diff --git a/.ds.baseline b/.ds.baseline index 99ca2e7c5..6710164d3 100644 --- a/.ds.baseline +++ b/.ds.baseline @@ -507,7 +507,7 @@ "filename": "tests/app/main/views/test_accept_invite.py", "hashed_secret": "07f0a6c13923fc3b5f0c57ffa2d29b715eb80d71", "is_verified": false, - "line_number": 631, + "line_number": 632, "is_secret": false } ], @@ -634,5 +634,5 @@ } ] }, - "generated_at": "2025-07-17T07:59:56Z" + "generated_at": "2025-07-21T21:23:30Z" } diff --git a/app/enums.py b/app/enums.py index 3c83fccda..0fe52a6df 100644 --- a/app/enums.py +++ b/app/enums.py @@ -73,6 +73,9 @@ class ServicePermission(StrEnum): SEND_MESSAGES = "send_messages" MANAGE_SERVICE = "manage_service" MANAGE_TEMPLATES = "manage_templates" + VIEW_ACTIVITY = "view_activity" + MANAGE_USERS = "manage_users" + SEND_EMAILS = "send_emails" class InvitedUserStatus(StrEnum): diff --git a/app/main/views/activity.py b/app/main/views/activity.py index 661d55afb..c4cd2d583 100644 --- a/app/main/views/activity.py +++ b/app/main/views/activity.py @@ -1,7 +1,7 @@ from flask import abort, render_template, request, url_for from app import current_service, job_api_client -from app.enums import NotificationStatus +from app.enums import NotificationStatus, ServicePermission from app.formatters import get_time_left from app.main import main from app.utils.pagination import ( @@ -14,7 +14,7 @@ from app.utils.user import user_has_permissions @main.route("/activity/services/") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def all_jobs_activity(service_id): service_data_retention_days = 7 page = get_page_from_request() diff --git a/app/main/views/conversation.py b/app/main/views/conversation.py index 9df6bf5c9..5dd6f317c 100644 --- a/app/main/views/conversation.py +++ b/app/main/views/conversation.py @@ -13,7 +13,7 @@ from notifications_utils.template import SMSPreviewTemplate @main.route("/services//conversation/") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def conversation(service_id, notification_id): user_number = get_user_number(service_id, notification_id) @@ -31,7 +31,7 @@ def conversation(service_id, notification_id): @main.route("/services//conversation/.json") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def conversation_updates(service_id, notification_id): return jsonify( get_conversation_partials( diff --git a/app/main/views/dashboard.py b/app/main/views/dashboard.py index c433dd78e..be958fa7c 100644 --- a/app/main/views/dashboard.py +++ b/app/main/views/dashboard.py @@ -24,7 +24,7 @@ from app.utils.user import user_has_permissions @main.route("/services//dashboard") -@user_has_permissions("view_activity", ServicePermission.SEND_MESSAGES) +@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES) def old_service_dashboard(service_id): return redirect(url_for(".service_dashboard", service_id=service_id)) @@ -37,7 +37,7 @@ def service_dashboard(service_id): session.pop("invited_user_id", None) session["service_id"] = service_id - if not current_user.has_permissions("view_activity"): + if not current_user.has_permissions(ServicePermission.VIEW_ACTIVITY): return redirect(url_for("main.choose_template", service_id=service_id)) job_response = job_api_client.get_jobs(service_id)["data"] @@ -166,7 +166,7 @@ def get_daily_stats_by_user(service_id): @main.route("/services//template-usage") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def template_usage(service_id): year, current_financial_year = requested_and_current_financial_year(request) stats = template_statistics_client.get_monthly_template_usage_for_service( diff --git a/app/main/views/jobs.py b/app/main/views/jobs.py index 1a031e672..7b74324a3 100644 --- a/app/main/views/jobs.py +++ b/app/main/views/jobs.py @@ -78,7 +78,7 @@ def view_job(service_id, job_id): @main.route("/services//jobs/.csv") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def