From cc08b18bdd193baac1be41727febff0dbc3cdc66 Mon Sep 17 00:00:00 2001 From: zandercymatics <141044360+zandercymatics@users.noreply.github.com> Date: Fri, 7 Mar 2025 10:53:15 -0700 Subject: [PATCH] Fix remaining unit tests --- src/registrar/decorators.py | 15 +- src/registrar/tests/test_resource_access.py | 171 +++++++++----------- src/registrar/tests/test_url_auth.py | 2 +- src/registrar/tests/test_views_portfolio.py | 61 +++++-- src/registrar/tests/test_views_request.py | 35 ++-- src/registrar/views/portfolios.py | 1 - 6 files changed, 147 insertions(+), 138 deletions(-) diff --git a/src/registrar/decorators.py b/src/registrar/decorators.py index ab495f89c..93d0c0fe1 100644 --- a/src/registrar/decorators.py +++ b/src/registrar/decorators.py @@ -109,16 +109,13 @@ def _user_has_permission(user, request, rules, **kwargs): permission_checks = [ (IS_STAFF, lambda: user.is_staff), ( - IS_DOMAIN_MANAGER, - lambda: ( - not user.is_org_user(request) - and _is_domain_manager(user, **kwargs) - ) + IS_DOMAIN_MANAGER, + lambda: (not user.is_org_user(request) and _is_domain_manager(user, **kwargs)) or ( user.is_org_user(request) and _is_domain_manager(user, **kwargs) and _domain_exists_under_portfolio(portfolio, kwargs.get("domain_pk")) - ) + ), ), (IS_STAFF_MANAGING_DOMAIN, lambda: _is_staff_managing_domain(request, **kwargs)), (IS_PORTFOLIO_MEMBER, lambda: user.is_org_user(request)), @@ -130,7 +127,8 @@ def _user_has_permission(user, request, rules, **kwargs): ), ( HAS_PORTFOLIO_DOMAINS_ANY_PERM, - lambda: user.is_org_user(request) and user.has_any_domains_portfolio_permission(portfolio) + lambda: user.is_org_user(request) + and user.has_any_domains_portfolio_permission(portfolio) and _domain_exists_under_portfolio(portfolio, kwargs.get("domain_pk")), ), ( @@ -150,7 +148,8 @@ def _user_has_permission(user, request, rules, **kwargs): ), ( HAS_PORTFOLIO_DOMAIN_REQUESTS_ANY_PERM, - lambda: user.is_org_user(request) and user.has_any_requests_portfolio_permission(portfolio) + lambda: user.is_org_user(request) + and user.has_any_requests_portfolio_permission(portfolio) and _domain_request_exists_under_portfolio(portfolio, kwargs.get("domain_request_pk")), ), ( diff --git a/src/registrar/tests/test_resource_access.py b/src/registrar/tests/test_resource_access.py index cbd907863..6e8d168e2 100644 --- a/src/registrar/tests/test_resource_access.py +++ b/src/registrar/tests/test_resource_access.py @@ -33,62 +33,60 @@ class TestPortfolioResourceAccess(MockDbForIndividualTests): def setUp(self): super().setUp() - + # Create portfolios - self.portfolio = Portfolio.objects.create( - creator=self.user, organization_name="Test Portfolio" - ) + self.portfolio = Portfolio.objects.create(creator=self.user, organization_name="Test Portfolio") self.other_portfolio = Portfolio.objects.create( creator=self.custom_staffuser, organization_name="Other Portfolio" ) - + # Create domain requests self.domain_request = completed_domain_request(name="eggnog.gov", user=self.user, portfolio=self.portfolio) - + self.other_domain_request = completed_domain_request( name="christmas.gov", user=self.tired_user, portfolio=self.other_portfolio ) - # Create domains self.approved_domain_request_1 = completed_domain_request( - name="done_1.gov", user=self.tired_user, portfolio=self.portfolio, status=DomainRequest.DomainRequestStatus.IN_REVIEW + name="done_1.gov", + user=self.tired_user, + portfolio=self.portfolio, + status=DomainRequest.DomainRequestStatus.IN_REVIEW, ) self.approved_domain_request_2 = completed_domain_request( - name="done_2.gov", user=self.tired_user, portfolio=self.other_portfolio, status=DomainRequest.DomainRequestStatus.IN_REVIEW + name="done_2.gov", + user=self.tired_user, + portfolio=self.other_portfolio, + status=DomainRequest.DomainRequestStatus.IN_REVIEW, ) self.approved_domain_request_1.approve() self.approved_domain_request_2.approve() self.domain = self.approved_domain_request_1.approved_domain self.other_domain = self.approved_domain_request_2.approved_domain - # Create portfolio permissions self.user_permission = UserPortfolioPermission.objects.create( - user=self.user, - portfolio=self.portfolio, - roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] + user=self.user, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] ) - + self.other_user_permission = UserPortfolioPermission.objects.create( - user=self.tired_user, - portfolio=self.other_portfolio, - roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] + user=self.tired_user, portfolio=self.other_portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] ) - + # Create