Update sms/email permission tests error msg

2025-12-24 01:11:38 -05:00 · 2017-06-28 11:54:23 +01:00
parent 50066c6753
commit e927723726
3 changed files with 21 additions and 15 deletions
--- a/app/template/rest.py
+++ b/app/template/rest.py
@@ -42,10 +42,8 @@ def _has_service_permission(template_type, action, permissions):
        template_type_text = template_type
        if template_type == SMS_TYPE:
            template_type_text = 'text message'
-        message = 'Cannot {action} {type} templates'.format(
-            action=action, type=template_type_text)
-        errors = {'content': [message]}
-        raise InvalidRequest(errors, status_code=400)
+        raise InvalidRequest("{action} {type} template is not allowed".format(
+            action=action, type=template_type_text), 403)


@template_blueprint.route('', methods=['POST'])
@@ -55,7 +53,7 @@ def create_template(service_id):
    permissions = fetched_service.permissions
    new_template = template_schema.load(request.get_json()).data

-    _has_service_permission(new_template.template_type, 'create', permissions)
+    _has_service_permission(new_template.template_type, 'Create', permissions)

    new_template.service = fetched_service
    over_limit = _content_count_greater_than_limit(new_template.content, new_template.template_type)
@@ -73,7 +71,7 @@ def create_template(service_id):
 def update_template(service_id, template_id):
    fetched_template = dao_get_template_by_id_and_service_id(template_id=template_id, service_id=service_id)

-    _has_service_permission(fetched_template.template_type, 'update', fetched_template.service.permissions)
+    _has_service_permission(fetched_template.template_type, 'Update', fetched_template.service.permissions)

    data = request.get_json()

--- a/tests/app/conftest.py
+++ b/tests/app/conftest.py
@@ -196,6 +196,11 @@ def sample_template_without_sms_permission(notify_db, notify_db_session):
    return sample_template(notify_db, notify_db_session, permissions=[EMAIL_TYPE])


+@pytest.fixture(scope='function')
+def sample_template_without_letter_permission(notify_db, notify_db_session):
+    return sample_template(notify_db, notify_db_session, template_type="letter", permissions=[EMAIL_TYPE])
+
+
@pytest.fixture(scope='function')
 def sample_template_with_placeholders(notify_db, notify_db_session):
    # deliberate space and title case in placeholder
--- a/tests/app/template/test_rest.py
+++ b/tests/app/template/test_rest.py
@@ -13,8 +13,9 @@ from app.dao.templates_dao import dao_get_template_by_id, dao_redact_template
 from tests import create_authorization_header
 from tests.app.conftest import (
    sample_template as create_sample_template,
+    sample_template_without_email_permission,
+    sample_template_without_letter_permission,
    sample_template_without_sms_permission,
-    sample_template_without_email_permission
 )
 from tests.app.db import create_service

@@ -90,8 +91,9 @@ def test_should_raise_error_if_service_does_not_exist_on_create(client, sample_u


@pytest.mark.parametrize('permissions, template_type, subject, expected_error', [
-    ([EMAIL_TYPE], SMS_TYPE, None, 'Cannot create text message templates'),
-    ([SMS_TYPE], EMAIL_TYPE, 'subject', 'Cannot create email templates'),
+    ([EMAIL_TYPE], SMS_TYPE, None, 'Create text message template is not allowed'),
+    ([SMS_TYPE], EMAIL_TYPE, 'subject', 'Create email template is not allowed'),
+    ([SMS_TYPE], LETTER_TYPE, 'subject', 'Create letter template is not allowed'),
 ])
 def test_should_raise_error_on_create_if_no_permission(
        client, sample_user, permissions, template_type, subject, expected_error):
@@ -115,14 +117,15 @@ def test_should_raise_error_on_create_if_no_permission(
        data=data
    )
    json_resp = json.loads(response.get_data(as_text=True))
-    assert response.status_code == 400
+    assert response.status_code == 403
    assert json_resp['result'] == 'error'
-    assert json_resp['message'] == {'content': [expected_error]}
+    assert json_resp['message'] == expected_error


@pytest.mark.parametrize('template_factory, expected_error', [
-    (sample_template_without_sms_permission, 'Cannot update text message templates'),
-    (sample_template_without_email_permission, 'Cannot update email templates'),
+    (sample_template_without_sms_permission, 'Update text message template is not allowed'),
+    (sample_template_without_email_permission, 'Update email template is not allowed'),
+    (sample_template_without_letter_permission, 'Update letter template is not allowed')
 ])
 def test_should_be_error_on_update_if_no_permission(
        client, sample_user, template_factory, expected_error, notify_db, notify_db_session):
@@ -143,9 +146,9 @@ def test_should_be_error_on_update_if_no_permission(
    )

    json_resp = json.loads(update_response.get_data(as_text=True))
-    assert update_response.status_code == 400
+    assert update_response.status_code == 403
    assert json_resp['result'] == 'error'
-    assert json_resp['message'] == {'content': [expected_error]}
+    assert json_resp['message'] == expected_error


 def test_should_error_if_created_by_missing(client, sample_user, sample_service):