diff --git a/pybossa/api/__init__.py b/pybossa/api/__init__.py index d2c02b05a..468c89d83 100644 --- a/pybossa/api/__init__.py +++ b/pybossa/api/__init__.py @@ -727,7 +727,8 @@ def get_service_request(task_id, service_name, major_version, minor_version): .get(authorized_services_key, []) ) if service_name not in authorized_services: - return abort(403, "The project is not authorized to access this service") + authorized_services_403 = current_app.config.get("AUTHORIZED_SERVICES_403", "") + return abort(403, authorized_services_403.format(project_id=project.id, service_name=service_name)) if not (task and proxy_service_config and service_name and major_version and minor_version): return abort(400) diff --git a/pybossa/settings_local.py.tmpl b/pybossa/settings_local.py.tmpl index 613f21ed8..b5517f151 100644 --- a/pybossa/settings_local.py.tmpl +++ b/pybossa/settings_local.py.tmpl @@ -359,6 +359,8 @@ TASK_REQUIRED_FIELDS = { 'data_classifier': {'val': ['C1', 'C2'], 'check_val': True} } +AUTHORIZED_SERVICES_403 = 'The project {project_id} is not authorized to access the service {service_name}.' + # Specify which key from the info field of task, task_run or result is going to be used as the root key # for exporting in CSV format # TASK_CSV_EXPORT_INFO_KEY = 'key' diff --git a/test/test_web.py b/test/test_web.py index 4b7cca67a..a02ff86ff 100644 --- a/test/test_web.py +++ b/test/test_web.py @@ -11810,6 +11810,7 @@ def __init__(self, content): } } } + current_app.config["AUTHORIZED_SERVICES_403"] = 'The project {project_id} is not authorized to access the service {service_name}.' url = "/api/task/1/services/test-service-name/1/37" user = UserFactory.create() @@ -11826,6 +11827,7 @@ def __init__(self, content): follow_redirects=False, ) data = json.loads(res.data) + assert data.get("exception_msg") == 'The project 1 is not authorized to access the service test-service-name.', data assert data.get("status_code") == 403, data class TestErrorHandlers(web.Helper):