revisions

2025-07-26 04:28:39 +02:00 · 2024-07-22 15:20:54 -04:00 · 2024-07-22 15:20:54 -04:00 · 5ed4581e21
commit 5ed4581e21
parent 65bed05284
4 changed files with 36 additions and 32 deletions
--- a/src/registrar/migrations/0113_user_portfolio_user_portfolio_additional_permissions_and_more.py
+++ b/src/registrar/migrations/0113_user_portfolio_user_portfolio_additional_permissions_and_more.py
@ -1,4 +1,4 @@
-# Generated by Django 4.2.10 on 2024-07-18 18:09
+# Generated by Django 4.2.10 on 2024-07-22 19:19
 from django.conf import settings
 import django.contrib.postgres.fields
@ -30,11 +30,13 @@ class Migration(migrations.Migration):
            field=django.contrib.postgres.fields.ArrayField(
                base_field=models.CharField(
                    choices=[
-                        ("view_domains", "View all domains and domain reports"),
+                        ("view_all_domains", "View all domains and domain reports"),
                        ("view_managed_domains", "View managed domains"),
                        ("edit_domains", "User is a manager on a domain"),
                        ("view_member", "View members"),
                        ("edit_member", "Create and edit members"),
-                        ("view_requests", "View requests"),
+                        ("view_all_requests", "View all requests"),
                        ("view_created_requests", "View created requests"),
                        ("edit_requests", "Create and edit requests"),
                        ("view_portfolio", "View organization"),
                        ("edit_portfolio", "Edit organization"),
--- a/src/registrar/models/user.py
+++ b/src/registrar/models/user.py
@ -73,7 +73,8 @@ class User(AbstractUser):
    class UserPortfolioPermissionChoices(models.TextChoices):
        """ """
-        VIEW_DOMAINS = "view_domains", "View all domains and domain reports"
+        VIEW_ALL_DOMAINS = "view_all_domains", "View all domains and domain reports"
        VIEW_MANAGED_DOMAINS = "view_managed_domains", "View managed domains"
        # EDIT_DOMAINS is really self.domains. We add is hear and leverage it in has_permission
        # so we have one way to test for portfolio and domain edit permissions
        # Do we need to check for portfolio domains specifically?
@ -83,7 +84,8 @@ class User(AbstractUser):
        VIEW_MEMBER = "view_member", "View members"
        EDIT_MEMBER = "edit_member", "Create and edit members"
-        VIEW_REQUESTS = "view_requests", "View requests"
+        VIEW_ALL_REQUESTS = "view_all_requests", "View all requests"
        VIEW_CREATED_REQUESTS = "view_created_requests", "View created requests"
        EDIT_REQUESTS = "edit_requests", "Create and edit requests"
        VIEW_PORTFOLIO = "view_portfolio", "View organization"
@ -91,18 +93,18 @@ class User(AbstractUser):
    PORTFOLIO_ROLE_PERMISSIONS = {
        UserPortfolioRoleChoices.ORGANIZATION_ADMIN: [
-            UserPortfolioPermissionChoices.VIEW_DOMAINS,
+            UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
            UserPortfolioPermissionChoices.VIEW_MEMBER,
            UserPortfolioPermissionChoices.EDIT_MEMBER,
-            UserPortfolioPermissionChoices.VIEW_REQUESTS,
+            UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
            UserPortfolioPermissionChoices.EDIT_REQUESTS,
            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
            UserPortfolioPermissionChoices.EDIT_PORTFOLIO,
        ],
        UserPortfolioRoleChoices.ORGANIZATION_ADMIN_READ_ONLY: [
-            UserPortfolioPermissionChoices.VIEW_DOMAINS,
+            UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
            UserPortfolioPermissionChoices.VIEW_MEMBER,
-            UserPortfolioPermissionChoices.VIEW_REQUESTS,
+            UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
            UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
        ],
        UserPortfolioRoleChoices.ORGANIZATION_MEMBER: [
@ -262,7 +264,7 @@ class User(AbstractUser):
        return list(portfolio_permissions)  # Convert back to list if necessary
    def _has_portfolio_permission(self, portfolio_permission):
-        """The views should only call this guy when testing for perms and not rely on roles"""
+        """The views should only call this function when testing for perms and not rely on roles."""