portfolio invitations self.portfolio_invitation = PortfolioInvitation.objects.create( email="invited@example.com", portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN], - status=PortfolioInvitation.PortfolioInvitationStatus.INVITED + status=PortfolioInvitation.PortfolioInvitationStatus.INVITED, ) - + self.other_portfolio_invitation = PortfolioInvitation.objects.create( email="other-invited@example.com", portfolio=self.other_portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN], - status=PortfolioInvitation.PortfolioInvitationStatus.INVITED + status=PortfolioInvitation.PortfolioInvitationStatus.INVITED, ) # Domain request tests @@ -158,43 +156,39 @@ class TestPortfolioResourceAccess(MockDbForIndividualTests): class TestPortfolioDomainRequestViewAccess(MockDbForIndividualTests): """Tests for domain request views to ensure users can only access domain requests in their portfolio.""" - + def setUp(self): super().setUp() self.client = Client() self.client.force_login(self.user) - + # Create portfolios - self.portfolio = Portfolio.objects.create( - creator=self.user, organization_name="Test Portfolio" - ) - self.other_portfolio = Portfolio.objects.create( - creator=self.tired_user, organization_name="Other Portfolio" - ) - + self.portfolio = Portfolio.objects.create(creator=self.user, organization_name="Test Portfolio") + self.other_portfolio = Portfolio.objects.create(creator=self.tired_user, organization_name="Other Portfolio") + # Create domain requests self.domain_request = completed_domain_request( name="test-domain.gov", portfolio=self.portfolio, status=DomainRequest.DomainRequestStatus.STARTED, - user=self.user + user=self.user, ) - + self.other_domain_request = completed_domain_request( name="other-domain.gov", portfolio=self.other_portfolio, status=DomainRequest.DomainRequestStatus.STARTED, - user=self.tired_user + user=self.tired_user, ) - + # Give user permission to view all requests self.user_permission = UserPortfolioPermission.objects.create( user=self.user, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER], - additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS] + additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS], ) - + # Setup session for portfolio views session = self.client.session session["portfolio"] = self.portfolio @@ -206,31 +200,29 @@ class TestPortfolioDomainRequestViewAccess(MockDbForIndividualTests): def test_domain_request_view_same_portfolio(self): """Test that user can access domain requests in their portfolio.""" # With just the view all permission, access should be denied - response = self.client.get(reverse("edit-domain-request", kwargs={ - "domain_request_pk": self.domain_request.pk - })) + response = self.client.get(reverse("edit-domain-request", kwargs={"domain_request_pk": self.domain_request.pk})) self.assertEqual(response.status_code, 403) # But with the edit permission, the user should be able to access this domain request self.user_permission.additional_permissions = [ UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS, - UserPortfolioPermissionChoices.EDIT_REQUESTS + UserPortfolioPermissionChoices.EDIT_REQUESTS, ] self.user_permission.save() self.user_permission.refresh_from_db() - response = self.client.get(reverse("edit-domain-request", kwargs={ - "domain_request_pk": self.domain_request.pk - }), follow=True) + response = self.client.get( + reverse("edit-domain-request", kwargs={"domain_request_pk": self.domain_request.pk}), follow=True + ) self.assertEqual(response.status_code, 200) - + @override_flag("organization_feature", active=True) @override_flag("organization_requests", active=True) @less_console_noise_decorator def test_domain_request_view_different_portfolio(self): """Test that user cannot access domain request not in their portfolio.""" - response = self.client.get(reverse("edit-domain-request", kwargs={ - "domain_request_pk": self.other_domain_request.pk - })) + response = self.client.get( + reverse("edit-domain-request", kwargs={"domain_request_pk": self.other_domain_request.pk}) + ) self.assertEqual(response.status_code, 403) @override_flag("organization_feature", active=True) @@ -238,65 +230,61 @@ class TestPortfolioDomainRequestViewAccess(MockDbForIndividualTests): @less_console_noise_decorator def test_domain_request_viewonly_same_portfolio(self): """Test that user can access view-only domain request in their portfolio.""" - response = self.client.get(reverse("domain-request-status-viewonly", kwargs={ - "domain_request_pk": self.domain_request.pk - })) + response = self.client.get( + reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": self.domain_request.pk}) + ) self.assertEqual(response.status_code, 200) - + @override_flag("organization_feature", active=True) @override_flag("organization_requests", active=True) @less_console_noise_decorator def test_domain_request_viewonly_different_portfolio(self): """Test that user cannot access view-only domain request not in their portfolio.""" - response = self.client.get(reverse("domain-request-status-viewonly", kwargs={ - "domain_request_pk": self.other_domain_request.pk - })) + response = self.client.get( + reverse("domain-request-status-viewonly", kwargs={"domain_request_pk": self.other_domain_request.pk}) + ) self.assertEqual(response.status_code, 403) class TestPortfolioDomainViewAccess(MockDbForIndividualTests): """Tests for domain views to ensure users can only access domains in their portfolio.""" - + def setUp(self): super().setUp() self.client = Client() self.client.force_login(self.user) - + # Create portfolios - self.portfolio = Portfolio.objects.create( - creator=self.user, organization_name="Test Portfolio" - ) - self.other_portfolio = Portfolio.objects.create( - creator=self.tired_user, organization_name="Other Portfolio" - ) - + self.portfolio = Portfolio.objects.create(creator=self.user, organization_name="Test Portfolio") + self.other_portfolio = Portfolio.objects.create(creator=self.tired_user, organization_name="Other Portfolio") + # Create domains through domain requests self.domain_request = completed_domain_request( name="test-domain.gov", portfolio=self.portfolio, status=DomainRequest.DomainRequestStatus.IN_REVIEW, - user=self.user + user=self.user, ) self.domain_request.approve() self.domain = self.domain_request.approved_domain - + self.other_domain_request = completed_domain_request( name="other-domain.gov", portfolio=self.other_portfolio, status=DomainRequest.DomainRequestStatus.IN_REVIEW, - user=self.user + user=self.user, ) self.other_domain_request.approve() self.other_domain = self.other_domain_request.approved_domain - + # Give user permission to view all domains self.user_permission = UserPortfolioPermission.objects.create( user=self.user, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER], - additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS] + additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS], ) - + # Setup session for portfolio views session = self.client.session session["portfolio"] = self.portfolio @@ -306,49 +294,38 @@ class TestPortfolioDomainViewAccess(MockDbForIndividualTests): @less_console_noise_decorator def test_domain_view_same_portfolio(self): """Test that user can access domain in their portfolio.""" - response = self.client.get(reverse("domain", kwargs={ - "domain_pk": self.domain.pk - })) + response = self.client.get(reverse("domain", kwargs={"domain_pk": self.domain.pk})) self.assertEqual(response.status_code, 200) - + @override_flag("organization_feature", active=True) @less_console_noise_decorator def test_domain_view_different_portfolio(self): """Test that user cannot access domain not in their portfolio.""" - response = self.client.get(reverse("domain", kwargs={ - "domain_pk": self.other_domain.pk - })) + response = self.client.get(reverse("domain", kwargs={"domain_pk": self.other_domain.pk})) self.assertEqual(response.status_code, 403) class TestPortfolioMemberViewAccess(MockDbForIndividualTests): """Tests for member views to ensure users can only access members in their portfolio.""" - + def setUp(self): super().setUp() self.client = Client() self.client.force_login(self.user) - - # Create portfolios - self.portfolio = Portfolio.objects.create( - creator=self.user, organization_name="Test Portfolio" - ) - self.other_portfolio = Portfolio.objects.create( - creator=self.tired_user, organization_name="Other Portfolio" - ) - + # Create portfolios + self.portfolio = Portfolio.objects.create(creator=self.user, organization_name="Test Portfolio") + self.other_portfolio = Portfolio.objects.create(creator=self.tired_user, organization_name="Other Portfolio") + # Create portfolio permissions self.member_permission = UserPortfolioPermission.objects.create( - user=self.meoward_user, - portfolio=self.portfolio, - roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER] + user=self.meoward_user, portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER] ) - + self.other_member_permission = UserPortfolioPermission.objects.create( user=self.lebowski_user, portfolio=self.other_portfolio, - roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER] + roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER], ) # Give user permission to view/edit members @@ -357,7 +334,7 @@ class TestPortfolioMemberViewAccess(MockDbForIndividualTests): portfolio=self.portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN], ) - + # Setup session for portfolio views session = self.client.session session["portfolio"] = self.portfolio @@ -368,17 +345,13 @@ class TestPortfolioMemberViewAccess(MockDbForIndividualTests): @less_console_noise_decorator def test_member_view_same_portfolio(self): """Test that user can access member in their portfolio.""" - response = self.client.get(reverse("member", kwargs={ - "member_pk": self.member_permission.pk - })) + response = self.client.get(reverse("member", kwargs={"member_pk": self.member_permission.pk})) self.assertEqual(response.status_code, 200) - + @override_flag("organization_feature", active=True) @override_flag("organization_members", active=True) @less_console_noise_decorator def test_member_view_different_portfolio(self): """Test that user cannot access member not in their portfolio.""" - response = self.client.get(reverse("member", kwargs={ - "member_pk": self.other_member_permission.pk - })) + response = self.client.get(reverse("member", kwargs={"member_pk": self.other_member_permission.pk})) self.assertEqual(response.status_code, 403) diff --git a/src/registrar/tests/test_url_auth.py b/src/registrar/tests/test_url_auth.py index 8b0cec83e..d7f84dbe0 100644 --- a/src/registrar/tests/test_url_auth.py +++ b/src/registrar/tests/test_url_auth.py @@ -30,7 +30,7 @@ SAMPLE_KWARGS = { "portfolio_id": "1", "user_id": "1", "member_pk": "1", - "invitedmember_pk": "1" + "invitedmember_pk": "1", } # Our test suite will ignore some namespaces. diff --git a/src/registrar/tests/test_views_portfolio.py b/src/registrar/tests/test_views_portfolio.py index cfd7cd206..d6e365c2d 100644 --- a/src/registrar/tests/test_views_portfolio.py +++ b/src/registrar/tests/test_views_portfolio.py @@ -1016,7 +1016,9 @@ class TestPortfolio(WebTest): # Verify the page can be accessed self.client.force_login(self.user) - response = self.client.get(reverse("invitedmember", kwargs={"invitedmember_pk": portfolio_invitation.pk}), follow=True) + response = self.client.get( + reverse("invitedmember", kwargs={"invitedmember_pk": portfolio_invitation.pk}), follow=True + ) self.assertEqual(response.status_code, 200) # Assert text within the page is correct @@ -1054,7 +1056,9 @@ class TestPortfolio(WebTest): # Verify the page can be accessed self.client.force_login(self.user) - response = self.client.get(reverse("invitedmember", kwargs={"invitedmember_pk": portfolio_invitation.pk}), follow=True) + response = self.client.get( + reverse("invitedmember", kwargs={"invitedmember_pk": portfolio_invitation.pk}), follow=True + ) self.assertEqual(response.status_code, 200) # Assert text within the page is correct @@ -1738,7 +1742,8 @@ class TestPortfolioMemberDeleteView(WebTest): self.client.force_login(self.user) # We check X_REQUESTED_WITH bc those return JSON responses response = self.client.post( - reverse("member-delete", kwargs={"member_pk": admin_perm_user.pk}), HTTP_X_REQUESTED_WITH="XMLHttpRequest" + reverse("member-delete", kwargs={"member_pk": admin_perm_user.pk}), + HTTP_X_REQUESTED_WITH="XMLHttpRequest", ) self.assertEqual(response.status_code, 400) @@ -2066,7 +2071,9 @@ class TestPortfolioMemberDeleteView(WebTest): # Location is used for a 3xx HTTP status code to indicate that the URL was redirected # and then confirm that we're still on the Manage Members page - self.assertEqual(response.headers["Location"], reverse("member", kwargs={"member_pk": admin_perm_user.pk})) + self.assertEqual( + response.headers["Location"], reverse("member", kwargs={"member_pk": admin_perm_user.pk}) + ) class TestPortfolioInvitedMemberDeleteView(WebTest): @@ -2772,7 +2779,9 @@ class TestPortfolioMemberDomainsEditView(TestWithUser, WebTest): self.assertEqual(UserDomainRole.objects.filter(user=self.user, role=UserDomainRole.Roles.MANAGER).count(), 0) # Check for an error message and a redirect to edit form - self.assertRedirects(response, reverse("member-domains-edit", kwargs={"member_pk": self.portfolio_permission.pk})) + self.assertRedirects( + response, reverse("member-domains-edit", kwargs={"member_pk": self.portfolio_permission.pk}) + ) messages = list(response.wsgi_request._messages) self.assertEqual(len(messages), 1) self.assertEqual( @@ -2849,7 +2858,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): """Tests that the portfolio invited member domains edit view is accessible.""" self.client.force_login(self.user) - response = self.client.get(reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.id})) + response = self.client.get( + reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.id}) + ) # Make sure the page loaded, and that we're on the right page self.assertEqual(response.status_code, 200) @@ -2862,7 +2873,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): """Tests that the portfolio invited member domains edit view is not accessible to user with no perms.""" self.client.force_login(self.user_no_perms) - response = self.client.get(reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.id})) + response = self.client.get( + reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.id}) + ) # Make sure the request returns forbidden self.assertEqual(response.status_code, 403) @@ -2874,7 +2887,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): """Tests that the portfolio invited member domains edit view is not accessible when no authenticated user.""" self.client.logout() - response = self.client.get(reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.id})) + response = self.client.get( + reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.id}) + ) # Make sure the request returns redirect to openid login self.assertEqual(response.status_code, 302) # Redirect to openid login @@ -2914,7 +2929,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): ) # Check for a success message and a redirect - self.assertRedirects(response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk}) + ) messages = list(response.wsgi_request._messages) self.assertEqual(len(messages), 1) self.assertEqual(str(messages[0]), "The domain assignment changes have been saved.") @@ -2971,7 +2988,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): ) # Check for a success message and a redirect - self.assertRedirects(response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk}) + ) @less_console_noise_decorator @override_flag("organization_feature", active=True) @@ -3015,7 +3034,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): ) # Check for a success message and a redirect - self.assertRedirects(response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk}) + ) # assert that send_domain_invitation_email is not called mock_send_domain_email.assert_not_called() @@ -3035,7 +3056,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): self.assertEqual(DomainInvitation.objects.count(), 0) # Check for an error message and a redirect - self.assertRedirects(response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk}) + ) messages = list(response.wsgi_request._messages) self.assertEqual(len(messages), 1) self.assertEqual( @@ -3058,7 +3081,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): self.assertEqual(DomainInvitation.objects.count(), 0) # Check for an error message and a redirect - self.assertRedirects(response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk}) + ) messages = list(response.wsgi_request._messages) self.assertEqual(len(messages), 1) self.assertEqual( @@ -3078,7 +3103,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): self.assertEqual(DomainInvitation.objects.count(), 0) # Check for an info message and a redirect - self.assertRedirects(response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains", kwargs={"invitedmember_pk": self.invitation.pk}) + ) messages = list(response.wsgi_request._messages) self.assertEqual(len(messages), 1) self.assertEqual(str(messages[0]), "The domain assignment changes have been saved.") @@ -3106,7 +3133,9 @@ class TestPortfolioInvitedMemberEditDomainsView(TestWithUser, WebTest): ) # Check for an error message and a redirect to edit form - self.assertRedirects(response, reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.pk})) + self.assertRedirects( + response, reverse("invitedmember-domains-edit", kwargs={"invitedmember_pk": self.invitation.pk}) + ) messages = list(response.wsgi_request._messages) self.assertEqual(len(messages), 1) self.assertEqual( @@ -4577,7 +4606,7 @@ class TestPortfolioInvitedMemberEditView(WebTest): # Test updating invitation permissions response = self.client.post( - reverse("invitedmember-permissions", kwargs={"member_pk": self.invitation.id}), + reverse("invitedmember-permissions", kwargs={"invitedmember_pk": self.invitation.id}), { "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN, }, diff --git a/src/registrar/tests/test_views_request.py b/src/registrar/tests/test_views_request.py index 6818759c5..87583cc96 100644 --- a/src/registrar/tests/test_views_request.py +++ b/src/registrar/tests/test_views_request.py @@ -2796,7 +2796,7 @@ class DomainRequestTests(TestWithUser, WebTest): self.assertEqual(intro_page.status_code, 200) # This user should also be allowed to edit existing ones - domain_request = completed_domain_request(user=self.user) + domain_request = completed_domain_request(user=self.user, portfolio=portfolio) edit_page = self.app.get( reverse("edit-domain-request", kwargs={"domain_request_pk": domain_request.pk}) ).follow() @@ -2904,7 +2904,9 @@ class DomainRequestTestDifferentStatuses(TestWithUser, WebTest): roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN], additional_permissions=[UserPortfolioPermissionChoices.EDIT_REQUESTS], ) - domain_request = completed_domain_request(status=DomainRequest.DomainRequestStatus.SUBMITTED, user=self.user) + domain_request = completed_domain_request( + status=DomainRequest.DomainRequestStatus.SUBMITTED, user=self.user, portfolio=portfolio + ) domain_request.save() detail_page = self.app.get(f"/domain-request/{domain_request.id}") @@ -3044,13 +3046,17 @@ class TestDomainRequestWizard(TestWithUser, WebTest): roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN], additional_permissions=[UserPortfolioPermissionChoices.EDIT_REQUESTS], ) + domain_request.portfolio = portfolio + domain_request.save() + domain_request.refresh_from_db() # Check portfolio-specific breadcrumb portfolio_page = self.app.get(f"/domain-request/{domain_request.id}/edit/").follow() self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) self.assertContains(portfolio_page, "Domain requests") - + domain_request.portfolio = None + domain_request.save() # Clean up portfolio permission.delete() portfolio.delete() @@ -3177,15 +3183,6 @@ class TestDomainRequestWizard(TestWithUser, WebTest): - The user does not see the Domain and Domain requests buttons """ - # This should unlock 4 steps by default. - # Purpose, .gov domain, current websites, and requirements for operating - domain_request = completed_domain_request( - status=DomainRequest.DomainRequestStatus.STARTED, - user=self.user, - ) - domain_request.anything_else = None - domain_request.save() - federal_agency = FederalAgency.objects.get(agency="Non-Federal Agency") # Add a portfolio portfolio = Portfolio.objects.create( @@ -3203,6 +3200,14 @@ class TestDomainRequestWizard(TestWithUser, WebTest): ], ) + # This should unlock 4 steps by default. + # Purpose, .gov domain, current websites, and requirements for operating + domain_request = completed_domain_request( + status=DomainRequest.DomainRequestStatus.STARTED, user=self.user, portfolio=portfolio + ) + domain_request.anything_else = None + domain_request.save() + response = self.app.get(f"/domain-request/{domain_request.id}/edit/") # django-webtest does not handle cookie-based sessions well because it keeps # resetting the session key on each new request, thus destroying the concept @@ -3247,6 +3252,8 @@ class TestDomainRequestWizard(TestWithUser, WebTest): self.fail(f"Expected a redirect, but got a different response: {response}") # Data cleanup + domain_request.portfolio = None + domain_request.save() user_portfolio_permission.delete() portfolio.delete() federal_agency.delete() @@ -3311,7 +3318,9 @@ class TestPortfolioDomainRequestViewonly(TestWithUser, WebTest): user=self.user, portfolio=portfolio, roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN] ) dummy_user, _ = User.objects.get_or_create(username="testusername123456") - domain_request = completed_domain_request(status=DomainRequest.DomainRequestStatus.SUBMITTED, user=dummy_user) + domain_request = completed_domain_request( + status=DomainRequest.DomainRequestStatus.SUBMITTED, user=dummy_user, portfolio=portfolio + ) domain_request.save() detail_page = self.app.get(f"/domain-request/viewonly/{domain_request.id}") diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py index 4321f4c51..c2ec44b9e 100644 --- a/src/registrar/views/portfolios.py +++ b/src/registrar/views/portfolios.py @@ -12,7 +12,6 @@ from registrar.decorators import ( HAS_PORTFOLIO_DOMAINS_ANY_PERM, HAS_PORTFOLIO_MEMBERS_ANY_PERM, HAS_PORTFOLIO_MEMBERS_EDIT, - HAS_PORTFOLIO_MEMBERS_VIEW, IS_PORTFOLIO_MEMBER, grant_access, )