finapps 5.0.36 → 5.0.45

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d502756b01180a324db1ab9e232bd71810d1e9f950bcaf9f47df667c3bd2d7ed
-  data.tar.gz: b1a9723d9944b250ff1d57917e66c903647929b3161ecb718dde62b9804f7d36
+  metadata.gz: c79a7e77e6c6496121b61c0b2d37324ec7ca7aa9ff7f8c4153ebf4cb5a4d764b
+  data.tar.gz: 2016bac07309e1817c0236ddb5b69f5cfb0577ff6c3af27d28ea195b9a56356e
 SHA512:
-  metadata.gz: 643b7f796405c8d6d06f2f414098b23f4295627702c03d119599827f8977866c8ffc8f62ab7b60330ae679ef35be0247440d16f938686c75f1426be3fec3a068
-  data.tar.gz: cb58c991c8b188221f9900d057e03d2394eaa7baaf712edf4f1f029a722436afe2e424e4562176778e00d294d9ebaac609ab7d578d57110162889e5b56a9ed2a
+  metadata.gz: ce58b007e2b3122c2bb4b6ac8e1fd435da08c69e81de23e566488ca52ac4d626d57a814c14dcec667a92d413f93cf746380aeb487ea3b31b7c9fcea048adaa33
+  data.tar.gz: 8642f81a12d89676bb95458a20d0eaa4ac1cc1be30d6384e2ba7a4a3960472f849aca73927bf11ac45045617904ec3a2cfafec48a7c3f34316e2df603b8447e1

data/.github/release-drafter.yml

@@ -0,0 +1,49 @@
+name-template: 'version $RESOLVED_VERSION'
+tag-template: 'v$RESOLVED_VERSION'
+categories:
+  - title: 'Added'
+    labels: 'enhancement'
+  - title: 'Changed'
+    labels: 'change' 
+  - title: 'Deprecated'
+    labels: 'deprecated' 
+  - title: 'Removed'
+    labels: 'removed'     
+  - title: 'Fixed'
+    labels: 'bug'
+  - title: 'Security'
+    label: 'dependencies'
+  - title: 'Documentation updates'
+    label: 'documentation'
+  - title: 'Maintenance'
+    labels: 'internal'  
+      
+change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
+
+version-resolver:
+  major:
+    labels:
+      - 'major'
+  minor:
+    labels:
+      - 'minor'
+  patch:
+    labels:
+      - 'patch'
+  default: patch
+  
+exclude-labels:
+  - reverted
+  - no-changelog
+  - skip-changelog
+  - invalid
+  
+template: |
+  ## [$RESOLVED_VERSION](https://github.com/finapps/ruby-client/compare/$PREVIOUS_TAG...$RESOLVED_VERSION)
+  $CHANGES
+
+replacers:
+  - search: '/CVE-(\d{4})-(\d+)/g'
+    replace: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-$1-$2'
+  - search: '@dependabot-preview'
+    replace: '@dependabot'

data/.github/workflows/main.yaml

@@ -1,9 +1,10 @@
-name: Main
+name: Continuous Integration
 
 on: [push, pull_request]
 
 jobs:
   ci:
+    if: "!contains(github.event.head_commit.message, 'skip ci')"
     runs-on: ubuntu-latest
 
     strategy:
@@ -17,7 +18,7 @@ jobs:
         with:
           ruby-version: '2.6'
 
-      - uses: actions/cache@v1
+      - uses: actions/cache@v2
         with:
           path: vendor/bundle
           key: ${{ runner.os  }}-gems-${{ hashFiles('**/Gemfile.lock')  }}
@@ -26,7 +27,7 @@ jobs:
 
       - name: Install gems
         run: |
-          gem install bundler
+          gem install -N bundler
           bundle config path vendor/bundle
           bundle install --jobs 4 --retry 3
 

data/.github/workflows/release-drafter.yml

@@ -0,0 +1,15 @@
+name: Release Drafter
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  update_release_draft:
+    if: "!contains(github.event.head_commit.message, 'skip ci')"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

data/.github/workflows/release.yml

@@ -0,0 +1,54 @@
+name: Bump version and Release
+on:
+  release:
+    types: [published]
+          
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+
+    steps:
+    - uses: actions/checkout@master
+      with:
+        persist-credentials: false
+        fetch-depth: 0 # otherwise, you will failed to push refs to dest repo
+
+    - uses: actions/setup-ruby@v1
+      with: 
+        ruby-version: '2.6'
+        
+    - name: Get version from latest tag
+      id: get_version
+      uses: battila7/get-version-action@v2
+
+    - name: Bump version   
+      run: |
+        gem install -N gem-release
+        git config --local user.email "action@github.com"
+        git config --local user.name "GitHub Action"
+        gem bump --skip-ci --version ${{ steps.get_version.outputs.version-without-v }}
+        
+    - name: Push changes
+      uses: ad-m/github-push-action@master
+      with:
+        # GitHub Actions token does not support pushing to protected branches.
+        # github_token: ${{ secrets.GITHUB_TOKEN }}
+        #        
+        # A manually populated`PERSONAL_ACCESS_TOKEN` environment variable 
+        # with permissions to push to a protected branch must be used.
+        # not ideal - keep eyes open for a better solution
+        github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+        
+    - name: Release gem to rubygems.org    
+      run: |
+        set +x
+        mkdir -p ~/.gem
+        cat << EOF > ~/.gem/credentials
+        ---
+        :rubygems_api_key: ${{ secrets.RUBYGEMS_API_KEY }}
+        EOF
+        chmod 0600 ~/.gem/credentials
+        set -x
+        gem release

data/.github/workflows/verify-pr-labeled.yml

@@ -0,0 +1,14 @@
+name: "Require PR labels"
+
+on:
+  pull_request:
+    types: [opened, labeled, unlabeled, synchronize]
+jobs:
+  label:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: mheap/github-action-required-labels@v1
+        with:
+          mode: exactly
+          count: 1
+          labels: "bug, change, enhancement"       

data/.rubocop.yml

@@ -141,22 +141,8 @@ Style/OneLineConditional:
   Description: Favor the ternary operator(?:) over if/then/else/end constructs.
   StyleGuide: https://github.com/bbatsov/ruby-style-guide#ternary-operator
   Enabled: false
-Style/ExponentialNotation:
-  Enabled: true
-Style/HashEachMethods:
-  Enabled: true
-Style/HashTransformKeys:
-  Enabled: true
-Style/HashTransformValues:
-  Enabled: true
-Style/RedundantFetchBlock:
-  Enabled: true
-Style/SlicingWithRange:
-  Enabled: true
 Style/OptionalBooleanParameter:
   Enabled: false
-Style/StringConcatenation:
-  Enabled: false
 
