Separate and clarify logic for portfolio and non portfolio data in requests serialize

2025-07-25 12:08:40 +02:00 · 2025-01-06 17:11:26 -05:00 · 2025-01-06 17:11:26 -05:00 · 9fc5fff6e3
commit 9fc5fff6e3
parent 1e12459c10
2 changed files with 17 additions and 11 deletions
--- a/src/registrar/tests/test_views_requests_json.py
+++ b/src/registrar/tests/test_views_requests_json.py
@ -338,7 +338,7 @@ class GetRequestsJsonTest(TestWithUser, WebTest):
            self.assertEqual(expected_domain_request.creator.email, creator[i])
            # Check action url, action label and svg icon
            # Example domain requests will test each of below three scenarios
-            if creator[i] != self.user.email:
+            if creator[i] != self.user.email or not self.user.has_edit_request_portfolio_permission(self.portfolio):
                # Test case where action is View
                self.assertEqual("View", action_labels[i])
                self.assertEqual(
--- a/src/registrar/views/domain_requests_json.py
+++ b/src/registrar/views/domain_requests_json.py
@ -125,15 +125,6 @@ def serialize_domain_request(request, domain_request, user):
        DomainRequest.DomainRequestStatus.WITHDRAWN,
    ]

-    # Determine if the request is deletable
-    if not user.is_org_user(request):
-        is_deletable = domain_request.status in deletable_statuses
-    else:
-        portfolio = request.session.get("portfolio")
-        is_deletable = (
-            domain_request.status in deletable_statuses and user.has_edit_request_portfolio_permission(portfolio)
-        ) and domain_request.creator == user
-
    # Determine action label based on user permissions and request status
    editable_statuses = [
        DomainRequest.DomainRequestStatus.STARTED,
@ -141,11 +132,26 @@ def serialize_domain_request(request, domain_request, user):
        DomainRequest.DomainRequestStatus.WITHDRAWN,
    ]

-    if user.has_edit_request_portfolio_permission and domain_request.creator == user:
+    # No portfolio action_label
+    if domain_request.creator == user:
        action_label = "Edit" if domain_request.status in editable_statuses else "Manage"
    else:
        action_label = "View"

+    # No portfolio deletable
+    is_deletable = domain_request.status in deletable_statuses
+
+    # If we're working with a portfolio
+    if user.is_org_user(request):
+        portfolio = request.session.get("portfolio")
+        is_deletable = (
+            domain_request.status in deletable_statuses and user.has_edit_request_portfolio_permission(portfolio)
+        ) and domain_request.creator == user
+        if user.has_edit_request_portfolio_permission(portfolio) and domain_request.creator == user:
+            action_label = "Edit" if domain_request.status in editable_statuses else "Manage"
+        else:
+            action_label = "View"
+
    # Map the action label to corresponding URLs and icons
    action_url_map = {
        "Edit": reverse("edit-domain-request", kwargs={"id": domain_request.id}),