From 497bb42395dd472a28bfbb13d72005dda6b02b57 Mon Sep 17 00:00:00 2001
From: efloden <efloden@redhat.com>
Date: Wed, 28 Feb 2018 09:50:05 +1000
Subject: [PATCH] test(ZNTA-2380): user permissions return not found response
 if not found

---
 .../zanata/rest/editor/service/UserService.java |  8 +++++++-
 .../rest/editor/service/UserServiceTest.java    | 17 ++++++++++++++---
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/server/services/src/main/java/org/zanata/rest/editor/service/UserService.java b/server/services/src/main/java/org/zanata/rest/editor/service/UserService.java
index e2113287aa..903726deee 100644
--- a/server/services/src/main/java/org/zanata/rest/editor/service/UserService.java
+++ b/server/services/src/main/java/org/zanata/rest/editor/service/UserService.java
@@ -38,6 +38,7 @@
 import org.zanata.security.annotations.CheckLoggedIn;
 import org.zanata.service.GravatarService;
 import com.google.common.base.Strings;
+import org.zanata.webtrans.shared.model.Locale;
 
 /**
  * @author Alex Eng <a href="mailto:aeng@redhat.com">aeng@redhat.com</a>
@@ -162,6 +163,9 @@ public Response getTranslationPermission(
         HProject project = projectDAO.getBySlug(projectSlug);
         LocaleId localeID = new LocaleId(localeId);
         HLocale locale = localeDAO.findByLocaleId(localeID);
+        if (project == null || locale == null) {
+            return Response.status(Response.Status.NOT_FOUND).build();
+        }
         boolean canReview = identity.hasPermissionWithAnyTargets(
                 "translation-review", project, locale);
         boolean canTranslate = identity.hasPermissionWithAnyTargets(
@@ -243,7 +247,8 @@ protected UserService(final HAccount authenticatedAccount,
             final AccountDAO accountDAO, final PersonDAO personDAO,
             final ProjectDAO projectDAO, final ZanataIdentity identity,
             final ApplicationConfiguration applicationConfiguration,
-            final IdentityManager identityManager) {
+            final IdentityManager identityManager,
+            final LocaleDAO localeDAO) {
         this.authenticatedAccount = authenticatedAccount;
         this.gravatarServiceImpl = gravatarServiceImpl;
         this.accountDAO = accountDAO;
@@ -252,6 +257,7 @@ protected UserService(final HAccount authenticatedAccount,
         this.identity = identity;
         this.applicationConfiguration = applicationConfiguration;
         this.identityManager = identityManager;
+        this.localeDAO = localeDAO;
     }
 
     /**
diff --git a/server/services/src/test/java/org/zanata/rest/editor/service/UserServiceTest.java b/server/services/src/test/java/org/zanata/rest/editor/service/UserServiceTest.java
index cf91555e99..00fe172c31 100644
--- a/server/services/src/test/java/org/zanata/rest/editor/service/UserServiceTest.java
+++ b/server/services/src/test/java/org/zanata/rest/editor/service/UserServiceTest.java
@@ -16,6 +16,7 @@
 import org.zanata.dao.AccountDAO;
 import org.zanata.dao.PersonDAO;
 import org.zanata.dao.ProjectDAO;
+import org.zanata.dao.LocaleDAO;
 import org.zanata.model.HAccount;
 import org.zanata.model.HPerson;
 import org.zanata.rest.dto.User;
@@ -43,6 +44,8 @@ public class UserServiceTest {
     @Mock
     private ApplicationConfiguration applicationConfiguration;
     private HPerson person;
+    @Mock
+    private LocaleDAO localeDAO;
 
     private String username = "a";
 
@@ -60,7 +63,7 @@ public void setUp() throws Exception {
         service =
                 new UserService(authenticatedAccount, gravatarService,
                         accountDAO, personDAO, projectDAO, identity,
-                        applicationConfiguration, identityManager);
+                        applicationConfiguration, identityManager, localeDAO);
     }
 
     @Test
@@ -68,15 +71,23 @@ public void getTranslationPermissionWillReturnForbiddenIfNotAuthenticated() {
         String projectSlug = "projectSlug";
         String localeId = "localeId";
         service = new UserService(null, gravatarService, accountDAO, personDAO,
-                projectDAO, identity, applicationConfiguration, identityManager);
+                projectDAO, identity, applicationConfiguration, identityManager, localeDAO);
         Response response = service.getTranslationPermission(projectSlug, localeId);
         assertThat(response.getStatus()).isEqualTo(403);
     }
 
+    @Test
+    public void getTranslationPermissionWillReturnNotFoundIfNotFound() {
+        String projectSlug = "projectSlug";
+        String localeId = "localeId";
+        Response response = service.getTranslationPermission(projectSlug, localeId);
+        assertThat(response.getStatus()).isEqualTo(404);
+    }
+
     @Test
     public void getMyInfoWillReturnNotFoundIfNotAuthenticated() {
         service = new UserService(null, gravatarService, accountDAO, personDAO,
-                projectDAO, identity, applicationConfiguration, identityManager);
+                projectDAO, identity, applicationConfiguration, identityManager, localeDAO);
         Response response = service.getMyInfo();
         assertThat(response.getStatus()).isEqualTo(404);
     }