 RSpec/NestedGroups:
   Max: 5

data/finapps.gemspec

@@ -24,7 +24,6 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency 'bundler',                    '~> 2.0',   '>= 2.0.2'
   spec.add_development_dependency 'codeclimate-test-reporter',  '~> 1.0',   '>= 1.0.9'
-  spec.add_development_dependency 'gem-release',                '~> 2.1',   '>= 2.1.1'
   spec.add_development_dependency 'guard',                      '~> 2.16',  '>= 2.16.1'
   spec.add_development_dependency 'guard-rspec',                '~> 4.7',   '>= 4.7.3'
   spec.add_development_dependency 'rake',                       '~> 13.0',  '>= 13.0.1'

data/lib/finapps/rest/documents_orders_notifications.rb

@@ -3,11 +3,11 @@
 module FinApps
   module REST
     class DocumentsOrdersNotifications < FinAppsCore::REST::Resources
-      def create(id)
+      def create(id, params = [])
         not_blank(id, :id)
 
         path = "documents/orders/#{ERB::Util.url_encode(id)}/notify"
-        super nil, path
+        super params, path
       end
     end
   end

data/lib/finapps/rest/documents_uploads.rb

@@ -18,6 +18,14 @@ module FinApps
         not_blank(doc_id, :doc_id)
         super(nil, "documents/orders/#{order_id}/#{doc_id}")
       end
+
+      def destroy_by_consumer(consumer_id, document_id)
+        not_blank(consumer_id, :consumer_id)
+        not_blank(document_id, :document_id)
+
+        path = "consumers/#{consumer_id}/documents/#{document_id}"
+        send_request path, :delete
+      end
     end
   end
 end

data/lib/finapps/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module FinApps
-  VERSION = '5.0.36'
+  VERSION = '5.0.45'
 end

data/spec/rest/documents_orders_notifications_spec.rb

@@ -17,7 +17,7 @@ RSpec.describe FinApps::REST::DocumentsOrdersNotifications do
     end
 
     context 'when invalid id is provided' do
-      let(:create) { subject.create(:invalid_id) }
+      let(:create) { subject.create(:invalid_id, ['1234']) }
       let(:results) { create[RESULTS] }
       let(:error_messages) { create[ERROR_MESSAGES] }
 
@@ -30,7 +30,7 @@ RSpec.describe FinApps::REST::DocumentsOrdersNotifications do
     end
 
     context 'with valid id' do
-      let(:create) { subject.create(:valid_id) }
+      let(:create) { subject.create(:valid_id, ['1234']) }
       let(:results) { create[RESULTS] }
       let(:error_messages) { create[ERROR_MESSAGES] }
 

data/spec/rest/documents_uploads_spec.rb

@@ -101,4 +101,57 @@ RSpec.describe FinApps::REST::DocumentsUploads do
       end
     end
   end
+
+  describe '#destroy_by_consumer' do
+    subject(:destroy_by_consumer) do
+      described_class.new(client).destroy_by_consumer(consumer_id, document_id)
+    end
+
+    let(:results) { destroy_by_consumer[0] }
+    let(:error_messages) { destroy_by_consumer[1] }
+
+    context 'with valid params' do
+      let(:consumer_id) { :valid_consumer_id }
+      let(:document_id) { :valid_document_id }
+
+      it_behaves_like 'an API request'
+      it_behaves_like 'a successful request'
+      it('results is nil') { expect(results).to be_nil }
+    end
+
+    context 'with invalid consumer_id' do
+      let(:consumer_id) { :invalid_consumer_id }
+      let(:document_id) { :valid_document_id }
+
+      it_behaves_like 'an API request'
+      it('results is nil') { expect(results).to be_nil }
+
+      it('error messages array is populated') do
+        expect(error_messages.first.downcase).to eq('resource not found')
+      end
+    end
+
+    context 'with invalid document id' do
+      let(:consumer_id) { :valid_consumer_id }
+      let(:document_id) { :invalid_document_id }
+
+      it_behaves_like 'an API request'
+      it('results is nil') { expect(results).to be_nil }
+
+      it('error messages array is populated') do
+        expect(error_messages.first.downcase).to eq('resource not found')
+      end
+    end
+
+    context 'with missing id' do
+      let(:consumer_id) { nil }
+      let(:document_id) { nil }
+
+      it do
+        expect { destroy_by_consumer }.to raise_error(
+          FinAppsCore::MissingArgumentsError
+        )
+      end
+    end
+  end
 end

data/spec/rest/signed_documents_downloads_spec.rb

@@ -10,6 +10,10 @@ RSpec.describe FinApps::REST::SignedDocumentsDownloads do
   let(:document) { described_class.new(api_client) }
 
   describe '#show' do
+    subject(:show) do
+      document.show(:consumer_id, :signature_request_id)
+    end
+
     context 'when missing signature request id' do
       subject(:show) { document.show(:consumer_id, nil) }
 
@@ -26,13 +30,6 @@ RSpec.describe FinApps::REST::SignedDocumentsDownloads do
       end
     end
 
