Cancel job if the service is inactive.

Update the PermissionsDao.get_permissions_by_user_id to only return permissions for active services, this will make the admin app return a 403 if someone (otherthan platform admin) tries to look at an inactive service. Removed the active flag in sample_service the dao_create_service overiddes this attribute.
2026-02-03 09:51:11 -05:00 · 2017-02-02 11:34:00 +00:00
parent dab89969cc
commit f56824adde
5 changed files with 56 additions and 8 deletions
--- a/tests/app/celery/test_tasks.py
+++ b/tests/app/celery/test_tasks.py
@@ -923,6 +923,22 @@ def test_persist_letter_saves_letter_to_database(sample_letter_job, mocker):
    assert notification_db.personalisation == personalisation


+def test_should_cancel_job_if_service_is_inactive(sample_service,
+                                                  sample_job,
+                                                  mocker):
+    sample_service.active = False
+
+    mocker.patch('app.celery.tasks.s3.get_job_from_s3')
+    mocker.patch('app.celery.tasks.process_row')
+
+    process_job(sample_job.id)
+
+    job = jobs_dao.dao_get_job_by_id(sample_job.id)
+    assert job.job_status == 'cancelled'
+    s3.get_job_from_s3.assert_not_called()
+    tasks.process_row.assert_not_called()
+
+
@pytest.mark.parametrize('template_type, expected_class', [
    (SMS_TYPE, SMSMessageTemplate),
    (EMAIL_TYPE, WithSubjectTemplate),
--- a/tests/app/conftest.py
+++ b/tests/app/conftest.py
@@ -121,7 +121,6 @@ def sample_service(notify_db,
                   notify_db_session,
                   service_name="Sample service",
                   user=None,
-                   active=True,
                   restricted=False,
                   limit=1000,
                   email_from=None):
@@ -132,7 +131,6 @@ def sample_service(notify_db,
    data = {
        'name': service_name,
        'message_limit': limit,
-        'active': active,
        'restricted': restricted,
        'email_from': email_from,
        'created_by': user
--- a/tests/app/dao/test_permissionDAO.py
+++ b/tests/app/dao/test_permissionDAO.py
@@ -0,0 +1,26 @@
+from app.dao.permissions_dao import permission_dao
+from tests.app.conftest import sample_service as create_service
+
+
+def test_get_permissions_by_user_id_returns_all_permissions(sample_service):
+    permissions = permission_dao.get_permissions_by_user_id(user_id=sample_service.users[0].id)
+    assert len(permissions) == 8
+    assert sorted(["manage_users",
+                   "manage_templates",
+                   "manage_settings",
+                   "send_texts",
+                   "send_emails",
+                   "send_letters",
+                   "manage_api_keys",
+                   "view_activity"]) == sorted([i.permission for i in permissions])
+
+
+def test_get_permissions_by_user_id_returns_only_active_service(notify_db, notify_db_session, sample_user):
+    active_service = create_service(notify_db, notify_db_session, service_name="Active service", user=sample_user)
+    inactive_service = create_service(notify_db, notify_db_session, service_name="Inactive service",
+                                      user=sample_user)
+    inactive_service.active = False
+    permissions = permission_dao.get_permissions_by_user_id(user_id=sample_user.id)
+    assert len(permissions) == 8
+    assert active_service in [i.service for i in permissions]
+    assert inactive_service not in [i.service for i in permissions]