2 files changed, 25 insertions, 3 deletions

diff --git a/web-server/opendc/api/v2/simulations/simulationId/topologies/endpoint.py b/web-server/opendc/api/v2/simulations/simulationId/topologies/endpoint.py
index 952959ca..ecf80353 100644
--- a/web-server/opendc/api/v2/simulations/simulationId/topologies/endpoint.py
+++ b/web-server/opendc/api/v2/simulations/simulationId/topologies/endpoint.py
@@ -9,7 +9,12 @@ from opendc.util.database import Database
 def POST(request):
     """Add a new Topology to the specified simulation and return it"""
 
-    request.check_required_parameters(path={'simulationId': 'string'}, body={'topology': {'name': 'string'}})
+    request.check_required_parameters(path={'simulationId': 'string'},
+                                      body={
+                                          'topology': {
+                                              'name': 'string'
+                                          }
+                                      })
 
     simulation = Simulation.from_id(request.params_path['simulationId'])
 
@@ -17,6 +22,7 @@ def POST(request):
     simulation.check_user_access(request.google_id, True)
 
     topology = Topology({'name': request.params_body['topology']['name']})
+
     topology.set_property('datetimeCreated', Database.datetime_to_string(datetime.now()))
     topology.set_property('datetimeLastEdited', Database.datetime_to_string(datetime.now()))
     topology.insert()
diff --git a/web-server/opendc/api/v2/simulations/simulationId/topologies/test_endpoint.py b/web-server/opendc/api/v2/simulations/simulationId/topologies/test_endpoint.py
index cc26e1b0..5853d87d 100644
--- a/web-server/opendc/api/v2/simulations/simulationId/topologies/test_endpoint.py
+++ b/web-server/opendc/api/v2/simulations/simulationId/topologies/test_endpoint.py
@@ -32,5 +32,21 @@ def test_add_topology(client, mocker):
     assert '200' in res.status
 
 
-def test_add_topology_no_authorizations(client, mocker):
-    pass
+def test_add_topology_not_authorized(client, mocker):
+    mocker.patch.object(DB,
+                        'fetch_one',
+                        return_value={
+                            '_id': '1',
+                            'simulationId': '1',
+                            'authorizations': [{
+                                'simulationId': '1',
+                                'authorizationLevel': 'VIEW'
+                            }]
+                        })
+    assert '403' in client.post('/api/v2/simulations/1/topologies',
+                                json={
+                                    'topology': {
+                                        'name': 'test_topology',
+                                        'rooms': {}
+                                    }
+                                }).status