-    subject(:show) do
-      document.show(
-        :consumer_id,
-        :signature_request_id
-      )
-    end
-
     it_behaves_like 'an API request'
     it_behaves_like 'a successful request'
   end

data/spec/rest/verix/verix_documents_spec.rb

@@ -10,6 +10,8 @@ RSpec.describe FinApps::REST::VerixDocuments do
   let(:document) { described_class.new(api_client) }
 
   describe '#list' do
+    subject { document.list(:record_id) }
+
     context 'when missing parameters' do
       subject(:list) { document.list(nil) }
 
@@ -18,13 +20,13 @@ RSpec.describe FinApps::REST::VerixDocuments do
       end
     end
 
-    subject { document.list(:record_id) }
-
     it_behaves_like 'an API request'
     it_behaves_like 'a successful request'
   end
 
   describe '#show' do
+    subject { document.show(:record_id, :document_id) }
+
     context 'when missing record_id' do
       subject(:show) { document.show(nil, :document_id) }
 
@@ -37,8 +39,6 @@ RSpec.describe FinApps::REST::VerixDocuments do
       it { expect { show }.to raise_error(FinAppsCore::MissingArgumentsError) }
     end
 
-    subject { document.show(:record_id, :document_id) }
-
     it_behaves_like 'an API request'
     it_behaves_like 'a successful request'
   end

data/spec/spec_helper.rb

@@ -32,7 +32,7 @@ RSpec.configure do |config|
   config.before do
     base_url =
       "#{FinAppsCore::REST::Defaults::DEFAULTS[:host]}/v#{FinAppsCore::REST::Defaults::API_VERSION}/"
-    stub_request(:any, /#{base_url}/).to_rack(::FakeApi)
+    stub_request(:any, /#{base_url}/).to_rack(::Fake::FakeApi)
   end
   WebMock.disable_net_connect!(allow: 'codeclimate.com')
 end

data/spec/support/documents_uploads_routes.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Fake
+  module DocumentsUploadsRoutes
+    class << self
+      def included(base)
+        base.get("/#{base.version}/consumers/:consumer_id/documents/:doc_id?thumbnail=false") do
+          pdf_response 'signed_document.pdf'
+        end
+        destroy_routes(base)
+        destroy_by_consumer_routes(base)
+        super
+      end
+
+      def destroy_routes(base)
+        base.delete("/#{base.version}/documents/orders/valid_order_id/valid_doc_id") { status 204 }
+        base.delete("/#{base.version}/documents/orders/valid_order_id/invalid_doc_id") do
+          json_response 404, 'resource_not_found.json'
+        end
+        base.delete("/#{base.version}/documents/orders/invalid_order_id/valid_doc_id") do
+          json_response 404, 'resource_not_found.json'
+        end
+      end
+
+      def destroy_by_consumer_routes(base)
+        base.delete("/#{base.version}/consumers/valid_consumer_id/documents/valid_document_id") { status 204 }
+        base.delete("/#{base.version}/consumers/invalid_consumer_id/documents/invalid_document_id") do
+          json_response 404, 'resource_not_found.json'
+        end
+        base.delete("/#{base.version}/consumers/invalid_consumer_id/documents/valid_document_id") do
+          json_response 404, 'resource_not_found.json'
+        end
+        base.delete("/#{base.version}/consumers/valid_consumer_id/documents/invalid_document_id") do
+          json_response 404, 'resource_not_found.json'
+        end
+      end
+    end
+  end
+end

data/spec/support/fake_api.rb

@@ -1,522 +1,515 @@
 # frozen_string_literal: true
 
 require 'sinatra/base'
+require_relative 'documents_uploads_routes'
+module Fake
+  # the FakeApi class is used to mock API requests while testing.
+  class FakeApi < Sinatra::Base
+    def self.version
+      "v#{FinAppsCore::REST::Defaults::API_VERSION}"
+    end
 
-# the FakeApi class is used to mock API requests while testing.
-class FakeApi < Sinatra::Base
-  def self.version
-    "v#{FinAppsCore::REST::Defaults::API_VERSION}"
-  end
-
-  # resource
-  post("/#{version}/resources") { json_response 201, 'resource.json' }
-  get("/#{version}/resources/:id") { json_response 200, 'resource.json' }
-  get("/#{version}/resources") { json_response 200, 'resources.json' }
-  put("/#{version}/resources") { json_response 201, 'resource.json' }
-  delete("/#{version}/resources/:id") { status 202 }
+    # resource
+    post("/#{version}/resources") { json_response 201, 'resource.json' }
+    get("/#{version}/resources/:id") { json_response 200, 'resource.json' }
+    get("/#{version}/resources") { json_response 200, 'resources.json' }
+    put("/#{version}/resources") { json_response 201, 'resource.json' }
+    delete("/#{version}/resources/:id") { status 202 }
 
-  # verix_metadata
-  get("/#{version}/v/metadata") do
-    json_response 200, 'verix/metadata.json'
-  end
+    # verix_metadata
+    get("/#{version}/v/metadata") do
+      json_response 200, 'verix/metadata.json'
+    end
 
-  # verix_records
-  get("/#{version}/v/record") do
-    json_response 200, 'verix/record/list.json'
-  end
-  post("/#{version}/v/record") do
-    json_response 200, 'verix/record/create.json'
-  end
+    # verix_records
+    get("/#{version}/v/record") do
+      json_response 200, 'verix/record/list.json'
+    end
+    post("/#{version}/v/record") do
+      json_response 200, 'verix/record/create.json'
+    end
 
-  # verix_pdf_documents
-  get("/#{version}/v/record/:record_id/file/:provider_id") do
-    pdf_response 'verix/document/document.pdf'
-  end
+    # verix_pdf_documents
+    get("/#{version}/v/record/:record_id/file/:provider_id") do
+      pdf_response 'verix/document/document.pdf'
+    end
 
