From 20c89c9397c44f5ca6bc737dd637ddc4f4af0658 Mon Sep 17 00:00:00 2001
From: Saloni Shah <salonipshah11@gmail.com>
Date: Wed, 11 Sep 2024 15:24:55 -0400
Subject: [PATCH] revert PUT API changes; attempt to fix test

---
 .../dsde/agora/server/business/PermissionBusiness.scala    | 5 -----
 .../server/webservice/PermissionIntegrationSpec.scala      | 7 +++++--
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/src/main/scala/org/broadinstitute/dsde/agora/server/business/PermissionBusiness.scala b/src/main/scala/org/broadinstitute/dsde/agora/server/business/PermissionBusiness.scala
index 9d548b5d..7b43db66 100644
--- a/src/main/scala/org/broadinstitute/dsde/agora/server/business/PermissionBusiness.scala
+++ b/src/main/scala/org/broadinstitute/dsde/agora/server/business/PermissionBusiness.scala
@@ -127,11 +127,6 @@ class PermissionBusiness(permissionsDataSource: PermissionsDataSource) {
           batchEntityPermission(entity, requester, listAccessControl) map { _ =>
             EntityAccessControl(entity, listAccessControl, None)
           } recover {
-            // For unauthorized access return entity information that was already in the request and empty ACLs values.
-            // This meets previous response expectations, keeps response schema similar to POST API and fixes the
-            // issue mentioned in https://broadworkbench.atlassian.net/browse/WX-1764.
-            case aeae: AgoraEntityAuthorizationException =>
-              EntityAccessControl(entity, Seq.empty[AccessControl], Some(aeae.getMessage))
             case e:Exception =>
               EntityAccessControl(entity, listAccessControl, Some(e.getMessage))
           }
diff --git a/src/test/scala/org/broadinstitute/dsde/agora/server/webservice/PermissionIntegrationSpec.scala b/src/test/scala/org/broadinstitute/dsde/agora/server/webservice/PermissionIntegrationSpec.scala
index 6f644fcd..3789d752 100644
--- a/src/test/scala/org/broadinstitute/dsde/agora/server/webservice/PermissionIntegrationSpec.scala
+++ b/src/test/scala/org/broadinstitute/dsde/agora/server/webservice/PermissionIntegrationSpec.scala
@@ -370,7 +370,9 @@ class PermissionIntegrationSpec extends AnyFlatSpec with ScalatestRouteTest with
           val stubEntity = AgoraEntity(agoraEntity2.namespace, agoraEntity2.name, agoraEntity2.snapshotId)
           val found = entityAclList.find(_.entity.toShortString == stubEntity.toShortString)
           assert(found.isDefined, "second")
-          assertResult(Set(owner2.get), "second") {found.get.entity.managers.toSet}
+          assert(found.get.entity.managers.isEmpty, "second") // since user doesn't have permission they shouldn't see additional information about method
+          assert(found.get.message.isDefined, "second")
+          assert(found.get.message.get.contains("Authorization exception for user"), "second")
         }
         // check third - it doesn't exist in the db
         {
@@ -434,7 +436,8 @@ class PermissionIntegrationSpec extends AnyFlatSpec with ScalatestRouteTest with
           val stubEntity = AgoraEntity(agoraEntity2.namespace, agoraEntity2.name, agoraEntity2.snapshotId)
           val found = entityAclList.find(_.entity.toShortString == stubEntity.toShortString)
           assert(found.isDefined, "second")
-          assertResult(Some(true)) {found.get.entity.public}
+          assert(found.get.entity.public.isEmpty, "second") // since user doesn't have permission they shouldn't see additional information about method
+          assert(found.get.message.get.contains("Authorization exception for user"), "second")
         }
         // check third - it doesn't exist in the db
         {