Skip to content

Commit

Permalink
VACMS-2210 Adjust perms for va_form content type. (#2211)
Browse files Browse the repository at this point in the history
  • Loading branch information
@swirtSJW
swirtSJW authored Jul 9, 2020
1 parent 1060f1d commit 7c46d0c
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 0 deletions.
1 change: 1 addition & 0 deletions config/sync/user.role.authenticated.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ permissions:
- 'enter publication_listing revision log entry'
- 'enter regional_health_care_service_des revision log entry'
- 'enter support_service revision log entry'
- 'enter va_form revision log entry'
- 'enter vamc_operating_status_and_alerts revision log entry'
- 'execute graphql requests'
- 'execute persisted graphql requests'
Expand Down
4 changes: 4 additions & 0 deletions config/sync/user.role.content_editor.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ permissions:
- 'create image media'
- 'create media'
- 'create promo block content'
- 'create va_form content'
- 'create video media'
- 'delete media'
- 'edit any document media'
Expand Down Expand Up @@ -58,6 +59,7 @@ permissions:
- 'edit any regional_health_care_service_des content'
- 'edit any story_listing content'
- 'edit any support_service content'
- 'edit any va_form content'
- 'edit any vamc_operating_status_and_alerts content'
- 'edit any video media'
- 'edit own documentation_page content'
Expand All @@ -82,6 +84,7 @@ permissions:
- 'edit own regional_health_care_service_des content'
- 'edit own story_listing content'
- 'edit own support_service content'
- 'edit own va_form content'
- 'edit own vamc_operating_status_and_alerts content'
- 'execute entity:break_lock node'
- 'notify of path changes'
Expand Down Expand Up @@ -124,5 +127,6 @@ permissions:
- 'view support_service revisions'
- 'view the administration theme'
- 'view unpublished paragraphs'
- 'view va_form revisions'
- 'view vamc_operating_status_and_alerts revisions'
- 'view workbench access information'
6 changes: 6 additions & 0 deletions config/sync/user.role.content_publisher.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ permissions:
- 'delete any publication_listing content'
- 'delete any regional_health_care_service_des content'
- 'delete any support_service content'
- 'delete any va_form content'
- 'delete any video media'
- 'delete media'
- 'delete own document media'
Expand All @@ -73,6 +74,7 @@ permissions:
- 'delete own publication_listing content'
- 'delete own regional_health_care_service_des content'
- 'delete own support_service content'
- 'delete own va_form content'
- 'delete own video media'
- 'delete terms in health_care_service_taxonomy'
- 'edit any document media'
Expand All @@ -99,6 +101,7 @@ permissions:
- 'edit any regional_health_care_service_des content'
- 'edit any story_listing content'
- 'edit any support_service content'
- 'edit any va_form content'
- 'edit any vamc_operating_status_and_alerts content'
- 'edit any video media'
- 'edit own document media'
Expand Down Expand Up @@ -126,6 +129,7 @@ permissions:
- 'edit own regional_health_care_service_des content'
- 'edit own story_listing content'
- 'edit own support_service content'
- 'edit own va_form content'
- 'edit own vamc_operating_status_and_alerts content'
- 'edit own video media'
- 'edit terms in health_care_service_taxonomy'
Expand All @@ -152,6 +156,7 @@ permissions:
- 'revert publication_listing revisions'
- 'revert regional_health_care_service_des revisions'
- 'revert support_service revisions'
- 'revert va_form revisions'
- 'revert vamc_operating_status_and_alerts revisions'
- 'schedule editorial transition archive'
- 'schedule editorial transition archived_published'
Expand Down Expand Up @@ -198,5 +203,6 @@ permissions:
- 'view support_service revisions'
- 'view the administration theme'
- 'view unpublished paragraphs'
- 'view va_form revisions'
- 'view vamc_operating_status_and_alerts revisions'
- 'view workbench access information'
3 changes: 3 additions & 0 deletions config/sync/user.role.content_reviewer.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ permissions:
- 'edit any publication_listing content'
- 'edit any regional_health_care_service_des content'
- 'edit any support_service content'
- 'edit any va_form content'
- 'edit any vamc_operating_status_and_alerts content'
- 'edit any video media'
- 'edit own documentation_page content'
Expand All @@ -74,6 +75,7 @@ permissions:
- 'edit own publication_listing content'
- 'edit own regional_health_care_service_des content'
- 'edit own support_service content'
- 'edit own va_form content'
- 'edit own vamc_operating_status_and_alerts content'
- 'execute entity:break_lock node'
- 'notify of path changes'
Expand Down Expand Up @@ -117,5 +119,6 @@ permissions:
- 'view support_service revisions'
