Adding endpoint tests

ethyca · Jan 14, 2025 · 65a723f · 65a723f
1 parent 66f0d4a
commit 65a723f
Show file tree

Hide file tree

Showing 2 changed files with 72 additions and 4 deletions.
diff --git a/src/fides/api/api/v1/endpoints/privacy_request_endpoints.py b/src/fides/api/api/v1/endpoints/privacy_request_endpoints.py
@@ -46,6 +46,7 @@
     get_access_manual_webhook_or_404,
 )
 from fides.api.common_exceptions import (
+    FidesopsException,
     IdentityVerificationException,
     ManualWebhookFieldsUnset,
     NoCachedManualWebhookEntry,
@@ -2165,13 +2166,18 @@ def resubmit_privacy_request(
         get_privacy_request_service
     ),
 ) -> PrivacyRequest:
-    privacy_request = privacy_request_service.resubmit_privacy_request(
-        privacy_request_id
-    )
+    try:
+        privacy_request = privacy_request_service.resubmit_privacy_request(
+            privacy_request_id
+        )
+    except FidesopsException as exc:
+        raise HTTPException(
+            status_code=HTTP_422_UNPROCESSABLE_ENTITY, detail=exc.message
+        )
 
     if not privacy_request:
         raise HTTPException(
-            status_code=HTTP_404_NOT_FOUND, detail="Privacy request not found."
+            status_code=HTTP_404_NOT_FOUND, detail="Privacy request not found"
         )
 
     return privacy_request
diff --git a/tests/ops/api/v1/endpoints/test_privacy_request_endpoints.py b/tests/ops/api/v1/endpoints/test_privacy_request_endpoints.py
@@ -97,6 +97,7 @@
     PRIVACY_REQUEST_PRE_APPROVE_ELIGIBLE,
     PRIVACY_REQUEST_PRE_APPROVE_NOT_ELIGIBLE,
     PRIVACY_REQUEST_REQUEUE,
+    PRIVACY_REQUEST_RESUBMIT,
     PRIVACY_REQUEST_RESUME,
     PRIVACY_REQUEST_RESUME_FROM_REQUIRES_INPUT,
     PRIVACY_REQUEST_RETRY,
@@ -8551,3 +8552,64 @@ def test_filtered_results_mongo(
             "status",
             "results",
         }
+
+
+class TestResubmitPrivacyRequest:
+    @pytest.fixture(scope="function")
+    def url(self, privacy_request):
+        return V1_URL_PREFIX + PRIVACY_REQUEST_RESUBMIT.format(
+            privacy_request_id=privacy_request.id
+        )
+
+    def test_resubmit_privacy_request_not_authenticated(self, url, api_client) -> None:
+        response = api_client.post(url, headers={})
+        assert response.status_code == 401
+
+    def test_resubmit_privacy_request_wrong_scope(
+        self,
+        url,
+        api_client: TestClient,
+        generate_auth_header,
+    ) -> None:
+        auth_header = generate_auth_header(scopes=[DATASET_CREATE_OR_UPDATE])
+        response = api_client.post(url, headers=auth_header)
+        assert response.status_code == 403
+
+    @pytest.mark.parametrize(
+        "auth_header,expected_status",
+        [
+            ("owner_auth_header", HTTP_200_OK),
+            ("contributor_auth_header", HTTP_200_OK),
+            ("viewer_and_approver_auth_header", HTTP_403_FORBIDDEN),
+            ("viewer_auth_header", HTTP_403_FORBIDDEN),
+            ("approver_auth_header", HTTP_403_FORBIDDEN),
+        ],
+    )
+    def test_resubmit_privacy_request_with_roles(
+        self,
+        url,
+        auth_header,
+        expected_status,
+        test_client: TestClient,
+        request,
+    ) -> None:
+
+        auth_header = request.getfixturevalue(auth_header)
+        response = test_client.post(
+            url,
+            headers=auth_header,
+        )
+        assert response.status_code == expected_status
+
+    def test_resubmit_privacy_request(
+        self,
+        url,
+        api_client: TestClient,
+        generate_auth_header,
+    ) -> None:
+        auth_header = generate_auth_header(scopes=[PRIVACY_REQUEST_CREATE])
+        response = api_client.post(
+            url,
+            headers=auth_header,
+        )
+        assert response.status_code == HTTP_200_OK