From c5efd87e31ad6886a6411fbe79ceb27a3ec1d2a5 Mon Sep 17 00:00:00 2001
From: Nicholas Staples <nicholas.staples@solution-tribute.com>
Date: Fri, 18 Mar 2016 14:43:03 +0000
Subject: [PATCH] Updated nav and choose template permissions.

---
 app/main/views/send.py                 |  2 +-
 app/templates/main_nav.html            |  2 +-
 tests/app/main/views/test_dashboard.py |  4 +--
 tests/app/main/views/test_send.py      | 39 ++++++++++++++++++++++++++
 4 files changed, 43 insertions(+), 4 deletions(-)

diff --git a/app/main/views/send.py b/app/main/views/send.py
index aab52a6cf..41face291 100644
--- a/app/main/views/send.py
+++ b/app/main/views/send.py
@@ -66,7 +66,7 @@ def get_page_headings(template_type):
 
 @main.route("/services/<service_id>/send/<template_type>", methods=['GET'])
 @login_required
-@user_has_permissions('send_texts', 'send_emails', 'send_letters', 'manage_templates', or_=True)
+@user_has_permissions('send_texts', 'send_emails', 'send_letters', 'manage_templates', 'manage_api_keys', or_=True)
 def choose_template(service_id, template_type):
 
     service = services_dao.get_service_by_id_or_404(service_id)
diff --git a/app/templates/main_nav.html b/app/templates/main_nav.html
index 96c1c372b..a147a893b 100644
--- a/app/templates/main_nav.html
+++ b/app/templates/main_nav.html
@@ -7,7 +7,7 @@
     <li><a href="{{ url_for('.choose_template', service_id=service_id, template_type='sms') }}">Send text messages</a></li>
     <li><a href="{{ url_for('.choose_template', service_id=service_id, template_type='email') }}">Send emails</a></li>
   </ul>
-  {% elif current_user.has_permissions(['manage_templates']) %}
+  {% elif current_user.has_permissions(['manage_templates', 'manage_api_keys'], or_=True) %}
   <ul>
     <li><a href="{{ url_for('.choose_template', service_id=service_id, template_type='sms') }}">Text message templates</a></li>
     <li><a href="{{ url_for('.choose_template', service_id=service_id, template_type='email') }}">Email templates</a></li>
diff --git a/tests/app/main/views/test_dashboard.py b/tests/app/main/views/test_dashboard.py
index 9594f0072..75074aa86 100644
--- a/tests/app/main/views/test_dashboard.py
+++ b/tests/app/main/views/test_dashboard.py
@@ -102,11 +102,11 @@ def test_menu_manage_api_keys(mocker, app_, api_user_active, service_one, mock_g
         assert url_for(
             'main.choose_template',
             service_id=service_one['id'],
-            template_type='email') not in page
+            template_type='email') in page
         assert url_for(
             'main.choose_template',
             service_id=service_one['id'],
-            template_type='sms') not in page
+            template_type='sms') in page
 
         assert url_for('main.manage_users', service_id=service_one['id']) not in page
         assert url_for('main.service_settings', service_id=service_one['id']) not in page
diff --git a/tests/app/main/views/test_send.py b/tests/app/main/views/test_send.py
index 8cd8a9ca5..363f90bab 100644
--- a/tests/app/main/views/test_send.py
+++ b/tests/app/main/views/test_send.py
@@ -425,3 +425,42 @@ def test_route_choose_template_send_messages_permissions(mocker,
             "main.edit_service_template",
             service_id=service_one['id'],
             template_id=template_id) not in page
+
+
+def test_route_choose_template_manage_api_keys_permissions(mocker,
+                                                           app_,
+                                                           api_user_active,
+                                                           service_one,
+                                                           mock_login,
+                                                           mock_get_user,
+                                                           mock_get_service,
+                                                           mock_check_verify_code,
+                                                           mock_get_service_templates,
+                                                           mock_get_jobs):
+    with app_.test_request_context():
+        template_id = mock_get_service_templates(service_one['id'])['data'][0]['id']
+        resp = validate_route_permission(
+            mocker,
+            app_,
+            "GET",
+            200,
+            url_for(
+                'main.choose_template',
+                service_id=service_one['id'],
+                template_type='sms'),
+            ['manage_api_keys', 'access_developer_docs'],
+            api_user_active,
+            service_one)
+        page = resp.get_data(as_text=True)
+        assert url_for(
+            "main.send_messages",
+            service_id=service_one['id'],
+            template_id=template_id) in page
+        assert url_for(
+            "main.send_message_to_self",
+            service_id=service_one['id'],
+            template_id=template_id) not in page
+        assert url_for(
+            "main.edit_service_template",
+            service_id=service_one['id'],
+            template_id=template_id) not in page