- 'view the administration theme'
- 'view unpublished paragraphs'
- 'view va_form revisions'
- 'view vamc_operating_status_and_alerts revisions'
- 'view workbench access information'
14 changes: 14 additions & 0 deletions tests/phpunit/SecurityRolesPermissionsTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ public function expectedPerms() {
'enter publication_listing revision log entry',
'enter regional_health_care_service_des revision log entry',
'enter support_service revision log entry',
'enter va_form revision log entry',
'enter vamc_operating_status_and_alerts revision log entry',
'execute graphql requests',
'execute persisted graphql requests',
Expand Down Expand Up @@ -209,6 +210,7 @@ public function expectedPerms() {
'create image media',
'create media',
'create promo block content',
'create va_form content',
'create video media',
'delete media',
'edit any document media',
Expand Down Expand Up @@ -236,6 +238,7 @@ public function expectedPerms() {
'edit any regional_health_care_service_des content',
'edit any story_listing content',
'edit any support_service content',
'edit any va_form content',
'edit any vamc_operating_status_and_alerts content',
'edit any video media',
'edit own documentation_page content',
Expand All @@ -260,6 +263,7 @@ public function expectedPerms() {
'edit own regional_health_care_service_des content',
'edit own story_listing content',
'edit own support_service content',
'edit own va_form content',
'edit own vamc_operating_status_and_alerts content',
'execute entity:break_lock node',
'notify of path changes',
Expand Down Expand Up @@ -302,6 +306,7 @@ public function expectedPerms() {
'view support_service revisions',
'view the administration theme',
'view unpublished paragraphs',
'view va_form revisions',
'view vamc_operating_status_and_alerts revisions',
'view workbench access information',
],
Expand Down Expand Up @@ -351,6 +356,7 @@ public function expectedPerms() {
'edit any publication_listing content',
'edit any regional_health_care_service_des content',
'edit any support_service content',
'edit any va_form content',
'edit any vamc_operating_status_and_alerts content',
'edit any video media',
'edit own documentation_page content',
Expand All @@ -371,6 +377,7 @@ public function expectedPerms() {
'edit own publication_listing content',
'edit own regional_health_care_service_des content',
'edit own support_service content',
'edit own va_form content',
'edit own vamc_operating_status_and_alerts content',
'execute entity:break_lock node',
'notify of path changes',
Expand Down Expand Up @@ -414,6 +421,7 @@ public function expectedPerms() {
'view support_service revisions',
'view the administration theme',
'view unpublished paragraphs',
'view va_form revisions',
'view vamc_operating_status_and_alerts revisions',
'view workbench access information',
],
Expand Down Expand Up @@ -461,6 +469,7 @@ public function expectedPerms() {
'delete any publication_listing content',
'delete any regional_health_care_service_des content',
'delete any support_service content',
'delete any va_form content',
'delete any video media',
'delete media',
'delete own document media',
Expand All @@ -482,6 +491,7 @@ public function expectedPerms() {
'delete own publication_listing content',
'delete own regional_health_care_service_des content',
'delete own support_service content',
'delete own va_form content',
'delete own video media',
'delete terms in health_care_service_taxonomy',
'edit any document media',
Expand All @@ -508,6 +518,7 @@ public function expectedPerms() {
'edit any regional_health_care_service_des content',
'edit any story_listing content',
'edit any support_service content',
'edit any va_form content',
'edit any vamc_operating_status_and_alerts content',
'edit any video media',
'edit own document media',
Expand Down Expand Up @@ -535,6 +546,7 @@ public function expectedPerms() {
'edit own regional_health_care_service_des content',
'edit own story_listing content',
'edit own support_service content',
'edit own va_form content',
'edit own vamc_operating_status_and_alerts content',
'edit own video media',
'edit terms in health_care_service_taxonomy',
Expand All @@ -561,6 +573,7 @@ public function expectedPerms() {
'revert publication_listing revisions',
'revert regional_health_care_service_des revisions',
'revert support_service revisions',
'revert va_form revisions',
'revert vamc_operating_status_and_alerts revisions',
'schedule editorial transition archive',
'schedule editorial transition archived_published',
Expand Down Expand Up @@ -607,6 +620,7 @@ public function expectedPerms() {
'view support_service revisions',
'view the administration theme',
'view unpublished paragraphs',
'view va_form revisions',
'view vamc_operating_status_and_alerts revisions',
'view workbench access information',
],
Expand Down

