RDISCROWD-7850 - update 403 error for authorized services (#1021)

* RDISCROWD-7850 - update 403 error for authorized services

pybossa/api/__init__.py

@@ -727,7 +727,8 @@ def get_service_request(task_id, service_name, major_version, minor_version):
         .get(authorized_services_key, [])
     )
     if service_name not in authorized_services:
-        return abort(403, "The project is not authorized to access this service")
+        authorized_services_403 = current_app.config.get("AUTHORIZED_SERVICES_403", "")
+        return abort(403, authorized_services_403.format(project_id=project.id, service_name=service_name))
 
     if not (task and proxy_service_config and service_name and major_version and minor_version):
         return abort(400)

pybossa/settings_local.py.tmpl

@@ -359,6 +359,8 @@ TASK_REQUIRED_FIELDS = {
     'data_classifier': {'val': ['C1', 'C2'], 'check_val': True}
 }
 
+AUTHORIZED_SERVICES_403 = 'The project {project_id} is not authorized to access the service {service_name}.'
+
 # Specify which key from the info field of task, task_run or result is going to be used as the root key
 # for exporting in CSV format
 # TASK_CSV_EXPORT_INFO_KEY = 'key'

test/test_web.py

@@ -11810,6 +11810,7 @@ def __init__(self, content):
                 }
             }
         }
+        current_app.config["AUTHORIZED_SERVICES_403"] = 'The project {project_id} is not authorized to access the service {service_name}.'
 
         url = "/api/task/1/services/test-service-name/1/37"
         user = UserFactory.create()
@@ -11826,6 +11827,7 @@ def __init__(self, content):
             follow_redirects=False,
         )
         data = json.loads(res.data)
+        assert data.get("exception_msg") == 'The project 1 is not authorized to access the service test-service-name.', data
         assert data.get("status_code") == 403, data
 
 class TestErrorHandlers(web.Helper):