view_job_csv(service_id, job_id): job = Job.from_id(job_id, service_id=service_id) filter_args = parse_filter_args(request.args) @@ -222,7 +222,7 @@ def get_notifications(service_id, message_type, status_override=None): # noqa message_type, number_of_days="seven_day" ) - if request.path.endswith("csv") and current_user.has_permissions("view_activity"): + if request.path.endswith("csv") and current_user.has_permissions(ServicePermission.VIEW_ACTIVITY): return Response( generate_notifications_csv( service_id=service_id, diff --git a/app/main/views/notifications.py b/app/main/views/notifications.py index bd02a81a2..a2cf1b967 100644 --- a/app/main/views/notifications.py +++ b/app/main/views/notifications.py @@ -28,7 +28,7 @@ from app.utils.user import user_has_permissions @main.route("/services//notification/") -@user_has_permissions("view_activity", ServicePermission.SEND_MESSAGES) +@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES) def view_notification(service_id, notification_id, error_message=None): if error_message: flash(error_message) @@ -101,7 +101,7 @@ def view_notification(service_id, notification_id, error_message=None): @main.route("/services//notification/.json") -@user_has_permissions("view_activity", ServicePermission.SEND_MESSAGES) +@user_has_permissions(ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES) def view_notification_updates(service_id, notification_id): return jsonify( **get_single_notification_partials( @@ -134,7 +134,7 @@ def get_all_personalisation_from_notification(notification): @main.route("/services//download-notifications.csv") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def download_notifications_csv(service_id): filter_args = parse_filter_args(request.args) filter_args["status"] = set_status_filters(filter_args) diff --git a/app/main/views/templates.py b/app/main/views/templates.py index 03daa4ebc..6c48f8520 100644 --- a/app/main/views/templates.py +++ b/app/main/views/templates.py @@ -823,7 +823,7 @@ def redact_template(service_id, template_id): @main.route("/services//templates//versions") -@user_has_permissions("view_activity") +@user_has_permissions(ServicePermission.VIEW_ACTIVITY) def view_template_versions(service_id, template_id): return render_template( "views/templates/choose_history.html", diff --git a/app/templates/components/main_nav.html b/app/templates/components/main_nav.html index 118442095..f110a9455 100644 --- a/app/templates/components/main_nav.html +++ b/app/templates/components/main_nav.html @@ -6,11 +6,11 @@ href="{{ url_for('.choose_template', service_id=current_service.id) }}">Send messages
    {% if current_user.has_permissions() %} - {% if current_user.has_permissions('view_activity') %} + {% if current_user.has_permissions(ServicePermission.VIEW_ACTIVITY) %}
  • Dashboard
  • Activity
    • {% endif %} - {% if not current_user.has_permissions('view_activity') %} + {% if not current_user.has_permissions(ServicePermission.VIEW_ACTIVITY) %}
  • Sent messages
    • {% endif %} {% elif current_user.has_permissions(allow_org_user=True) %} diff --git a/app/templates/views/activity/all-activity.html b/app/templates/views/activity/all-activity.html index 25239263f..d722414b3 100644 --- a/app/templates/views/activity/all-activity.html +++ b/app/templates/views/activity/all-activity.html @@ -125,7 +125,7 @@

    Note: Report data is only available for 7 days after your message has been sent

    {{show_pagination}} - {% if current_user.has_permissions('view_activity') %} + {% if current_user.has_permissions(ServicePermission.VIEW_ACTIVITY) %}

    Download recent reports

