From 72be10c6811ecc032adf2f3fd532341fc36fa3a8 Mon Sep 17 00:00:00 2001 From: Katie Smith Date: Tue, 9 Jun 2020 17:44:09 +0100 Subject: [PATCH] Add JSON schema for updating template We did not have a JSON schema for updating a template. Since we will remove the postage constraint from the templates table, this adds a JSON schema for updating a template so that we can use it to check that the postage is one of the allowed values. --- app/template/rest.py | 3 ++- app/template/template_schemas.py | 25 +++++++++++++++++++++++-- tests/app/template/test_rest.py | 13 +++++++++++++ 3 files changed, 38 insertions(+), 3 deletions(-) diff --git a/app/template/rest.py b/app/template/rest.py index 80e33ff9c..10a9653d0 100644 --- a/app/template/rest.py +++ b/app/template/rest.py @@ -37,7 +37,7 @@ from app.models import SMS_TYPE, Template, SECOND_CLASS, LETTER_TYPE from app.notifications.validators import service_has_permission, check_reply_to from app.schema_validation import validate from app.schemas import (template_schema, template_history_schema) -from app.template.template_schemas import post_create_template_schema +from app.template.template_schemas import post_create_template_schema, post_update_template_schema from app.utils import get_public_notify_type_text template_blueprint = Blueprint('template', __name__, url_prefix='/service//template') @@ -110,6 +110,7 @@ def update_template(service_id, template_id): raise InvalidRequest(errors, 403) data = request.get_json() + validate(data, post_update_template_schema) # if redacting, don't update anything else if data.get('redact_personalisation') is True: diff --git a/app/template/template_schemas.py b/app/template/template_schemas.py index bb069db30..6c1033940 100644 --- a/app/template/template_schemas.py +++ b/app/template/template_schemas.py @@ -2,7 +2,7 @@ from app.models import ( TEMPLATE_PROCESS_TYPE, TEMPLATE_TYPES, ) -from app.schema_validation.definitions import uuid +from app.schema_validation.definitions import nullable_uuid, uuid post_create_template_schema = { "$schema": "http://json-schema.org/draft-07/schema#", @@ -13,7 +13,7 @@ post_create_template_schema = { "name": {"type": "string"}, "template_type": {"enum": TEMPLATE_TYPES}, "service": uuid, - "process_type": {"emun": TEMPLATE_PROCESS_TYPE}, + "process_type": {"enum": TEMPLATE_PROCESS_TYPE}, "content": {"type": "string"}, "subject": {"type": "string"}, "created_by": uuid, @@ -28,3 +28,24 @@ post_create_template_schema = { "then": {"required": ["subject"]}, "required": ["name", "template_type", "content", "service", "created_by"] } + +post_update_template_schema = { + "$schema": "http://json-schema.org/draft-07/schema#", + "description": "POST update existing template", + "type": "object", + "title": "payload for POST /service//template/", + "properties": { + "id": uuid, + "name": {"type": "string"}, + "template_type": {"enum": TEMPLATE_TYPES}, + "service": uuid, + "process_type": {"enum": TEMPLATE_PROCESS_TYPE}, + "content": {"type": "string"}, + "subject": {"type": "string"}, + "postage": {"type": "string", "format": "postage"}, + "reply_to": nullable_uuid, + "created_by": uuid, + "archived": {"type": "boolean"}, + "current_user": uuid + }, +} diff --git a/tests/app/template/test_rest.py b/tests/app/template/test_rest.py index 5726231bd..1ed7905e8 100644 --- a/tests/app/template/test_rest.py +++ b/tests/app/template/test_rest.py @@ -884,6 +884,19 @@ def test_update_template_reply_to_set_to_blank(client, notify_db_session): assert th.service_letter_contact_id is None +def test_update_template_validates_postage(admin_request, sample_service_full_permissions): + template = create_template(service=sample_service_full_permissions, template_type='letter') + + response = admin_request.post( + 'template.update_template', + service_id=sample_service_full_permissions.id, + template_id=template.id, + _data={"postage": "third"}, + _expected_status=400 + ) + assert 'postage invalid' in response['errors'][0]['message'] + + def test_update_template_with_foreign_service_reply_to(client, sample_letter_template): auth_header = create_authorization_header()