zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-25 03:58:39 +02:00
Code Issues Projects Releases Packages Wiki Activity

lintomatic

Browse source
This commit is contained in:
zandercymatics 2024-12-13 14:12:00 -07:00
parent c551a60e3a
commit b5464a9da8
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
2 changed files with 20 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/registrar/forms/portfolio.py
View file

@ -150,7 +150,6 @@ class BasePortfolioMemberForm(forms.Form):
) )
domain_request_permission_member = forms.ChoiceField( domain_request_permission_member = forms.ChoiceField(
# nosec B308 - required_star is a hardcoded HTML string
label=mark_safe(f"Select permission {required_star}"), # nosec label=mark_safe(f"Select permission {required_star}"), # nosec
choices=[ choices=[
(UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS.value, "View all requests"), (UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS.value, "View all requests"),
@ -276,7 +275,9 @@ class BasePortfolioMemberForm(forms.Form):
"role": role, "role": role,
"member_permission_admin": getattr(member_permission, "value", None) if is_admin else None, "member_permission_admin": getattr(member_permission, "value", None) if is_admin else None,
"domain_request_permission_admin": getattr(domain_request_permission, "value", None) if is_admin else None, "domain_request_permission_admin": getattr(domain_request_permission, "value", None) if is_admin else None,
"domain_request_permission_member": getattr(domain_request_permission, "value", None) if not is_admin else None, "domain_request_permission_member": (
getattr(domain_request_permission, "value", None) if not is_admin else None
),
} }
# Edgecase: Member uses a special form value for None called "no_access". This ensures a form selection. # Edgecase: Member uses a special form value for None called "no_access". This ensures a form selection.

