refactor/added bank level role for getFirehoseTransactionsForBankAccount

obp-api/src/main/scala/code/api/v3_0_0/APIMethods300.scala

@@ -572,18 +572,21 @@ trait APIMethods300 {
       transactionsJsonV300,
       List(UserNotLoggedIn, AccountFirehoseNotAllowedOnThisInstance, UserHasMissingRoles, UnknownError),
       List(apiTagTransaction, apiTagAccountFirehose, apiTagTransactionFirehose, apiTagFirehoseData, apiTagNewStyle),
-      Some(List(canUseAccountFirehoseAtAnyBank)))
+      Some(List(canUseAccountFirehoseAtAnyBank, ApiRole.canUseAccountFirehose))
+    )
 
     lazy val getFirehoseTransactionsForBankAccount : OBPEndpoint = {
       //get private accounts for all banks
       case "banks" :: BankId(bankId):: "firehose" :: "accounts" ::  AccountId(accountId) :: "views" :: ViewId(viewId) :: "transactions" :: Nil JsonGet req => {
         cc =>
+          val allowedEntitlements = canUseAccountFirehoseAtAnyBank :: ApiRole.canUseAccountFirehose :: Nil
+          val allowedEntitlementsTxt = allowedEntitlements.mkString(" or ")
           for {
             (Full(u), callContext) <-  authenticatedAccess(cc)
             _ <- Helper.booleanToFuture(failMsg = AccountFirehoseNotAllowedOnThisInstance , cc=callContext) {
               allowAccountFirehose
             }
-            _ <- NewStyle.function.hasEntitlement("", u.userId, ApiRole.canUseAccountFirehoseAtAnyBank, callContext)
+            _ <- NewStyle.function.hasAtLeastOneEntitlement(failMsg = UserHasMissingRoles + allowedEntitlementsTxt)(bankId.value, u.userId, allowedEntitlements, callContext)
             (bank, callContext) <- NewStyle.function.getBank(bankId, callContext)
             (bankAccount, callContext) <- NewStyle.function.getBankAccount(bankId, accountId, callContext)
             view <- NewStyle.function.checkViewAccessAndReturnView(viewId, BankIdAccountId(bankAccount.bankId, bankAccount.accountId),Some(u), callContext)

obp-api/src/test/scala/code/api/v3_0_0/FirehoseTest.scala

@@ -2,7 +2,7 @@ package code.api.v3_0_0
 
 import code.api.util.APIUtil.OAuth._
 import code.api.util.ApiRole
-import code.api.util.ApiRole.CanUseAccountFirehoseAtAnyBank
+import code.api.util.ApiRole.{CanUseAccountFirehose, CanUseAccountFirehoseAtAnyBank}
 import code.api.util.ErrorMessages.AccountFirehoseNotAllowedOnThisInstance
 import code.api.v3_0_0.OBPAPI3_0_0.Implementations3_0_0
 import code.entitlement.Entitlement
@@ -83,6 +83,18 @@ class FirehoseTest extends V300ServerSetup with PropsReset{
       response.code should equal(200)
       response.body.extract[ModeratedCoreAccountsJsonV300]
     }
+
+    scenario("We will call the endpoint with user credentials - bank level role", VersionOfApi, ApiEndpoint4) {
+      setPropsValues("allow_account_firehose" -> "true")
+      setPropsValues("enable.force_error" -> "true")
+      Entitlement.entitlement.vend.addEntitlement(testBankId1.value, resourceUser1.userId, ApiRole.CanUseAccountFirehose.toString)
+      When("We send the request")
+      val request = (v3_0Request / "banks" / testBankId1.value / "firehose" / "accounts" / testAccountId1.value / "views" / "owner" / "transactions").GET <@ (user1)
+      val response = makeGetRequest(request)
+      Then("We should get a 200 and check the response body")
+      response.code should equal(200)
+      response.body.extract[ModeratedCoreAccountsJsonV300]
+    }
     
     scenario("We will call the endpoint with user credentials, props alias", VersionOfApi, ApiEndpoint4) {
       setPropsValues("allow_firehose_views" -> "true")
@@ -104,6 +116,7 @@ class FirehoseTest extends V300ServerSetup with PropsReset{
       Then("We should get a 403 and check the response body")
       response.code should equal(403)
       response.body.toString contains (CanUseAccountFirehoseAtAnyBank.toString()) should be(true)
+      response.body.toString contains (CanUseAccountFirehose.toString()) should be(true)
     }
 
     scenario("We will call the endpoint missing props ", VersionOfApi, ApiEndpoint4) {