1 comment on commit 7c46d0c

@va-cms-bot
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❌ Test Failed: va/tests/accessibility 
composer va:test:accessibility
> [email protected] install /var/www/cms/node_modules/phantomjs-prebuilt
> node install.js

PhantomJS not found on PATH
Downloading https://github.com/Medium/phantomjs/releases/download/v2.1.1/phantomjs-2.1.1-linux-x86_64.tar.bz2
Saving to /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
Receiving...

Received 22866K total.
Extracting tar contents (via spawned process)
Removing /var/www/cms/node_modules/phantomjs-prebuilt/lib/phantom
Copying extracted folder /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2-extract-1594310637267/phantomjs-2.1.1-linux-x86_64 -> /var/www/cms/node_modules/phantomjs-prebuilt/lib/phantom
Writing location.js file
Done. Phantomjs binary available at /var/www/cms/node_modules/phantomjs-prebuilt/lib/phantom/bin/phantomjs

> [email protected] postinstall /var/www/cms/node_modules/core-js
> node scripts/postinstall || echo "ignore"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

added 134 packages from 190 contributors and audited 134 packages in 16.154s
found 3 low severity vulnerabilities
  run `npm audit fix` to fix them, or `npm audit` for details

> [email protected] test /var/www/cms
> node ./tests/accessibility/aXeAccessibilityCheck.js

!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com 1
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/sections  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/page  = 2
[ { id: 'duplicate-id',
    impact: 'minor',
    tags: [ 'cat.parsing', 'wcag2a', 'wcag411' ],
    description: 'Ensures every id attribute value is unique',
    help: 'id attribute value must be unique',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/duplicate-id?application=webdriverjs',
    nodes: [ [Object], [Object] ] },
  { id: 'label',
    impact: 'critical',
    tags:
     [ 'cat.forms',
       'wcag2a',
       'wcag332',
       'wcag131',
       'section508',
       'section508.22.n' ],
    description: 'Ensures every form element has a label',
    help: 'Form elements must have labels',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/label?application=webdriverjs',
    nodes: [ [Object] ] } ]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/landing_page  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/documentation_page  = 1
[ { id: 'label',
    impact: 'critical',
    tags:
     [ 'cat.forms',
       'wcag2a',
       'wcag332',
       'wcag131',
       'section508',
       'section508.22.n' ],
    description: 'Ensures every form element has a label',
    help: 'Form elements must have labels',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/label?application=webdriverjs',
    nodes: [ [Object] ] } ]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/event  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/health_care_local_facility  = 1
[ { id: 'label',
    impact: 'critical',
    tags:
     [ 'cat.forms',
       'wcag2a',
       'wcag332',
       'wcag131',
       'section508',
       'section508.22.n' ],
    description: 'Ensures every form element has a label',
    help: 'Form elements must have labels',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/label?application=webdriverjs',
    nodes:
     [ [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object],
       [Object] ] } ]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/health_care_region_detail_page  = 2
[ { id: 'duplicate-id',
    impact: 'minor',
    tags: [ 'cat.parsing', 'wcag2a', 'wcag411' ],
    description: 'Ensures every id attribute value is unique',
    help: 'id attribute value must be unique',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/duplicate-id?application=webdriverjs',
    nodes: [ [Object], [Object] ] },
  { id: 'label',
    impact: 'critical',
    tags:
     [ 'cat.forms',
       'wcag2a',
       'wcag332',
       'wcag131',
       'section508',
       'section508.22.n' ],
    description: 'Ensures every form element has a label',
    help: 'Form elements must have labels',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/label?application=webdriverjs',
    nodes: [ [Object] ] } ]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/health_care_region_page  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/office  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/outreach_asset  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/person_profile  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/press_release  = 1
[ { id: 'aria-allowed-attr',
    impact: 'critical',
    tags: [ 'cat.aria', 'wcag2a', 'wcag412' ],
    description: 'Ensures ARIA attributes are allowed for an element\'s role',
    help: 'Elements must only use allowed ARIA attributes',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/aria-allowed-attr?application=webdriverjs',
    nodes: [ [Object] ] } ]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/regional_health_care_service_des  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/news_story  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/node/add/support_service  = 0
[]
!!!  NUMBER OF NEW VIOLATIONS on http://internal-dsva-vagov-staging-cms-1188006.us-gov-west-1.elb.amazonaws.com/user  = 1
[ { id: 'color-contrast',
    impact: 'serious',
    tags: [ 'cat.color', 'wcag2aa', 'wcag143' ],
    description:
     'Ensures the contrast between foreground and background colors meets WCAG 2 AA contrast ratio thresholds',
    help: 'Elements must have sufficient color contrast',
    helpUrl:
     'https://dequeuniversity.com/rules/axe/3.3/color-contrast?application=webdriverjs',
    nodes:
     [ [Object], [Object], [Object], [Object], [Object], [Object] ] } ]
!!!  VIOLATION TYPES FOUND: 9 PROCESS EXITED WITH CODE 1  !!!
> npm install --only=production
> npm test
Thu, 09 Jul 2020 16:04:01 GMT axe-webdriverjs deprecated Error must be handled as the first argument of axe.analyze. See: #83 at tests/accessibility/aXeAccessibilityCheck.js:45:14
Thu, 09 Jul 2020 16:04:09 GMT axe-webdriverjs deprecated Error must be handled as the first argument of axe.analyze. See: #83 at tests/accessibility/aXeAccessibilityCheck.js:57:42
npm ERR! Test failed.  See above for more details.
Script npm test handling the va:test:accessibility event returned with error code 1
  • On: ip-10-247-34-65
  • In: 02:31

Please sign in to comment.