        # EDIT_DOMAINS === user is a manager on a domain (has UserDomainRole)
        # NOTE: Should we check whether the domain is in the portfolio?
@ -282,13 +284,13 @@ class User(AbstractUser):
        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_PORTFOLIO)
    def has_domains_portfolio_permission(self):
-        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_DOMAINS)
+        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS)
    def has_edit_domains_portfolio_permission(self):
        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.EDIT_DOMAINS)
    def has_domain_requests_portfolio_permission(self):
-        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_REQUESTS)
+        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS)
    @classmethod
    def needs_identity_verification(cls, email, uuid):
--- a/src/registrar/tests/test_models.py
+++ b/src/registrar/tests/test_models.py
@ -1227,52 +1227,52 @@ class TestUser(TestCase):
        """
        portfolio, _ = Portfolio.objects.get_or_create(creator=self.user, organization_name="Hotel California")
-        self.user.portfolio_additional_permissions = [User.UserPortfolioPermissionChoices.VIEW_DOMAINS]
+        self.user.portfolio_additional_permissions = [User.UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS]
        self.user.save()
        self.user.refresh_from_db()
-        user_can_view_domains = self.user.has_domains_portfolio_permission()
+        user_can_view_all_domains = self.user.has_domains_portfolio_permission()
-        user_can_view_requests = self.user.has_domain_requests_portfolio_permission()
+        user_can_view_all_requests = self.user.has_domain_requests_portfolio_permission()
        user_can_edit_domains = self.user.has_edit_domains_portfolio_permission()
-        self.assertFalse(user_can_view_domains)
+        self.assertFalse(user_can_view_all_domains)
-        self.assertFalse(user_can_view_requests)
+        self.assertFalse(user_can_view_all_requests)
        self.assertFalse(user_can_edit_domains)
        self.user.portfolio = portfolio
        self.user.save()
        self.user.refresh_from_db()
-        user_can_view_domains = self.user.has_domains_portfolio_permission()
+        user_can_view_all_domains = self.user.has_domains_portfolio_permission()
-        user_can_view_requests = self.user.has_domain_requests_portfolio_permission()
+        user_can_view_all_requests = self.user.has_domain_requests_portfolio_permission()
        user_can_edit_domains = self.user.has_edit_domains_portfolio_permission()
-        self.assertTrue(user_can_view_domains)
+        self.assertTrue(user_can_view_all_domains)
-        self.assertFalse(user_can_view_requests)
+        self.assertFalse(user_can_view_all_requests)
        self.assertFalse(user_can_edit_domains)
        self.user.portfolio_roles = [User.UserPortfolioRoleChoices.ORGANIZATION_ADMIN]
        self.user.save()
        self.user.refresh_from_db()
-        user_can_view_domains = self.user.has_domains_portfolio_permission()
+        user_can_view_all_domains = self.user.has_domains_portfolio_permission()
-        user_can_view_requests = self.user.has_domain_requests_portfolio_permission()
+        user_can_view_all_requests = self.user.has_domain_requests_portfolio_permission()
        user_can_edit_domains = self.user.has_edit_domains_portfolio_permission()
-        self.assertTrue(user_can_view_domains)
+        self.assertTrue(user_can_view_all_domains)
-        self.assertTrue(user_can_view_requests)
+        self.assertTrue(user_can_view_all_requests)
        self.assertFalse(user_can_edit_domains)
        UserDomainRole.objects.all().get_or_create(
            user=self.user, domain=self.domain, role=UserDomainRole.Roles.MANAGER
        )
-        user_can_view_domains = self.user.has_domains_portfolio_permission()
+        user_can_view_all_domains = self.user.has_domains_portfolio_permission()
-        user_can_view_requests = self.user.has_domain_requests_portfolio_permission()
+        user_can_view_all_requests = self.user.has_domain_requests_portfolio_permission()
        user_can_edit_domains = self.user.has_edit_domains_portfolio_permission()
-        self.assertTrue(user_can_view_domains)
+        self.assertTrue(user_can_view_all_domains)
-        self.assertTrue(user_can_view_requests)
+        self.assertTrue(user_can_view_all_requests)
        self.assertTrue(user_can_edit_domains)
        Portfolio.objects.all().delete()
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@ -77,7 +77,7 @@ class TestPortfolioViews(TestWithUser, WebTest):
        self.user.portfolio = self.portfolio
        self.user.portfolio_additional_permissions = [
            User.UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            User.UserPortfolioPermissionChoices.VIEW_DOMAINS,
+            User.UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
        ]
        self.user.save()
        self.user.refresh_from_db()
@ -148,8 +148,8 @@ class TestPortfolioViews(TestWithUser, WebTest):
        self.user.portfolio = self.portfolio
        self.user.portfolio_additional_permissions = [
            User.UserPortfolioPermissionChoices.VIEW_PORTFOLIO,
-            User.UserPortfolioPermissionChoices.VIEW_DOMAINS,
+            User.UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
-            User.UserPortfolioPermissionChoices.VIEW_REQUESTS,
+            User.UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
        ]
        self.user.save()
        self.user.refresh_from_db()