From ec8343f0b8ec6a283826e43b05f763c6faec1cff Mon Sep 17 00:00:00 2001
From: Akihiko Kuroda <akihikokuroda2020@gmail.com>
Date: Wed, 18 Sep 2024 13:35:41 -0400
Subject: [PATCH 1/2] allow provider to get the job by id

---
 gateway/api/views.py          | 12 ++++++++++++
 gateway/tests/api/test_job.py | 13 +++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/gateway/api/views.py b/gateway/api/views.py
index 706877677..624dff9db 100644
--- a/gateway/api/views.py
+++ b/gateway/api/views.py
@@ -453,6 +453,18 @@ def retrieve(self, request, pk=None):  # pylint: disable=unused-argument
         tracer = trace.get_tracer("gateway.tracer")
         ctx = TraceContextTextMapPropagator().extract(carrier=request.headers)
         with tracer.start_as_current_span("gateway.job.retrieve", context=ctx):
+            job = Job.objects.filter(pk=pk).first()
+            if job is None:
+                logger.warning("Job [%s] not found", pk)
+                return Response(status=404)
+            author = self.request.user
+            if job.program and job.program.provider:
+                provider_groups = job.program.provider.admin_groups.all()
+                author_groups = author.groups.all()
+                has_access = any(group in provider_groups for group in author_groups)
+                if has_access:
+                    serializer = self.get_serializer(job)
+                    return Response(serializer.data)
             instance = self.get_object()
             serializer = self.get_serializer(instance)
         return Response(serializer.data)
diff --git a/gateway/tests/api/test_job.py b/gateway/tests/api/test_job.py
index e29d0f100..6e1b3b414 100644
--- a/gateway/tests/api/test_job.py
+++ b/gateway/tests/api/test_job.py
@@ -83,6 +83,19 @@ def test_job_detail(self):
         self.assertEqual(jobs_response.data.get("status"), "SUCCEEDED")
         self.assertEqual(jobs_response.data.get("result"), '{"somekey":1}')
 
+    def test_job_provider_detail(self):
+        """Tests job detail authorized."""
+        user = models.User.objects.get(username="test_user_2")
+        self.client.force_authenticate(user=user)
+
+        jobs_response = self.client.get(
+            reverse("v1:jobs-detail", args=["1a7947f9-6ae8-4e3d-ac1e-e7d608deec86"]),
+            format="json",
+        )
+        self.assertEqual(jobs_response.status_code, status.HTTP_200_OK)
+        self.assertEqual(jobs_response.data.get("status"), "QUEUED")
+        self.assertEqual(jobs_response.data.get("result"), '{"somekey":1}')
+
     def test_not_authorized_job_detail(self):
         """Tests job detail fails trying to access to other user job."""
         self._authorize()

From eb9c614bc61f70277c23eb3ec2385bea604d277f Mon Sep 17 00:00:00 2001
From: Akihiko Kuroda <akihikokuroda2020@gmail.com>
Date: Wed, 18 Sep 2024 20:07:15 -0400
Subject: [PATCH 2/2] review comments

---
 gateway/api/views.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/gateway/api/views.py b/gateway/api/views.py
index 624dff9db..e4e4fa2db 100644
--- a/gateway/api/views.py
+++ b/gateway/api/views.py
@@ -456,7 +456,10 @@ def retrieve(self, request, pk=None):  # pylint: disable=unused-argument
             job = Job.objects.filter(pk=pk).first()
             if job is None:
                 logger.warning("Job [%s] not found", pk)
-                return Response(status=404)
+                return Response(
+                    {"message": f"Job [{pk}] was not found."},
+                    status=status.HTTP_404_NOT_FOUND,
+                )
             author = self.request.user
             if job.program and job.program.provider:
                 provider_groups = job.program.provider.admin_groups.all()