From c3101b5f39408d15bdedc871ff4c5c30f94f5fa2 Mon Sep 17 00:00:00 2001
From: Jorrit Schaap <schaap@astron.nl>
Date: Thu, 1 Jul 2021 12:12:59 +0200
Subject: [PATCH] TMSS-745: check project trigger permissions, even for test
 mode

---
 .../src/tmss/tmssapp/viewsets/specification.py   | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py b/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py
index bdac1be7afd..b3886b56d53 100644
--- a/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py
+++ b/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py
@@ -598,22 +598,24 @@ class SchedulingUnitDraftTriggerViewSet(SchedulingUnitDraftViewSet):
         # ---
         logger.info("received trigger for project name=%s and created SchedulingUnitDraft pk=%s" % (serializer.instance.project.name, serializer.instance.pk))
 
+        if not serializer.instance.project.can_trigger:
+            content = {'Error': 'Project %s does not allow triggers' % serializer.instance.project}
+            logger.warning(content)
+            return Response(content, status=status.HTTP_403_FORBIDDEN)
+
         # check if we have a url parameter 'test=false' that flags this a real observation
         test_str = request.GET.get('test', 'true')
         is_test = test_str.lower() not in ['false']
 
         # if we have a real trigger, carve things in stone, so the dynamic scheduler picks it up
-        if not is_test:
+        if is_test:
+            logger.info("triggered SchedulingUnitDraft pk=%s is a test" % serializer.instance.pk)
+        else:
             logger.info("triggered SchedulingUnitDraft pk=%s is an actual trigger (not a test)" % serializer.instance.pk)
-            if not serializer.instance.project.can_trigger:
-                content = {'Error': 'Project %s does not allow triggers' % serializer.instance.project}
-                logger.warning(content)
-                return Response(content, status=status.HTTP_403_FORBIDDEN)  # todo: should we raise this even for tests?
+
             # todo: check trigger quota / account for the used trigger?
             self.create_blueprints_and_subtasks(request, pk=serializer.instance.pk)
             logger.info("created blueprint and subtasks for triggered SchedulingUnitDraft pk=%s" % serializer.instance.pk)
-        else:
-            logger.info("triggered SchedulingUnitDraft pk=%s is a test" % serializer.instance.pk)
 
         draft = serializer.instance
         draft.refresh_from_db()
-- 
GitLab