From 94434b36e73beeed724de8c72d2f94e0de45d406 Mon Sep 17 00:00:00 2001 From: Chris Hill-Scott Date: Mon, 13 Jul 2020 12:04:11 +0100 Subject: [PATCH] Only show relevant permissions on the team members page Since users of broadcast services will always have the view dashboard permission and never have the API keys permission we can hide these. And we should re-label the permissions to make sense in the context of broadcasting. --- app/main/views/manage_users.py | 6 +++-- tests/app/main/views/test_manage_users.py | 29 +++++++++++++++++++++++ 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/app/main/views/manage_users.py b/app/main/views/manage_users.py index 3f055e695..b4df99416 100644 --- a/app/main/views/manage_users.py +++ b/app/main/views/manage_users.py @@ -27,7 +27,7 @@ from app.main.forms import ( PermissionsForm, SearchUsersForm, ) -from app.models.roles_and_permissions import permissions +from app.models.roles_and_permissions import broadcast_permissions, permissions from app.models.user import InvitedUser, User from app.utils import is_gov_user, redact_mobile_number, user_has_permissions @@ -41,7 +41,9 @@ def manage_users(service_id): current_user=current_user, show_search_box=(len(current_service.team_members) > 7), form=SearchUsersForm(), - permissions=permissions, + permissions=( + broadcast_permissions if current_service.has_permission('broadcast') else permissions + ), ) diff --git a/tests/app/main/views/test_manage_users.py b/tests/app/main/views/test_manage_users.py index 374bbb41d..34a221d7d 100644 --- a/tests/app/main/views/test_manage_users.py +++ b/tests/app/main/views/test_manage_users.py @@ -193,6 +193,35 @@ def test_should_show_caseworker_on_overview_page( ) +def test_should_show_overview_page_for_broadcast_service( + client_request, + mocker, + mock_get_invites_for_service, + mock_get_template_folders, + service_one, + active_user_view_permissions, + active_user_with_permissions, +): + service_one['permissions'].append('broadcast') + mocker.patch('app.models.user.Users.client_method', return_value=[ + active_user_with_permissions, + active_user_view_permissions, + ]) + page = client_request.get('main.manage_users', service_id=SERVICE_ONE_ID) + assert normalize_spaces(page.select('.user-list-item')[0].text) == ( + 'Test User (you) ' + 'Can Prepare and approve broadcasts ' + 'Can Add and edit templates ' + 'Can Manage settings and team' + ) + assert normalize_spaces(page.select('.user-list-item')[1].text) == ( + 'Test User With Permissions (you) ' + 'Cannot Prepare and approve broadcasts ' + 'Cannot Add and edit templates ' + 'Cannot Manage settings and team' + ) + + @pytest.mark.parametrize('endpoint, extra_args, service_has_email_auth, auth_options_hidden', [ ( 'main.edit_user_permissions',