-  # verix_documents
-  get("/#{version}/v/record/:record_id/document") do
-    json_response 200, 'verix/document/show.json'
-  end
-  get("/#{version}/v/record/:record_id/document/:document_id") do
-    json_response 200, 'verix/document/list.json'
-  end
+    # verix_documents
+    get("/#{version}/v/record/:record_id/document") do
+      json_response 200, 'verix/document/show.json'
+    end
+    get("/#{version}/v/record/:record_id/document/:document_id") do
+      json_response 200, 'verix/document/list.json'
+    end
 
-  # plaid_webhook/metadata
-  get("/#{version}/p/metadata") do
-    tenant_token = request.env['HTTP_X_TENANT_TOKEN']
-    if tenant_token == 'invalid_tenant_token'
-      json_response 404, 'invalid_tenant_credentials.json'
-    else
-      json_response 200, 'plaid/webhook.json'
+    # plaid_webhook/metadata
+    get("/#{version}/p/metadata") do
+      tenant_token = request.env['HTTP_X_TENANT_TOKEN']
+      if tenant_token == 'invalid_tenant_token'
+        json_response 404, 'invalid_tenant_credentials.json'
+      else
+        json_response 200, 'plaid/webhook.json'
+      end
     end
-  end
 
-  # plaid_institution_consumer
-  get("/#{version}/p/institution/consumer/:consumer_institution_id") do
-    json_response 200, 'plaid/institution/consumer/show.json'
-  end
-  get("/#{version}/p/institution/consumer/:consumer_institution_id/account") do
-    json_response 200, 'plaid/institution/consumer/show_accounts.json'
-  end
-  get("/#{version}/p/institution/consumer") do
-    tenant_token = request.env['HTTP_X_TENANT_TOKEN']
-    if tenant_token == 'invalid_tenant_token'
-      json_response 404, 'resource_not_found.json'
-    else
-      json_response 200, 'plaid/institution/consumer/list.json'
+    # plaid_institution_consumer
+    get("/#{version}/p/institution/consumer/:consumer_institution_id") do
+      json_response 200, 'plaid/institution/consumer/show.json'
     end
-  end
-  post("/#{version}/p/institution/consumer") do
-    tenant_token = request.env['HTTP_X_TENANT_TOKEN']
-    if tenant_token == 'invalid_tenant_token'
-      json_response 404, 'resource_not_found.json'
-    else
-      json_response 200, 'plaid/institution/consumer/add.json'
+    get("/#{version}/p/institution/consumer/:consumer_institution_id/account") do
+      json_response 200, 'plaid/institution/consumer/show_accounts.json'
     end
-  end
-  delete("/#{version}/p/institution/consumer/:consumer_institution_id") do
-    status 204
-  end
-  put("/#{version}/p/institution/consumer/:consumer_institution_id") do
-    status 204
-  end
-  get("/#{version}/p/institution/consumer/:consumer_institution_id/token") do
-    json_response 200, 'plaid/institution/consumer/public_token.json'
-  end
-
-  # plaid_accounts
-  get("/#{version}/p/account") do
-    json_response 200, 'plaid/account/list.json'
-  end
-  get("/#{version}/p/account/:account_id") do
-    json_response 200, 'plaid/account/show.json'
-  end
-  put("/#{version}/p/accounts/permissions") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload.is_a? Array
+    get("/#{version}/p/institution/consumer") do
+      tenant_token = request.env['HTTP_X_TENANT_TOKEN']
+      if tenant_token == 'invalid_tenant_token'
+        json_response 404, 'resource_not_found.json'
+      else
+        json_response 200, 'plaid/institution/consumer/list.json'
+      end
+    end
+    post("/#{version}/p/institution/consumer") do
+      tenant_token = request.env['HTTP_X_TENANT_TOKEN']
+      if tenant_token == 'invalid_tenant_token'
+        json_response 404, 'resource_not_found.json'
+      else
+        json_response 200, 'plaid/institution/consumer/add.json'
+      end
+    end
+    delete("/#{version}/p/institution/consumer/:consumer_institution_id") do
       status 204
-    else
-      json_response 400, 'invalid_request_body.json'
     end
-  end
-  delete("/#{version}/p/accounts/permissions") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload.is_a? Array
+    put("/#{version}/p/institution/consumer/:consumer_institution_id") do
       status 204
-    else
-      json_response 400, 'invalid_request_body.json'
     end
-  end
+    get("/#{version}/p/institution/consumer/:consumer_institution_id/token") do
+      json_response 200, 'plaid/institution/consumer/public_token.json'
+    end
 
-  # plaid_institution_logos
-  get("/#{version}/p/institution/logo/:inst_id") do
-    png_response 'plaid/institution/logo.png'
-  end
+    # plaid_accounts
+    get("/#{version}/p/account") do
+      json_response 200, 'plaid/account/list.json'
+    end
+    get("/#{version}/p/account/:account_id") do
+      json_response 200, 'plaid/account/show.json'
+    end
+    put("/#{version}/p/accounts/permissions") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload.is_a? Array
+        status 204
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
+    end
+    delete("/#{version}/p/accounts/permissions") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload.is_a? Array
+        status 204
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
+    end
 
-  # version
-  get("/#{version}/version") { 'Version => 2.1.29-.20161208.172810' }
+    # plaid_institution_logos
+    get("/#{version}/p/institution/logo/:inst_id") do
+      png_response 'plaid/institution/logo.png'
+    end
 
