for privacy, debitor and creditor values in transactions receive queries from account owners only. EXCEPTION: account in query set as public by owner (later feature)
- sign into account on react client
- POST /graphql/transactions with query and cognito token
expected
- /graphql calls getUser() with cognito token
- cognito
data returns from getUser()
- /graphql tests cognito
data.Username in debitor and creditor values of balance query before resolving measure-faas invocation:
const authorizeAccountBalanceQuery = (query, usernameFromCognitoGetUser) => {
// ...
if (query.creditor !== usernameFromCognitoGetUser && query.debitor !== usernameFromCognitoGetUser) {
console.log("401 Unauthorized")
return "401 Unauthorized"
}
// ...
}
*Estimations will include unit and e2e test coverage of requirements. New screens will include an e2e inventory test (example).
for privacy, debitor and creditor values in transactions receive queries from account owners only. EXCEPTION: account in query set as public by owner (later feature)
expected
datareturns fromgetUser()data.Usernameindebitorandcreditorvalues of balance query before resolving measure-faas invocation:*Estimations will include unit and e2e test coverage of requirements. New screens will include an e2e inventory test (example).