mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-05-06 00:48:46 -04:00
Remove access_developer_docs permission, it doesn't make sense to need it.
Add view_activity permission when the permissions are being editted.
This commit is contained in:
Rebecca Law
@@ -30,7 +30,7 @@ from app.utils import user_has_permissions
|
||||
roles = {
|
||||
'send_messages': ['send_texts', 'send_emails', 'send_letters'],
|
||||
'manage_service': ['manage_users', 'manage_templates', 'manage_settings'],
|
||||
'manage_api_keys': ['manage_api_keys', 'access_developer_docs']
|
||||
'manage_api_keys': ['manage_api_keys']
|
||||
}
|
||||
|
||||
|
||||
@@ -98,7 +98,7 @@ def edit_user_permissions(service_id, user_id):
|
||||
user_id, service_id,
|
||||
permissions=set(chain.from_iterable(
|
||||
permissions for role, permissions in roles.items() if form[role].data
|
||||
))
|
||||
)) | {'view_activity'}
|
||||
)
|
||||
return redirect(url_for('.manage_users', service_id=service_id))
|
||||
|
||||
|
||||
@@ -198,7 +198,7 @@ def send_message_to_self(service_id, template_id):
|
||||
|
||||
@main.route("/services/<service_id>/send/<template_id>/from-api", methods=['GET'])
|
||||
@login_required
|
||||
@user_has_permissions('manage_api_keys', 'access_developer_docs')
|
||||
@user_has_permissions('manage_api_keys')
|
||||
def send_from_api(service_id, template_id):
|
||||
template = Template(
|
||||
templates_dao.get_service_template_or_404(service_id, template_id)['data']
|
||||
|
||||
@@ -29,7 +29,7 @@
|
||||
<li><a href="{{ url_for('.manage_users', service_id=service_id) }}">View team members</a></li>
|
||||
</ul>
|
||||
{% endif %}
|
||||
{% if current_user.has_permissions(['manage_api_keys', 'access_developer_docs']) %}
|
||||
{% if current_user.has_permissions(['manage_api_keys']) %}
|
||||
<ul>
|
||||
<li><a href="{{ url_for('.api_keys', service_id=service_id) }}">Manage API keys</a></li>
|
||||
</ul>
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
|
||||
<h1 class="heading-large">{{ page_heading }}</h1>
|
||||
|
||||
{% if current_user.has_permissions(permissions=['manage_templates'], admin_override=True) %}
|
||||
{% if current_user.has_permissions(permissions=['manage_templates'], admin_override=True, or_=True) %}
|
||||
<a href="{{ url_for('.add_service_template', service_id=service_id, template_type=template_type) }}" class="button">Add a new template</a>
|
||||
{% else %}
|
||||
<p>You need to ask your service manager to add templates before you can send messages</p>
|
||||
@@ -76,7 +76,7 @@
|
||||
<a href="{{ url_for(".send_messages", service_id=service_id, template_id=template.id) }}">Send a batch</a>
|
||||
<a href="{{ url_for(".send_message_to_self", service_id=service_id, template_id=template.id) }}">Send yourself a test</a>
|
||||
{% endif %}
|
||||
{% if current_user.has_permissions(permissions=['manage_api_keys', 'access_developer_docs']) %}
|
||||
{% if current_user.has_permissions(permissions=['manage_api_keys']) %}
|
||||
<a href="{{ url_for(".send_from_api", service_id=service_id, template_id=template.id) }}">API integration</a>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
@@ -41,7 +41,7 @@ Manage users – GOV.UK Notify
|
||||
{% endcall %}
|
||||
{{ boolean_field(item.has_permissions(permissions=['send_texts', 'send_emails', 'send_letters'])) }}
|
||||
{{ boolean_field(item.has_permissions(permissions=['manage_users', 'manage_templates', 'manage_settings'])) }}
|
||||
{{ boolean_field(item.has_permissions(permissions=['manage_api_keys', 'access_developer_docs'])) }}
|
||||
{{ boolean_field(item.has_permissions(permissions=['manage_api_keys'])) }}
|
||||
{% call field(align='right') %}
|
||||
{% if current_user.has_permissions(['manage_users']) %}
|
||||
{% if current_user.id != item.id %}
|
||||
@@ -60,7 +60,7 @@ Manage users – GOV.UK Notify
|
||||
{% endcall %}
|
||||
{{ boolean_field(item.has_permissions(permissions=['send_texts', 'send_emails', 'send_letters'])) }}
|
||||
{{ boolean_field(item.has_permissions(permissions=['manage_users', 'manage_templates', 'manage_settings'])) }}
|
||||
{{ boolean_field(item.has_permissions(permissions=['manage_api_keys', 'access_developer_docs'])) }}
|
||||
{{ boolean_field(item.has_permissions(permissions=['manage_api_keys'])) }}
|
||||
{% if item.status == 'pending' %}
|
||||
{% call field(align='right') %}
|
||||
{% if current_user.has_permissions(['manage_users']) %}
|
||||
|
||||
@@ -99,7 +99,7 @@ def test_menu_manage_api_keys(mocker, app_, api_user_active, service_one, mock_g
|
||||
app_,
|
||||
api_user_active,
|
||||
service_one,
|
||||
['view_activity', 'manage_api_keys', 'access_developer_docs'])
|
||||
['view_activity', 'manage_api_keys'])
|
||||
page = resp.get_data(as_text=True)
|
||||
assert url_for(
|
||||
'main.choose_template',
|
||||
|
||||
@@ -80,7 +80,7 @@ def test_edit_user_permissions(
|
||||
'manage_templates',
|
||||
'manage_settings',
|
||||
'manage_api_keys',
|
||||
'access_developer_docs'
|
||||
'view_activity'
|
||||
}
|
||||
)
|
||||
|
||||
@@ -119,7 +119,8 @@ def test_edit_some_user_permissions(
|
||||
permissions={
|
||||
'send_texts',
|
||||
'send_emails',
|
||||
'send_letters'
|
||||
'send_letters',
|
||||
'view_activity'
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@@ -445,7 +445,7 @@ def test_route_choose_template_manage_api_keys_permissions(mocker,
|
||||
'main.choose_template',
|
||||
service_id=service_one['id'],
|
||||
template_type='sms'),
|
||||
['manage_api_keys', 'access_developer_docs'],
|
||||
['manage_api_keys'],
|
||||
api_user_active,
|
||||
service_one)
|
||||
page = resp.get_data(as_text=True)
|
||||
|
||||
@@ -302,8 +302,7 @@ def active_user_with_permissions():
|
||||
'manage_users',
|
||||
'manage_templates',
|
||||
'manage_settings',
|
||||
'manage_api_keys',
|
||||
'access_developer_docs']},
|
||||
'manage_api_keys']},
|
||||
'platform_admin': False
|
||||
}
|
||||
user = User(user_data)
|
||||
|
||||
Reference in New Issue
Block a user