-  # tenants
-  get("/#{version}/settings/tenant") do
-    json_response 200, 'tenant_settings.json'
-  end
-  put("/#{version}/settings/tenant") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['bad_params']
+    # version
+    get("/#{version}/version") { 'Version => 2.1.29-.20161208.172810' }
+
+    # tenants
+    get("/#{version}/settings/tenant") do
+      json_response 200, 'tenant_settings.json'
+    end
+    put("/#{version}/settings/tenant") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['bad_params']
+        json_response 404, 'resource_not_found.json'
+      else
+        status 204
+      end
+    end
+    get("/#{version}/settings/app") do
+      json_response 200, 'tenant_app_settings.json'
+    end
+    put("/#{version}/settings/app") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['pdf_statement_months']
+        status 204
+      else
+        json_response 404, 'resource_not_found.json'
+      end
+    end
+
+    # orders
+    post("/#{version}/orders/valid_token") do
+      json_response 200, 'order_token.json'
+    end
+    post("/#{version}/orders/invalid_token") do
       json_response 404, 'resource_not_found.json'
-    else
-      status 204
     end
-  end
-  get("/#{version}/settings/app") do
-    json_response 200, 'tenant_app_settings.json'
-  end
-  put("/#{version}/settings/app") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['pdf_statement_months']
-      status 204
-    else
+    get("/#{version}/orders/valid_id") { json_response 200, 'order.json' }
+    get("/#{version}/orders") { json_response 200, 'orders.json' }
+    get("/#{version}/orders/valid_id/report.:format") do
+      json_response 200, 'order_report.json'
+    end
+    get("/#{version}/orders/invalid_id/report.:format") do
       json_response 404, 'resource_not_found.json'
     end
-  end
-
-  # orders
-  post("/#{version}/orders/valid_token") do
-    json_response 200, 'order_token.json'
-  end
-  post("/#{version}/orders/invalid_token") do
-    json_response 404, 'resource_not_found.json'
-  end
-  get("/#{version}/orders/valid_id") { json_response 200, 'order.json' }
-  get("/#{version}/orders") { json_response 200, 'orders.json' }
-  get("/#{version}/orders/valid_id/report.:format") do
-    json_response 200, 'order_report.json'
-  end
-  get("/#{version}/orders/invalid_id/report.:format") do
-    json_response 404, 'resource_not_found.json'
-  end
-  get("/#{version}/orders/valid_id/status") do
-    json_response 200, 'order_status.json'
-  end
-  get("/#{version}/orders/invalid_id/status") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/orders/valid_id/cancel") { status 204 }
-  put("/#{version}/orders/invalid_id/cancel") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/orders/valid_id/notify") { status 204 }
-  put("/#{version}/orders/invalid_id/notify") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/orders/valid_id/refresh") do
-    json_response 200, 'order_refresh.json'
-  end
-  put("/#{version}/orders/invalid_id/refresh") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/orders/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/orders/valid_id") { status 204 }
-  put("/#{version}/orders") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['params'] == 'invalid'
-      json_response 400, 'invalid_request_body.json'
-    else
-      status 204
+    get("/#{version}/orders/valid_id/status") do
+      json_response 200, 'order_status.json'
     end
-  end
-  post("/#{version}/orders") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if %w[applicant institutions product].all? {|s| request_payload.key? s }
-      json_response 200, 'order_token.json'
-    else
-      json_response 400, 'invalid_request_body.json'
+    get("/#{version}/orders/invalid_id/status") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/orders/valid_id/cancel") { status 204 }
+    put("/#{version}/orders/invalid_id/cancel") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/orders/valid_id/notify") { status 204 }
+    put("/#{version}/orders/invalid_id/notify") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/orders/valid_id/refresh") do
+      json_response 200, 'order_refresh.json'
+    end
+    put("/#{version}/orders/invalid_id/refresh") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/orders/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/orders/valid_id") { status 204 }
+    put("/#{version}/orders") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['params'] == 'invalid'
+        json_response 400, 'invalid_request_body.json'
+      else
+        status 204
+      end
+    end
+    post("/#{version}/orders") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if %w[applicant institutions product].all? {|s| request_payload.key? s }
+        json_response 200, 'order_token.json'
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
     end
-  end
 
-  # documents_orders
-  get("/#{version}/documents/orders") do
-    if params[:filter]&.include?('"status":2')
-      json_response 200, 'documents_orders_none.json'
-    else
-      json_response 200, 'documents_orders.json'
+    # documents_orders
+    get("/#{version}/documents/orders") do
+      if params[:filter]&.include?('"status":2')
+        json_response 200, 'documents_orders_none.json'
+      else
+        json_response 200, 'documents_orders.json'
+      end
     end
-  end
-  get("/#{version}/documents/orders/valid_order_id") do
-    json_response 200, 'documents_order.json'
-  end
-  get("/#{version}/documents/orders/invalid_order_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  post("/#{version}/documents/orders") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if %w[applicant esign_documents tag].all? {|s| request_payload.key? s }
+    get("/#{version}/documents/orders/valid_order_id") do
       json_response 200, 'documents_order.json'
-    else
-      json_response 400, 'invalid_request_body.json'
     end
-  end
-  put("/#{version}/documents/orders/valid_order_id") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['tag'] == 'invalid'
-      json_response 400, 'invalid_request_body.json'
-    else
-      status 204
+    get("/#{version}/documents/orders/invalid_order_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    post("/#{version}/documents/orders") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if %w[applicant esign_documents tag].all? {|s| request_payload.key? s }
+        json_response 200, 'documents_order.json'
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
+    end
+    put("/#{version}/documents/orders/valid_order_id") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['tag'] == 'invalid'
+        json_response 400, 'invalid_request_body.json'
+      else
+        status 204
+      end
+    end
+    put("/#{version}/documents/orders/invalid_order_id") do
+      json_response 400, 'invalid_order_id.json'
+    end
+    delete("/#{version}/documents/orders/valid_order_id") { status 204 }
+    delete("/#{version}/documents/orders/invalid_order_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    get("/#{version}/documents/orders/valid_order_id/sign_url/valid_signature_id") do
+      json_response 200, 'sign_url.json'
+    end
+    get("/#{version}/documents/orders/invalid_order_id/sign_url/valid_signature_id") do
+      json_response 400, 'invalid_order_id.json'
+    end
+    get("/#{version}/documents/orders/valid_order_id/sign_url/invalid_signature_id") do
+      json_response 404, 'invalid_signature_id.json'
     end
-  end
-  put("/#{version}/documents/orders/invalid_order_id") do
-    json_response 400, 'invalid_order_id.json'
-  end
-  delete("/#{version}/documents/orders/valid_order_id") { status 204 }
-  delete("/#{version}/documents/orders/invalid_order_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  get("/#{version}/documents/orders/valid_order_id/sign_url/valid_signature_id") do
-    json_response 200, 'sign_url.json'
-  end
-  get("/#{version}/documents/orders/invalid_order_id/sign_url/valid_signature_id") do
-    json_response 400, 'invalid_order_id.json'
-  end
-  get("/#{version}/documents/orders/valid_order_id/sign_url/invalid_signature_id") do
-    json_response 404, 'invalid_signature_id.json'
-  end
 
