copilot suggestions implemented, removed process_type, added schema

Author: jzbahrai

app/v3/template/get_template.py

@@ -1,6 +1,6 @@
 from flask import jsonify
 
-from app import api_user, authenticated_service
+from app import DATETIME_FORMAT, api_user, authenticated_service
 from app.dao import templates_dao
 from app.errors import InvalidRequest
 from app.models import ApiKeyPermission
@@ -24,14 +24,13 @@ def _serialize_template(template) -> dict:
         "id": str(template.id),
         "name": template.name,
         "type": template.template_type,
-        "created_at": template.created_at.isoformat(),
-        "updated_at": template.updated_at.isoformat() if template.updated_at else None,
+        "created_at": template.created_at.strftime(DATETIME_FORMAT),
+        "updated_at": template.updated_at.strftime(DATETIME_FORMAT) if template.updated_at else None,
         "created_by": template.created_by.email_address,
         "version": template.version,
         "body": template.content,
         "subject": template.subject if template.template_type != "sms" else None,
         "postage": template.postage,
-        "process_type": template.process_type,
         "template_category_id": str(template.template_category_id) if template.template_category_id else None,
         "folder_id": folder_id,
         "archived": template.archived,

app/v3/template/template_schemas.py

@@ -0,0 +1,52 @@
+from app.models import TEMPLATE_TYPES
+from app.schema_validation.definitions import uuid
+
+get_template_by_id_request = {
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "description": "schema for parameters allowed when getting template by id",
+    "type": "object",
+    "properties": {"id": uuid},
+    "required": ["id"],
+    "additionalProperties": False,
+}
+
+get_template_by_id_response = {
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "description": "GET template by id schema response",
+    "type": "object",
+    "title": "response v3/template",
+    "properties": {
+        "id": uuid,
+        "type": {"enum": TEMPLATE_TYPES},
+        "created_at": {
+            "format": "date-time",
+            "type": "string",
+            "description": "Date+time created",
+        },
+        "updated_at": {
+            "format": "date-time",
+            "type": ["string", "null"],
+            "description": "Date+time updated",
+        },
+        "created_by": {"type": "string"},
+        "version": {"type": "integer"},
+        "body": {"type": "string"},
+        "subject": {"type": ["string", "null"]},
+        "name": {"type": "string"},
+        "postage": {"type": ["string", "null"]},
+        "template_category_id": {"type": ["string", "null"]},
+        "folder_id": {"type": ["string", "null"]},
+        "archived": {"type": "boolean"},
+    },
+    "required": [
+        "id",
+        "type",
+        "created_at",
+        "updated_at",
+        "version",
+        "created_by",
+        "body",
+        "name",
+        "archived",
+    ],
+}

tests/app/v3/template/test_get_template.py

@@ -4,7 +4,7 @@
 from notifications_python_client.authentication import create_jwt_token
 
 from app.models import EMAIL_TYPE, SMS_TYPE
-from tests.app.db import create_template
+from tests.app.db import create_service, create_template
 
 
 def _auth_header(api_key):
@@ -48,7 +48,9 @@ def test_get_template_returns_richer_fields_than_v2(self, client, sample_service
         assert "archived" in data
         assert "template_category_id" in data
         assert "folder_id" in data
-        assert "process_type" in data
+
+        # process_type is intentionally NOT exposed in v3
+        assert "process_type" not in data
 
         # Core fields still present
         assert "id" in data
@@ -73,7 +75,8 @@ def test_get_template_returns_403_without_manage_templates_permission(self, clie
 
         assert response.status_code == 403
         data = json.loads(response.get_data(as_text=True))
-        assert "manage templates" in data["message"].lower() or "manage_templates" in data["message"].lower()
+        message = data["errors"][0]["message"].lower()
+        assert "manage templates" in message or "manage_templates" in message
 
     def test_get_template_returns_404_for_nonexistent_template(self, client, sample_service, create_api_key_with_manage_api_perm):
         nonexistent_id = uuid.uuid4()
@@ -87,20 +90,19 @@ def test_get_template_returns_404_for_nonexistent_template(self, client, sample_
         assert response.status_code == 404
 
     def test_get_template_returns_404_for_template_belonging_to_other_service(
-        self, client, sample_service, sample_template, create_api_key_with_manage_api_perm
+        self, client, sample_service, create_api_key_with_manage_api_perm
     ):
         """Templates from other services must not be accessible."""
+        other_service = create_service(service_name=f"other service {uuid.uuid4()}")
+        other_template = create_template(other_service, template_type=SMS_TYPE)
         auth_header = _auth_header(create_api_key_with_manage_api_perm)
 
         response = client.get(
-            f"/v3/template/{sample_template.id}",
+            f"/v3/template/{other_template.id}",
             headers=[("Content-Type", "application/json"), auth_header],
         )
 
-        # sample_template belongs to sample_service so this should work;
-        # if services differ the DAO raises NoResultFound → 404
-        # This test just verifies service scoping is enforced.
-        assert response.status_code in (200, 404)
+        assert response.status_code == 404
 
     def test_get_sms_template_has_null_subject(self, client, sample_service, create_api_key_with_manage_api_perm):
         template = create_template(sample_service, template_type=SMS_TYPE)