Add list of possible permissions

app/api/permission_protection.py

@@ -3,7 +3,20 @@ from flask_restful import abort
 from functools import wraps
 
 
+valid_permissions = [
+        'CREATE_DEVICE_TYPE',
+        'CREATE_ROLE',
+        'ASSIGN_ROLE',
+        'CREATE_DEVICE',
+        'CREATE_DASHBOARD',
+        'READ_DEVICE_TYPES',
+        'READ_ROLES']
+
+
 def requires_permission(permission, action_name='Action'):
+    if permission not in valid_permissions:
+        raise ValueError('Permission ' + str(permission) + ' does not exist!')
+
     def requires_permission_decorator(func):
         @wraps(func)
         def permission_protected_function(*args, **kwargs):

app/api/resources/account.py

@@ -5,7 +5,8 @@ from webargs.flaskparser import use_args
 from flasgger import swag_from
 import app.accounts.api as accounts
 from app.api.auth_protection import ProtectedResource
-from app.api.permission_protection import requires_permission
+from app.api.permission_protection import (requires_permission,
+                                           valid_permissions)
 
 
 class UserSchema(Schema):
@@ -18,11 +19,16 @@ class RoleUpdateSchema(Schema):
     role_id = fields.Integer(required=True, load_only=True, location='json')
 
 
+def validate_role_permissions(permissions_list):
+    return set(permissions_list).issubset(valid_permissions)
+
+
 class RoleSchema(Schema):
     id = fields.Integer(required=True, location='json')
     display_name = fields.String(required=True, location='json')
     permissions = fields.List(fields.String, required=True,
-                              location='json', many=True)
+                              location='json', many=True,
+                              validate=validate_role_permissions)
 
 
 class RoleWrapperSchema(Schema):