    Download all data last 24 hours (CSV) diff --git a/app/templates/views/notifications.html b/app/templates/views/notifications.html index cac2b9811..eb71bc924 100644 --- a/app/templates/views/notifications.html +++ b/app/templates/views/notifications.html @@ -7,7 +7,7 @@ {% set page_title = ( (99|message_count_label(message_type, suffix='')) | capitalize - if current_user.has_permissions('view_activity') + if current_user.has_permissions(ServicePermission.VIEW_ACTIVITY) else 'Sent messages' ) %} @@ -62,7 +62,7 @@ {% endcall %} - {% if current_user.has_permissions('view_activity') %} + {% if current_user.has_permissions(ServicePermission.VIEW_ACTIVITY) %}

    Download all data last 7 days (CSV)   diff --git a/app/templates/views/notifications/notification.html b/app/templates/views/notifications/notification.html index b5e9fc944..023441838 100644 --- a/app/templates/views/notifications/notification.html +++ b/app/templates/views/notifications/notification.html @@ -50,7 +50,7 @@ {{ ajax_block(partials, updates_url, 'status', finished=finished) }} {% endif %} - {% if current_user.has_permissions(ServicePermission.SEND_MESSAGES) and current_user.has_permissions('view_activity') and template.template_type == 'sms' and can_receive_inbound %} + {% if current_user.has_permissions(ServicePermission.SEND_MESSAGES) and current_user.has_permissions(ServicePermission.VIEW_ACTIVITY) and template.template_type == 'sms' and can_receive_inbound %}

    See all text messages sent to this phone number

    diff --git a/app/utils/user_permissions.py b/app/utils/user_permissions.py index ff7c40dad..b6f91c45b 100644 --- a/app/utils/user_permissions.py +++ b/app/utils/user_permissions.py @@ -4,18 +4,18 @@ from app.enums import ServicePermission permission_mappings = { # TODO: consider turning off email-sending permissions during SMS pilot - ServicePermission.SEND_MESSAGES: ["send_texts", "send_emails"], + ServicePermission.SEND_MESSAGES: ["send_texts", ServicePermission.SEND_EMAILS], ServicePermission.MANAGE_TEMPLATES: [ServicePermission.MANAGE_TEMPLATES], - ServicePermission.MANAGE_SERVICE: ["manage_users", "manage_settings"], + ServicePermission.MANAGE_SERVICE: [ServicePermission.MANAGE_USERS, "manage_settings"], "manage_api_keys": ["manage_api_keys"], - "view_activity": ["view_activity"], + ServicePermission.VIEW_ACTIVITY: [ServicePermission.VIEW_ACTIVITY], } all_ui_permissions = set(permission_mappings.keys()) all_db_permissions = set(chain(*permission_mappings.values())) permission_options = ( - ("view_activity", "See dashboard"), + (ServicePermission.VIEW_ACTIVITY, "See dashboard"), (ServicePermission.SEND_MESSAGES, "Send messages"), (ServicePermission.MANAGE_TEMPLATES, "Add and edit templates"), (ServicePermission.MANAGE_SERVICE, "Manage settings, team and usage"), diff --git a/tests/app/main/test_permissions.py b/tests/app/main/test_permissions.py index 158fffe06..18fc93281 100644 --- a/tests/app/main/test_permissions.py +++ b/tests/app/main/test_permissions.py @@ -5,6 +5,8 @@ import re import pytest from flask import current_app +from app.enums import ServicePermission + from tests import service_json from tests.conftest import ( ORGANISATION_ID, @@ -51,7 +53,7 @@ def test_services_pages_that_org_users_are_allowed_to_see( api_user_active["services"] = user_services api_user_active["organizations"] = user_organizations api_user_active["permissions"] = { - service_id: ["manage_users", "manage_settings"] for service_id in user_services + service_id: [ServicePermission.MANAGE_USERS, "manage_settings"] for service_id in user_services } service = service_json( name="SERVICE WITH ORG", diff --git a/tests/app/main/views/test_accept_invite.py b/tests/app/main/views/test_accept_invite.py index 77df3a832..d389569d9 100644 --- a/tests/app/main/views/test_accept_invite.py +++ b/tests/app/main/views/test_accept_invite.py @@ -5,6 +5,7 @@ from flask import url_for from freezegun import freeze_time import app +from app.enums import ServicePermission from notifications_python_client.errors import HTTPError