From 3376ab10defc01c45f8ec7c798e5fe9065551ebc Mon Sep 17 00:00:00 2001
From: Gil Forcada Codinachs <gil.gnome@gmail.com>
Date: Sat, 23 Dec 2023 00:04:32 +0100
Subject: [PATCH 1/3] feat: report if a permission does not exist

If the user does not have a permission, it might be because the
permission name is actually wrong.
---
 src/plone/api/user.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/plone/api/user.py b/src/plone/api/user.py
index 1ac97d16..ad6eca6f 100644
--- a/src/plone/api/user.py
+++ b/src/plone/api/user.py
@@ -327,7 +327,18 @@ def has_permission(permission, username=None, user=None, obj=None):
         context = env.adopt_user(username, user)
 
     with context:
-        return bool(getSecurityManager().checkPermission(permission, obj))
+        return_value = bool(getSecurityManager().checkPermission(permission, obj))
+        if not return_value:
+            names = [x[0] for x in getPermissions()]
+            if permission not in names:
+                raise InvalidParameterError(
+                    "Cannot find a permission with name '{permission}'\n"
+                    "Available permissions are:\n"
+                    "{names}".format(
+                        permission=permission, names="\n".join(sorted(names))
+                    )
+                )
+        return return_value
 
 
 @required_parameters("roles")

From e34240885389ef20c4480a2afc255c14fd67e4b8 Mon Sep 17 00:00:00 2001
From: Gil Forcada Codinachs <gil.gnome@gmail.com>
Date: Sun, 28 Apr 2024 13:37:03 +0200
Subject: [PATCH 2/3] fix(tests): use an existing permission

---
 src/plone/api/tests/test_env.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/plone/api/tests/test_env.py b/src/plone/api/tests/test_env.py
index e56161ba..c82e4af5 100644
--- a/src/plone/api/tests/test_env.py
+++ b/src/plone/api/tests/test_env.py
@@ -530,14 +530,15 @@ def test_adopt_user_different_username(self):
 
     def test_roles_restored_after_exception(self):
         """Tests that roles are restored after an exception."""
-        self.assertFalse(api.user.has_permission("Manage portal content"))
+        permission = "Manage properties"
+        self.assertFalse(api.user.has_permission(permission))
         try:
             with api.env.adopt_roles(["Manager"]):
-                self.assertTrue(api.user.has_permission("Manage portal content"))
+                self.assertTrue(api.user.has_permission(permission))
                 raise TestException("Test exception")
         except TestException:
             pass
-        self.assertFalse(api.user.has_permission("Manage portal content"))
+        self.assertFalse(api.user.has_permission(permission))
 
     def test_user_restored_after_exception(self):
         """Tests that roles are restored after an exception."""

From ce188593ba01fcb515044095a9a2e561d878e6b2 Mon Sep 17 00:00:00 2001
From: Gil Forcada Codinachs <gil.gnome@gmail.com>
Date: Sat, 23 Dec 2023 00:09:25 +0100
Subject: [PATCH 3/3] Add news entry

---
 news/515.feature | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 news/515.feature

diff --git a/news/515.feature b/news/515.feature
new file mode 100644
index 00000000..4fcdd219
--- /dev/null
+++ b/news/515.feature
@@ -0,0 +1,3 @@
+Report if a permission does not exist
+when calling `api.user.has_permission`.
+[gforcada]