def test_remove_portfolio_member_ppoc(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
PortfolioRoleFactory.create(
portfolio=portfolio,
user=user,
permission_sets=[
PermissionSets.get(PermissionSets.EDIT_PORTFOLIO_ADMIN)
],
)
ppoc_port_role = PortfolioRoles.get(portfolio_id=portfolio.id,
user_id=portfolio.owner.id)
user_session(user)
response = client.post(
url_for(
"portfolios.remove_member",
portfolio_id=portfolio.id,
portfolio_role_id=ppoc_port_role.id,
),
follow_redirects=False,
)
assert response.status_code == 404
assert (PortfolioRoles.get(
portfolio_id=portfolio.id,
user_id=portfolio.owner.id).status == PortfolioRoleStatus.ACTIVE)
def test_remove_portfolio_member(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
member = PortfolioRoleFactory.create(portfolio=portfolio, user=user)
user_session(portfolio.owner)
response = client.post(
url_for(
"portfolios.remove_member",
portfolio_id=portfolio.id,
portfolio_role_id=member.id,
),
follow_redirects=False,
)
assert response.status_code == 302
assert response.headers["Location"] == url_for(
"portfolios.admin",
portfolio_id=portfolio.id,
_anchor="portfolio-members",
fragment="portfolio-members",
_external=True,
)
assert (PortfolioRoles.get(
portfolio_id=portfolio.id,
user_id=user.id).status == PortfolioRoleStatus.DISABLED)
def test_cannot_update_portfolio_ppoc_perms(client, user_session):
portfolio = PortfolioFactory.create()
ppoc = portfolio.owner
ppoc_pf_role = PortfolioRoles.get(portfolio_id=portfolio.id,
user_id=ppoc.id)
user = UserFactory.create()
PortfolioRoleFactory.create(portfolio=portfolio, user=user)
user_session(user)
assert ppoc_pf_role.has_permission_set(PermissionSets.PORTFOLIO_POC)
member_perms_data = {
"members_permissions-0-member_id": ppoc_pf_role.id,
"members_permissions-0-perms_app_mgmt":
"view_portfolio_application_management",
"members_permissions-0-perms_funding": "view_portfolio_funding",
"members_permissions-0-perms_reporting": "view_portfolio_reports",
"members_permissions-0-perms_portfolio_mgmt": "view_portfolio_admin",
}
response = client.post(
url_for("portfolios.edit_members", portfolio_id=portfolio.id),
data=member_perms_data,
follow_redirects=True,
)
assert response.status_code == 404
assert ppoc_pf_role.has_permission_set(PermissionSets.PORTFOLIO_POC)
def test_revoke_ppoc_permissions():
portfolio = PortfolioFactory.create()
portfolio_role = PortfolioRoles.get(portfolio_id=portfolio.id,
user_id=portfolio.owner.id)
assert Permissions.EDIT_PORTFOLIO_POC in portfolio_role.permissions
PortfolioRoles.revoke_ppoc_permissions(portfolio_role=portfolio_role)
assert Permissions.EDIT_PORTFOLIO_POC not in portfolio_role.permissions
def test_remove_portfolio_member_self(client, user_session):
portfolio = PortfolioFactory.create()
portfolio_role = PortfolioRoles.get(portfolio_id=portfolio.id,
user_id=portfolio.owner.id)
user_session(portfolio.owner)
response = client.post(
url_for(
"portfolios.remove_member",
portfolio_id=portfolio.id,
portfolio_role_id=portfolio_role.id,
),
follow_redirects=False,
)
assert response.status_code == 404
assert (PortfolioRoles.get(
portfolio_id=portfolio.id,
user_id=portfolio.owner.id).status == PortfolioRoleStatus.ACTIVE)
def test_make_ppoc():
portfolio = PortfolioFactory.create()
original_owner = portfolio.owner
new_owner = UserFactory.create()
new_owner_role = PortfolioRoles.add(user=new_owner,
portfolio_id=portfolio.id)
PortfolioRoles.make_ppoc(portfolio_role=new_owner_role)
assert portfolio.owner is new_owner
assert Permissions.EDIT_PORTFOLIO_POC in new_owner_role.permissions
assert (Permissions.EDIT_PORTFOLIO_POC
not in PortfolioRoles.get(portfolio_id=portfolio.id,
user_id=original_owner.id).permissions)