Add members

src/registrar/views/utility/__init__.py

@@ -7,5 +7,6 @@ from .permission_views import (
     DomainRequestPermissionWithdrawView,
     DomainInvitationPermissionDeleteView,
     DomainRequestWizardPermissionView,
+    PortfolioMembersPermission,
 )
 from .api_views import get_senior_official_from_federal_agency_json

src/registrar/views/utility/mixins.py

@@ -454,3 +454,20 @@ class PortfolioDomainRequestsPermission(PortfolioBasePermission):
             return False
 
         return super().has_permission()
+
+
+class PortfolioMembersPermission(PortfolioBasePermission):
+    """Permission mixin that allows access to portfolio members pages if user
+    has access, otherwise 403"""
+
+    def has_permission(self):
+        """Check if this user has access to members for this portfolio.
+
+        The user is in self.request.user and the portfolio can be looked
+        up from the portfolio's primary key in self.kwargs["pk"]"""
+
+        portfolio = self.request.session.get("portfolio")
+        if not self.request.user.has_view_members(portfolio):
+            return False
+
+        return super().has_permission()

src/registrar/views/utility/permission_views.py

@@ -18,6 +18,7 @@ from .mixins import (
     UserDeleteDomainRolePermission,
     UserProfilePermission,
     PortfolioBasePermission,
+    PortfolioMembersPermission,
 )
 import logging
 
@@ -229,3 +230,11 @@ class PortfolioDomainRequestsPermissionView(PortfolioDomainRequestsPermission, P
     This abstract view cannot be instantiated. Actual views must specify
     `template_name`.
     """
+
+
+class PortfolioMembersPermissionView(PortfolioMembersPermission, PortfolioBasePermissionView, abc.ABC):
+    """Abstract base view for portfolio domain request views that enforces permissions.
+
+    This abstract view cannot be instantiated. Actual views must specify
+    `template_name`.
+    """