[DRAFT] #3103: Prevent errors in django admin Member Management #3111
+200
−54
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ticket
Resolves #3103
Changes
Context for reviewers
This PR adds some additional validation on PortfolioInvitation and UserPortfolioPermission records and modifies the permission structure slightly (see changes). In particular, there is a requirement to block creation of a new PortfolioInvitation or a new UserPortfolioPermission record if one already exists.
It was discovered during implementation that there are some existing circular import issues between those two models (and user). Since each of those records need to cross-reference eachother, it causes a similar issue. As a result, I've addressed some of the original import issues in this PR. Due to that, the logic for doing .clean() is in portfolio_helper.py with app imports to minimize this causing future conflicts.
Setup
All testing can be done in django admin on these three tables: PortfolioInvitation, UserPortfolioPermission, and WaffleFlags.
You will need to test these cases:
multiple_portfolios
is disabled.VIEW_MEMBERS
,EDIT_MEMBER
, orVIEW_ALL_DOMAINS
on both PortfolioInivtation and UserPortfolioPermission when the roleMEMBER
is selectedadmin
VIEW_MEMBERS
role by default, and no longer haveEDIT_REQUESTS
Code Review Verification Steps
As the original developer, I have
Satisfied acceptance criteria and met development standards
Ensured code standards are met (Original Developer)
Validated user-facing changes (if applicable)
As a code reviewer, I have
Reviewed, tested, and left feedback about the changes
Validated user-facing changes as a developer
Note: Multiple code reviewers can share the checklists above, a second reviewer should not make a duplicate checklist. All checks should be checked before approving, even those labeled N/A.
As a designer reviewer, I have
Verified that the changes match the design intention
Validated user-facing changes as a designer
References
Screenshots