40
src/registrar/tests/test_views_portfolio.py
View file

@ -2685,14 +2685,14 @@ class TestEditPortfolioMemberView(WebTest):
def test_edit_member_permissions_basic_to_admin(self): def test_edit_member_permissions_basic_to_admin(self):
"""Tests converting a basic member to admin with full permissions.""" """Tests converting a basic member to admin with full permissions."""
self.client.force_login(self.user) self.client.force_login(self.user)
# Create a basic member to edit # Create a basic member to edit
basic_member = create_test_user() basic_member = create_test_user()
basic_permission = UserPortfolioPermission.objects.create( basic_permission = UserPortfolioPermission.objects.create(
user=basic_member, user=basic_member,
portfolio=self.portfolio, portfolio=self.portfolio,
roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER], roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER],
additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS] additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS],
) )
response = self.client.post( response = self.client.post(
@ -2701,12 +2701,12 @@ class TestEditPortfolioMemberView(WebTest):
"role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN, "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
"domain_request_permission_admin": UserPortfolioPermissionChoices.EDIT_REQUESTS, "domain_request_permission_admin": UserPortfolioPermissionChoices.EDIT_REQUESTS,
"member_permission_admin": UserPortfolioPermissionChoices.EDIT_MEMBERS, "member_permission_admin": UserPortfolioPermissionChoices.EDIT_MEMBERS,
} },
) )
# Verify redirect and success message # Verify redirect and success message
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
# Verify database changes # Verify database changes
basic_permission.refresh_from_db() basic_permission.refresh_from_db()
self.assertEqual(basic_permission.roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN]) self.assertEqual(basic_permission.roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN])
@ -2718,7 +2718,7 @@ class TestEditPortfolioMemberView(WebTest):
UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS, UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
UserPortfolioPermissionChoices.EDIT_MEMBERS, UserPortfolioPermissionChoices.EDIT_MEMBERS,
UserPortfolioPermissionChoices.VIEW_MEMBERS, UserPortfolioPermissionChoices.VIEW_MEMBERS,
} },
) )
@less_console_noise_decorator @less_console_noise_decorator
@ -2727,12 +2727,10 @@ class TestEditPortfolioMemberView(WebTest):
def test_edit_member_permissions_validation(self): def test_edit_member_permissions_validation(self):
"""Tests form validation for required fields based on role.""" """Tests form validation for required fields based on role."""
self.client.force_login(self.user) self.client.force_login(self.user)
member = create_test_user() member = create_test_user()
permission = UserPortfolioPermission.objects.create( permission = UserPortfolioPermission.objects.create(
user=member, user=member, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
portfolio=self.portfolio,
roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
) )
# Test missing required admin permissions # Test missing required admin permissions
@ -2741,17 +2739,16 @@ class TestEditPortfolioMemberView(WebTest):
{ {
"role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN, "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
# Missing required admin fields # Missing required admin fields
} },
) )
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
self.assertEqual( self.assertEqual(
response.context["form"].errors["domain_request_permission_admin"][0], response.context["form"].errors["domain_request_permission_admin"][0],
"Admin domain request permission is required" "Admin domain request permission is required",
) )
self.assertEqual( self.assertEqual(
response.context["form"].errors["member_permission_admin"][0], response.context["form"].errors["member_permission_admin"][0], "Admin member permission is required"
"Admin member permission is required"
) )
@less_console_noise_decorator @less_console_noise_decorator
@ -2760,7 +2757,7 @@ class TestEditPortfolioMemberView(WebTest):
def test_edit_invited_member_permissions(self): def test_edit_invited_member_permissions(self):
"""Tests editing permissions for an invited (but not yet joined) member.""" """Tests editing permissions for an invited (but not yet joined) member."""
self.client.force_login(self.user) self.client.force_login(self.user)
# Test updating invitation permissions # Test updating invitation permissions
response = self.client.post( response = self.client.post(
reverse("invitedmember-permissions", kwargs={"pk": self.invitation.id}), reverse("invitedmember-permissions", kwargs={"pk": self.invitation.id}),
@ -2768,11 +2765,11 @@ class TestEditPortfolioMemberView(WebTest):
"role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN, "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
"domain_request_permission_admin": UserPortfolioPermissionChoices.EDIT_REQUESTS, "domain_request_permission_admin": UserPortfolioPermissionChoices.EDIT_REQUESTS,
"member_permission_admin": UserPortfolioPermissionChoices.EDIT_MEMBERS, "member_permission_admin": UserPortfolioPermissionChoices.EDIT_MEMBERS,
} },
) )
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
# Verify invitation was updated # Verify invitation was updated
self.invitation.refresh_from_db() self.invitation.refresh_from_db()
self.assertEqual(self.invitation.roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN]) self.assertEqual(self.invitation.roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN])
@ -2783,7 +2780,7 @@ class TestEditPortfolioMemberView(WebTest):
UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS, UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
UserPortfolioPermissionChoices.EDIT_MEMBERS, UserPortfolioPermissionChoices.EDIT_MEMBERS,
UserPortfolioPermissionChoices.VIEW_MEMBERS, UserPortfolioPermissionChoices.VIEW_MEMBERS,
} },
) )
@less_console_noise_decorator @less_console_noise_decorator
@ -2792,19 +2789,16 @@ class TestEditPortfolioMemberView(WebTest):
def test_admin_removing_own_admin_role(self): def test_admin_removing_own_admin_role(self):
"""Tests an admin removing their own admin role redirects to home.""" """Tests an admin removing their own admin role redirects to home."""
self.client.force_login(self.user) self.client.force_login(self.user)
# Get the user's admin permission # Get the user's admin permission
admin_permission = UserPortfolioPermission.objects.get( admin_permission = UserPortfolioPermission.objects.get(user=self.user, portfolio=self.portfolio)
user=self.user,
portfolio=self.portfolio
)
response = self.client.post( response = self.client.post(
reverse("member-permissions", kwargs={"pk": admin_permission.id}), reverse("member-permissions", kwargs={"pk": admin_permission.id}),
{ {
"role": UserPortfolioRoleChoices.ORGANIZATION_MEMBER, "role": UserPortfolioRoleChoices.ORGANIZATION_MEMBER,
"domain_request_permission_member": UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS, "domain_request_permission_member": UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
} },
) )
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)