Report non existing permissions

news/515.feature

@@ -0,0 +1,3 @@
+Report if a permission does not exist
+when calling `api.user.has_permission`.
+[gforcada]

src/plone/api/tests/test_env.py

@@ -530,14 +530,15 @@ def test_adopt_user_different_username(self):
 
     def test_roles_restored_after_exception(self):
         """Tests that roles are restored after an exception."""
-        self.assertFalse(api.user.has_permission("Manage portal content"))
+        permission = "Manage properties"
+        self.assertFalse(api.user.has_permission(permission))
         try:
             with api.env.adopt_roles(["Manager"]):
-                self.assertTrue(api.user.has_permission("Manage portal content"))
+                self.assertTrue(api.user.has_permission(permission))
                 raise TestException("Test exception")
         except TestException:
             pass
-        self.assertFalse(api.user.has_permission("Manage portal content"))
+        self.assertFalse(api.user.has_permission(permission))
 
     def test_user_restored_after_exception(self):
         """Tests that roles are restored after an exception."""

src/plone/api/user.py

@@ -327,7 +327,18 @@ def has_permission(permission, username=None, user=None, obj=None):
         context = env.adopt_user(username, user)
 
     with context:
-        return bool(getSecurityManager().checkPermission(permission, obj))
+        return_value = bool(getSecurityManager().checkPermission(permission, obj))
+        if not return_value:
+            names = [x[0] for x in getPermissions()]
+            if permission not in names:
+                raise InvalidParameterError(
+                    "Cannot find a permission with name '{permission}'\n"
+                    "Available permissions are:\n"
+                    "{names}".format(
+                        permission=permission, names="\n".join(sorted(names))
+                    )
+                )
+        return return_value
 
 
 @required_parameters("roles")