diff --git a/news/515.feature b/news/515.feature new file mode 100644 index 00000000..4fcdd219 --- /dev/null +++ b/news/515.feature @@ -0,0 +1,3 @@ +Report if a permission does not exist +when calling `api.user.has_permission`. +[gforcada] diff --git a/src/plone/api/tests/test_env.py b/src/plone/api/tests/test_env.py index e56161ba..c82e4af5 100644 --- a/src/plone/api/tests/test_env.py +++ b/src/plone/api/tests/test_env.py @@ -530,14 +530,15 @@ def test_adopt_user_different_username(self): def test_roles_restored_after_exception(self): """Tests that roles are restored after an exception.""" - self.assertFalse(api.user.has_permission("Manage portal content")) + permission = "Manage properties" + self.assertFalse(api.user.has_permission(permission)) try: with api.env.adopt_roles(["Manager"]): - self.assertTrue(api.user.has_permission("Manage portal content")) + self.assertTrue(api.user.has_permission(permission)) raise TestException("Test exception") except TestException: pass - self.assertFalse(api.user.has_permission("Manage portal content")) + self.assertFalse(api.user.has_permission(permission)) def test_user_restored_after_exception(self): """Tests that roles are restored after an exception.""" diff --git a/src/plone/api/user.py b/src/plone/api/user.py index 1ac97d16..ad6eca6f 100644 --- a/src/plone/api/user.py +++ b/src/plone/api/user.py @@ -327,7 +327,18 @@ def has_permission(permission, username=None, user=None, obj=None): context = env.adopt_user(username, user) with context: - return bool(getSecurityManager().checkPermission(permission, obj)) + return_value = bool(getSecurityManager().checkPermission(permission, obj)) + if not return_value: + names = [x[0] for x in getPermissions()] + if permission not in names: + raise InvalidParameterError( + "Cannot find a permission with name '{permission}'\n" + "Available permissions are:\n" + "{names}".format( + permission=permission, names="\n".join(sorted(names)) + ) + ) + return return_value @required_parameters("roles")