diff --git a/templates/zerver/api/common-error-payloads.md b/templates/zerver/api/common-error-payloads.md index 7065e1934a..70aa742b18 100644 --- a/templates/zerver/api/common-error-payloads.md +++ b/templates/zerver/api/common-error-payloads.md @@ -12,3 +12,10 @@ A typical failed JSON response for when a required request argument is not supplied: {generate_code_example|missing-request-argument-error|fixture} + +## User not authorized for query + +A typical failed JSON response for when the user is not authorized +for a query: + +{generate_code_example|user-not-authorized-error|fixture} diff --git a/templates/zerver/api/fixtures.json b/templates/zerver/api/fixtures.json index 23fde1f94e..60be5fd43b 100644 --- a/templates/zerver/api/fixtures.json +++ b/templates/zerver/api/fixtures.json @@ -259,5 +259,10 @@ "code":"BAD_REQUEST", "msg":"You don't have permission to edit this message", "result":"error" + }, + "user-not-authorized-error": { + "code":"BAD_REQUEST", + "msg":"User not authorized for this query", + "result":"error" } } diff --git a/templates/zerver/api/get-all-streams.md b/templates/zerver/api/get-all-streams.md index c4e2f7b9d7..2cd0dbf367 100644 --- a/templates/zerver/api/get-all-streams.md +++ b/templates/zerver/api/get-all-streams.md @@ -82,10 +82,4 @@ A typical successful JSON response may look like: An example of a JSON response for when the user is not authorized to use the `include_all_active` parameter: -``` -{ - 'code':'BAD_REQUEST', - 'result':'error', - 'msg':'User not authorized for this query' -} -``` +{generate_code_example|user-not-authorized-error|fixture} diff --git a/tools/test-api b/tools/test-api index dd7f641a33..151cb2ed3f 100755 --- a/tools/test-api +++ b/tools/test-api @@ -14,8 +14,9 @@ os.chdir(ZULIP_PATH) from zulip import Client from tools.lib.test_server import test_server_running -from zerver.lib.api_test_helpers import test_the_api, test_invalid_api_key -from zerver.lib.api_test_helpers import test_update_message_edit_permission_error +from zerver.lib.api_test_helpers import test_the_api, test_invalid_api_key, \ + test_update_message_edit_permission_error, \ + test_user_not_authorized_error os.environ['DJANGO_SETTINGS_MODULE'] = 'zproject.test_settings' django.setup() @@ -48,6 +49,7 @@ with test_server_running(external_host='zulipdev.com:9981'): # Run tests that require non-admin client test_update_message_edit_permission_error(client, nonadmin_client) + test_user_not_authorized_error(nonadmin_client) # Test error payloads client = Client( diff --git a/zerver/lib/api_test_helpers.py b/zerver/lib/api_test_helpers.py index 7c46b1fe51..72f40bb22f 100644 --- a/zerver/lib/api_test_helpers.py +++ b/zerver/lib/api_test_helpers.py @@ -152,6 +152,13 @@ def get_streams(client): check_if_exists=['streams']) assert len(result['streams']) == 4 +def test_user_not_authorized_error(nonadmin_client): + # type: (Client) -> None + result = nonadmin_client.get_streams(include_all_active=True) + + fixture = FIXTURES['user-not-authorized-error'] + test_against_fixture(result, fixture) + def get_subscribers(client): # type: (Client) -> None