Merge pull request #845 from ministryofjustice/ag--show-all-data-sources

[MVP] Show all datasources to users (including ones they can't acces)
ministryofjustice · Oct 20, 2020 · d02bb44 · d02bb44
2 parents 3d03086 + 088f87c
commit d02bb44
Show file tree

Hide file tree

Showing 4 changed files with 101 additions and 0 deletions.
diff --git a/controlpanel/frontend/jinja2/datasource-list.html b/controlpanel/frontend/jinja2/datasource-list.html
@@ -1,5 +1,6 @@
 {% from "modal-dialog/macro.html" import modal_dialog %}
 {% from "includes/datasource-list.html" import datasource_list with context %}
+{% from "user/macro.html" import user_name %}
 
 {% extends "base.html" %}
 
@@ -29,4 +30,45 @@ <h1 class="govuk-heading-xl">{{ page_title }}</h1>
   </p>
   {% endif %}
 {% endif %}
+
+{% if other_datasources %}
+  <h3 class="govuk-heading-m">Other {{ datasource_type }} data sources</h3>
+  <p class="govuk-body">
+    You currently <span class="govuk-!-font-weight-bold">do not</span> have access to the following {{ datasource_type }} data sources.
+  </p>
+  <p class="govuk-body">
+    Please refer to the <a href="https://user-guidance.services.alpha.mojanalytics.xyz/data/amazon-s3/#request-access-to-a-bucket" class="govuk-link">user guidance</a> for information on how to get access.
+  </p>
+
+  <table class="govuk-table">
+    <thead class="govuk-table__head">
+      <tr class="govuk-table__row">
+        <th class="govuk-table__header">Name</th>
+        <th class="govuk-table__header">
+          Your access level
+          {{ modal_dialog(access_levels_html|safe) }}
+        </th>
+        <th class="govuk-table__header">Admins</th>
+      </tr>
+    </thead>
+    <tbody class="govuk-table__body">
+    {% for datasource in other_datasources %}
+      <tr class="govuk-table__row">
+        <td class="govuk-table__cell">
+          {{ datasource.name }}
+        </td>
+        <td class="govuk-table__cell">
+          No access
+        </td>
+        <td class="govuk-table__cell">
+          {% for admin in other_datasources_admins[datasource.id] %}
+            {{ user_name(admin) }}{% if not loop.last %}, {% endif %}
+          {% endfor %}
+        </td>
+      </tr>
+    {% endfor %}
+    </tbody>
+  </table>
+{% endif %}
+
 {% endblock %}
diff --git a/controlpanel/frontend/jinja2/modals/user_data_access_levels.html b/controlpanel/frontend/jinja2/modals/user_data_access_levels.html
@@ -10,4 +10,7 @@ <h3 class="govuk-heading-m" id="content-access-levels">User data access levels</
     <strong>Admin</strong> - user can read, modify and delete the data, and also
     grant/modify/revoke access rights to this data for other users
   </li>
+  <li>
+    <strong>No access</strong> - user cannot access the data
+  </li>
 </ul>
diff --git a/controlpanel/frontend/views/datasource.py b/controlpanel/frontend/views/datasource.py
@@ -77,6 +77,22 @@ def get_queryset(self):
             users3buckets__user=self.request.user,
         )
 
+    def get_context_data(self, *args, **kwargs):
+        context = super().get_context_data(*args, **kwargs)
+
+        all_datasources = S3Bucket.objects.prefetch_related("users3buckets__user").filter(
+            is_data_warehouse=self.datasource_type == "warehouse",
+        )
+        other_datasources = all_datasources.exclude(id__in=self.get_queryset())
+        other_datasources_admins = {}
+        for datasource in other_datasources:
+            admins = [ m2m.user for m2m in datasource.users3buckets.filter(is_admin=True) ]
+            other_datasources_admins[datasource.id] = admins
+
+        context["other_datasources"] = other_datasources
+        context["other_datasources_admins"] = other_datasources_admins
+        return context
+
 
 class AdminBucketList(BucketList):
     all_datasources = True

diff --git a/tests/frontend/views/test_datasource.py b/tests/frontend/views/test_datasource.py
@@ -228,6 +228,46 @@ def test_list(client, buckets, users, view, user, expected_count):
     response = view(client, buckets, users)
     assert len(response.context_data['object_list']) == expected_count
 
+@pytest.mark.parametrize(
+    "view,user,n_other_datasources",
+    [
+        (list_warehouse, "superuser", 2),
+        (list_warehouse, "normal_user", 2),
+        (list_warehouse, "bucket_viewer", 1),
+        (list_warehouse, "bucket_admin", 0),
+
+        (list_app_data, "superuser", 3),
+        (list_app_data, "normal_user", 3),
+        (list_app_data, "bucket_viewer", 2),
+        (list_app_data, "bucket_admin", 1),
+    ],
+)
+def test_list_other_datasources(client, buckets, users, view, user, n_other_datasources):
+    client.force_login(users[user])
+    response = view(client, buckets, users)
+    assert len(response.context_data["other_datasources"]) == n_other_datasources
+
+
+def test_list_other_datasources_admins(client, buckets, users):
+    bucket_admin = users["bucket_admin"]
+
+    # Listing of "warehouse datasources"
+    client.force_login(users["normal_user"])
+    response = list_warehouse(client)
+
+    other_datasources_admins = response.context_data["other_datasources_admins"]
+    assert other_datasources_admins[buckets["warehouse1"].id] == [bucket_admin]
+    assert other_datasources_admins[buckets["warehouse2"].id] == [bucket_admin]
+
+    # Listing of "app datasources"
+    client.force_login(users["normal_user"])
+    response = list_app_data(client)
+
+    other_datasources_admins = response.context_data["other_datasources_admins"]
+    assert other_datasources_admins[buckets["app_data1"].id] == [bucket_admin]
+    assert other_datasources_admins[buckets["app_data2"].id] == [bucket_admin]
+    assert other_datasources_admins[buckets["other"].id] == []
+
 
 def test_bucket_creator_has_readwrite_and_admin_access(client, users):
     user = users['normal_user']