)
    post_url_assert_status(owner, url, 302)
    post_url_assert_status(ccpo, url, 302)
示例#3
0
def test_does_not_have_permission_set():
    perm_sets = PermissionSets.get_many([
        PermissionSets.VIEW_PORTFOLIO_FUNDING,
        PermissionSets.VIEW_PORTFOLIO_REPORTS
    ])
    port_role = PortfolioRoleFactory.create(permission_sets=perm_sets)

    assert not port_role.has_permission_set(
        PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT)
示例#4
0
def test_get_many():
    perms_sets = PermissionSets.get_many([
        PermissionSets.VIEW_PORTFOLIO_FUNDING,
        PermissionSets.EDIT_PORTFOLIO_FUNDING
    ])
    assert len(perms_sets) == 2
    assert first_or_none(
        lambda p: p.name == PermissionSets.VIEW_PORTFOLIO_FUNDING, perms_sets)
    assert first_or_none(
        lambda p: p.name == PermissionSets.EDIT_PORTFOLIO_FUNDING, perms_sets)
示例#5
0
 def create(cls, user, portfolio_attrs):
     portfolio = PortfoliosQuery.create(**portfolio_attrs)
     perms_sets = PermissionSets.get_many(
         PortfolioRoles.PORTFOLIO_PERMISSION_SETS)
     Portfolios._create_portfolio_role(
         user,
         portfolio,
         status=PortfolioRoleStatus.ACTIVE,
         permission_sets=perms_sets,
     )
     PortfoliosQuery.add_and_commit(portfolio)
     return portfolio
示例#6
0
def test_portfolio_admin_screen_when_not_ppoc(client, user_session):
    portfolio = PortfolioFactory.create()
    user = UserFactory.create()
    permission_sets = PermissionSets.get_many(
        [PermissionSets.EDIT_PORTFOLIO_ADMIN, PermissionSets.VIEW_PORTFOLIO_ADMIN]
    )
    PortfolioRoleFactory.create(
        portfolio=portfolio, user=user, permission_sets=permission_sets
    )
    user_session(user)
    response = client.get(url_for("portfolios.admin", portfolio_id=portfolio.id))
    assert response.status_code == 200
    assert portfolio.name in response.data.decode()
    assert translate("fragments.ppoc.update_btn").encode("utf8") not in response.data
示例#7
0
def test_create_application_role():
    application = ApplicationFactory.create()
    user = UserFactory.create()

    application_role = ApplicationRoles.create(
        application=application,
        user=user,
        permission_set_names=[PermissionSets.EDIT_APPLICATION_TEAM],
    )

    assert application_role.permission_sets == PermissionSets.get_many([
        PermissionSets.EDIT_APPLICATION_TEAM, PermissionSets.VIEW_APPLICATION
    ])
    assert application_role.application == application
    assert application_role.user == user
示例#8
0
def test_update_member_permissions(client, user_session):
    portfolio = PortfolioFactory.create()
    rando = UserFactory.create()
    rando_pf_role = PortfolioRoleFactory.create(
        user=rando,
        portfolio=portfolio,
        permission_sets=[
            PermissionSets.get(PermissionSets.VIEW_PORTFOLIO_ADMIN)
        ],
    )

    user = UserFactory.create()
    PortfolioRoleFactory.create(
        user=user,
        portfolio=portfolio,
        permission_sets=PermissionSets.get_many([
            PermissionSets.EDIT_PORTFOLIO_ADMIN,
            PermissionSets.VIEW_PORTFOLIO_ADMIN
        ]),
    )
    user_session(user)

    form_data = {
        "members_permissions-0-member_id": rando_pf_role.id,
        "members_permissions-0-perms_app_mgmt":
        "edit_portfolio_application_management",
        "members_permissions-0-perms_funding": "view_portfolio_funding",
        "members_permissions-0-perms_reporting": "view_portfolio_reports",
        "members_permissions-0-perms_portfolio_mgmt": "view_portfolio_admin",
    }

    response = client.post(
        url_for("portfolios.edit_members", portfolio_id=portfolio.id),
        data=form_data,
        follow_redirects=True,
    )

    assert response.status_code == 200
    assert rando_pf_role.has_permission_set(
        PermissionSets.EDIT_PORTFOLIO_APPLICATION_MANAGEMENT)
示例#9
0
def test_user_can_view(set_g):
    owner = UserFactory.create()
    app_user = UserFactory.create()
    rando = UserFactory.create()

    portfolio = PortfolioFactory.create(owner=owner)
    application = ApplicationFactory.create(portfolio=portfolio)
    ApplicationRoleFactory.create(
        user=app_user,
        application=application,
        permission_sets=PermissionSets.get_many([PermissionSets.VIEW_APPLICATION]),
    )

    set_g("portfolio", portfolio)
    set_g("application", application)
    set_g("current_user", owner)
    assert user_can_view(Permissions.VIEW_APPLICATION)

    set_g("current_user", app_user)
    assert user_can_view(Permissions.VIEW_APPLICATION)

    set_g("current_user", rando)
    assert not user_can_view(Permissions.VIEW_APPLICATION)
示例#10
0
def user_with(*perm_sets_names):
    return UserFactory.create(permission_sets=PermissionSets.get_many(perm_sets_names))
示例#11
0
def test_get_many_nonexistent():
    with pytest.raises(NotFoundError):
        PermissionSets.get_many(["nonexistent", "not real"])
示例#12
0
def get_all_portfolio_permission_sets():
    return PermissionSets.get_many(PortfolioRoles.PORTFOLIO_PERMISSION_SETS)