-  # documents_uploads
-  get("/#{version}/consumers/:consumer_id/documents/:doc_id?thumbnail=false") do
-    pdf_response 'signed_document.pdf'
-  end
-  delete("/#{version}/documents/orders/valid_order_id/valid_doc_id") { status 204 }
-  delete("/#{version}/documents/orders/valid_order_id/invalid_doc_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  delete("/#{version}/documents/orders/invalid_order_id/valid_doc_id") do
-    json_response 404, 'resource_not_found.json'
-  end
+    # documents_uploads
+    include DocumentsUploadsRoutes
 
-  # documents orders notifications
-  post("/#{version}/documents/orders/valid_id/notify") { status 204 }
-  post("/#{version}/documents/orders/invalid_id/notify") do
-    json_response 400, 'invalid_order_id.json'
-  end
+    # documents orders notifications
+    post("/#{version}/documents/orders/valid_id/notify") { status 204 }
+    post("/#{version}/documents/orders/invalid_id/notify") do
+      json_response 400, 'invalid_order_id.json'
+    end
 
-  # signed documents downloads
-  get("/#{version}/consumers/:consumer_id/documents/:signature_request_id") do
-    pdf_response 'signed_document.pdf'
-  end
+    # signed documents downloads
+    get("/#{version}/consumers/:consumer_id/documents/:signature_request_id") do
+      pdf_response 'signed_document.pdf'
+    end
 
-  # esign_templates
-  get("/#{version}/esign_templates") { json_response 200, 'esign_templates.json' }
+    # esign_templates
+    get("/#{version}/esign_templates") { json_response 200, 'esign_templates.json' }
 
-  # document_upload_types
-  get("/#{version}/documents/upload_types") { json_response 200, 'upload_types.json' }
+    # document_upload_types
+    get("/#{version}/documents/upload_types") { json_response 200, 'upload_types.json' }
 
-  # consumers
-  get("/#{version}/consumers") do
-    json_response 200, 'users.json'
-  end
-  get("/#{version}/consumers/valid_public_id") do
-    json_response 200, 'user.json'
-  end
-  get("/#{version}/consumers/invalid_public_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  post("/#{version}/consumers") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['password']
-      json_response 201, 'user.json'
-    else
-      json_response 400, 'invalid_request_body.json'
+    # consumers
+    get("/#{version}/consumers") do
+      json_response 200, 'users.json'
     end
-  end
-  put("/#{version}/consumers/valid_public_id") { status 204 }
-  put("/#{version}/consumers/invalid_public_id") do
-    json_response 400, 'invalid_user_id.json'
-  end
-  put("/#{version}/consumers/valid_public_id/password") do
-    json_response 200, 'user.json'
-  end
-  put("/#{version}/consumers/invalid_public_id/password") do
-    json_response 404, 'resource_not_found.json'
-  end
-  delete("/#{version}/consumers/valid_public_id") { status 204 }
-  delete("/#{version}/consumers/invalid_public_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  post("/#{version}/logout") { status 204 }
+    get("/#{version}/consumers/valid_public_id") do
+      json_response 200, 'user.json'
+    end
+    get("/#{version}/consumers/invalid_public_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    post("/#{version}/consumers") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['password']
+        json_response 201, 'user.json'
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
+    end
+    put("/#{version}/consumers/valid_public_id") { status 204 }
+    put("/#{version}/consumers/invalid_public_id") do
+      json_response 400, 'invalid_user_id.json'
+    end
+    put("/#{version}/consumers/valid_public_id/password") do
+      json_response 200, 'user.json'
+    end
+    put("/#{version}/consumers/invalid_public_id/password") do
+      json_response 404, 'resource_not_found.json'
+    end
+    delete("/#{version}/consumers/valid_public_id") { status 204 }
+    delete("/#{version}/consumers/invalid_public_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    post("/#{version}/logout") { status 204 }
 
