def test_validate_access_incoming_account_id(self, lookup_account_id_method): with self.app.test_request_context(): account_id = "111222" lookup_account_id_method.return_value = account_id response = validate_access("fred", incoming_account_id="333444") lookup_account_id_method.assert_called_with("fred") self.assertEqual(response.status_code, client.UNAUTHORIZED) response = validate_access("fred", incoming_account_id="111222") self.assertIsNone(response)
def test_validate_access_registration_id(self, lookup_registration_id_method, lookup_account_id_method): with self.app.test_request_context(): account_id = "555" registration_id = "444" lookup_account_id_method.return_value = account_id lookup_registration_id_method.return_value = True return_value = validate_access("fred", registration_id="444") self.assertIsNone(return_value) lookup_account_id_method.assert_called_with("fred") lookup_registration_id_method.assert_called_with(account_id, registration_id) lookup_registration_id_method.return_value = False response = validate_access("fred", registration_id="444") self.assertEqual(response.status_code, client.UNAUTHORIZED)
def test_validate_access_incoming_account_id(self, lookup_account_id_method): with self.app.test_request_context(): account_id = '111222' lookup_account_id_method.return_value = account_id response = validate_access( 'fred', incoming_account_id='333444') lookup_account_id_method.assert_called_with('fred') self.assertEqual(response.status_code, client.UNAUTHORIZED) response = validate_access( 'fred', incoming_account_id='111222') self.assertIsNone(response)
def test_validate_access_registration_id(self, lookup_registration_id_method, lookup_account_id_method,): with self.app.test_request_context(): account_id = '555' registration_id = '444' lookup_account_id_method.return_value = account_id lookup_registration_id_method.return_value = True return_value = validate_access('fred', registration_id='444') self.assertIsNone(return_value) lookup_account_id_method.assert_called_with('fred') lookup_registration_id_method.assert_called_with( account_id, registration_id) lookup_registration_id_method.return_value = False response = validate_access('fred', registration_id='444') self.assertEqual(response.status_code, client.UNAUTHORIZED)
def test_validate_access_subscription_id(self, lookup_subscription_id_method, lookup_account_id_method,): with self.app.test_request_context(): account_id = '123' subscription_id = '775' lookup_account_id_method.return_value = account_id lookup_subscription_id_method.return_value = True return_value = validate_access('fred', subscription_id='775') self.assertIsNone(return_value) lookup_account_id_method.assert_called_with('fred') lookup_subscription_id_method.assert_called_with( account_id, subscription_id) lookup_subscription_id_method.return_value = False response = validate_access('fred', subscription_id='775') self.assertEqual(response.status_code, client.UNAUTHORIZED)
def delete(self, subscription_id): """ Deletes subscription record """ return_val = validate_access(request.headers['username'], subscription_id=subscription_id) if return_val: return return_val return delete(DEFAULT_SUBSCRIPTIONS_TABLE, subscription_id)
def delete(self, account_id): """ Deletes account record """ return_val = validate_access( request.headers['username'], incoming_account_id=account_id) if return_val: return return_val return delete_account(account_id)
def delete(self, registration_id): """ Deletes registration record, will also remove the records for this registration_id in the subscription table as well """ return_val = validate_access(request.headers['username'], registration_id=registration_id) if return_val: return return_val return delete_registration(registration_id)
def delete(self, subscription_id): """ Deletes subscription record """ return_val = validate_access( request.headers['username'], subscription_id=subscription_id) if return_val: return return_val return delete(DEFAULT_SUBSCRIPTIONS_TABLE, subscription_id)
def delete(self, registration_id): """ Deletes registration record, will also remove the records for this registration_id in the subscription table as well """ return_val = validate_access( request.headers['username'], registration_id=registration_id) if return_val: return return_val return delete_registration(registration_id)
def patch(self, registration_id): """ Updates registration. Only one field can be updated: description """ return_val = validate_access(request.headers['username'], registration_id=registration_id) if return_val: return return_val json_data = request.get_json() update_json = {} if 'description' in json_data: update_json['description'] = json_data['description'] else: return make_response( jsonify({'Error': 'Description field missing'}), client.BAD_REQUEST) return update(DEFAULT_REGISTRATIONS_TABLE, record_id=registration_id, updates=update_json)
def patch(self, registration_id): """ Updates registration. Only one field can be updated: description """ return_val = validate_access( request.headers['username'], registration_id=registration_id) if return_val: return return_val json_data = request.get_json() update_json = {} if 'description' in json_data: update_json['description'] = json_data['description'] else: return make_response( jsonify({'Error': 'Description field missing'}), client.BAD_REQUEST) return update(DEFAULT_REGISTRATIONS_TABLE, record_id=registration_id, updates=update_json)
def test_validate_access_admin(self): self.assertIsNone(validate_access("admin"))
def test_validate_access_admin(self): self.assertIsNone(validate_access('admin'))