Skip to content

Commit

Permalink
fix: permission check for approve Agreement page (#2846)
Browse files Browse the repository at this point in the history 
* feat: permission check

* feat: adds division_id to CAN prop

* docs: fixes openapi issues

* feat: adds feature-flag
  • Loading branch information
@fpigeonjr
fpigeonjr authored Sep 27, 2024
1 parent 9de5421 commit 20ecb16
Show file tree
Hide file tree
Showing 10 changed files with 197 additions and 124 deletions.
5 changes: 0 additions & 5 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,11 +185,6 @@ yarn-error.log*
# MacOS stuff
.DS_Store

# IDE
.vscode/*
# allow vscode launch/tasks to be shared
!.vscode/launch.json
!.vscode/tasks.json
.idea

# HTTP-Client
Expand Down
8 changes: 8 additions & 0 deletions .vscode/settings.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
{
"python.testing.pytestArgs": [
"tests"
],
"python.testing.cwd": "./backend/ops_api",
"python.testing.unittestEnabled": false,
"python.testing.pytestEnabled": true
}
91 changes: 58 additions & 33 deletions backend/openapi.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -227,11 +227,11 @@ paths:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/CreateCANRequestSchema"
examples:
"0":
$ref: "#/components/examples/CreateCANRequestSchema"
schema:
$ref: "#/components/schemas/CreateUpdateCANRequestSchema"
examples:
"0":
$ref: "#/components/examples/CreateUpdateCANRequestSchema"
responses:
"201":
description: Created
Expand Down Expand Up @@ -440,7 +440,7 @@ paths:
application/json:
schema:
type: array
properties: { }
properties: {}
items:
type: string
examples:
Expand Down Expand Up @@ -619,7 +619,7 @@ paths:
type: integer
first_name:
type: string
updated: { }
updated: {}
email:
type: string
examples:
Expand Down Expand Up @@ -2058,7 +2058,11 @@ components:
type: string
id:
type: integer
CreateCANRequestSchema:
required:
- number
- portfolio_id
- id
CreateUpdateCANRequestSchema:
description: The request object for creating a new Common Accounting Number (CAN) object.
properties:
nick_name:
Expand All @@ -2069,6 +2073,8 @@ components:
type: string
portfolio_id:
type: integer
funding_details_id:
type: integer
required:
- number
- portfolio_id
Expand Down Expand Up @@ -2097,7 +2103,7 @@ components:
funding_received:
type: array
items:
$ref: "#/components/schemas/FundingReceived"
$ref: "#/components/schemas/FundingReceived"
number:
type: string
portfolio:
Expand Down Expand Up @@ -2559,16 +2565,8 @@ components:
type: object
example:
[
{
"id": 1,
"full_name": "Chris Fortunato",
"email": "[email protected]",
},
{
"id": 2,
"full_name": "Amy Madigan",
"email": "[email protected]",
},
{ "id": 1, "full_name": "Chris Fortunato", "email": "[email protected]" },
{ "id": 2, "full_name": "Amy Madigan", "email": "[email protected]" },
{
"id": 3,
"full_name": "Ivelisse Martinez-Beck",
Expand Down Expand Up @@ -2740,6 +2738,9 @@ components:
can_id:
type: integer
example: 1
can:
type: object
$ref: "#/components/schemas/BudgetLineItemCAN"
comments:
type: string
date_needed:
Expand All @@ -2765,16 +2766,8 @@ components:
type: object
example:
[
{
"id": 1,
"full_name": "Chris Fortunato",
"email": "[email protected]",
},
{
"id": 2,
"full_name": "Amy Madigan",
"email": "[email protected]",
},
{ "id": 1, "full_name": "Chris Fortunato", "email": "[email protected]" },
{ "id": 2, "full_name": "Amy Madigan", "email": "[email protected]" },
{
"id": 3,
"full_name": "Ivelisse Martinez-Beck",
Expand Down Expand Up @@ -2805,6 +2798,37 @@ components:
description: optional notes added to a Change Request when a PATCH is made that creates a CR
type: string
writeOnly: true
BudgetLineItemCAN:
type: object
properties:
id:
type: integer
example: 1
portfolio:
type: object
$ref: "#/components/schemas/PortfolioBLISchema"
portfolio_id:
type: integer
example: 1
display_name:
type: string
nick_name:
type: string
number:
type: string
description:
type: string
active_period:
type: integer
expiration_date:
type: integer
appropriation_date:
type: integer
PortfolioBLISchema:
type: object
properties:
division_id:
type: integer
BudgetLineItemRequest:
type: object
properties:
Expand Down Expand Up @@ -2929,7 +2953,7 @@ components:
type: array
items:
type: object
example: [ { "id": 1 }, { "id": 2 }, { "id": 3 } ]
example: [{ "id": 1 }, { "id": 2 }, { "id": 3 }]

