When adding a user new with permissions to a service, the permissions

dao was deleting all permissions for that user (regardless of service
id) as the last filter on the permissions dao get_query method won.

I've added a replace flag to the set_user_service_permission method
so that it can handle adding new users + permissions and editing
of existing users' permissions.

Also by pass the get_query method until it can be refactored to work
correctly.

For now execute the filter query directly on the model.

app/service/rest.py

@@ -1,9 +1,13 @@
-from datetime import (datetime, date)
+from datetime import (
+    datetime,
+    date
+)
 
-from flask import Blueprint
 from flask import (
     jsonify,
-    request
+    request,
+    abort,
+    Blueprint
 )
 from sqlalchemy.orm.exc import NoResultFound
 
@@ -152,6 +156,8 @@ def add_user_to_service(service_id, user_id):
                        message='User id: {} already part of service id: {}'.format(user_id, service_id)), 400
 
     permissions, errors = permission_schema.load(request.get_json(), many=True)
+    if errors:
+        abort(400, errors)
 
     dao_add_user_to_service(service, user, permissions)
     data, errors = service_schema.dump(service)
@@ -174,15 +180,6 @@ def remove_user_from_service(service_id, user_id):
     return jsonify({}), 204
 
 
-def _process_permissions(user, service, permission_groups):
-    from app.permissions_utils import get_permissions_by_group
-    permissions = get_permissions_by_group(permission_groups)
-    for permission in permissions:
-        permission.user = user
-        permission.service = service
-    return permissions
-
-
 @service.route('/<uuid:service_id>/fragment/aggregate_statistics')
 def get_service_provider_aggregate_statistics(service_id):
     service = dao_fetch_service_by_id(service_id)