Skip to content

Commit fbe545c

Browse files
Aadesh-BaralAadesh-Baral
committed
Remove user permission ncheck on service function to update project as this is already checked in resource function
1 parent 77b3d5f commit fbe545c

File tree

3 files changed

+10
-20
lines changed

3 files changed

+10
-20
lines changed

backend/api/projects/resources.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -386,7 +386,7 @@ def patch(self, project_id):
386386
return {"Error": "Unable to update project", "SubCode": "InvalidData"}, 400
387387

388388
try:
389-
ProjectAdminService.update_project(project_dto, authenticated_user_id)
389+
ProjectAdminService.update_project(project_dto)
390390
return {"Status": "Updated"}, 200
391391
except InvalidGeoJson as e:
392392
return {"Invalid GeoJson": str(e)}, 400

backend/services/project_admin_service.py

Lines changed: 3 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,7 @@ def get_project_dto_for_admin(project_id: int) -> ProjectDTO:
114114
return project.as_dto_for_admin(project_id)
115115

116116
@staticmethod
117-
def update_project(project_dto: ProjectDTO, authenticated_user_id: int):
117+
def update_project(project_dto: ProjectDTO):
118118
project_id = project_dto.project_id
119119

120120
if project_dto.project_status == ProjectStatus.PUBLISHED.name:
@@ -125,18 +125,8 @@ def update_project(project_dto: ProjectDTO, authenticated_user_id: int):
125125
if project_dto.license_id:
126126
ProjectAdminService._validate_imagery_licence(project_dto.license_id)
127127

128-
# To be handled before reaching this function
129-
if ProjectAdminService.is_user_action_permitted_on_project( # FLAGGED: ALREADY CHECKED IN VIEW FUNCTION
130-
authenticated_user_id, project_id
131-
):
132-
project = ProjectAdminService._get_project_by_id(project_id)
133-
project.update(project_dto)
134-
else:
135-
raise Forbidden(
136-
sub_code="USER_NOT_PROJECT_MANAGER",
137-
user_id=authenticated_user_id,
138-
project_id=project_id,
139-
)
128+
project = ProjectAdminService._get_project_by_id(project_id)
129+
project.update(project_dto)
140130

141131
return project
142132

tests/backend/integration/services/test_project_admin_service.py

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -287,7 +287,7 @@ def test_update_published_project_with_incomplete_default_locale_raises_error(
287287
mock_user.return_value = stub_admin_user
288288
# Act / Assert
289289
with self.assertRaises(ProjectAdminServiceError):
290-
ProjectAdminService.update_project(dto, mock_user.id)
290+
ProjectAdminService.update_project(dto)
291291

292292
@patch.object(User, "get_by_id")
293293
@patch.object(Project, "update")
@@ -310,7 +310,7 @@ def test_updating_a_private_project_with_no_allowed_users_raises_error(
310310

311311
# Act
312312
try:
313-
ProjectAdminService.update_project(dto, mock_user.id)
313+
ProjectAdminService.update_project(dto)
314314
# Assert
315315
except ProjectAdminServiceError:
316316
self.fail("update_project raised an exception when setting it as private")
@@ -349,7 +349,7 @@ def test_update_project_with_non_existant_license_raises_error(
349349
mock_user.return_value = stub_admin_user
350350
# Act / Assert
351351
with self.assertRaises(ProjectAdminServiceError):
352-
ProjectAdminService.update_project(dto, mock_user.id)
352+
ProjectAdminService.update_project(dto)
353353

354354
@patch.object(User, "get_by_id")
355355
@patch.object(Project, "update")
@@ -386,7 +386,7 @@ def test_updating_a_project_with_different_roles_raises_error(
386386
mock_user.return_value = stub_user
387387
# Act/Assert
388388
with self.assertRaises(Forbidden):
389-
ProjectAdminService.update_project(dto, mock_user.id)
389+
ProjectAdminService.update_project(dto)
390390

391391
def test_updating_a_project_with_valid_project_info(self):
392392
locales = []
@@ -398,7 +398,7 @@ def test_updating_a_project_with_valid_project_info(self):
398398
info.instructions = "Test instructions"
399399
locales.append(info)
400400

401-
test_project, test_user = create_canned_project()
401+
test_project, _ = create_canned_project()
402402

403403
dto = ProjectDTO()
404404
dto.project_id = test_project.id
@@ -411,7 +411,7 @@ def test_updating_a_project_with_valid_project_info(self):
411411
dto.validation_editors = ["ID"]
412412
dto.project_info_locales = locales
413413
# Act
414-
updated_project = ProjectAdminService.update_project(dto, test_user.id)
414+
updated_project = ProjectAdminService.update_project(dto)
415415
# Assert
416416
self.assertEqual(
417417
updated_project.difficulty, ProjectDifficulty[dto.difficulty.upper()].value

0 commit comments

Comments
 (0)