mirror of
https://github.com/GSA/notifications-api.git
synced 2026-01-03 01:20:47 -05:00
Merge pull request #186 from alphagov/add-view-activity-permission
Add view activity permission
This commit is contained in:
Rebecca Law
@@ -12,7 +12,7 @@ from app.models import (
|
||||
SEND_EMAILS,
|
||||
SEND_LETTERS,
|
||||
MANAGE_API_KEYS,
|
||||
ACCESS_DEVELOPER_DOCS)
|
||||
VIEW_ACTIVITY)
|
||||
|
||||
|
||||
# Default permissions for a service
|
||||
@@ -24,7 +24,7 @@ default_service_permissions = [
|
||||
SEND_EMAILS,
|
||||
SEND_LETTERS,
|
||||
MANAGE_API_KEYS,
|
||||
ACCESS_DEVELOPER_DOCS]
|
||||
VIEW_ACTIVITY]
|
||||
|
||||
|
||||
class PermissionDAO(DAOClass):
|
||||
|
||||
@@ -306,8 +306,8 @@ SEND_TEXTS = 'send_texts'
|
||||
SEND_EMAILS = 'send_emails'
|
||||
SEND_LETTERS = 'send_letters'
|
||||
MANAGE_API_KEYS = 'manage_api_keys'
|
||||
ACCESS_DEVELOPER_DOCS = 'access_developer_docs'
|
||||
PLATFORM_ADMIN = 'platform_admin'
|
||||
VIEW_ACTIVITY = 'view_activity'
|
||||
|
||||
# List of permissions
|
||||
PERMISSION_LIST = [
|
||||
@@ -318,8 +318,8 @@ PERMISSION_LIST = [
|
||||
SEND_EMAILS,
|
||||
SEND_LETTERS,
|
||||
MANAGE_API_KEYS,
|
||||
ACCESS_DEVELOPER_DOCS,
|
||||
PLATFORM_ADMIN]
|
||||
PLATFORM_ADMIN,
|
||||
VIEW_ACTIVITY]
|
||||
|
||||
|
||||
class Permission(db.Model):
|
||||
|
||||
@@ -6,7 +6,7 @@ from app.models import (
|
||||
SEND_EMAILS,
|
||||
SEND_LETTERS,
|
||||
MANAGE_API_KEYS,
|
||||
ACCESS_DEVELOPER_DOCS
|
||||
VIEW_ACTIVITY
|
||||
)
|
||||
|
||||
from app.schemas import permission_schema
|
||||
@@ -14,7 +14,8 @@ from app.schemas import permission_schema
|
||||
|
||||
permissions_groups = {'send_messages': [SEND_TEXTS, SEND_EMAILS, SEND_LETTERS],
|
||||
'manage_service': [MANAGE_USERS, MANAGE_SETTINGS, MANAGE_TEMPLATES],
|
||||
'manage_api_keys': [MANAGE_API_KEYS, ACCESS_DEVELOPER_DOCS]}
|
||||
'manage_api_keys': [MANAGE_API_KEYS],
|
||||
VIEW_ACTIVITY: [VIEW_ACTIVITY]}
|
||||
|
||||
|
||||
def get_permissions_by_group(permission_groups):
|
||||
|
||||
@@ -178,7 +178,6 @@ def remove_user_from_service(service_id, user_id):
|
||||
|
||||
def _process_permissions(user, service, permission_groups):
|
||||
from app.permissions_utils import get_permissions_by_group
|
||||
from app.dao.permissions_dao import permission_dao
|
||||
permissions = get_permissions_by_group(permission_groups)
|
||||
for permission in permissions:
|
||||
permission.user = user
|
||||
|
||||
47
migrations/versions/0043_view_activity.py
Normal file
47
migrations/versions/0043_view_activity.py
Normal file
@@ -0,0 +1,47 @@
|
||||
"""empty message
|
||||
|
||||
Revision ID: 0043_add_view_activity
|
||||
Revises: 0042_default_stats_to_zero
|
||||
Create Date: 2016-03-29 13:46:36.219549
|
||||
|
||||
"""
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
import uuid
|
||||
|
||||
revision = '0043_add_view_activity'
|
||||
down_revision = '0042_default_stats_to_zero'
|
||||
|
||||
from alembic import op
|
||||
|
||||
|
||||
def upgrade():
|
||||
### commands auto generated by Alembic - please adjust! ###
|
||||
conn = op.get_bind()
|
||||
conn.execute('COMMIT')
|
||||
conn.execute("alter type permission_types add value IF NOT EXISTS 'view_activity'")
|
||||
user_services = conn.execute("SELECT * FROM user_to_service").fetchall()
|
||||
for user_service in user_services:
|
||||
conn.execute(
|
||||
"insert into permissions (id, service_id, user_id, created_at, permission) "
|
||||
"values('{0}', '{1}', {2}, now(), 'view_activity')".format(
|
||||
uuid.uuid4(), user_service.service_id, user_service.user_id))
|
||||
conn.execute("delete from permissions where permission = 'access_developer_docs'")
|
||||
conn.execute("delete from pg_enum where enumlabel='access_developer_docs'")
|
||||
### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade():
|
||||
### commands auto generated by Alembic - please adjust! ###
|
||||
conn = op.get_bind()
|
||||
conn.execute("delete from permissions where permission = 'view_activity'")
|
||||
conn.execute("delete from pg_enum where enumlabel = 'view_activity'")
|
||||
conn.execute('COMMIT')
|
||||
conn.execute("alter type permission_types add value IF NOT EXISTS 'access_developer_docs'")
|
||||
manage_api_key_users = conn.execute("SELECT * FROM permissions where permission='manage_api_keys'").fetchall()
|
||||
for user_service in manage_api_key_users:
|
||||
conn.execute(
|
||||
"insert into permissions (id, service_id, user_id, created_at, permission) "
|
||||
"values('{0}', '{1}', {2}, now(), 'access_developer_docs')".format(
|
||||
uuid.uuid4(), user_service.service_id, user_service.user_id))
|
||||
### end Alembic commands ###
|
||||
@@ -600,8 +600,7 @@ def test_add_existing_user_to_another_service_with_all_permissions(notify_api,
|
||||
json_resp = json.loads(resp.get_data(as_text=True))
|
||||
permissions = json_resp['data']['permissions'][str(sample_service.id)]
|
||||
expected_permissions = ['send_texts', 'send_emails', 'send_letters', 'manage_users',
|
||||
'manage_settings', 'manage_templates', 'manage_api_keys',
|
||||
'access_developer_docs']
|
||||
'manage_settings', 'manage_templates', 'manage_api_keys']
|
||||
assert sorted(expected_permissions) == sorted(permissions)
|
||||
|
||||
|
||||
@@ -745,7 +744,7 @@ def test_add_existing_user_to_another_service_with_manage_api_keys(notify_api,
|
||||
json_resp = json.loads(resp.get_data(as_text=True))
|
||||
|
||||
permissions = json_resp['data']['permissions'][str(sample_service.id)]
|
||||
expected_permissions = ['manage_api_keys', 'access_developer_docs']
|
||||
expected_permissions = ['manage_api_keys']
|
||||
assert sorted(expected_permissions) == sorted(permissions)
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user