from tests import service_json from tests.conftest import ( @@ -138,7 +139,7 @@ def test_existing_user_accept_invite_calls_api_and_redirects_to_dashboard( client_request.logout() expected_service = service_one["id"] expected_permissions = { - "view_activity", + ServicePermission.VIEW_ACTIVITY, "send_messages", "manage_service", "manage_api_keys", @@ -417,7 +418,7 @@ def test_existing_signed_out_user_accept_invite_redirects_to_sign_in( client_request.logout() expected_service = service_one["id"] expected_permissions = { - "view_activity", + ServicePermission.VIEW_ACTIVITY, "send_messages", "manage_service", "manage_api_keys", @@ -649,7 +650,7 @@ def test_new_invited_user_verifies_and_added_to_service( # when they post codes back to admin user should be added to # service and sent on to dash board expected_permissions = { - "view_activity", + ServicePermission.VIEW_ACTIVITY, "send_messages", "manage_service", "manage_api_keys", diff --git a/tests/app/main/views/test_api_integration.py b/tests/app/main/views/test_api_integration.py index 51592b99e..daae74b61 100644 --- a/tests/app/main/views/test_api_integration.py +++ b/tests/app/main/views/test_api_integration.py @@ -6,6 +6,7 @@ from unittest.mock import call import pytest from flask import url_for +from app.enums import ServicePermission from app.formatters import format_datetime_table from tests import sample_uuid, validate_route_permission from tests.conftest import SERVICE_ONE_ID, normalize_spaces @@ -371,7 +372,7 @@ def test_route_invalid_permissions( "GET", 403, url_for(route, service_id=service_one["id"], key_id=fake_uuid), - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], api_user_active, service_one, ) diff --git a/tests/app/main/views/test_dashboard.py b/tests/app/main/views/test_dashboard.py index c6a1eda08..540989088 100644 --- a/tests/app/main/views/test_dashboard.py +++ b/tests/app/main/views/test_dashboard.py @@ -920,7 +920,7 @@ def test_menu_send_messages( mocker, api_user_active, service_one, - ["view_activity", "send_texts", "send_emails", "manage_service"], + [ServicePermission.VIEW_ACTIVITY, "send_texts", ServicePermission.SEND_EMAILS, ServicePermission.MANAGE_SERVICE], ) page = str(page) assert ( @@ -957,7 +957,7 @@ def test_menu_manage_service( mocker, api_user_active, service_one, - ["view_activity", ServicePermission.MANAGE_TEMPLATES, "manage_users", "manage_settings"], + [ServicePermission.VIEW_ACTIVITY, ServicePermission.MANAGE_TEMPLATES, ServicePermission.MANAGE_USERS, "manage_settings"], ) page = str(page) assert ( @@ -994,7 +994,7 @@ def test_menu_main_settings( mocker, api_user_active, service_one, - ["view_activity", "user_profile", "manage_users", "manage_settings"], + [ServicePermission.VIEW_ACTIVITY, "user_profile", ServicePermission.MANAGE_USERS, "manage_settings"], ) page = str(page) assert ( @@ -1030,7 +1030,7 @@ def test_menu_manage_api_keys( mocker, api_user_active, service_one, - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], ) page = str(page) @@ -1107,7 +1107,7 @@ def test_route_for_service_permissions( "GET", 200, url_for("main.service_dashboard", service_id=service_one["id"]), - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], api_user_active, service_one, ) diff --git a/tests/app/main/views/test_manage_users.py b/tests/app/main/views/test_manage_users.py index b82fc1279..36ca823c6 100644 --- a/tests/app/main/views/test_manage_users.py +++ b/tests/app/main/views/test_manage_users.py @@ -304,7 +304,7 @@ def test_service_without_caseworking_doesnt_show_admin_vs_caseworker( for idx in range(len(permission_checkboxes)): assert permission_checkboxes[idx]["name"] == "permissions_field" - assert permission_checkboxes[0]["value"] == "view_activity" + assert permission_checkboxes[0]["value"] == ServicePermission.VIEW_ACTIVITY assert