19673 - Create eft_staff role to access EFT shortname functionality (#…

…1405) * add manage_eft role for accessing eft functionality * unit test fix * unit test fix
bcgov · Feb 7, 2024 · 6c19b72 · 6c19b72
1 parent 5ff5021
commit 6c19b72
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 9 deletions.
diff --git a/pay-api/src/pay_api/resources/v1/eft_short_names.py b/pay-api/src/pay_api/resources/v1/eft_short_names.py
@@ -36,7 +36,7 @@
 @bp.route('', methods=['GET', 'OPTIONS'])
 @cross_origin(origins='*', methods=['GET'])
 @_jwt.requires_auth
-@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.STAFF.value])
+@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.MANAGE_EFT.value])
 def get_eft_shortnames():
     """Get all eft short name records."""
     current_app.logger.info('<get_eft_shortnames')
@@ -78,7 +78,7 @@ def get_eft_shortnames():
 @cross_origin(origins='*', methods=['GET', 'PATCH'])
 @_tracing.trace()
 @_jwt.requires_auth
-@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.STAFF.value])
+@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.MANAGE_EFT.value])
 def get_eft_shortname(short_name_id: int):
     """Get EFT short name details."""
     current_app.logger.info('<get_eft_shortname')
@@ -95,7 +95,7 @@ def get_eft_shortname(short_name_id: int):
 @bp.route('/<int:short_name_id>', methods=['PATCH'])
 @cross_origin(origins='*')
 @_tracing.trace()
-@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.STAFF.value])
+@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.MANAGE_EFT.value])
 def patch_eft_shortname(short_name_id: int):
     """Update EFT short name mapping."""
     current_app.logger.info('<patch_eft_shortname')
@@ -119,7 +119,7 @@ def patch_eft_shortname(short_name_id: int):
 @cross_origin(origins='*', methods=['GET'])
 @_tracing.trace()
 @_jwt.requires_auth
-@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.STAFF.value])
+@_jwt.has_one_of_roles([Role.SYSTEM.value, Role.MANAGE_EFT.value])
 def get_eft_shortname_transactions(short_name_id: int):
     """Get EFT short name transactions."""
     current_app.logger.info('<get_eft_shortname_transactions')

diff --git a/pay-api/src/pay_api/utils/enums.py b/pay-api/src/pay_api/utils/enums.py
@@ -137,6 +137,7 @@ class Role(Enum):
     FAS_CORRECTION = 'fas_correction'
     SANDBOX = 'sandbox'
     VIEW_ALL_TRANSACTIONS = 'view_all_transactions'
+    MANAGE_EFT = 'manage_eft'
 
 
 class Code(Enum):

diff --git a/pay-api/tests/unit/api/test_eft_short_names.py b/pay-api/tests/unit/api/test_eft_short_names.py
@@ -36,7 +36,7 @@
 
 def test_patch_eft_short_name(session, client, jwt, app):
     """Assert that an EFT short name account id can be patched."""
-    token = jwt.create_jwt(get_claims(roles=[Role.STAFF.value],
+    token = jwt.create_jwt(get_claims(roles=[Role.MANAGE_EFT.value],
                                       username='IDIR/JSMITH'), token_header)
     headers = {'Authorization': f'Bearer {token}', 'content-type': 'application/json'}
     factory_payment_account(payment_method_code=PaymentMethod.EFT.value,
@@ -60,7 +60,7 @@ def test_patch_eft_short_name(session, client, jwt, app):
 
 def test_patch_eft_short_name_validation(session, client, jwt, app):
     """Assert that invalid request is returned for existing short name."""
-    token = jwt.create_jwt(get_claims(roles=[Role.STAFF.value]), token_header)
+    token = jwt.create_jwt(get_claims(roles=[Role.MANAGE_EFT.value]), token_header)
     headers = {'Authorization': f'Bearer {token}', 'content-type': 'application/json'}
     short_name = factory_eft_shortname(short_name='TESTSHORTNAME', auth_account_id='1234').save()
 
@@ -96,7 +96,7 @@ def assert_short_name(result_dict: dict, short_name: EFTShortnamesModel, transac
 
 def test_search_eft_short_names(session, client, jwt, app):
     """Assert that EFT short names can be searched."""
-    token = jwt.create_jwt(get_claims(roles=[Role.STAFF.value]), token_header)
+    token = jwt.create_jwt(get_claims(roles=[Role.MANAGE_EFT.value]), token_header)
     headers = {'Authorization': f'Bearer {token}', 'content-type': 'application/json'}
 
     # Assert initial search returns empty items
@@ -433,7 +433,7 @@ def test_search_eft_short_names(session, client, jwt, app):
 
 def test_apply_eft_short_name_credits(session, client, jwt, app):
     """Assert that credits are applied to invoices when short name is mapped to an account."""
-    token = jwt.create_jwt(get_claims(roles=[Role.STAFF.value]), token_header)
+    token = jwt.create_jwt(get_claims(roles=[Role.STAFF.value, Role.MANAGE_EFT.value]), token_header)
     headers = {'Authorization': f'Bearer {token}', 'content-type': 'application/json'}
     short_name = factory_eft_shortname(short_name='TESTSHORTNAME').save()
 

diff --git a/pay-api/tests/unit/api/test_eft_transactions.py b/pay-api/tests/unit/api/test_eft_transactions.py
@@ -40,7 +40,7 @@ def assert_transaction(result_dict: dict, short_name: EFTShortnamesModel, transa
 
 def test_search_short_name_transactions(session, client, jwt, app):
     """Assert that EFT short names transactions can be searched."""
-    token = jwt.create_jwt(get_claims(roles=[Role.STAFF.value]), token_header)
+    token = jwt.create_jwt(get_claims(roles=[Role.MANAGE_EFT.value]), token_header)
     headers = {'Authorization': f'Bearer {token}', 'content-type': 'application/json'}
 
     # create test data