Add VIP table access to staff

cisagov · Jan 26, 2024 · dcfe19d · dcfe19d
1 parent ece81ba
commit dcfe19d
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 0 deletions.
diff --git a/src/registrar/migrations/0065_create_groups_v06.py b/src/registrar/migrations/0065_create_groups_v06.py
@@ -0,0 +1,37 @@
+# This migration creates the create_full_access_group and create_cisa_analyst_group groups
+# It is dependent on 0035 (which populates ContentType and Permissions)
+# If permissions on the groups need changing, edit CISA_ANALYST_GROUP_PERMISSIONS
+# in the user_group model then:
+# [NOT RECOMMENDED]
+# step 1: docker-compose exec app ./manage.py migrate --fake registrar 0035_contenttypes_permissions
+# step 2: docker-compose exec app ./manage.py migrate registrar 0036_create_groups
+# step 3: fake run the latest migration in the migrations list
+# [RECOMMENDED]
+# Alternatively:
+# step 1: duplicate the migration that loads data
+# step 2: docker-compose exec app ./manage.py migrate
+
+from django.db import migrations
+from registrar.models import UserGroup
+from typing import Any
+
+
+# For linting: RunPython expects a function reference,
+# so let's give it one
+def create_groups(apps, schema_editor) -> Any:
+    UserGroup.create_cisa_analyst_group(apps, schema_editor)
+    UserGroup.create_full_access_group(apps, schema_editor)
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("registrar", "0064_alter_domainapplication_address_line1_and_more"),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            create_groups,
+            reverse_code=migrations.RunPython.noop,
+            atomic=True,
+        ),
+    ]
diff --git a/src/registrar/models/user_group.py b/src/registrar/models/user_group.py
@@ -66,6 +66,11 @@ def create_cisa_analyst_group(apps, schema_editor):
                 "model": "userdomainrole",
                 "permissions": ["view_userdomainrole", "delete_userdomainrole"],
             },
+            {
+                "app_label": "registrar",
+                "model": "veryimportantperson",
+                "permissions": ["add_veryimportantperson", "change_veryimportantperson", "delete_veryimportantperson"],
+            },
         ]
 
         # Avoid error: You can't execute queries until the end

diff --git a/src/registrar/tests/test_migrations.py b/src/registrar/tests/test_migrations.py
@@ -43,6 +43,9 @@ def test_groups_created(self):
             "change_user",
             "delete_userdomainrole",
             "view_userdomainrole",
+            "add_veryimportantperson",
+            "change_veryimportantperson",
+            "delete_veryimportantperson",
             "change_website",
         ]