-  # operators
-  get("/#{version}/operators") { json_response 200, 'operator_list.json' }
-  get("/#{version}/operators/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  get("/#{version}/operators/valid_id") { json_response 200, 'operator.json' }
-  delete("/#{version}/operators/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  delete("/#{version}/operators/valid_id") { status 204 }
-  post("/#{version}/operators/password/change") do
-    json_response 200, 'operator.json'
-  end
-  put("/#{version}/operators/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/operators/valid_id") { json_response 200, 'operator.json' }
-  put("/#{version}/operators/valid_id/assign") { status 204 }
-  put("/#{version}/operators/invalid_id/assign") do
-    json_response 404, 'resource_not_found.json'
-  end
-  post("/#{version}/operators/password/forgot") do
-    json_response 200, 'operator_forgot_password.json'
-  end
-  post("/#{version}/operators/password/reset") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['params'] == 'valid'
+    # operators
+    get("/#{version}/operators") { json_response 200, 'operator_list.json' }
+    get("/#{version}/operators/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    get("/#{version}/operators/valid_id") { json_response 200, 'operator.json' }
+    delete("/#{version}/operators/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    delete("/#{version}/operators/valid_id") { status 204 }
+    post("/#{version}/operators/password/change") do
       json_response 200, 'operator.json'
-    else
-      json_response 400, 'invalid_request_body.json'
     end
-  end
-  post("/#{version}/operators") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['params'] == 'valid'
-      json_response 201, 'operator.json'
-    else
-      json_response 400, 'invalid_request_body.json'
+    put("/#{version}/operators/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/operators/valid_id") { json_response 200, 'operator.json' }
+    put("/#{version}/operators/valid_id/assign") { status 204 }
+    put("/#{version}/operators/invalid_id/assign") do
+      json_response 404, 'resource_not_found.json'
+    end
+    post("/#{version}/operators/password/forgot") do
+      json_response 200, 'operator_forgot_password.json'
+    end
+    post("/#{version}/operators/password/reset") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['params'] == 'valid'
+        json_response 200, 'operator.json'
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
+    end
+    post("/#{version}/operators") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['params'] == 'valid'
+        json_response 201, 'operator.json'
+      else
+        json_response 400, 'invalid_request_body.json'
+      end
     end
-  end
 
-  # session
-  post("/#{version}/login") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['password'] == 'valid_password'
-      json_response(200, 'user.json')
-    else
-      json_response(401, 'unauthorized.json')
+    # session
+    post("/#{version}/login") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['password'] == 'valid_password'
+        json_response(200, 'user.json')
+      else
+        json_response(401, 'unauthorized.json')
+      end
     end
-  end
-  post("/#{version}/operators/login") { json_response 200, 'operator.json' }
+    post("/#{version}/operators/login") { json_response 200, 'operator.json' }
 
-  # password resets
-  post("/#{version}/tenant/valid_user_id/password") do
-    json_response 200, 'password_reset_token.json'
-  end
-  post("/#{version}/tenant/invalid_user_id/password") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/tenant/valid_user_id/password") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['token'] == 'valid_token'
-      json_response(200, 'user.json')
-    else
-      json_response(400, 'invalid_request_body.json')
+    # password resets
+    post("/#{version}/tenant/valid_user_id/password") do
+      json_response 200, 'password_reset_token.json'
+    end
+    post("/#{version}/tenant/invalid_user_id/password") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/tenant/valid_user_id/password") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['token'] == 'valid_token'
+        json_response(200, 'user.json')
+      else
+        json_response(400, 'invalid_request_body.json')
+      end
+    end
+    put("/#{version}/tenant/invalid_user_id/password") do
+      json_response 404, 'resource_not_found.json'
     end
-  end
-  put("/#{version}/tenant/invalid_user_id/password") do
-    json_response 404, 'resource_not_found.json'
-  end
 
-  # products
-  get("/#{version}/products") { json_response 200, 'products.json' }
+    # products
+    get("/#{version}/products") { json_response 200, 'products.json' }
 
-  # portfolios
-  get("/#{version}/portfolios") { json_response 200, 'portfolios.json' }
-  get("/#{version}/portfolios/valid_id") { json_response 200, 'portfolio.json' }
-  get("/#{version}/portfolios/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  post("/#{version}/portfolios") do
-    request.body.rewind
-    request_payload = JSON.parse request.body.read
-    if request_payload['product'] == 'invalid'
-      json_response(400, 'invalid_request_body.json')
-    else
-      json_response(200, 'portfolio.json')
+    # portfolios
+    get("/#{version}/portfolios") { json_response 200, 'portfolios.json' }
+    get("/#{version}/portfolios/valid_id") { json_response 200, 'portfolio.json' }
+    get("/#{version}/portfolios/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    post("/#{version}/portfolios") do
+      request.body.rewind
+      request_payload = JSON.parse request.body.read
+      if request_payload['product'] == 'invalid'
+        json_response(400, 'invalid_request_body.json')
+      else
+        json_response(200, 'portfolio.json')
+      end
+    end
+    put("/#{version}/portfolios/valid_id") { json_response 200, 'portfolio.json' }
+    put("/#{version}/portfolios/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    delete("/#{version}/portfolios/valid_id") { status 204 }
+    delete("/#{version}/portfolios/invalid_id") do
+      json_response 404, 'resource_not_found.json'
     end
-  end
-  put("/#{version}/portfolios/valid_id") { json_response 200, 'portfolio.json' }
-  put("/#{version}/portfolios/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  delete("/#{version}/portfolios/valid_id") { status 204 }
-  delete("/#{version}/portfolios/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
 
-  # alert definitions
-  get("/#{version}/portfolio/alerts/definitions") do
-    json_response 200, 'alert_definitions.json'
-  end
-  get("/#{version}/portfolio/alerts/definitions/valid_id") do
-    json_response 200, 'alert_definition.json'
-  end
-  get("/#{version}/portfolio/alerts/definitions/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
+    # alert definitions
+    get("/#{version}/portfolio/alerts/definitions") do
+      json_response 200, 'alert_definitions.json'
+    end
+    get("/#{version}/portfolio/alerts/definitions/valid_id") do
+      json_response 200, 'alert_definition.json'
+    end
+    get("/#{version}/portfolio/alerts/definitions/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
 
-  # alert occurrences
-  get("/#{version}/portfolio/alerts/occurrences") do
-    json_response 200, 'alert_occurrences.json'
-  end
+    # alert occurrences
+    get("/#{version}/portfolio/alerts/occurrences") do
+      json_response 200, 'alert_occurrences.json'
+    end
 
