def get(self):
logger.debug("top of GET /actors")
actors = []
for k, v in actors_store.items():
if v['tenant'] == g.tenant:
actor = Actor.from_db(v)
if check_permissions(g.user, actor.db_id, READ):
actors.append(actor.display())
logger.info("actors retrieved.")
return ok(result=actors, msg="Actors retrieved successfully.")
def test_authorizedPermission_theTrueReturned(self):
result = auth.check_permissions("edit:user", {"permissions": ["edit:user"]})
self.assertEqual(result, True)
def test_checkUnAuthorizedPermission_thenAuthError(self):
with self.assertRaises(AuthError) as context:
auth.check_permissions("edit:7amada", {"permissions": []})
self.assertEqual(context.exception.status_code, 401)
self.assertEqual(context.exception.error['code'], 'unauthorized_action')
self.assertEqual(context.exception.error['description'], 'Action is not authorized')