portfolio invitation model

2025-07-22 02:36:02 +02:00 · 2024-07-31 20:34:34 -04:00 · 2024-07-31 20:34:34 -04:00 · 8f84f33756
commit 8f84f33756
parent 152e4c0a2c
10 changed files with 465 additions and 42 deletions
--- a/src/registrar/models/utility/portfolio_helper.py
+++ b/src/registrar/models/utility/portfolio_helper.py
@ -0,0 +1,33 @@
+from django.db import models
+
+
+class UserPortfolioRoleChoices(models.TextChoices):
+    """
+    Roles make it easier for admins to look at
+    """
+
+    ORGANIZATION_ADMIN = "organization_admin", "Admin"
+    ORGANIZATION_ADMIN_READ_ONLY = "organization_admin_read_only", "Admin read only"
+    ORGANIZATION_MEMBER = "organization_member", "Member"
+
+
+class UserPortfolioPermissionChoices(models.TextChoices):
+    """ """
+
+    VIEW_ALL_DOMAINS = "view_all_domains", "View all domains and domain reports"
+    VIEW_MANAGED_DOMAINS = "view_managed_domains", "View managed domains"
+    # EDIT_DOMAINS is really self.domains. We add is hear and leverage it in has_permission
+    # so we have one way to test for portfolio and domain edit permissions
+    # Do we need to check for portfolio domains specifically?
+    # NOTE: A user on an org can currently invite a user outside the org
+    EDIT_DOMAINS = "edit_domains", "User is a manager on a domain"
+
+    VIEW_MEMBER = "view_member", "View members"
+    EDIT_MEMBER = "edit_member", "Create and edit members"
+
+    VIEW_ALL_REQUESTS = "view_all_requests", "View all requests"
+    VIEW_CREATED_REQUESTS = "view_created_requests", "View created requests"
+    EDIT_REQUESTS = "edit_requests", "Create and edit requests"
+
+    VIEW_PORTFOLIO = "view_portfolio", "View organization"
+    EDIT_PORTFOLIO = "edit_portfolio", "Edit organization"