def try_only_ceo():
route = "departments/onlyCEO"
try_endpoint_with_user(route, None, expected_access=False)
for emp in get_employees():
can_access = emp["position"] == "CEO"
try_endpoint_with_user(route, emp["email"], expected_access=can_access)
def try_only_manager_or_ceo():
route = "departments/onlyManagerOrCEO"
try_endpoint_with_user(route, None, expected_access=False)
for emp in get_employees():
can_access = emp["position"] in ("Manager", "CEO")
try_endpoint_with_user(route, emp["email"], expected_access=can_access)
def try_with_restriction():
route = "employees/logged_restricted"
r = requests.get(f"{BASE_URL}/{route}")
assert r.status_code == 401
for emp in get_employees():
if emp["position"] == "CEO":
try_with_employee(route, emp)
def try_normal():
route = "employees/logged"
for emp in get_employees():
try_with_employee(route, emp)
def try_only_logged():
route = "departments/onlyLogged"
try_endpoint_with_user(route, None, expected_access=False)
for emp in get_employees():
try_endpoint_with_user(route, emp["email"], expected_access=True)
def try_free_access():
route = "departments/freeAccess"
try_endpoint_with_user(route, None, expected_access=True)
for emp in get_employees():
try_endpoint_with_user(route, emp["email"], expected_access=True)