-  # portfolios alerts
-  get("/#{version}/portfolios/valid_id/alerts") do
-    json_response 200, 'portfolios_alerts.json'
-  end
-  get("/#{version}/portfolios/invalid_id/alerts") do
-    json_response 404, 'resource_not_found.json'
-  end
-  put("/#{version}/portfolios/valid_id/alerts/valid_id") { status 204 }
-  put("/#{version}/portfolios/invalid_id/alerts/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
-  delete("/#{version}/portfolios/valid_id/alerts/valid_id") { status 204 }
-  delete("/#{version}/portfolios/invalid_id/alerts/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
+    # portfolios alerts
+    get("/#{version}/portfolios/valid_id/alerts") do
+      json_response 200, 'portfolios_alerts.json'
+    end
+    get("/#{version}/portfolios/invalid_id/alerts") do
+      json_response 404, 'resource_not_found.json'
+    end
+    put("/#{version}/portfolios/valid_id/alerts/valid_id") { status 204 }
+    put("/#{version}/portfolios/invalid_id/alerts/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
+    delete("/#{version}/portfolios/valid_id/alerts/valid_id") { status 204 }
+    delete("/#{version}/portfolios/invalid_id/alerts/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
 
-  # portfolios consumers
-  get("/#{version}/portfolios/valid_id/consumers") do
-    json_response 200, 'portfolios_consumers.json'
-  end
-  get("/#{version}/portfolios/invalid_id/consumers") do
-    json_response 404, 'resource_not_found.json'
-  end
-  post("/#{version}/portfolios/valid_id/consumers") { status 204 }
-  post("/#{version}/portfolios/invalid_id/consumers") do
-    json_response 400, 'multiple_consumer_subscribe_error.json'
-  end
-  post("/#{version}/portfolios/valid_id/consumers/valid_id") { status 204 }
-  post("/#{version}/portfolios/invalid_id/consumers/invalid_id") do
-    json_response 400, 'single_consumer_subscribe_error.json'
-  end
-  delete("/#{version}/portfolios/valid_id/consumers/valid_id") { status 204 }
-  delete("/#{version}/portfolios/invalid_id/consumers/invalid_id") do
-    json_response 404, 'resource_not_found.json'
-  end
+    # portfolios consumers
+    get("/#{version}/portfolios/valid_id/consumers") do
+      json_response 200, 'portfolios_consumers.json'
+    end
+    get("/#{version}/portfolios/invalid_id/consumers") do
+      json_response 404, 'resource_not_found.json'
+    end
+    post("/#{version}/portfolios/valid_id/consumers") { status 204 }
+    post("/#{version}/portfolios/invalid_id/consumers") do
+      json_response 400, 'multiple_consumer_subscribe_error.json'
+    end
+    post("/#{version}/portfolios/valid_id/consumers/valid_id") { status 204 }
+    post("/#{version}/portfolios/invalid_id/consumers/invalid_id") do
+      json_response 400, 'single_consumer_subscribe_error.json'
+    end
+    delete("/#{version}/portfolios/valid_id/consumers/valid_id") { status 204 }
+    delete("/#{version}/portfolios/invalid_id/consumers/invalid_id") do
+      json_response 404, 'resource_not_found.json'
+    end
 
-  # portfolios available consumers
-  get("/#{version}/portfolios/:id/consumers/available") do
-    json_response 200, 'portfolios_available_consumers.json'
-  end
+    # portfolios available consumers
+    get("/#{version}/portfolios/:id/consumers/available") do
+      json_response 200, 'portfolios_available_consumers.json'
+    end
 
-  # consumers portfolios
-  get("/#{version}/consumers/valid_id/portfolios") do
-    json_response 200, 'portfolios.json'
-  end
-  get("/#{version}/consumers/invalid_id/portfolios") do
-    json_response 404, 'resource_not_found.json'
-  end
+    # consumers portfolios
+    get("/#{version}/consumers/valid_id/portfolios") do
+      json_response 200, 'portfolios.json'
+    end
+    get("/#{version}/consumers/invalid_id/portfolios") do
+      json_response 404, 'resource_not_found.json'
+    end
 
-  # portfolio reports
-  get("/#{version}/portfolio/reports") do
-    json_response 200, 'portfolio_reports.json'
-  end
+    # portfolio reports
+    get("/#{version}/portfolio/reports") do
+      json_response 200, 'portfolio_reports.json'
+    end
 
-  # relevance
-  get("/#{version}/relevance/ruleset/names") do
-    json_response 200, 'relevance_ruleset_names.json'
-  end
+    # relevance
+    get("/#{version}/relevance/ruleset/names") do
+      json_response 200, 'relevance_ruleset_names.json'
+    end
 
-  # errors
-  get("/#{version}/client_error") { json_response 400, 'error.json' }
-  get("/#{version}/server_error") { status 500 }
-  get("/#{version}/proxy_error") { status 407 }
+    # errors
+    get("/#{version}/client_error") { json_response 400, 'error.json' }
+    get("/#{version}/server_error") { status 500 }
+    get("/#{version}/proxy_error") { status 407 }
 
-  # timeout
-  get("/#{version}/orders/timeout") { status 419 }
+    # timeout
+    get("/#{version}/orders/timeout") { status 419 }
 
-  private
+    private
 
-  def json_response(response_code, file_name)
-    http_response :json, response_code, file_name
-  end
+    def json_response(response_code, file_name)
+      http_response :json, response_code, file_name
+    end
 
-  def png_response(file_name)
-    http_response :png, 200, file_name
-  end
+    def png_response(file_name)
+      http_response :png, 200, file_name
+    end
 
-  def pdf_response(file_name)
-    http_response 'application/pdf', 200, file_name
-  end
+    def pdf_response(file_name)
+      http_response 'application/pdf', 200, file_name
+    end
 
-  def http_response(content_type, response_code, file_name)
-    content_type content_type
-    status response_code
-    File.open(File.dirname(__FILE__) + '/fixtures/' + file_name, 'rb').read
+    def http_response(content_type, response_code, file_name)
+      content_type content_type
+      status response_code
+      File.open("#{File.dirname(__FILE__)}/fixtures/#{file_name}").read
+    end
   end
 end