permission_checkboxes[1]["value"] == ServicePermission.SEND_MESSAGES assert permission_checkboxes[2]["value"] == ServicePermission.MANAGE_TEMPLATES assert permission_checkboxes[3]["value"] == ServicePermission.MANAGE_SERVICE @@ -387,7 +387,7 @@ def test_user_with_no_mobile_number_cant_be_set_to_sms_auth( "main.edit_user_permissions", {"user_id": sample_uuid()}, [ - ("view_activity", True), + (ServicePermission.VIEW_ACTIVITY, True), (ServicePermission.SEND_MESSAGES, True), (ServicePermission.MANAGE_TEMPLATES, True), (ServicePermission.MANAGE_SERVICE, True), @@ -397,7 +397,7 @@ def test_user_with_no_mobile_number_cant_be_set_to_sms_auth( "main.invite_user", {}, [ - ("view_activity", False), + (ServicePermission.VIEW_ACTIVITY, False), (ServicePermission.SEND_MESSAGES, False), (ServicePermission.MANAGE_TEMPLATES, False), (ServicePermission.MANAGE_SERVICE, False), @@ -483,14 +483,14 @@ def test_should_not_show_page_for_non_team_member( ( { "permissions_field": [ - "view_activity", + ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, ServicePermission.MANAGE_TEMPLATES, ServicePermission.MANAGE_SERVICE, ] }, { - "view_activity", + ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, ServicePermission.MANAGE_SERVICE, ServicePermission.MANAGE_TEMPLATES, @@ -499,13 +499,13 @@ def test_should_not_show_page_for_non_team_member( ( { "permissions_field": [ - "view_activity", + ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, ServicePermission.MANAGE_TEMPLATES, ] }, { - "view_activity", + ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, ServicePermission.MANAGE_TEMPLATES, }, @@ -668,7 +668,7 @@ def test_cant_edit_user_folder_permissions_for_platform_admin_users( ServicePermission.MANAGE_SERVICE, ServicePermission.MANAGE_TEMPLATES, ServicePermission.SEND_MESSAGES, - "view_activity", + ServicePermission.VIEW_ACTIVITY, }, folder_permissions=None, ) @@ -1016,7 +1016,7 @@ def test_invite_user( _data={ "email_address": email_address, "permissions_field": [ - "view_activity", + ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, ServicePermission.MANAGE_TEMPLATES, ServicePermission.MANAGE_SERVICE, @@ -1032,7 +1032,7 @@ def test_invite_user( ServicePermission.MANAGE_SERVICE, ServicePermission.MANAGE_TEMPLATES, ServicePermission.SEND_MESSAGES, - "view_activity", + ServicePermission.VIEW_ACTIVITY, } app.invite_api_client.create_invite.assert_called_once_with( @@ -1125,7 +1125,7 @@ def test_invite_user_with_email_auth_service( _data={ "email_address": email_address, "permissions_field": [ - "view_activity", + ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES, ServicePermission.MANAGE_TEMPLATES, ServicePermission.MANAGE_SERVICE, @@ -1144,7 +1144,7 @@ def test_invite_user_with_email_auth_service( ServicePermission.MANAGE_SERVICE, ServicePermission.MANAGE_TEMPLATES, ServicePermission.SEND_MESSAGES, - "view_activity", + ServicePermission.VIEW_ACTIVITY, } app.invite_api_client.create_invite.assert_called_once_with( diff --git a/tests/app/main/views/test_platform_admin.py b/tests/app/main/views/test_platform_admin.py index 5124bd81d..1720becb7 100644 --- a/tests/app/main/views/test_platform_admin.py +++ b/tests/app/main/views/test_platform_admin.py @@ -8,6 +8,7 @@ import pytest from flask import url_for from freezegun import freeze_time +from app.enums import ServicePermission from app.main.views.platform_admin import ( create_global_stats, format_stats_by_service, @@ -1177,13 +1178,13 @@ def test_get_users_report(client_request, platform_admin_user, mocker): "password_changed_at": "2023-07-21 14:12:54.832850", "permissions": { "test service": [ - "manage_users", + ServicePermission.MANAGE_USERS, "manage_templates", "manage_settings", "send_texts", - "send_emails", + ServicePermission.SEND_EMAILS, "manage_api_keys", - "view_activity", + ServicePermission.VIEW_ACTIVITY, ] }, "platform_admin": True, diff --git a/tests/app/main/views/test_register.py b/tests/app/main/views/test_register.py index e551e0ac1..d6bbf2753 100644 --- a/tests/app/main/views/test_register.py +++ b/tests/app/main/views/test_register.py @@ -300,7 +300,7 @@ def test_register_from_email_auth_invite( "manage_api_keys", ServicePermission.MANAGE_SERVICE, ServicePermission.SEND_MESSAGES, - "view_activity", + ServicePermission.VIEW_ACTIVITY, }, [], ) diff --git a/tests/app/main/views/test_send.py b/tests/app/main/views/test_send.py index 4ef0d1417..37e0ccbf4 100644 --- a/tests/app/main/views/test_send.py +++ b/tests/app/main/views/test_send.py @@ -1717,7 +1717,7 @@ def test_send_one_off_email_to_self_without_placeholders_redirects_to_check_page {}, ), ( - {ServicePermission.SEND_MESSAGES, "view_activity"}, + {ServicePermission.SEND_MESSAGES, ServicePermission.VIEW_ACTIVITY}, "main.choose_template", {}, ), @@ -2140,7 +2140,7 @@ def test_route_permissions( "GET", response_code, url_for(route, service_id=service_one["id"], template_id=fake_uuid), - ["view_activity", ServicePermission.SEND_MESSAGES], + [ServicePermission.VIEW_ACTIVITY, ServicePermission.SEND_MESSAGES], api_user_active, service_one, ) diff --git a/tests/app/main/views/test_template_folders.py b/tests/app/main/views/test_template_folders.py index 3363b7652..c29bc3984 100644 --- a/tests/app/main/views/test_template_folders.py +++ b/tests/app/main/views/test_template_folders.py @@ -3,6 +3,7 @@ import uuid import pytest from flask import abort, url_for +from app.enums import ServicePermission from app.models.user import User from notifications_python_client.errors import HTTPError from tests import sample_uuid @@ -606,10 +607,10 @@ def test_get_manage_folder_viewing_permissions_for_users_not_visible_when_no_man ): active_user_with_permissions["permissions"][SERVICE_ONE_ID] = [ "send_texts", - "send_emails", + ServicePermission.SEND_EMAILS, "manage_templates", "manage_api_keys", - "view_activity", + ServicePermission.VIEW_ACTIVITY, ] folder_id = str(uuid.uuid4()) team_member = create_active_user_view_permissions(with_unique_id=True) @@ -860,10 +861,10 @@ def test_manage_folder_users_doesnt_change_permissions_current_user_cannot_manag ): active_user_with_permissions["permissions"][SERVICE_ONE_ID] = [ "send_texts", - "send_emails", + ServicePermission.SEND_EMAILS, "manage_templates", "manage_api_keys", - "view_activity", + ServicePermission.VIEW_ACTIVITY, ] team_member = create_active_user_view_permissions(with_unique_id=True) mock_update = mocker.patch("app.template_folder_api_client.update_template_folder") diff --git a/tests/app/main/views/test_templates.py b/tests/app/main/views/test_templates.py index a51deaebd..488736a95 100644 --- a/tests/app/main/views/test_templates.py +++ b/tests/app/main/views/test_templates.py @@ -518,7 +518,7 @@ def test_user_with_only_send_and_view_redirected_to_set_sender_for_one_off( ): active_user_with_permissions["permissions"][SERVICE_ONE_ID] = [ "send_messages", - "view_activity", + ServicePermission.VIEW_ACTIVITY, ] client_request.login(active_user_with_permissions) client_request.get( @@ -538,7 +538,7 @@ def test_user_with_only_send_and_view_redirected_to_set_sender_for_one_off( ("permissions", "links_to_be_shown", "permissions_warning_to_be_shown"), [ ( - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], [], "If you need to send this text message or edit this template, contact your manager.", ), @@ -575,7 +575,7 @@ def test_should_be_able_to_view_a_template_with_links( permissions_warning_to_be_shown, ): active_user_with_permissions["permissions"][SERVICE_ONE_ID] = permissions + [ - "view_activity" + ServicePermission.VIEW_ACTIVITY ] client_request.login(active_user_with_permissions) @@ -1698,7 +1698,7 @@ def test_route_invalid_permissions( template_type="sms", template_id=fake_uuid, ), - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], api_user_active, service_one, ) diff --git a/tests/app/main/views/test_tour.py b/tests/app/main/views/test_tour.py index 578e5e384..383161b25 100644 --- a/tests/app/main/views/test_tour.py +++ b/tests/app/main/views/test_tour.py @@ -2,6 +2,7 @@ import pytest from flask import url_for from app import current_user +from app.enums import ServicePermission from tests import validate_route_permission from tests.conftest import SERVICE_ONE_ID, create_template, normalize_spaces @@ -113,7 +114,7 @@ def test_should_403_if_user_does_not_have_send_permissions_for_tour_start( service_id=SERVICE_ONE_ID, template_id=fake_uuid, ), - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], api_user_active, service_one, ) @@ -255,7 +256,7 @@ def test_should_403_if_user_does_not_have_send_permissions_for_tour_step( template_id=fake_uuid, step_index=1, ), - ["view_activity"], + [ServicePermission.VIEW_ACTIVITY], api_user_active, service_one, ) diff --git a/tests/app/models/test_user.py b/tests/app/models/test_user.py index c1a58eba8..c11b460de 100644 --- a/tests/app/models/test_user.py +++ b/tests/app/models/test_user.py @@ -183,7 +183,7 @@ def test_set_permissions( mock_event.assert_called_once_with( service_id=SERVICE_ONE_ID, user_id=active_user_view_permissions["id"], - original_ui_permissions={"view_activity"}, + original_ui_permissions={ServicePermission.VIEW_ACTIVITY}, new_ui_permissions={ServicePermission.MANAGE_TEMPLATES}, set_by_id=fake_uuid, ) diff --git a/tests/app/test_event_handlers.py b/tests/app/test_event_handlers.py index 837a0e5b6..6139e9657 100644 --- a/tests/app/test_event_handlers.py +++ b/tests/app/test_event_handlers.py @@ -124,7 +124,7 @@ def test_set_user_permissions(client_request, mock_events): "user_id": str(uuid.uuid4()), "service_id": str(uuid.uuid4()), "original_ui_permissions": {ServicePermission.MANAGE_TEMPLATES}, - "new_ui_permissions": set("view_activity"), + "new_ui_permissions": {ServicePermission.VIEW_ACTIVITY}, "set_by_id": str(uuid.uuid4()), } diff --git a/tests/app/utils/test_user.py b/tests/app/utils/test_user.py index 39265f161..cf66fdb8a 100644 --- a/tests/app/utils/test_user.py +++ b/tests/app/utils/test_user.py @@ -36,7 +36,7 @@ def test_permissions( request.view_args.update({"service_id": "foo"}) api_user_active["permissions"] = { - "foo": ["manage_users", "manage_templates", "manage_settings"] + "foo": [ServicePermission.MANAGE_USERS, "manage_templates", "manage_settings"] } api_user_active["services"] = ["foo", "bar"] @@ -66,7 +66,7 @@ def test_permissions_forbidden( request.view_args.update({"service_id": "foo"}) api_user_active["permissions"] = { - "foo": ["manage_users", "manage_templates", "manage_settings"] + "foo": [ServicePermission.MANAGE_USERS, "manage_templates", "manage_settings"] } api_user_active["services"] = ["foo", "bar"] @@ -179,7 +179,7 @@ def test_user_with_no_permissions_to_service_goes_to_templates( api_user_active, ): api_user_active["permissions"] = { - "foo": ["manage_users", "manage_templates", "manage_settings"] + "foo": [ServicePermission.MANAGE_USERS, "manage_templates", "manage_settings"] } api_user_active["services"] = ["foo", "bar"] client_request.login(api_user_active) diff --git a/tests/app/utils/test_user_permissions.py b/tests/app/utils/test_user_permissions.py index 402ef8018..56f1f1136 100644 --- a/tests/app/utils/test_user_permissions.py +++ b/tests/app/utils/test_user_permissions.py @@ -17,7 +17,7 @@ from app.utils.user_permissions import ( ( [ "send_texts", - "send_emails", + ServicePermission.SEND_EMAILS, "manage_templates", "some_unknown_permission", ], @@ -47,7 +47,7 @@ def test_translate_permissions_from_ui_to_db(): assert db_permissions == { "send_texts", - "send_emails", + ServicePermission.SEND_EMAILS, "manage_templates", "some_unknown_permission", }