required:
- title
Expand Down Expand Up @@ -3248,7 +3272,8 @@ components:
document_name:
type: string
document_size:
type: number(10, 2)
type: number
description: precision number with 10 digits and 2 decimal places
status:
type: string
created_on:
Expand Down Expand Up @@ -3623,7 +3648,7 @@ components:
"updated_by": 1
}
]
CreateCanRequestSchema:
CreateUpdateCANRequestSchema:
value: |
{
nick_name: "Very Good CAN",
Expand All @@ -3636,4 +3661,4 @@ components:
[
]
security:
- bearerAuth: [ ]
- bearerAuth: []
5 changes: 5 additions & 0 deletions backend/ops_api/ops/schemas/budget_line_items.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -251,8 +251,13 @@ class Meta:
email = fields.Str(default=None, allow_none=True)


class PortfolioBLISchema(Schema):
division_id = fields.Int(required=True)


class BudgetLineItemCANSchema(Schema):
id = fields.Int(required=True)
portfolio = fields.Nested(PortfolioBLISchema())
display_name = fields.Str(required=True)
number = fields.Str(required=True)
description = fields.Str(required=True)
Expand Down
12 changes: 6 additions & 6 deletions frontend/cypress/e2e/approveChangeRequestsAtAgreementLevel.cy.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ const testBli = {
};

beforeEach(() => {
testLogin("admin");
testLogin("division-director");
cy.visit(`/`);
});

Expand Down Expand Up @@ -158,7 +158,7 @@ describe("Approve Change Requests at the Agreement Level", () => {
cy.get('[data-cy="agreement-history-list"] > :nth-child(1) > [data-cy="log-item-children"]')
.should(
"have.text",
`Admin Demo approved the status change on BL ${bliId} from Draft to Planned as requested by Admin Demo.`
`Dave Director approved the status change on BL ${bliId} from Draft to Planned as requested by Dave Director.`
)
// TODO: add more tests
.then(() => {
Expand Down Expand Up @@ -303,7 +303,7 @@ describe("Approve Change Requests at the Agreement Level", () => {
cy.get('[data-cy="agreement-history-list"] > :nth-child(1) > [data-cy="log-item-children"]')
.should(
"have.text",
`Admin Demo approved the status change on BL ${bliId} from Planned to Executing as requested by Admin Demo.`
`Dave Director approved the status change on BL ${bliId} from Planned to Executing as requested by Dave Director.`
)
// TODO: add more tests
.then(() => {
Expand Down Expand Up @@ -463,18 +463,18 @@ describe("Approve Change Requests at the Agreement Level", () => {

checkHistoryItem(
/Budget Change to Amount Approved/,
`Admin Demo approved the budget change on BL ${bliId} from $1,000,000.00 to $2,000,000.00 as requested by Admin Demo.`
`Dave Director approved the budget change on BL ${bliId} from $1,000,000.00 to $2,000,000.00 as requested by Dave Director.`
)
.then(() => {
return checkHistoryItem(
/Budget Change to CAN Approved/,
`Admin Demo approved the budget change on BL ${bliId} from G99IA14 to G99PHS9 as requested by Admin Demo.`
`Dave Director approved the budget change on BL ${bliId} from G99IA14 to G99PHS9 as requested by Dave Director.`
);
})
.then(() => {
return checkHistoryItem(
/Budget Change to Obligate Date/,
`Admin Demo approved the budget change on BL ${bliId} from 1/1/2025 to 9/15/2025 as requested by Admin Demo.`
`Dave Director approved the budget change on BL ${bliId} from 1/1/2025 to 9/15/2025 as requested by Dave Director.`
);
})
.then(() => {
Expand Down
2 changes: 1 addition & 1 deletion frontend/cypress/e2e/declineChangeRequestsAtAgreementLevel.cy.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ const testBli = {
};

beforeEach(() => {
testLogin("admin");
testLogin("division-director");
cy.visit(`/`);
});

Expand Down
21 changes: 17 additions & 4 deletions frontend/cypress/support/e2e.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,23 @@ Cypress.Commands.add("FakeAuth", (user) => {
cy.session([user], async () => {
cy.visit("/login");
cy.contains("Sign in with FakeAuth").click();
if (user === "admin") {
cy.contains("Admin User").click();
} else if (user === "basic") {
cy.contains("Basic User").click();

switch (user) {
case "admin":
cy.contains("Admin User").click();
break;
case "basic":
cy.contains("Basic User").click();
break;
case "division-director":
cy.contains("Division Director").click();
break;
case "budget-team":
cy.contains("Budget Team Member").click();
break;
default:
// Handle any unspecified user types if necessary
break;
}

cy.wait(100);
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/hooks/useToggle.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ import React from "react";
/**
* A hook that returns a boolean value and a function to toggle it.
*
* @param {boolean} initialValue - The initial value of the boolean state.
* @returns {[boolean, function]} - A tuple containing the boolean state and a function to toggle it.
* @param {boolean | (() => boolean)} initialValue - The initial value of the boolean state.
* @returns {[boolean, () => void]} - A tuple containing the boolean state and a function to toggle it.
*/
function useToggle(initialValue = false) {
if (typeof initialValue !== "boolean" && typeof initialValue !== "function") {
Expand Down
Loading

0 comments on commit 20ecb16

Please sign in to comment.